Commit Graph

18425 Commits

Author SHA1 Message Date
TimothyBlynJacobs 04a853195b REST API: Allow sidebars and their widgets to be public.
By default, only users with the `edit_theme_options` capability can access the sidebars and widgets REST API endpoints. In this commit, A new `show_in_rest` parameter is added to the `register_sidebar` function. When enabled, all users will be able to access that sidebar and any widgets belonging to that sidebar.

This commit reduces the `context` for a widget's `instance` information to only `edit`. This is to ensure that internal widget data is not inadvertently exposed to the public. A future ticket may expose additional APIs to allow widget authors to indicate that their instance data can be safely exposed. REST API consumers intending to access this `instance` information should take care to explicitly set the `context` parameter to `edit`.

Props spacedmonkey, zieladam.
Fixes #53915.

Built from https://develop.svn.wordpress.org/trunk@52016


git-svn-id: http://core.svn.wordpress.org/trunk@51608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 02:15:59 +00:00
Peter Wilson cae71f232c Comments: Avoid reparenting during post deletion.
Delete comments in a descending order by comment ID when deleting a post.

This avoids the expense of additional database queries required to re-parent threaded comments that are themselves about to be deleted.

Props Mte90, andraganescu, johnbillion, hellofromTonya, peterwilsoncc.
Fixes #37703.


Built from https://develop.svn.wordpress.org/trunk@52015


git-svn-id: http://core.svn.wordpress.org/trunk@51606 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 23:56:58 +00:00
hellofromTonya 9036739acc Administration: Make dashboard widget control submit button text more clear.
Changes the submit button text from "Submit" to "Save Changes".

Why? The text is more semantic and clear of what happens when activating that button.

Follow-up to [9103].

Props zodiac1978, knutsp, hilayt24, audrasjb.
Fixes #54229.
Built from https://develop.svn.wordpress.org/trunk@52014


git-svn-id: http://core.svn.wordpress.org/trunk@51605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 23:30:58 +00:00
hellofromTonya fcf096f4b9 Bundled Themes: Remove the "role" attribute on HTML elements with a default landmark role.
With IE11 no longer supported, the primary problem with assistive technology support for native HTML5 elements no longer applies.

This commit removes the `role` attribute from the following HTML5 elements with default landmark roles, per formerly required role attributes and W3C.

Follow-up to [17669], [21261], [23452], [24832], [29892], [38833], [40851], [43842], [46271], [49216].

Props costdev, craigfrancis, joedolson, mukesh27, ryokuhi, sabernhardt.
Fixes #54079.
Built from https://develop.svn.wordpress.org/trunk@52013


git-svn-id: http://core.svn.wordpress.org/trunk@51604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 18:18:01 +00:00
gziolo e4da863a6f Docs: Clarify the path usage register_block_type_from_metadata
The filename passed with the first param must end with `block.json`.

Fixes #53806.
Props coreyw, costdev.


Built from https://develop.svn.wordpress.org/trunk@52012


git-svn-id: http://core.svn.wordpress.org/trunk@51603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 16:03:57 +00:00
gziolo 56e4bf827d Build: Remove polyfills from block view scripts
Related changes in Gutenberg: https://github.com/WordPress/gutenberg/pull/35038.

When adding a block with a view.js script, the frontend loads an additional ~20kb of scripts that were previously not there. These are coming from polyfills that are defined as a dependency for view.js scripts.
Since WordPress dropped support for IE, these polyfills are no longer needed and can be removed.

Follow-up to [51501].
See #53690.
Props aristath.


Built from https://develop.svn.wordpress.org/trunk@52011


git-svn-id: http://core.svn.wordpress.org/trunk@51602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 15:57:58 +00:00
hellofromTonya 507cc58f72 Coding Standards: Add visibility to methods in `tests/phpunit/tests/`.
Adds a `public` visibility to test fixtures, tests, data providers, and callbacks methods.

Adds a `private` visibility to helper methods within test classes.

Renames callbacks and helpers that previously started with a `_` prefix. Why? For consistency and to leverage using the method visibility. Further naming standardizations is beyond the scope of this commit.

Props costdev, jrf, hellofromTonya.
Fixes #54177.
Built from https://develop.svn.wordpress.org/trunk@52010


git-svn-id: http://core.svn.wordpress.org/trunk@51601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 15:23:59 +00:00
hellofromTonya ce599b652a Coding Standards: Add `public` visibility to methods in `tests/phpunit/includes/`.
This commit adds the `public` visibility keyword to each method which did not have an explicit visibility keyword.

Why `public`?

With no visibility previously declared, these methods are implicitly `public` and available for use. As these are part of the WordPress testing framework (for Core and extenders), changing them to anything else would be a backwards-compatibility break.

Props costdev, jrf, hellofromTonya.
See #54177.
Built from https://develop.svn.wordpress.org/trunk@52009


git-svn-id: http://core.svn.wordpress.org/trunk@51600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 13:16:57 +00:00
hellofromTonya 27d239d01b REST API: Improve translations, comments, and readability in URL Details endpoint.
Improvements:
* Removes HTML tags from translatable strings. Uses `sprintf` with placeholder and translators comment.
* Spells out "OG" to "Open Graph" to help translators.
* Adds `@since` param to new filters.
* Improves comments for code standards and consistency.
* Improves readability by making multiple args multiline.
* Micro-optimizations to avoid unnecessary variable assignments.

Follow-up to [51973].

Props hellofromTonya, sergeybiryukov, swissspidy.
Fixes #54358.
Built from https://develop.svn.wordpress.org/trunk@52008


git-svn-id: http://core.svn.wordpress.org/trunk@51599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 12:44:01 +00:00
davidbaumwald 2e249395de Comments: Add `noopener noreferrer` to author links in list table.
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs.  This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.

Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt. 
Fixes #40916.
Built from https://develop.svn.wordpress.org/trunk@52007


git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 20:02:02 +00:00
Sergey Biryukov aa62c253e0 External Libraries: Update the Iris color picker to version 1.1.1.
The latest version includes jQuery 3.x deprecation fixes:
* `$.isArray` → `Array.isArray`
* Event attachment/trigger shorthands → `.on()` and `.trigger()`

For a full list of changes in this update, see the PR on GitHub:
https://github.com/Automattic/Iris/pull/72

Follow-up to [22030], [22033], [22385], [22457], [22697], [22732], [23443], [26334], [30551], [30650], [38931], [50547].

Props Clorith, mattwiebe, Cybr.
Fixes #54224.
Built from https://develop.svn.wordpress.org/trunk@52006


git-svn-id: http://core.svn.wordpress.org/trunk@51595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 19:40:00 +00:00
Sergey Biryukov 8117af8bb2 General: Remove the `svn:executable` property from `wp-admin/_index.php`.
The property appears to be added accidentally. The removing was mentioned but not included in the previous commit.

Follow-up to [38049], [42200], [46585], [51995], [52001].

See #54321.
Built from https://develop.svn.wordpress.org/trunk@52005


git-svn-id: http://core.svn.wordpress.org/trunk@51594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 17:23:56 +00:00
johnjamesjacoby 3e81de0a3d Themes/TwentySixteen: correct invalid CSS `font-style` value.
This change swaps out `none` for `normal` in the `.wp-block-pullquote cite` styling of `blocks.css`.

Props malae, mukesh27, sabernhardt.

Fixes #46807.
Built from https://develop.svn.wordpress.org/trunk@52004


git-svn-id: http://core.svn.wordpress.org/trunk@51593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 17:01:57 +00:00
hellofromTonya 6a10d18458 Customize: Fix `focus()` to collapse child panels and show parent panel.
When a child panel is open, `wp.customize.panel('parent_panel').focus()` (e.g. `'parent_parent'` might be `'nav_menus'`) collapses the child panel(s) to show the parent panel. 

Follow-up to [30102], [31920], [38648].

Props celloexpressions, costdev, dlh, hareesh-pillai, hellofromTonya, westonruter, wpweaver. 
Fixes #34436.
Built from https://develop.svn.wordpress.org/trunk@52003


git-svn-id: http://core.svn.wordpress.org/trunk@51592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 15:05:58 +00:00
desrosj e2315352e9 Build/Test Tools: Pass workflow outcome to Slack Notifications.
When using a workflow as a callable workflow, the job status check functions do not take the called workflow into account. This has caused some failures to be incorrectly reported as successful.

This adds an input to the Slack notifications workflow for when the `workflow_call` event is used.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@52002


git-svn-id: http://core.svn.wordpress.org/trunk@51591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 14:56:04 +00:00
Sergey Biryukov a59ade2290 Help/About: Improve typography in the `Welcome to your WordPress Dashboard!` text.
Per the general consensus in #8714 and similar tickets, user-facing strings should use “curly quotes” for better typography.

Remove the `svn:executable` property that appears to be added accidentally.

Follow-up to [38049], [42200], [46585], [51995].

See #54321.
Built from https://develop.svn.wordpress.org/trunk@52001


git-svn-id: http://core.svn.wordpress.org/trunk@51590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 03:16:57 +00:00
Sergey Biryukov 7effeb4fc1 Build/Test Tools: Restore the `https` URL for `browserify-aes`.
Follow-up to [51967], [51974].

See #54054.
Built from https://develop.svn.wordpress.org/trunk@52000


git-svn-id: http://core.svn.wordpress.org/trunk@51589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 03:00:57 +00:00
Sergey Biryukov 8ea16bd30e Tests: Clean up the `$_REQUEST` superglobal in `WP_UnitTestCase_Base::clean_up_global_scope()`.
This resolves an issue where setting up `$_REQUEST['post_type']` and not clearing it afterwards in `Tests_Admin_IncludesScreen::setup_block_editor_test()` started affecting a few `WP_Comments_List_Table` tests after [51997]. It also ensures a similar issue does not inadvertently happen in other tests.

Follow-up to [760/tests], [51997].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51999


git-svn-id: http://core.svn.wordpress.org/trunk@51588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 02:57:58 +00:00
Sergey Biryukov a949417a2e Tests: Correct `@covers` tags in `WP_Comments_List_Table` tests.
Follow-up to [51993], [51997].

See #39265.
Built from https://develop.svn.wordpress.org/trunk@51998


git-svn-id: http://core.svn.wordpress.org/trunk@51587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 00:55:56 +00:00
Sergey Biryukov 012f50f565 Tests: Split `WP_Posts_List_Table` and `WP_Comments_List_Table` tests into two separate files for clarity.
These were previously combined in the `includesListTable.php` file. Since the tests were specific neither to the `_get_list_table()` function nor the parent `WP_List_Table` class, the naming was confusing, which should now be resolved.

Follow-up to [31730], [38854], [40297], [48151], [48521], [49190], [51993].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51997


git-svn-id: http://core.svn.wordpress.org/trunk@51586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 00:49:58 +00:00
hellofromTonya b87617e271 Customizer: Make range controls full width.
Adds CSS for range controls in the Customizer to be as wide as possible allowing for smaller increments to be more easily obtained by the user.

Follow-up to [28930].

Props domainsupport, dlh, sabernhardt, audrasjb.
Fixes #54329.
Built from https://develop.svn.wordpress.org/trunk@51996


git-svn-id: http://core.svn.wordpress.org/trunk@51585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 23:19:59 +00:00
hellofromTonya 22e4a52258 Help/About: Improve the Welcome text in `wp-admin/_index.php`.
Improves the `Welcome to your WordPress Dashboard!` copy in the `Overview` section of the help tab.

Follow-up to [18914], [19007], [37680].

Props webcommsat, marybaum, costdev, audrasjb.
Fixes #54321.
Built from https://develop.svn.wordpress.org/trunk@51995


git-svn-id: http://core.svn.wordpress.org/trunk@51584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 22:54:59 +00:00
hellofromTonya 973f1f1cac Build/Test Tools: Add missing `@covers` and visibility for `Tests_Admin_includesMisc`.
Adds the `@covers` tag to the test DocBlock.
Adds missing `public` visibility to the test method.

Follow-up to [25002].

Props pbearne, jrf, hellofromTonya.
See #39265.
Built from https://develop.svn.wordpress.org/trunk@51994


git-svn-id: http://core.svn.wordpress.org/trunk@51583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 22:08:59 +00:00
hellofromTonya f45b359aa2 Build/Test Tools: Add missing `@covers` tags for `Tests_Admin_includesListTable`.
Follow-up to [31730].

Props pbearne, jrf, hellofromTonya.
See #39265.
Built from https://develop.svn.wordpress.org/trunk@51993


git-svn-id: http://core.svn.wordpress.org/trunk@51582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 22:01:59 +00:00
hellofromTonya 9869a44a0f Build/Test Tools: Add missing `@covers` tags for `Tests_Admin_includesFile`.
Follow-up to [25002], [42773].

Props pbearne, jrf, hellofromTonya.
See #39265.
Built from https://develop.svn.wordpress.org/trunk@51992


git-svn-id: http://core.svn.wordpress.org/trunk@51581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 21:57:57 +00:00
hellofromTonya 3819fa7340 Help/About: Simplifies WordPress version in "Help" sidebar.
Simplifies the logic for when not in alpha/beta/RC.

The changelog URL is translatable in a few other places in core. This commit uses the same pattern for consistency.

Follow-up to [51985].

Props sergeybiryukov.
Fixes #47848.
Built from https://develop.svn.wordpress.org/trunk@51991


git-svn-id: http://core.svn.wordpress.org/trunk@51580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 21:43:57 +00:00
hellofromTonya db11516237 Build/Test Tools: Add end-to-end (e2e) tests for edit posts page.
Adds e2e tests for 'Edit Posts':
* No posts found
* Shows a single post after publishing
* Edit existing post via Edit button
* Quick edit existing post via Quick Edit button
* Delete post

Props isabel_brison, azaozz, hellofromTonya, justinahinon, talldanwp, youknowriad.
Fixes #49507.
Built from https://develop.svn.wordpress.org/trunk@51990


git-svn-id: http://core.svn.wordpress.org/trunk@51579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 21:26:58 +00:00
hellofromTonya e7e57a7aeb Build/Test Tools: Introduce local visual regression testing.
Adds the ability to ''locally'' run visual regression testing for wp-admin pages via `npm run test:visual`. Snapshots are stored on contributors' local machines.

Note:
Wiring to the CI is not included. Why? The challenges for the CI are storage of the artifacts and unreliability of testing these across different environments.

This commit is a first step towards visual regression testing. Running it locally provides a learning opportunity which could help to craft how to build it into the automated CI process.

