Commit Graph

42969 Commits

Author SHA1 Message Date
Sergey Biryukov abd4de1400 App Passwords: Ensure the Add New button isn't hidden on mobile.
Also removes an unnecessary `!important` rule introduced in [49772] when fixing a similar issue.

Props vladytimy, mukesh27.
Merges [49921] to the 5.6 branch.
Fixes #51980.
Built from https://develop.svn.wordpress.org/branches/5.6@49999


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:38:54 +00:00
Sergey Biryukov 9076f6bf5b App Passwords: Correct authorize app action names and signatures.
When App Passwords was introduced, the `wp_authorize_application_password_form` and `wp_application_passwords_approve_app_request_success` hooks were mistakenly duplicated and incorrectly documented. This commit corrects the hook names and ensures the correct parameters are passed.

Props johnbillion, engahmeds3ed.
Merges [49920] to the 5.6 branch.
Fixes #52013.
Built from https://develop.svn.wordpress.org/branches/5.6@49998


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:35:55 +00:00
Sergey Biryukov 62b2f7dd50 Site Health: Use a front-end URL for loopback tests.
In [49154] the async Site Health tests were changed to use the REST API instead of admin-ajax. An unintended side effect of this change was that the loopback tests which tried to ping the site's `admin_url()` were no longer authenticated because admin-cookies aren't provided to the REST API.

This commit adjusts the loopback test to use the front-end `site_url` which checks that cron will function properly. A follow-up ticket will focus on tests that will cover the file editor checks.

Props Clorith.
Merges [49917] to the 5.6 branch.
Fixes #52097.
See #48105.
Built from https://develop.svn.wordpress.org/branches/5.6@49997


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:32:54 +00:00
Sergey Biryukov 54e45457a8 Editor: Trigger the `tinymce-editor-init` custom jQuery event on DOM ready.
Otherwise TinyMCE may initialize earlier and handlers attached on DOM ready may not get triggered. Fixes making the editor menu "sticky" and setting/resetting some screen options on the old Edit Post screen.

Props azaozz, majhajob, sabernhardt.
Merges [49911] to the 5.6 branch.
Fixes #52046, #51995.
Built from https://develop.svn.wordpress.org/branches/5.6@49996


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:30:55 +00:00
Sergey Biryukov afc1e56b2a Media: Use consistent method for instantiating an attachment author object in Media Library.
Previously, attachments without an author could cause a PHP fatal error due to calling the `::exists()` method on a `false` value.

Follow-up to [49207].

Props antpb, carloscastilloadhoc, hellofromTonya, garrett-eclipse.
Merges [49979] to the 5.6 branch.
Fixes #52030.
Built from https://develop.svn.wordpress.org/branches/5.6@49995


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:21:58 +00:00
Dion Hulse 6b1d668e02 Bump Akismet external to 4.1.8.
See #52245.


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-14 23:17:51 +00:00
desrosj fba21f8227 Build/Test Tools: Remove the TravisCI configuration file.
In [49162], GitHub Action workflow configuration files were introduced to run all of Core’s automated testing with the intent to fully transition after some time was allowed for testing.

After two full months of testing, the time to finish this transition has come.

We thank TravisCI for testing the codebase through nearly 20 major and many more minor releases.

Merges [49876] to the 5.6 branch.
See #52161. See #50401.
Built from https://develop.svn.wordpress.org/branches/5.6@49877


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 21:04:10 +00:00
desrosj c483b794f5 Bundled Themes: Bump the versions of Twenty Twenty-One and Twenty Nineteen.
New versions:

- Twenty Twenty-One: 1.1.
- Twenty Nineteen: 1.9.

Props poena.
Merges [49873] to the 5.6 branch.
Fixes #52160.
Built from https://develop.svn.wordpress.org/branches/5.6@49875


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 18:24:04 +00:00
desrosj 15f78ee70f Twenty Nineteen: Add the `block-patterns` tag to the appropriate SASS file.
This prevents the tag from being removed from `styles.css` when rebuilding the CSS.

Props danfarrow.
Merges [49872] to the 5.6 branch.
Fixes #52159.
Built from https://develop.svn.wordpress.org/branches/5.6@49874


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 18:22:11 +00:00
ryelle db276427f8 Twenty Twenty-One: Set a maximum width on inputs.
Text inputs with a size attribute can end up longer than the screen width on small screens. A max-width of 100% keeps the inputs from breaking out of the container.

Props basscan, kjellr, poena, sabernhardt.
Merges [49870] to the 5.6 branch.
Fixes #52083.


