Scalar values passed to `esc_attr()` are already converted internally to a string via both `wp_check_invalid_utf8()` and `_wp_specialchars()`.
Includes adding `@covers` tags for unit tests.
Follow-up to [58379].
See #58379.
Built from https://develop.svn.wordpress.org/trunk@58389
git-svn-id: http://core.svn.wordpress.org/trunk@57838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These attributes are needed to indicate that both fields are required. This changeset doesn't add the attribute by default but allows extenders to enable it by passing `true` to the `$required_username` and `$required_password` to `wp_login_form()` arguments array.
Props alesflex, sabernhardt, joedolson, rcreators, rajinsharwar.
Fixes#60062.
Built from https://develop.svn.wordpress.org/trunk@58382
git-svn-id: http://core.svn.wordpress.org/trunk@57831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Lowers the priority at which `wp_filter_default_autoload_value_via_option_size()` is registered to run on the `wp_default_autoload_value()` filter. The default filter now runs at priority 5.
This is to allow third party developers to modify whether an option is autoloaded using the default priority, 10, rather than require they register their code to run at a higher priority.
Follow up to [57920].
Props peterwilsoncc, joemcgill.
Fixes#42441.
Built from https://develop.svn.wordpress.org/trunk@58381
git-svn-id: http://core.svn.wordpress.org/trunk@57830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Escapes the return value of `wp_autoload_values_to_autoload()` for use in the database query loading 'all options'. This is a hardening fix to protect against future changes to the options API which may allow developers to further customize the return value of the `wp_autoload_values_to_autoload` filter.
Follow up to [57920].
Props peterwilsoncc, joemcgill.
Fixes#42441.
Built from https://develop.svn.wordpress.org/trunk@58380
git-svn-id: http://core.svn.wordpress.org/trunk@57829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent `WP_List_Table::search_box()` from throwing an array to string conversion notice when post list tables are loaded with an array of orderby parameters in the URL, eg: `/wp-admin/edit.php?post_type=page&orderby[menu_order]=ASC&orderby[title]=ASC`.
Follow up to [29027].
Props leonidasmilossis, rajinsharwar, swissspidy, NomNom99, pls78, SergeyBiryukov.
Fixes#59494.
See #17065.
Built from https://develop.svn.wordpress.org/trunk@58379
git-svn-id: http://core.svn.wordpress.org/trunk@57828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates tests calling `get_stylesheet` to not output layout styles if they’re not relevant to the test or to call `get_styles_for_block` instead where more appropriate.
Props isabel_brison, andrewserong, ramonopoly.
Fixes#61371.
Built from https://develop.svn.wordpress.org/trunk@58378
git-svn-id: http://core.svn.wordpress.org/trunk@57827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add the label `template_name` to post types and taxonomies for use by the site editor to display on the templates/add new template screens to allow extenders to customize the display.
For post types the template name applies to templates for a singular pages with the default value "Single item: [singular name]".
For taxonomies the template name applies to templates for term archives with the default value "[singular name] Archives".
Props aljullu, audrasjb, ntsekouras, ellatrix, oglekler, rajinsharwar.
Fixes#60881.
Built from https://develop.svn.wordpress.org/trunk@58377
git-svn-id: http://core.svn.wordpress.org/trunk@57826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the "Bulk select" option was getting selected when only a single user, comment, media, or plugin was selected.
Follow-up to [57745].
Props haritpanchal, swissspidy, sabernhardt, faisal03, sumitbagthariya16, mohitdadhich10.
Fixes#61168.
Built from https://develop.svn.wordpress.org/trunk@58375
git-svn-id: http://core.svn.wordpress.org/trunk@57824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a filter to enable TinyMCE in the media description textarea on the attachment details screen.
The media description field may be used to provide extended descriptions of images and videos, such as a transcript or detailed graphic explanations. In these uses, it will generally require structural elements like paragraphs. Having the ability to enable TinyMCE makes it easier for users to add this content without HTML knowledge.
Props juliemoynat, sebastienserre, mukesh27, joedolson.
Fixes#60158.
Built from https://develop.svn.wordpress.org/trunk@58372
git-svn-id: http://core.svn.wordpress.org/trunk@57821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The search block border was missing inside the wrapper on the front. This was done by adding styles to the theme block styles file along with padding.
Props nidhidhandhukiya, sabernhardt, yurajsinh2211, kamran8176, imranhasanraaz, krupajnanda, harshgajipara, rejaulalomkhan, shailu25, hmbashar, rajinsharwar.
Fixes#60164.
Built from https://develop.svn.wordpress.org/trunk@58369
git-svn-id: http://core.svn.wordpress.org/trunk@57818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The latest comments block space between comments not increases based on typography size. This only impacts the margin if added within a post, widgets on the front-end still only have a 1em margin which is smaller yet variable.
Props pitamdey, sabernhardt, shailu25, harshgajipara, rajinsharwar.
Fixes#59130.
Built from https://develop.svn.wordpress.org/trunk@58367
git-svn-id: http://core.svn.wordpress.org/trunk@57816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the `WP_HTML_Processor` was introduced with its `::create_fragment()`
static creator method, that method has been returning a `new self(...)`.
Unfortunately, this means that subclasses cannot use that method since it
will return the `WP_HTML_Processor` instead of the subclass.
With this patch, the static creator method returns `new static(...)` to preserve
the intended behavior. A new test asserts this behavior for future changes.
Developed in https://github.com/WordPress/wordpress-develop/pull/6729
Discussed in https://core.trac.wordpress.org/ticket/61374
Props dmsnell, jonsurrell.
Follow-up to [56274].
Fixes#61374.
Built from https://develop.svn.wordpress.org/trunk@58363
git-svn-id: http://core.svn.wordpress.org/trunk@57812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The oEmbed endpoint for SlideShare is effectively deprecated and throws an error for the majority of slide-decks using the service.
Capitalize the name of the service in the deprecation notice in accordance with the wordmark.
Props peterwilsoncc, mukesh27, swissspidy, talldanwp, dd32.
Fixes#61349.
Built from https://develop.svn.wordpress.org/trunk@58362
git-svn-id: http://core.svn.wordpress.org/trunk@57811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Stores the font file sub-directory in the `wp_font_face` post meta. Similar to attachments, only the portion of the path relative to the base directory is stored.
This ensures the files can be deleted alongside their post on sites using a plugin to store font files in sub-directories. Previously running such a plugin would result in the files remaining on the file system post delete.
Props costdev, grantmkin, peterwilsoncc.
Fixes#61297.
Built from https://develop.svn.wordpress.org/trunk@58353
git-svn-id: http://core.svn.wordpress.org/trunk@57805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix issue where the image details would shift position during AJAX updates in the media modal. Occurred when the Attachment Details heading was translated into a language where the text no longer alowed space for the 'Saved' message to the right of the message.
Props pavelevap, SergeyBiryukov, antpb, joedolson, shailu25.
Fixes#27914.
Built from https://develop.svn.wordpress.org/trunk@58352
git-svn-id: http://core.svn.wordpress.org/trunk@57804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents workflow runs in older branches that are using older versions of runner images from displaying the wrong operating system in job names.
Because the updated files are reusable, this change will automatically fix the issue in all older branches without the need to backport.
See #61213.
