This updates several `devDependencies` to their latest versions:
- `autoprefixer` (`10.4.20`)
- `cssnano` (`7.0.6`)
- `grunt-contrib-qunit` (`10.1.1`)
- `grunt-webpack` (`7.0.0`)
- `postcss` (`8.4.47`)
- `qunit` (`2.22.0`)
- `sass` (`1.79.4`)
- `uuid` (`10.0.0`)
- `wait-on` (18.0.1`)
Also included are two minor updates to bundled dependencies:
- `json2php` (`0.0.9`)
- `wicg-inert` (`3.1.3`).
After applying these updates, `npm audit fix` and `grunt precommit:css` were run.
See #62137.
Built from https://develop.svn.wordpress.org/trunk@59135
git-svn-id: http://core.svn.wordpress.org/trunk@58531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add an error notice if a user attempts to apply bulk edits with no items selected. Applies to post lists, comments, taxonomies, and plugins screens.
Props garrett-eclipse, nrqsnchz, sumitsingh, nihar007, royho, sabernhardt, oglekler, quadthemes, ankit-k-gupta, fnpen, ukdrahul, joedolson.
Fixes#45006, #58479.
Built from https://develop.svn.wordpress.org/trunk@59134
git-svn-id: http://core.svn.wordpress.org/trunk@58530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the function applies the `wp_editor_settings` filter and merges the resulting array with the rest of TinyMCE init settings.
Includes a unit test to verify that the settings are merged correctly after adding the assignment of `array_merge()` result that was missed in the initial commit.
Follow-up to [44265], [59033].
Props kkmuffme, akshat2802, davidbaumwald, SergeyBiryukov.
Fixes#61754.
Built from https://develop.svn.wordpress.org/trunk@59074
git-svn-id: http://core.svn.wordpress.org/trunk@58470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This update most notably drops support for jQuery `< 1.12` and `< 2.2`. WordPress has not shipped with a version that matches these ranges since version 4.4 (see [36285]/#35380).
The update also changes the library’s browser support policy to only support the latest Chrome, Firefox, Safari, and Edge. This closely matches Core’s current policy to support the last 2 versions of these browsers. The library’s README notes that other versions nay “also work correctly with this plugin but support is not guaranteed”, which is reasonably similar.
Props vipulgupta003.
Fixes#61835.
Built from https://develop.svn.wordpress.org/trunk@58956
git-svn-id: http://core.svn.wordpress.org/trunk@58352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The polyfill was added in [57492], but all browsers supported by WordPress already support import maps.
This not only disables the polyfill, but completely removes it as it was only added recently and there is no usage outside of core.
Props swissspidy, desrosj, luisherranz, gziolo.
Fixes#60970.
Built from https://develop.svn.wordpress.org/trunk@58952
git-svn-id: http://core.svn.wordpress.org/trunk@58348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`_wp_normalize_relative_css_links()` used to normalize all non-absolute URLs regardless of whether it's a relative path or an absolute path. The normalization should only happen for relative paths (paths without a leading `/`) and not for absolute paths.
Reference: [https://www.rfc-editor.org/rfc/rfc1808#section-4 RFC 1808, Section 4, Step 4].
Follow-up to [52036], [52695], [52754], [55658], [55669].
Props scholdstrom.
Fixes#61909.
Built from https://develop.svn.wordpress.org/trunk@58932
git-svn-id: http://core.svn.wordpress.org/trunk@58328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since removing the build steps for a gzipped version of TinyMCE, the check whether gzip is supported on the server is superfluous. It may also result in the uncompressed files being used when the compressed files are available and could be used.
Follow-up to [44114], [44651].
Props MattyRob, hbhalodia.
Fixes#61862.
Built from https://develop.svn.wordpress.org/trunk@58902
git-svn-id: http://core.svn.wordpress.org/trunk@58298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the `whatwg-fetch` library from version `3.6.17` to `3.6.20`, the latest current version.
This library is included and registered within WordPress as the `wp-polyfill-fetch` script but is no longer used by WordPress itself. Updates are provided as a courtesy, and all projects using this polyfill should reevaluate usage.