Built from https://develop.svn.wordpress.org/branches/5.6@49871


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 17:09:05 +00:00
desrosj 5990e9abc4 Twenty Twenty-One: Improve strings found in post navigations for easier translating.
This change adjusts strings found within post navigations to ensure translators are provided the full context needed to properly translate.

Props poena, SergeyBiryukov, aristath.
Merges [49866] to the 5.6 branch.
Fixes #52047.
Built from https://develop.svn.wordpress.org/branches/5.6@49869


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 16:21:04 +00:00
desrosj e96048d2f0 Twenty Twenty-One: Only load IE specific polyfills when actually using Internet Exploreer.
The `twenty-twenty-one-ie11-polyfills` script now has a `null` source, and the new `twenty-twenty-one-ie11-polyfills-asset` (which points to the actual `polyfills.js` source) will be loaded only if IE is detected by through the use of `wp_get_script_polyfill()`.

Because the original script name remains the same, this change is backwards compatible with any code registering `twenty-twenty-one-id11-polyfills` as a script dependency.

Props poena, ismail.elkorchi, peterwilsoncc.
Merges [49865] to the 5.6 branch.
Fixes #52098.
Built from https://develop.svn.wordpress.org/branches/5.6@49868


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 16:19:08 +00:00
desrosj 0d2e06e77e Twenty Twenty-One: Improve striped table styling in Dark Mode.
This change improves the display of table blocks with the “Stripes” style selected.

Previously, the text was not visible in striped rows when using Dark Mode.

Props ryelle, poena, melchoyce, celendesign, audrasjb.
Merges [49864] to the 5.6 branch.
Fixes #52129.
Built from https://develop.svn.wordpress.org/branches/5.6@49867


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-22 16:17:15 +00:00
desrosj ff94866fe6 Twenty Twenty-One: Do not specify `loading=“eager”` for single post thumbnails.
While `loading=“eager”` is a supported alternative to omitting the attribute entirely, browsers follow the value of this attribute explicitly when specified.

Specifying `eager` would prevent the user from receiving any additional potential benefits implemented at the browser level, such as further mechanisms to automatically decide which elements to lazy-load.

Props flixos90, ryelle, poena.
Merges [49860] to the 5.6 branch.
Fixes #52139.
Built from https://develop.svn.wordpress.org/branches/5.6@49861


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-21 18:51:04 +00:00
desrosj 7c08559e8c Twenty Twenty-One: Allow local anchor links to be used in primary navigation.
This adds some JavaScript to detect when an anchor link is clicked within the primary navigation on mobile devices and closes the menu before scrolling to the location on the page.

Props poena, macmanx, t-p.
Merges [49854] to the 5.6 branch.
Fixes #52006.
Built from https://develop.svn.wordpress.org/branches/5.6@49855


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-21 15:16:04 +00:00
desrosj 9ef2645fd7 Twenty Twenty-One: Use `esc_url()` for the WordPress.org link in `footer.php`.
Props mukesh27, poena.
Merges [49762] into the 5.6 branch.
Fixes #51954.
Built from https://develop.svn.wordpress.org/branches/5.6@49853


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-21 13:54:03 +00:00
desrosj f87036bf28 Twenty Twenty-One: Make text within code blocks readable in Dark Mode.
This change ensures that the primary text color specific to Dark Mode is used instead of the one specified for normal mode. The latter is not legible in Dark Mode.

Props slaFFik, poena, mukesh27, justinahinon.
Merges [49825] to the 5.6 branch.
Fixes #51985.
Built from https://develop.svn.wordpress.org/branches/5.6@49852


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-21 13:29:07 +00:00
desrosj c58417db0d Twenty Twenty-One: Prevent `<iframe>` embeds from being too narrow.
This fixes an issue where `<iframe>` embeds were being pushed to the side of the screen and compressed to the point of being unusable.

Props helen, mukesh27, poena, thorlentz.
Merges [49823] to the 5.6 branch.
Fixes #52004.
Built from https://develop.svn.wordpress.org/branches/5.6@49851


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-21 13:27:07 +00:00
Sergey Biryukov cbd035f1a5 Twenty Twenty-One: Clarify a sentence in `readme.txt`.
Props gkibria69.
Merges [49838] to the 5.6 branch.
Fixes #52120.
Built from https://develop.svn.wordpress.org/branches/5.6@49839


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-19 20:38:10 +00:00
desrosj 6197e8faec Twenty Twenty-One: Correct `@since` inline documentation tags.
Previously, `1.0.0` was used for the version. This is inconsistent with the versioning used in the other default themes, which use use X.X and not X.X.X.

