The URL to create a new menu from the the Navigation Menu widget can be a `javascript:` link to the Customizer Menus panel, so `esc_attr()` is used here instead of `esc_url()`.
Follow-up to [53092].
Props hztyfoon.
Fixes#56128.
Built from https://develop.svn.wordpress.org/trunk@53630
git-svn-id: http://core.svn.wordpress.org/trunk@53189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes:
* Removing the deprecated `screen_icon()` function call.
* Replacing the deprecated `get_current_theme()` function call with `get_option( 'current_theme' )`.
* Using `wp_get_theme()->display( 'Name' )` explicitly instead of relying on `WP_Theme`'s `__toString()` method, for clarity.
Follow-up to [6334], [20039], [20040], [20042], [20508], [26537], [41274].
Props Presskopp, cu121, viralsampat, costdev, tomjdv, sabernhardt, SergeyBiryukov.
Fixes#54833.
Built from https://develop.svn.wordpress.org/trunk@53626
git-svn-id: http://core.svn.wordpress.org/trunk@53185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a check for the main query in `_resolve_template_for_new_post()` to fix a 404 response when resolving template for new posts or pages caused by the wrong query being modified.
Original PR from Gutenberg repository:
* [https://github.com/WordPress/gutenberg/pull/40799#40799: Ensure only the main query is modified when resolving template for new posts]
Follow-up to [52316].
Props petitphp, zieladam, poena, ndiego, gziolo, kebbet, Mamaduka, manfcarlo.
See #56058.
Built from https://develop.svn.wordpress.org/trunk@53593
git-svn-id: http://core.svn.wordpress.org/trunk@53181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `workflow_run` event was added to restore Slack notifications for older branches (5.8 and older) without having to backport any changes while alternate approaches were explored.
The workflow has been tested and refined as a reusable one in `trunk`, and this approach is superior to the `workflow_run` event in several ways.
Primarily, the `workflow_run` event results in a separate workflow run being created for sending Slack notifications after the completion of each workflow triggered by `push`. When called as a reusable workflow, this does not happen and the additional jobs are instead added to the initial workflow. This makes which jobs are sending notifications for the current workflow more clear, and reduces the amount of noise (less workflow runs overall).
The `workflow_run` event also makes some data available in different ways than `push` events. By removing it, much of the logic within the workflow can be simplified.
See #56095.
Built from https://develop.svn.wordpress.org/trunk@53591
git-svn-id: http://core.svn.wordpress.org/trunk@53179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adjusts the newly added options in the settings endpoint to use the `integer` type instead of `number`. Since these are page IDs and are not supposed to be floats, `integer` is the correct type.
Follow-up to [53588].
See #56058.
Built from https://develop.svn.wordpress.org/trunk@53589
git-svn-id: http://core.svn.wordpress.org/trunk@53177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fills the existing help tab with more detailed information about available row actions in the Media Library, when using the List view.
Props kebbet, audrasjb, costdev, SergeyBiryukov, mukesh27.
Fixes#55800.
Built from https://develop.svn.wordpress.org/trunk@53586
git-svn-id: http://core.svn.wordpress.org/trunk@53174 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes:
* Wrapping long single-line comments to multi-line for better readability.
* Formatting code blocks to display correctly on the Code Reference.
* Other minor edits for consistency.
This applies to:
* `wpdb::$allow_unsafe_unquoted_parameters`
* `wpdb::escape_identifier()`
* `wpdb::_escape_identifier_value()`
* `wpdb::prepare()`
* `wpdb::has_cap()`
Follow-up to [53575].
See #52506, #55646.
Built from https://develop.svn.wordpress.org/trunk@53584
git-svn-id: http://core.svn.wordpress.org/trunk@53172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following GitHub Actions to the latest versions:
- `actions/checkout`
- `actions/cache`
- `actions/github-script`
- `actions/setup-node`
- `codecov/codecov-action`
- `shivammathur/setup-php`
- `slackapi/slack-github-action`
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53581
git-svn-id: http://core.svn.wordpress.org/trunk@53170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following `devDependencies` to newer versions:
- `dotenv` from `16.0.0` to `16.0.1`.
- `grunt` from `1.5.2` to `1.5.3`.
- `grunt-contrib-qunit` from `6.0.0` to `6.2.0`.
- `grunt-contrib-uglify` from `5.2.1` to `5.2.2`.
- `qunit` from `2.18.2` to `2.19.1`.
- `sass` from `1.51.0` to `1.53.0`.
- `sinon` from `13.0.2` to `14.0.0`.
- `uglify-js` from `3.15.4` to `3.16.1`.
Additionally, `npm audit fix` has been run to update dependencies with vulnerabilities.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53580
git-svn-id: http://core.svn.wordpress.org/trunk@53169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a `Constant WPINC already defined in src/wp-settings.php on line 16` PHP warning, which happens when running a WordPress install out of the `src` directory after `npm run build:dev`.
