App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value.
This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.
Props Clorith, marybaum, TimothyBlynJacobs.
Fixes#51638.
Built from https://develop.svn.wordpress.org/trunk@49334
git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, we only supported `application/json` which prevented using subtypes like `application/activity+json`. This allows for the REST API to `json_decode` the body of requests using a JSON subtype `Content-Type`. Additionally, `wp_die()` now properly sends the error as JSON when a JSON subtype is specified in the `Accept` header.
Props pfefferle.
Fixes#49404.
Built from https://develop.svn.wordpress.org/trunk@49329
git-svn-id: http://core.svn.wordpress.org/trunk@49090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It contains:
- Fix drop zone indicators for non blocks.
- Fix archives block render function.
- Code block: preserve indentation on paste.
- Turn off autocomplete for token input.
- Fix parent post selector: ensure initial value available, search performed, all results shown.
- Fix gallery block undo issue.
Props isabel_brison.
Fixes#51640.
Built from https://develop.svn.wordpress.org/trunk@49324
git-svn-id: http://core.svn.wordpress.org/trunk@49085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This stems from longer translations on the User table, but this will apply to any posts column in a list table. Hyphenation should typically just apply to the column header, as the cell contents are just a count.
This does appear to have some browser inconsistencies, so may need further adjustment in the future.
Props audrasjb, justinahinon.
Fixes#50838.
Built from https://develop.svn.wordpress.org/trunk@49317
git-svn-id: http://core.svn.wordpress.org/trunk@49079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace the `WP_Taxonomy` object with the taxonomy slug in the values passed to the actions `edit_term_taxonomy` and `edited_term_taxonomy` within `wp_modify_term_count_by_now()`.
Follow up to [49141], [49171].
Props Chouby, lcyh78.
Fixes#40351.
Built from https://develop.svn.wordpress.org/trunk@49316
git-svn-id: http://core.svn.wordpress.org/trunk@49078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using WordPress trunk with Gutenberg master, there's an incompatibility causing
the dynamic block generated classes to be omitted.
This commit refactors the block supports to fix that problem.
Props nosolosw.
Fixes#51606.
Built from https://develop.svn.wordpress.org/trunk@49310
git-svn-id: http://core.svn.wordpress.org/trunk@49072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This switches to the new `rest_default_additional_properties_to_false()` function which doesn't have this issue and deprecates the `WP_REST_Meta_Fields::default_additional_properties_to_false()` method.
Props austin880625.
Fixes#51389.
Built from https://develop.svn.wordpress.org/trunk@49308
git-svn-id: http://core.svn.wordpress.org/trunk@49070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The REST API and XML-RPC now uses the same detection methodology for empty comment content as `wp_handle_comment_submission()`. Specifically, comments now have their content trimmed and '0' is allowed.
Props jaswrks, rmccue, dd32, rachelbaker, Cawa-93, aduth, TimothyBlynJacobs.
Fixes#43177.
Built from https://develop.svn.wordpress.org/trunk@49303
git-svn-id: http://core.svn.wordpress.org/trunk@49065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In particular, this allows for sending `status=inherit` to an attachment if it's current status is `inherit`. This status would be rejected because it is an "internal" post status which isn't exposed.
As a general rule, a developer should always be able to PUT back a GET response without error.
Props dfenton, pputzer, TimothyBlynJacobs.
Fixes#40399.
Built from https://develop.svn.wordpress.org/trunk@49302
git-svn-id: http://core.svn.wordpress.org/trunk@49064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The comments controller now uses the `rest_get_route_for_post` function introduced in WordPress 5.5 to generate the link. This function is filterable to allow for custom controllers to properly define their REST API route.
Props dsifford, TimothyBlynJacobs.
Fixes#44152.
Built from https://develop.svn.wordpress.org/trunk@49299
git-svn-id: http://core.svn.wordpress.org/trunk@49061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Make form inputs stacked instead of inline.
- Provide a visible label for the app name.
- Add screen reader text to dismiss button.
- Make "Revoke" button label more descriptive.
- Use aria-disabled instead of disabled to avoid focus loss.
- Display password in a readonly input to assist copy and paste.
- Remove large sections of italic text.
- Use `.form-wrap` and `.form-field` to give consistent form styling.
- Improve labeling and placeholder text.
Props alexstine, georgestephanis, afercia, TimothyBlynJacobs.
Fixes#51580.
Built from https://develop.svn.wordpress.org/trunk@49294
git-svn-id: http://core.svn.wordpress.org/trunk@49056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates `core_auto_updates_settings()` to account for the new `beta` and `rc` values for the `WP_AUTO_UPDATE_CORE` constant.
Additionally, recognize these new values as acceptable in Site Health tests.
Follow-up to [48804], [49245], [49254].
Fixes#51319. See #50907.