Built from https://develop.svn.wordpress.org/trunk@58351
git-svn-id: http://core.svn.wordpress.org/trunk@57803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces a new input to separate the ability to save the built WordPress ZIP from generating the artifacts necessary for comments with Playground testing details.
The ZIP file is used by the performance testing workflow for performing comparisons, so it should be built and saved for every `push` event. The Playground related steps should only run on `pull_request`.
Follow up to [58274].
Props jorbin.
See #59416.
Built from https://develop.svn.wordpress.org/trunk@58345
git-svn-id: http://core.svn.wordpress.org/trunk@57801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds additional hardening to the Autoload options Health Check to avoid potential bugs when extenders return unserialzed values from `wp_load_alloptions()`.
Follow-up to [58332].
Props mukesh27, joemcgill, westonruter.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58338
git-svn-id: http://core.svn.wordpress.org/trunk@57794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$comment_id` parameter of the `get_comment_author` filter is documented as a numeric string, however in case a non-existing comment ID is passed to the `get_comment_author()` function, it could be an integer instead.
This commit resolves the issue and adds a PHPUnit test demonstrating the behavior.
Includes updating `get_comment_author_url()` unit tests for consistency.
Follow-up to [41127], [52818].
Props david.binda.
Fixes#60475.
Built from https://develop.svn.wordpress.org/trunk@58335
git-svn-id: http://core.svn.wordpress.org/trunk@57791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This caches the generated CSS from block nodes in merged Theme JSON data to avoid repeated costly operations required to compute style properties for blocks. The generated CSS is saved to a transient that expires every hour.
Props thekt12, spacedmonkey, pereirinha, mukesh27, isabel_brison, oandregal, andrewserong, ramonjd.
Fixes#59595.
Built from https://develop.svn.wordpress.org/trunk@58334
git-svn-id: http://core.svn.wordpress.org/trunk@57790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the `user_activation_key` is flushed after successful login, so reset password links can not be used anymore after the user successfully log into their dashboard.
Props nsinelnikov, rajinsharwar, Rahmohn, oglekler, hellofromTonya.
Fixes#58901.
See #32429
Built from https://develop.svn.wordpress.org/trunk@58333
git-svn-id: http://core.svn.wordpress.org/trunk@57789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new Site Health check that will alert site owners if they are autoloading a large amount of data from the options table, as it could result in poor performance. The issue will be shown if the size of autoloaded options is greater than 800 KB, which can be adjusted using the new `site_status_autoloaded_options_size_limit` filter.
Props mukesh27, joemcgill, rajinsharwar, costdev, audrasjb, krupajnanda, pooja1210, Ankit K Gupta, johnbillion, oglekler.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58332
git-svn-id: http://core.svn.wordpress.org/trunk@57788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows a calling workflow to configure the PHPUnit workflow to `continue-on-error` when one occurs. This is useful for older branches where support for a specific version of PHP was not at 100% within the test suite.
Follow up to [58165], [58269], [58270], [58329].
See #61213.
Built from https://develop.svn.wordpress.org/trunk@58331
git-svn-id: http://core.svn.wordpress.org/trunk@57787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Interactivity API has a concept of "derived state" but it only worked on the client (JavaScript). This is the implementation that mirrors it, so derived state has good server-side solution.
Props jonsurrell, darerodz, gziolo, luisherranz, cbravobernal.
Fixes#61037.
Built from https://develop.svn.wordpress.org/trunk@58327
git-svn-id: http://core.svn.wordpress.org/trunk@57784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset deactivates the download authenticity message by disabling package signature verification, at least until software signing is fully implemented on wordpress.org. The provided message had no actionability and only led to more support.
Props jipmoors, afercia, bridgetwillard, s0what, rajinsharwar, audrasjb, johnbillion, peterwilsoncc.
Fixes#47315.
Built from https://develop.svn.wordpress.org/trunk@58319
git-svn-id: http://core.svn.wordpress.org/trunk@57776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[58139] introduced debugging flags to ensure debugging output would only be shown when both the `WP_DEBUG` and `WP_DEBUG_LOG` constants are defined as true. However, some of the flags incorrectly use `WP_DEBUG_DISPLAY` rather than `WP_DEBUG_LOG`.
This fixes the flags to consistently use `WP_DEBUG` and `WP_DEBUG_LOG` as intended.
Follow-up to [58128], [58139].
Props rogermedia, afragen, swissspidy, costdev.
Fixes#58281.
Built from https://develop.svn.wordpress.org/trunk@58309
git-svn-id: http://core.svn.wordpress.org/trunk@57766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Rollback Auto-Update feature introduced additional maintenance mode toggling.
After installing WordPress in a non-English (US) language, translation updates are performed automatically. As there may be a large number of updates for Core and bundled themes, users will be presented with a maintenance notice upon visiting the newly installed website.
To avoid concerning users that the website has failed to install correctly, this excludes translation updates from triggering the additional maintenance mode toggling.
Follow-up to [58128].
Props benniledl, afragen, rajinsharwar, costdev.
Fixes#61260. See #58281.
Built from https://develop.svn.wordpress.org/trunk@58308
git-svn-id: http://core.svn.wordpress.org/trunk@57765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the edit menu item toggle to communicate more context about the item to be edited. Make edit text consistent between Customizer menu editor and admin menu editor.
The menu position is conveyed only visually, using indentation, because there are no organizational semantics in either editor. This change helps provide screen reader users with consistent contextual information about the order, position, and parent of the current item.
Props joedolson, rcreators, afercia, mohonchandra.
Fixes#60673, See #60672.
Built from https://develop.svn.wordpress.org/trunk@58306
git-svn-id: http://core.svn.wordpress.org/trunk@57763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where the GD image library falsely reports supporting the AVIF format, when support is actually missing. Add an additional function check to ensure AVIF support is really available.
Props niktat, adamsilverstein.
Fixes#60910
Built from https://develop.svn.wordpress.org/trunk@58305
git-svn-id: http://core.svn.wordpress.org/trunk@57762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
HTML is a kind of short-hand for a DOM structure. This means that there are
many cases in HTML where an element's opening tag or closing tag is missing (or
both). This is because many of the parsing rules imply creating elements in the
DOM which may not exist in the text of the HTML.
The HTML Processor, being the higher-level counterpart to the Tag Processor, is
already aware of these nodes, but since it's inception has not paused on them
when scanning through a document. Instead, these are visible when pausing on a
child of such an element, but otherwise not seen.
In this patch the HTML Processor starts exposing those implicitly-created nodes,
including opening tags, and closing tags, that aren't foudn in the text content
of the HTML input document.
Previously, the sequence of matched tokens when scanning with
`WP_HTML_Processor::next_token()` would depend on how the HTML document was written,
but with this patch, all semantically equal HTML documents will parse and scan in
the same exact manner, presenting an idealized or "perfect" view of the document
the same way as would occur when traversing a DOM in a browser.
Developed in https://github.com/WordPress/wordpress-develop/pull/6348
Discussed in https://core.trac.wordpress.org/ticket/61348
Props audrasjb, dmsnell, gziolo, jonsurrell.
Fixes#61348.
Built from https://develop.svn.wordpress.org/trunk@58304
git-svn-id: http://core.svn.wordpress.org/trunk@57761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Just like Site Health lists the paths to the plugins/themes/uploads directories, this changeset adds the path to the fonts directory (and its size).
