This updates the following `devDependencies`:
- `dotenv` from `16.4.5` to `16.4.7`
- `dotenv-expand` from `11.0.6` to `12.0.1`
- `postcss` from `8.4.47` to `8.4.49`
- `qunit` from `2.22.0` to `2.23.1`
- `sass` from `1.79.4` to `1.79.6`
- `terser-webpack-plugin` from `5.3.10` to `5.3.11`
- `uglify-js` from `3.17.4` to `3.19.3`
- `uuid` from `9.0.1` to `11.0.3`
- `webpack` from `5.90.2` to `5.97.1`
Additionally, `npm audit fix` has been run.
Follow up to [58585].
See #62220.
Built from https://develop.svn.wordpress.org/trunk@59509
git-svn-id: http://core.svn.wordpress.org/trunk@58895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add the attribute `role="alert"` on 12 instances of admin notices that are injected into the DOM using JavaScript. The `role="alert"` attribute allows screen readers to recognize the addition to the DOM and announce the errors to users.
Props afercia, cyrus11, rcreators, joedolson.
Fixes#47111.
Built from https://develop.svn.wordpress.org/trunk@58455
git-svn-id: http://core.svn.wordpress.org/trunk@57904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a confirmation dialog when users navigate away from the user profile screen if they have unsaved changes to prevent data loss.
Props ashokrane, karlijnbk, diedeexterkate, jwgoedert, joedolson, swissspidy, afercia.
Fixes#40493.
Built from https://develop.svn.wordpress.org/trunk@58137
git-svn-id: http://core.svn.wordpress.org/trunk@57602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hide the password for the "Post via e-mail" settings in writing options. Use the same password hiding mechanisms in use elsewhere in core.
Props mastrup, denis-de-bernardy, ryan, brookedot, wojtek.szkutnik, dd32, sabreuse, sergeybiryukov, costdev, peterwilsoncc, zgrkaralar, clorith, renyot, sabernhardt, boniu91, ironprogrammer, bgoewert.
Fixes#9883.
Built from https://develop.svn.wordpress.org/trunk@55974
git-svn-id: http://core.svn.wordpress.org/trunk@55486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following npm dependencies to their latest versions:
- `chalk` from `5.1.0` to `5.2.0`.
- `dotenv-expand` from `9.0.0` to `10.0.0`.
- `grunt-contrib-qunit` from `6.2.0` to `6.2.1`.
- `prettier` from `2.0.5` to `2.6.2`.
- `qunit` from `2.19.1` to `2.19.4`.
- `sass` from `1.55.0` to `1.58.0`.
- `sinon` from `14.0.1` to `15.0.1`.
- `sinon-test` from `3.1.4` to `3.1.5`.
- `source-map-loader` from `4.0.0` to `4.0.1`.
- `uglify-js` from `3.17.3` to `3.17.4`.
- `wait-on` from `6.0.1` to `7.0.1`.
- `webpack` from `5.74.0` to `5.75.0`.
Additionally, `npm audit fix` has been run to further update packages that may contain vulnerabilities.
Props naeemhaque, mukesh27, desrosj.
See #57535.
Built from https://develop.svn.wordpress.org/trunk@55191
git-svn-id: http://core.svn.wordpress.org/trunk@54724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A JavaScript race condition was throwing an error and preventing passwords from being set if the zxcvbn library loaded earlier than expected. This could prevent the installation of WordPress or the creation/updating of user accounts.
Props adi64bit, afragen, agepcom, audrasjb, bedas, brookedot, cbigler, charlyox, costdev, desrosj, drago239, Eric3D, espiat, jadpm, jrf, justinahinon, kubiq, lkraav, michelangelovandam, mirkolofio, mkox, peterwilsoncc, poena, sbossarte, sebastienserre, SergeyBiryukov, Synchro, thomasplevy, walbo, waterfire, wpmakenorg.
Fixes#53974, #52086.
Built from https://develop.svn.wordpress.org/trunk@53122
git-svn-id: http://core.svn.wordpress.org/trunk@52711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates several NPM dependencies to the latest versions, including:
- `check-node-version` from `4.1.0` to `4.2.1`.
