WordPress · faisalahammad · May 4, 2026 · Jun 4, 2026 · Jun 4, 2026
diff --git a/TESTING_INSTRUCTIONS.md b/TESTING_INSTRUCTIONS.md
@@ -0,0 +1,23 @@
+# Test PR #1292 — Personal Data Exporter Check (PHPMD Complexity Fix)
+
+## Install
+1. Download `plugin-check-pr-1292.zip`
+2. WP Admin → Plugins → Add New → Upload Plugin
+3. Upload the zip, click Install Now, then Activate
+
+## What was changed
+CI PHPMD complexity failure resolved. Extracted token-matching logic into dedicated helpers to reduce NPath complexity below 200 threshold.
+
+1. **Extracted `is_personal_data_function_call()`** — checks `T_STRING` match + global call + `(`.
+2. **Extracted `is_wpdb_method_call()`** — checks `$wpdb` + `->` + `T_STRING` method + array match.
+3. **Extracted `is_exporter_filter_registration()`** — checks `add_filter` + global call + `(` + string arg + match.
+
+All previous functionality (token scanner, test-exclusion, experimental trait, @since fix, docs row, 4th test) remains intact.
+
+## Verify
+1. Run `composer phpmd` — 0 complexity errors.
+2. Run `npm run test-php` — 476 tests pass.
+3. Run `composer lint` and `composer phpstan` — 0 errors.
+
+## Requirements
+WordPress 6.3+ · PHP 7.4+
diff --git a/docs/checks.md b/docs/checks.md
@@ -16,6 +16,7 @@
 | plugin_uninstall | plugin_repo | Checks related to plugin uninstallation. | [Learn more](https://developer.wordpress.org/plugins/plugin-basics/uninstall-methods/#method-2-uninstall-php) |
 | external_admin_menu_links | plugin_repo | Detects external URLs used in top-level WordPress admin menu, which disrupts the expected user experience. | [Learn more](https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#11-plugins-should-not-hijack-the-admin) |
 | wp_functions_compatibility | plugin_repo | Checks whether WordPress functions used by the plugin are compatible with the declared minimum supported WordPress version ("Requires at least"). | [Learn more](https://developer.wordpress.org/plugins/plugin-basics/header-requirements/#header-fields) |
+| personal_data_exporter | plugin_repo | Detects plugins that store personal data without registering a personal data exporter for GDPR compliance. | [Learn more](https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-exporter-to-your-plugin/) |
 | plugin_review_phpcs | plugin_repo | Runs PHP_CodeSniffer to detect certain best practices plugins should follow for submission on WordPress.org, including heredoc usage detection. | [Learn more](https://developer.wordpress.org/plugins/plugin-basics/best-practices/) |
 | direct_db_queries | security, plugin_repo | Checks the usage of direct database queries, which should be avoided. | [Learn more](https://developer.wordpress.org/apis/database/) |
 | direct_db | security, plugin_repo | Checks the escaping in direct database queries. | [Learn more](https://developer.wordpress.org/apis/database/) |