Built from https://develop.svn.wordpress.org/trunk@49292
git-svn-id: http://core.svn.wordpress.org/trunk@49054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, any `input` or `select` inside of a `.form-invalid` wrapper would get the red border highlighting, including submit buttons which was not visually correct. This now only applies to form elements with a class of `.form-required` inside of the `.form-invalid` wrapper. It also continues to apply the border to elements with both classes (`.form-invalid.form-required`) as that is how some of the admin markup is structured.
Plugin authors may need to do the same sort of class application seen in this commit, i.e. add `.form-required` to certain form elements.
Props sabernhardt, dilipbheda, helen.
Fixes#50686.
Built from https://develop.svn.wordpress.org/trunk@49283
git-svn-id: http://core.svn.wordpress.org/trunk@49045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.
Props TimothyBlynJacobs, georgestephanis.
Fixes#51583.
Built from https://develop.svn.wordpress.org/trunk@49276
git-svn-id: http://core.svn.wordpress.org/trunk@49038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This takes into account non-core plugins that rely on `WP_PLUGIN_DIR` being set to the expected plugin's directory in `WP_CONTENT_DIR`, or already have the constant defined.
Follow-up to [49236].
Props pierlo.
Fixes#51594.
Built from https://develop.svn.wordpress.org/trunk@49269
git-svn-id: http://core.svn.wordpress.org/trunk@49031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that `WP_UnitTestCase::skipOnAutomatedBranches()` has access to these variables so that time sensitive tests can be skipped when appropriate.
This also updates that logic to be more clear.
Follow up to [49264].
Props ocean90, johnbillion.
See #50401, #49050, #47767.
Built from https://develop.svn.wordpress.org/trunk@49267
git-svn-id: http://core.svn.wordpress.org/trunk@49029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A new route is introduced, `batch/v1`, that accepts a list of API requests to run. Each request runs in sequence, and the responses are returned in the order they've been received.
Optionally, the `require-all-validate` validation mode can be used to first validate each request's parameters and only proceed with processing if each request validates successfully.
By default, the batch size is limited to 25 requests. This can be controlled using the `rest_get_max_batch_size` filter. Clients are strongly encouraged to discover the maximum batch size supported by the server by making an OPTIONS request to the `batch/v1` endpoint and inspecting the described arguments.
Additionally, the two new methods, `match_request_to_handler` and `respond_to_request` introduced in [48947] now have a `protected` visibility as we don't want to expose the inner workings of the `WP_REST_Server::dispatch` API.
Batching is not currently supported for GET requests.
Fixes#50244.
Props andraganescu, zieladam, TimothyBlynJacobs.
Built from https://develop.svn.wordpress.org/trunk@49252
git-svn-id: http://core.svn.wordpress.org/trunk@49014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.
Props afercia, bookdude13, michaelarestad, pento.
Fixes#42852.
Built from https://develop.svn.wordpress.org/trunk@49248
git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for REST API routes to define more complex validation requirements as JSON Schema instead of procedural validation.
The error code returned from `rest_validate_value_from_schema` for invalid parameter types has been changed from the generic `rest_invalid_param` to the more specific `rest_invalid_type`.
Props yakimun, johnbillion, TimothyBlynJacobs.
Fixes#51025.
Built from https://develop.svn.wordpress.org/trunk@49246
git-svn-id: http://core.svn.wordpress.org/trunk@49008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.
This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.
Props dd32, knutsp.
Fixes#51319.
Built from https://develop.svn.wordpress.org/trunk@49245
git-svn-id: http://core.svn.wordpress.org/trunk@49007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because workflow results are reported for each commit, it’s important to let all runs against main and version branches to complete so that the checks are reported accurately.
When considering and reviewing pull requests, the only workflow run that matters is the most recent.
Props ocean90, helen.
See #50401.
Built from https://develop.svn.wordpress.org/trunk@49244
git-svn-id: http://core.svn.wordpress.org/trunk@49006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for customizing the arguments used to generate the Quick Edit authors drop-down.
Additionally, pass the `$bulk` argument to the `quick_edit_dropdown_pages_args` filter, for consistency.
Props Mista-Flo, garrett-eclipse, hellofromTonya.
Fixes#47685.
Built from https://develop.svn.wordpress.org/trunk@49238
git-svn-id: http://core.svn.wordpress.org/trunk@49000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows Site Health tests to check if the current environment type is set to `development` or `local`.
Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.
Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes#47058.
Built from https://develop.svn.wordpress.org/trunk@49237
git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when using `switch_to_locale()` all current loaded text domains were unloaded and added to the `$l10n_unloaded` global. This prevented the just-in-time loading for text domains after a switch. The just-in-time loading was also only possible if the translations were stored in `WP_LANG_DIR`. Both issues have been fixed.
* Adds `WP_Textdomain_Registry` to keep track of the language directory paths for all plugins and themes.
* Updates all `load_*_textdomain()` functions to store the path in `WP_Textdomain_Registry`.