Props swissspidy, andr3ribeiro, krupajnanda, ironprogrammer, iamfarhan09, naeemhaque, imasikur22, tofajjal02, sarkarripon, prottoysarkar, zunaid321, imranhasanraaz, rajinsharwar, nazmul111, audrasjb, peterwilsoncc.
Fixes#60719.
Built from https://develop.svn.wordpress.org/trunk@58299
git-svn-id: http://core.svn.wordpress.org/trunk@57759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset modifies the block bindings HTML replacement logic to use a hardcoded list of selectors based on the block and a regex to substitute the inner content. The previous logic was too complex because the HTML API does not support CSS selectors yet and it does not have an official way to modify the inner HTML. This made it difficult to understand, iterate on it and add new functionalities.
As it will be solved in the future once the HTML API is ready, it is better for now to keep a simple hardcoded version that is easier to understand and iterate on.
Props santosguillamot, gziolo, petitphp.
Fixes#61351.
Built from https://develop.svn.wordpress.org/trunk@58298
git-svn-id: http://core.svn.wordpress.org/trunk@57758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset restores "Edit site" on the block editor link and replaces the multisite link with "Manage Site".
Follow-up to [58035].
Props annezazu, johnbillion, Joen, audrasjb, johnjamesjacoby, oglekler, nilovelez, tobifjellner, sabernhardt, pavanpatil1, hitendra-chopda.
Fixes#60977.
Built from https://develop.svn.wordpress.org/trunk@58296
git-svn-id: http://core.svn.wordpress.org/trunk@57756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures cached Theme JSON data is cleared between all test classes that extend `WP_Theme_UnitTestCase` and fixes a few tests that would fail in isolation, even though they full test suite would pass.
Props isabel_brison, thekt12, joemcgill.
Fixes#61337.
Built from https://develop.svn.wordpress.org/trunk@58295
git-svn-id: http://core.svn.wordpress.org/trunk@57755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Expand allowable set of custom data attribute names to include those containing
leading, trailing, and double `-` characters. Previously, WordPress was
removing data attributes that are used in the Interactivity API. By allowing
these additional custom data attributes, the related Interactivity API
directives will preserve through `kses`.
For example, the Interactivity API frequently relies on custom data attributes
such as `data-wp-on--click="..."`. The change in [43981] would strip these out
of the processed HTML, however.
Developed in https://github.com/WordPress/wordpress-develop/pull/6598
Discussed in https://core.trac.wordpress.org/ticket/61052
Props cbravobernal, dmsnell, gziolo, jonsurrell.
Follow-up to [43981].
Fixes#61052.
Built from https://develop.svn.wordpress.org/trunk@58294
git-svn-id: http://core.svn.wordpress.org/trunk@57754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In a similar vein as [58291], this changeset introduces a new `insert_hooked_blocks_into_rest_response` function and hooks it to the `rest_prepare_wp_navigation` filter.
This is part of an ongoing effort to move Block Hooks related code out of the Navigation block. Specifically, `insert_hooked_blocks_into_rest_response` is based on `block_core_navigation_insert_hooked_blocks_into_rest_response`. Eventually, it will be possible to deprecate the latter.
Follow-up to [58291].
See #60759.
Built from https://develop.svn.wordpress.org/trunk@58292
git-svn-id: http://core.svn.wordpress.org/trunk@57752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [57790], the Templates endpoint uses the `rest_pre_insert_*` filter to inject the `ignoredHookedBlocks` metadata attribute into anchor blocks, prior to persisting a template or template part to the database. The same principle was implemented for the Navigation endpoint (where additionally, first and last child blocks added at the top level are store in the `wp_navigation` post object's post meta). The required logic was added to the Navigation block's code, i.e. inside the Gutenberg code repository, and then synchronized to Core.
In order to harmonize the code between the two endpoints, this changeset introduces a new `update_ignored_hooked_blocks_postmeta` function, which is based on the Navigation block's `block_core_navigation_update_ignore_hooked_blocks_meta`, alongside a few helper functions, and hooks it to the `rest_pre_insert_wp_navigation` filter hook. (The Navigation block has been prepared in [58275] to add an additional conditional to check for the new `update_ignored_hooked_blocks_postmeta` filter so there won't be any collisions.)
Eventually, this will allow to deprecate `block_core_navigation_update_ignore_hooked_blocks_meta` (and some related functions), and remove the relevant code from the Navigation block. It also paves the way for some other future changes, such as inserting a hooked block as a Template Part block's first or last child (#60854).
Props tomjcafferkey, bernhard-reiter.
Fixes#60759.
Built from https://develop.svn.wordpress.org/trunk@58291
git-svn-id: http://core.svn.wordpress.org/trunk@57751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds handling for a `__default` block binding attribute for pattern overrides that dynamically adds support for all supported block binding attributes.
Props talldanwp, petitphp, mukesh27, isabel_brison, kevin940726.
Fixes#61333.
Built from https://develop.svn.wordpress.org/trunk@58289
git-svn-id: http://core.svn.wordpress.org/trunk@57749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In #50824 support was added for a package to include a disable_autoupdate flag to indicate that the plugin/theme should not be auto-updated even if a user had opted-in via the WP-Admin UI. However, the logic implementing the flag was inverted.
This commit repairs the logic. If a package has disable_autoupdate set, then it should not be auto-updated.
Props amisiewicz.
Fixes#52796.
Built from https://develop.svn.wordpress.org/trunk@58285
git-svn-id: http://core.svn.wordpress.org/trunk@57745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Provides a custom decoder for strings coming from HTML attributes and
markup. This custom decoder is necessary because of deficiencies in
PHP's `html_entity_decode()` function:
- It isn't aware of 720 of the possible named character references in
HTML, leaving many out that should be translated.
- It isn't aware of the ambiguous ampersand rule, which allows
conversion of character references in certain contexts when they
are missing their closing `;`.
- It doesn't draw a distinction for the ambiguous ampersand rule
when decoding attribute values instead of markup values.
- Use of `html_entity_decode()` requires manually passing non-default
paramter values to ensure it decodes properly.
This decoder also provides some conveniences, such as making a
single-pass and interruptable decode operation possible. This will
provide a number of opportunities to optimize detection and decoding
of things like value prefixes, and whether a value contains a given
substring.
Developed in https://github.com/WordPress/wordpress-develop/pull/6387
Discussed in https://core.trac.wordpress.org/ticket/61072
Props dmsnell, gziolo, jonsurrell, jorbin, westonruter, zieladam.
Fixes#61072.
Built from https://develop.svn.wordpress.org/trunk@58281
git-svn-id: http://core.svn.wordpress.org/trunk@57741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the profile edit screen in ``wp-admin, the username was previously displayed using an input field with the `disabled` attribute. This field was skipped by screen readers, which leads to a loss of information for visually impaired users. This changeset switches it to a `readonly` attribute, which is exactly the purpose of this field.
Props roytanck, audrasjb, rajinsharwar, joedolson.
Fixes#60774.
