Fix new Plugin Check errors

[dkotter]

What?

Addresses new Plugin Check errors

Why?

The Plugin Check plugin was recently updated and there is now a more aggressive check around direct file access. This has caused new errors to start showing in our Plugin Check workflow so this PR addresses those.

How?

Adds the following to files that are being flagged:

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

Testing Instructions

Ensure the Plugin Check workflow passes on this PR

[github-actions]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message.

Co-authored-by: dkotter <dkotter@git.wordpress.org>
Co-authored-by: justlevine <justlevine@git.wordpress.org>

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

[dkotter]

Note I purposely use return here instead of exit as this file is included directly via composer and if you use exit, it will break PHPCS from working properly (as PHPCS will automatically load your composer autoloader and since this file is directly loaded in that, the exit statement terminates the process)

[justlevine]

In general I'd suggest this kind of comment would be on the file, but why not just use PSR-4 for this file?

[dkotter]

My understanding is PRS-4 only works on classes, not for a file that contains a bunch of functions. Please correct me if I'm misunderstanding that though.

I guess we could refactor this helpers.php file to be a class with static methods if that feels like a better approach

[justlevine]

if that feels like a better approach

IMO utils as a concept are an antipattern regardless of if they're a class or globally namespaced, so I might not be the best person to ask. But IIRC a decent amount of PHPStan functionality only works on PSR-4 (class/traits/interfaces).

From a QL/patterns perspective, I'd assume without opening the file that everything in includes is PSR-4, so includes/{H}elpers.php contains a class Helpers {}. So if there's a reason not to have the file PSR-4, I'd recommend moving it root-level alongside the plugin entry point.

(Not necessarily as part of this PR, but then a doc-block on the return; would be smart imo)

[dkotter]

For now added a comment: 8d17f75. Can look to adjust this to be a better approach in a follow up PR

[codecov]

Codecov Report

❌ Patch coverage is 25.00000% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 46.82%. Comparing base (128aebe) to head (8d17f75).
⚠️ Report is 5 commits behind head on develop.

Files with missing lines	Patch %	Lines
includes/Settings/Settings_Page.php	0.00%	2 Missing ⚠️
...eriments/Example_Experiment/Example_Experiment.php	50.00%	1 Missing ⚠️

Additional details and impacted files

@@              Coverage Diff              @@
##             develop     #167      +/-   ##
=============================================
- Coverage      46.89%   46.82%   -0.07%     
  Complexity       208      208              
=============================================
  Files             19       19              
  Lines           1271     1275       +4     
=============================================
+ Hits             596      597       +1     
- Misses           675      678       +3     

Flag	Coverage Δ
unit	46.82% <25.00%> (-0.07%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[justlevine]

LGTM 🚀

(Personally, I'm not bothered by the codecoverage drops, but if someone else cares we can wrap them in a @codeCoverageIgnore* like wordpress/performance: https://github.com/WordPress/performance/blob/b4f989824a39e361c591f94d2965abdd331b58f3/plugins/optimization-detective/class-od-tag-visitor-context.php#L9-L13 )