This adds additional hardening to the Autoload options Health Check to avoid potential bugs when extenders return unserialzed values from `wp_load_alloptions()`.
Follow-up to [58332].
Props mukesh27, joemcgill, westonruter.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58338
git-svn-id: http://core.svn.wordpress.org/trunk@57794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$comment_id` parameter of the `get_comment_author` filter is documented as a numeric string, however in case a non-existing comment ID is passed to the `get_comment_author()` function, it could be an integer instead.
This commit resolves the issue and adds a PHPUnit test demonstrating the behavior.
Includes updating `get_comment_author_url()` unit tests for consistency.
Follow-up to [41127], [52818].
Props david.binda.
Fixes#60475.
Built from https://develop.svn.wordpress.org/trunk@58335
git-svn-id: http://core.svn.wordpress.org/trunk@57791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This caches the generated CSS from block nodes in merged Theme JSON data to avoid repeated costly operations required to compute style properties for blocks. The generated CSS is saved to a transient that expires every hour.
Props thekt12, spacedmonkey, pereirinha, mukesh27, isabel_brison, oandregal, andrewserong, ramonjd.
Fixes#59595.
Built from https://develop.svn.wordpress.org/trunk@58334
git-svn-id: http://core.svn.wordpress.org/trunk@57790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the `user_activation_key` is flushed after successful login, so reset password links can not be used anymore after the user successfully log into their dashboard.
Props nsinelnikov, rajinsharwar, Rahmohn, oglekler, hellofromTonya.
Fixes#58901.
See #32429
Built from https://develop.svn.wordpress.org/trunk@58333
git-svn-id: http://core.svn.wordpress.org/trunk@57789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new Site Health check that will alert site owners if they are autoloading a large amount of data from the options table, as it could result in poor performance. The issue will be shown if the size of autoloaded options is greater than 800 KB, which can be adjusted using the new `site_status_autoloaded_options_size_limit` filter.
Props mukesh27, joemcgill, rajinsharwar, costdev, audrasjb, krupajnanda, pooja1210, Ankit K Gupta, johnbillion, oglekler.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58332
git-svn-id: http://core.svn.wordpress.org/trunk@57788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows a calling workflow to configure the PHPUnit workflow to `continue-on-error` when one occurs. This is useful for older branches where support for a specific version of PHP was not at 100% within the test suite.
Follow up to [58165], [58269], [58270], [58329].
See #61213.
Built from https://develop.svn.wordpress.org/trunk@58331
git-svn-id: http://core.svn.wordpress.org/trunk@57787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Interactivity API has a concept of "derived state" but it only worked on the client (JavaScript). This is the implementation that mirrors it, so derived state has good server-side solution.
Props jonsurrell, darerodz, gziolo, luisherranz, cbravobernal.
Fixes#61037.
Built from https://develop.svn.wordpress.org/trunk@58327
git-svn-id: http://core.svn.wordpress.org/trunk@57784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset deactivates the download authenticity message by disabling package signature verification, at least until software signing is fully implemented on wordpress.org. The provided message had no actionability and only led to more support.
Props jipmoors, afercia, bridgetwillard, s0what, rajinsharwar, audrasjb, johnbillion, peterwilsoncc.
Fixes#47315.
Built from https://develop.svn.wordpress.org/trunk@58319
git-svn-id: http://core.svn.wordpress.org/trunk@57776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[58139] introduced debugging flags to ensure debugging output would only be shown when both the `WP_DEBUG` and `WP_DEBUG_LOG` constants are defined as true. However, some of the flags incorrectly use `WP_DEBUG_DISPLAY` rather than `WP_DEBUG_LOG`.
This fixes the flags to consistently use `WP_DEBUG` and `WP_DEBUG_LOG` as intended.
Follow-up to [58128], [58139].
Props rogermedia, afragen, swissspidy, costdev.
Fixes#58281.
Built from https://develop.svn.wordpress.org/trunk@58309
git-svn-id: http://core.svn.wordpress.org/trunk@57766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Rollback Auto-Update feature introduced additional maintenance mode toggling.
