This changeset fixes both a visual and functional bug related to template selection in the editor that occurred when having a custom block template registered that was using the same slug as another block template already registered by the theme, including the default block templates.
Props aljullu, antonvlasenko, apermo, audrasjb, azaozz, ntsekouras.
Fixes#62319.
Built from https://develop.svn.wordpress.org/trunk@59951
git-svn-id: http://core.svn.wordpress.org/trunk@59293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add URL validation in the admin navigation menu manager that matches the validation in the customizer when adding custom links. Improve accessibility of both custom link forms by adding `aria-invalid` and `aria-describedby` attributes with visible error messages and announcing the error using `wp.a11y.speak()`.
Props joedolson, nikitasolanki1812, akrocks, pathan-amaankhan, rcreators, ironprogrammer, audrasjb, ankit-k-gupta, chaion07, rinkalpagdar, snehapatil02, jainil07, parthvataliya.
Fixes#60619, #60969.
Built from https://develop.svn.wordpress.org/trunk@59948
git-svn-id: http://core.svn.wordpress.org/trunk@59290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes:
* Using strict comparison and `$wpdb::prepare()`.
* Removing one-time variables so that `$wpdb::prepare()` calls are picked up correctly by PHPCS.
* Bringing consistency to the type of internal variables, i.e. `$thismonth` and `$thisyear` are both an integer now.
Follow-up to [508], [509], [510], [716], [933], [12590], [34463], [44809], [47223], [59908].
See #62279.
Built from https://develop.svn.wordpress.org/trunk@59947
git-svn-id: http://core.svn.wordpress.org/trunk@59289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces `sanitize_text_field()` with `esc_url_raw()` for URLs passed via `url` and `return` query vars. This fixes an issue where the URL `example.com/หน้าภาษาไทย` would incorrectly return `example.com//` due to improper sanitization when clicking on the Customize button through the admin bar.
Props okvee, yahaly, hellofromTonya, veryard, dilip2615, amin7, swissspidy, audrasjb.
Fixes#61317.
Built from https://develop.svn.wordpress.org/trunk@59945
git-svn-id: http://core.svn.wordpress.org/trunk@59287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes Cafelog links from `licence.txt` and `readme.html` files as the domain was purchased by another entity, providing unsafe content.
Props gencmedya, audrasjb, JeffPaul, peterwilsoncc, jorbin, johnbillion.
Fixes#63000.
Built from https://develop.svn.wordpress.org/trunk@59944
git-svn-id: http://core.svn.wordpress.org/trunk@59286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset restricts direct access call to `/wp-content/plugins/hello.php`, and removes the "Uncaught exception Error" warning that shows when `WP_DEBUG` is enabled and when accessing the related file directly.
Props deepakrohilla, SergeyBiryukov, szepeviktor, audrasjb.
Fixes#61214.
Built from https://develop.svn.wordpress.org/trunk@59943
git-svn-id: http://core.svn.wordpress.org/trunk@59285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes some issues where Select fields were misaligned with neighboring elements, creating visual inconsistency in the customizer.
Props rkradadiya, mukesh27, laxman-prajapati, dlh, karmatosed, ankitkumarshah, sabernhardt.
Fixes#51249.
Built from https://develop.svn.wordpress.org/trunk@59942
git-svn-id: http://core.svn.wordpress.org/trunk@59284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves caching of the `get_calendar()` function by:
* fixing incorrect cache collisions for different `initial` `post_type` and week values, and,
* ensuring parameter equivalents generate the same cache key, ie passing the same values in a different order.
Improves tests for the function by:
* navigating to February 2025 in test set up to ensure the correct calendar month is displayed,
* adding messages for tests with multiple assertions,
* improving the tests for the calendar captions by wrapping the expected value in the HTML tag,
* adding dedicated test for the different `initial` parameter,
* ensuring caches do not collide for different parameters, and,
* ensuring caches do collide for equivalent parameters.
Follow up to r4522, r59908, r59909, r59917 (reverted), r59918 (reverted), r59930.
Props peterwilsoncc, jorbin, audrasjb.
Fixes#34093.
Built from https://develop.svn.wordpress.org/trunk@59939
git-svn-id: http://core.svn.wordpress.org/trunk@59281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensures that the global post object is populated with the autosave post when a preview link is used for a published post. This allows post authors to preview the changes to a post prior to publication.