Props isabel_brison, andraganescu, azaozz, danfarrow, desrosj, hellofromTonya, justinahinon, netweb, talldanwp.
Fixes #49606.
Built from https://develop.svn.wordpress.org/trunk@51989


git-svn-id: http://core.svn.wordpress.org/trunk@51578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 21:05:13 +00:00
Sergey Biryukov 1fdea15a96 Coding Standards: Fix some WPCS errors and warnings in `wp-admin/user-edit.php`:
* Add missing translators comment.
* Add missing space, correct indentation.
* Put opening and closing PHP tag on a line by itself.
* Remove unnecessary escaping for consistency with other strings.

Follow-up to [51980].

See #53658.
Built from https://develop.svn.wordpress.org/trunk@51988


git-svn-id: http://core.svn.wordpress.org/trunk@51577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 20:19:59 +00:00
johnjamesjacoby 88e9e36233 Help/About: add WordPress version to contextual "Help" sidebar area.
This change adds a new way for users to quickly identify what version of WordPress they are looking at, directly from the "Help" sidebar on the main "Dashboard" page.

* Stable versions will link to their respective support documents.
* Development versions (alpha/beta/RC) will not link anywhere.

Props audrasjb, costdev, donmhico, hellofromtonya, ipstenu, justinahinon, karmatosed, knutsp, marybaum, sergeybiryukov, webcommsat.

Fixes #47848.
Built from https://develop.svn.wordpress.org/trunk@51985


git-svn-id: http://core.svn.wordpress.org/trunk@51574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 19:09:03 +00:00
johnjamesjacoby 43644069ea Permalinks: Sanitize non-visible characters inside `sanitize_title_with_dashes()`.
This change prevents non-visible characters in titles from creating encoded values in permalinks, opting instead for the following replacement strategy:

* Non-visible non-zero-width characters are replaced with hyphens
* Non-visible zero-width characters are removed entirely

Included with this change are 64 additional PHPUnit assertions to confirm that only the targeted non-visible characters are sanitized as intended.

Before this change, URLs would unintentionally contain encoded values where these non-visible characters were. After this change, URLs intentionally strip out or hyphenate these non-visible characters.

Props costdev, dhanendran, hellofromtonya, paaljoachim, peterwilsoncc, poena, sergeybiryukov.

Fixes #47912.
Built from https://develop.svn.wordpress.org/trunk@51984


git-svn-id: http://core.svn.wordpress.org/trunk@51573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:47:57 +00:00
Sergey Biryukov 3ab8d52d78 Media: Use `WP_Query::get()` method to retrieve the `posts_per_page` value in `wp_ajax_query_attachments()`.
This avoids a PHP notice and ensures that a default value is always provided if none is set by the user.

Follow-up to [51145], [51485].

Props davidwebca, mukesh27.
Fixes #54129.
Built from https://develop.svn.wordpress.org/trunk@51982


git-svn-id: http://core.svn.wordpress.org/trunk@51571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:30:02 +00:00
johnjamesjacoby fae48afc92 Application Passwords: display guiding text & link in `user-edit.php` when unavailable.
This change intends to avoid confusion around the requirements of the Application Passwords feature, specific to it requiring HTTPS and the `WP_ENVIRONMENT_TYPE` constant.

It does this by conditionally hiding the traditional UI and showing some insightful explanations instead, including a translatable link to the `WP_ENVIRONMENT_TYPE` documentation on the "Editing wp-config.php" support page.

Props ashfame, audrasjb, iluy, johnbillion.

Fixes  #53658.
Built from https://develop.svn.wordpress.org/trunk@51980


git-svn-id: http://core.svn.wordpress.org/trunk@51569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:57:03 +00:00
johnjamesjacoby 6d451fb64b Admin/UI-Copy: reword some "we" usages.
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:

> the word “we” should be avoided (...) unless its made very clear which group is speaking

(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)

Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.

Fixes  #46057.
Built from https://develop.svn.wordpress.org/trunk@51979


git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:37:57 +00:00
johnjamesjacoby f5991aed63 Themes: Introduce `get_header_image_tag_attributes` hook.
This change adds a filter inside of the `get_header_image_tag()` function allowing developers to filter the attributes of the header image HTML tag before they are escaped, concatenated, and returned.

Before this change, it was not possible to externally and preemptively intercept this array of attributes. After this change, these attributes can now be easily filtered, matching it nicely to the `wp_get_attachment_image_attributes` hook.

Props audrasjb, chaion07, junaidbhura, sabernhardt.

Fixes #38942.
Built from https://develop.svn.wordpress.org/trunk@51978


git-svn-id: http://core.svn.wordpress.org/trunk@51567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:21:58 +00:00
johnjamesjacoby f60dae0731 Admin/Menu: include `960` exact pixel width in collapse measurements.
This change removes a 1 pixel gap in the measurement of the viewport width when clicking the "Collapse menu" button (at the bottom of the admin menu UI) when already collapsed, causing the menu not to open as intended when exactly 960 pixels wide.

Before this change, the menu would be stuck in the collapsed position. After this change, the menu opens as expected.

Props abesell132, ankit-k-gupta, audrasjb, boniu91, mai21, sabernhardt, webaxones.

Fixes #54210.
Built from https://develop.svn.wordpress.org/trunk@51977


git-svn-id: http://core.svn.wordpress.org/trunk@51566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:07:57 +00:00
johnjamesjacoby dd7cb532a1 Admin/Discussion Settings: attempt to clarify intent of "Default post settings" section.
This changes the descriptive text underneath 3 settings that are frequently overridden by individual posts & pages, and are also often misunderstood to work differently than they do.

"(These settings may be overridden for individual posts.)"

...becomes...

"Individual posts may override these settings. Changes here will only be applied to new posts."

* Parenthesis were removed to improve text layout and flow for RTL languages.
* Original statement was reworded to emphasize "individual posts".
* New statement provides clarity to users about settings changes not being retroactive.

Props audrasjb, johnjamesjacoby, sabbirshouvo, sabernhardt, tobifjellner.

Fixes #54300.
Built from https://develop.svn.wordpress.org/trunk@51976


git-svn-id: http://core.svn.wordpress.org/trunk@51565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 16:42:59 +00:00
johnjamesjacoby 791998fb7c Admin/Comments: remove bespoke truncation from search string HTML.
This change removes a call to `wp_html_excerpt()` used on the HTML output of the search string, supplied by the current user in the previous page request via the named `s` input in the search-box UI.

If the search string is extremely long, it wraps around the available empty space in a way that is not visually displeasing, confirming that truncation is not a requirement here.

This also addresses a small accessibility concern as the non-truncated string was not alternatively presented, and helps normalize the output of `$_REQUEST['s']` for more broad improvements in the future.

Props hareesh-pillai, jakubtyrcha, johnjamesjacoby, lukecavanagh, sabernhardt.

Fixes #17636.
Built from https://develop.svn.wordpress.org/trunk@51975


git-svn-id: http://core.svn.wordpress.org/trunk@51564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 15:57:59 +00:00
joedolson a5293aa581 Build/Test Tools: Restore changes to package.json.
Reverts changes to package.json and package-lock.json accidentally committed in [51967].

Props tobiasbg.
Fixes #54054.
Built from https://develop.svn.wordpress.org/trunk@51974


git-svn-id: http://core.svn.wordpress.org/trunk@51563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 14:26:14 +00:00
hellofromTonya cf0274e1ca REST API: Add URL Details endpoint.
Adds a new REST API endpoint (`/wp-block-editor/v1/url-details`) for retrieving information from an external URL.

Information retrieved:

* Title: content of the `<title>` element
* Icon: favicon image link
* Description: content of the `description` or `og:description` meta element
* Image: OG image link

This endpoint is used by the block editor for link previews.

Props get_dave, aduth, andraganescu, beaulebens, hellofromTonya, kevin940726, mamaduka, marekhrabe, mnelson4, noisysocks, obenland, ocean90, retrofox, shaunandrews, spacedmonkey, swissspidy, timothyblynjacobs, xknown, youknowriad.
Fixes #54358.
Built from https://develop.svn.wordpress.org/trunk@51973


git-svn-id: http://core.svn.wordpress.org/trunk@51562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 12:48:00 +00:00
joedolson c90e2fe4f2 Widgets: Remove unused CSS breaking wp_text_diff layout.
Remove CSS used in version of `wp_text_diff` prior to [50034]. Orphaned CSS breaks default layout of function output, but is overridden in the revisions screen.

Props mt8.biz, hareesh-pillai, mukesh27.
Fixes #54140.
Built from https://develop.svn.wordpress.org/trunk@51972


git-svn-id: http://core.svn.wordpress.org/trunk@51561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 23:14:00 +00:00
joedolson 67779da49f Widgets: Use a text-based button to select location.
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker. 

Props AmethystAnswers, sabernhardt.
Fixes #53311.
Built from https://develop.svn.wordpress.org/trunk@51971


git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:54:57 +00:00
hellofromTonya 69dc72d0b9 Site Health: Internationalizes count in the info section headings.
If a site health info section includes the `show_count` parameter, this commit internationalizes the count.

Follow-up to [45176].

Props johnbillion, swissspidy.
Fixes #54341.
Built from https://develop.svn.wordpress.org/trunk@51970


git-svn-id: http://core.svn.wordpress.org/trunk@51559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:36:59 +00:00
joedolson a841368a3e Editor: Include post's title in editor `title` element.
Include the current post title in the `title` element when editing a post. Improve accessibility by distinguishing between different edit screens in the browser tab list. 

Props skierpage, alexstine, audrasjb, sabernhardt.
Fixes #52314.
Built from https://develop.svn.wordpress.org/trunk@51969


git-svn-id: http://core.svn.wordpress.org/trunk@51558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:32:58 +00:00
hellofromTonya 1c73f953c3 Build/Test Tools: Ignore "null to nullable" deprecations for select tests.
Adds an expectation for PHP 8.1 "passing null to non-nullable" deprecation notice to select tests where the deprecation is generated by one of the functions in the `wp-includes/formatting.php` file, either via a filter hook callback or by a direct call.

Instead of haphazardly fixing these issues exposed by the tests, a more structural and all-encompassing solution for input validation should be architected and implemented as otherwise, we'll keep running into similar issues time and again with each new PHP version.

To discourage people from "fixing" these issues now anyway, this commit "hides" nearly all of these issues from the test runs.

Once a more structural solution is designed, these tests and the underlying functions causing the deprecation notices should be revisited and the structural solution put in place.

Includes a few minor other tweaks to select tests:
* Removing a stray `return` (twice) from assertion statements.
* Removing calls to `ob_*()` functions in favour of letting PHPUnit manage the output catching. This prevents warnings along the lines of `Test code or tested code did not (only) close its own output buffers`.

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51968


git-svn-id: http://core.svn.wordpress.org/trunk@51557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:24:00 +00:00
joedolson a3a61c5a3e General: Remove role="navigation" from nav elements.
Role="navigation" was required for assistive technology to recognize HTML5 element's native ARIA roles while HTML5 and ARIA were being introduced. With the deprecation of IE11, the role attribute is only required when mapping elements that don't have native role.

Props costdev, mukesh27.
Fixes #54054.
Built from https://develop.svn.wordpress.org/trunk@51967


git-svn-id: http://core.svn.wordpress.org/trunk@51556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:47:13 +00:00
hellofromTonya 78e5b8481c Application Passwords: Add end-to-end (e2e) tests.
Adds end-to-end (e2e) tests for the following test scenarios:
* Create a new application password.
* Create an application password with an existing name.
* Revoke a single application password.
* Bulk revoke applications passwords.

Follow-up to [49109], [49276], [49562], [50001], [50367], [51463].

Props justinahinon, swissspidy, juhise, kevin940726, isabel_brison.
Fixes #54241.
Built from https://develop.svn.wordpress.org/trunk@51966


git-svn-id: http://core.svn.wordpress.org/trunk@51555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:42:00 +00:00
Sergey Biryukov b855ffec3f Docs: Add a `@since` note for the `rest_namespace` argument of `register_post_type()` and `register_taxonomy()`.
Use 3-digit, x.x.x-style semantic versioning for `@since` tags of the `$rest_namespace` property in `WP_Post_Type` and `WP_Taxonomy`.

Add a `@since` note to `WP_REST_Taxonomies_Controller::get_item_schema()` for the `visibility` and `rest_namespace` properties.

The `rest_base` property was also added after the method was initially introduced, but that happened during the same release cycle, so it doesn't need a separate `@since` note.

Follow-up to [38832], [39191], [42729], [51959], [51961], [51962], [51964].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51965


git-svn-id: http://core.svn.wordpress.org/trunk@51554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 14:31:00 +00:00
TimothyBlynJacobs c0995319f4 REST API: Support custom namespaces for taxonomies.
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.

A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.

For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.

Props spacedmonkey.
Fixes #54267.
See [51962].

Built from https://develop.svn.wordpress.org/trunk@51964


git-svn-id: http://core.svn.wordpress.org/trunk@51553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 03:27:55 +00:00
Gary Pendergast 2c3205bb84 KSES: Add options for restricting tags based upon their attributes.
This change adds two now attribute-related config options to KSES:
- An array of allowed values can be defined for attributes. If the attribute value doesn't fall into the list, the attribute will be removed from the tag.
- Attributes can be marked as required. If a required attribute is not present, KSES will remove all attributes from the tag. As KSES doesn't match opening and closing tags, it's not possible to safely remove the tag itself, the safest fallback is to strip all attributes from the tag, instead.

Included with this change is an implementation of these options, allowing the `<object>` tag to be stored in posts, but only when it has a `type` attribute set to `application/pdf`.

Props pento, swissspidy, peterwilsoncc, dd32, jorbin.
Fixes #54261.


Built from https://develop.svn.wordpress.org/trunk@51963


git-svn-id: http://core.svn.wordpress.org/trunk@51552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 02:13:56 +00:00
TimothyBlynJacobs bac6e41c85 REST API: Support custom namespaces for custom post types.
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument. 

A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.

While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.

Props spacedmonkey, swissspidy.
Fixes #53656.

Built from https://develop.svn.wordpress.org/trunk@51962


git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 23:16:58 +00:00
Sergey Biryukov c60a9d92e2 Docs: Add a `@since` note to `WP_REST_Post_Types_Controller::get_item_schema()` for the `supports` and `visibility` properties.
The `taxonomies` and `rest_base` properties were also added after the method was initially introduced, but that happened during the same release cycle, so they don't need a separate `@since` note.