Built from https://develop.svn.wordpress.org/trunk@58280
git-svn-id: http://core.svn.wordpress.org/trunk@57740 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Site Editor Patterns page was exposed internally for the Classic theme as of WP6.5. As we aim to officially expose the new Patterns page as of WP6.6, this changeset makes the following changes available when a classic themes is activated:
- Link Appearance > Patterns submenu to the Site Editor Patterns page located at `wp-admin/site-editor.php?path=/patterns
- Remove Template Parts submenu
Props wildworks, audrasjb, ironprogrammer, azaozz, youknowriad.
Fixes#61109.
Built from https://develop.svn.wordpress.org/trunk@58278
git-svn-id: http://core.svn.wordpress.org/trunk@57738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The workflow responsible for testing the build process is currently responsible for creating a ZIP file of the WordPress build and storing it as an artifact. This can be used for manual testing, but is mainly used for spinning up a Playground instance.
Because of how comments with Playground testing instructions are left pull requests. the pull request number needs to be stored as a workflow artifact as well. This moves the logic responsible for this to the reusable workflow, which allows older branches to make use of Playground testing without additional maintenance burden.
See #59416.
Built from https://develop.svn.wordpress.org/trunk@58274
git-svn-id: http://core.svn.wordpress.org/trunk@57735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new input to the reusable performance testing workflow for accepting a PHP version. This allows the workflow to be reused in older branches when the PHP version currently tagged `latest` was not supported.
Props swissspidy, joemcgill.
See #60127, #61213.
Built from https://develop.svn.wordpress.org/trunk@58269
git-svn-id: http://core.svn.wordpress.org/trunk@57732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With a new direction in the 6.5.4 to restore the Activate button's href (see [58250]), the changesets committed for 6.5.3 (see #60992) are now dead code and will not render the admin notice on successful plugin activation.
This commit is a clean revert of r58081.
Follow-up to [58250].
Props swissspidy, azaozz, costdev, jorbin, hellofromTonya, afragen.
Fixes#61331.
See #60992, #61319.
Built from https://develop.svn.wordpress.org/trunk@58257
git-svn-id: http://core.svn.wordpress.org/trunk@57720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the panels for selecting menu items to add to a panel resizable using the CSS `resize` property. This minor change makes it easier to select items to add on desktop devices, and has nominal impact on other interfaces.
Props namith.jawahar, NekoJonez, jorbin, joen, joedolson.
Fixes#60763.
Built from https://develop.svn.wordpress.org/trunk@58256
git-svn-id: http://core.svn.wordpress.org/trunk@57719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Resolves a bug by first initializing in the AJAX callback `WP_Plugin_Dependencies::check_plugin_dependencies_during_ajax()`.
More details:
[57658] removed auto-deactivation and bootstrapping logic from the Plugin Dependencies feature. In doing so, initialization calls were added to various locations in Core to ensure dependencies were detected and ready to be checked. However, an initialization call was missed in the AJAX callback before checking plugin dependencies.
This means that a plugin's dependencies may not be detected, and lead to a false positive, which in turn allows the user to click Activate only to see a failure message.
Follow-up to [57658].
Props kevinwhoffman, costdev, afragen.
Fixes#61294.
Built from https://develop.svn.wordpress.org/trunk@58252
git-svn-id: http://core.svn.wordpress.org/trunk@57715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Restores the Activate button's `href` native behavior by changing the AJAX activation handler introduced in 6.5.0. It restores the pre-6.5 behavior of clicking the "Activate" button, i.e. navigates the user to the button's `href` (i.e. to the `plugins.php` UI).
Why?
Feedback was given after shipping [57545] in 6.5.0 (but was unknown during the development and testing cycles) revealed significant impacts for plugins who's users valued the onboarding / configuration experiences.
6.5.3's [58081] and [58083] added a new user action / step to the workflow. Though helpful, it did not fully resolve the impacts.
For the minor, this commit seeks to restore only the "Activate" button's `href` pre-6.5 native behavior to resolve the regression.
The next phase of the Add Plugins workflow can then continue in a major release to gain the benefits of a full major to move it from ideation through the development phases. (See #61040). The questions of redirect, how / should configuration be in the workflow, etc. can best be explored and experimented with in a major.
Follow-up to [57545], [58081], [58083].
Props costdev, jorbin, hellofromTonya, afragen, kevinwhoffman, azaozz, adrianduffell, beaulebens, hmbashar, illuminea, ironprogrammer, jjj, lopo, louiswol94, mikachan, nerrad, mukesh27, peterwilsoncc, pooja1210, smub, swissspidy.
Fixes#61319.
See #22316, #60992.
Built from https://develop.svn.wordpress.org/trunk@58250
git-svn-id: http://core.svn.wordpress.org/trunk@57713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Handle `$preferred_ext` arguments that are passed with minor errors in formatting, such as incorrect casing or missing `.`. Add unit tests to verify that an omitted period on an otherwise correct extension is accepted. Follow up to [57687].
Props sabernhardt, joedolson, khokansardar.
Fixes#60610.
Built from https://develop.svn.wordpress.org/trunk@58248
git-svn-id: http://core.svn.wordpress.org/trunk@57711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adjusts the block level global styles selectors so they have a consistent specificity of 0-1-0, and adjusts base and layout global style selectors to their minimum required specificity.
Props aaronrobertshaw, isabel_brison, andrewserong, mukesh27.
Fixes#61165.
Built from https://develop.svn.wordpress.org/trunk@58241
git-svn-id: http://core.svn.wordpress.org/trunk@57704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow translators to replace the W3C WAI decision tree link used to provide information about writing alt text. Improves accessibility for non-English speaking content authors.
Props tmatsuur, joedolson, oglekler, SergeyBiryukov, myhro, sabernhardt.
Fixes#60975.
Built from https://develop.svn.wordpress.org/trunk@58240
git-svn-id: http://core.svn.wordpress.org/trunk@57703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Integrates the directives processing into the WP_Block class. It removes the overhead of running additional hooks when rendering blocks and simplifies the way we detect whether the directive processing should run on an interactive region of the produced final HTML for the blocks.
Introduces `interactivity_process_directives` filter to offer a way to opt out from directives processing. It's needed in Gutenberg: https://github.com/WordPress/gutenberg/pull/62095.
Props gziolo, cbravobernal.
Fixes#61185.
Built from https://develop.svn.wordpress.org/trunk@58234
git-svn-id: http://core.svn.wordpress.org/trunk@57697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Tag Processor stores the byte-offsets into its HTML document where
the current token starts and ends, and also for every bookmark. In some
cases for tags, the end offset has been off by one.
In this patch the offset is fixed so that a bookmark always properly
refers to the full span of the token it's bookmarking. Also the current
token byte offsets are properly recorded.
While this is a defect in the Tag Processor, it hasn't been exposed
through the public interface and has not affected any of the working
of the processor. Only subclasses which rely on the length of a bookmark
have been potentially affected, and these are not supported environments
in the ongoing work.
This fix is important for future work and for ensuring that subclasses
performing custom behaviors remain as reliable as the public interface.
Developed in https://github.com/WordPress/wordpress-develop/pull/6625
Discussed in https://core.trac.wordpress.org/ticket/61301
Props dmsnell, gziolo, jonsurrell, westonruter.
Fixes#61301.
Built from https://develop.svn.wordpress.org/trunk@58233
git-svn-id: http://core.svn.wordpress.org/trunk@57696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In order to render the block template in the locked template preview inside the post editor we need to be able to fetch the contents of any block templates/template parts for any user role that can edit a post.