This modifies `WP_Query::the_post()` to only call `get_post()` if `WP_Query::$posts` does not contain `WP_Post` objects. Other data types (`stdClass` or numeric) indicates partial data was queried, a `WP_Post` object indicates the full data was queried and populated.
Props peterwilsoncc, mamaduka, wildworks, audrasjb.
Fixes#56992.
Built from https://develop.svn.wordpress.org/trunk@59937
git-svn-id: http://core.svn.wordpress.org/trunk@59279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
jsdoc is not currently in use and this theme for it is very out of date. There are currently a small handful of minor vulnerabilities within transitive dependencies being privately reported by Dependabot that cannot be resolved due to version constraints within ink-docstrap. While this in no way affects WordPress (since this code is not used by WordPress), it does create noise which can be eliminated.
This was first added in [41351] as a part of #41682.
Props desrosj.
Fixes#62935.
Built from https://develop.svn.wordpress.org/trunk@59935
git-svn-id: http://core.svn.wordpress.org/trunk@59277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The data provider for tests added in [59902] had an @test annotation, causing it to be run as if it were a test, throwing a risky test warning. Remove the @test annotation to prevent this undesired warning.
Props johnbillion, joedolson.
Fixes#54738.
Built from https://develop.svn.wordpress.org/trunk@59934
git-svn-id: http://core.svn.wordpress.org/trunk@59276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following `devDependencies` to their latest versions:
- `@playwright/test` from `1.49.1` to `1.50.1`
- `chalk` from `5.3.0` to `5.4.1`
- `copy-webpack-plugin` from `12.0.2` to `13.0.0`
- `grunt-sass` from `3.1.0` to `4.0.0`
- `postcss` from `8.4.49` to `8.5.3`
- `sass` from `1.83.4` to `1.85.1`
- `terser-webpack-plugin` from `5.3.11` to `5.3.12`
- `uuid` from `11.0.3` to `11.1.0`
- `wait-on` from `8.0.1` to `8.0.2`
- `wepback` from `5.97.1` to `5.98.0`
Additionally, `npm dedupe` and `npm audit fix` have been run.
Fixes#62220.
Built from https://develop.svn.wordpress.org/trunk@59929
git-svn-id: http://core.svn.wordpress.org/trunk@59271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures the `checked` property is always populated with the latest plugin data before determining whether to perform an update check. Previously this was only populated when the data was already identified as being stale, which could result in a subsequent unnecessary update check when viewing the Plugins screen.
Props siliconforks, bookdude13, pbiron, francina, Cybr, snehapatil02, johnbillion
Fixes#44118, #61055
Built from https://develop.svn.wordpress.org/trunk@59926
git-svn-id: http://core.svn.wordpress.org/trunk@59268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds server-side registration for `ariaLabel` block support and its required fields. Fully enabling feature support for dynamic blocks and consumers using `ServerSideRender` component.
Props wildworks, fabiankaegy, joemcgill, poena.
Fixes#62919.
Built from https://develop.svn.wordpress.org/trunk@59925
git-svn-id: http://core.svn.wordpress.org/trunk@59267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces `edit_theme_options` with the `export` capability to determine whether the current user can export themes. That condition determines whether to show the Export Theme button in the Site Editor. Using `export` capability makes it more consistent with general export capabilities across the administration.
Props unsalkorkmaz, rajinsharwar, audrasjb, peterwilsoncc, desrosj, Mamaduka, TimothyBlynJacobs.
Fixes#57379.
Built from https://develop.svn.wordpress.org/trunk@59924
git-svn-id: http://core.svn.wordpress.org/trunk@59266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the `link_updated` field was not updated in the old Link Manager. When a link was created or updated the `link_updated` field remained `0000-00-00 00:00:00`.
Props lenasterg, audrasjb.
Fixes#56851.
Built from https://develop.svn.wordpress.org/trunk@59923
git-svn-id: http://core.svn.wordpress.org/trunk@59265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This JSON decoding is no longer needed since the commit message was converted to a plain string in r59920. The commit message can now be treated as a plain text string in an environment variable throughout the workflow.
Props johnbillion.
