Commit Graph

47490 Commits

Author SHA1 Message Date
John Blackbourn 5f1d229cbf Build/Test Tools: Restrict the permissions granted to jobs on GitHub Actions
The `permissions` key in a job declares the GitHub permissions that are granted to the token that's used by the job. Restricting the permissions reduces the impact that a vulnerability in the CI system can have.

Props desrosj, johnbillion

See #57865

Built from https://develop.svn.wordpress.org/trunk@55715


git-svn-id: http://core.svn.wordpress.org/trunk@55227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 22:17:18 +00:00
John Blackbourn bd393654cc Filesystem API: Correct and improve the return type documentation for the `dirlist()` method in `WP_Filesystem_Base` and its extending classes.
Props mat-lipe, szepeviktor, costdev, audrasjb, johnbillion

Fixes #58229
See #57840

Built from https://develop.svn.wordpress.org/trunk@55714


git-svn-id: http://core.svn.wordpress.org/trunk@55226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 21:30:19 +00:00
audrasjb 12c65b6076 Script Loader: Update jQuery version to 3.6.4 to match the current version.
This changeset updates the jQuery version to 3.6.4 in `script-loader.php` to correcly match the current version used in WordPress.

This was accidentally missed in [55491].

Props nickpap, TobiasBg, dhrumilk.
Fixes #58203.
See #57324.

Built from https://develop.svn.wordpress.org/trunk@55713


git-svn-id: http://core.svn.wordpress.org/trunk@55225 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 21:27:21 +00:00
John Blackbourn b155956792 Docs: Miscellaneous formatting corrections to inline docs and whitespace.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55712


git-svn-id: http://core.svn.wordpress.org/trunk@55224 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 19:46:21 +00:00
John Blackbourn c83f4cb97a Docs: Corrections and improvements to docblocks for global styles, global settings, theme.json parsing, and shortcodes.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55711


git-svn-id: http://core.svn.wordpress.org/trunk@55223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 18:48:22 +00:00
Sergey Biryukov 27c4548f19 General: Restore `strpos()` check in `wp-admin/load-styles.php`.
This resolves a fatal error on PHP < 8.0, as `wp-includes/compat.php` is not loaded in this file, so `str_starts_with()` may not be available.

Follow-up to [55703].

Props dd32, flixos90, DigTek.
Fixes #58244. See #58012.
Built from https://develop.svn.wordpress.org/trunk@55710


git-svn-id: http://core.svn.wordpress.org/trunk@55222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 15:46:22 +00:00
Andrea Fercia 6064478fa7 Post Types: Add the view_items label to the wp_block post type.
The `view_items` post type label is used in the Editor, for the `aria-label` of the link to go back to the Posts list. When editing a Reusable block, it fallbacks to 'View Posts'. It should be 'View Reusable blocks'.

Fixes #58209.

Built from https://develop.svn.wordpress.org/trunk@55709


git-svn-id: http://core.svn.wordpress.org/trunk@55221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 14:08:18 +00:00
Bernhard Reiter 5a32396d8f HTML API: Accumulate shift for internal parsing pointer.
A bug was discovered where where the parser wasn't returning to the
start of the affected tag after making some updates.

In few words, the Tag Processor has not been treating its own internal
pointer `bytes_already_parsed` the same way it treats its bookmarks.
That is, when updates are applied to the input document and then
`get_updated_html()` is called, the internal pointer transfers to
the newly-updated content as if no updates had been applied since
the previous call to `get_updated_html()`.

In this patch we're creating a new "shift accumulator" to account for
all of the updates that accrue before calling `get_updated_html()`.
This accumulated shift will be applied when swapping the input document
with the output buffer, which should result in the pointer pointing to
the same logical spot in the document it did before the udpate.

In effect this patch adds a single workaround for treating the
internal pointer like a bookmark, plus a temporary pointer which points
to the beginning of the current tag when calling `get_updated_html()`.
This will preserve the assumption that updating a document doesn't
move that pointer, or shift which tag is currently matched.