Follow-up to [38832], [39097], [39191], [39647], [51959].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51961


git-svn-id: http://core.svn.wordpress.org/trunk@51550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 20:28:01 +00:00
TimothyBlynJacobs af212ad9b3 REST API: Send a 500 status code when JSON encoding fails.
Previously, a 200 status code would be sent despite the 500 status code present in the response body.

Props hermpheus, lalitjalandhar.
Fixes #53056.

Built from https://develop.svn.wordpress.org/trunk@51960


git-svn-id: http://core.svn.wordpress.org/trunk@51549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 06:07:56 +00:00
TimothyBlynJacobs f76071026b REST API: Add visibility information to the Post Types controller.
Props spacedmonkey, peterwilsoncc.
Fixes #54055.

Built from https://develop.svn.wordpress.org/trunk@51959


git-svn-id: http://core.svn.wordpress.org/trunk@51548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 05:19:01 +00:00
John Blackbourn 3d86f8af55 Application Passwords: Various docblock improvements.
See #53399, #42790

Built from https://develop.svn.wordpress.org/trunk@51958


git-svn-id: http://core.svn.wordpress.org/trunk@51547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:26:59 +00:00
John Blackbourn c274d3c520 Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51957


git-svn-id: http://core.svn.wordpress.org/trunk@51546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:17:01 +00:00
Sergey Biryukov 4459eaf392 Docs: Further update the `debug_information` filter description per the documentation standards.
Specifically, this ensures that the DocBlock follows the line wrapping recommendations.

Follow-up to [44986], [45156], [45259], [51949].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51956


git-svn-id: http://core.svn.wordpress.org/trunk@51545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 13:41:02 +00:00
John Blackbourn 6babc3833b Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51955


git-svn-id: http://core.svn.wordpress.org/trunk@51544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 23:13:05 +00:00
desrosj 4a0480a67d Build/Test Tools: Use correct URL for a GitHub Action workflow run.
Follow up to [51921], [51937], [51953].
Unprops desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51954


git-svn-id: http://core.svn.wordpress.org/trunk@51543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:34:58 +00:00
desrosj ab1786d059 Build/Test Tools: Adjust Slack notifications for `scheduled` and `workflow_dispatch` events.
This makes the needed adjustments to fix Slack notifications for `scheduled` and `workflow_dispatch` events. The data needed to send notifications for these events are stored in different locations, or need to be accessed through API requests.

Follow up to [51921], [51937].
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51953


git-svn-id: http://core.svn.wordpress.org/trunk@51542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:00:58 +00:00
desrosj deb3eca81a Build/Test Tools: Escape `$` within commit messages for `$variables.
This ensures the variables are preserved in the Slack message.

Props ocean90, desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51952


git-svn-id: http://core.svn.wordpress.org/trunk@51541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 19:41:56 +00:00
Sergey Biryukov 0e2f9ad5b6 Coding Standards: Correct alignment in `WP_Site_Health::get_test_update_temp_backup_writable()`.
This fixes an `Equals sign not aligned with surrounding assignments; expected 1 space but found 6 spaces` WPCS warning.

Follow-up to [51815].

See #51857, #53359.
Built from https://develop.svn.wordpress.org/trunk@51951


git-svn-id: http://core.svn.wordpress.org/trunk@51540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:52:57 +00:00
John Blackbourn 0775153e27 Date/Time: Improve the docblocks for various date and time related functions.
See #53399, #28992, #40653

Built from https://develop.svn.wordpress.org/trunk@51950


git-svn-id: http://core.svn.wordpress.org/trunk@51539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:51:56 +00:00
John Blackbourn a0d8a60547 Site Health: Correct and improve the documentation for the `debug_information` hook.
This corrects the structure of the documentation so it accurately reflects the array elements contained within.

See #53399.

Built from https://develop.svn.wordpress.org/trunk@51949


git-svn-id: http://core.svn.wordpress.org/trunk@51538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 15:35:00 +00:00
joedolson 2f3b779563 Media: Remove deprecated click function in media uploader.
Replace the call to jQuery's deprecated click handler.

Props kapilpaul.
Fixes #53261.
Built from https://develop.svn.wordpress.org/trunk@51947


git-svn-id: http://core.svn.wordpress.org/trunk@51536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:50:58 +00:00
joedolson d71ae9a7e3 Administration: Hide mobile menu on focusout.
Closes the admin menu on mobile devices when keyboard focus moves outside of the menu or menu toggle elements. Improves the usability of the menu on mobile by allowing closure anywhere outside the menu rather than only on the toggle. 

Props kaneva, costdev, sabernhardt
Fixes #53587.
Built from https://develop.svn.wordpress.org/trunk@51946


git-svn-id: http://core.svn.wordpress.org/trunk@51535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:28:56 +00:00
joedolson acabcf82ff Media: Close attachment details modal with esc key.
The event that fired closing the attachment details modal also removed the keydown event listener, so subsequent modals could not be closed with the escape key.

Props vondelphia, sourovroy, sabernhardt
Fixes #53924.
Built from https://develop.svn.wordpress.org/trunk@51945


git-svn-id: http://core.svn.wordpress.org/trunk@51534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 16:07:59 +00:00
Sergey Biryukov a5926f8ece Coding Standards: Correct alignment in `wp_enqueue_global_styles()`.
This fixes an `Equals sign not aligned with surrounding assignments; expected 5 spaces but found 1 space` WPCS warning.

Follow-up to [50973], [51819].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51944


git-svn-id: http://core.svn.wordpress.org/trunk@51533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 14:10:59 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
Sergey Biryukov 311cf99866 Docs: Document the usage of some globals in `wp-includes/script-loader.php`.
Follow-up to [44114], [44262], [49080], [50761], [51471].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51942


git-svn-id: http://core.svn.wordpress.org/trunk@51531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:21:58 +00:00
Sergey Biryukov 6a5a0062ff Script Loader: Correct the number of arguments passed to the closure in `enqueue_block_styles_assets()`.
This avoids an `Uncaught ArgumentCountError: Too few arguments to function {closure}(), 1 passed` PHP fatal error when registering a block style with the `should_load_separate_core_block_assets` filter enabled.

Follow-up to [51471].

Props aristath, shimon246, jrf, gziolo.
Fixes #54323.
Built from https://develop.svn.wordpress.org/trunk@51941


git-svn-id: http://core.svn.wordpress.org/trunk@51530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 17:10:01 +00:00
Sergey Biryukov 156a453ed9 Coding Standards: Rename the `$process` variable to `$processed_response` for clarity in `WP_Http_Streams::request()`.
Includes minor code layout fixes for better readability.

Follow-up to [8516], [51826], [51929], [51931].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51940


git-svn-id: http://core.svn.wordpress.org/trunk@51529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:03:58 +00:00
johnjamesjacoby 7a0a07d691 Admin/HTTP API: add suggested filename support to `download_url()`.
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.
Built from https://develop.svn.wordpress.org/trunk@51939


git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:00:01 +00:00
Sergey Biryukov b8e6a3c334 Tests: Some test improvements for `clean_dirsize_cache()` tests:
* Move the directory being tested to the `data` directory, for consistency with other test data.
* Set the `svn:eol-style` property to `native`, for consistency with other files.
* Correct the test class name in `dummy.txt`.

Follow-up to [51246], [51910], [51911].

See #52241, #53363.
Built from https://develop.svn.wordpress.org/trunk@51938


git-svn-id: http://core.svn.wordpress.org/trunk@51527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-26 02:03:58 +00:00
desrosj 3867e66520 Build/Test Tools: Use the correct workflow name in notifications on `workflow_run`.
When a workflow is triggered through a `workflow_run` event, the context is not the original workflow. The details about the original workflow are passed through the `github.event` context.

This also moves the conditional check controlling whether the Slack workflow is run into the calling workflows to prevent them from running for pull requests.

Follow up to [51921-51922,51924-51925,51934].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51937


git-svn-id: http://core.svn.wordpress.org/trunk@51526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 20:27:56 +00:00
desrosj fc06dda73e Build/Test Tools: Restore Slack notifications for older branches.
In [51921], the GitHub Actions workflows were updated to utilize the Slack notifications workflow as a callable one instead of on the `workflow_run` event.

This eliminated the need for an additional “Slack Notifications” workflow run for every completed workflow, but only when other workflows are updated as well. This resulted in notifications from older branches breaking, as the changes in [51921] were not backported.

Instead of backporting the needed changes now (the Slack workflow is still being polished), this commit partially restores the `workflow_run` event for older branches so that notifications will resume.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51934


git-svn-id: http://core.svn.wordpress.org/trunk@51525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 19:30:00 +00:00
Sergey Biryukov d31f31c579 Coding Standards: Rename `$theHeaders` variable to `$processed_headers` in `WP_Http_Curl::request()`.
This fixes a `Variable "$theHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8516], [8520], [51826], [51929].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51931


git-svn-id: http://core.svn.wordpress.org/trunk@51524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 16:20:00 +00:00
Peter Wilson cdf1000cbb Docs: Use sign-up & signup consistently in `wp-signup.php`.
In the docblocks throughout `wp-signup.php` use sign up for verbs and sign-up for nouns.

Props audrasjb, jeffpaul.
Fixes #54041. See #53399.


Built from https://develop.svn.wordpress.org/trunk@51930


git-svn-id: http://core.svn.wordpress.org/trunk@51523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 00:23:57 +00:00
Sergey Biryukov f8f74e7aa5 Coding Standards: Rename the `$arrHeaders` variable to `$processed_headers` in `WP_Http_Streams::request()`.
This fixes a `Variable "$arrHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8516], [51826].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51929


git-svn-id: http://core.svn.wordpress.org/trunk@51522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-24 19:23:00 +00:00
Sergey Biryukov 50aa2df391 Tests: Add `@ticket` references for `page_on_front` canonical tests.
Follow-up to [669/tests], [849/tests], [36238], [47760].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51928


git-svn-id: http://core.svn.wordpress.org/trunk@51521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-23 12:38:01 +00:00
Sergey Biryukov d468eb17c3 Coding Standards: Escape `id` attributes in `WP_Customize_Control::render_content()` and `::print_template()`.
Follow-up to [30014], [38906].

Props sabbirshouvo.
See #54295.
Built from https://develop.svn.wordpress.org/trunk@51927


git-svn-id: http://core.svn.wordpress.org/trunk@51520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-22 16:09:59 +00:00
Sergey Biryukov 4152fbfdb2 Coding Standards: Improve escaping in `wp_login_form()`.
* Split long concatenated lines using `sprintf()`. This aims to improve readability and avoid multiple `esc_attr()` calls for the same value.
* Escape the form `name` and `id` attributes.

Follow-up to [12696], [18444], [19033].

Props sabbirshouvo, mukesh27, audrasjb, henry.wright, SergeyBiryukov.
Fixes #54279.
Built from https://develop.svn.wordpress.org/trunk@51926


git-svn-id: http://core.svn.wordpress.org/trunk@51519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-21 18:19:00 +00:00
desrosj e791d7f5db Build/Test Tools: Fix syntax for passing secrets to a called workflow.
Follow up to [51923].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51925


git-svn-id: http://core.svn.wordpress.org/trunk@51518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:51:58 +00:00
desrosj 1d76e9f33c Build/Test Tools: Pass required secrets to the Slack notifications workflow.
Secrets are not available within callable workflows by default. They must be defined within the callable workflow, and passed from the calling workflow.

Follow up to [51921-51922].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51924


git-svn-id: http://core.svn.wordpress.org/trunk@51517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:26:57 +00:00
Sergey Biryukov e6ede0c816 Coding Standards: Improve escaping in `wp-admin/theme-install.php`.
* Rename a duplicate `$feature_name` variable to `$feature_group` for clarity.
* Escape the remaining `$feature_name` variable.

Follow-up to [27636], [35273].

Props sabbirshouvo, sabernhardt, mukesh27, afragen.
Fixes #54277.
Built from https://develop.svn.wordpress.org/trunk@51923


git-svn-id: http://core.svn.wordpress.org/trunk@51516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:18:01 +00:00
desrosj b54ec08215 Build/Test Tools: Adjustments as a follow up to [51921].
This adjusts the syntax for using the `github-scripts` action.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51922


git-svn-id: http://core.svn.wordpress.org/trunk@51515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 15:36:58 +00:00
desrosj 0f8c4989b0 Build/Test Tools: Modify the Slack notifications workflow to be a reusable one.
The ability to reuse workflow files within GitHub Action workflows was recently added and allows for less code duplication.

In the context of WordPress Core, this also eliminates the need for an additional “Slack Notifications” workflow to run for every completed workflow.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51921


git-svn-id: http://core.svn.wordpress.org/trunk@51514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 14:42:02 +00:00
Sergey Biryukov 2c84d63322 Help/About: Don't output empty `<span>` tags on Credits screen.
If the contributor does not have a title, the empty tags are not necessary.

Follow-up to [17877], [17909], [17942], [18162], [19143], [46709].

Props sayedulsayem, audrasjb, mukesh27.
Fixes #54275.
Built from https://develop.svn.wordpress.org/trunk@51920


git-svn-id: http://core.svn.wordpress.org/trunk@51513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-19 23:09:00 +00:00
hellofromTonya 234877c9c3 Coding Standards: Add `public` visibility to methods in `src` directory.
This commit adds the `public` visibility keyword to each method which did not have an explicit visibility keyword.

Why `public`?

With no visibility previously declared, these methods are implicitly `public` and available for use. Changing them to anything else would be a backwards-compatibility break.

Props costdev, jrf.
See #54177.
Built from https://develop.svn.wordpress.org/trunk@51919


git-svn-id: http://core.svn.wordpress.org/trunk@51512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 17:52:58 +00:00
Sergey Biryukov a60032feec Coding Standards: Add a leading zero in the CSS declarations printed by the `print_emoji_styles()` function.
Follow-up to [31733], [31786].

Props audrasjb, sabernhardt.
Fixes #54284.
Built from https://develop.svn.wordpress.org/trunk@51918


git-svn-id: http://core.svn.wordpress.org/trunk@51511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 16:53:57 +00:00
hellofromTonya db3a05178b Cron: Remove errant `false` values in cron array when upgrading to 5.9+.
[51916] fixed a bug where `array( `false` )` was added to the cron array when `_get_cron_array()` returned `false`. 

This commit:
* Removes any `false` values from the cron array when upgrading to 5.9+.
* Bumps the database version.

Follow-up to [44917], [51916].

