Limit the post types searched in `redirect_guess_404_permalink()` to public, searchable post types. This prevents redirects to 404 pages and the exposure of private post type slugs.
Props francescocarlucci, peterwilsoncc, rajinsharwar.
Fixes#59795.
Built from https://develop.svn.wordpress.org/trunk@57645
git-svn-id: http://core.svn.wordpress.org/trunk@57146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds logic that fixes the limitation for souces by allowing merging the `uses_context` defined by block bindings sources into supported block types. Each source defines the context it needs and it is added to the block types that are using the block bindings API.
Fixes#60525.
Props santosguillamot, gziolo, czapla, thekt12.
Built from https://develop.svn.wordpress.org/trunk@57641
git-svn-id: http://core.svn.wordpress.org/trunk@57142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [57516], the just-in-time translation loading logic was enhanced to support cases where only `.l10n.php` translation exist but no `.mo` or `.po` files. This caused a slight regression in `get_available_languages()`, which uses the list of files to populate the language dropdown list on the settings page.
To address this, the new file extension is now properly stripped off, and the resulting file list is de-duplicated. New test files are added to allow the existing tests to cover this new scenario.
See #59656.
Fixes#60553.
Built from https://develop.svn.wordpress.org/trunk@57639
git-svn-id: http://core.svn.wordpress.org/trunk@57140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace the `.png` files in use for media library type icons with `.svg` versions. Improves sharpness, especially on high resolution screens and devices.
Props iseulde, melchoyce, joemcgill, sabernhardt, huzaifaalmesbah, wonderboymusic, ocean90, karmatosed, boemedia, bosskhj, joedolson.
Fixes#31352.
Built from https://develop.svn.wordpress.org/trunk@57638
git-svn-id: http://core.svn.wordpress.org/trunk@57139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `.editor-block-list__block` class was removed in WordPress 5.4. It is now replaced with a selector that works in the current versions and is backward compatible.
Follow-up to [43842].
Props poena, faisal03, ashikur698.
Fixes#59922.
Built from https://develop.svn.wordpress.org/trunk@57637
git-svn-id: http://core.svn.wordpress.org/trunk@57138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the `is-plain-object`, `memize`, `path-to-regexp`, and `tslib`.
These were also introduced in [56065] and have been integrated into the build process. Instead, these are now installed as peer dependencies through the `@/wordpress/*` packages that actually require them.
Follow up to [57634].
Props swissspidy.
See #59658.
Built from https://develop.svn.wordpress.org/trunk@57636
git-svn-id: http://core.svn.wordpress.org/trunk@57137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following dependencies:
- `@pmmmwh/react-refresh-webpack-plugin` from `0.5.5` to `0.5.11`.
- `autoprefixer` from `10.4.16` to `10.4.17`.
- `copy-webpack-plugin` from `11.0.0` to `12.0.2`.
- `cssnano` from `6.0.1` to `6.0.3`.
- `dotenv` from `16.3.1` to `16.4.4`.
- `dotenv-expand` from `10.0.0` to `11.0.3`.
- `postcss` from `8.4.31` to `8.4.35`.
- `sass` from `1.69.3` to `1.70.0`.
- `sinon` from `16.0.3` to `16.1.3`.
- `source-map-loader` from `4.0.1` to `5.0.0`.
- `terser-webpack-plugin` from `5.3.9` to `5.3.10`.
- `wait-on` from `7.0.1` to `7.2.0`.
- `webpack` from `5.89.0` to `5.90.2`.
Additionally, `npm audit fix` has been run.
See #59658.
Built from https://develop.svn.wordpress.org/trunk@57635
git-svn-id: http://core.svn.wordpress.org/trunk@57136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the `@emotion/is-prop-valid`, `@emotion/memoize`, and `framer-motion` packages as direct dependencies.
These were introduced in [56065], but do not appear to have been integrated into the build process. Instead, these are now installed as peer dependencies to the `@wordpress/block-editor` and `@wordpress/components` packages.
Props gziolo, huzaifaalmesbah.
See #59658.