* Adds `$reloadable` parameter to `unload_textdomain()` to define whether a text domain can be loaded just-in-time again. This is used by `WP_Locale_Switcher::load_translations()`.
* Extends `_load_textdomain_just_in_time()` to also support text domains of plugins and themes with custom language directories.
* Fixes the incorrect `test_plugin_translation_after_switching_locale_twice()` test which should have catch this issue earlier.
* Adds a new test plugin/theme to test the loading of translations with a custom language directory.
* Deprecates the now unused and private `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()` functions.
Props yoavf, swissspidy, dd32, ocean90.
See #26511.
Fixes#39210.
Built from https://develop.svn.wordpress.org/trunk@49236
git-svn-id: http://core.svn.wordpress.org/trunk@48998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds additional logic to catch HTTP failures that do not return a `WP_Error` object (for example, a wp-json REST API error error).
This also fixes instances where REST API callbacks performed from cron do not work due to a lack of authentication by introducing a direct callback route that asynchronous tests can register.
Props dd32, clorith, timothyblynjacobs.
Fixes#51547.
Built from https://develop.svn.wordpress.org/trunk@49232
git-svn-id: http://core.svn.wordpress.org/trunk@48994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since `WP_Image_Editor`'s introduction, stream wrappers have functioned in `WP_Image_Editor_GD`, but haven't been properly supported in `WP_Image_Editor_Imagick`.
- Detects stream wrappers and uses `file_put_contents()` along with `Imagick::read/getImageBlob()` for handling when necessary.
- Introduces private method, `WP_Image_Editor_Imagick::write_image` to handle detection and proper saving.
- Introduces `WP_Test_Stream` class for testing stream wrappers, along with new tests for Imagick's stream handling and a stream filename test.
Adds requirement for `Imagick::readImageBlob()`, available in Imagick >= 2.0.0, which aligns with the current requirement of Imagick >= 2.2.0.
Props p00ya, calin, joemcgill, pputzer, jimyaghi, mikeschroder.
Fixes#42663.
Built from https://develop.svn.wordpress.org/trunk@49230
git-svn-id: http://core.svn.wordpress.org/trunk@48992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes the packages that match the Gutenberg 9.2 Release.
It is going to be the last block-editor features update for WordPress 5.6.
It also updates the block-supports code base to the latest APIs.
Props isabel_brison, noisysocks, desrosj.
Fixes#51570.
Built from https://develop.svn.wordpress.org/trunk@49226
git-svn-id: http://core.svn.wordpress.org/trunk@48988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new block editor included in 5.6 introduces an api_version property
that indicates which block API version the block is using.
This commits makes this property available on the block type and the endpoint.
Props TimothyBlynJacobs, gziolo.
Fixes#51529.
Built from https://develop.svn.wordpress.org/trunk@49224
git-svn-id: http://core.svn.wordpress.org/trunk@48986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Welcome to the bundled themes family!
Twenty Twenty-One is a blank canvas for your ideas, making the block editor your best brush.
Theme development to this point has taken place on GitHub. See: https://github.com/WordPress/twentytwentyone/.
Props poena, melchoyce, luminuu, elmastudio, bethsoderberg, williampatton, aristath, jffng, kjellr, jeffikus, audrasjb, fabiankaegy, mukesh27, dingo_d, kellylawrence, acosmin, whyisjake, metodiew, ryelle, nielslange, littlebigthing, mahesh901122, zebulan, kishanjasani, lukecavanagh, scruffian, abhijitrakas, utz119, sudoshreyansh, kau-boy, justinahinon, joostdevalk, bduclos, hareesh-pillai, mager19, rolfsiebers, webmigrates, sresok, guidooffermans, francina, marybaum, hareshlive, navanathbhosale, afercia, richtabor, joyously, sarahricker, nrqsnchz, glauberglauber, sabernhardt, kraftbj, ItsJonQ, joen, CTMartin0, decrecementofeliz, bhautikvirani.
See #51526.
Built from https://develop.svn.wordpress.org/trunk@49216
git-svn-id: http://core.svn.wordpress.org/trunk@48978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.
Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.
Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes#49558.
Built from https://develop.svn.wordpress.org/trunk@49215
git-svn-id: http://core.svn.wordpress.org/trunk@48977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Instead of one cache entry for all upload folders for a site on multisite, this now caches for each folder and invalidates that cache based on context. In multisite, this should speed up `get_dirsize` calls since older directories that are much less likely to change will no longer have the size recalculated.
Props janthiel, A5hleyRich, batmoo.
Fixes#19879.
Built from https://develop.svn.wordpress.org/trunk@49212
git-svn-id: http://core.svn.wordpress.org/trunk@48974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `do_all_pingbacks()`
* `do_all_enclosures()`
* `do_all_trackbacks()`
This allows for the specific removal/replacement of one of more services.