Props peterwilsoncc, jrf.
See #53950.
Built from https://develop.svn.wordpress.org/trunk@51917


git-svn-id: http://core.svn.wordpress.org/trunk@51510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 13:30:57 +00:00
hellofromTonya 248c36d748 Cron: Fix malformed cron array in `wp_schedule_single_event()` when `_get_cron_array()` returns `false`.
In `wp_schedule_single_event()`, the cron info array is retrieved via a call to `_get_cron_array()` and straight away cast to an array. But as the documentation for that function (correctly) states, the return type of that function is `array|false`, where `false` is returned for a site where no cron jobs have been scheduled (yet).

In the case that `_get_cron_array()` would return `false`, this would now unintentionally create an array with a single entry with key `0` and as the value `false`.

This is a bug. Fixed now by adding validation to the output of `_get_cron_array()` and initializing `$crons` to an empty array if `false` was returned.

Tests added first to prove the bug (a) was introduced in #44818 [44917] and (b) is now fixed.

Follow-up to [44917].

Props jrf, peterwilsoncc.
Fixes #53950.
Built from https://develop.svn.wordpress.org/trunk@51916


git-svn-id: http://core.svn.wordpress.org/trunk@51509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 12:51:58 +00:00
John Blackbourn 00b914db08 REST API: Correct the order of the parameters documented for `WP_REST_Server::respond_to_request()`.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51915


git-svn-id: http://core.svn.wordpress.org/trunk@51508 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 11:14:57 +00:00
Sergey Biryukov cea5785cdb Coding Standards: Consistently escape form action URL in `wp-admin/update-core.php`.
Follow-up to [10166], [23739], [25806].

Props sabbirshouvo, mukesh27.
Fixes #54278.
Built from https://develop.svn.wordpress.org/trunk@51914


git-svn-id: http://core.svn.wordpress.org/trunk@51507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-17 20:31:02 +00:00
Sergey Biryukov 8447683474 Docs: Improve documentation for the `tax_input` parameter of `wp_insert_post()`.
Follow-up to [10222], [13217], [33922].

Props dingo_d.
Fixes #54264.
Built from https://develop.svn.wordpress.org/trunk@51913


git-svn-id: http://core.svn.wordpress.org/trunk@51506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-16 02:38:58 +00:00
hellofromTonya 4a1cc2c3e2 FileSystem API: Add safeguard for invalid return from `get_attached_file()` in `wp_delete_attachment()`.
The `get_attached_file()` function is supposed to return the path to the file, but could:
1. Return `false` if the file doesn't exist.
2. Return literally anything else, as a filter is being applied to the value on return.

As the `clean_dirsize_cache()` now has input validation, passing anything but a non-empty string to `clean_dirsize_cache()` will result in a PHP error notice.

This was exposed by the `Tests_Post_GetPostStatus::wpSetUpBeforeClass()` method which started generating unexpected output (the doing it wrong message) during the test run.

While this indicates that there is a flaw in the mocking being done in the test suite, debugging that is outside of the scope of the current patch.

At the same time, as based on the above point, this ''could'' potentially happen in a real-world situation as well, adding additional conditions to the `if` in the `wp_delete_attachment()` function before calling the `clean_dirsize_cache()` function, is warranted.

As there are no tests for the `wp_delete_attachment()` function at all at this time, we're not adding a test specifically for this change for now. This should however be addressed in the future, when tests will be added to cover the `wp_delete_attachment()` function completely. 

Follow-up to [32619], [49212], [51910].

Props jrf, hellofromTonya.
See #52241.
Built from https://develop.svn.wordpress.org/trunk@51912


git-svn-id: http://core.svn.wordpress.org/trunk@51505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 22:58:56 +00:00
hellofromTonya 4471c3787c FileSystem API: Fix autovivification deprecation notice in `recurse_dirsize()`.
>PHP natively allows for autovivification (auto-creation of arrays from falsey values). This feature is very useful and used in a lot of PHP projects, especially if the variable is undefined. However, there is a little oddity that allows creating an array from a `false` and `null` value.

The above quote is from the PHP 8.1 RFC and the (accepted) RFC changes the behaviour described above to deprecated auto creation of arrays from `false`. As it is deprecated, it _will_ still work for the time being, but as of PHP 9.0, this will become a Fatal Error, so we may as well fix it now.

The `recurse_dirsize()` function retrieves a transient and places it in the `$directory_cache` variable, but the `get_transient()` function in WP returns `false` when the transient doesn't exist, which subsequently can lead to the above mentioned deprecation notice.

By verifying that the `$directory_cache` variable is an array before assigning to it and initializing it to an empty array, if it's not, we prevent the deprecation notice, as well as harden the function against potentially corrupted transients where this transient would not return the expected array format, but some other variable type.

Includes adding dedicated unit tests for both the PHP 8.1 issue, as well as the hardening against corrupted transients.

Includes some girl-scouting: touching up a parameter description and some code layout.

Refs:
* https://wiki.php.net/rfc/autovivification_false
* https://developer.wordpress.org/reference/functions/get_transient/

Follow-up to [49212], [49744].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51911


git-svn-id: http://core.svn.wordpress.org/trunk@51504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 22:53:58 +00:00
hellofromTonya 82141be0d8 FileSystem API: Fix infinite loop on Windows for `clean_dirsize_cache()`.
When the PHP native `dirname()` function is used on a Windows disk name - i.e. `C:\`-, it will return the same, i.e, it will return `C:\` again.

The `clean_dirsize_cache()` function didn't have guard clause against this, which meant that on Windows based systems and IIS servers, this function would result in WordPress getting stuck into an infinite loop.

The adjustment to the `while` part of the function fix this by checking if the return value of the `dirname()` function call is the same as the original path passed to `dirname()`, which effectively fixes the infinite loop.

A number of other improvements made:

1. Add input validation for the `$path` parameter to guard against invalid variable types being passed into the function.

2. Guard against an empty `$path` parameter, which would result in an infinite loop on both Windows as well as *nix based systems.

In both these cases, a PHP notice will now be thrown.

3. When a non-empty string, which isn't a path would previously be passed, the `dirname()` function would transform that to a `.` and the `.` key in the transient cache would be cleared out.
This was a bug as there is no relation between a non-path string and the root directory of file system.

This bug has been fixed by checking that something could actually be a path and handling received non-empty, non-path input parameters in a special way, i.e only removing the cache key for the passed string and bowing out from further processing.

Unfortunately, no tests can be added to guard against the infinite loop.

For the other fixes, we have added appropriate unit tests. 

Follow-up up [49212], [49616], [49744].

Props jrf, hellofromTonya, raubvogel, sergeybiryukov, codezen8, sjlevy, drosmog, teachlynx, ekojr, bartoszgrzesik, joegasper, janthiel, josephdickson, ocean90, audrasjb.
Fixes #52241.
Built from https://develop.svn.wordpress.org/trunk@51910


git-svn-id: http://core.svn.wordpress.org/trunk@51503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 22:25:01 +00:00
Gary Pendergast 44caec31bd Embeds: Add Wolfram Notebook as a trusted oEmbed provider.
Fixes #53326.


Built from https://develop.svn.wordpress.org/trunk@51909


git-svn-id: http://core.svn.wordpress.org/trunk@51502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 05:04:56 +00:00
Rachel Baker 1f261d083a REST API: Add text-field and textarea-field as available schema formats for string sanitization.
Props ocean90, TimothyBlynJacobs.
Fixes #49960.
Built from https://develop.svn.wordpress.org/trunk@51908


git-svn-id: http://core.svn.wordpress.org/trunk@51501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 02:04:56 +00:00
Sergey Biryukov 8b8b5d8ecc Media: Display the unsaved changes dialog in image edit form using jQuery `.text()` function.
This ensures that HTML entities like non-breaking spaces are properly displayed instead of being encoded.

Props jdy68, sebastienserre, audrasjb, mukesh27, SergeyBiryukov.
Fixes #54232.
Built from https://develop.svn.wordpress.org/trunk@51907


git-svn-id: http://core.svn.wordpress.org/trunk@51500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 00:18:56 +00:00
Sergey Biryukov 000a1202ad Docs: Update `WP_Date_Query` documentation to reflect changes in accepted column names.
Remove outdated list of accepted column name values, add a reference to `WP_Date_Query::validate_column()` and the `date_query_valid_columns` filter instead for a more detailed description.

Follow-up to [25139], [25860], [29933], [29934], [29938], [37477], [51905].

Props dimadin, johnjamesjacoby.
Fixes #54248.
Built from https://develop.svn.wordpress.org/trunk@51906


git-svn-id: http://core.svn.wordpress.org/trunk@51499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-14 18:05:04 +00:00
Sergey Biryukov b2c8d3bb8c Docs: Update documentation for the `date_query_valid_columns` filter.
Add a `@since` note for `registered` and `last_updated` as default recognized date query columns. 

Follow-up to [25139], [25860], [29933], [29934], [29938], [37477].

Props dimadin, johnjamesjacoby.
See #54248.
Built from https://develop.svn.wordpress.org/trunk@51905


git-svn-id: http://core.svn.wordpress.org/trunk@51498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-13 20:00:01 +00:00
hellofromTonya d2694aa466 Build/Test Tools: Add end-to-end (e2e) tests `README.md`.
Adds a readme to the `/tests/e2e/` folder to provide (a) instructions of how to run the tests locally and (b) links to documentation.

Follow-up to [45570].

Props isabel_brison, desrosj, justinahinon.
Fixes #53550.
Built from https://develop.svn.wordpress.org/trunk@51904


git-svn-id: http://core.svn.wordpress.org/trunk@51497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-12 18:52:00 +00:00
Sergey Biryukov 1020306fe9 I18N: Add context for some Media Library filter strings:
* Audio
* Video
* Unattached

This allows for more homogeneous translations in languages where keeping a plural form is important.

Follow-up to [6910], [7397], [8901], [9556], [11749], [13100], [12110], [15491], [15578], [22743], [29426], [29625], [34256], [45651], [46437].

Props jdy68, audrasjb, SergeyBiryukov.
Fixes #54238.
Built from https://develop.svn.wordpress.org/trunk@51903


git-svn-id: http://core.svn.wordpress.org/trunk@51496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-12 16:44:01 +00:00
Sergey Biryukov 2030b6e313 Upgrade/Install: Restore or clean up the temporary plugin or theme backup on shutdown.
This allows these actions to run ''after'' the main process, without affecting the update. Actions running on `shutdown` are immune to PHP timeouts, so in case the failure was due to a PHP timeout, we'll still be able to properly restore the previous version.

Follow-up to [51815], [51898], [51899].

Props aristath, peterwilsoncc.
See #54166.
Built from https://develop.svn.wordpress.org/trunk@51902


git-svn-id: http://core.svn.wordpress.org/trunk@51495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-11 15:09:05 +00:00
Sergey Biryukov 130979f91e External Libraries: Revert [51900] for now to investigate test failures.
See #54162.
Built from https://develop.svn.wordpress.org/trunk@51901


git-svn-id: http://core.svn.wordpress.org/trunk@51494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-10 01:16:57 +00:00
Sergey Biryukov 0c2f44099a External Libraries: Update getID3 to version 1.9.21.
The latest version includes preliminary PHP 8.1 support, as well as a variety of bug fixes.

Release notes: https://github.com/JamesHeinrich/getID3/releases/tag/v1.9.21

A full list of changes in this update can be found on GitHub:
https://github.com/JamesHeinrich/getID3/compare/v1.9.20...v1.9.21

This commit also includes PHPCS adjustments previously made for a passing PHP Compatibility scan.

Follow-up to [47601], [47737], [47902], [48278], [49621], [50714].

Props jrf, SergeyBiryukov.
Fixes #54162.
Built from https://develop.svn.wordpress.org/trunk@51900


git-svn-id: http://core.svn.wordpress.org/trunk@51493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-10 00:13:58 +00:00
Sergey Biryukov d5887aeec3 Upgrade/Install: Introduce a `move_dir()` function.
This replaces the `copy_dir()` usage in `WP_Upgrader::install_package()` and aims to avoid PHP timeout issues when installing or updating large plugins on slower systems like Vagrant or the WP Docker test environment.

The new function attempts a native PHP `rename()` function first and falls back to the previous `copy_dir()`.

Follow-up to [51815], [51898].

Props afragen, aristath, peterwilsoncc, galbaras, noisysocks, pbiron.
Fixes #54166. See #51857.
Built from https://develop.svn.wordpress.org/trunk@51899


git-svn-id: http://core.svn.wordpress.org/trunk@51492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-09 03:38:57 +00:00
Sergey Biryukov 0f2d2264b5 Site Health: Use an integer value as a fallback in the available disk space check.
This avoids a few type problems further in the code: boolean divided by a number, or passing `false` to `size_format()` which is documented to accept integers or strings only.

Follow-up to [51815].

Props TobiasBg.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@51898


git-svn-id: http://core.svn.wordpress.org/trunk@51491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-09 02:50:56 +00:00
Andrew Ozz aef14e6d1b External Libraries: Update jQuery UI to 1.13.0 final.
Props Clorith, mgol, azaozz.
Fixes #52163.
Built from https://develop.svn.wordpress.org/trunk@51897


git-svn-id: http://core.svn.wordpress.org/trunk@51490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-08 18:06:00 +00:00
Sergey Biryukov c477dcda88 Taxonomy: Populate the `WP_Terms_List_Table::$items` property in `::prepare_items()`.
This allows the parent `WP_List_Table::has_items()` method to work as expected, and the override in the child class can now be removed. It also makes the class more consistent with other list table classes.

As a result of this change, the "Bulk actions" dropdown is no longer unnecessarily displayed if there are no terms.

Follow-up to [15491], [17025], [17026].

Props mattoakley, swissspidy, audrasjb, SergeyBiryukov.
Fixes #54181.
Built from https://develop.svn.wordpress.org/trunk@51896


git-svn-id: http://core.svn.wordpress.org/trunk@51489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-08 00:38:00 +00:00
Sergey Biryukov f57070bfd1 Docs: Add a `@since` note for the new `$parent_block` parameter of several filters:
* `pre_render_block`
* `render_block_data`
* `render_block_context`

Follow-up to [51894].

See #51612.
Built from https://develop.svn.wordpress.org/trunk@51895


git-svn-id: http://core.svn.wordpress.org/trunk@51488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-07 13:15:59 +00:00
Andrew Ozz 2dc8f381ca Apply the `pre_render_block`, `render_block_data`, and `render_block_context` filters when rendering inner/nested blocks. Introdices another param to these filters: `$parent_block` that is the "parent" WP_Block instance for nested blocks and null for top level blocks. Adds unit tests for the filters.
Props noisysocks, gaambo, azaozz.
Fixes #51612.
Built from https://develop.svn.wordpress.org/trunk@51894


git-svn-id: http://core.svn.wordpress.org/trunk@51487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-06 18:49:01 +00:00
Sergey Biryukov b3d3473ba0 Twenty Twenty-One: Remove duplicate `width` and `height` values from social icons.
These values are added dynamically by the `Twenty_Twenty_One_SVG_Icons::get_svg()` method and are not needed in the source array.