Props manooweb.
Fixes#60514.
Built from https://develop.svn.wordpress.org/trunk@58860
git-svn-id: http://core.svn.wordpress.org/trunk@58256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces `wp_get_wp_version()` to get an unmodified value of `$wp_version` from `wp-includes/version.php`. Some plugins modify the global in an attempt to improve security through obscurity. This practice can cause errors in WordPress so the ability to get an unmodified version is needed.
Replaces instances within the code base in which `version.php` was required in order to get an unmodified value. `script-loader.php` is intentionally excluded from the replacements as the function is not always available to the file.
Props debarghyabanerjee, afragen, costdev.
See #61627.
Built from https://develop.svn.wordpress.org/trunk@58813
git-svn-id: http://core.svn.wordpress.org/trunk@58209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the `regenerator-runtime` library to version `0.14.1`.
This library has not been used by Core itself in quite a while and only maintained as a courtesy. Any projects relying on `regenerator-runtime` should reevaluate their usage.
Props manooweb.
Fixes#60515.
Built from https://develop.svn.wordpress.org/trunk@58800
git-svn-id: http://core.svn.wordpress.org/trunk@58196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Stop enqueueing polyfills such as `wp-polyfill-inert` (for the `inert` attribute) and `regenerator-runtime` (for generator functions), as they are no longer needed, considering the WordPress project's [https://make.wordpress.org/core/handbook/best-practices/browser-support/ browser support policy].
In addition to that, `wp-polyfill` (essentially `core-js`) is no longer enqueued as a dependency of `react`. This was added in [43903] to ensure compatibility with IE 11, which is no longer supported by WordPress. Developers requiring `wp-polyfill` need to manually add it as a dependency for their scripts.
Props swissspidy, flixos90, adamsilverstein, youknowriad, gziolo.
Fixes#60962.
Built from https://develop.svn.wordpress.org/trunk@57981
git-svn-id: http://core.svn.wordpress.org/trunk@57467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a number of issues, chief among them:
- Updates to the site title are reflected in the preview.
- Improve alt text for preview
- Make string describing site icon more succinct.
- Add inline documentation to JavaScript
Props kebbet, jorbin, swissspidy, afercia, mukesh27, alexstine, jameskoster, andraganescu.
Fixes#54370.
Built from https://develop.svn.wordpress.org/trunk@57713
git-svn-id: http://core.svn.wordpress.org/trunk@57214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update JavaScript files for tag suggestions and the TinyMCE link plugin to use client side translations. This allows for `_n()` to be used for strings requiring singular and plural versions in which the correct form is only known client side.
Props audrasjb, chaion07, costdev, hellofromtonya, johnbillion, marybaum, nicolefurlan, oglekler, rebasaurus, rsiddharth, sergeybiryukov, shaampk1, shahariaazam, swissspidy, tobifjellner.
Fixes#48244.
Built from https://develop.svn.wordpress.org/trunk@57654
git-svn-id: http://core.svn.wordpress.org/trunk@57155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This restores the site icon setting to its original home on the settings page where it lives with the title and tagline.
The base for this code was originally added in [32994] and then removed in [33329]. The majority of the modification to that version are to remove the no-js pieces and make the workflow completely inline rather than putting the cropping on a separate page.
Additionally, since image crops rely on the ability to upload an image, this setting is gated by the `upload_files` capability.
Follow-up to: [32994], [33329].
Props jorbin, audrasjb, mukesh27, joedolson, afercia, kebbet, swissspidy, obenland, jameskoster, kjellr, andraganescu, stacimc, mikeschroder, h71, krupajnanda, huzaifaalmesbah.
Fixes#54370.
See #16434.
Built from https://develop.svn.wordpress.org/trunk@57602
git-svn-id: http://core.svn.wordpress.org/trunk@57103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This patch, somewhat small brings a lot to WordPress.
This includes features like:
- DataViews.
- Customization tools like box shadow, background size and repeat.
- UI improvements in the site editor.