Add a comment to clarify the check for built assets and the direct mention of `wp-includes`.
Follow-up to [53518].
Props aristath.
See #54233.
Built from https://develop.svn.wordpress.org/trunk@53579
git-svn-id: http://core.svn.wordpress.org/trunk@53168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The [https://make.wordpress.org/core/2021/02/19/feature-plugin-rollback-update-failure/ Rollback Update Failure feature project] creates a temporary backup of plugins and themes before updating. This aims to make the update process more reliable and ensure that if a plugin or theme update fails, the previous version can be safely restored.
If the [https://wordpress.org/plugins/rollback-update-failure/ Rollback Update Failure plugin] is installed, `WP_Upgrader::install_package()` will use the `move_dir()` function from there for better performance. Instead of copying a directory from one location to another, it uses the `rename()` PHP function to speed up the process, which is instrumental in creating a temporary backup without a delay. If the renaming failed, it falls back to `copy_dir()` WP function.
This conditional aims to facilitate broader testing of the feature. It is temporary, until the plugin is merged into core.
Props afragen, pbiron, costdev, davidbaumwald, audrasjb, jrf, SergeyBiryukov.
Fixes#56057. See #51857, #54166.
Built from https://develop.svn.wordpress.org/trunk@53578
git-svn-id: http://core.svn.wordpress.org/trunk@53167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to improve performance of the tests by reducing the number of function calls.
Since `$wpdb::placeholder_escape()` saves the result in a static variable on the first run, there is no need for repeated function calls during the same request or test run, as the result would still be the same.
Follow-up to [42056].
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53577
git-svn-id: http://core.svn.wordpress.org/trunk@53166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For accessibility, input fields should identify their "purpose". The HTML5 attribute `autocomplete` allows for various user data to be quickly autofilled while adding context for some assistive technologies.
This commit adds the appropriate autofill purposes for an author's name, email, and website URL in the comment form template.
Props juliemoynat, bhrugesh96, sabernhardt.
Fixes#55779.
Built from https://develop.svn.wordpress.org/trunk@53576
git-svn-id: http://core.svn.wordpress.org/trunk@53165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress does not currently provide an explicit method for escaping SQL table and column names. This leads to potential security vulnerabilities, and makes reviewing code for security unnecessarily difficult. Also, static analysis tools also flag the queries as having unescaped SQL input.
Tables and column names in queries are usually in-the-raw, since using the existing `%s` will straight quote the value, making the query invalid.
This change introduces a new `%i` placeholder in `$wpdb->prepare` to properly quote table and column names using backticks.
Props tellyworth, iandunn, craigfrancis, peterwilsoncc, johnbillion, apokalyptik.
Fixes#52506.
Built from https://develop.svn.wordpress.org/trunk@53575
git-svn-id: http://core.svn.wordpress.org/trunk@53164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
One of these was previously renamed to mention `update_metadata_by_mid()`.
While `update_metadata_by_mid()` is indeed called in `wp_ajax_add_meta()` to update an existing meta value, the functionality change that the test intended to verify was in the latter function.
Follow-up to [44153], [53561].
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53572
git-svn-id: http://core.svn.wordpress.org/trunk@53161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[https://github.com/WordPress/gutenberg/issues/38719 In 5.9 these utility classnames were removed], which removed the ability for theme/plugin authors to assign their own custom CSS related to specific layout selections. This was mostly related to the Button block.
This commit adds these classes dynamically based on attributes, rather than saving them to the serialized content.
Original PR from Gutenberg repository:
* [https://github.com/WordPress/gutenberg/pull/41487#41487 Add utility classnames back to blocks that have layout attributes specified]
Props glendaviesnz, peterwilsoncc, andrewserong, zieladam, matveb, samikeijonen.
See #56058.
Built from https://develop.svn.wordpress.org/trunk@53568
git-svn-id: http://core.svn.wordpress.org/trunk@53157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`use_block_editor_for_post_type` and `use_block_editor_for_post` can be very useful in more contexts than wp-admin, especially when a site is in transition. For example, you may want to do things on init that are different.
Neither function depends on other functions that are available only in wp-admin (other than use_block_editor_for_post() relying on use_block_editor_for_post_type() and an admin-referrer check that's historically gated by a query variable and now also gated by is_admin), therefore moving them to wp-includes seems both feasible and beneficial
Props ethitter, jorbin.
Fixes#51819.
Built from https://develop.svn.wordpress.org/trunk@53559
git-svn-id: http://core.svn.wordpress.org/trunk@53148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
In this particular case, the test class contains a `set_up()` method that sets a group of properties, which are ''used'' by the tests, but never ''changed'' by the tests.