After installing WordPress in a non-English (US) language, translation updates are performed automatically. As there may be a large number of updates for Core and bundled themes, users will be presented with a maintenance notice upon visiting the newly installed website.
To avoid concerning users that the website has failed to install correctly, this excludes translation updates from triggering the additional maintenance mode toggling.
Follow-up to [58128].
Props benniledl, afragen, rajinsharwar, costdev.
Fixes#61260. See #58281.
Built from https://develop.svn.wordpress.org/trunk@58308
git-svn-id: http://core.svn.wordpress.org/trunk@57765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the edit menu item toggle to communicate more context about the item to be edited. Make edit text consistent between Customizer menu editor and admin menu editor.
The menu position is conveyed only visually, using indentation, because there are no organizational semantics in either editor. This change helps provide screen reader users with consistent contextual information about the order, position, and parent of the current item.
Props joedolson, rcreators, afercia, mohonchandra.
Fixes#60673, See #60672.
Built from https://develop.svn.wordpress.org/trunk@58306
git-svn-id: http://core.svn.wordpress.org/trunk@57763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where the GD image library falsely reports supporting the AVIF format, when support is actually missing. Add an additional function check to ensure AVIF support is really available.
Props niktat, adamsilverstein.
Fixes#60910
Built from https://develop.svn.wordpress.org/trunk@58305
git-svn-id: http://core.svn.wordpress.org/trunk@57762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
HTML is a kind of short-hand for a DOM structure. This means that there are
many cases in HTML where an element's opening tag or closing tag is missing (or
both). This is because many of the parsing rules imply creating elements in the
DOM which may not exist in the text of the HTML.
The HTML Processor, being the higher-level counterpart to the Tag Processor, is
already aware of these nodes, but since it's inception has not paused on them
when scanning through a document. Instead, these are visible when pausing on a
child of such an element, but otherwise not seen.
In this patch the HTML Processor starts exposing those implicitly-created nodes,
including opening tags, and closing tags, that aren't foudn in the text content
of the HTML input document.
Previously, the sequence of matched tokens when scanning with
`WP_HTML_Processor::next_token()` would depend on how the HTML document was written,
but with this patch, all semantically equal HTML documents will parse and scan in
the same exact manner, presenting an idealized or "perfect" view of the document
the same way as would occur when traversing a DOM in a browser.
Developed in https://github.com/WordPress/wordpress-develop/pull/6348
Discussed in https://core.trac.wordpress.org/ticket/61348
Props audrasjb, dmsnell, gziolo, jonsurrell.
Fixes#61348.
Built from https://develop.svn.wordpress.org/trunk@58304
git-svn-id: http://core.svn.wordpress.org/trunk@57761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Just like Site Health lists the paths to the plugins/themes/uploads directories, this changeset adds the path to the fonts directory (and its size).
Props swissspidy, andr3ribeiro, krupajnanda, ironprogrammer, iamfarhan09, naeemhaque, imasikur22, tofajjal02, sarkarripon, prottoysarkar, zunaid321, imranhasanraaz, rajinsharwar, nazmul111, audrasjb, peterwilsoncc.
Fixes#60719.
Built from https://develop.svn.wordpress.org/trunk@58299
git-svn-id: http://core.svn.wordpress.org/trunk@57759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset modifies the block bindings HTML replacement logic to use a hardcoded list of selectors based on the block and a regex to substitute the inner content. The previous logic was too complex because the HTML API does not support CSS selectors yet and it does not have an official way to modify the inner HTML. This made it difficult to understand, iterate on it and add new functionalities.
As it will be solved in the future once the HTML API is ready, it is better for now to keep a simple hardcoded version that is easier to understand and iterate on.
Props santosguillamot, gziolo, petitphp.
Fixes#61351.
Built from https://develop.svn.wordpress.org/trunk@58298
git-svn-id: http://core.svn.wordpress.org/trunk@57758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset restores "Edit site" on the block editor link and replaces the multisite link with "Manage Site".