Follow-up to [49216].

Props max-dayala, laxman-prajapati, sabernhardt, Presskopp, mukesh27.
Fixes #54208.
Built from https://develop.svn.wordpress.org/trunk@51893


git-svn-id: http://core.svn.wordpress.org/trunk@51486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-06 15:39:05 +00:00
hellofromTonya 84e3375cd7 Permalinks: Move the Nginx documentation link to help sidebar in `wp-admin/options-permalink.php`.
The "Documentation on Nginx configuration." link is out of place being below the "Save Changes" button on the Settings > Permalinks UI.

This commit relocates the link to join the other support related content links in the help tab's "For more information:" right sidebar area.

Follow-up to [34691], [45674].

Props audrasjb, hellofromTonya, johnjamesjacoby, mukesh27, peterwilsoncc, timlappe.
Fixes #39258.
Built from https://develop.svn.wordpress.org/trunk@51892


git-svn-id: http://core.svn.wordpress.org/trunk@51485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-05 23:11:06 +00:00
Sergey Biryukov a1c50512d7 Accessibility: Privacy: Use red color for action buttons on the Erase Personal Data screen:
* "Erase Personal Data" button in the Next Steps column.
* "Force Erase Personal Data" row action.

This highlights the destructive nature of those buttons to avoid an accidental erasure, and is consistent with other similar UI elements in the admin, e.g. various "Delete", "Spam", or "Trash" buttons.

Props arena, sabernhardt, carike, azaozz, joedolson, audrasjb, SergeyBiryukov.
Fixes #49603.
Built from https://develop.svn.wordpress.org/trunk@51891


git-svn-id: http://core.svn.wordpress.org/trunk@51484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-05 20:32:05 +00:00
desrosj dca9c85ff7 Build/Test Tools: Change the patch version used for testing the 5.6 branch of PHP.
This unpins the version of PHP 5.6.20 used when testing the 5.6 branch of PHP.

Using 5.6.20 was an intentional decision in [49162], as that patch version is the oldest version of PHP 5.6 still supported by WordPress. However, as of September 30, 2021, the `5.6.20` image contains a version of OpenSSL with an expired certificate, sometimes resulting in an expired trust chain.

Props Clorith, hellofromTonya, SergeyBiryukov, desrosj.
Merges [51889] to `trunk`.
Fixes #54223.
Built from https://develop.svn.wordpress.org/trunk@51890


git-svn-id: http://core.svn.wordpress.org/trunk@51483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-05 17:34:59 +00:00
hellofromTonya a64837dfde Coding Standards: Use strict type check for `in_array()` in `register_block_script_handle()`.
Follow-up to [51501].

Props aristath, sergeybiryukov.
Fixes #54206. See #53359.
Built from https://develop.svn.wordpress.org/trunk@51888


git-svn-id: http://core.svn.wordpress.org/trunk@51481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-05 16:53:00 +00:00
hellofromTonya 3c16cc2cfb Administration: Allow plugin action links row to wrap.
When there are several action links or the text for these links is long, the plugin name column's width extends causing the other columns to shrink in width. This case is a less than desirable user experience.

The plugin name's column has `white-space: nowrap` (on larger screens). This commit changes the `white-space` to `normal`, allowing the plugin action links row to wrap into more than one line.

Follow-up to [41695].

Props ankit-k-gupta, nekojonez, sabernhardt, sergeybiryukov.
Fixes #53275.
Built from https://develop.svn.wordpress.org/trunk@51887


git-svn-id: http://core.svn.wordpress.org/trunk@51480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-05 15:07:05 +00:00
John Blackbourn cf84fbc988 Docs: Improve various inline documentation for admin bar functions and hooks.
Props audrasjb

See #53399

Built from https://develop.svn.wordpress.org/trunk@51886


git-svn-id: http://core.svn.wordpress.org/trunk@51479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-04 20:46:59 +00:00
John Blackbourn 41995176f6 Docs: Miscellaneous inline documentation improvements, including:
* Document the post statuses global as an array of `stdClass` objects
* Document the taxonomies global as an array of `WP_Taxonomy` objects
* Document the return value of the post count functions as `stdClass` objects
* Fix some typos

See #53399

Built from https://develop.svn.wordpress.org/trunk@51885


git-svn-id: http://core.svn.wordpress.org/trunk@51478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-04 20:44:02 +00:00
Sergey Biryukov fb5454c94f Build/Test Tools: Update the `@wordress/e2e-test-utils` package to version 5.4.3.
This is needed in order to use the [7a33cd43a2/packages/e2e-test-utils/src/rest-api.js REST API functions] implemented in a recent version in Core e2e tests.

Props justinahinon.
Fixes #54215.
Built from https://develop.svn.wordpress.org/trunk@51884


git-svn-id: http://core.svn.wordpress.org/trunk@51477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-04 11:46:23 +00:00
Sergey Biryukov b5f1eb9103 HTTP: Remove the DST Root CA X3 certificate expired on September 30, 2021.
> The currently recommended certificate chain as presented to Let’s Encrypt ACME clients when new certificates are issued contains an intermediate certificate (ISRG Root X1) that is signed by an old DST Root CA X3 certificate that expires on 2021-09-30. In some cases the OpenSSL 1.0.2 version will regard the certificates issued by the Let’s Encrypt CA as having an expired trust chain.
> 
> Most up-to-date CA cert trusted bundles, as provided by operating systems, contain this soon-to-be-expired certificate. The current CA cert bundles also contain an ISRG Root X1 self-signed certificate. This means that clients verifying certificate chains can find the alternative non-expired path to the ISRG Root X1 self-signed certificate in their trust store.
> 
> Unfortunately this does not apply to OpenSSL 1.0.2 which always prefers the untrusted chain and if that chain contains a path that leads to an expired trusted root certificate (DST Root CA X3), it will be selected for the certificate verification and the expiration will be reported.

References:
* [https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ Old Let’s Encrypt Root Certificate Expiration and OpenSSL 1.0.2]
* [https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ DST Root CA X3 Expiration (September 2021)]

Follow-up to [25224], [25426], [25569], [27307], [30491], [30765], [34283], [35919], [36570], [46094].

Props bradleyt, fierevere.
Fixes #54207. See #50828.
Built from https://develop.svn.wordpress.org/trunk@51883


git-svn-id: http://core.svn.wordpress.org/trunk@51476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-03 17:51:06 +00:00
TimothyBlynJacobs bb7a0cf334 REST API: Sort widget types by their id.
Fixes #53303.
Props spacedmonkey.

Built from https://develop.svn.wordpress.org/trunk@51882


git-svn-id: http://core.svn.wordpress.org/trunk@51475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-02 21:45:03 +00:00
Sergey Biryukov e286586eda Twenty Twenty-One: Keep the closing `</span>` tag in footer links.
When the `link_after` value is emptied to reset any description markup, make sure not to remove the closing tag within footer links.

Follow-up to [49216].

Props sabernhardt, mukesh27.
Fixes #54209.
Built from https://develop.svn.wordpress.org/trunk@51881


git-svn-id: http://core.svn.wordpress.org/trunk@51474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-02 17:06:00 +00:00
hellofromTonya b3c6ad3a6b Administration: Enable first and last page buttons in `WP_List_Table::pagination()`.
Previously the first and last page pagination buttons were disabled when on their next or previous page respectively. This commit removes that unnecessary logic to keep these buttons enabled and avoid confusion in the user's navigation workflow. 

New behavior:
- When on page 2, the go to first page `«` button is enabled
- When on the page before the last page, the go to last page `»` button is enabled

Follow-up to [32948], [47219].

Props wp_kc, ronakganatra, knutsp, sabernhardt, Hareesh Pillai, audrasjb, hellofromTonya.
Fixes #42763.
Built from https://develop.svn.wordpress.org/trunk@51880


git-svn-id: http://core.svn.wordpress.org/trunk@51473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-01 18:39:58 +00:00
Sergey Biryukov 3fd3bc0cde Coding Standards: Use strict comparison in `wp-includes/class-wp-http-ixr-client.php`.
Follow-up to [16064], [16871], [17928].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51879


git-svn-id: http://core.svn.wordpress.org/trunk@51472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-01 15:00:58 +00:00
hellofromTonya bc217668e2 App Passwords: Remove placeholder from the app password name input field.
In [49294, 49752], the `placeholder` attribute changed to `"WordPress App on My Phone"`. This change causes confusion as the field can be used in a variety of ways and is not limited to a phone.

Given a label exists for each field and clearly identifies its purpose, this commit removes the `placeholder` attribute from the `input` field.

Follow-up to [49109], [49294], [49752].

Props seedsca, audrasjb, joedolson, rehanali.
Fixes #54047.
Built from https://develop.svn.wordpress.org/trunk@51878


git-svn-id: http://core.svn.wordpress.org/trunk@51471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-01 13:49:00 +00:00
Sergey Biryukov 1cad6cfc26 Coding Standards: Use strict comparison in `wp-includes/class-http.php`.
Follow-up to [10625], [10864], [13274], [29661], [33748], [47508], [47808].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51877


git-svn-id: http://core.svn.wordpress.org/trunk@51470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-30 14:05:02 +00:00
Sergey Biryukov fee2d3ed94 Docs: Improve documentation for `WP_Admin_Bar` methods.
Add some missing descriptions and `@since` tags.

Follow-up to [15671], [19120], [19429], [19501], [19558], [25475], [25478], [25563], [32534], [35157], [40947], [45821], [48826].

Props yagniksangani, hellofromTonya, audrasjb, sabernhardt, mukesh27, rehanali, SergeyBiryukov.
Fixes #54191.
Built from https://develop.svn.wordpress.org/trunk@51876


git-svn-id: http://core.svn.wordpress.org/trunk@51469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-29 13:39:59 +00:00
Sergey Biryukov 06cea7de84 Twenty Twenty-One: Remove duplicate class name from localized `font-family` elements.
Follow-up to [46613], [49216], [51874].

Props tmatsuur, aezazshekh.
See #54196.
Built from https://develop.svn.wordpress.org/trunk@51875


git-svn-id: http://core.svn.wordpress.org/trunk@51468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-28 10:02:57 +00:00
Sergey Biryukov e7cfe2c963 Twenty Twenty: Remove duplicate class name from localized `font-family` elements.
Follow-up to [46613].

Props tmatsuur, aezazshekh.
Fixes #54196.
Built from https://develop.svn.wordpress.org/trunk@51874


git-svn-id: http://core.svn.wordpress.org/trunk@51467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-28 10:00:59 +00:00
Sergey Biryukov 8c52bfe712 Coding Standards: Remove duplicate assignment from a ternary operator in `WP_MS_Sites_List_Table::site_states()`.
Adjust similar code in `_post_states()` and `_media_states()` for consistency.

Follow-up to:
* [12897], [15491], [32755], [46153], [48424] for `WP_MS_Sites_List_Table::site_states()`.
* [17793], [47775], [49223] for `_media_states()`.
* [9153], [46309] for `_post_states()`.

Props joelcj91, audrasjb, desrosj.
Fixes #38296.
Built from https://develop.svn.wordpress.org/trunk@51873


git-svn-id: http://core.svn.wordpress.org/trunk@51466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-27 00:37:01 +00:00
Sergey Biryukov e85dab2fa8 Tests: Update the `Services_JSON` test for PHPUnit 9.5.10/8.5.21+.
Since PHPUnit 9.5.10 and 8.5.21, PHP deprecations are no longer converted to exceptions by default (`convertDeprecationsToExceptions="true"` can be configured to enable this).

Reference: [fac02620f6 Do not convert PHP deprecations to exceptions by default]; [https://github.com/sebastianbergmann/phpunit/blob/9.5.10/ChangeLog-9.5.md#9510---2021-09-25 PHPUnit 9.5.10 changelog].

With this change, the test for the `Services_JSON` compat class started failing:
{{{
There was 1 failure:

1) Tests_Compat_jsonEncodeDecode::test_json_encode_decode
Failed asserting that exception of type "PHPUnit\Framework\Error\Deprecated" is thrown.
}}}

This converts the native PHPUnit `::expectDeprecation()` method call in the test to a set of individual WP-specific `::setExpectedDeprecated()` method calls in order to not depend on PHPUnit behavior that is no longer the default.

Additionally, this commit includes support for catching deprecation notices from `_deprecated_file()` function calls to the `WP_UnitTestCase_Base::expectDeprecated()` method.

Follow-up to [46205], [46625], [48996], [51563], [51852], [51871].

Props jrf, netweb, SergeyBiryukov.
See #54183, #54029, #53363.
Built from https://develop.svn.wordpress.org/trunk@51872


git-svn-id: http://core.svn.wordpress.org/trunk@51465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-26 03:28:58 +00:00
Sergey Biryukov d227f83302 Build/Test Tools: Update PHPUnit configuration for PHPUnit 9.5.10/8.5.21+.
Since PHPUnit 9.5.10 and 8.5.21, PHP deprecations are no longer converted to exceptions by default (`convertDeprecationsToExceptions="true"` can be configured to enable this).

Reference: [fac02620f6 Do not convert PHP deprecations to exceptions by default]; [https://github.com/sebastianbergmann/phpunit/blob/9.5.10/ChangeLog-9.5.md#9510---2021-09-25 PHPUnit 9.5.10 changelog].

Let's unpack this:

Previously (PHPUnit < 9.5.10/8.5.21), if PHPUnit would encounter a PHP native deprecation notice, it would:
1. Show a test which causes a deprecation notice to be thrown as **"errored"**,
2. Show the **first** deprecation notice it encountered and
3. PHPUnit would exit with a **non-0 exit code** (2), which will fail a CI build.

As of PHPUnit 9.5.10/8.5.21, if PHPUnit encounters a PHP native deprecation notice, it will no longer do so. Instead PHPUnit will:
1. Show a test which causes a PHP deprecation notice to be thrown as **"risky"**,
2. Show the **all** deprecation notices it encountered and
3. PHPUnit will exit with a **0 exit code**, which will show a CI build as passing.

This commit reverts PHPUnit to the previous behaviour by adding `convertDeprecationsToExceptions="true"` to the PHPUnit configuration. It also adds the other related directives for consistency.