This change corrects all `1.0.0` occurrences to `1.0`, and adds the additional context of `Twenty Twenty-One` to avoid confusion with `WordPress 1.0`.

Props SergeyBiryukov, poena.
Merges [49826] to the 5.6 branch.
Fixes #51958.
Built from https://develop.svn.wordpress.org/branches/5.6@49829


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 15:10:08 +00:00
desrosj e15b0fac76 Twenty Nineteen: Add images for use in block patterns.
The block patterns were added in #51099, but the images were not included in the commit. This adds the images to the expected folder.

Props transl8or, mukesh27, ryelle.
Merges [49793] to the 5.6 branch.
Fixes #51996.
Built from https://develop.svn.wordpress.org/branches/5.6@49828


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 15:08:03 +00:00
desrosj fa8b856866 Twenty Twenty-One: Use consistent HTML comments after closing HTML tags.
Follow-up to [45209] for other bundled themes.

Props arcangelini, audrasjb.
Merges [49761] to the 5.6 branch.
Fixes #51950.
Built from https://develop.svn.wordpress.org/branches/5.6@49827


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 15:03:07 +00:00
desrosj 0255d32689 Twenty Twenty-One: Bring back PostCSS config.
Twenty Twenty-One uses PostCSS to convert the custom properties for Internet Explorer. Without a config file, the postcss command does nothing, causing issues in IE. This brings back the config from GitHub, which replaces all custom properties with the default values.

Props t-p, poena, ryelle.
Merges [49800] to the 5.6 branch.
Fixes #52040.
Built from https://develop.svn.wordpress.org/branches/5.6@49824


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 14:07:04 +00:00
desrosj d5b456fff3 Build/Test Tools: Update several NPM packages.
These were updated using npm audit fix.

Merges [49791] to the 5.6 branch.
See #51801.
Built from https://develop.svn.wordpress.org/branches/5.6@49821


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 13:34:15 +00:00
desrosj 881fb26648 Media: Fix the template for the "Align" and "Link To" fields in the media modal when inserting an image from URL.
Props noisysocks, mukesh27.
Merges [49804] to the 5.6 branch.
Fixes #52065.
Built from https://develop.svn.wordpress.org/branches/5.6@49820


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 13:02:05 +00:00
desrosj a54ecd84f3 Twenty Twenty-One: Use a more specific link for Dark Mode instructions.
Make both instances of the link translatable, for consistency.

Props engahmeds3ed, justinahinon.
Merges [49798] to the 5.6 branch.
Fixes #52010.
Built from https://develop.svn.wordpress.org/branches/5.6@49819


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 13:00:09 +00:00
desrosj 21bd25a8e7 Twenty Twenty-One: Fix typos in some inline comments.
Props tanvirul, mukesh27.
Merges [49795] to the 5.6 branch.
Fixes #52042.
Built from https://develop.svn.wordpress.org/branches/5.6@49818


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 12:58:05 +00:00
desrosj 1aa3b6b2e5 Twenty Twenty-One: Fix typos in some inline comments.
Props manzurahammed, mukesh27.
Merges [49801] to the 5.6 branch.
Fixes #52071.
Built from https://develop.svn.wordpress.org/branches/5.6@49817


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 12:56:05 +00:00
desrosj a52e001308 Twenty Twenty-One: Correct version in file-header.scss.
Props SergeyBiryukov.
Merges [49799] to the 5.6 branch.
Fixes #52044.
Built from https://develop.svn.wordpress.org/branches/5.6@49816


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 12:54:05 +00:00
desrosj b5b4bc3cd1 Twenty Twenty-One: Correct the DocBlock for `map-deep-set()` Sass function.
Props mukesh27.
Merges [49799] to the 5.6 branch.
Fixes #52064.
Built from https://develop.svn.wordpress.org/branches/5.6@49815


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 12:52:09 +00:00
desrosj e2b6b7309e Build/Test Tools: Remove the Appveyor configuration file.
Appveyor was added to Core in [44594] to ensure that NPM and the WordPress build tools continue to work correctly on Windows systems as changes are made. Using an additional service for this was required at the time, TravisCI did not support testing on Windows.

[49162] introduced a GitHub Action workflow that performed the same testing. Since all automated testing is moving to GitHub Actions, using Appveyor is no longer necessary, and it’s preferable to have all automated testing in one location as much as possible.