- `dotenv` from `10.0.0` to `16.0.0`.
- `dotenv-expand` from `5.1.0` to `8.0.3`.
- `grunt-contrib-concat` from `2.0.0` to `2.1.0`.
- `grunt-contrib-jshint` from `3.1.1` to `3.2.0`.
- `grunt-contrib-uglify` from `5.0.1` to `5.1.0`.
- `qunit` from `2.17.2` to `2.18.1`.
- `sass` from `1.43.4` to `1.50.0`.
- `sinon` from `12.0.1` to `13.0.1`.
- `sinon-test` from `3.1.1` to `3.1.3`.
- `uglify-js` from `3.14.3` to `3.15.3`.
- `wait-on` from `6.0.0` to `6.0.1`.
The updates to `dotenv` and `dotenv-expand` required a minor change to files using these packages.
Additionally, this contains several updates to the `package-lock.json` file as a result of running `npm audit fix`.
See #54727.
Built from https://develop.svn.wordpress.org/trunk@53113
git-svn-id: http://core.svn.wordpress.org/trunk@52702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
During password resets, the 'Generate Password" button has a `aria-expanded="true"` attribute, but the button itself does not expand or collapse anything. This change adds a `skip-aria-expanded` class to the button which is referenced in JavaScript to skip updating the `aria-expanded` attribute on the button itself when clicked.
This change also resets the `aria-expanded` attribute to `false` for the parent form after it's submitted.
Props alexstine, johnjamesjacoby, sabernhardt.
Fixes#54538.
Built from https://develop.svn.wordpress.org/trunk@52450
git-svn-id: http://core.svn.wordpress.org/trunk@52042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Although auto-focusing form fields can be arguable in some cases, it makes sense when there is a very specific task to accomplish and when there is no relevant content before the auto-focused field.
This change brings consistency between various forms generated by `wp-login.php`.
Props afercia, donmhico, sabernhardt.
Fixes#40302.
Built from https://develop.svn.wordpress.org/trunk@52193
git-svn-id: http://core.svn.wordpress.org/trunk@51785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes many minor adjustments to a wide array of core files to replace shorthands with full declarations.
Follow-up to [50001], [50270], [50367].
Props Clorith, hellofromTonya, peterwilsoncc, adamsilverstein, aristath.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50420
git-svn-id: http://core.svn.wordpress.org/trunk@50031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, it was unclear that the displayed password is only being suggested and should be saved by clicking the Reset Password button.
This adds separate Generate Password and Save Password buttons, for clarity.
Props xkon, estelaris, jaymanpandya, hedgefield, audrasjb, erichmond, magicroundabout, lukecavanagh, knutsp, tinodidriksen, nico_martin, markhowellsmead, kara.mcnair, e_baker, pixelverbieger, souri_wpaustria, megabyterose, poena, whyisjake.
Fixes#39638.
Built from https://develop.svn.wordpress.org/trunk@50153
git-svn-id: http://core.svn.wordpress.org/trunk@49832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a feature so Admins can send users a 'password reset' email. This doesn't change the password or force a password change. It only emails the user the password reset link.
The feature appears in several places:
* A "Send Reset Link" button on user profile screen.
* A "Send password reset" option in the user list bulk action dropdown.
* A "Send password reset" quick action when hovering over a username in the user list.
Props Ipstenu, DrewAPicture, eventualo, wonderboymusic, knutsp, ericlewis, afercia, JoshuaWold, johnbillion, paaljoachim, hedgefield.
Fixes#34281.
Built from https://develop.svn.wordpress.org/trunk@50129
git-svn-id: http://core.svn.wordpress.org/trunk@49808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To be able to disable jQuery Migrate as step 3 of updating the jQuery version shipped with WordPress, all `JQMIGRATE` warnings in the browser console will have to be addressed.
This includes many minor adjustments to a wide array of core files.
Follow-up to:
* Step 1: Disabling jQuery Migrate 1.4.1 in WordPress 5.5: [48323], [48324]
* Step 2: Updating jQuery to 3.5.1 and adding jQuery Migrate 3.3.x in WordPress 5.6: [49101], [49338], [49615], [49649]
Props Clorith, azaozz.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50001
git-svn-id: http://core.svn.wordpress.org/trunk@49702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.