Props jrf, netweb, costdev, SergeyBiryukov.
See #54183.
Built from https://develop.svn.wordpress.org/trunk@51871


git-svn-id: http://core.svn.wordpress.org/trunk@51464 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-26 03:12:57 +00:00
Sergey Biryukov 7d3ddd45f6 Tests: Don't skip some Ajax tests on multisite, add them to the `ms-excluded` group instead.
Follow-up to [46693], [49835].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51870


git-svn-id: http://core.svn.wordpress.org/trunk@51463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-26 00:14:03 +00:00
Sergey Biryukov 0d262c0b50 Tests: Remove unnecessary `setUp()` and `tearDown()` methods in multisite tests.
These were originally added in [26252] to suppress database errors on `setUp()` and restore on `tearDown()` for tests that call `wpmu_create_blog()`, blog factory, or installation code that attempts to clear transients.

As the multisite test coverage expanded, these methods ended up being unnecessarily copied into other test classes, where database error suppression is not required.

Follow-up to [26252], [29916], [30286], [33184], [34898], [34899], [34901], [37234], [37477], [37894], [49212], [49616], [51859].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51869


git-svn-id: http://core.svn.wordpress.org/trunk@51462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-25 01:28:57 +00:00
hellofromTonya 9de31fa1ab Build/Test Tools: Remove the PHPUnit container from local Docker environment.
This commit:

* Removes the PHPUnit `wordpressdevelop/phpunit` container as a service to the Docker environment.
* Updates `test:php` (the default way to run tests) to run the Composer PHPUnit package  default.
* Removes the `test:php-composer` script.

There is no longer a need for core to keep the `wordpressdevelop/phpunit` container as a service in `docker-compose.yml`. Removing it will reduce the overhead and bandwidth needed to set up WordPress locally and remove confusion about its use.

Follow-up to [45783-45784], [49099], [49362], [51545], [51736], [51685].

Props johnbillion, hellofromTonya.
Fixes #54112.
Built from https://develop.svn.wordpress.org/trunk@51868


git-svn-id: http://core.svn.wordpress.org/trunk@51461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-24 16:56:00 +00:00
Sergey Biryukov 71d35a918f Tests: Rename classes in `phpunit/tests/multisite/` per the naming conventions.
https://make.wordpress.org/core/handbook/testing/automated-testing/writing-phpunit-tests/#naming-and-organization

Follow-up to [47780], [48911], [49327], [50291], [50292], [50342], [50452], [50453], [50456], [50967], [50968], [50969], [51491], [51492], [51493], [51623], [51639], [51646], [51650], [51651].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51860


git-svn-id: http://core.svn.wordpress.org/trunk@51459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-24 00:46:56 +00:00
Sergey Biryukov b19cb16e34 Tests: Further improve the tests for `avoid_blog_page_permalink_collision()`:
* Rename the test filename and class to match the name of the function being tested.
* Remove unnecessary `setUp()` and `tearDown()` methods.
* Replace the `only` test group with `post`.

Follow-up to [51855-51857].

See #51147.
Built from https://develop.svn.wordpress.org/trunk@51859


git-svn-id: http://core.svn.wordpress.org/trunk@51458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-24 00:30:56 +00:00
Sergey Biryukov 6341115d9c Tests: Correct the `@ticket` reference in `wp_terms_checklist()` tests.
Follow-up to [48880].

See #53363, #51137.
Built from https://develop.svn.wordpress.org/trunk@51858


git-svn-id: http://core.svn.wordpress.org/trunk@51457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-24 00:13:57 +00:00
hellofromTonya e2b13ae81b Build/Test Tools: Upgrades `Tests_Multisite_MS_Permalink_Collision` fixture methods and strict assertion.
Improvements include:

- Upgrades the test fixture methods to the new snake_case methods.
- Reorders the fixture methods for consistency.
- Uses strict assertions of assertSame and assertNotSame.

Follow-up to [51855-51856].

Props hellofromTonya.
See #51147.
Built from https://develop.svn.wordpress.org/trunk@51857


git-svn-id: http://core.svn.wordpress.org/trunk@51456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-23 21:30:57 +00:00
whyisjake 7ce933c695 Coding Standards: Fix the alignment of the array.
Unprops: whyisjake.
See [51855].

Built from https://develop.svn.wordpress.org/trunk@51856


git-svn-id: http://core.svn.wordpress.org/trunk@51455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-23 20:34:56 +00:00
whyisjake f2d1e16f50 Posts, Post Types: Don't add a trailing number when there is a unique post parent.
WordPress tries to avoid an issue where slugs might match an existing slug of a page/post. 
If we are in a hierarchical post type, there will be a level, and we can leave it the same.

Props stormrockwell, SergeyBiryukov, terriann, tubys, jeremyfelt, Daschmi, MaximeCulea, knutsp, whyisjake.
Fixes #51147.
See also #44112 and #45260.

Built from https://develop.svn.wordpress.org/trunk@51855


git-svn-id: http://core.svn.wordpress.org/trunk@51454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-23 20:27:58 +00:00
Sergey Biryukov 052b00b0c4 Docs: Fix typo in the `$clear_working` parameter description in `WP_Upgrader` methods.
Follow-up to [30758], [51527].

Props zenithcity, aezazshekh, pbiron, mukesh27.
Fixes #54163.
Built from https://develop.svn.wordpress.org/trunk@51854


git-svn-id: http://core.svn.wordpress.org/trunk@51453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-23 14:23:01 +00:00
hellofromTonya 847b7d8690 Code Modernization: Fix "passing null to non-nullable" deprecation in `_mb_substr()`.
The `_mb_substr()` function expects a string for the `$str` parameter, but does not do input validation. This function contains a `preg_match_all()` which also expects a string type for the given subject (i.e. `$str`). 

Passing `null` to this parameter results in `preg_match_all(): Passing null to parameter #2 ($subject) of type string is deprecated` notice on PHP 8.1.

To maintain the same behaviour as before, a guard clause is added to bail out early when `$str` is passed as `null`. The outcome will, in that case, only ever be an empty string.

Note: this does mean that the `_mb_substr()` function now has a subtle difference in behaviour compared to the PHP native `mb_substr()` function as the latter ''will'' throw the deprecation notice.

The existing tests already cover this issue.

Follow-up to [17621], [36017], [32364].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51853


git-svn-id: http://core.svn.wordpress.org/trunk@51452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-22 23:34:57 +00:00
hellofromTonya f52bf291cb Build/Test Tools: Splits and improves `compat` tests.
Splits the tests in the `tests/phpunit/tests/compat.php` file up into individual test classes for each function being tested.

Improvements to individual test cases:
* Adds `@covers` tags.
* Adds visibility modifiers to all methods.
* Adds function availability test.
* Where relevant, fixes the assertion parameter order.
* Data provider:
   * Where relevant, reworks a test to use a data provider.
   * Where relevant, renames data provider methods to have a more obvious link to the test it applies to.
   * Makes the data provider more readable by adding keys within the data sets.
   * Moves the data provider below its associated tests.
   * Adds/removes data sets in data providers.
* Makes the actual test code more readable by using descriptive variables and multi-line function calls.
* Adds the `$message` parameter to all assertions when a test method contains more than one assertion.

Specifically for the `_mb_substr()` tests:
* Splits the `test_mb_substr_phpcore()` method into two test methods based on the PHP Core test files they are emulating.
* Makes the actual test code within the `test_mb_substr_phpcore_basic()` method more readable by using descriptive variables and multi-line function calls.
* Splits the data used for the second part of the `test_mb_substr_phpcore()` function, now `test_mb_substr_phpcore_input_type_handling()`, off into a separate data provider with named data sets.
* Removes duplicate data sets from the `data_mb_substr_phpcore_input_type_handling()`. 
   * Why? The PHP native tests test against upper/lowercase `false`, `true`, `null` and some other text string single quote/double quote variations. As things were, those differentiations had been undone when the coding standards were put in place, so in effect those weren't being tested anymore. And as this is userland code, there's no point in adding these differentiations back as they will be handled the same by PHP anyway (and that is safeguarded via the PHP native tests).
* Removes the "undefined variable" and "unset variable" test cases as, while those are relevant to the C code in which PHP is written, they are not relevant for testing userland code and will behave the same as the test passing `null`.

Follow-to [25002], [32364], [42228], [42343], [43034], [43036], [43220], [43571], [45607], [47122], [47198], [48937], [48996], [51415], [51563], [51594].

Props jrf, hellofromTonya.
See #39265, #53363.
Built from https://develop.svn.wordpress.org/trunk@51852


git-svn-id: http://core.svn.wordpress.org/trunk@51451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-22 23:06:56 +00:00
John Blackbourn 6e1cc35a98 Docs: Miscellaneous docblock corrections and improvements.
See #52217, #53399

Built from https://develop.svn.wordpress.org/trunk@51851


git-svn-id: http://core.svn.wordpress.org/trunk@51450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-22 21:23:00 +00:00
John Blackbourn 07f3c35467 General: Fix code quality issues which were identified by static analysis.
This fixes minor issues that could cause PHP notices under the right conditions, and fixes some general incorrectness.

Props jrf, hellofromTonya for review

See #52217

Built from https://develop.svn.wordpress.org/trunk@51850


git-svn-id: http://core.svn.wordpress.org/trunk@51449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-22 21:01:00 +00:00
Sergey Biryukov a016bf3172 Docs: Update description for `retrieve_widgets()` per the documentation standards.
Follow-up to [51842].

See #53811.
Built from https://develop.svn.wordpress.org/trunk@51849


git-svn-id: http://core.svn.wordpress.org/trunk@51448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-22 14:11:00 +00:00
Andrew Ozz 25daf03a8e Update and enhance the docs for `retrieve_widgets()`.
Props zieladam, hellofromtonya.
Fixes #53811.
Built from https://develop.svn.wordpress.org/trunk@51842


git-svn-id: http://core.svn.wordpress.org/trunk@51447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-21 22:13:57 +00:00
John Blackbourn 01ff7448d2 Formatting: Pass the block instance as a parameter to the `render_block` filters.
This allows filters to access properties and methods on the block instance.

Fixes #53596

Built from https://develop.svn.wordpress.org/trunk@51841


git-svn-id: http://core.svn.wordpress.org/trunk@51446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-21 21:32:57 +00:00
John Blackbourn ae9eae8f64 Docs: Document some more common names for dynamic hooks and standardise the phrasing used.
Fixes #53581

Built from https://develop.svn.wordpress.org/trunk@51837


git-svn-id: http://core.svn.wordpress.org/trunk@51444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-21 18:21:00 +00:00
Sergey Biryukov 70f1109c9f Docs: Add `@since` notes to `register_setting()` for the deprecated `misc` and `privacy` option groups.
Follow-up to [13745], [13746], [13749], [21838], [51827].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51832


git-svn-id: http://core.svn.wordpress.org/trunk@51439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-21 13:22:01 +00:00
hellofromTonya eb85900d55 Build/Test Tools: Fix null handling and string type casting in `WP_UnitTestCase_Base::assertSameIgnoreEOL()`.
Basically, the whole `assertSameIgnoreEOL()` assertion was fundamentally flawed. The assertion contends that it checks that the expected and actual values are of the same type and value, but the reality was very different.

* The function uses `map_deep()` to potentially handle all sorts of inputs.
* `map_deep()` handles arrays and objects with special casing, but will call the callback on everything else without further distinction.
* The callback used passes the expected/actual value on to the `str_replace()` function to remove potential new line differences.
* And the `str_replace()` function will - with a non-array input for the `$subject` - always return a string.
* The output of these calls to `map_deep()` will therefore have "normalized" _all properties_ in objects, _all values_ in arrays and _all non-object, non-array values_ to strings.
* And a call to `assertSame()` will therefore NEVER do a proper type check as the type of all input has already, unintentionally, been "normalized" to string.

Aside from this clear flaw in the design of the assertion, PHP 8.1 now exposes a further issue as a `null` value for an object property, an array value or a plain value, will now yield a ` str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated` notice.

To fix both these issues, the fix in this PR ensures that the call to `str_replace()` will now only be made if the input is a text string.
All other values passed to the callback are left in their original type.

This ensures that a proper value AND type comparison can be done as well as prevents the PHP 8.1 deprecation notices.

Ref:
* https://developer.wordpress.org/reference/functions/map_deep/
* https://www.php.net/manual/en/function.str-replace.php

This commit:
- Fixes type-casting of non-string values to `string` (the flawed part of this assertion) by invoking `str_replace()` when the value is of string type.
- Fixes the PHP 8.1 `str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated` deprecation notice.
- Micro-optimization: skips `map_deep()` when actual and/or expected are `null` (no need to process).
- Adjusts the method documentation for both this method and the `assertEqualsIgnoreEOL()` alias method to document that the `$expected` and `$actual` parameters can be of any type.

Follow-up to [48937], [51135], [51478].

Props jrf, hellofromTonya.
See #53363, #53635.
Built from https://develop.svn.wordpress.org/trunk@51831


git-svn-id: http://core.svn.wordpress.org/trunk@51438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 19:59:55 +00:00
hellofromTonya bb4c9b56f3 REST API: Fix autovivification deprecation notice in `WP_Test_REST_Widgets_Controller::set_up()`.
If the `'widget_testwidget'` option does not exist, `false` was returned from `get_option()`. The `set_up()` logic expects an `array()` and assigns values to keys without checking for an array. The automatic creation of an array (autovivification) triggers a `Deprecated: Automatic conversion of false to array is deprecated in` deprecation notice on PHP 8.1.

This commit:
- Fixes the deprecation notice by making the default value an empty array.
- Moves getting the option within the conditional where it's needed.
- Provides a micro-optimization by only getting the options when the conditions are correct for processing.
- Makes the code consistent within the `set_up()` for both `get_option()` instances.

Follow-up to [51029].

Props jrf, hellofromTonya, BinaryKitten.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51830


git-svn-id: http://core.svn.wordpress.org/trunk@51437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 18:49:58 +00:00
hellofromTonya 1c55ce2482 Login and Registration: Fix "passing null to non-nullable" deprecation for `authorize_application` error message.
If there is no URL query in the `$_GET['redirect_to'], `wp_parse_url()` will return `null`. Passing `null` to `parse_str()` results in a PHP 8.1 deprecation notice
{{{
Deprecated: parse_str(): Passing null to parameter #1 ($string) of type string is deprecated
}}}

This commit:
- Fixes the deprecation notice.
- Skips doing the `parse_str()` when there's no URL query.
- Provides a micro-optimization performance boost.

Follow-up to [49109].

