Modern GraphQL IDE for WPGraphQL — schema-aware editor, execution history, saved queries, and a public endpoint mode.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
I18n
29
1 issue group
Maintainability
14
7 issue groups
Security
8
2 issue groups
Supply Chain
3
1 issue group
ERRORI18nText Domain MismatchMismatched text domain. Expected 'wpgraphql-ide' but got 'wp-graphql-ide'.29
- Category
- I18n
- Occurrences
- 29
- Severity
- error
Sample message
Mismatched text domain. Expected 'wpgraphql-ide' but got 'wp-graphql-ide'.
ERRORMaintainabilityMissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;6
- Category
- Maintainability
- Occurrences
- 6
- Severity
- error
Sample message
PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER['HTTP_ACCEPT']4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_SERVER['HTTP_ACCEPT']
WARNINGSecurityRequest data is not unslashed$_SERVER['HTTP_ACCEPT'] not unslashed before sanitization. Use wp_unslash() or similar4
- Category
- Security
- Occurrences
- 4
- Severity
- warning
Sample message
$_SERVER['HTTP_ACCEPT'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORSupply ChainHidden files includedHidden files are not permitted.3
- Category
- Supply Chain
- Occurrences
- 3
- Severity
- error
Sample message
Hidden files are not permitted.
WARNINGMaintainabilitytrademarked termThe plugin name includes a restricted term. Your chosen plugin name - "WPGraphQL IDE" - contains the restricted term "wp" which cannot be used at all in your plugin name.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
The plugin name includes a restricted term. Your chosen plugin name - "WPGraphQL IDE" - contains the restricted term "wp" which cannot be used at all in your plugin name.
WARNINGMaintainabilityNon-prefixed functionFunctions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "register_graphql_document_setting_field".1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "register_graphql_document_setting_field".
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "graphql_manage_settings_cap".1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "graphql_manage_settings_cap".
WARNINGPerformancePost Not In post not inUsing exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.1
- Category
- Performance
- Occurrences
- 1
- Severity
- warning
Sample message
Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
WARNINGMaintainabilitymissing composer json fileThe "/vendor" directory using composer exists, but "composer.json" file is missing.1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
The "/vendor" directory using composer exists, but "composer.json" file is missing.
Show 3 moreShow less
WARNINGRepo Complianceplugin header nonexistent domain path1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- warning
Sample message
The "Domain Path" header in the plugin file must point to an existing folder. Found: "languages"
WARNINGMaintainabilityunexpected markdown file1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Unexpected markdown file "UPGRADE-5.0.md" detected in plugin root. Only specific markdown files are expected in production plugins.
WARNINGMaintainabilityupgrade notice limit1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
The upgrade notice for "5.0.0" exceeds the limit of 300 characters.
External Connections
Potential connections found in static code analysis.
Outbound calls
58
External assets
0
Incoming endpoints
5
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
register_rest_route
register_rest_route
register_rest_route
register_rest_route
Admin AJAX endpoints1
wp_ajax
Score History
First score snapshot
v5.0.1
35
Latest
- Findings
- 56
- Errors
- 38
- Warnings
- 18
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 35 | 56 | 38 | 18 | v5.0.1 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Plugin
Author
Issue
Domain
Related
Plugin
Author
Issue
Domain
Related
Related Plugins
500 active installs
1k+ active installs
400 active installs
10k+ active installs
1k+ active installs
2k+ active installs