Props dmsnell, zieladam.
Fixes #58179.
Built from https://develop.svn.wordpress.org/trunk@55706


git-svn-id: http://core.svn.wordpress.org/trunk@55218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 11:31:18 +00:00
audrasjb 59e90bba48 Docs: Various improvements in Bookmark Administration API function descriptions, as per docblocks standards.
Follow-up to [55704].

See #57840.

Built from https://develop.svn.wordpress.org/trunk@55705


git-svn-id: http://core.svn.wordpress.org/trunk@55217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 10:03:21 +00:00
audrasjb 66016f2c12 Coding Standards: Remove unnecessary variable escapement in Bookmark Administration API.
This changeset removes an unnecessary `esc_html()` escapement for `link_url`, as `esc_url()` already does the job.

Follow-up to [11383].

Props utsav72640, audrasjb.
Fixes #58239.

Built from https://develop.svn.wordpress.org/trunk@55704


git-svn-id: http://core.svn.wordpress.org/trunk@55216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-03 09:58:25 +00:00
Sergey Biryukov 2ec23a82ed Code Modernization: Replace usage of `strpos()` with `str_starts_with()`.
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).

WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.

While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.

Follow-up to [52039], [52040], [52326].

Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes #58012.
Built from https://develop.svn.wordpress.org/trunk@55703


git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 15:45:22 +00:00
spacedmonkey c1facaa4ce Cache API: Add helper function `wp_cache_set_last_changed`.
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed. 

Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby. 
Fixes #57905.
Built from https://develop.svn.wordpress.org/trunk@55702


git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 11:26:24 +00:00
spacedmonkey 4bdeb57ac5 Taxonomy: Remove redundant call to `get_term` in `wp_queue_posts_for_term_meta_lazyload`.
In [55252] the function `wp_queue_posts_for_term_meta_lazyload` was refactored to use `wp_cache_get_multiple`. This refactor included a call to `get_term`. However, calling get_term calls `sanitize_term`, which sanitizes all fields in a term. The full term object is not needed in this context as term meta only needs to the term id, which is already in the function. Saving calls to `sanitize_term` will improve performance of this function. 

Props spacedmonkey, joemcgill, mukesh27. 
Fixes #57966.
Built from https://develop.svn.wordpress.org/trunk@55701


git-svn-id: http://core.svn.wordpress.org/trunk@55213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 10:57:24 +00:00
Sergey Biryukov fe8c41f574 External Libraries: Update license URL in Text_Diff library.
The former URL used to refer to LGPL 2.1 at the time, but does not redirect to its current location.

Includes updating the `Algorithm::Diff` Perl module URL.

Props jigar-bhanushali, utsav72640.
Fixes #58217.
Built from https://develop.svn.wordpress.org/trunk@55700


git-svn-id: http://core.svn.wordpress.org/trunk@55212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-01 11:06:23 +00:00
Sergey Biryukov a8390f5f7c Upgrade/Install: Update sodium_compat to v1.20.0.
The latest version of sodium_compat includes a fix for the Poly1305 implementation.

References:
* [https://github.com/paragonie/sodium_compat/releases/tag/v1.20.0 sodium_compat 1.20.0 release notes]
* [https://github.com/paragonie/sodium_compat/compare/v1.19.0...v1.20.0 Full list of changes in sodium_compat 1.20.0]

Follow-up to [49741], [51002], [51591], [52988], [54150], [54310].

Props jrf, costdev, paragoninitiativeenterprises, mukesh27.
Fixes #58224.
Built from https://develop.svn.wordpress.org/trunk@55699


git-svn-id: http://core.svn.wordpress.org/trunk@55211 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-30 14:08:23 +00:00
Sergey Biryukov 9954d0a927 Coding Standards: Break out of the inner loop in `make_site_theme_from_default()`.
This more closely matches the previous behavior with multiple `if`/`elseif` statements.

Follow-up to [55688].

See #56982.
Built from https://develop.svn.wordpress.org/trunk@55698


git-svn-id: http://core.svn.wordpress.org/trunk@55210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-29 18:30:23 +00:00
Sergey Biryukov 225fe28e9f Coding Standards: Bring some consistency to REST API revisions initialization.
The autosaves and revisions controllers used to set the same class properties in a slightly different order.

