Perform a canonical redirect for an invalid pagination request of a static front page.
When a site has a static front page assigned and that page has a `<!--nextpage-->` within its content, previously accessing non-existing pages (e.g. `example.com/page/3/`) did not redirect or return a 404 or 301. This changeset resolves that issue by performing a canonical redirect.
Unit tests are also included for this specific use case and to ensure the fix does not affect a blog listing home page.
Follow-up to [47738], [47727], [34492].
Props dd32, audrasjb, chaion07, hellofromTonya, joemcgill, lukecarbis, Mte90, mukesh27, peterwilsoncc, rajinsharwar, SergeyBiryukov.
Fixes#50163.
See meta#5184.
Built from https://develop.svn.wordpress.org/trunk@59091
git-svn-id: http://core.svn.wordpress.org/trunk@58487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Script Module has the same API as the `wp-a11y` WP Script.
Key changes:
- Add `@wordpress/a11y` to the list of Script and Module dual packages.
- Update `script-modules-packages.min.php` to include the a11y module.
- Modify `WP_Script_Modules` class to track and handle a11y module availability.
- Add method to print required HTML markup for a11y `speak()` functionality.
See #60647.
Props jonsurrell, gziolo, czapla.
Built from https://develop.svn.wordpress.org/trunk@59089
git-svn-id: http://core.svn.wordpress.org/trunk@58485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows other users of the WordPress unit test suite framework to run their own unit tests without needing the WordPress Importer plugin, which should only be a requirement if running core tests.
Follow-up to [59085].
Props bjorsch.
Fixes#62106.
Built from https://develop.svn.wordpress.org/trunk@59086
git-svn-id: http://core.svn.wordpress.org/trunk@58482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a hard requirement for the test suite is not fulfilled, running the tests should be blocked from the test bootstrap. A test should only fail when it doesn't produce the expected result.
Since the WordPress Importer plugin is considered a hard requirement for the test suite at this time, this commit moves the check whether the plugin is installed from individual tests to the test bootstrap.
Includes defining a global constant for the path to the file for reuse in the tests.
Reference: [https://make.wordpress.org/core/handbook/contribute/git/#unit-tests Core Contributor Handbook: The Code Repository (Git): Unit Tests].
Follow-up to [40531], [40532], [41090], [41169], [48592], [49535], [49571].
Props jrf, hellofromTonya.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59085
git-svn-id: http://core.svn.wordpress.org/trunk@58481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [50030] we enforced that Application Passwords have unique names. This was done with the assumption that applications would not connect to a user multiple times. However, in practice we've seen applications run into issues with the unique name constraint. Depending on the app, they may not know if they've been authorized before, or they may intentionally allow connecting multiple times. To prevent friction, App developers need to make their App Name unique, and in doing so often include things like the current date & time, which is already included in the App Passwords list table.
This commit removes this requirement to simplify usage of the Authorize Application flow.
Props mark-k, Boniu91, timothyblynjacobs, peterwilsoncc.
Fixes#54213.
Built from https://develop.svn.wordpress.org/trunk@59084
git-svn-id: http://core.svn.wordpress.org/trunk@58480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a companion to https://github.com/WordPress/gutenberg/pull/65460 that requires syncing in WordPress Core. Namely, the block-library changes require registration with their updated script module IDs so that the blocks continue to work correctly.
They key improvement is script modules registration is handled in one central place, and a combined asset file is used to improve the performance by avoiding multiple disk operations for every individual file.
Props jonsurrell, gziolo, wildworks, noisysocks.
See #60647, #59462.
Built from https://develop.svn.wordpress.org/trunk@59083
git-svn-id: http://core.svn.wordpress.org/trunk@58479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Composer 1.10.0 introduced a `lock` config option, which, when set to `false` will prevent a `composer.lock` file from being created and will ignore it when one exists.
This is a useful option for packages like WordPress where the `lock` file has no meaning.
It also makes life more straightforward for contributors as they don't have to remember that for this repo they should use `composer update` instead of `composer install`. Both will now work the same.
Reference: [https://getcomposer.org/doc/06-config.md#lock Composer Documentation: Config: lock].
Follow-up to [51543].
Props jrf.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59082
git-svn-id: http://core.svn.wordpress.org/trunk@58478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes query alteration from `build_comment_query_vars_from_block` by introducing a new way to pass the `$page` as argument to functions handling pagination for the comments.
Props cybr, santosguillamot, bernhard-reiter, gziolo.
Fixes#60806.
Built from https://develop.svn.wordpress.org/trunk@59081
git-svn-id: http://core.svn.wordpress.org/trunk@58477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Extends block context during block bindings processing. This implies that the context is extended ONLY for the blocks where bindings are defined and only when rendered on the page.
