Standards Compliance

Standards Compliance

WordPress Coding Standards

The plugin targets WordPress Coding Standards compliance with documented exceptions:

Standard Compliance Notes
No assignments in conditionals ✅ Full Orchestrator::get_provider() fixed
Yoda conditions ✅ Full Literal on left, variable on right
elseif not else if ✅ Full
One class per file ✅ Full
Input sanitization ✅ Full sanitize_text_field(wp_unslash(...)) on all $_SERVER reads
Output escaping ✅ Full esc_*() functions on all admin output
Direct DB queries ⚠️ With phpcs:ignore Logs table uses $wpdb directly with phpcs:ignore comments
PreparedSQL ⚠️ With phpcs:ignore Some complex queries use $wpdb->prepare() with spread operator; phpcs-suppressed

llmstxt.org

The /llms.txt endpoint follows the llmstxt.org proposal:

  • Section 1: YAML frontmatter with metadata, targeted agents, and site links
  • Section 2: Intent-based content map (informational vs. transactional)
  • Section 3: Optional links to deeper discovery resources
  • Section 4: YAML sitemap block with URLs, priorities, and update times

AI Discovery Protocol (ADP)

The /.well-known/ai.json manifest implements ADP 3.0:

  • schema_version: 3.0
  • Capabilities list with semantic descriptions
  • Endpoint map with content types
  • Targeted agent list derived from bot registry

Schema.org

Identity Hub output conforms to schema.org vocabulary:

  • @context: https://schema.org
  • Valid @type values from the schema.org hierarchy
  • sameAs array for social profiles
  • contactPoint with proper sub-types
  • openingHoursSpecification with day-of-week enumeration

RFC 7232 (Conditional Requests)

Integrity::send_headers() implements:

  • ETag validation: Compares If-None-Match against SHA-256 content hash
  • Last-Modified validation: Compares If-Modified-Since against post_modified_gmt
  • 304 Not Modified: Returns without body when content unchanged

RFC 7807 (Problem Details)

SemanticHeal returns structured error responses for 404s:

{
  "type": "https://example.com/.well-known/ai-actions.json#not-found",
  "title": "Resource Not Found",
  "status": 404,
  "detail": "The requested resource at /path does not exist...",
  "instance": "https://example.com/path",
  "suggested_alternatives": [...]
}

JSON Feed v1.1

/feed.json follows the JSON Feed specification:

  • version: https://jsonfeed.org/version/1.1
  • Standard fields: title, home_page_url, feed_url, items
  • Per-item: id, url, title, content_text, date_published

Model Context Protocol (MCP)

/.well-known/mcp/server-card.json advertises MCP compatibility for AI agent integration.

OpenAI Plugin Standard

/.well-known/ai-plugin.json follows the ChatGPT plugin manifest format with schema_version, name_for_model, description_for_model, and OpenAPI api reference.

WordPress Transients API

All plugin caching uses get_transient()/set_transient()/delete_transient():

  • Proper TTL values (HOUR_IN_SECONDS, DAY_IN_SECONDS)
  • Named deletion (not blanket LIKE queries)
  • Object cache backends (memcached, Redis) properly cleaned

PHP 8.2

  • declare(strict_types=1) on all 73 source files
  • readonly classes for immutable DTOs
  • Typed properties with ?Type syntax
  • Union types (string|false, \WP_REST_Response|\WP_Error)
  • First-class callable syntax where applicable
  • json_validate() for JSON integrity checks