Props dshanske, garrett-eclipse, Mista-Flo, azaozz, hellofromTonya.
Fixes#36576.
Built from https://develop.svn.wordpress.org/trunk@49211
git-svn-id: http://core.svn.wordpress.org/trunk@48973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Widgets that output a list of links are now wrapped within `<nav>` elements to improve semantics and accessibility.
The `<nav>` elements are native landmark regions, which helps assistive technology users to navigate through them.
Follow-up to [48349], [49177].
Props hareesh-pillai, justinahinon, afercia, williampatton.
Fixes#51445.
Built from https://develop.svn.wordpress.org/trunk@49208
git-svn-id: http://core.svn.wordpress.org/trunk@48970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If `$wpdb->get_row()` is successful and the `$output` parameter has not been set, the output will be an instance of `stdClass`, so test to confirm that instead of testing against "not null".
This affects:
* `wpmu_validate_user_signup()`
* `wpmu_validate_blog_signup()`
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49206
git-svn-id: http://core.svn.wordpress.org/trunk@48968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that Ctrl/Cmd + click to open a link in the embed iframe in a new tab works as expected.
Props timhavinga, garrett-eclipse, smerriman, swissspidy, johnbillion, Mte90, iandunn, azaozz, afercia, audrasjb, SergeyBiryukov.
Fixes#39097.
Built from https://develop.svn.wordpress.org/trunk@49202
git-svn-id: http://core.svn.wordpress.org/trunk@48964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193
git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `WP_List_Table::get_default_primary_column_name()` is a protected method, so calling it statically with the class name is bad practice.
* Similarly, this applies when calling a private constructor in `WP_Screen::get()`.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49192
git-svn-id: http://core.svn.wordpress.org/trunk@48954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The allowed format for bulk actions is now an associative array where each element represents either a top level option value and label, or an array representing an optgroup and its options.
For a standard option, the array element key is the field value and the array element value is the field label.
For an optgroup, the array element key is the label and the array element value is an associative array of options as above.
Props goldenapples, mattkeys, valentinbora, davidbaumwald
Fixes#19278
Built from https://develop.svn.wordpress.org/trunk@49190
git-svn-id: http://core.svn.wordpress.org/trunk@48952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The reason for introducing `wp_slash_strings_only()` in [46454] was to keep non-string values untouched.
Later, `wp_slash()` itself was updated in [48433] to prevent changing non-string values.
To avoid confusion, `wp_slash_strings_only()` is now deprecated.
Props ayeshrajans, ocean90.
Fixes#50635.
Built from https://develop.svn.wordpress.org/trunk@49188
git-svn-id: http://core.svn.wordpress.org/trunk@48950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the reply heading is updated correctly on single post URLs with the `?replytocom` query argument.
Follow-up to [47506], [48876], [48904].
Props mailnew2ster, wpamitkumar, audrasjb, desrosj, SergeyBiryukov.
Fixes#51175.
Built from https://develop.svn.wordpress.org/trunk@49187
git-svn-id: http://core.svn.wordpress.org/trunk@48949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a PHP 8 "argument must be passed by reference, value given" error when using `array_map()` in `PO::export_entries()`.
Object variables in PHP 5+ contain a reference to the object, and it's the reference that's passed around.
Props jrf.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49186
git-svn-id: http://core.svn.wordpress.org/trunk@48948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Enable arranging only when the Screen Options tab is open.
- Prevent accidental/unintended dragging. Seen it happen mostly on laptops when using the mousepad/trackpad.
- Improve discoverability and usefulness by always showing the "drop zones" outline when postboxes are draggable/arrangeable.
- Add some (brief) explanation to the Screen Options tab helping the user understand what options are available and how to change them. This is especially helpful for screen reader users to give an idea how to use the screen options and what to expect.
- Fix/enhance some of the code in `postbox.js` and make it coding standards compliant.
See #50699.
Built from https://develop.svn.wordpress.org/trunk@49179
git-svn-id: http://core.svn.wordpress.org/trunk@48941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids overlapping with action buttons and brings some consistency to bottom paddings across various screens.
Props passoniate, afercia, anuj2, rolfsiebers, uxkai, ireneyoast, thijsvanloef, hellofromTonya, audrasjb, helen, SergeyBiryukov.
Fixes#49246.
Built from https://develop.svn.wordpress.org/trunk@49178
git-svn-id: http://core.svn.wordpress.org/trunk@48940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the theme declares support for the `html5` feature `navigation-widgets`, the tag cloud widget is now wrapped in a `<nav>` element to improve semantics and accessibility.
The `<nav>` elements are native landmark regions, which helps assistive technology users to navigate through them.
Follow-up to [48349] for other widgets.
Props audrasjb, justinahinon, ravipatel.
Fixes#51455. See #48170.
Built from https://develop.svn.wordpress.org/trunk@49177
git-svn-id: http://core.svn.wordpress.org/trunk@48939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Wraps `Imagick::readImage()` for PDFs with exception handling, trying again without `use-cropbox` if this fails.