Props santosguillamot, gziolo, artemiosans, cbravobernal.
Fixes#61642.
Built from https://develop.svn.wordpress.org/trunk@59080
git-svn-id: http://core.svn.wordpress.org/trunk@58476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets.
This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing.
Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not
able to provide the full safety that will eventually appear with `set_inner_html()`.
Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text).
Developed in https://github.com/wordpress/wordpress-develop/pull/7331
Discussed in https://core.trac.wordpress.org/ticket/62036
Props dmsnell, jonsurrell, westonruter.
Fixes#62036.
Built from https://develop.svn.wordpress.org/trunk@59076
git-svn-id: http://core.svn.wordpress.org/trunk@58472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, there were a few cases where the modifiable text read from an HTML comment differs slightly from the parsed value of its inner text in a browser. This is due to the specific way that invalid HTML syntax tokens become "bogus comments."
This patch introduces a new method to the Tag Processor to allow differentiating these specific cases, such as when copying or serializing HTML from one source to another. Similar code has already been in use in the html5lib tests, and this patch simplifies the test runner, evidencing the fact that this method was already needed.
Developed in https://github.com/wordpress/wordpress-develop/pull/7342
Discussed in https://core.trac.wordpress.org/ticket/62036
Props dmsnell, jonsurrell.
See #62036.
Built from https://develop.svn.wordpress.org/trunk@59075
git-svn-id: http://core.svn.wordpress.org/trunk@58471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the function applies the `wp_editor_settings` filter and merges the resulting array with the rest of TinyMCE init settings.
Includes a unit test to verify that the settings are merged correctly after adding the assignment of `array_merge()` result that was missed in the initial commit.
Follow-up to [44265], [59033].
Props kkmuffme, akshat2802, davidbaumwald, SergeyBiryukov.
Fixes#61754.
Built from https://develop.svn.wordpress.org/trunk@59074
git-svn-id: http://core.svn.wordpress.org/trunk@58470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Expands tests to ensure the version number of packages updated via NPM matches the version number used for registering the script in the script loader.
This adds tests for (by their registered name in WordPress):
* backbone
* clipboard
* hoverIntent
* hoverintent-js
* imagesloaded
* jquery-color
* jquery-core
* jquery-form
* masonry
* react-jsx-runtime
* underscore
* wp-polyfill-dom-rect
* wp-polyfill-element-closest
* wp-polyfill-fetch
* wp-polyfill-formdata
* wp-polyfill-inert
* wp-polyfill-node-contains
* wp-polyfill-object-fit
* wp-polyfill-url
This expands on the earlier tests introduced for:
* lodash
* moment
* react
* react-dom
* regenerator-runtime
An additional test is added to ensure that the data provider for these tests is maintained as libraries are added via package.json.
`@wordpress/*` scripts are excluded from these tests as wp-scripts generates a version number automatically based on the file's contents.
Additionally, the version of element-closest listed in package.json is updated to use a fixed version rather than a range. This reflects the current practice of WordPress to define the specific version in core. For the avoidance of doubt, this does not affect the version shipped in WordPress.
Follow up to [57185].
Props peterwilsoncc, jorbin.
Fixes#61855.
Built from https://develop.svn.wordpress.org/trunk@59071
git-svn-id: http://core.svn.wordpress.org/trunk@58467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the first `foreach` loop in Text_Diff::_check()`, `$prevtype` is `null`. As `instanceof` requires the class name term to be an object or string, a fatal error is thrown:
>Fatal error: Uncaught Error: Class name must be a valid object or a string on line 279
This change:
* Adds a simple test for the `Text_Diff::_check()` method, which is how the bug was discovered as the test could never pass with the code as-is.
* Adds a defensive guard to protect against the fatal. It checks if `$prevtype` is not `null` as a pre-condition to for checking the instance. This bugfix also resolves the failing test.
Follow-up to [49194], [7747].
Props jrf, hellofromTonya.
See #62083.
Built from https://develop.svn.wordpress.org/trunk@59070
git-svn-id: http://core.svn.wordpress.org/trunk@58466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `mysqli_ping()` function is deprecated as of PHP 8.4, though, in reality, the function wasn't working according to spec anymore since PHP 8.2 when the `libmysql` driver was dropped in favour of `libmysqlnd`, which was already the default (and recommended) driver since PHP 5.4.
The `mysqli_ping()` method was also not really correctly named as its functionality was to reconnect to the database, not just ping.
The alternative is to "manually" ping the database by sending a `DO 1` query (the cheapest possible SQL query).
Adding a PHP version based toggle was considered, but as mentioned above, the default driver has been `libmysqlnd` since PHP 5.4 and in that case, the function never worked anyway, so in reality `mysqli_ping()` was only really functional for the odd custom PHP compilation where `mysqli` was build against `libmysql` AND `reconnect` was not disabled.
