✨ feat: add PHP_CodeSniffer configuration and improve exception messages

Author: dermatz

phpcs.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0"?>
+<ruleset name="MageForge">
+    <description>MageForge PHP_CodeSniffer Configuration</description>
+
+    <!-- Scan all PHP files in src directory -->
+    <file>src</file>
+
+    <!-- Exclude vendor and generated directories -->
+    <exclude-pattern>*/vendor/*</exclude-pattern>
+    <exclude-pattern>*/generated/*</exclude-pattern>
+
+    <!-- Use PSR-12 as base standard -->
+    <rule ref="PSR12"/>
+
+    <!-- Disable WordPress-specific rules (this is a Magento project) -->
+    <rule ref="WordPress.Security.EscapeOutput">
+        <severity>0</severity>
+    </rule>
+
+    <!-- Show progress -->
+    <arg name="colors"/>
+    <arg value="sp"/>
+</ruleset>

src/Service/HyvaTokens/ConfigReader.php

@@ -45,7 +45,7 @@ public function getConfig(string $themePath): array
             try {
                 $jsonConfig = json_decode($configContent, true, 512, JSON_THROW_ON_ERROR);
             } catch (\JsonException $e) {
-                throw new \Exception("Invalid JSON in configuration file: " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8'));
+                throw new \Exception("Invalid JSON in configuration file: " . $e->getMessage());
             }
 
             if (isset($jsonConfig['tokens'])) {

src/Service/HyvaTokens/CssGenerator.php

@@ -60,7 +60,7 @@ public function write(string $content, string $outputPath): bool
             $this->fileDriver->filePutContents($outputPath, $content);
             return true;
         } catch (\Exception $e) {
-            throw new \Exception("Failed to write CSS file: " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8'));
+            throw new \Exception("Failed to write CSS file: " . $e->getMessage());
         }
     }
 }

src/Service/HyvaTokens/TokenParser.php

@@ -34,15 +34,15 @@ public function parse(?string $filePath, ?array $inlineValues, string $format):
 
         // Otherwise, read from file
         if ($filePath === null || !$this->fileDriver->isFile($filePath)) {
-            throw new \Exception("Token source file not found: " . htmlspecialchars($filePath ?? 'null', ENT_QUOTES, 'UTF-8'));
+            throw new \Exception("Token source file not found: " . ($filePath ?? 'null'));
         }
 
         $content = $this->fileDriver->fileGetContents($filePath);
 
         try {
             $tokens = json_decode($content, true, 512, JSON_THROW_ON_ERROR);
         } catch (\JsonException $e) {
-            throw new \Exception("Invalid JSON in token file: " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8'));
+            throw new \Exception("Invalid JSON in token file: " . $e->getMessage());
         }
 
         return $this->normalizeTokens($tokens, $format);

src/Service/ThemeBuilder/BuilderFactory.php

@@ -16,8 +16,7 @@ public function addBuilder(BuilderInterface $builder): void
     public function create(string $type): BuilderInterface
     {
         if (!isset($this->builders[$type])) {
-            // phpcs:ignore WordPress.Security.EscapeOutput -- Exception message is properly escaped with htmlspecialchars
-            throw new \InvalidArgumentException("Builder " . htmlspecialchars($type, ENT_QUOTES, 'UTF-8') . " not found");
+            throw new \InvalidArgumentException("Builder $type not found");
         }
 
         return $this->builders[$type];