Props ayeshrajans.
Merges [49779] to the 5.6 branch.
See #51968.
Built from https://develop.svn.wordpress.org/branches/5.6@49809


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 12:27:11 +00:00
iandunn 27b776fd90 Feed: Merge multiple header values to avoid fatal error.
When SimplePie parses HTTP headers, it combines multiple values for the same header into a comma-separated string. `WP_SimplePie_File` overrides the parsing, but was leaving them as an array instead.

That lead to a fatal error in PHP 8, because other parts of the codebase ended up passing an array to a function that expected a string.

Props david.binda, litemotiv, inc2734, NicolasKulka, hellofromTonya, mbabker, skithund, SergeyBiryukov, desrosj, timothyblynjacobs.
Reviewed by SergeyBiryukov, iandunn.
Merges [49803] and [49805] to the 5.6 branch.
Fixes #51056. See #51956.

Built from https://develop.svn.wordpress.org/branches/5.6@49806


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-16 14:26:06 +00:00
Helen Hou-Sandí 5c765ae652 The 5.6 branch is now 5.6.1-alpha.
Built from https://develop.svn.wordpress.org/branches/5.6@49778


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 23:50:10 +00:00
Helen Hou-Sandí f51761c16e WordPress 5.6.
Built from https://develop.svn.wordpress.org/branches/5.6@49776


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 22:10:02 +00:00
Helen Hou-Sandí e0b55f4a75 Update `$_old_files` for 5.6.
See #39943.
Merges [49774] to the 5.6 branch.

Built from https://develop.svn.wordpress.org/branches/5.6@49775


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 21:52:05 +00:00
Helen Hou-Sandí 8c11a1e249 App Passwords: Ensure redirection description is shown on mobile devices.
Props TimothyBlynJacobs.
Fixes #51970.
Merges [49772] to the 5.6 branch.

Built from https://develop.svn.wordpress.org/branches/5.6@49773


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 20:31:04 +00:00
ryelle 2ee84b90e6 Help/About: Use CDN URLs for About page images.
Reviewed by ryelle, SergeyBiryukov.
Merges [49770] to the 5.6 branch.
Fixes #51415.


Built from https://develop.svn.wordpress.org/branches/5.6@49771


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 18:39:05 +00:00
Helen Hou-Sandí cc242b9f32 Post WordPress 5.6 RC 5 version bump.
Built from https://develop.svn.wordpress.org/branches/5.6@49768


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-07 21:48:02 +00:00
Helen Hou-Sandí ec68acf84e WordPress 5.6 RC 5.
Built from https://develop.svn.wordpress.org/branches/5.6@49767


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-07 21:26:04 +00:00
Helen Hou-Sandí 99923ad9b3 Bundled Themes: Bump theme versions ahead of WordPress 5.6.
The following theme versions will be released in coordination with WordPress 5.6:

* Twenty Ten: 3.2
* Twenty Eleven: 3.6
* Twenty Twelve: 3.3
* Twenty Thirteen: 3.2
* Twenty Fourteen: 3.0
* Twenty Fifteen: 2.8
* Twenty Sixteen: 2.3
* Twenty Seventeen: 2.5
* Twenty Nineteen: 1.8
* Twenty Twenty: 1.6
* Twenty Twenty-One: 1.0

Props peterwilsoncc, hareesh-pillai, dkarfa, sabernhardt, poena, aristath, SergeyBiryukov.
Fixes #51919.
Merges [49763] to the 5.6 branch.

Built from https://develop.svn.wordpress.org/branches/5.6@49766


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-07 20:32:10 +00:00
Helen Hou-Sandí 35bf493381 App Passwords: Store the "in use" option in the main network options.
Whether App Passwords are being used is a global featurel, not a per-network feature. This fixes issues on Multi Network installs if App Passwords are used on a different network from where they were created.

Props spacedmonkey.
Fixes #51939.
See [49752].
Merges [49764] to the 5.6 branch.

Built from https://develop.svn.wordpress.org/branches/5.6@49765


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-07 20:01:06 +00:00
Peter Wilson dc95d8a382 Twenty Twenty-One: Fix the nesting of the main element.
The main element must not appear as a descendant of the section element. Correct markup is the first requirement to make user agents and assistive technologies work properly.

Changes the <section> element that was wrapping the <main> element to a <div>.

Follow-up to [45942] for Twenty Nineteen.

Props albertomake, poena.
Reviewed by SergeyBiryukov, peterwilsoncc.
Merges [49759] to the 5.6 branch.
Fixes #51944.