Built from https://develop.svn.wordpress.org/trunk@57634
git-svn-id: http://core.svn.wordpress.org/trunk@57135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a WPCS warning:
{{{
Variable "$newlineEscape" is not in valid snake_case format, try "$newline_escape"
}}}
The `WP_Text_Diff_Renderer_inline` class extends the `Text_Diff_Renderer_inline` class from the `Text_Diff` package and should have the same parameters as the parent class method, per the Task 1 section of ticket #51553.
Follow-up to [7747], [55163].
See #59650.
Built from https://develop.svn.wordpress.org/trunk@57633
git-svn-id: http://core.svn.wordpress.org/trunk@57134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug where fonts could not be installed in PHP 8.1.0 through 8.1.11 due to incorrect MIME type assignment.
While `WP_Font_Utils::get_allowed_font_mime_types()` conditionally sets the MIME type for woff and woff2, it incorrectly checks against PHP 8.1.0. The MIME type change did not occur until PHP 8.1.12.
References:
* [https://github.com/php/php-src/issues/8805 PHP-src: finfo returns wrong mime type for woff/woff2 files].
* [https://www.php.net/ChangeLog-8.php#8.1.12 PHP 8.1.12 changelog].
* Tests: Adjust the expected mime type for WOFF fonts on PHP 8.1.12+ [55463].
* [https://github.com/WordPress/gutenberg/pull/59015 Gutenberg PR 59015].
Follow-up to [57539].
Props costdev, kafleg, hellofromTonya.
Fixes 60536.
Built from https://develop.svn.wordpress.org/trunk@57632
git-svn-id: http://core.svn.wordpress.org/trunk@57133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Pullquotes were not inheriting the correct styling from the block
editor. This commit resolves the issue by supporting typography options.
1. The `font-family` variable remains on the paragraph (both editor and front) so the citation continues to use the body font even when the site redefines `var(--pullquote--font-family)`.
2. The `font-size`, `font-style`, `font-weight`, `letter-spacing` and `line-height` are set on the Pullquote block to allow overriding with the sidebar settings. Then the block's paragraph element inherits those styles.
3. When the settings do not give a custom `line-height` from the sidebar, these stylesheets set the paragraph to `var(--pullquote--line-height)` instead of inheriting 1.6 from the block styles. This patch uses `:where()` to avoid increasing specificity.
Moving styles from the paragraph element to the block should not affect the citation, which has had its own styles for `font-size`, `font-style`, `font-weight` and `letter-spacing`.
Follow-up to [56959], [56451], [55089], [55088], [49574], [49320], [49216].
Props sabernhardt, poena, darshitrajyaguru97, harshgajipara, shailu25, skyakash12.
Fixes#57854.
Built from https://develop.svn.wordpress.org/trunk@57631
git-svn-id: http://core.svn.wordpress.org/trunk@57132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Decouple hooked blocks insertion from setting the `metadata.ignoredHookedBlocks` attribute on anchor blocks, and perform the latter step upon saving a template or template part to the database. This ensures that anchor blocks that have been newly added to a template (or part) on the client side will also get `ignoredHookedBlocks` metadata set correctly, thus preserving editor/front-end parity. Hooked block insertion, on the other hand, will continue to happen upon ''reading'' a template (or part).
Props gziolo, tomjcafferkey.
Fixes#60506.
Built from https://develop.svn.wordpress.org/trunk@57627
git-svn-id: http://core.svn.wordpress.org/trunk@57128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After a chaotic change of ownership, the `twitter/twemoji` library is now considered abandoned.
After waiting for this moment to arise, a fork was created by several former employees who had maintained the library which lives at `jdecked/twemoji` on GitHub.
This switches out where the underlying source code comes from for the library, and applies the 15.0.3 update, which adheres to the Unicode 15 spec and adds support for all Emoji introduced in Emoji 15.0.
This does not update the underlying `precommit:emoji` Grunt script responsible for updating `formatting.php`. After GitHub recently sunset support for SVN, the current process needs to be replaced with a new one. This will be handled in #60520.
