diff --git a/composer.json b/composer.json
index 10873fcee5..95cffb279a 100644
--- a/composer.json
+++ b/composer.json
@@ -16,9 +16,8 @@
 		"ext-dom": "*"
 	},
 	"require-dev": {
-		"dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
-		"squizlabs/php_codesniffer": "3.6.0",
-		"wp-coding-standards/wpcs": "~2.3.0",
+		"squizlabs/php_codesniffer": "3.7.2",
+		"wp-coding-standards/wpcs": "~3.0.0",
 		"phpcompatibility/phpcompatibility-wp": "~2.1.3",
 		"yoast/phpunit-polyfills": "^1.1.0"
 	},
diff --git a/phpcs.xml.dist b/phpcs.xml.dist
index a617d8b669..00ac927d07 100644
--- a/phpcs.xml.dist
+++ b/phpcs.xml.dist
@@ -15,11 +15,11 @@
 	<!-- Whenever possible, cache the scan results and re-use those for unchanged files on the next scan. -->
 	<arg name="cache" value=".cache/phpcs.json"/>
 
-	<!-- Set the memory limit to 256M.
+	<!-- Set the memory limit to 512M.
 		 For most standard PHP configurations, this means the memory limit will temporarily be raised.
 		 Ref: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Advanced-Usage#specifying-phpini-settings
 	-->
-	<ini name="memory_limit" value="256M"/>
+	<ini name="memory_limit" value="512M"/>
 
 	<!-- Strip the filepaths down to the relevant bit. -->
 	<arg name="basepath" value="./"/>
@@ -113,22 +113,6 @@
 	-->
 
 	<rule ref="WordPress-Core"/>
-	<rule ref="WordPress.CodeAnalysis.EmptyStatement"/>
-
-	<!-- Enforce no parenthesis for language constructs, and only one space immediately after.
-		 Including this rule is temporary until it is moved from the WordPress-Extra ruleset to
-		 the WordPress-Core ruleset upstream.
-	-->
-	<rule ref="PEAR.Files.IncludingFile.BracketsNotRequired">
-		<type>warning</type>
-	</rule>
-	<rule ref="PEAR.Files.IncludingFile.UseRequire">
-		<type>warning</type>
-	</rule>
-	<rule ref="PEAR.Files.IncludingFile.UseRequireOnce">
-		<type>warning</type>
-	</rule>
-	<rule ref="Squiz.WhiteSpace.LanguageConstructSpacing"/>
 
 
 	<!--
@@ -138,6 +122,11 @@
 	-->
 
 	<!-- These rules are being set as warnings instead of errors, so we can error check the entire codebase. -->
+	<rule ref="Generic.Files.OneObjectStructurePerFile.MultipleFound">
+		<type>warning</type>
+		<!-- Exclude the unit tests as no warnings are allowed there. Note: these issues should be fixed and the exclude removed! -->
+		<exclude-pattern>/tests/phpunit/*</exclude-pattern>
+	</rule>
 	<rule ref="WordPress.DB.PreparedSQL.InterpolatedNotPrepared">
 		<type>warning</type>
 	</rule>
@@ -153,7 +142,7 @@
 
 	<rule ref="WordPress.NamingConventions.ValidVariableName">
 		<properties>
-			<property name="customPropertiesWhitelist" type="array">
+			<property name="allowed_custom_properties" type="array">
 				<!-- From database structure queries. -->
 				<element value="Collation"/>
 				<element value="Column_name"/>
@@ -209,7 +198,7 @@
 
 	<rule ref="WordPress.PHP.NoSilencedErrors">
 		<properties>
-			<property name="custom_whitelist" type="array">
+			<property name="customAllowedFunctionsList" type="array">
 				<element value="ssh2_connect"/>
 				<element value="ssh2_auth_password"/>
 				<element value="ssh2_auth_pubkey_file"/>
@@ -239,6 +228,11 @@
 	#############################################################################
 	-->
 
+	<!-- Assignments in while conditions are a valid method of looping over iterables. -->
+	<rule ref="Generic.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition">
+		<exclude-pattern>*</exclude-pattern>
+	</rule>
+
 	<!-- Exclude checking of line endings when reporting errors, but fix them when running phpcbf.
 		 Git and SVN manage these pretty well cross-platform as "native".
 		 Allow configuration files. -->
@@ -255,6 +249,12 @@
 		<exclude-pattern>/wp-tests-config-sample\.php</exclude-pattern>
 	</rule>
 