Props afercia, bookdude13, michaelarestad, pento.
Fixes#42852.
Built from https://develop.svn.wordpress.org/trunk@49248
git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where users could save a password with only spaces, or spaces at the beginning or end of their password, preventing them from logging in.
Props ronakganatra, 1naveengiri, ajensen, oolleegg55, bookdude13, nrqsnchz, aristath.
Fixes#42766.
Built from https://develop.svn.wordpress.org/trunk@49118
git-svn-id: http://core.svn.wordpress.org/trunk@48880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50527.
Built from https://develop.svn.wordpress.org/trunk@48270
git-svn-id: http://core.svn.wordpress.org/trunk@48039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
Built from https://develop.svn.wordpress.org/trunk@48121
git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Patches occasionally come in on generated files. We should be kind to new contributors and give them a hint that these files are auto-generated.
This is a follow-up to [41271], which added the banner to minified CSS files.
Fixes#48424. See #30666.
Built from https://develop.svn.wordpress.org/trunk@46589
git-svn-id: http://core.svn.wordpress.org/trunk@46386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ability for users to see the password they're typing improves usability and accessibility of the login users flow.
- brings the login screen in line with the same feature already used in the New User, Edit User, and Reset Password pages
- improves association of labels and input fields by using explicit association with `for` / `id` attributes
- slightly increases the "Remember me" label font size
Props johnbillion, Iceable, audrasjb, joyously, adamsilverstein, boemedia, DrewAPicture, shadyvb, birgire, peterwilsoncc, pento, anevins, davidbaumwald, whyisjake, afercia.
Fixes#42888.
Built from https://develop.svn.wordpress.org/trunk@46256
git-svn-id: http://core.svn.wordpress.org/trunk@46068 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where the submit button was enabled with an empty password when the user previously checked "Confirm use of weak password" for a weak password, then cleared the password field.
Props henry.wright.
Fixes#47924.
Built from https://develop.svn.wordpress.org/trunk@46103
git-svn-id: http://core.svn.wordpress.org/trunk@45915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- makes the "Cancel" button always visible: this allows to generate a new password also on small screens
- moves focus back to the Generate Password button when closing the form
- changes the password reset show/hide button from a clickable `<span>` element to a real `<button>` element
- improves the CSS
Props janak007, afercia.
Fixes#42853.
Built from https://develop.svn.wordpress.org/trunk@44895
git-svn-id: http://core.svn.wordpress.org/trunk@44726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `keyup` event was used to provide support for IE8, where which doesn't support the `input` event. As we dropped IE8 support some time ago, this was simply adding unnecessary complexity and double-event triggers.
Props dlh, afercia.
Fixes#32882.
Built from https://develop.svn.wordpress.org/trunk@44539
git-svn-id: http://core.svn.wordpress.org/trunk@44370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sets `screwIE8` to false as it is now enabled by default
Files Changed:
build/wp-admin/js/customize-nav-menus.min.js
build/wp-admin/js/customize-widgets.min.js
build/wp-includes/js/customize-loader.min.js
Changelog:
2016-07-19 v2.0.0 Update uglify-js to v2.7.0. screwIE8 is enabled by default.
2016-07-19 v1.0.2 Update grunt to ^1.0.0. Fix beautify when passed as an object. Fix docs about report values.
See #38199.
Built from https://develop.svn.wordpress.org/trunk@39117
git-svn-id: http://core.svn.wordpress.org/trunk@39059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevents JavaScript errors by checking zxcvbn is defined before calling.
Changes `wp.passwordStrength.meter()` to return `-1` if the strength of the password is unknown.
On the user profile screen, `generatePassword()` checks if the user has entered the password before setting the value of the password input box.
Props peterwilsoncc, adamsilverstein.
Fixes#34905.
Built from https://develop.svn.wordpress.org/trunk@37940
git-svn-id: http://core.svn.wordpress.org/trunk@37881 1a063a9b-81f0-0310-95a4-ce76da25c4cd