Props fabiankaegy, youknowriad.
Fixes#61137.
Built from https://develop.svn.wordpress.org/trunk@58227
git-svn-id: http://core.svn.wordpress.org/trunk@57690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updated the global styles endpoints in the REST API to extend from existing posts and revisions controllers. This reduces duplicated code and inconsistencies. The revisions controller is now a subclass of the `WP_REST_Revisions_Controller`. Related redundant methods were removed and schema generation and collection parameters were adjusted to suit the global styles context. Updated permission checks, constructor, and collection parameters accordingly. This change allows for easy override of these classes using the `register_post_type_args` filter.
This reintroduces [57624] (reverted in [57628]) with improved backward compatibility and further enhancements.
Props ramonopoly, spacedmonkey, mukesh27, swissspidy.
Fixes#60131.
Built from https://develop.svn.wordpress.org/trunk@58225
git-svn-id: http://core.svn.wordpress.org/trunk@57688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the priority of the search form & remove `float` so that the visual position of the form matches it's positioning in the DOM.
This sets the priority of the search form to an arbitrarily high value of `9999` to ensure it will generally be last in the DOM.
Props joedolson, sabernhardt, audrasjb.
Fixes#60685.
Built from https://develop.svn.wordpress.org/trunk@58215
git-svn-id: http://core.svn.wordpress.org/trunk@57678 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The logo block does not use theme mods, and instead saves a site-wide option `site_logo` to use as the site logo.
Add handling for cases where the logo image does not exist and delete the `site_logo` option when the attachment configured as site logo is deleted.
Props afercia, joedolson, khokansardar, SergeyBiryukov.
Fixes#60922.
Built from https://develop.svn.wordpress.org/trunk@58213
git-svn-id: http://core.svn.wordpress.org/trunk@57676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The caption for image block was misaligned. The issue appeared in 5.8 due to the block class name change making the selector meaningless. This is resolved by a change in the selectors.
Props nkeller15, sabernhardt, thakordarshil, anilvaza, shailu25, pavanpatil1, darshitrajyaguru97.
Fixes#58539.
Built from https://develop.svn.wordpress.org/trunk@58207
git-svn-id: http://core.svn.wordpress.org/trunk@57670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a layout doesn't use custom post types it was appearing broken. This adds a filter for the display of the featured image to resolve this.
Props justnorris, JPry, davidakennedy, SergeyBiryukov, zkarj, poena, nhrrob, lamarajan.
Fixes#39281.
Built from https://develop.svn.wordpress.org/trunk@58206
git-svn-id: http://core.svn.wordpress.org/trunk@57669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The latest comments author font weight was showing different between editor and front. This fixes that and also removes an extra ruleset.
Props pitamdey, sabernhardt, shailu25, naeemhaque, darshitrajyaguru97.
Fixes#61180.
Built from https://develop.svn.wordpress.org/trunk@58204
git-svn-id: http://core.svn.wordpress.org/trunk@57667 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The search box alignment was not in alignment. This brings in a resolution for that through the margin.
Props vinita29, SergeyBiryukov, poena, shailu25, makdiahussain, imranhasanraaz, darshitrajyaguru97, lamarajan.
Fixes#52551.
Built from https://develop.svn.wordpress.org/trunk@58202
git-svn-id: http://core.svn.wordpress.org/trunk@57665 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Not all post types support autosaving. By making autosave a post type feature, support can be more granularly handled without any workarounds or hardcoded allowlists. `wp_font_family` and `wp_font_face` are examples of built-in post types which do not support autosave.
For backward compatibility reasons, adding `editor` support implies `autosave` support, so one would need to explicitly use `remove_post_type_support()` to remove it again.
Props swissspidy, youknowriad, hellofromtonya, peterwilsoncc.
Fixes#41172.
Built from https://develop.svn.wordpress.org/trunk@58201
git-svn-id: http://core.svn.wordpress.org/trunk@57664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The font on buttons was displaying less than the font size when applied through the editor. This resets the relative measurement on wp-block-button__link when either its Buttons or Button block has a custom size.
Props nidhidhandhukiya, sabernhardt, SergeyBiryukov, manojmaharrshi, darshitrajyaguru97, shailu25.
Fixes#56443.
Built from https://develop.svn.wordpress.org/trunk@58199
git-svn-id: http://core.svn.wordpress.org/trunk@57662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The h1 for entry-title was not the same between the editor and front end. This fixes that in the by setting wp-block-post-title font sizes together with h2 and combines post-section-dash mixin for both h1 and h2.
Props sabernhardt, nkeller15, shailu25.
Fixes#58440.
Built from https://develop.svn.wordpress.org/trunk@58198
git-svn-id: http://core.svn.wordpress.org/trunk@57661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This patch adds a new method, `WP_HTML_Processor->expects_closer()` to indicate
if the currently-matched node expects to find a closing token. For example, a
`DIV` element expects a closing `</div>` tag, but an `<img>` expects none, because
it's a void element. Similarly, `#text` nodes and HTML comments only appear as
unitary nodes on the stack of open elements. Once proceeding further in the
document they are immediately removed without any closing tag.
This new method serves as a helper to indicate whether or not to expect the
closer, as this can be more complicated than it seems, and calling code
shouldn't have to build custom interpretations and implementations. Instead,
the HTML Processor ought to export its internal knowledge to make it easy for
consuming code and projects.
Developed in https://github.com/WordPress/wordpress-develop/pull/6600
Discussed in https://core.trac.wordpress.org/ticket/61257Fixes#61257.
Props dmsnell, jonsurrell.
Built from https://develop.svn.wordpress.org/trunk@58192
git-svn-id: http://core.svn.wordpress.org/trunk@57655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The HTML Processor maintains a stack of open elements, where every element,
every `#text` node, every HTML comment, and other node is pushed and popped while
traversing the document. The "depth" of each of these nodes represents how deep
that stack is where the node appears. Unfortunately this information isn't
exposed to calling code, which has led different projects to attempt to
calculate this value externally. This isn't always trivial, but the HTML
Processor could make it so by exposing the internal knowledge in a new method.
In this patch the `get_current_depth()` method returns just that. Since the
processor always exists within a context, the depth includes nesting from the
always-present html element and also the body, since currently the HTML
Processor only supports parsing in the IN BODY context.
This means that the depth reported for the `DIV` in `<div>` is 3, not 1, because
its breadcrumbs path is `HTML > BODY > DIV`.
Developed in https://github.com/WordPress/wordpress-develop/pull/6589
Discussed in https://core.trac.wordpress.org/ticket/61255Fixes#61255.
Props dmsnell, jonsurrell.
Built from https://develop.svn.wordpress.org/trunk@58191
git-svn-id: http://core.svn.wordpress.org/trunk@57654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Block Hooks UI relies on the `ignoredHookedBlocks` metadata when determining whether to show the toggle in the Site Editor. The problem is that for uncustomized templates we don't add this metadata.
Currently the visitor functions have a default callback of `insert_hooked_blocks` and we only add the metadata when we're writing to the database via an available filter in the template controller.
This changeset creates a new callback which both inserts the hooked blocks and adds the `ignoredHookedBlocks` metadata to the anchor block, and uses this new callback explicitly in the visitor functions that are run upon reading from the database.