Introduces `WP_Image_Editor_Imagick::pdf_load_source()`.
Works around a known issue in Ghostscript 8.70 (fixed in 8.71) that results in a stack underflow.
While it only affects this version, it remains a common version found on hosts, and prevented some PDF thumbnails from being generated.
See this Ghostscript bug for more details: https://bugs.ghostscript.com/show_bug.cgi?id=690676
Props azaozz, joseaneto, cranewest, dantahoua, n5hzr, mikeschroder.
Fixes#48853.
Built from https://develop.svn.wordpress.org/trunk@49174
git-svn-id: http://core.svn.wordpress.org/trunk@48936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces the action `wp_after_insert_post` inside a wrapper function of the same name. This hook allows plugin developers to access a posts full data (including its terms and meta data) regardless of the workflow used to save it.
A new parameter is introduced to `wp_insert_post()` to indicate whether the hook should be fired within the function call or will be fired afterward.
Props aristath, Collizo4sky, danielbachhuber, joyously, kadamwhite, kraftbj, markparnell, mikeschroder, noisysocks, peterwilsoncc, SergeyBiryukov, talldanwp, thewebprincess, TimothyBlynJacobs.
Fixes#45114.
Built from https://develop.svn.wordpress.org/trunk@49172
git-svn-id: http://core.svn.wordpress.org/trunk@48934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a contributor opens their first pull request to `wordpress-develop`, the “Welcome” workflow runs and leaves a comment with guidance, helpful information, and resources.
However, because a workflow run triggered by the `pull_request` event runs against the workflow and code from the merge commit, the needed context and permissions to comment on the pull request are missing. By changing the trigger event to `pull_request_target`, the workflow runs against the workflow and code in the base of the pull request and is able to comment on when appropriate.
See #50401.
Built from https://develop.svn.wordpress.org/trunk@49169
git-svn-id: http://core.svn.wordpress.org/trunk@48931 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a workflow is cancelled, it’s marked as a failure. This is not ideal because the commit attached to the workflow run will appear as though it introduced a problem, but this may not be true.
Because GitHub Actions work a bit differently than Travis builds, it’s unlikely that the same bottleneck will be encountered in workflows.
This change removes all workflow job steps that cancel previous workflows.
See #50401.
Built from https://develop.svn.wordpress.org/trunk@49168
git-svn-id: http://core.svn.wordpress.org/trunk@48930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the `mysql` extention isn't loaded and a custom db dropin is not in place, we give folks a nice error. However, we can't assume that the `WP_CONTENT_DIR` constant is set yet since this runs before we define default constants.
This fixes a PHP 8 error.
Props jorbin.
Merges [49161] to trunk.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49163
git-svn-id: http://core.svn.wordpress.org/trunk@48925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change introduces 6 different workflows accounting for all of the testing and analysis currently performed in Travis CI & Appveyor:
- Checking PHP & JS coding standards are followed
- Running the end-to-end test suite.
- Running QUnit tests on JavaScript files.
- Scanning for PHP compatibility issues with supported version.
- Running the PHPUnit test suite.
- Verifying NPM related tasks do not cause errors on Windows.
Additionally, a seventh workflow is included that will leave a "welcome" comment when a contributor opens their first pull request to the `wordpress-develop` mirror.
These workflows are currently in an experimental phase. For that reason, Travis CI and Appveyor will continue to run until all of the bugs can be worked out.
Props ayeshrajans, helen, ocean90, desrosj.
See #50401.
Built from https://develop.svn.wordpress.org/trunk@49162
git-svn-id: http://core.svn.wordpress.org/trunk@48924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.
Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.
The existing ajax actions have been maintained for backward compatibility.
Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes#48105.
Built from https://develop.svn.wordpress.org/trunk@49154
git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate the `l10n` property on `communityEventsData`.
* Introduce `version` parameter for `deprecateL10nObject` and backfill the version for deprecated objects in 5.5.0.
* Add a noop version of `deprecateL10nObject` for QUnit testing.
Fixes#51498.
Built from https://develop.svn.wordpress.org/trunk@49151
git-svn-id: http://core.svn.wordpress.org/trunk@48913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `date` and `end_date` fields are ''WP'' timestamps representing the venue's local time. As of meta:changeset:10270 (#meta4480), new `start_unix_timestamp` and `end_unix_timestamp` values are available, providing a proper ''Unix'' timestamp in the UTC timezone. Using those is more precise, and removes the time window where the event has expired but still appears in the Events Widget.
To simplify the function, it now only accepts and returns the events themselves, rather than the entire response body.