This commit makes the `::__construct()` methods of both classes more consistent to simplify future maintenance.

Follow-up to [46272], [51962].

See #57839.
Built from https://develop.svn.wordpress.org/trunk@55697


git-svn-id: http://core.svn.wordpress.org/trunk@55209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-28 15:06:21 +00:00
Sergey Biryukov 19b456f9f8 REST API: Remove unused variable from the permissions check for deleting a revision.
`WP_REST_Revisions_Controller::delete_item_permissions_check()` no longer uses the value of the `$parent_post_type` variable anywhere. 

Follow-up to [45812], [47547], [47850].

Props Soean, mukesh27.
Fixes #58218.
Built from https://develop.svn.wordpress.org/trunk@55696


git-svn-id: http://core.svn.wordpress.org/trunk@55208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-28 10:05:21 +00:00
oandregal a14d6d04e6 Enqueue registered assets once.
This PR removes the `wp_enqueue_registered_block_scripts_and_styles` callback from the `enqueue_block_editor_assets` action.

There are two actions to enqueue block assets: `enqueue_block_editor_assets` and `enqueue_block_assets`. The former enqueues the assets to the editor and the later enqueues them to the front-end and the editor. Given `wp_enqueue_registered_block_scripts_and_styles` is already bound to the `enqueue_block_assets` (front-end and editor), it is unnecessary to bind it to `enqueue_block_editor_assets` (editor) as well.

This was originally introduced at [44157] and hasn't been modified since.

Props ellatrix, costdev.
Fixes #58208.


Built from https://develop.svn.wordpress.org/trunk@55695


git-svn-id: http://core.svn.wordpress.org/trunk@55207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-28 08:51:17 +00:00
John Blackbourn f14f3ba995 Docs: All sorts of improvements and corrections to function and hook docs.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55694


git-svn-id: http://core.svn.wordpress.org/trunk@55206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-27 23:15:17 +00:00
John Blackbourn cc24b047eb Docs: Correct and improve various documented types for properties, functions, and hooks.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55693


git-svn-id: http://core.svn.wordpress.org/trunk@55205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-27 22:29:18 +00:00
audrasjb 4c8a5d8d28 Docs: Typo fix in `WP_REST_Block_Pattern_Categories_Controller` docblock.
Props Soean.
Fixes #58204.

Built from https://develop.svn.wordpress.org/trunk@55692


git-svn-id: http://core.svn.wordpress.org/trunk@55204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-27 22:25:26 +00:00
Sergey Biryukov 9953e9e51d Coding Standards: Use `__DIR__` magic constant in `wp-admin/options-privacy.php`.
This replaces the only remaining instance of `dirname( __FILE__ )` in core to avoid the performance overhead of a function call.

Follow-up to [47198], [50161], [50631].

Props hztyfoon, rudlinkon.
Fixes #58207.
Built from https://develop.svn.wordpress.org/trunk@55691


git-svn-id: http://core.svn.wordpress.org/trunk@55203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-27 13:14:23 +00:00
audrasjb 86d5add906 Text Changes: Typo fix in `README.md`.
Follow-up to [47752].

Props neychok.
Fixes #58177.

Built from https://develop.svn.wordpress.org/trunk@55690


git-svn-id: http://core.svn.wordpress.org/trunk@55202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-26 22:28:19 +00:00
audrasjb 514f7f723c Editor: Improve the tag field loading spinner alignment.
This changeset improves the loading spinner alignment of the Classic Editor's tag field.

Follow-up to [19897], [31611].

Props Presskopp, SergeyBiryukov, audrasjb.
Fixes #58136.

Built from https://develop.svn.wordpress.org/trunk@55689


git-svn-id: http://core.svn.wordpress.org/trunk@55201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-26 21:38:21 +00:00
Sergey Biryukov ddc749868c Coding Standards: Remove an empty `else` statement in `dbDelta()`.
Use `continue` to help separate each case for better readability, instead of having a wall of `if`/`elseif`.

Includes simplifying a similar fragment in `make_site_theme_from_default()`.

Follow-up to [1575], [2037], [2040], [2044], [2346], [7999], [14080], [14485].