+	<!-- Exclude sample config from modernization to prevent breaking CI workflows based on WP-CLI scaffold.
+		 See: https://core.trac.wordpress.org/ticket/48082#comment:16 -->
+	<rule ref="Modernize.FunctionCalls.Dirname.FileConstant">
+		<exclude-pattern>/wp-tests-config-sample\.php</exclude-pattern>
+	</rule>
+
 	<rule ref="PEAR.NamingConventions.ValidClassName.Invalid">
 		<exclude-pattern>/tests/phpunit/tests/*</exclude-pattern>
 		<!-- Exclude some old classes that cannot be renamed, as it would break back compat. -->
@@ -274,9 +274,10 @@
 		<exclude-pattern>/src/wp-includes/class-wpdb\.php</exclude-pattern>
 	</rule>
 
-	<!-- Assignments in while conditions are a valid method of looping over iterables. -->
-	<rule ref="WordPress.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition">
-		<exclude-pattern>*</exclude-pattern>
+	<!-- Temporarily ignore this sniff for block files until the changes from upstream make it into core.
+		 This can be removed once the block-library package is updated for WP 6.4. -->
+	<rule ref="Squiz.Functions.MultiLineFunctionDeclaration.SpaceAfterFunction">
+		<exclude-pattern>/src/wp-includes/blocks/*</exclude-pattern>
 	</rule>
 
 	<!-- Allow the WP DB Class and related tests for usage of direct database access functions. -->
diff --git a/src/wp-admin/includes/class-wp-site-health-auto-updates.php b/src/wp-admin/includes/class-wp-site-health-auto-updates.php
index f8521ab2b0..85decaaad2 100644
--- a/src/wp-admin/includes/class-wp-site-health-auto-updates.php
+++ b/src/wp-admin/includes/class-wp-site-health-auto-updates.php
@@ -228,7 +228,7 @@ class WP_Site_Health_Auto_Updates {
 		// Search all directories we've found for evidence of version control.
 		foreach ( $vcs_dirs as $vcs_dir ) {
 			foreach ( $check_dirs as $check_dir ) {
-				// phpcs:ignore WordPress.CodeAnalysis.AssignmentInCondition,Squiz.PHP.DisallowMultipleAssignments
+				// phpcs:ignore Generic.CodeAnalysis.AssignmentInCondition,Squiz.PHP.DisallowMultipleAssignments
 				if ( $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ) ) {
 					break 2;
 				}
diff --git a/src/wp-admin/includes/image.php b/src/wp-admin/includes/image.php
index ad6a8f0f4b..5f9141c4d6 100644
--- a/src/wp-admin/includes/image.php
+++ b/src/wp-admin/includes/image.php
@@ -700,7 +700,7 @@ function wp_exif_frac2dec( $str ) {
 	}
 
 	// The denominator must not be zero.
-	if ( 0 == $denominator ) { // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- Deliberate loose comparison.
+	if ( 0 == $denominator ) { // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual -- Deliberate loose comparison.
 		return 0;
 	}
 
diff --git a/src/wp-admin/plugins.php b/src/wp-admin/plugins.php
index 13a28e127e..93f9c454ab 100644
--- a/src/wp-admin/plugins.php
+++ b/src/wp-admin/plugins.php
@@ -511,7 +511,7 @@ if ( $action ) {
 
 				// Return early if all selected plugins already have auto-updates enabled or disabled.
 				// Must use non-strict comparison, so that array order is not treated as significant.
-				if ( $new_auto_updates == $auto_updates ) { // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison
+				if ( $new_auto_updates == $auto_updates ) { // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual
 					wp_redirect( $redirect );
 					exit;
 				}
diff --git a/src/wp-includes/category-template.php b/src/wp-includes/category-template.php
index bfb7f6d85c..0525ae792a 100644
--- a/src/wp-includes/category-template.php
+++ b/src/wp-includes/category-template.php
@@ -881,7 +881,7 @@ function wp_generate_tag_cloud( $tags, $args = '' ) {
 		}
 	} elseif ( isset( $args['single_text'] ) && isset( $args['multiple_text'] ) ) {
 		// If no callback exists, look for the old-style single_text and multiple_text arguments.
-		// phpcs:ignore WordPress.WP.I18n.NonSingularStringLiteralSingle,WordPress.WP.I18n.NonSingularStringLiteralPlural
+		// phpcs:ignore WordPress.WP.I18n.NonSingularStringLiteralSingular,WordPress.WP.I18n.NonSingularStringLiteralPlural
 		$translate_nooped_plural = _n_noop( $args['single_text'], $args['multiple_text'] );
 	} else {
 		// This is the default for when no callback, plural, or argument is passed in.
diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php
index f94d3170a5..bc150c8a53 100644
--- a/src/wp-includes/formatting.php
+++ b/src/wp-includes/formatting.php
@@ -831,7 +831,7 @@ function shortcode_unautop( $text ) {
 	$tagregexp = implode( '|', array_map( 'preg_quote', array_keys( $shortcode_tags ) ) );
 	$spaces    = wp_spaces_regexp();
 