Let the masses rejoice for the 🐦⬛ singing in the dead of night, secure 🛜, aromatic 🫚, and some very silly 🪿🪿.
RIP Twemoji. Long live Twemoji!
Props peterwilsoncc, kraftbj, jeffpaul, azaozz, dd32, hareesh-pillai, jorbin.
Fixes#57600.
Built from https://develop.svn.wordpress.org/trunk@57626
git-svn-id: http://core.svn.wordpress.org/trunk@57127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updated the global styles endpoints in the REST API to extend from existing posts and revisions controllers. This reduces duplicated code and inconsistencies. The revisions controller is now a subclass of the WP_REST_Revisions_Controller. Related redundant methods were removed and schema generation and collection parameters were adjusted to suit the global styles context. Updated permission checks, constructor, and collection parameters accordingly. This change allows for easy override of these classes using the `register_post_type_args` filter.
Props ramonopoly, spacedmonkey, mukesh27.
Fixes#60131.
Built from https://develop.svn.wordpress.org/trunk@57624
git-svn-id: http://core.svn.wordpress.org/trunk@57125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This enhancement refines the REST API server to automatically establish the maximum 'per_page' value for embedded objects, adhering to the endpoint's schema when not explicitly defined in the request. This adjustment elevates the limit from the default of 10 items to 100 items, significantly improving the likelihood of receiving the complete dataset of embedded objects.
Props manyourisms, lpawlik, spacedmonkey, kadamwhite, TimothyBlynJacobs.
Fixes#43439.
Built from https://develop.svn.wordpress.org/trunk@57623
git-svn-id: http://core.svn.wordpress.org/trunk@57124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [57592], some `update_option()` calls were removed from bootstrapping. However, this also removed a check to ensure an array key existed, and populated it if not.
Scaffolding tests by WP-CLI revealed that a plugin in the `active_plugins` option may not have data already stored within the `plugin_data` option, causing a PHP warning for an undefined array key. This data will be added the next time `get_plugins()` is called.
This adds a condition to ensure the requirements checks are only performed on plugins whose data is already stored in the `plugin_data` option.
Follow-up to [57592].
Props swissspidy, hellofromTonya, costdev.
Fixes#60461.
Built from https://develop.svn.wordpress.org/trunk@57622
git-svn-id: http://core.svn.wordpress.org/trunk@57123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The intended behaviour of Plugin Dependencies is that dependencies cannot be deleted until their dependents are deleted.
While the 'Delete' link was removed from the plugin row, the bulk actions checkbox remained enabled, allowing for deletion of dependencies through bulk actions.
This was unintended behaviour and the bulk actions checkbox is now disabled as intended.
Follow-up to [57545].
Props johnbillion, afragen, knutsp, huzaifaalmesbah, mukesh27, costdev.
Fixes#60471.
Built from https://develop.svn.wordpress.org/trunk@57620
git-svn-id: http://core.svn.wordpress.org/trunk@57121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Improve buttons flow on small viewports, taking longer translations into account.
* Make `alt` attributes translatable.
* Remove unused `id` attributes.
Follow-up to [57602].
Props kebbet, afercia, mukesh27.
See #54370.
Built from https://develop.svn.wordpress.org/trunk@57618
git-svn-id: http://core.svn.wordpress.org/trunk@57119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Plugin Dependencies feature saves a list of any plugins that have been disabled due to unmet dependencies to a transient in order to give user feedback in the admin about what has taken place. This ensures that the DB operations to write this transient is skipped if there are no dependent plugins to deactivate.
Props joemcgill, costdev, afragen.
Fixes#60518.
Built from https://develop.svn.wordpress.org/trunk@57617
git-svn-id: http://core.svn.wordpress.org/trunk@57118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the `setCardButtonStatus()` JS function was called when a card had the ID 'plugin-information-footer'. However, the card will only exist on plugin install pages. This caused a failure when updating plugins from the plugin row on `plugins.php` due to an undefined `$card` variable.
This adds a guard to ensure that the current page is one of the plugin install pages, preventing the error and allowing plugin updates from the `plugins.php` rows to work as expected.