In other words, setting these properties in the `set_up()` is an unnecessary overhead and the properties should be changed to class constants.
Notes:
* As the `$img_html` property, which was previously being set, is not actually used in any of the tests, that property has not been converted to a constant.
* The values which were previously being set using a heredoc, now use a nowdoc (supported since PHP 5.3), as they don't contain any interpolation.
* The use of constant scalar expressions (`IMG_URL`) and constant arrays (`IMG_META`) in class constants is supported since PHP 5.6.
Follow-up to [711/tests], [1260/tests], [34855], [41724], [53557].
Props jrf.
See #56033.
Built from https://develop.svn.wordpress.org/trunk@53558
git-svn-id: http://core.svn.wordpress.org/trunk@53147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
In this particular case, the test classes contain a `set_up()` method that sets a group of properties, which are ''used'' by the tests, but the values of these properties are never ''changed'' by the tests.
In other words, setting these properties in the `set_up()` is an unnecessary overhead and the properties should be changed to class constants.
Follow-up to [1041/tests], [1071/tests].
Props jrf.
See #56033.
Built from https://develop.svn.wordpress.org/trunk@53557
git-svn-id: http://core.svn.wordpress.org/trunk@53146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Give the test method a most descriptive name.
* Use a single assertion for the URL list instead of a `foreach` loop to provide more context in case of failure.
* Add a failure message to each assertion, as there are multiple assertions used in the test.
Follow-up to [53548].
See #55633.
Built from https://develop.svn.wordpress.org/trunk@53556
git-svn-id: http://core.svn.wordpress.org/trunk@53145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`true` is now passed to the `fail_ci_if_error` input when the `codecov/codecov-action` action is used.
When uploading a code coverage report is unsuccessful, the action will now fail and return an error. This will help avoid situations like #56022 where the report was suddenly failing to upload even though the workflow itself appeared to be successful.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53554
git-svn-id: http://core.svn.wordpress.org/trunk@53143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds the `pull_request` event to the Code Coverage Report workflow, allowing changes to be verified in a pull request before being committed.
The `branches` and `paths` filters are used to limit when the workflow runs to pull requests with:
- A base branch of `trunk`.
- Changing specific files that can potentially affect the way a coverage report is generated.
Reports generated on `pull_request` events are for testing purposes only and are not submitted to Codecov.
The `docker-compose.yml` file has also been added to the `paths` filter for both `push` and `pull_request` events. Changes to this file could potentially affect the environment used to generate the report (such as the ones in [53552]).
Props afragen, johnbillion, desrosj.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@53553
git-svn-id: http://core.svn.wordpress.org/trunk@53142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
One change in the update from Xdebug version 2.x to 3.x was a shift from enabling features to switching into modes.
When the version of Xdebug installed in the PHP 7.4 Docker container was updated from 2.x to 3.x, the code coverage reporting workflow stopped generating reports due to a lack of available coverage drivers.
This change adds the `XDEBUG_MODE` environment variable to the local Docker environment configuration to allow the active modes to be changed. This environment variable takes precedence over the `xdebug.mode` setting, but will not change the value of the `xdebug.mode` setting.
The `LOCAL_PHP_XDEBUG_MODE` environment variable has been added to the `.env` file and can be used to change the modes enabled in the Docker container. The code coverage reporting workflow uses this variable to enable the `coverage` mode, which is required for generating a test coverage report.
By default, `debug` and `debug modes are active, which enables the more commonly used features of Xdebug: development helpers and step debugging.
Props afragen, johnbillion, desrosj.
Fixes#56022.
Built from https://develop.svn.wordpress.org/trunk@53552
git-svn-id: http://core.svn.wordpress.org/trunk@53141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Cache result of database queries in `_find_post_by_old_slug` and `_find_post_by_old_date` functions. This means that repeated requests to a url where the page is not found, will result in hitting a cache for sites running persistent object caching.
Props Spacedmonkey, dd32, mukesh27, pbearne, flixos90.
Fixes#36723.
Built from https://develop.svn.wordpress.org/trunk@53549
git-svn-id: http://core.svn.wordpress.org/trunk@53138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes:
* Documenting the returned array using hash notation.
* Adding a `@since` note for the `$filesize` value being included in the returned array.
This affects:
* `wp_generate_attachment_metadata()`
* `wp_get_attachment_metadata()`
* `WP_Image_Editor::save()`
* `WP_Image_Editor_GD::save()` and `::_save()`
* `WP_Image_Editor_Imagick::save()` and `::_save()`
Follow-up to [22094], [22619], [52837], [53546].
See #55646.
Built from https://develop.svn.wordpress.org/trunk@53547
git-svn-id: http://core.svn.wordpress.org/trunk@53136 1a063a9b-81f0-0310-95a4-ce76da25c4cd