using curl should suggest using vip_safe_wp_remote_get instead of wp_remote_get

[katag9k]

What problem would the enhancement address for VIP?

When using curl the suggested fix is to use wp_remote_get, however, wp_remote_get is discouraged and vip_safe_wp_remote_get is suggested instead.

Describe the solution you'd like

Suggest the use of vip_safe_wp_remote_get when using curl to avoid a secondary violation for using wp_remote_get

[GaryJones]

@katag9k Can you please provide some code, the exact command you ran, and the output where it's suggesting that wp_remote_get() is used?

The master branch of VIPCS has these lines in the WordPressVIPMinimum ruleset, which override the default messages for WordPress.WP.AlternativeFunctions.curl_* codes to point to the VIP docs. There's nothing in the WordPress-VIP-Go ruleset that changes this further.

What I do see, in that WordPress.WP.AlternativeFunctions sniff (in WPCS), is a message that mentions wp_remote_get(). Did you perhaps run --standard=WordPress (or --standard=WordPress-Core or --standard=WordPress-Extra), rather than --standard=WordPress-VIP-Go, where the VIPCS-specific overriding messages wouldn't have kicked in?

[katag9k]

@GaryJones Yes, I have multiple default standards specified:

default_standard: WordPress-VIP-Go,WordPress-Core,WordPress-Extra

I haven't been able to get any results by running WordPress-VIP-Go standard without additional standards specified.

[GaryJones]

WordPress-Extra already includes WordPress-Core, so that can be simplified (requiring it twice can affect which overrides are treated as the final ones).

I haven't been able to get any results by running WordPress-VIP-Go standard without additional standards specified.

I'm happy to help debug with you on this outside of this thread.

If you use the --standard= argument, to override your default_standard, and you use just WordPress-VIP-Go, does the curl / wp_remote_get() message issue get resolved?