Benchmarks
Plugin footprint 83% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Checking the installer triggered no errors
Install script ran successfully
Server metrics [RAM: ▲0.39MB] [CPU: ▼1.48ms] Passed 4 tests
An overview of server-side resources used by Safe SVG
Normal server usage
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.90 ▲0.44 | 36.59 ▼3.23 |
| Dashboard /wp-admin | 3.74 ▲0.39 | 45.81 ▼16.12 |
| Posts /wp-admin/edit.php | 3.79 ▲0.43 | 52.90 ▲6.59 |
| Add New Post /wp-admin/post-new.php | 6.26 ▲0.37 | 97.55 ▲13.90 |
| Media Library /wp-admin/upload.php | 3.60 ▲0.37 | 41.01 ▲6.85 |
Server storage [IO: ▲1.86MB] [DB: ▲0.00MB] Passed 3 tests
How much does this plugin use your filesystem and database?
The plugin installed successfully
Filesystem: 429 new files
Database: no new tables, 6 new options
| New WordPress options |
|---|
| db_upgraded |
| widget_recent-posts |
| theysaidso_admin_options |
| widget_recent-comments |
| can_compress_scripts |
| widget_theysaidso_widget |
Browser metrics Passed 4 tests
A check of browser resources used by Safe SVG
This plugin has a minimal impact on browser resources
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,825 ▲78 | 14.56 ▼0.15 | 1.78 ▼0.02 | 39.55 ▼4.72 |
| Dashboard /wp-admin | 2,202 ▲22 | 5.59 ▲0.01 | 93.23 ▲1.73 | 42.59 ▼0.99 |
| Posts /wp-admin/edit.php | 2,103 ▲3 | 1.96 ▼0.04 | 38.79 ▼2.23 | 35.47 ▼3.15 |
| Add New Post /wp-admin/post-new.php | 1,690 ▲164 | 22.04 ▼1.05 | 615.70 ▼74.06 | 49.16 ▼4.13 |
| Media Library /wp-admin/upload.php | 1,406 ▲3 | 4.27 ▲0.04 | 96.09 ▲0.39 | 39.73 ▼1.79 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests
🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin
The following items require your attention
- The uninstall procedure has failed, leaving 6 options in the database
- widget_theysaidso_widget
- can_compress_scripts
- widget_recent-comments
- theysaidso_admin_options
- widget_recent-posts
- db_upgraded
Smoke tests 50% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | A smoke test targeting server-side errors
The smoke test was a success, however most plugin functionality was not tested
SRP 0% from 2 tests
🔹 Tests weight: 20 | A shallow check of the single-responsibility principle; PHP files should perform no action - including output of placeholder text - and trigger no errors when accessed directly
The following issues need your attention
- 1× PHP files perform the task of outputting text when accessed with GET requests:
- > /wp-content/plugins/safe-svg/vendor/enshrined/svg-sanitize/src/svg-scanner.php
- 173× GET requests to PHP files trigger server-side errors or Error 500 responses (only 10 are shown):
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_Filter' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Filter/ExtractStyleBlocks.php:25
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_AttrDef_Enum' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php:6
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_AttrDef' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Email.php:3
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_Token_Tag' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Token/End.php:10
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_AttrDef' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php:6
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_Filter' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Filter/YouTube.php:3
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_URIFilter' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/DisableExternal.php:3
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_AttrDef' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Background.php:7
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_HTMLModule' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Object.php:8
- > PHP Fatal error
Uncaught Error: Class 'HTMLPurifier_AttrDef_URI_IPv4' not found in wp-content/plugins/safe-svg/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/IPv6.php:9
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues
No browser errors were detected
Optimizations
Plugin configuration 97% from 29 tests
readme.txt 94% from 16 tests
Perhaps the most important file in your plugin readme.txt gets parsed in order to generate the public listing of your plugin
These attributes need to be fixed:
- Tags: You are using too many tags: 12 tag instead of maximum 10
safe-svg/safe-svg.php Passed 13 tests
The main PHP file in "Safe SVG" ver. 2.2.2 adds more information about the plugin and also serves as the entry point for this plugin
94 characters long description:
Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website
Code Analysis 97% from 3 tests
File types Passed 1 test
🔸 Test weight: 35 | This is a short overview of programming languages used in this plugin, detecting executable files
Success! There were no dangerous files found in this plugin19,979 lines of code in 288 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 274 | 3,604 | 11,448 | 19,557 |
| JavaScript | 7 | 26 | 39 | 225 |
| JSON | 2 | 0 | 0 | 173 |
| Sass | 1 | 2 | 0 | 13 |
| CSS | 3 | 3 | 4 | 10 |
| INI | 1 | 1 | 1 | 1 |
PHP code 50% from 2 tests
This is a very shot review of cyclomatic complexity and code structure
The following items need your attention
- Method cyclomatic complexity has to be reduced to less than 100 (currently 232)
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.43 |
| Average class complexity | 13.39 |
| ▷ Minimum class complexity | 1.00 |
| ▷ Maximum class complexity | 539.00 |
| Average method complexity | 4.70 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 232.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 12 | |
| Interfaces | 2 | |
| Traits | 0 | |
| Classes | 254 | |
| ▷ Abstract classes | 15 | 5.91% |
| ▷ Concrete classes | 239 | 94.09% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 882 | |
| ▷ Static methods | 73 | 8.28% |
| ▷ Public methods | 687 | 77.89% |
| ▷ Protected methods | 110 | 12.47% |
| ▷ Private methods | 85 | 9.64% |
| Functions | 23 | |
| ▷ Named functions | 12 | 52.17% |
| ▷ Anonymous functions | 11 | 47.83% |
| Constants | 67 | |
| ▷ Global constants | 8 | 11.94% |
| ▷ Class constants | 59 | 88.06% |
| ▷ Public constants | 59 | 100.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
Often times overlooked, PNG files can occupy unnecessary space in your plugin
No PNG images were found in this plugin