We continue to set the `ignoredHookedBlocks` metadata when writing to the database, i.e. this operation happens twice. Although not ideal, this is necessary to cover the following scenarios:
* When the user adds an anchor block within the editor, we still need to add the `ignoredHookedBlocks` meta to it to prevent hooked blocks hooking on to it unexpectedly on the frontend. This is required to keep parity between the frontend and editor.
* When a user writes template data to the database directly through the API (instead of the editor), we need to again ensure we're not inserting hooked blocks unexpectedly.
It is worth noting that with this change, the first hooked block to insert relative to its anchor block will be accepted. Any additional blocks of the same type (e.g. a second `core/loginout` block) trying to hook onto the same anchor block will be ignored, irrespective of the position.
Props tomjcafferkey, bernhard-reiter, gziolo.
Fixes#59574.
Built from https://develop.svn.wordpress.org/trunk@58186
git-svn-id: http://core.svn.wordpress.org/trunk@57649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [56052].
See #60705.
Built from https://develop.svn.wordpress.org/trunk@58183
git-svn-id: http://core.svn.wordpress.org/trunk@57646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress's `get_network_option` function generally makes individual database requests for each network option. While some options are preloaded in `wp_load_core_site_options`, many still require single database calls to the network options table.
Building on the work done in [56445], [56990], and [57013], which introduced the `wp_prime_option_caches` function, this commit adds two new functions: `wp_prime_network_option_caches` and `wp_prime_site_option_caches`. These functions enable developers to pass an array of option names, allowing caches for these options to be primed in a single object cache or database request. If an option is not found, the notoptions cache key is refreshed, preventing unnecessary repeated requests.
The function `wp_prime_site_option_caches` is similar to `get_site_option`, enabling developers to retrieve network options on the current network without needing to know the current network ID. If these functions are called in a non-multisite environment, they fall back to using wp_prime_option_caches.
These functions have been implemented in `wp_load_core_site_options`, `get_site_transient`, and `set_site_transient`.
Props to spacedmonkey, peterwilsoncc, mukesh27, joemcgill.
Fixes#61053.
Built from https://develop.svn.wordpress.org/trunk@58182
git-svn-id: http://core.svn.wordpress.org/trunk@57645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add more context to the `split_the_query` filter by adding two new parameters: '$old_request' and '$clauses'. This enriches the filter with additional information about the SQL query before the query is run, enabling developers to have more context to help decide if a query should be split.
Props spacedmonkey, shailu25, rcorrales, tillkruess.
Fixes#59514.
Built from https://develop.svn.wordpress.org/trunk@58180
git-svn-id: http://core.svn.wordpress.org/trunk@57643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The measurement in px for zero values is not needed. It does this for Twenty Twenty-One, Twenty Ten, Twenty Eleven and Twenty Nineteen. This also adds short-hand-property-no-redudant-values to Twenty Twenty-One's stylelint rules. Included is removing box-shadow prefixed rules before the standard property in Twenty Ten. Finally, it also removes empty spaces at the ends of lines in Twenty Thirteen, Twenty Nineteen and Twenty Twenty.
Props ankitmaru, SergeyBiryukov, netweb, mukesh27, ryelle, audrasjb, sabernhardt.
Fixes#53874.
Built from https://develop.svn.wordpress.org/trunk@58178
git-svn-id: http://core.svn.wordpress.org/trunk@57641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a few warnings when running PHPUnit with the code coverage report:
{{{
"@covers WP_Privacy_Requests_List_Table::get_views" is invalid
"@covers WP_Block_Bindings_Registry::register_block_bindings_source" is invalid
"@covers WP_Block_Patterns_Registry::_register_theme_block_patterns" is invalid
}}}
The two removed `@coversDefaultClass` annotations are redundant, as the class name is already included in the individual `@covers` tags. Removing them allows `@covers ::_register_theme_block_patterns` to work as expected, where `_register_theme_block_patterns` is an standalone function, not a class method.
Follow-up to [54215], [56733], [57373], [57562].
See #60705.
Built from https://develop.svn.wordpress.org/trunk@58176
git-svn-id: http://core.svn.wordpress.org/trunk@57639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The post editor uses the permalink_template property from the posts REST API to render the post slug input or not. For auto-drafts or newly created posts, this property was not set properly. This PR solves by fixing the get_sample_permalink function used to compute this property.
Props youknowriad, mcsf, antonvlasenko, azaozz, peterwilsoncc, andrewserong, hellofromTonya, spacedmonkey.
Fixes#59283.
Built from https://develop.svn.wordpress.org/trunk@58174
git-svn-id: http://core.svn.wordpress.org/trunk@57637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Any usage of `'who' => 'authors'` should be updated to use capability queries instead.
Includes documenting the capability query parameters in `wp_dropdown_users()`.
Follow-up to [51943].
Props kkmuffme, swissspidy, SergeyBiryukov.
See #61243.
Built from https://develop.svn.wordpress.org/trunk@58172
git-svn-id: http://core.svn.wordpress.org/trunk@57635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This caused issues in maintenance mode, and it's not warranted to have
its own module. This will live alongside `_canonical_charset()`, it's
partner function.
Fixes: #61182.
Props: dmsnell, sergeybiryukov, swisspiddy.
Follow-up to: [58148].
Built from https://develop.svn.wordpress.org/trunk@58169
git-svn-id: http://core.svn.wordpress.org/trunk@57632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add `aria-hidden="true"` to the dashicon symbol used as the `close` icon in Thickbox modals. Prevent the icon from being read as a replacement character by screen readers.
Props stevejonesdev, sabernhardt, joedolson.
See #61028.
Built from https://develop.svn.wordpress.org/trunk@58167
git-svn-id: http://core.svn.wordpress.org/trunk@57630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With a few exceptions, GitHub Actions workflows run using the version of the workflow file present in the commit SHA or Git ref for the triggering event. This is useful for maintaining different versions of a workflow file.
In the case of WordPress where there are currently 25+ branches that could potentially receive a security fix, it creates a huge maintenance burden. When 3rd party actions are updated or features are deprecated on GitHub Actions, the required changes need to be backported to all of those branches. This takes considerable time and effort.
This change converts Core’s workflow files to reusable ones. This allows the same workflow to be used for all (or most) branches, allowing the described maintenance updates to be made once in `trunk`.
To keep track of which files are reusable vs. those that are responsible for holding the strategy matrix for that branch, reusable workflows are now prefixed with `reusable-`.
Props johnbillion, swissspidy, jorbin, desrosj.
Fixes#61213.
Built from https://develop.svn.wordpress.org/trunk@58165
git-svn-id: http://core.svn.wordpress.org/trunk@57628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow-up to [57981] to ensure that `wp-polyfill` is no longer automatically added as a dependency to package scripts. This avoids unnecessarily loading the polyfill script in places such as the block editor.
See #60962.
Built from https://develop.svn.wordpress.org/trunk@58162
git-svn-id: http://core.svn.wordpress.org/trunk@57625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Clicking on these links initiates an action, so they are more semantically a button rather than a link. Keeping them as an anchor in html allows any existing JS that is targeted to these items to continue to function. The addition of the role helps assistive technology to know that they should treat this as a button.
Props stevejonesdev, sabernhardt, vipulgupta003, rcreators, joedolson.
Fixes#61011.