Follow-up to [58035].
Props annezazu, johnbillion, Joen, audrasjb, johnjamesjacoby, oglekler, nilovelez, tobifjellner, sabernhardt, pavanpatil1, hitendra-chopda.
Fixes#60977.
Built from https://develop.svn.wordpress.org/trunk@58296
git-svn-id: http://core.svn.wordpress.org/trunk@57756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures cached Theme JSON data is cleared between all test classes that extend `WP_Theme_UnitTestCase` and fixes a few tests that would fail in isolation, even though they full test suite would pass.
Props isabel_brison, thekt12, joemcgill.
Fixes#61337.
Built from https://develop.svn.wordpress.org/trunk@58295
git-svn-id: http://core.svn.wordpress.org/trunk@57755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Expand allowable set of custom data attribute names to include those containing
leading, trailing, and double `-` characters. Previously, WordPress was
removing data attributes that are used in the Interactivity API. By allowing
these additional custom data attributes, the related Interactivity API
directives will preserve through `kses`.
For example, the Interactivity API frequently relies on custom data attributes
such as `data-wp-on--click="..."`. The change in [43981] would strip these out
of the processed HTML, however.
Developed in https://github.com/WordPress/wordpress-develop/pull/6598
Discussed in https://core.trac.wordpress.org/ticket/61052
Props cbravobernal, dmsnell, gziolo, jonsurrell.
Follow-up to [43981].
Fixes#61052.
Built from https://develop.svn.wordpress.org/trunk@58294
git-svn-id: http://core.svn.wordpress.org/trunk@57754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In a similar vein as [58291], this changeset introduces a new `insert_hooked_blocks_into_rest_response` function and hooks it to the `rest_prepare_wp_navigation` filter.
This is part of an ongoing effort to move Block Hooks related code out of the Navigation block. Specifically, `insert_hooked_blocks_into_rest_response` is based on `block_core_navigation_insert_hooked_blocks_into_rest_response`. Eventually, it will be possible to deprecate the latter.
Follow-up to [58291].
See #60759.
Built from https://develop.svn.wordpress.org/trunk@58292
git-svn-id: http://core.svn.wordpress.org/trunk@57752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [57790], the Templates endpoint uses the `rest_pre_insert_*` filter to inject the `ignoredHookedBlocks` metadata attribute into anchor blocks, prior to persisting a template or template part to the database. The same principle was implemented for the Navigation endpoint (where additionally, first and last child blocks added at the top level are store in the `wp_navigation` post object's post meta). The required logic was added to the Navigation block's code, i.e. inside the Gutenberg code repository, and then synchronized to Core.
In order to harmonize the code between the two endpoints, this changeset introduces a new `update_ignored_hooked_blocks_postmeta` function, which is based on the Navigation block's `block_core_navigation_update_ignore_hooked_blocks_meta`, alongside a few helper functions, and hooks it to the `rest_pre_insert_wp_navigation` filter hook. (The Navigation block has been prepared in [58275] to add an additional conditional to check for the new `update_ignored_hooked_blocks_postmeta` filter so there won't be any collisions.)
Eventually, this will allow to deprecate `block_core_navigation_update_ignore_hooked_blocks_meta` (and some related functions), and remove the relevant code from the Navigation block. It also paves the way for some other future changes, such as inserting a hooked block as a Template Part block's first or last child (#60854).
Props tomjcafferkey, bernhard-reiter.
Fixes#60759.
Built from https://develop.svn.wordpress.org/trunk@58291
git-svn-id: http://core.svn.wordpress.org/trunk@57751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds handling for a `__default` block binding attribute for pattern overrides that dynamically adds support for all supported block binding attributes.
Props talldanwp, petitphp, mukesh27, isabel_brison, kevin940726.
Fixes#61333.
Built from https://develop.svn.wordpress.org/trunk@58289
git-svn-id: http://core.svn.wordpress.org/trunk@57749 1a063a9b-81f0-0310-95a4-ce76da25c4cd