-	// phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound,WordPress.WhiteSpace.PrecisionAlignment.Found -- don't remove regex indentation
+	// phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound,Universal.WhiteSpace.PrecisionAlignment.Found -- don't remove regex indentation
 	$pattern =
 		'/'
 		. '<p>'                              // Opening paragraph.
@@ -5683,7 +5683,7 @@ function wp_basename( $path, $suffix = '' ) {
 	return urldecode( basename( str_replace( array( '%2F', '%5C' ), '/', urlencode( $path ) ), $suffix ) );
 }
 
-// phpcs:disable WordPress.WP.CapitalPDangit.Misspelled, WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid -- 8-)
+// phpcs:disable WordPress.WP.CapitalPDangit.MisspelledInComment,WordPress.WP.CapitalPDangit.MisspelledInText,WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid -- 8-)
 /**
  * Forever eliminate "Wordpress" from the planet (or at least the little bit we can influence).
  *
diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php
index 696e74ed2c..197653feda 100644
--- a/src/wp-includes/post.php
+++ b/src/wp-includes/post.php
@@ -1382,7 +1382,7 @@ function register_post_status( $post_status, $args = array() ) {
 	}
 
 	if ( false === $args->label_count ) {
-		// phpcs:ignore WordPress.WP.I18n.NonSingularStringLiteralSingle,WordPress.WP.I18n.NonSingularStringLiteralPlural
+		// phpcs:ignore WordPress.WP.I18n.NonSingularStringLiteralSingular,WordPress.WP.I18n.NonSingularStringLiteralPlural
 		$args->label_count = _n_noop( $args->label, $args->label );
 	}
 
diff --git a/tests/phpunit/tests/customize/manager.php b/tests/phpunit/tests/customize/manager.php
index d375bff3f6..44f4c52ed9 100644
--- a/tests/phpunit/tests/customize/manager.php
+++ b/tests/phpunit/tests/customize/manager.php
@@ -1345,7 +1345,7 @@ class Tests_WP_Customize_Manager extends WP_UnitTestCase {
 
 		// User saved as one who can bypass content_save_pre filter.
 		$this->assertStringContainsString( '<script>', get_option( 'custom_html_1' ) );
-		$this->assertStringContainsString( 'Wordpress', get_option( 'custom_html_1' ) ); // phpcs:ignore WordPress.WP.CapitalPDangit.Misspelled
+		$this->assertStringContainsString( 'Wordpress', get_option( 'custom_html_1' ) ); // phpcs:ignore WordPress.WP.CapitalPDangit.MisspelledInText
 
 		// User saved as one who cannot bypass content_save_pre filter.
 		$this->assertStringNotContainsString( '<script>', get_option( 'custom_html_2' ) );
diff --git a/tests/phpunit/tests/formatting/capitalPDangit.php b/tests/phpunit/tests/formatting/capitalPDangit.php
index 5dc741d372..850dcdaec9 100644
--- a/tests/phpunit/tests/formatting/capitalPDangit.php
+++ b/tests/phpunit/tests/formatting/capitalPDangit.php
@@ -1,5 +1,5 @@
 <?php
-// phpcs:disable WordPress.WP.CapitalPDangit.Misspelled -- 🙃
+// phpcs:disable WordPress.WP.CapitalPDangit.MisspelledInText -- 🙃
 
 /**
  * @group formatting
diff --git a/tests/phpunit/tests/meta.php b/tests/phpunit/tests/meta.php
index 83dcefd1ba..9b53befeb6 100644
--- a/tests/phpunit/tests/meta.php
+++ b/tests/phpunit/tests/meta.php
@@ -378,7 +378,7 @@ class Tests_Meta extends WP_UnitTestCase {
 
 		$string_mid = "{$meta_id}.0";
 
-		// phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- intentional implicit casting check
+		// phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual -- intentional implicit casting check
 		$this->assertTrue( floor( $string_mid ) == $string_mid );
 		$this->assertNotFalse( get_metadata_by_mid( 'user', $string_mid ) );
 		$this->assertNotFalse( update_metadata_by_mid( 'user', $string_mid, 'meta_new_value_2' ) );