Follow-up to [57545].
Props Presskopp, huzaifaalmesbah, krupajnanda, hellofromTonya, krupalpanchal, costdev.
Fixes#60521.
Built from https://develop.svn.wordpress.org/trunk@57615
git-svn-id: http://core.svn.wordpress.org/trunk@57116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to bring consistency with the `image_make_intermediate_size` filter, which has the main DocBlock in `WP_Image_Editor_GD::_save()` and a duplicate hook reference in `WP_Image_Editor_Imagick::_save()`.
Follow-up to [57607].
See #21668.
Built from https://develop.svn.wordpress.org/trunk@57614
git-svn-id: http://core.svn.wordpress.org/trunk@57115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This update modifies the error handling mechanism in the REST API meta fields functionality. Instead of halting execution and returning on the first encountered error, it now collects all errors in a WP_Error object and continues execution. Thus, this enhancement enables handling and displaying of multiple errors in a single response, improving the debugging process.
Props TimothyBlynJacobs, spacedmonkey, hellofromTonya, oglekler.
Fixes#48823.
Built from https://develop.svn.wordpress.org/trunk@57611
git-svn-id: http://core.svn.wordpress.org/trunk@57112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the fatal error handler is triggered within a REST API request, it currently utilizes wp_die to display a specially formatted error response. However, crucial information captured by the fatal error handler, such as the exact line where the error occurred, is not included in the response due to potential security concerns, such as leaking file paths.
To address this limitation and aid developers in debugging, this enhancement introduces the inclusion of error data in the response when the `WP_DEBUG_DISPLAY` constant is set to true. This additional data, appended under the new key error_data, will facilitate more thorough debugging for REST API errors.
Props ecc, spacedmonkey, TimothyBlynJacobs, rcorrales.
Fixes#60014.
Built from https://develop.svn.wordpress.org/trunk@57610
git-svn-id: http://core.svn.wordpress.org/trunk@57111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use 'theme_files' cache group for block pattern caches. Previously, block pattern cache data was not stored in a cache group and used the default group. This new cache group, is setup as a global cache group, meaning that sites using multisite, will have a single cache for block pattern data per theme. This change also no longer invalidate block pattern caches in multisite instances, meaning block pattern caches can be shared between sites on a network, meaning less repeated data in the object cache.
Props spacedmonkey, flixos90, joemcgill.
Fixes#60120.
Built from https://develop.svn.wordpress.org/trunk@57608
git-svn-id: http://core.svn.wordpress.org/trunk@57109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a new `image_save_progressive` filter which developers can use to control whether intermediate image sizes are saved in a progressive format (when available). By default, progressive image output is not used, matching the previous behavior.
Props: adamsilverstein, _ck_, markoheijnen, SergeyBiryukov, Japh, pmeenan, mikeschroder, derekspringer, buley, ericlewis, bahia0019, born2webdesign.
Fixes#21668.
Built from https://develop.svn.wordpress.org/trunk@57607
git-svn-id: http://core.svn.wordpress.org/trunk@57108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
RE: Plugins Dependencies.
The following micro-optimization improvements are included for finding each plugin's file relative to the plugins' directory within `wp-settings.php`:
* Move `trailingslashit()` before `foreach()`.
The path to the plugin directory is a constant. Invoking the `trailingslashit()` within the loop for each plugin is unnecessary and less performant.
This commit moves the plugin directory logic to before the loop. The result: the logic will now run 1x instead of Px where P represents the number of active and valid plugins to be loaded.
* Use `substr()` instead of `str_replace()` to extract the plugin's file relative to the plugins' directory.
`substr()` is more performant than `str_replace()`.
Why?
Per the PHP handbook:
>"This function returns a string or an array with all occurrences of search in subject replaced with the given replace value."
`str_replace()` searches the entire string to find and replace each substring occurrence.
whereas
>"Returns the portion of string specified by the offset and length parameters."
`substr()` starts at the given offset and stops at the given (or end of the) string length.
