From 04e60465f304c56ae87403a2f6e5264f4322c6a0 Mon Sep 17 00:00:00 2001
From: Mike Selander <mikeselander@gmail.com>
Date: Fri, 27 Dec 2019 13:37:24 -0700
Subject: [PATCH 1/2] Enforce escaping within PHPCS

---
 CHANGELOG.md   | 3 +++
 HM/ruleset.xml | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d027e244..1430aee7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
 ## Unreleased (0.8.0)
 
+### Added:
+ - Added `WordPress.Security.EscapeOutput` PHPCS rule
+
 ## 0.7.0 (June 5, 2019)
 
 ### Changed:
diff --git a/HM/ruleset.xml b/HM/ruleset.xml
index 51005ef7..ff385abe 100644
--- a/HM/ruleset.xml
+++ b/HM/ruleset.xml
@@ -41,8 +41,6 @@
 		assignment in conditionals.
 		-->
 		<exclude name="WordPress.PHP.YodaConditions" />
-
-		<exclude name="WordPress.Security.EscapeOutput" />
 	</rule>
 
 	<!-- Prefer alignment over line length. -->
@@ -61,6 +59,8 @@
 		</properties>
 	</rule>
 
+	<rule ref="WordPress.Security.EscapeOutput" />
+
 	<rule ref="WordPress.Security.PluginMenuSlug" />
 	<rule ref="WordPress.Security.PluginMenuSlug.Using__FILE__">
 		<type>error</type>

From 0bd3329420e03c6c6c9accc8b0518084c77f72e3 Mon Sep 17 00:00:00 2001
From: Mike Selander <mikeselander@gmail.com>
Date: Fri, 27 Dec 2019 13:38:37 -0700
Subject: [PATCH 2/2] Adapt tests to passing after proving that the sniff is
 integrated correctly

---
 tests/fixtures/pass/inc/namespace.php   | 2 +-
 tests/fixtures/pass/tests/namespace.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/fixtures/pass/inc/namespace.php b/tests/fixtures/pass/inc/namespace.php
index 7831f1fc..2620eeb2 100644
--- a/tests/fixtures/pass/inc/namespace.php
+++ b/tests/fixtures/pass/inc/namespace.php
@@ -15,7 +15,7 @@ function run_test( $tester ) {
 			continue;
 		}
 
-		echo $y;
+		echo esc_html( $y );
 	}
 
 	return $foo;
diff --git a/tests/fixtures/pass/tests/namespace.php b/tests/fixtures/pass/tests/namespace.php
index a38447d0..6dc22034 100644
--- a/tests/fixtures/pass/tests/namespace.php
+++ b/tests/fixtures/pass/tests/namespace.php
@@ -15,7 +15,7 @@ function run_test( $tester ) {
 			continue;
 		}
 
-		echo $y;
+		echo esc_html( $y );
 	}
 
 	return $foo;