See #51130
See #meta4480
Related: https://make.wordpress.org/core/2019/09/23/date-time-improvements-wp-5-3/
Built from https://develop.svn.wordpress.org/trunk@49145
git-svn-id: http://core.svn.wordpress.org/trunk@48907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When modifying terms assigned to an object, replace full term recounts with incrementing/decrementing the count as appropriate. This provides a significant performance boost on sites with a high number of term/object relationships and/or posts.
Introduces the functions `wp_increment_term_count()`, `wp_decrement_term_count()`, `wp_modify_term_count_by()` and `wp_modify_term_count_by_now()` for updating the term count.
Introduces the function `_wp_prevent_term_counting()` for preventing double counting on posts that are about to transition.
Adds the parameter `update_count_by_callback` to `register_taxonomy()` to allow developers to use a custom callback for incrementing or decrementing a term count.
Props boonebgorges, davidbaumwald, hellofromTonya, johnbillion, lcyh78, mattoperry, peterwilsoncc, rebasaurus, whyisjake.
Fixes#40351.
Built from https://develop.svn.wordpress.org/trunk@49141
git-svn-id: http://core.svn.wordpress.org/trunk@48903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a PHP warning during sitemap generation if `get_term_link()` returns an error, e.g. due to term ID being shared between multiple taxonomies.
Additionally, pass the `$taxonomy` argument to `get_term_link()` to properly disambiguate the call.
Props dd32.
Fixes#51416.
Built from https://develop.svn.wordpress.org/trunk@49137
git-svn-id: http://core.svn.wordpress.org/trunk@48899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for edits to be made to a restored post before it goes live again. This also prevents scheduled posts being published unexpectedly if they are untrashed after their originally scheduled date.
The old behaviour of restoring untrashed posts to their original status can be reinstated using the `wp_untrash_post_set_previous_status()` helper function.
Also fixes an issue where the incorrect post ID gets passed to hooks if no post ID is passed to the function.
Props harrym, bananastalktome, jaredcobb, chriscct7, melchoyce, johnbillion, pankajmohale
Fixes#23022
Built from https://develop.svn.wordpress.org/trunk@49125
git-svn-id: http://core.svn.wordpress.org/trunk@48887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where users could save a password with only spaces, or spaces at the beginning or end of their password, preventing them from logging in.
Props ronakganatra, 1naveengiri, ajensen, oolleegg55, bookdude13, nrqsnchz, aristath.
Fixes#42766.
Built from https://develop.svn.wordpress.org/trunk@49118
git-svn-id: http://core.svn.wordpress.org/trunk@48880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings some consistency to the YouTube and Vimeo URLs used for tests:
* For YouTube, use the video of WordPress 5.0 release.
* For Vimeo, use one of the official test videos.
Props garrett-eclipse, dd32.
Fixes#51487. See #meta5467.
Built from https://develop.svn.wordpress.org/trunk@49117
git-svn-id: http://core.svn.wordpress.org/trunk@48879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These days there are often 2 posts published close to each other, like a release announcement and a Month In WordPress post. When that happens, the earlier post is often pushed out of the widget before many people have had a chance to see it.
Ideally, the number of total items would remain at `4`, to reduce visual clutter. Implementing a conditional item would require a significant refactor, though. Increasing the total number of items to `5` is a practical compromise.
Props hlashbrooke, tellyworth.
Fixes#43441.
Built from https://develop.svn.wordpress.org/trunk@49114
git-svn-id: http://core.svn.wordpress.org/trunk@48876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The action fires immediately after transitioning a comment's status from one to another in the database and removing the comment from the object cache, but prior to all status transition hooks.
Props davidbaumwald, henry.wright.
Fixes#51481.
Built from https://develop.svn.wordpress.org/trunk@49111
git-svn-id: http://core.svn.wordpress.org/trunk@48873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
Built from https://develop.svn.wordpress.org/trunk@49109
git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes test_block_styles_for_editing_with_theme_support and
test_block_styles_for_viewing_with_theme_support by partially reverting [49102]
and only calling wp_should_load_block_editor_scripts_and_styles() when on an
admin screen.
Props TimothyBlynJacobs.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49104
git-svn-id: http://core.svn.wordpress.org/trunk@48866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Do not call the should_load_block_editor_scripts_and_styles filter on non-admin
screens. This makes it less likely that one will accidentally call
get_current_screen() when it doesn't exist.
Follow-up to [49080].
Props noahtallen.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49102
git-svn-id: http://core.svn.wordpress.org/trunk@48864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add jquery-migrate.js v.3.3.1 to core and load it in debug mode when `SCRIPT_DEBUG` is true.
- Add jquery.min.js, update jquery.js to 3.5.1 non-minified. This should help when debugging.
- Rebuild jQuery UI 1.12.1 and add it to core.
- Fix/adjust tests to match the above changes.
See #50564.
Built from https://develop.svn.wordpress.org/trunk@49101
git-svn-id: http://core.svn.wordpress.org/trunk@48863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `test:php` NPM script runs the PHP test suite using the system installed version of PHPUnit. In some cases, the version of PHPUnit installed through Composer may be preferred.
