Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.
Props TimothyBlynJacobs, georgestephanis.
Fixes#51583.
Built from https://develop.svn.wordpress.org/trunk@49276
git-svn-id: http://core.svn.wordpress.org/trunk@49038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This takes into account non-core plugins that rely on `WP_PLUGIN_DIR` being set to the expected plugin's directory in `WP_CONTENT_DIR`, or already have the constant defined.
Follow-up to [49236].
Props pierlo.
Fixes#51594.
Built from https://develop.svn.wordpress.org/trunk@49269
git-svn-id: http://core.svn.wordpress.org/trunk@49031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that `WP_UnitTestCase::skipOnAutomatedBranches()` has access to these variables so that time sensitive tests can be skipped when appropriate.
This also updates that logic to be more clear.
Follow up to [49264].
Props ocean90, johnbillion.
See #50401, #49050, #47767.
Built from https://develop.svn.wordpress.org/trunk@49267
git-svn-id: http://core.svn.wordpress.org/trunk@49029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A new route is introduced, `batch/v1`, that accepts a list of API requests to run. Each request runs in sequence, and the responses are returned in the order they've been received.
Optionally, the `require-all-validate` validation mode can be used to first validate each request's parameters and only proceed with processing if each request validates successfully.
By default, the batch size is limited to 25 requests. This can be controlled using the `rest_get_max_batch_size` filter. Clients are strongly encouraged to discover the maximum batch size supported by the server by making an OPTIONS request to the `batch/v1` endpoint and inspecting the described arguments.
Additionally, the two new methods, `match_request_to_handler` and `respond_to_request` introduced in [48947] now have a `protected` visibility as we don't want to expose the inner workings of the `WP_REST_Server::dispatch` API.
Batching is not currently supported for GET requests.
Fixes#50244.
Props andraganescu, zieladam, TimothyBlynJacobs.
Built from https://develop.svn.wordpress.org/trunk@49252
git-svn-id: http://core.svn.wordpress.org/trunk@49014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.
Props afercia, bookdude13, michaelarestad, pento.
Fixes#42852.
Built from https://develop.svn.wordpress.org/trunk@49248
git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for REST API routes to define more complex validation requirements as JSON Schema instead of procedural validation.
The error code returned from `rest_validate_value_from_schema` for invalid parameter types has been changed from the generic `rest_invalid_param` to the more specific `rest_invalid_type`.
Props yakimun, johnbillion, TimothyBlynJacobs.
Fixes#51025.
Built from https://develop.svn.wordpress.org/trunk@49246
git-svn-id: http://core.svn.wordpress.org/trunk@49008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.
This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.
Props dd32, knutsp.
Fixes#51319.
Built from https://develop.svn.wordpress.org/trunk@49245
git-svn-id: http://core.svn.wordpress.org/trunk@49007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because workflow results are reported for each commit, it’s important to let all runs against main and version branches to complete so that the checks are reported accurately.
When considering and reviewing pull requests, the only workflow run that matters is the most recent.
Props ocean90, helen.
See #50401.
Built from https://develop.svn.wordpress.org/trunk@49244
git-svn-id: http://core.svn.wordpress.org/trunk@49006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for customizing the arguments used to generate the Quick Edit authors drop-down.
Additionally, pass the `$bulk` argument to the `quick_edit_dropdown_pages_args` filter, for consistency.
Props Mista-Flo, garrett-eclipse, hellofromTonya.
Fixes#47685.
Built from https://develop.svn.wordpress.org/trunk@49238
git-svn-id: http://core.svn.wordpress.org/trunk@49000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows Site Health tests to check if the current environment type is set to `development` or `local`.
Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.
Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes#47058.
Built from https://develop.svn.wordpress.org/trunk@49237
git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when using `switch_to_locale()` all current loaded text domains were unloaded and added to the `$l10n_unloaded` global. This prevented the just-in-time loading for text domains after a switch. The just-in-time loading was also only possible if the translations were stored in `WP_LANG_DIR`. Both issues have been fixed.
* Adds `WP_Textdomain_Registry` to keep track of the language directory paths for all plugins and themes.
* Updates all `load_*_textdomain()` functions to store the path in `WP_Textdomain_Registry`.
* Adds `$reloadable` parameter to `unload_textdomain()` to define whether a text domain can be loaded just-in-time again. This is used by `WP_Locale_Switcher::load_translations()`.
* Extends `_load_textdomain_just_in_time()` to also support text domains of plugins and themes with custom language directories.
* Fixes the incorrect `test_plugin_translation_after_switching_locale_twice()` test which should have catch this issue earlier.
* Adds a new test plugin/theme to test the loading of translations with a custom language directory.
* Deprecates the now unused and private `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()` functions.
Props yoavf, swissspidy, dd32, ocean90.
See #26511.
Fixes#39210.