Props costdev, krunal265, hellofromTonya, brookedot, SergeyBiryukov.
Fixes #56982.
Built from https://develop.svn.wordpress.org/trunk@55688


git-svn-id: http://core.svn.wordpress.org/trunk@55200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-26 15:10:23 +00:00
oandregal dafa13a0b9 Themes: improve performance of `get_block_templates()`.
`get_block_templates()` is responsible for finding block templates that match a given search. The function receives a query parameter with the relevant metadata (slugs of the templates, areas of the template parts, etc) to find the user templates (database) and theme templates (file directory).

This function can be made more performant by changing how it works. Before this change, it processed all the block templates and discarded the ones that didn't match the query after it occurred. This commit makes it so it discards the templates that don't match the query before processing them. As a result, it only has to process the subset of templates that will be used, instead of all of them.

This change impacts any theme with block templates. TwentyTwentyThree reports a 15% improvement in Time To First Byte.

Props spacedmonkey, jorgefilipecosta, youknowriad, flixos90, mukesh27.
Fixes #57756.

Built from https://develop.svn.wordpress.org/trunk@55687


git-svn-id: http://core.svn.wordpress.org/trunk@55199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-26 14:40:19 +00:00
oandregal 293f895c67 Themes: remove unused parameter in query for `get_block_templates()`.
Remove the `theme` parameter from the query passed to `get_block_templates()`. It is not used or documented. This removal doesn't have any effect in the code, as the data is ignored anyway.

Props draganescu, audrasjb, davidbaumwald, hellofromTonya.
Fixes #57736.

Built from https://develop.svn.wordpress.org/trunk@55686


git-svn-id: http://core.svn.wordpress.org/trunk@55198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-26 14:27:24 +00:00
Sergey Biryukov b1474a8a20 General: Don't pass `$action` to `wp_get_session_token()` in `wp_create_nonce()`.
The parameter appears to have been passed by accident, as the function does not accept any parameters.

Follow-up to [54218].

Props malavvasita, hztyfoon, dd32.
Fixes #58181.
Built from https://develop.svn.wordpress.org/trunk@55685


git-svn-id: http://core.svn.wordpress.org/trunk@55197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-25 14:57:23 +00:00
audrasjb 5afe551668 I18N: Use correct translation function in `wp-admin/includes/media.php`.
This changeset replaces `echo __()` with the appropriate `_e()` function. It also ensures the punctuation is included in the translation string.

Props mujuonly, audrasjb, vladytimy, krupalpanchal, mukesh27.
Fixes #58138.

Built from https://develop.svn.wordpress.org/trunk@55684


git-svn-id: http://core.svn.wordpress.org/trunk@55196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-24 21:28:18 +00:00
Sergey Biryukov 4f73468485 Coding Standards: Update code layout in `default_password_nag()` for readability.
This aims to better match similar fragments in other core functions.

Follow-up to [11162], [13844], [14170], [55682].

See #57839.
Built from https://develop.svn.wordpress.org/trunk@55683


git-svn-id: http://core.svn.wordpress.org/trunk@55195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-24 16:57:20 +00:00
audrasjb 0192ff842c Coding Standards: Escape edit profile URL in `default_password_nag()`.
Props utsav72640, mukesh27.
Fixes #58182.

Built from https://develop.svn.wordpress.org/trunk@55682


git-svn-id: http://core.svn.wordpress.org/trunk@55194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-24 16:44:19 +00:00
audrasjb b556c3aa25 Docs: Use third-person singular verbs in various function descriptions, as per docblocks standards.
Props laurentmagnin, pouicpouic, jbcouton, audrasjb.
See #57840.

Built from https://develop.svn.wordpress.org/trunk@55681


git-svn-id: http://core.svn.wordpress.org/trunk@55193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-24 16:37:22 +00:00
spacedmonkey 3d744b601c Users: Change cache group from `users-queries` to `user-queries`.
The cache group `users-queries` was added in [55657]. This global cache group, was named to be inline with cache groups added in [55526]. However, the naming of the group does not match, as other cache groups, do not end with s at the end. This change fix this naming. 