- Preferences sharing between the post and site editors.
- Unified panels and editors between post and site editors.
- Improved template mode in the post editor.
- Iterations to multiple interactive blocks.
- Preparing the blocks and UI for pattern overrides.
- and a lot more.
Props luisherranz, gziolo, isabel_brison, costdev, jonsurrell, peterwilsoncc, get_dave, antonvlasenko, desrosj.
See #60315.
Built from https://develop.svn.wordpress.org/trunk@57377
git-svn-id: http://core.svn.wordpress.org/trunk@56883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduces two functions:
* `wp_is_serving_rest_request()` returns a boolean for whether WordPress is serving an actual REST API request.
* `wp_is_rest_endpoint()` returns a boolean for whether a WordPress REST API endpoint is currently being used. While this is always the case if `wp_is_serving_rest_request()` returns `true`, the function additionally covers the scenario of internal REST API requests, i.e. where WordPress calls a REST API endpoint within the same request.
Both functions should only be used after the `parse_request` action.
All relevant manual checks have been adjusted to use one of the new functions, depending on the use-case. They were all using the same constant check so far, while in fact some of them were intending to check for an actual REST API request while others were intending to check for REST endpoint usage.
A new filter `wp_is_rest_endpoint` can be used to alter the return value of the `wp_is_rest_endpoint()` function.
Props lots.0.logs, TimothyBlynJacobs, flixos90, joehoyle, peterwilsoncc, swissspidy, SergeyBiryukov, pento, mikejolley, iandunn, hellofromTonya, Cybr, petitphp.
Fixes#42061.
Built from https://develop.svn.wordpress.org/trunk@57312
git-svn-id: http://core.svn.wordpress.org/trunk@56818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [50941] the version of lodash was updated, however the version inside `wp_default_packages_vendor` was not updated at the same time. This updates the version to correctly reflect the version that is loaded.
Also adds some basic tests for the scripts in `wp_default_packages_vendor` that match the name of the package from package.json to help prevent errors like this in the future.
Props jadpm, jorbin, swissspidy.
Fixes#60048. See #52991.
Built from https://develop.svn.wordpress.org/trunk@57185
git-svn-id: http://core.svn.wordpress.org/trunk@56696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add `wp_remove_surrounding_empty_script_tags()` to more precisely remove script tag wrappers and warn when doing it wrong.
* Add clarifying comments for XML escaping logic in `wp_get_inline_script_tag()`.
* Leverage `WP_HTML_Tag_Processor` in `test_remove_frameless_preview_messenger_channel`.
* Reuse `assertEqualMarkup` in `test_blocking_dependent_with_delayed_dependency`.
* Normalize whitespace in `parse_markup_fragment` for `assertEqualMarkup`.
Follow-up to [56687].
Props dmsnell, westonruter, flixos90.
See #58664.
Built from https://develop.svn.wordpress.org/trunk@56748
git-svn-id: http://core.svn.wordpress.org/trunk@56260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`.
* Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5.
* Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat.
* Wrap existing `<script>` tags in output buffering to retain IDE supports.
* In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly.
* In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it.
* Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests.
* Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences.
Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz.
Fixes#58664.
See #39941.
Built from https://develop.svn.wordpress.org/trunk@56687
git-svn-id: http://core.svn.wordpress.org/trunk@56199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the `wp-polyfill-node-contains` and `'wp-polyfill-dom-rect` scripts to the latest version, `4.8.0`.
These scripts are no longer used by WordPress Core, but are kept up to date as a courtesy.
Props rajinsharwar, hrshahin, oglekler.
Fixes#59077.
Built from https://develop.svn.wordpress.org/trunk@56646
git-svn-id: http://core.svn.wordpress.org/trunk@56158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
desrosj
joedolson
Sergey Biryukov
davidbaumwald
Jeremy Felt
Pascal Birchler
Peter Wilson
isabel_brison
gziolo
audrasjb
ellatrix
Aaron Jorbin
K. Adam White
youknowriad
Weston Ruter
Felix Arntz
Tammie Lister