Built from https://develop.svn.wordpress.org/trunk@49236
git-svn-id: http://core.svn.wordpress.org/trunk@48998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds additional logic to catch HTTP failures that do not return a `WP_Error` object (for example, a wp-json REST API error error).
This also fixes instances where REST API callbacks performed from cron do not work due to a lack of authentication by introducing a direct callback route that asynchronous tests can register.
Props dd32, clorith, timothyblynjacobs.
Fixes#51547.
Built from https://develop.svn.wordpress.org/trunk@49232
git-svn-id: http://core.svn.wordpress.org/trunk@48994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since `WP_Image_Editor`'s introduction, stream wrappers have functioned in `WP_Image_Editor_GD`, but haven't been properly supported in `WP_Image_Editor_Imagick`.
- Detects stream wrappers and uses `file_put_contents()` along with `Imagick::read/getImageBlob()` for handling when necessary.
- Introduces private method, `WP_Image_Editor_Imagick::write_image` to handle detection and proper saving.
- Introduces `WP_Test_Stream` class for testing stream wrappers, along with new tests for Imagick's stream handling and a stream filename test.
Adds requirement for `Imagick::readImageBlob()`, available in Imagick >= 2.0.0, which aligns with the current requirement of Imagick >= 2.2.0.
Props p00ya, calin, joemcgill, pputzer, jimyaghi, mikeschroder.
Fixes#42663.
Built from https://develop.svn.wordpress.org/trunk@49230
git-svn-id: http://core.svn.wordpress.org/trunk@48992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes the packages that match the Gutenberg 9.2 Release.
It is going to be the last block-editor features update for WordPress 5.6.
It also updates the block-supports code base to the latest APIs.
Props isabel_brison, noisysocks, desrosj.
Fixes#51570.
Built from https://develop.svn.wordpress.org/trunk@49226
git-svn-id: http://core.svn.wordpress.org/trunk@48988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new block editor included in 5.6 introduces an api_version property
that indicates which block API version the block is using.
This commits makes this property available on the block type and the endpoint.
Props TimothyBlynJacobs, gziolo.
Fixes#51529.
Built from https://develop.svn.wordpress.org/trunk@49224
git-svn-id: http://core.svn.wordpress.org/trunk@48986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Welcome to the bundled themes family!
Twenty Twenty-One is a blank canvas for your ideas, making the block editor your best brush.
Theme development to this point has taken place on GitHub. See: https://github.com/WordPress/twentytwentyone/.
Props poena, melchoyce, luminuu, elmastudio, bethsoderberg, williampatton, aristath, jffng, kjellr, jeffikus, audrasjb, fabiankaegy, mukesh27, dingo_d, kellylawrence, acosmin, whyisjake, metodiew, ryelle, nielslange, littlebigthing, mahesh901122, zebulan, kishanjasani, lukecavanagh, scruffian, abhijitrakas, utz119, sudoshreyansh, kau-boy, justinahinon, joostdevalk, bduclos, hareesh-pillai, mager19, rolfsiebers, webmigrates, sresok, guidooffermans, francina, marybaum, hareshlive, navanathbhosale, afercia, richtabor, joyously, sarahricker, nrqsnchz, glauberglauber, sabernhardt, kraftbj, ItsJonQ, joen, CTMartin0, decrecementofeliz, bhautikvirani.
See #51526.
Built from https://develop.svn.wordpress.org/trunk@49216
git-svn-id: http://core.svn.wordpress.org/trunk@48978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.
Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.
Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes#49558.
Built from https://develop.svn.wordpress.org/trunk@49215
git-svn-id: http://core.svn.wordpress.org/trunk@48977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Instead of one cache entry for all upload folders for a site on multisite, this now caches for each folder and invalidates that cache based on context. In multisite, this should speed up `get_dirsize` calls since older directories that are much less likely to change will no longer have the size recalculated.
Props janthiel, A5hleyRich, batmoo.
Fixes#19879.
Built from https://develop.svn.wordpress.org/trunk@49212
git-svn-id: http://core.svn.wordpress.org/trunk@48974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `do_all_pingbacks()`
* `do_all_enclosures()`
* `do_all_trackbacks()`
This allows for the specific removal/replacement of one of more services.
Props dshanske, garrett-eclipse, Mista-Flo, azaozz, hellofromTonya.
Fixes#36576.
Built from https://develop.svn.wordpress.org/trunk@49211
git-svn-id: http://core.svn.wordpress.org/trunk@48973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Widgets that output a list of links are now wrapped within `<nav>` elements to improve semantics and accessibility.
The `<nav>` elements are native landmark regions, which helps assistive technology users to navigate through them.
Follow-up to [48349], [49177].
Props hareesh-pillai, justinahinon, afercia, williampatton.
Fixes#51445.
Built from https://develop.svn.wordpress.org/trunk@49208
git-svn-id: http://core.svn.wordpress.org/trunk@48970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If `$wpdb->get_row()` is successful and the `$output` parameter has not been set, the output will be an instance of `stdClass`, so test to confirm that instead of testing against "not null".