Props spacedmonkey, SergeyBiryukov, peterwilsoncc. 
See #40613.
Built from https://develop.svn.wordpress.org/trunk@55680


git-svn-id: http://core.svn.wordpress.org/trunk@55192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-24 13:53:22 +00:00
Sergey Biryukov 6f745b9fca Coding Standards: Use strict comparison in `wp-admin/includes/class-wp-site-icon.php`.
Follow-up to [32994], [35299].

Props aristath, poena, afercia, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55678


git-svn-id: http://core.svn.wordpress.org/trunk@55190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-23 04:02:18 +00:00
Sergey Biryukov 0c5a04d541 Coding Standards: Use strict comparison where `strtolower()` is involved.
Follow-up to [649], [7736], [18821], [19444], [20886], [20893], [23303], [55642], [55652], [55653], [55654].

Props aristath, poena, afercia, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55677


git-svn-id: http://core.svn.wordpress.org/trunk@55189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-22 15:19:22 +00:00
Sergey Biryukov ead3a2ec81 Coding Standards: Remove unused `$key` variable in `wp-admin/network/sites.php`.
Rename `$val` to `$site_id` for clarity.

Follow-up to [12603], [18562], [30020].

See #57839.
Built from https://develop.svn.wordpress.org/trunk@55676


git-svn-id: http://core.svn.wordpress.org/trunk@55188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 13:34:18 +00:00
zieladam 8659101491 HTML API: Fix a case where updates are overlooked when seeking to earlier locations.
This retains the WP_HTML_Tag_Processor attribute updates applied before calling seek() – they were erroneously erased in some cases.

Props dmsnell.
Fixes #58160.




Built from https://develop.svn.wordpress.org/trunk@55675


git-svn-id: http://core.svn.wordpress.org/trunk@55187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 13:32:25 +00:00
zieladam 1919350606 HTML API: Update code style so it passes when backported into Gutenberg.
This changes the indentation of a variable in class-wp-html-tag-processor.php 
to satisfy both WordPress and Gutenberg linters.

Props dmsnell, ntsekouras.
Fixes #58170.


Built from https://develop.svn.wordpress.org/trunk@55674


git-svn-id: http://core.svn.wordpress.org/trunk@55186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 12:33:23 +00:00
gziolo 56145f874a Editor: Add selectors field to block type definition
Adds support for the new selectors property for block types. It adds it to the allowed metadata when registering a block type, makes the WP_Block_Type class aware of it, exposes it through the block types REST API, and the get_block_editor_server_block_settings function.

Corresponding work in the Gutenberg plugin: https://github.com/WordPress/gutenberg/pull/46496.

Fixes #57585.
Props aaronrobertshaw, hellofromTonya.


Built from https://develop.svn.wordpress.org/trunk@55673


git-svn-id: http://core.svn.wordpress.org/trunk@55185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 10:43:25 +00:00
Sergey Biryukov 47ef384731 Networks and Sites: Use `is_main_site()` in a few more places.
This updates some more instances of comparing site IDs on Sites and Users screens in network admin to use `is_main_site()` for clarity.

Follow-up to [12603], [13918], [22064], [38814], [41131], [55666].

See #58150.
Built from https://develop.svn.wordpress.org/trunk@55672


git-svn-id: http://core.svn.wordpress.org/trunk@55184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 09:50:19 +00:00
spacedmonkey 469d8a5e24 Taxonomy: Always lazily load term meta.
In [34529] introduced lazy loading of term meta. However, this was only in the context of `WP_Query`. Other parts of the codebase, like `WP_Term_Query` did not lazily load term meta. In this change, calls to `update_termmeta_cache` are now replaced with `wp_lazyload_term_meta`, that instead of priming term meta caches, just adds them to the queue to be primed it ever called. This results in far less database queries, as there a number of places where term meta is being primed unnecessarily and never used. Adding everything to the term meta queue, also means that if term meta is used, that is all loaded in a single database / cache call.

