// Review Dokan code changes and pull requests for coding standards, security, and architectural compliance. Use when reviewing PRs, performing code audits, or checking code quality.
Build, scaffold, and run the Dokan Lite/Pro Playwright suite. Use when the user asks to add tests for a feature, scaffold from test-cases.md, or run the automation suite (Lite Only / PR / Full). Knows the folderized format, tag system, Docker / wp-env preconditions, and the .env / license-key requirements for Pro runs.
Execute the Dokan Playwright test suite (E2E + API), locally or via GitHub Actions. Invoke when the user asks to run, kick off, trigger, re-run, debug, or inspect the automated test runs. Phrases such as "run the suite", "run e2e tests", "trigger CI", "execute the QA suite", or "check the failed run" should activate this skill.
Build new vendor dashboard DataViews list pages from scratch OR migrate legacy Filter/StatusFilter/DataViewTable components to the unified @wedevs/plugin-ui DataViews component. Covers fresh builds (types, hook, list, route, PHP nav) and legacy migration (Scenario A status tabs, Scenario B multi-list merge).
Add or modify Dokan backend PHP code following project conventions. Use when creating new classes, methods, hooks, REST controllers, or modifying existing backend code. Invoke before writing PHP unit tests.
Run tests, linting, and quality checks for Dokan development. Use when running tests, fixing code style, building assets, or following the development workflow.
Add or modify Dokan frontend code (React, TypeScript, Vue, Tailwind). Use when creating components, hooks, stores, or modifying webpack configuration.
| name | dokan-code-review |
| description | Review Dokan code changes and pull requests for coding standards, security, and architectural compliance. Use when reviewing PRs, performing code audits, or checking code quality. |
Review code changes against Dokan coding standards and project conventions. Consult the other dokan-* skills for detailed standards.
Architecture & Structure:
DokanBaseAdminController, DokanBaseVendorController, or DokanBaseController), not WP_REST_Controller directly. See dokan-backend-dev skill.prepare_item_for_response() — Every REST controller must transform data through this method, not return raw arrays.format_collection_response() to set X-WP-Total and X-WP-TotalPages.prepare_links() — REST responses must include self and collection HATEOAS links.dokan_rest_prepare_{resource}_object filter. Query args must be filterable.dokan()->service_name or container, not new ClassName() for registered services.Hookable pattern — New hook registrations should go in a dedicated Hooks class implementing Hookable interface, registered in CommonServiceProvider.ServiceProvider in includes/DependencyManagement/Providers/.Naming & Conventions:
snake_case for methods, variables, and hooks (WordPress convention).WeDevs\Dokan\{Domain}\{Class} pattern with matching file path.dokan-lite for all translatable strings.dokan prefix on hooks — All apply_filters() and do_action() hook names must start with dokan_ (e.g., dokan_order_created, dokan_vendor_updated). Never use unprefixed or generic hook names to avoid conflicts with other plugins.Security:
permission_callback (never omit it).===, !==). in_array() must pass true as third argument.$request params must be sanitized (sanitize_text_field(), absint(), wc_clean(), etc.).esc_html(), esc_attr(), wp_kses_post(), etc.).$wpdb->prepare() — All dynamic SQL values must use prepared statements.Documentation:
@since tag — Required for new public/protected methods and hooks.@getdokan/dokan-ui components through src/components/ wrappers.any types without justification.twMerge() for conditional composition.@wordpress/data store actions, not direct state changes.src/hooks/ must be exported from src/hooks/index.tsx.dokan prefix on JS hooks — All @wordpress/hooks hook names (addFilter, applyFilters, addAction, doAction) must start with dokan_ (e.g., dokan_order_list_columns, dokan_dashboard_init). Never use unprefixed or generic hook names to avoid conflicts with other plugins.DokanTestCase — PHP tests must extend DokanTestCase, not WP_UnitTestCase directly.@group annotations.$this->factory()->seller->create(), $this->factory()->order->create()).$this->get_request(), $this->post_request()).@lite, @pro, @admin).Verify against the PR template (.github/pull_request_template.md):
composer phpcs on changed filesApply the correct labels during review. Labels drive workflow state and help the team triage.
| Label | When to Apply |
|---|---|
Review Needed | PR is ready for developer review |
Needs: Dev Review | Requires a developer review and approval |
Need Dev Review Only | Only needs dev review (no QA) |
Needs: Author Reply | Reviewer has requested changes or asked questions — waiting on the author |
Needs: Code Enhancement | Code works but needs quality improvements before merge |
Needs: Testing | Requires further testing |
Needs: Discussion | Decisions are needed before the task can proceed |
QA In Progress | QA team is actively testing |
QA Approved | QA team has approved the PR |
Dev Review Done | Applied when PR is approved by the reviewer |
Ready to Merge | PR is approved and ready to merge |
DO NOT MERGE | PR must not be merged (blocking issue) |
| Label | When to Apply |
|---|---|
Type: Bug | Bug fix |
Type: Enhancement | Improvement to existing feature |
Type: New Feature | Entirely new functionality |
Type: Client Issue | Reported by a client |
Feature Request | Requested by customer |
| Label | When to Apply |
|---|---|
[Priority] High | High priority — needs immediate attention |
urgent | Urgent — critical fix needed |
Major | Major change with significant impact |
Minor | Minor change with limited impact |
Focus areas: focus: order, focus: product management, focus: vendor management, focus: payments, focus: shipping, focus: customer management, focus: reporting, focus: security, focus: ux, focus: integration, focus: localization, focus: customization, focus: promotions, focus: subscription
Module areas: [Orders], [Products], [Store], [Vendor Dashboard], [Withdraw], [Social], [Geolocation], [Suggestions]
| Label | When to Apply |
|---|---|
Dependency With Pro | Changes that require corresponding Dokan Pro changes |
REST API | Changes to REST API endpoints |
Has Pull Request | Issue that has a linked PR |
In Progress | Issue is being worked on |
Needs Changelog | PR needs a changelog entry |
Changelog Updated | Changelog has been added |
Merge Conflict | PR has merge conflicts to resolve |
Need R&D | Requires research before implementation |
Mockup In Progress | UI mockup is being prepared |
Typical flow:
Review Needed → (reviewing) → Needs: Author Reply → (author updates) → Review Needed
Review Needed → (approved) → Dev Review Done → QA In Progress → QA Approved → Ready to Merge
When requesting changes:
Review NeededNeeds: Author ReplyWhen author addresses feedback:
Needs: Author ReplyReview NeededWhen approving:
Review NeededDev Review DoneFor each violation found:
[severity]: [Specific problem]
Location: [File path and line number]
Standard: [Reference to relevant dokan-* skill section]
Fix: [Brief explanation or correct example]
Severity levels:
From the PR template:
Correct — Does the change do what it's supposed to? Code 100% fulfilling the requirements? Secure — Would a nefarious party find some way to exploit this change? Everything sanitized/escaped appropriately? Readable — Will your future self be able to understand this change months down the road? Elegant — Does the change fit aesthetically within the overall style and architecture?