This affects:
* `wpmu_validate_user_signup()`
* `wpmu_validate_blog_signup()`
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49206
git-svn-id: http://core.svn.wordpress.org/trunk@48968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that Ctrl/Cmd + click to open a link in the embed iframe in a new tab works as expected.
Props timhavinga, garrett-eclipse, smerriman, swissspidy, johnbillion, Mte90, iandunn, azaozz, afercia, audrasjb, SergeyBiryukov.
Fixes#39097.
Built from https://develop.svn.wordpress.org/trunk@49202
git-svn-id: http://core.svn.wordpress.org/trunk@48964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193
git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `WP_List_Table::get_default_primary_column_name()` is a protected method, so calling it statically with the class name is bad practice.
* Similarly, this applies when calling a private constructor in `WP_Screen::get()`.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49192
git-svn-id: http://core.svn.wordpress.org/trunk@48954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The allowed format for bulk actions is now an associative array where each element represents either a top level option value and label, or an array representing an optgroup and its options.
For a standard option, the array element key is the field value and the array element value is the field label.
For an optgroup, the array element key is the label and the array element value is an associative array of options as above.
Props goldenapples, mattkeys, valentinbora, davidbaumwald
Fixes#19278
Built from https://develop.svn.wordpress.org/trunk@49190
git-svn-id: http://core.svn.wordpress.org/trunk@48952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The reason for introducing `wp_slash_strings_only()` in [46454] was to keep non-string values untouched.
Later, `wp_slash()` itself was updated in [48433] to prevent changing non-string values.
To avoid confusion, `wp_slash_strings_only()` is now deprecated.
Props ayeshrajans, ocean90.
Fixes#50635.
Built from https://develop.svn.wordpress.org/trunk@49188
git-svn-id: http://core.svn.wordpress.org/trunk@48950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the reply heading is updated correctly on single post URLs with the `?replytocom` query argument.
Follow-up to [47506], [48876], [48904].
Props mailnew2ster, wpamitkumar, audrasjb, desrosj, SergeyBiryukov.
Fixes#51175.
Built from https://develop.svn.wordpress.org/trunk@49187
git-svn-id: http://core.svn.wordpress.org/trunk@48949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a PHP 8 "argument must be passed by reference, value given" error when using `array_map()` in `PO::export_entries()`.
Object variables in PHP 5+ contain a reference to the object, and it's the reference that's passed around.
Props jrf.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49186
git-svn-id: http://core.svn.wordpress.org/trunk@48948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Enable arranging only when the Screen Options tab is open.
- Prevent accidental/unintended dragging. Seen it happen mostly on laptops when using the mousepad/trackpad.
- Improve discoverability and usefulness by always showing the "drop zones" outline when postboxes are draggable/arrangeable.
- Add some (brief) explanation to the Screen Options tab helping the user understand what options are available and how to change them. This is especially helpful for screen reader users to give an idea how to use the screen options and what to expect.
- Fix/enhance some of the code in `postbox.js` and make it coding standards compliant.
See #50699.
Built from https://develop.svn.wordpress.org/trunk@49179
git-svn-id: http://core.svn.wordpress.org/trunk@48941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids overlapping with action buttons and brings some consistency to bottom paddings across various screens.
Props passoniate, afercia, anuj2, rolfsiebers, uxkai, ireneyoast, thijsvanloef, hellofromTonya, audrasjb, helen, SergeyBiryukov.
Fixes#49246.
Built from https://develop.svn.wordpress.org/trunk@49178
git-svn-id: http://core.svn.wordpress.org/trunk@48940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the theme declares support for the `html5` feature `navigation-widgets`, the tag cloud widget is now wrapped in a `<nav>` element to improve semantics and accessibility.
The `<nav>` elements are native landmark regions, which helps assistive technology users to navigate through them.
Follow-up to [48349] for other widgets.
Props audrasjb, justinahinon, ravipatel.
Fixes#51455. See #48170.
Built from https://develop.svn.wordpress.org/trunk@49177
git-svn-id: http://core.svn.wordpress.org/trunk@48939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Wraps `Imagick::readImage()` for PDFs with exception handling, trying again without `use-cropbox` if this fails.
Introduces `WP_Image_Editor_Imagick::pdf_load_source()`.
Works around a known issue in Ghostscript 8.70 (fixed in 8.71) that results in a stack underflow.
While it only affects this version, it remains a common version found on hosts, and prevented some PDF thumbnails from being generated.
See this Ghostscript bug for more details: https://bugs.ghostscript.com/show_bug.cgi?id=690676
Props azaozz, joseaneto, cranewest, dantahoua, n5hzr, mikeschroder.
Fixes#48853.
Built from https://develop.svn.wordpress.org/trunk@49174
git-svn-id: http://core.svn.wordpress.org/trunk@48936 1a063a9b-81f0-0310-95a4-ce76da25c4cd