Summary
Most remaining packaged Plugin Check warnings are direct database/custom-table findings. These need review so WordPress.org-facing code is either clearly prepared/cached or intentionally justified.
Evidence
Packaged Plugin Check artifact:
/Users/chubes/Developer/wp-codebox@issue-167-plugin-check/artifacts/data-machine-package-plugin-check/runtime-mpoc8s65-1j1z9w/files/plugin-check/data-machine.json
Counts:
PluginCheck.Security.DirectDB.UnescapedDBParameter: 105WordPress.DB.DirectDatabaseQuery.DirectQuery: 22WordPress.DB.DirectDatabaseQuery.NoCaching: 22WordPress.DB.DirectDatabaseQuery.SchemaChange: 13
Top affected files:
inc/Core/Database/Jobs/Jobs.php: 64 findingsinc/Core/Database/ProcessedItems/ProcessedItems.php: 19 findingsinc/Cli/Commands/ProcessedItemsCommand.php: 14 findingsinc/Core/Database/Pipelines/Pipelines.php: 12 findingsinc/Abilities/Job/RecoverStuckJobsAbility.php: 10 findings
Proposed fix
- Audit each custom-table query for correct
$wpdb->prepare() usage and safe dynamic table/column handling.
- Add caching where appropriate or add narrowly scoped inline ignores with a clear explanation when a direct query is intentional and cache-inappropriate.
- Separate schema-change operations from runtime query paths where possible.
Acceptance criteria
- Packaged Plugin Check run has materially reduced custom-table/direct DB findings.
- Any remaining direct DB ignores are narrow, documented, and tied to intentional custom-table behavior.
Summary
Most remaining packaged Plugin Check warnings are direct database/custom-table findings. These need review so WordPress.org-facing code is either clearly prepared/cached or intentionally justified.
Evidence
Packaged Plugin Check artifact:
/Users/chubes/Developer/wp-codebox@issue-167-plugin-check/artifacts/data-machine-package-plugin-check/runtime-mpoc8s65-1j1z9w/files/plugin-check/data-machine.jsonCounts:
PluginCheck.Security.DirectDB.UnescapedDBParameter: 105WordPress.DB.DirectDatabaseQuery.DirectQuery: 22WordPress.DB.DirectDatabaseQuery.NoCaching: 22WordPress.DB.DirectDatabaseQuery.SchemaChange: 13Top affected files:
inc/Core/Database/Jobs/Jobs.php: 64 findingsinc/Core/Database/ProcessedItems/ProcessedItems.php: 19 findingsinc/Cli/Commands/ProcessedItemsCommand.php: 14 findingsinc/Core/Database/Pipelines/Pipelines.php: 12 findingsinc/Abilities/Job/RecoverStuckJobsAbility.php: 10 findingsProposed fix
$wpdb->prepare()usage and safe dynamic table/column handling.Acceptance criteria