Built from https://develop.svn.wordpress.org/trunk@58161
git-svn-id: http://core.svn.wordpress.org/trunk@57624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [56382].
See #60706.
Built from https://develop.svn.wordpress.org/trunk@58160
git-svn-id: http://core.svn.wordpress.org/trunk@57623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Interactivity API has been rendering client data in a SCRIPT element with the
type `application/json` so that it's not executed as a script, but is available
to one. The data runs through `wp_json_encode()` and is encoded with some flags
to ensure that potentially-dangerous characters are escaped.
However, this can lead to some challenges. Eagerly escaping when not necessary
can make the data difficult to comprehend when reading the output HTML. For example,
all non-ASCII Unicode characters are escaped with their code point equivalent.
This results in `\ud83c\udd70` instead of `🅰`.
In this patch, the flags for JSON encoding are refined to ensure what's necessary
while relaxing other rules (leaving in those Unicode characters if the blog charset
is UTF-8). This makes for Interactivity API data that's quicker as a human reader
to decipher and diagnose.
In summary:
- This data is JSON encoded and printed in a `<script type="application/json">` tag.
- If we ensure that `<` is never printed inside the data, it should be impossible to
break out of the script tag and the browser treats everything as the element's `textContent`.
- All other escaping becomes unnecessary at that point, including unicode escaping
if the page uses the UTF-8 charset (the same encoding as JSON).
See https://github.com/WordPress/wordpress-develop/pull/6433#pullrequestreview-2043218338
Developed in https://github.com/WordPress/wordpress-develop/pull/6520
Discussed in https://core.trac.wordpress.org/ticket/61170Fixes: #61170
Follow-up to: [57563].
Props: bjorsch, dmsnell, jonsurrell, sabernhardt, westonruter.
Built from https://develop.svn.wordpress.org/trunk@58159
git-svn-id: http://core.svn.wordpress.org/trunk@57622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `version` property throws a warning when working with the local Docker environment. According to the Docker Compose spec, the property only remains for backward compatibility and should be removed.
Props narenin, mukesh27, swissspidy.
Fixes#61101.
Built from https://develop.svn.wordpress.org/trunk@58157
git-svn-id: http://core.svn.wordpress.org/trunk@57620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Includes correcting a few erroneously duplicated test cases to match their intended purpose.
Follow-up to [57724].
See #60706.
Built from https://develop.svn.wordpress.org/trunk@58150
git-svn-id: http://core.svn.wordpress.org/trunk@57615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are several exist places in Core that attempt to detect if a blog charset
is UTF-8. Each place attempts to perform the same check, except the logic is
spread throughout and there's no single method provided to make this
determination in a consistent way. The `_canonical_charset()` method exists,
but is marked private for use.
In this patch the new `unicode` module provides `is_utf8_charset()` as a method
taking an optional charset slug and indicating if it represents UTF-8,
examining all of the allowable variants of that slug. Associated code is
updated to use this new function, including `_canonical_charset()`. If no slug
is provided, it will look up the current `get_option( 'blog_charset' )`.
Finally, the test functions governing `_canonical_charset()` have been
rewritten as a single test with a data provider instead of as separate test
functions.
Developed in https://github.com/WordPress/wordpress-develop/pull/6535
Discussed in https://core.trac.wordpress.org/ticket/61182Fixes#61182.
Props dmsnell, jonsurrell.
Built from https://develop.svn.wordpress.org/trunk@58147
git-svn-id: http://core.svn.wordpress.org/trunk@57612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add visible labels to inputs that are using placeholder attributes as a substitute for visible labeling.
Labels added or made visible on the customizer theme search, customizer widget search, customizer menu item search, customizer new page UI, the search plugins screens, the media search screens, and the classic editor link inserter.
Props afercia, joedolson, rcreators, sabernhardt.
See #40331.
Built from https://develop.svn.wordpress.org/trunk@58146
git-svn-id: http://core.svn.wordpress.org/trunk@57611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When generating a human readable code coverage report in HTML format, the Codecov action used to fail silently. An error is now being returned, resulting in a workflow failure.
This adds a skip condition to the appropriate steps so the coverage report is only uploaded when a `clover` format is generated.
See #60733.
Built from https://develop.svn.wordpress.org/trunk@58144
git-svn-id: http://core.svn.wordpress.org/trunk@57609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Chrome unreliably loads a lazy-loaded iframe when it is hidden using `clip: rect(1px, 1px, 1px, 1px)`. Instead of using `clip`, a lazy-loaded iframe can also be hidden with `visibility:hidden` which results in it loading not only in Chrome but all other browsers. With this change applied, the hard-coded check to prevent lazy-loading post embeds is now removed. An added benefit to using `visibility:hidden` is that the entire iframe in this case is not interactable, meaning that users navigating the document with the keyboard will not unexpectedly encounter tab stops inside of the hidden iframe, as can happen now with `clip` when the JS fails to reveal the loaded iframe. Note also that the `clip` property is deprecated.
Lastly, when such a post embed iframe is rendered in an RSS feed, the `style` attribute is now removed using the HTML Tag Processor as opposed to using string replacement.
Fixes#58773.
Props westonruter, joemcgill, swissspidy, joedolson, adamsilverstein.
Built from https://develop.svn.wordpress.org/trunk@58143
git-svn-id: http://core.svn.wordpress.org/trunk@57608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The primary menu was disappearing at 481px. This adjusts to resolve this. It was shown when adjust the browser window not in responsive design mode.
Props stephenbrook, audrasjb, mukesh27, sabernhardt, poena, kristenfisher427, siliconforks, jwgoedert, joedolson.
Fixes#52354.
Built from https://develop.svn.wordpress.org/trunk@58142
git-svn-id: http://core.svn.wordpress.org/trunk@57607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The link is a part of the deprecation notice displayed when saving an unregistered setting.
Follow-up to [13646], [13785], [14070], [32116], [34315], [45674].
Props timse201, sabernhardt, amitraj2203, khokansardar, SergeyBiryukov.
Fixes#61199.
Built from https://develop.svn.wordpress.org/trunk@58140
git-svn-id: http://core.svn.wordpress.org/trunk@57605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a confirmation dialog when users navigate away from the user profile screen if they have unsaved changes to prevent data loss.
Props ashokrane, karlijnbk, diedeexterkate, jwgoedert, joedolson, swissspidy, afercia.
Fixes#40493.
Built from https://develop.svn.wordpress.org/trunk@58137
git-svn-id: http://core.svn.wordpress.org/trunk@57602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The heading image had quality issues on iOS Safari in portrait and landscape modes. This resolves it through adding 200cv for smaller screens so less than full size.
Props poena, richardevs, laurelfulford, davidakennedy, joemcgill, SergeyBiryukov, ianbelanger, sabernhardt, shailu25, robertghetau.
Fixes#39253.
Built from https://develop.svn.wordpress.org/trunk@58135
git-svn-id: http://core.svn.wordpress.org/trunk@57600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reduce the number of queries getting and setting transients on sites without a persistent cache.
Transients are stored in two options: one each for the transient value and timeout. Priming the cache reduces the database queries for getting a transient from two to one.
Props peterwilsoncc, swissspidy.
Fixes#61193.