See #62221
Built from https://develop.svn.wordpress.org/trunk@59922
git-svn-id: http://core.svn.wordpress.org/trunk@59264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Don't set `aria-expanded` and `aria-haspopup` attributes outside of the primary menu. Secondary menus (social and footer) are set to a depth of 1, and have nothing to expand or popup.
Props bschneidewind, joedolson, mikinc860.
Fixes#62896.
Built from https://develop.svn.wordpress.org/trunk@59921
git-svn-id: http://core.svn.wordpress.org/trunk@59263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This escaping is no longer needed since all instances of inline expressions were removed from workflows in r59679. The commit message can now be treated as a plain text string in an environment variable throughout the workflow.
Props johnbillion, swissspidy
Unprops johnblackbourn
See #62221
Built from https://develop.svn.wordpress.org/trunk@59920
git-svn-id: http://core.svn.wordpress.org/trunk@59262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Modifies `WP_Query::the_post()` to ensure the entire global post object is populated regardless of the `fields` parameter initially set by the developer.
In secondary loops, this ensures that `get_the_content()` and other getter functions operate as documented when called without a post ID and return the appropriate data for the global post object.
This introduces consistency when starting the loop and the `fields` parameter is set to `id=>parent` to the behaviour when set to either `all` or `ids`.
There is no change to the `WP_Query::$posts` parameter nor when a query is made without starting the secondary loop, ie without calling `WP_Query::the_post()`.
Props juzar, mukesh27, oglekler, peterwilsoncc, sirlouen, joemcgill.
Fixes#56992.
Built from https://develop.svn.wordpress.org/trunk@59919
git-svn-id: http://core.svn.wordpress.org/trunk@59261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Set `aria-expanded` to true when automatically expanding active child menus in the primary menu. Add `aria-controls` to explicitly define controlled content in menus.
Props bschneidewind, joedolson, dhruvang21, pooja1210, shailu25.
Fixes#62936.
Built from https://develop.svn.wordpress.org/trunk@59916
git-svn-id: http://core.svn.wordpress.org/trunk@59258 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces the "Edit Site" link in the admin bar to point to the top level screen of the Site Editor, instead of opening the current template.
Merges Gutenberg changeset: WordPress/gutenberg#69271
Props mosne, poena, audrasjb, shailu25.
Fixes#62368.
Built from https://develop.svn.wordpress.org/trunk@59910
git-svn-id: http://core.svn.wordpress.org/trunk@59252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset updates the `get_calendar()` function to allow post type filtering via the `$post_type` parameter, with backard compatibility for previous params. It also updates the related `get_calendar_args` and `get_calendar` hooks accordingly.
Props sebastianpisula, swissspidy, dwainm, moxie, sukhendu2002, audrasjb, mukesh27.
Fixes#34093.
Built from https://develop.svn.wordpress.org/trunk@59908
git-svn-id: http://core.svn.wordpress.org/trunk@59250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Mark links that point to the current URL in bundled theme headers with `aria-current="page"` to inform screen reader users that this link is the current page.
Changes to Twenty Ten through Twenty Twenty add `aria-current` and `rel="home"` where appropriate, Twenty Twenty One only adds `rel="home"`.
Props bschneidewind, joedolson, hiabhaykulkarni, sabernhardt.
Fixes#62895.
Built from https://develop.svn.wordpress.org/trunk@59907
git-svn-id: http://core.svn.wordpress.org/trunk@59249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This modifies the submenu for the Site Editor which previously linked directly to the Patterns page after [58278] to support accessing the Stylebook in classic themes via a new "Design" link. Currently, any classic themes that have either added support for `editor-styles` or have a theme.json file will automatically see this new link in the admin menu.
Props isabel_brison, poena, wildworks, mamaduka, karmatosed, joemcgill.
Fixes#62509.
Built from https://develop.svn.wordpress.org/trunk@59905
git-svn-id: http://core.svn.wordpress.org/trunk@59247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reduces the hash length from 32 bytes to 30 so the overall length of an activation key after encoding, prefixing, and prepending a timestamp fits into 60 bytes.
A key is also introduced for domain separation. This doesn't affect the output length.
Props dd32, paragoninitiativeenterprises, peterwilsoncc, johnbillion
Fixes#21022
Built from https://develop.svn.wordpress.org/trunk@59904
git-svn-id: http://core.svn.wordpress.org/trunk@59246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