Built from https://develop.svn.wordpress.org/branches/5.6@49760


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-06 22:06:12 +00:00
Helen Hou-Sandí 6e2834c6d7 Post WordPress 5.6 RC 4 version bump.
Built from https://develop.svn.wordpress.org/branches/5.6@49756


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 22:34:08 +00:00
Helen Hou-Sandí bdc0b7bb98 WordPress 5.6 RC 4.
Built from https://develop.svn.wordpress.org/branches/5.6@49755


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 22:16:06 +00:00
Helen Hou-Sandí 1fc7b75913 App Passwords: Prevent conflicts when Basic Auth is already used by the site.
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.

Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.

Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.

Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Reviewed by TimothyBlynJacobs, helen.
Merges [49752] to the 5.6 branch.
Fixes #51939.

Built from https://develop.svn.wordpress.org/branches/5.6@49754


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:48:03 +00:00
iandunn cb323ada27 Media: Return `WP_Error` when cropping with bad input to avoid fatal.
This avoids an error on PHP 8 caused by calling `wp_imagecreatetruecolor()` with inputs that aren't numeric, or are less than 0.

Props hellofromtonya, Boniu91, metalandcoffee, SergeyBiryukov.
Reviewed by SergeyBiryukov, iandunn.
Merges [49751] to the 5.6 branch.
Fixes #51937.

Built from https://develop.svn.wordpress.org/branches/5.6@49753


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:46:06 +00:00
Helen Hou-Sandí bb64e43912 Post WordPress 5.6 RC 3 version bump.
Built from https://develop.svn.wordpress.org/branches/5.6@49749


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 22:06:07 +00:00
Helen Hou-Sandí b023822235 WordPress 5.6 RC 3.
Built from https://develop.svn.wordpress.org/branches/5.6@49748


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 21:46:08 +00:00
Sergey Biryukov 9420b66fd0 App Passwords: Ensure the Created At and Last Used dates are properly translated.
The `date_i18n` function is now used when formatting the dates in PHP instead of `gmdate` which doesn't handle localization properly.

Additionally, we now use a translation to get the date format to use instead of pulling from the `date_format` option which is only supposed to affect the front-end.

Lastly, when passing the date format to the Backbone JS template, we now use `wp_json_encode()` to format the value for JavaScript. This ensures that backslashes are properly preserved which are used by some locales to escape date formatting control characters.

Props pedromendonca, TimothyBlynJacobs, ocean90, hellofromtonya, SergeyBiryukov, antpb.
Reviewed by TimothyBlynJacobs, SergeyBiryukov.
Merges [49746] to the 5.6 branch.
Fixes #51918.
See [35811].
Built from https://develop.svn.wordpress.org/branches/5.6@49747


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 21:09:01 +00:00
iandunn e0449d4a8e Multisite: Cache absolute `dirsize` paths to avoid PHP 8 fatal.
r49212 greatly improved the performance of `get_dirsize()`, but also changed the structure of the data stored in the `dirsize_cache` transient. It stored relative paths instead of absolute ones, and also removed the unnecessary `size` array.

That difference in data structures led to a fatal error in the following environment:

* PHP 8
* Multisite
* A custom `WP_CONTENT_DIR` which is not a child of WP's `ABSPATH` folder (e.g., [https://roots.io/bedrock/ Bedrock])
* The `upload_space_check_disabled` option set to `0`

After upgrading to WP 5.6, the `dirsize_cache` transient still had data in the old format. When `wp-admin.php/index.php` was visited, `get_space_used()` received an `array` instead of an `int`, and tried to divide it by another `int`. PHP 7 would silently cast the arguments to match data types, but [https://wiki.php.net/rfc/arithmetic_operator_type_checks PHP 8 throws a fatal error]: 

`Uncaught TypeError: Unsupported operand types: array / int`

`recurse_dirsize()` was using `ABSPATH` to convert the absolute paths to relative ones, but some upload locations are not located under `ABSPATH`. In those cases, `$directory` and `$cache_path` were identical, and that triggered the early return of the old `array`, instead of the expected `int`. 

In order to avoid that, this commit restores the absolute paths, but without the `size` array. It also adds a type check when returning cached values. Using absolute paths without `size` has the result of overwriting the old data, so that it matches the new format. The type check and upgrade routine are additional safety measures.

Props peterwilsoncc, janthiel, helen, hellofromtonya, francina, pbiron.
Reviewed by SergeyBiryukov, iandunn.
Merges [49744] to the 5.6 branch.
Fixes #51913. See #19879.


Built from https://develop.svn.wordpress.org/branches/5.6@49745


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 20:45:04 +00:00