Props jrf, hellofromTonya, BinaryKitten.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51829


git-svn-id: http://core.svn.wordpress.org/trunk@51436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 18:22:57 +00:00
hellofromTonya e2f3071988 Build/Test Tools: Improve Composer update command in bootstrap error messages.
Refines the test bootstrap error message to include the `-W` in the Composer update command.

Why?

To also update the chain of dependencies for the tests' dependencies. 

`composer update` will update the tests' direct dependencies.
 
`composer update -W` will update the dependencies including *their* dependencies, which is the recommended course of action for WP.

Follow-up to [51598], [51811], [51813].

Props jrf.
See #46149.
Built from https://develop.svn.wordpress.org/trunk@51828


git-svn-id: http://core.svn.wordpress.org/trunk@51435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 16:44:59 +00:00
johnjamesjacoby 79c59fa78c Docs: Remove deprecated option groups from `register_setting()` and `add_option_update_handler()`.
* `misc` was deprecated in version 3.0.0.
* `privacy` was deprecated in version 3.5.0.

See #53399.


Built from https://develop.svn.wordpress.org/trunk@51827


git-svn-id: http://core.svn.wordpress.org/trunk@51434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 16:20:00 +00:00
Sergey Biryukov 64857a2a8e Coding Standards: Rename the `$processedHeaders` variable to `$processed_headers` in `WP_Http::request()`.
This fixes a `Variable "$processedHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8620], [51823].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51826


git-svn-id: http://core.svn.wordpress.org/trunk@51433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-20 12:07:00 +00:00
Sergey Biryukov baa81b67d1 Coding Standards: Rename the `$arrURL` variable to `$parsed_url` in `WP_Http_Streams::request()`.
This fixes a `Variable "$arrURL" is not in valid snake_case format` WPCS warning.

Follow-up to [8620], [10509], [25044], [25224], [45667], [51823], [51824].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51825


git-svn-id: http://core.svn.wordpress.org/trunk@51432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-19 17:00:57 +00:00
Sergey Biryukov 4892fd7bac Coding Standards: Rename the `$arrURL` variable to `$parsed_url` in `WP_Http_Cookie::__construct()`.
This fixes a `Variable "$arrURL" is not in valid snake_case format` WPCS warning.

Follow-up to [10509], [25044], [45667], [51823].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51824


git-svn-id: http://core.svn.wordpress.org/trunk@51431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-19 16:59:56 +00:00
Sergey Biryukov dfbdd86d59 Coding Standards: Rename the `$arrURL` variable to `$parsed_url` in `WP_Http::request()`.
This fixes a `Variable "$arrURL" is not in valid snake_case format` WPCS warning.

Follow-up to [10509], [45667].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51823


git-svn-id: http://core.svn.wordpress.org/trunk@51430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-19 16:58:59 +00:00
Sergey Biryukov 01e6d31b3f Coding Standards: Use strict comparison in `wp-inclues/class-wp-http-cookie.php`.
Follow-up to [10512].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51822


git-svn-id: http://core.svn.wordpress.org/trunk@51429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-18 19:56:04 +00:00
Gary Pendergast 8a5e9b79ed Embeds: Add Pinterest as a trusted oEmbed provider.
Props ayeshrajans, pento.

Fixes #53448.

Built from https://develop.svn.wordpress.org/trunk@51821


git-svn-id: http://core.svn.wordpress.org/trunk@51428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-17 03:13:56 +00:00
Sergey Biryukov 8feb26bcfe Twenty Twenty-One: Add missing escaping for the "Secondary menu" label.
Props muhammadfaizanhaidar, teucrium, sabernhardt, mukesh27, SergeyBiryukov.
Fixes #54127.
Built from https://develop.svn.wordpress.org/trunk@51820


git-svn-id: http://core.svn.wordpress.org/trunk@51427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-16 21:32:00 +00:00
jorgefilipecosta 5932bb0f8e Block editor: Cache global stylesheet by theme key.
Global styles are used in a few different contexts (front, editor, customizer, the theme directory). In the last two contexts, it's important that switching themes immediately refreshes the global stylesheet, to avoid situations in which the styles of the previous theme load with the new one. This was brought up at WordPress/gutenberg#34531 (customizer) and at meta.trac.wordpress.org/ticket/5818 (theme directory).
This commit makes sure the stylesheet is regenerated upon switching themes.

Props oandregal, dd32.
See #53175.
Built from https://develop.svn.wordpress.org/trunk@51819


git-svn-id: http://core.svn.wordpress.org/trunk@51426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-16 18:05:00 +00:00
hellofromTonya 4fe5f325ad Options, Meta APIs: Fix "passing null to non-nullable" deprecations to `(get|add|update|delete)_option()`.
In all four of the `get_option()`, `add_option()`, `update_option()` and `delete_option()` functions, the `$option` parameter (i.e. the option name) is passed to the PHP native `trim()` function without prior input validation.

In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` for each of these functions.

`trim()`:

- expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace.
- will always return a `string`, which means that in practice for any non-string values passed, it would effectively function as a type cast to string.

This commit:
- Adds a check to verify the `$option` name is a scalar before processing it with `trim()`.
- The "type cast" behavior is maintained.
- If the given `$option` name is not a scalar, such as `null`, the fix prevents the PHP 8.1 deprecation notice.
- Tests are added for valid but undesired option names to safeguard against regressions.

This issue is already covered by:
- the existing `Tests_Option_Option::test_bad_option_names()` test group.
- the new `test_valid_but_undesired_option_names()` tests.

Follow-up to [13858], [22633], [23510], [25002], [51817].

Props jrf, hellofromTonya, pbearne.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51818


git-svn-id: http://core.svn.wordpress.org/trunk@51425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-15 22:19:58 +00:00
hellofromTonya 8dd2206ab1 Build/Test Tools: Reworks `Tests_Option_Option::test_bad_option_names()` into data provider.
The existing tests were running multiple functions through a `foreach()`. If any test failed, it would bail out and not test against the other scenarios.

This commit:

- Moves the scenarios to a data provider with named data sets, i.e. to ensure all scenarios are run and tested regardless if any fail.
- Splits each function under test into individual test methods.
- Adds a float scenario.
- Adds method visibility modifiers.

Follow-up to [25002].

Props jrf, hellofromTonya, pbearne.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51817


git-svn-id: http://core.svn.wordpress.org/trunk@51424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-15 21:22:58 +00:00
hellofromTonya 4b9a809bd7 Media: Fix `$content` parameter default value in `img_caption_shortcode()`.
The shortcode content is expected to be a string, not `null`. `do_shortcode()` expects a string for `$content`.

The `img_caption_shortcode()` also expects a string for the `$content` parameter and is expected to return a string for the HTML content to display the caption. 

Prior to this commit:
The default value for the `$content` parameter was set to `null`. If no `$content` was passed, the function:
- could return `null` when the `$atts['width'] < 1` or there was no caption
- else, it invoked `do_shortcode( $content )` passing `null` which on PHP 8.1+ triggers a deprecation notice:
{{{
strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
}}}

This commit:

- Fixes the default `$content` value to align to the expected shortcode content of `string`, not `null`.
- Fixes the PHP 8.1 deprecation notice when `null` was being passed to `do_shortcode()`.
- Changes the assertion in a couple of tests to check for the empty string instead of `null.

Follow-up to [8196], [8925], [8239], [26915], [31530], [42704].

Props jrf, hellofromTonya, azaozz, joedolson.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51816


git-svn-id: http://core.svn.wordpress.org/trunk@51423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-15 19:06:57 +00:00
Sergey Biryukov dcca93232b Upgrade/Install: Create a temporary backup of plugins and themes before updating.
This aims to make the update process more reliable and ensures that if a plugin or theme update fails, the previous version can be safely restored.

* When updating a plugin or theme, the old version is moved to a temporary backup directory:
 * `wp-content/upgrade/temp-backup/plugins/[plugin-slug]` for plugins
 * `wp-content/upgrade/temp-backup/themes/[theme-slug]` for themes.

* If the update fails, then the temporary backup kept in the `upgrade/temp-backup` directory is restored to its original location.
* If the update succeeds, the temporary backup is deleted.

To further help troubleshoot plugin and theme updates, two new checks were added to the Site Health screen:
* A check to make sure that the `temp-backup` directory is writable.
* A check that there is enough disk space available to safely perform updates.

To avoid confusion: The `temp-backup` directory will NOT be used to "roll back" a plugin to a previous version after a completed update. This directory will simply contain a transient backup of the previous version of a plugin or theme being updated, and as soon as the update process finishes, the directory will be empty.

Props aristath, afragen, pbiron, dd32, poena, TimothyBlynJacobs, audrasjb, mikeschroder, a2hosting, hellofromTonya, KZeni, galbaras, richards1052, Boniu91, mai21, francina, SergeyBiryukov.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@51815


git-svn-id: http://core.svn.wordpress.org/trunk@51422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-15 18:41:00 +00:00
Sergey Biryukov a13f7b31cd I18N: Add a translator comment to clarify the "Block HTML" string in the Block widget settings form.
The string refers to HTML code of the block, not an option that blocks HTML.

Follow-up to [50995].

Props Amieiro, NekoJonez, knutsp, johnbillion, namith.jawahar, SergeyBiryukov.
Fixes #54110.
Built from https://develop.svn.wordpress.org/trunk@51814


git-svn-id: http://core.svn.wordpress.org/trunk@51421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-15 11:49:01 +00:00
hellofromTonya 3e3c3541e5 Build/Test Tools: Expect an absolute path in `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant.
This commit:
* Removes the use of `realpath()` to prevent issues with WSL and other virtualized filesystems.
* Changes the logic of the Polyfill bootstrap loading to expect an absolute path, rather than a relative path to the root directory of the PHPUnit Polyfills library.
* Adjusts the relevant inline documentation and error messages to expect an absolute path.
* Breaks up error messages into smaller line lengths for readability.

Follow-up to [51598], [51810], [51811], [51812].

Props jrf, schlessera, hellofromTonya, jeherve, lucatume.
See #46149.
Built from https://develop.svn.wordpress.org/trunk@51813


git-svn-id: http://core.svn.wordpress.org/trunk@51420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 18:53:57 +00:00
hellofromTonya dde311cae9 Build/Test Tools: Improve messaging when PHPUnit Polyfills do not comply with version requirements.
Previously, two situations were taken in to account:
1. The `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant is defined => just show a message about the version mismatch.
2. The constant is not defined => show a message to run `composer update`. This message is intended for people trying to run the WP Core tests.

This could lead to an unclear situation for people trying to run plugin/theme integration tests without the new `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant being defined.

They could be shown the message to run `composer update` while if they would do so for their local install without adding the Polyfills, the message would still display the next time they would attempt to run the tests.

This commit:
1. Provides more information about the PHPUnit Polyfills version detected vs the version expected.
2. Shows a more specific message to guide users which have the `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant declared.
3. Only shows the message to run `composer update` when the `WP_RUN_CORE_TESTS` constant is declared to prevent confusing people more.

Follow-up to [51598], [51810], [51811].

Props jrf, schlessera, hellofromTonya, jeherve, lucatume.
See #46149.
Built from https://develop.svn.wordpress.org/trunk@51812


git-svn-id: http://core.svn.wordpress.org/trunk@51419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 18:48:56 +00:00
hellofromTonya 0c8b83a7c2 Build/Test Tools: Improve messaging when PHPUnit Polyfills cannot be found.
Previously, two situations were taken in to account:
1. The `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant is defined => show message specific to that constant not being set correctly.
    This message would typically be shown for plugin/theme integration tests which are already aware of the changes in WP 5.9.
2. The constant is not defined => show a message to run `composer update`.
    This message is intended for people trying to run the WP Core tests.

This left two situations unaccounted for:
- Someone trying to run the WP Core tests, but not having set the `WP_RUN_CORE_TESTS` constant or not having set it to `1`.
- Someone trying to run plugin/theme integration tests without the new `WP_TESTS_PHPUNIT_POLYFILLS_PATH` constant being defined as they are not (yet) aware of the changes made in WP 5.9.

The changes made in this commit, are intended to improve the error messages displayed in those situations.

Follow-up to [51598], [51810].

Props jrf, schlessera, hellofromTonya, jeherve, lucatume.
See #46149.
Built from https://develop.svn.wordpress.org/trunk@51811


git-svn-id: http://core.svn.wordpress.org/trunk@51418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 18:41:56 +00:00
hellofromTonya 130040c54e Build/Test Tools: Make `WP_TESTS_PHPUNIT_POLYFILLS_PATH` more flexible.
The constant `WP_TESTS_PHPUNIT_POLYFILLS_PATH` is intended to contain the path to the root directory of the PHPUnit Polyfills library without trailing slash.

The code already took into account that the value could potentially include a trailing slash.

Now it will also take into account if it is accidentally set to point to the autoload file instead of the path.

Follow-up to [51598].

Props jrf, schlessera, hellofromTonya, jeherve, lucatume.
See #46149.
Built from https://develop.svn.wordpress.org/trunk@51810


git-svn-id: http://core.svn.wordpress.org/trunk@51417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 18:33:57 +00:00
Sergey Biryukov d6cb1e4317 Docs: Update description for the `$wp_version` global.
In addition to holding the version number, the WordPress version string is used to bust caches and to enable development mode for scripts when running from the `/src` directory.

Follow-up to [803], [2585], [6554], [47230].

Props muhammadfaizanhaidar, azaozz.
Fixes #53413.
Built from https://develop.svn.wordpress.org/trunk@51809


git-svn-id: http://core.svn.wordpress.org/trunk@51416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 17:31:59 +00:00
Sergey Biryukov 128975e7ce Twenty Seventeen: Make blog header margin more specific on front page.
This avoids a large gap between title and content when the layout is set to one column.

Props laurelfulford, sabernhardt, hirofumi2012, jainnidhi, mukesh27.
Fixes #43628.
Built from https://develop.svn.wordpress.org/trunk@51808


git-svn-id: http://core.svn.wordpress.org/trunk@51415 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-14 10:19:01 +00:00
Sergey Biryukov 7d6308c3c7 Twenty Eleven: Set a fixed height for search form when header image is added.
This ensures that the search form does not collide with the menu on smaller screens.

Props sabernhardt, fedepia, Soean, lukecavanagh, mukesh27.
Fixes #40398.
Built from https://develop.svn.wordpress.org/trunk@51807


git-svn-id: http://core.svn.wordpress.org/trunk@51414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-13 20:41:56 +00:00
hellofromTonya e838c96df4 Code Modernization: Fix "passing null to non-nullable" deprecation notice in `WP_Comment_Query::get_comment_ids()`.
The `WP_Comment_Query::get_comment_ids()` method is supposed to handle `null` as a search query, but was throwing a `strlen(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1.

