As of UglifyJS >= 3.18.0, the default behavior is to process input as an ES module. This updates the relevant configurations to ensure the build process continues to use the previous behavior to avoid JavaScript errors in the minified versions of files.
Follow up to [58563], [58586], and [59509].
Props siliconforks, nataliat2004, poena, mai21, SergeyBiryukov.
Fixes#62767. See #61519, #62220.
Built from https://develop.svn.wordpress.org/trunk@59768
git-svn-id: http://core.svn.wordpress.org/trunk@59110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following `devDependencies`:
- `dotenv` from `16.4.5` to `16.4.7`
- `dotenv-expand` from `11.0.6` to `12.0.1`
- `postcss` from `8.4.47` to `8.4.49`
- `qunit` from `2.22.0` to `2.23.1`
- `sass` from `1.79.4` to `1.79.6`
- `terser-webpack-plugin` from `5.3.10` to `5.3.11`
- `uglify-js` from `3.17.4` to `3.19.3`
- `uuid` from `9.0.1` to `11.0.3`
- `webpack` from `5.90.2` to `5.97.1`
Additionally, `npm audit fix` has been run.
Follow up to [58585].
See #62220.
Built from https://develop.svn.wordpress.org/trunk@59509
git-svn-id: http://core.svn.wordpress.org/trunk@58895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This partially reverts [58563], which applied an update of the `uglify-js` `devDependency` from `3.17.4` to `3.18.0`.
The `3.18.0` update is causing some JavaScript errors in the `media-views.min.js` file, so needs to be investigated further.
Props david.binda, mukesh27, alshakero.
Fies #61519.
Built from https://develop.svn.wordpress.org/trunk@58585
git-svn-id: http://core.svn.wordpress.org/trunk@58032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove obsolete `load` event handler in `wp-embed` since IE10+ support `DOMContentLoaded`.
* Replace obsolete use of `document.createElement('a')` in favor of the newer `URL` class (supported in all browsers but obsolete IE11).
* Remove obsolete IE10/IE11 code.
* Combine conditionals.
* Use `substring()` instead of deprecated `substr()` method.
* Eliminate the stipulation that `wp-embed.js` not include ampersands, considering this was put in place for WP<4.3 which now accounts for only 1.43% of sites. This includes the elimination of the `verify:wp-embed` grunt task.
Props westonruter, swissspidy.
Fixes#58974.
Built from https://develop.svn.wordpress.org/trunk@56383
git-svn-id: http://core.svn.wordpress.org/trunk@55895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates several NPM dependencies to the latest versions, including:
- `check-node-version` from `4.1.0` to `4.2.1`.
- `dotenv` from `10.0.0` to `16.0.0`.
- `dotenv-expand` from `5.1.0` to `8.0.3`.
- `grunt-contrib-concat` from `2.0.0` to `2.1.0`.
- `grunt-contrib-jshint` from `3.1.1` to `3.2.0`.
- `grunt-contrib-uglify` from `5.0.1` to `5.1.0`.
- `qunit` from `2.17.2` to `2.18.1`.
- `sass` from `1.43.4` to `1.50.0`.
- `sinon` from `12.0.1` to `13.0.1`.
- `sinon-test` from `3.1.1` to `3.1.3`.
- `uglify-js` from `3.14.3` to `3.15.3`.
- `wait-on` from `6.0.0` to `6.0.1`.
The updates to `dotenv` and `dotenv-expand` required a minor change to files using these packages.
Additionally, this contains several updates to the `package-lock.json` file as a result of running `npm audit fix`.
See #54727.
Built from https://develop.svn.wordpress.org/trunk@53113
git-svn-id: http://core.svn.wordpress.org/trunk@52702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Prevent loading `wp-embed` script unconditionally on every page in favor of conditionally enqueueing when a post embed is detected. The `wp-embed` script is also explicitly marked as being in the footer group. Sites which currently disable post embed scripts from being enqueued via `remove_action( 'wp_head', 'wp_oembed_add_host_js' )` will continue to do so.
* Send a `ready` message from the host page to each post embed window in case the `iframe` loads before the `wp-embed` script does. When the `ready` message is received by the post embed window, it sends the same `height` message as it sends when it loads.
* Eliminate use of `grunt-include` to inject emoji script and the post embed script. Instead obtain the script contents via `file_get_contents()` (as is done elsewhere in core) and utilize `wp_print_inline_script_tag()`/`wp_get_inline_script_tag()` to construct out the script. This simplifies the logic and allows the running of src without `SCRIPT_DEBUG` enabled.
* For the embed code that users are provided to copy for embedding outside of WP, add the `secret` on the `blockquote` and `iframe`. This ensures the `blockquote` will be hidden when the `iframe` loads. The embed code in question is accessed here via `get_post_embed_html()`.
Props westonruter, swissspidy, pento, flixos90, ocean90.
Fixes#44632, #44306.
Built from https://develop.svn.wordpress.org/trunk@52132
git-svn-id: http://core.svn.wordpress.org/trunk@51724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Patches occasionally come in on generated files. We should be kind to new contributors and give them a hint that these files are auto-generated.
This is a follow-up to [41271], which added the banner to minified CSS files.
Fixes#48424. See #30666.
Built from https://develop.svn.wordpress.org/trunk@46589
git-svn-id: http://core.svn.wordpress.org/trunk@46386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sets `screwIE8` to false as it is now enabled by default
Files Changed:
build/wp-admin/js/customize-nav-menus.min.js
build/wp-admin/js/customize-widgets.min.js
build/wp-includes/js/customize-loader.min.js
Changelog:
2016-07-19 v2.0.0 Update uglify-js to v2.7.0. screwIE8 is enabled by default.
2016-07-19 v1.0.2 Update grunt to ^1.0.0. Fix beautify when passed as an object. Fix docs about report values.
See #38199.
Built from https://develop.svn.wordpress.org/trunk@39117
git-svn-id: http://core.svn.wordpress.org/trunk@39059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.
In theory, this could lead to some broken embeds.
Props mdawaffe.
Fixes#34831.
Built from https://develop.svn.wordpress.org/trunk@35761
git-svn-id: http://core.svn.wordpress.org/trunk@35725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Older versions of WordPress will convert those `&` characters to `&`, which makes for some non-functional JS. If folks are running an older release, let's not make their lives more difficult than it already is.
Props pento, peterwilsoncc.
See #34698.
Built from https://develop.svn.wordpress.org/trunk@35708
git-svn-id: http://core.svn.wordpress.org/trunk@35672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sometimes, embedded sites might suffer from less than 100% uptime. Instead of leaving the embedding site with a big blank space where the embed should be, let's fall back to a link to the embedded post, so there's at least some context for the post.
Fixes#34462.
Built from https://develop.svn.wordpress.org/trunk@35437
git-svn-id: http://core.svn.wordpress.org/trunk@35401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