Currently, this is true when running the test suite using PHP 8. In order to add support for PHP 8 while maintaining compatibility for PHP 5.6.20, PHPUnit 7.x must be used. But, some modifications are required to be compatible with PHP 8 (see [49037], [48957]).
This change introduces the `test:php-composer` NPM script, which will run the test suite using the composer installed version.
Props desrosj, SergeyBiryukov.
Fixes#51456.
Built from https://develop.svn.wordpress.org/trunk@49099
git-svn-id: http://core.svn.wordpress.org/trunk@48861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the search controller infrastructure required that the id property was an integer. This prevents data models that use a string id from utilizing the search infrastructure.
This commit lifts the restraint that search handlers return integer ids. This will allow for the Post Formats search handler coming in 5.6 to use slugs instead of creating fake ids.
Props stoyangeorgiev.
Fixes#51131.
Built from https://develop.svn.wordpress.org/trunk@49088
git-svn-id: http://core.svn.wordpress.org/trunk@48850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a new should_load_block_editor_scripts_and_styles filter which can be used
by plugins including Gutenberg to more precisely customise when block editor
scripts and styles should be loaded by script-loader.php. Previously, plugins
had to fiddle with $current_screen->is_block_editor().
Props zieladam.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49080
git-svn-id: http://core.svn.wordpress.org/trunk@48842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 8 changes the way string to number comparisons are performed: https://wiki.php.net/rfc/string_to_number_comparison
In particular, when calling `max()` on an array with numeric values and a non-numeric string, in PHP 8 the string is returned instead of a number.
For `::import_theme_starter_content()`, this resulted in retrieving the `_multiwidget` property instead of the maximum widget number for a particular type.
By explicitly ignoring the `_multiwidget` property, we make sure to retrieve the correct widget number value.
Follow-up to [48960], [49043].
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49076
git-svn-id: http://core.svn.wordpress.org/trunk@48838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This outputs a proper message if the requirement is not met, instead of an obscure failure further in the test.
These tests rely on multiple resized copies of a test JPEG image being generated and available.
Follow-up to [49010], [49024], [49025], [49045], [49050], [49052].
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49069
git-svn-id: http://core.svn.wordpress.org/trunk@48831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The parameter's default value is different from the one in `WP_Term_Query::__construct()`, and should be documented accordingly.
This also clarifies that the `taxonomy` parameter of `wp_list_categories()` only accepts a string, not an array.
Follow-up to [40903], [41767], [45894], [45895].
Props grapplerulrich, mukesh27, TimothyBlynJacobs, SergeyBiryukov.
Fixes#51378. See #47896.
Built from https://develop.svn.wordpress.org/trunk@49060
git-svn-id: http://core.svn.wordpress.org/trunk@48822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This addresses an "Undefined constant `MB_OVERLOAD_STRING`" fatal error in the `ParagonIE_Sodium_Core_Util::isMbStringOverride()` method.
In PHP 8, the `MB_OVERLOAD_STRING` constant has been removed, along with the `mbstring` function overloading feature.
Fixes#51399.
Built from https://develop.svn.wordpress.org/trunk@49057
git-svn-id: http://core.svn.wordpress.org/trunk@48819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This outputs a proper message if the requirement is not met, instead of an obscure failure further in the test.
This test relies on multiple resized copies of a test JPEG image being generated and available.
Follow-up to [49010], [49024], [49025], [49045], [49050].
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49052
git-svn-id: http://core.svn.wordpress.org/trunk@48814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This outputs a proper message if the requirement is not met, instead of an obscure failure further in the test.
This test relies on multiple resized copies of a test JPEG image being generated and available.
Follow-up to [49010], [49024], [49025], [49045].
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49050
git-svn-id: http://core.svn.wordpress.org/trunk@48812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This outputs a proper message if the requirement is not met, instead of an obscure failure further in the test.
These tests rely on multiple resized copies of a test JPEG image being generated and available.
Follow-up to [49010], [49024], [49025], [49045].
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49047
git-svn-id: http://core.svn.wordpress.org/trunk@48809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the sizes data could not be retrieved, the controller returns an empty object instead of an array.
This makes sure that the value is in fact an array before proceeding, and outputs a proper message in case of failure, instead of an obscure PHP error further in the test.
Follow-up to [49044].
See #50913, #51393.
Built from https://develop.svn.wordpress.org/trunk@49046
git-svn-id: http://core.svn.wordpress.org/trunk@48808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This outputs a proper message if the requirement is not met, instead of an obscure PHP error further in the test.
These tests rely on multiple resized copies of a test JPEG image being generated and available.
Follow-up to [49010], [49024], [49025].
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49045
git-svn-id: http://core.svn.wordpress.org/trunk@48807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 8 changes the way string to number comparisons are performed: https://wiki.php.net/rfc/string_to_number_comparison
In particular, checking if a non-empty, non-numeric string is greater than zero in PHP 8 evaluates to `true`, not `false`.