In other words, `substr()` iterates over less of and only a specific portion of the given input string, whereas `str_replace()` iterates through the entire string searching for matches (plural).
References:
* `str_replace()` https://www.php.net/manual/en/function.str-replace.php
* `substr()` https://www.php.net/manual/en/function.substr.php
* `strlen()` https://www.php.net/manual/en/function.strlen.php
* Show the comparison in action https://3v4l.org/TbQ9U.
Follow-up to [57545], [57592].
Props hellofromTonya, costdev.
Fixes#60510.
Built from https://develop.svn.wordpress.org/trunk@57606
git-svn-id: http://core.svn.wordpress.org/trunk@57107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Audio and video attachments can have a featured image, also known as a poster image. This functionality is now properly exposed by the `wp/v2/media` endpoint.
Props swissspidy, timothyblynjacobs, wonderboymusic, dlh, spacedmonkey.
Fixes#41692.
Built from https://develop.svn.wordpress.org/trunk@57603
git-svn-id: http://core.svn.wordpress.org/trunk@57104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This restores the site icon setting to its original home on the settings page where it lives with the title and tagline.
The base for this code was originally added in [32994] and then removed in [33329]. The majority of the modification to that version are to remove the no-js pieces and make the workflow completely inline rather than putting the cropping on a separate page.
Additionally, since image crops rely on the ability to upload an image, this setting is gated by the `upload_files` capability.
Follow-up to: [32994], [33329].
Props jorbin, audrasjb, mukesh27, joedolson, afercia, kebbet, swissspidy, obenland, jameskoster, kjellr, andraganescu, stacimc, mikeschroder, h71, krupajnanda, huzaifaalmesbah.
Fixes#54370.
See #16434.
Built from https://develop.svn.wordpress.org/trunk@57602
git-svn-id: http://core.svn.wordpress.org/trunk@57103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the result of the font URL functions is a `string` before using it in `add_editor_style()`, to avoid PHP warnings on child themes. This similarily updates Twenty Thirteen, Twenty Fourteen, Twenty Fifteen, Twenty Sixteen, and Twenty Seventeen.
Props jordesign, SergeyBiryukov, sabernhardt, huzaifaalmesbah, shailu25.
Fixes#59704.
Built from https://develop.svn.wordpress.org/trunk@57601
git-svn-id: http://core.svn.wordpress.org/trunk@57102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit moves `line-height` to the Buttons container and removes the duplicate `outline` property.
Props sabernhardt, nidhidhandhukiya, monzuralam, shailu25, hrrarya, karmatosed, harshgajipara, nicolefurlan, fnpen, oglekler, poena, huzaifaalmesbah, audrasjb.
Fixes#58443.
Built from https://develop.svn.wordpress.org/trunk@57599
git-svn-id: http://core.svn.wordpress.org/trunk@57100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On upgrade, the `$_old_files` array is used to cleanup any files that exist in a previous version of core but are no longer present in the current version. Sometimes, an entire directory should be removed. In the past, when a parent directory was included in the array, subfiles were also included for good measure.
However, the code that removes the old files uses `$wp_filesystem->delete()` with the `$recursive` parameter set to `true`. With this setup, individual subfiles are not required to be individually listed when their parent directory is already included in the `$_old_files` array.
This commit removes all individual subfiles from the `$_old_files` array when their parent directory is already included.
Props SergeyBiryukov, mhshohel, pbiron, oglekler.
Fixes#58995.
Built from https://develop.svn.wordpress.org/trunk@57598
git-svn-id: http://core.svn.wordpress.org/trunk@57099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `shortcode_parse_atts()` would return the input (an empty string) if a shortcode had no attributes, even though the documentation said otherwise.
Always returning an (empty) array reduces confusion and improves developer experience as the return value does not have to be manually checked in the shortcode itself.
Props: nicolefurlan, swissspidy, johnbillion, bedas.
Fixes#59249.
Built from https://develop.svn.wordpress.org/trunk@57597
git-svn-id: http://core.svn.wordpress.org/trunk@57098 1a063a9b-81f0-0310-95a4-ce76da25c4cd