Built from https://develop.svn.wordpress.org/trunk@58134
git-svn-id: http://core.svn.wordpress.org/trunk@57599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Based on the current browser support policies and expectations, this is no longer needed. There are almost no browsers in use where this is still in use. The same fix was removed from core themes in #54421.
Props joedolson, sabernhardt, shailu25.
Fixes#60479.
Built from https://develop.svn.wordpress.org/trunk@58133
git-svn-id: http://core.svn.wordpress.org/trunk@57598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If organizing uploads into month- and year-based folders, uploading an attachment to an existing post should store the file in `wp-content/uploads/<year>/<month>` based on the post's publish date. This is in line with the behavior in classic editor / the media modal.
Props swissspidy, adamsilverstein, timothyblynjacobs, skithund, sergeybiryukov, patricia70.
Fixes#61189.
Built from https://develop.svn.wordpress.org/trunk@58130
git-svn-id: http://core.svn.wordpress.org/trunk@57595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This builds on the temporary backup system introduced in 6.3 to allow automatic updates to benefit from fatal error protection. A loopback request is performed to the home page of the site and the plugin is rolled back to its backed up version if a fatal error is observed.
For debugging and observability during beta, this change includes several calls to `error_log()` during the upgrade and rollback stages. These calls can be removed or placed behind a flag once we're ready for RC1.
Props costdev, johnbillion, mukesh27, afragen, audrasjb, justlevine, kirasong, peterwilsoncc
Fixes#58281
Built from https://develop.svn.wordpress.org/trunk@58128
git-svn-id: http://core.svn.wordpress.org/trunk@57593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Interactivity API has hooks that run on the frontend, but not in wp-admin. This means that interactivity data was not printed to the HTML and the interactivity Script Modules were not registered.
Fixes#61087.
Props jonsurrell, cbravobernal, gziolo.
Built from https://develop.svn.wordpress.org/trunk@58127
git-svn-id: http://core.svn.wordpress.org/trunk@57592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Script Modules cannot be used in wp-admin. The necessary hooks are registered on wp_head or wp_footer, but should also be registered for the admin variants so that modules can be used from wp-admin.
Fixes#61086.
Props jonsurrell, cbravobernal, gziolo.
Built from https://develop.svn.wordpress.org/trunk@58126
git-svn-id: http://core.svn.wordpress.org/trunk@57591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This results in the prevention of an installation running on a port on localhost (for example `localhost:8889`) being converted to a subdomain Multisite installation, whereas previously it was incorrectly allowed.
Props spacedmonkey
See #21077
Built from https://develop.svn.wordpress.org/trunk@58125
git-svn-id: http://core.svn.wordpress.org/trunk@57590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes correcting a conditional in `_wp_menu_item_classes_by_context()` where `$parent_item->object`, which contains a string like `page`, was erroneously compared to the queried object's ID. The correct property to compare is `$parent_item->object_id`.
Follow-up to [14876], [14923], [14942], [15302], [16731], [16742], [22302], [47550], [47557], [47808].
Props aristath, poena, afercia, SergeyBiryukov.
See #60700.
Built from https://develop.svn.wordpress.org/trunk@58124
git-svn-id: http://core.svn.wordpress.org/trunk@57589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Query caching in `WP_Query` was added in [53941]. When this functionality was added to the `WP_Query` class, a number of edge cases were missed that would result in redundant duplicate queries. It was possible to pass parameters to `WP_Query` that would be different but would result in the same database query being generated. As the cache key is generated from a mixture of query arguments and the SQL query, this resulted in different cache keys for the same database query, resulting in unnecessary duplicate queries. In this change, the logic in the `generate_cache_key` method has been improved to ensure reuse of existing caches. The following edge cases have been considered:
- Passing `post_type` as an empty string.
- Passing `post_type` as the string `any`.
- Passing `post_type` as array vs. string.
- Passing `post_type` as an array in a different order.
- Not passing `orderby`.
- Passing `post_status` as an array vs. string.
- Passing `post_status` as an array in a different order.
This change also fixes an issue where the old SQL query would not match, as the queries had different whitespaces.
Props spacedmonkey, joemcgill, pbearne, peterwilsoncc, rajinsharwar, mukesh27, thekt12, huzaifaalmesbah, rodionov201.
Fixes#59442.
Built from https://develop.svn.wordpress.org/trunk@58122
git-svn-id: http://core.svn.wordpress.org/trunk@57587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `check-latest` setting is used to ensure the latest version of Node.js is always installed in GitHub Action workflows.
This input was added and turned on in [57212] when the minimum required version of Node.js was bumped to `20.10.0`. Because GitHub Action runner image updates are deployed on a rolling basis over the course of several days, a version of Node.js that met this new requirement was not always present (especially on Windows runners). Using this input was a temporary fix to ensure stability for Core’s test workflows.
The `check-latest` input does have some side effects. Two examples are:
- An additional request is performed to check the latest version every time `setup-node` is used with this option enabled. More requests are made to download and install a newer version of Node.js when one is available.
- When new versions of Node.js are released, the Core workflows immediately switch to the new version, which could potentially have undiscovered bugs or regressions.
The latter has surfaced today due to a regression in Node.js 20.13.0 on Windows (see https://github.com/nodejs/node/issues/52884).
A bit of time has passed and a version >=20.10.0 is now reliably available on all GitHub Action runners. Running the very latest release Node.js is also not important for Core’s testing setup, so `check-version` can safely be removed to address both side effects detailed above.
Props johnbillion.
Fixes#60129.
Built from https://develop.svn.wordpress.org/trunk@58120
git-svn-id: http://core.svn.wordpress.org/trunk@57585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a `wp-admin/user/contribute.php` file to allow the "Get Involved" link to work on User Admin.
This changeset prevents an unintended 404 that occurs when a logged-in user clicks the "Get Involved" link (located in the menu-bar) from inside of the multisite-specific User Dashboard.
Related: r56220, r56309, #23348.
Props ignatiusjeroe, audrasjb, tobiasbg.
Fixes#61122.
Built from https://develop.svn.wordpress.org/trunk@58118
git-svn-id: http://core.svn.wordpress.org/trunk@57583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents a fatal error in `wp_apply_custom_classname_support()`, which expects an array data type for block attributes, and makes sure the block editor can still load if there is a mistake in the attributes of a block.
Follow-up to [54498].
Props caercam.
Fixes#61151.
Built from https://develop.svn.wordpress.org/trunk@58112
git-svn-id: http://core.svn.wordpress.org/trunk@57577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds descriptions to multiple bundled themes. All patterns without the "Inserter" parameter set to "false" or "no", should use the description parameter (These patterns are hidden in the block inserter and do not use the descriptions).
Props poena, StringPiggy, oglekler, audrasjb, huzaifaalmesbah, swisspidy.
Fixes#59688.
Built from https://develop.svn.wordpress.org/trunk@58111
git-svn-id: http://core.svn.wordpress.org/trunk@57576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the docblock attributes for `wp_get_attachment_image()` to account for attribute values that are being determined by `wp_get_loading_optimization_attributes()`. Updates docs for `$attr['loading']` and adds docs for `$attr['fetchpriority']`.
Props joemcgill, dmsnell.
Fixes#59550.
Built from https://develop.svn.wordpress.org/trunk@58110
git-svn-id: http://core.svn.wordpress.org/trunk@57575 1a063a9b-81f0-0310-95a4-ce76da25c4cd