For `wp_insert_term()`, this resulted in a "Parent term does not exist" error for a non-numeric string, instead of discarding the value.
By explicitly casting the value to `int`, we make sure to compare both values as numbers, rather than a string and a number.
Follow-up to [29196], [29830], [29867].
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49043
git-svn-id: http://core.svn.wordpress.org/trunk@48805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This revision includes a change to only call `libxml_disable_entity_loader()` in PHP < 8, in order for unit tests in the `import` group to pass on PHP 8.
This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is disabled by default, so this function is no longer needed to protect against XXE attacks.
Follow-up to [46542], [48789].
Props jrf.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49039
git-svn-id: http://core.svn.wordpress.org/trunk@48801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Replace the `Match` interface with `ParametersMatch`, to avoid parse errors due to `match` being a reserved keyword in PHP 8.
* Replace `ReflectionParameter::getClass()` usage, which is deprecated in PHP 8.
This allows tests relying on the `getMockForAbstractClass()` and `getMockBuilder()` methods to run again on PHP 8.
When the test suite is updated for compatibility with PHPUnit 9.x, these overrides can be removed.
Follow-up to [48972].
See #50913, #50902.
Built from https://develop.svn.wordpress.org/trunk@49037
git-svn-id: http://core.svn.wordpress.org/trunk@48799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These actions allow debugging tools to track `WP_Error` instances as they're created and subsequently passed between functions which check for error objects.
Props Shelob9, Mte90, TimothyBlynJacobs, johnbillion
Fixes#40568
Built from https://develop.svn.wordpress.org/trunk@49022
git-svn-id: http://core.svn.wordpress.org/trunk@48784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The explicit message brings some consistency with other image editor tests, specifically the ones using the `WP_Image_UnitTestCase` class.
Previously, the tests were marked as "risky" in that scenario, due to performing no assertions.
See #50639, #50640.
Built from https://develop.svn.wordpress.org/trunk@49009
git-svn-id: http://core.svn.wordpress.org/trunk@48771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The tests ensure that `rest_sanitize_value_from_schema()` and `rest_validate_value_from_schema()` throw an "undefined offset" notice when the required `type` schema keyword is not passed.
In PHP 8, that notice is now a warning, so the tests need to be adjusted accordingly.
Follow-up to [48300], [48993].
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49007
git-svn-id: http://core.svn.wordpress.org/trunk@48769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Transitioning posts from `auto-draft` to `publish` via `wp_publish_post()` could result in published posts without the default category or custom taxonomy default terms.
Props frank-klein, TimothyBlynJacobs, peterwilsoncc.
Fixes#51292.
Built from https://develop.svn.wordpress.org/trunk@49000
git-svn-id: http://core.svn.wordpress.org/trunk@48762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the test had to use an older pattern for catching the generic `Exception` exceptions for compatibility with PHPUnit 3.6 on PHP 5.2.
Now that WordPress supports PHPUnit 5.4 as the minimum version, the `expectException()` method can be used directly.
Follow-up to [41725], [41730].
See #51344.
Built from https://develop.svn.wordpress.org/trunk@48999
git-svn-id: http://core.svn.wordpress.org/trunk@48761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test ensures that `WP_Locale::get_weekday()` throws an "undefined offset" notice when called with an incorrect `$weekday_number` parameter.
In PHP 8, that notice is now a warning, so the test needs to be adjusted accordingly.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@48993
git-svn-id: http://core.svn.wordpress.org/trunk@48755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids the performance overhead of calling `WP_Comment_Query::get_comments()` twice: first when creating the object instance, then to retrieve the filtered results.
This also makes the filter a bit more consistent with other similar filters, e.g. `posts_pre_query`, `terms_pre_query`, or `users_pre_query`.
Follow-up to [46086].
Props dinhtungdu, imath, spacedmonkey, adamsilverstein, SergeyBiryukov.
Fixes#50521.
Built from https://develop.svn.wordpress.org/trunk@48990
git-svn-id: http://core.svn.wordpress.org/trunk@48752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These tests ensure that a `_doing_it_wrong()` notice is thrown when `wpdb::prepare()` is called incorrectly, but also that the function will still handle the provided input as correctly as possible.
Disabling these tests on PHP 8 hides a problem, i.e. the function will no longer throw a notice and handle things correctly, it will now cause a white screen of death due to a fatal error.
That is a backward compatibility break, and `wpdb::prepare()` should be updated instead to maintain the original behaviour on PHP 8.
Props jrf, ayeshrajans.
See #50913, #50639.
Built from https://develop.svn.wordpress.org/trunk@48979
git-svn-id: http://core.svn.wordpress.org/trunk@48741 1a063a9b-81f0-0310-95a4-ce76da25c4cd