Discovered via and already covered via the pre-existing `Tests_Comment_Query::test_search_null_should_be_ignored()` test method.

Follow-up to [36345], [48275].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51806


git-svn-id: http://core.svn.wordpress.org/trunk@51413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-13 18:54:59 +00:00
Sergey Biryukov 65ff35bb75 Site Health: Move the Imagick entry higher in the list of recommended PHP extensions.
This better matches its position in the [https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions Hosting Team's handbook] recommendations.

Follow-up to [44986], [46268], [51804].

See #52654.
Built from https://develop.svn.wordpress.org/trunk@51805


git-svn-id: http://core.svn.wordpress.org/trunk@51412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-12 10:09:57 +00:00
Sergey Biryukov e76b896881 Site Health: Add Intl to the list of recommended PHP extensions.
**Why is the PHP Intl extension important?**

WordPress is a global, international software, with support for a multitude of languages and with infinite combinations. Approximately half of the installations are in a language that is not the default (English), and this leads us to think about localization, transliteration, encoding conversions, calendar operations, collation… in short, everything you have with the different languages and formats that are around the planet. And this is what the [https://www.php.net/manual/en/intro.intl.php PHP Intl extension] provides.

**What do we as the WordPress Community gain from this extension?**

This extension provides a lot of functions for better internationalization support, including but not limited to:
* [https://www.php.net/manual/en/collator.compare.php collator_compare()] to compare Unicode text strings
* [https://www.php.net/manual/en/numberformatter.format.php numfmt_format()] to format a number according to the selected locale
* the [https://www.php.net/manual/en/normalizer.normalize.php normalization] of characters
* the [https://www.php.net/manual/en/messageformatter.formatmessage.php formatting] of messages
* getting the [https://www.php.net/manual/en/intlcalendar.getfirstdayofweek.php first day of the week] according to the locale.


In addition to functionality and ease of development, the extension can also help improve security, with classes like `Spoofchecker` that can tell you [https://www.php.net/manual/en/spoofchecker.areconfusable.php if ‘google.com’, ‘goog1e.com’ can confuse the user], or functions related to Internet domains, both to convert an [https://www.php.net/manual/en/function.idn-to-ascii.php IDN domain to text] and [https://www.php.net/manual/en/function.idn-to-utf8.php text to IDN].

**Hosting Team Recommendation**

Taking into account that WordPress continues to grow, the Hosting Team has considered a good recommendation, but not an obligation, for all hosts that work with WordPress to offer this extension, by default, to all users.

Reference: [https://make.wordpress.org/hosting/2021/05/20/why-hosters-should-install-the-php-intl-extension/ Why hosters should install the PHP-intl extension].

Follow-up to [44986], [46268].

Props zodiac1978, JavierCasares, jrf, Clorith, josklever.
Fixes #52654.
Built from https://develop.svn.wordpress.org/trunk@51804


git-svn-id: http://core.svn.wordpress.org/trunk@51411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-11 18:20:59 +00:00
hellofromTonya e16eaa4935 Code Modernization: Fix "passing null to non-nullable" deprecation notices in `WP_Http::normalize_cookies()`.
The `Requests_Cookie` class expects valid - non-`null` - attributes to be passed, either as an array or as a `Requests_Utility_CaseInsensitiveDictionary` object.

However, the `WP_Http_Cookie::get_attributes()` explicitly sets the `expires`, `path` and `domain` index keys in an array with values which _may_ be `null`. This will cause `strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated`-like errors when the attributes are passed to the `Requests_Cookie` class.

Note: a `null` value for `path` would generate a similar deprecation notice, but for the `preg_match()` function.

Fixed by using `array_filter()` on the attributes to explicitly filter out `null` values before passing the attributes to `Requests_Cookie`.

Note: I'm choosing to explicitly only filter `null` values. Using `array_filter()` without a callback would filter out all "empty" values, but that may also remove values which are explicitly set to `false` or `0`, which may be valid values.

Fixes two errors in the `external-http` group in the WordPress Core test suite:
{{{
1) Tests_HTTP_Functions::test_get_response_cookies_with_wp_http_cookie_object
strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated

/var/www/src/wp-includes/Requests/Cookie.php:268
/var/www/src/wp-includes/Requests/Cookie.php:237
/var/www/src/wp-includes/Requests/Cookie.php:90
/var/www/src/wp-includes/class-http.php:460
/var/www/src/wp-includes/class-http.php:349
/var/www/src/wp-includes/class-http.php:624
/var/www/src/wp-includes/http.php:162
/var/www/tests/phpunit/tests/http/functions.php:156

2) Tests_HTTP_Functions::test_get_cookie_host_only
strtotime(): Passing null to parameter #1 ($datetime) of type string is deprecated

/var/www/src/wp-includes/Requests/Cookie.php:268
/var/www/src/wp-includes/Requests/Cookie.php:237
/var/www/src/wp-includes/Requests/Cookie.php:90
/var/www/src/wp-includes/class-http.php:460
/var/www/tests/phpunit/tests/http/functions.php:235
}}}

Follow-up to [38164], [45135], [51657].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51801


git-svn-id: http://core.svn.wordpress.org/trunk@51408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 17:43:57 +00:00
hellofromTonya 5081870aa8 Tests: Fix "null to non-nullable" deprecation notice in `Tests_Admin_IncludesPlugin::test_get_plugin_files_folder()`.
The `Tests_Admin_IncludesPlugin::_create_plugin()` expects the first parameter to be a text string to be written to a plugin file using `fwrite()`.

Passing null causes a `fwrite(): Passing null to parameter #2 ($data) of type string is deprecated` notice.

Ref: https://www.php.net/manual/en/function.fwrite

Follow-up to [31002]. [41806].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51800


git-svn-id: http://core.svn.wordpress.org/trunk@51407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 17:27:57 +00:00
hellofromTonya d345fe2e69 Code Modernization: Fix "passing null to non-nullable" deprecation in `wpdb::_real_escape()`.
The PHP native `mysqli_real_escape_string()` function expects to be passed a string as the second parameter and this is not a nullable parameter.

Passing `null` to it will result in a `mysqli_real_escape_string(): Passing null to parameter #2 ($string) of type string is deprecated` notice on PHP 8.1.

Previously, an input type check was put in place to prevent fatal errors on PHP 8.0 when an array, object or resource was passed. Changeset [48980].

A `null` value was explicitly excluded from that check, even though a `null` value being passed would only ever result in an empty string anyway.

This commit changes the previous input type check to also bow out early for `null` values and to automatically return an empty string for those.

Refs:
- https://www.php.net/manual/en/mysqli.real-escape-string.php
- https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg

Follow-up to [48980].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51799


git-svn-id: http://core.svn.wordpress.org/trunk@51406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 16:36:57 +00:00
hellofromTonya 62709d3d26 Tests: Add tests for `wpdb::_real_escape()`.
Adds a new dedicated test file.

Adds a test to check that various input types passed to `wpdb::_real_escape()` are handled correctly.

Note: This new test does not test the actual escaping or other logic in the function. Rather, it just and only tests and documents how the function handles various input types.

Props jrf, hellofromTonya.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51798


git-svn-id: http://core.svn.wordpress.org/trunk@51405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 16:30:57 +00:00
hellofromTonya 1c8de0817f Code Modernization: Fix null to non-nullable deprecations in `WP_Meta_Query::get_sql_for_clause()`.
In the `WP_Meta_Query::get_sql_for_clause()`, the `'value'` index from a meta query array is passed to the PHP native `trim()` function without prior validation.

In PHP 8.1, this could lead to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice.

`trim()` expects a text string and is only useful when ''passed'' a text string as no other variable type can contain whitespace.

Fixed now by verifying that the ''value'' is a string before processing it with `trim()`.

This issue is already covered by the existing `Tests_Meta_Query::test_null_value_sql()` and the `Tests_Meta_Query::test_convert_null_value_to_empty_string()` tests.

Follow-up to [17699], [29887], [29940].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51797


git-svn-id: http://core.svn.wordpress.org/trunk@51404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 16:01:03 +00:00
hellofromTonya 243e75eb41 Code Modernization: Fix null to non-nullable deprecation in `term_exists()`.
The `term_exists()` function expects a string or an integer for the `$term` parameter. It validates for integer, but not for string or `null`.

One of the pre-existing test cases, passed `null` to the function, leading to a `trim(): Passing null to parameter #1 ($string) of type string is deprecated` notice on PHP 8.1.

Fixed now by doing a cursory check on the variable at the start of the function and bowing out early in case the `$term` is `null`.

The issue was discovered via and is already covered by the `Tests_TermExists::test_term_exists_unknown()` test method.

Follow-up to [15220]. [38716].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51796


git-svn-id: http://core.svn.wordpress.org/trunk@51403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 15:03:57 +00:00
Sergey Biryukov 018ad6098c Accessibility: Administration: Improve `aria-label` on network admin Themes screen.
This ensures that the beginning of the label matches the visible link text.

Add a similar label for the plugin URI link on the Plugins screen when the plugin is outside of the directory.

Follow-up to [28673], [28706], [35924].

Props sabernhardt, zeo, audrasjb.
Fixes #24442.
Built from https://develop.svn.wordpress.org/trunk@51795


git-svn-id: http://core.svn.wordpress.org/trunk@51402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 14:49:00 +00:00
Andrew Ozz e175db4ae1 External Libraries: Update jQuery UI to 1.13.0-rc2.
The final release is expected at the beginning of October. Updating to rc2 now gives everybody plenty of time to test and report any issues either with UI 1.13.0 or with the WordPress implementation.

Props Clorith, mgol, azaozz.
See #52163.
Built from https://develop.svn.wordpress.org/trunk@51794


git-svn-id: http://core.svn.wordpress.org/trunk@51401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-10 00:02:59 +00:00
hellofromTonya b8322a053e Code Modernization: Fix null to non-nullable deprecation in `wp_privacy_anonymize_ip()`.
The `wp_privacy_anonymize_ip()` function expects a string for the `$ip_addr` parameter, but did not do any input validation.

One of the pre-existing test cases, passed `null` to the function, leading to a `substr_count(): Passing null to parameter #1 ($haystack) of type string is deprecated` notice on PHP 8.1.

Fixed now by doing a cursory check on the variable at the start of the function and bowing out early for a number of cases (`null`, `false`, `0`, `''`) which would all result in the same `0.0.0.0` output anyway.

Follow-up [42971].

Props jrf, hellofromTonya.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51793


git-svn-id: http://core.svn.wordpress.org/trunk@51400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 22:56:56 +00:00
hellofromTonya 78b5f27b1e Tests: Add more invalid IP test cases and `@covers` to `Tests_Functions_Anonymization`.
Adds a few more invalid IP test cases.

Adds extra `@covers` tag for the two functions which are testing the `wp_privacy_anonymize_ip()` function.

(At class level, the `wp_privacy_anonymize_data()` is set as covered).

Follow-up to [42971].

Props jrf, hellofromTonya.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51792


git-svn-id: http://core.svn.wordpress.org/trunk@51399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 22:44:56 +00:00
hellofromTonya 07139653b9 Widgets: Revert [51705].
While the new name is much better, it doesn't fully tell what will happen when invoked nor does it fully solve the root problems. 

Why? The function is doing too much. And naming is hard.

Props azaozz, desrosj, andraganescu, zieladam, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51791


git-svn-id: http://core.svn.wordpress.org/trunk@51398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 21:40:57 +00:00
hellofromTonya 1d0e1397fd Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_Image_Editor::save()`.
Renames the first parameter in `WP_Image_Editor_GD::save()` to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Adds @since to clearly specify why the change happened.

Adds parameter descriptions to parent and both child classes. 

Follow-up to [22094], [22619], [30681].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51790


git-svn-id: http://core.svn.wordpress.org/trunk@51397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 20:39:58 +00:00
hellofromTonya 68e0c5e520 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_Widget::update()`.
In each child class, renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Adds @since to clearly specify why the change happened.

Replaces the original with the variable name with within each method.
Why? The new name is more specific and descriptive, which improves readability.

Follow-up to [10782], [25090], [26556], [40640].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51789


git-svn-id: http://core.svn.wordpress.org/trunk@51396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 20:13:57 +00:00
hellofromTonya f2f05f8e04 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_Sitemaps_Provider::get_max_num_pages()`.
In each child class, renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Adds @since to clearly specify why the change happened.

Reassigns the generic parameter to the original parameter.
Why? Restoring the original name keeps the context intact within the method and makes the code more readable. An inline comment explains why this reassignment is made.

Note: Reassignment is done after the guard clause.
Why? To avoid unnecessary processing and memory should the method bail out.

Follow-up to [48072].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51788


git-svn-id: http://core.svn.wordpress.org/trunk@51395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 19:42:56 +00:00
hellofromTonya a4b163a674 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_Sitemaps_Provider::get_url_list()`.
In each child and grandchild class, renames the second parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Adds @since to clearly specify why the change happened.

Reassigns the generic parameter to the original parameter.
Why? Restoring the original name keeps the context intact within the method and makes the code more readable. An inline comment explains why this reassignment is made.

Follow-up to [48072].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51787


git-svn-id: http://core.svn.wordpress.org/trunk@51394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 19:21:57 +00:00
hellofromTonya 41307cd4e6 Code Modernization: Fix parameter name mismatches for parent/child classes in `WP_REST_Controller::prepare_item_for_response()`.
In each child and grandchild class, renames the first parameter to match the parent's method signature.

Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Changes for readability:

- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.

- In methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.

Follow-up to [38832], [39011], [39015], [39021], [39024], [39025], [39031], [39036], [43519], [43735], [43739], [43768], [46821], [48173], [48242], [49088], [50995], [51003], [51021].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51786


git-svn-id: http://core.svn.wordpress.org/trunk@51393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 18:36:57 +00:00
hellofromTonya aaee916444 Code Modernization: Fix parameter name mismatch with parent in `WP_Customize_Custom_CSS_Setting::validate()`.
Renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.

Adds `@since` to clearly specify why the change happened.

Reassigns the generic parameter to the original parameter.
Why? Restoring the original name keeps the context intact within the method and makes the code more readable. An inline comment explains why this reassignment is made

Follow-up to [37476], [38829], [41376].

Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51785


git-svn-id: http://core.svn.wordpress.org/trunk@51392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-09 15:18:55 +00:00