Props spacedmonkey, mukesh27, peterwilsoncc. 
Fixes #57645.
Built from https://develop.svn.wordpress.org/trunk@55671


git-svn-id: http://core.svn.wordpress.org/trunk@55183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 09:24:22 +00:00
Peter Wilson 769915b890 Security: Update GitHub security policy to refer to H1.
Update the security policy displayed on GitHub, `SECURITY.md`, to refer visitors to the [https://hackerone.com/wordpress HackerOne WordPress program] for the full policy.

This allows the project to maintain a single source of truth and avoid the potential for conflicting information across the two sites.

Props desrosj, hellofromTonya, costdev.
Fixes #57937.

Built from https://develop.svn.wordpress.org/trunk@55670


git-svn-id: http://core.svn.wordpress.org/trunk@55182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 03:19:18 +00:00
Andrew Ozz b1a6d31cfe Script Loader: Improve code style and readability in `_wp_normalize_relative_css_links()`.
Props: westonruter.
See: 58069.
Built from https://develop.svn.wordpress.org/trunk@55669


git-svn-id: http://core.svn.wordpress.org/trunk@55181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-21 03:13:22 +00:00
Bernhard Reiter b116fcdb27 HTML API: Add support for a few invalid HTML comment forms.
- Comments created by means of a tag closer with an invalid tag name, e.g. `</3>`.
 - Comments closed with the invalid `--!>` closer. (Comments should be closed by `-->` but if the `!` appears it will also close it, in error.)
 - Empty tag name elements, which are technically skipped over and aren't comments, e.g. `</>`.

Props dmsnell, costdev.
Fixes #58007.
Built from https://develop.svn.wordpress.org/trunk@55667


git-svn-id: http://core.svn.wordpress.org/trunk@55179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-20 17:10:20 +00:00
Sergey Biryukov 19d36bfdd2 Networks and Sites: Simplify the check for main site on Network Admin → Sites screen.
This replaces a site ID comparison when displaying action links in `WP_MS_Sites_List_Table::handle_row_actions()` with a dedicated function call, `is_main_site()`, for clarity.

Follow-up to [13918], [25125], [26120], [32644], [38814].

Props ecorica, spacedmonkey, SergeyBiryukov.
Fixes #58150.
Built from https://develop.svn.wordpress.org/trunk@55666


git-svn-id: http://core.svn.wordpress.org/trunk@55178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-20 14:30:19 +00:00
Sergey Biryukov 150781cb41 Site Health: Bump the recommended MariaDB version to 10.4.
MariaDB 10.3 reaches EOL (“End of Life”) in May 2023. The recommended minimum is bumped to 10.4 for now.

References:
* [https://mariadb.org/about/#maintenance-policy MariaDB Maintenance policy]
* [https://make.wordpress.org/hosting/handbook/server-environment/#database Hosting team handbook: Server Environment: Database]

Follow-up to [52420], [53435], [54069], [54076].

Props JavierCasares.
See #58158.
Built from https://develop.svn.wordpress.org/trunk@55665


git-svn-id: http://core.svn.wordpress.org/trunk@55177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-20 13:54:18 +00:00
audrasjb d52a8492ea Docs: Use third-person singular verbs for `WP_Importer` related function descriptions, as per docblocks standards.
Props pouicpouic.
See #57840.

Built from https://develop.svn.wordpress.org/trunk@55664


git-svn-id: http://core.svn.wordpress.org/trunk@55176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-20 10:41:20 +00:00
Sergey Biryukov 8a6e056ad2 Tests: Correct the expected quotes in `get_comment_author_url_link()` tests.
Follow-up to [55660].

See #57839.
Built from https://develop.svn.wordpress.org/trunk@55661


git-svn-id: http://core.svn.wordpress.org/trunk@55173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-19 14:51:18 +00:00
Sergey Biryukov 91deaf5017 Coding Standards: Use more meaningful variable names in various comment functions.
This aims to bring more consistency between the functions, as well as in filter parameters.

Includes minor code layout fixes for better readability.

Follow-up to [45667], [47287], [48579], [53719], [53723], [55308].

See #57839.
Built from https://develop.svn.wordpress.org/trunk@55660


git-svn-id: http://core.svn.wordpress.org/trunk@55172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-19 14:40:19 +00:00