With this in mind, this change replaces the call to `mysqli_ping()` with the `DO 1` query completely. If that query succeeds, it concludes the database connection is still alive. This solution should be the most stable as it will work for both PHP 7.2 <= 8.1, independently of which driver `mysqli` was compiled with, as well as for PHP 8.2+.
Note: It could also be considered to remove the function call to `mysqli_ping()` completely and rely on standard error handling in case the connection would have dropped, as after all, the fact that the connection existed at the moment the "ping" happened, is no guarantee that the connection will still exist when the next query is send.... this approach was not chosen so as WP has custom error handling and does not use the PHP native mysqli exceptions for this, which would make implementing this more awkward.
Includes a test to verify that the connection check works when there is a valid connection (this was previously not covered by tests).
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#mysqli_ping_and_mysqliping
* https://github.com/php/php-src/pull/11912#issuecomment-1671762583
* https://stackoverflow.com/questions/2546868/cheapest-way-to-determine-if-a-mysql-connection-is-still-alive/2546922#2546922
* php/php-src#11945
* https://wiki.php.net/rfc/mysqli_support_for_libmysql
* https://www.php.net/mysqli_ping
Follow-up to [56475], [27250], [27075].
Props jrf, hellofromTonya.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59069
git-svn-id: http://core.svn.wordpress.org/trunk@58465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset updates Twenty Twenty-Three and Twenty Twenty-Four and replaces text strings in HTML files with patterns to make the strings translatable.
Follow-up to [58459].
Props sabernhardt, karmatosed, iflairwebtechnologies, poena.
Fixes#61951.
Built from https://develop.svn.wordpress.org/trunk@59065
git-svn-id: http://core.svn.wordpress.org/trunk@58461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevents a potential type errors when making use of the `gmt_offset` option by casting the value to a float prior to performing calculations with the value.
This mainly accounts for incorrect storage of values, such as an empty string or city name.
Follow up to [58923].
Props chaion07, hellofromtonya, kirasong, mhshohel, mukesh27, nicolefurlan, nihar007, nurielmeni, oglekler, peterwilsoncc, prionkor, rajinsharwar, rarst, rleeson, sabernhardt, SergeyBiryukov, swissspidy, toastercookie, verygoode.
Fixes#56358, #58986, #60629.
Built from https://develop.svn.wordpress.org/trunk@59064
git-svn-id: http://core.svn.wordpress.org/trunk@58460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions.
{{{
xml_set_object( $parser, $my_obj );
xml_set_character_data_handler( $parser, 'method_name_on_my_obj' );
}}}
Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to:
{{{
xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] );
}}}
The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well.
This commit fixes this deprecation for the `MagpieRSS::__construct()` method.
The change has not been not covered by tests. This class has been deprecated since WP 3.0.0 and is not covered by tests at all. Adding those now seems superfluous, all the more as the principle of the fix is no different than for the other files, so we can be sure it works anyway.
Note: Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file.
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names
* https://www.php.net/manual/en/function.xml-set-object.php
* https://www.php.net/manual/en/ref.xml.php
Follow-up to [4399].
Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59063
git-svn-id: http://core.svn.wordpress.org/trunk@58459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions.
{{{
xml_set_object( $parser, $my_obj );
xml_set_character_data_handler( $parser, 'method_name_on_my_obj' );
}}}
Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to:
{{{
xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] );
}}}
The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well.
This commit fixes this deprecation for the `AtomParser::parse()` method.
This change is safeguarded via the new `AtomParser_Parse_Test` class.
Notes:
* Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file.
* It appears that this class is not actually used by WP Core itself, so it could be considered to deprecate the class. However, as the class is not currently deprecated, safeguarding the change with a test seemed prudent.
* The fixture used for the test reuses a fixture from the original package: https://code.google.com/archive/p/phpatomlib/source/default/source
* The new test class follows the recommended test format (naming convention of the class, `@covers` tag at class level, only testing one method) as per Trac tickets 62004 / 53010.
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names
* https://www.php.net/manual/en/function.xml-set-object.php
* https://www.php.net/manual/en/ref.xml.php
Follow-up to [5951].
Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59062
git-svn-id: http://core.svn.wordpress.org/trunk@58458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `WP_UnitTestCase_Base::assertSamePathIgnoringDirectorySeparators()` and `WP_UnitTestCase_Base::normalizeDirectorySeparatorsInPath()` in existing tests.
Follow-up to [59057], [57753], [57215], [56635], [48937], [25002].
Props jrf.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59061
git-svn-id: http://core.svn.wordpress.org/trunk@58457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the sixth part in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other.
This patch separates the sixth of twelve groups, the `wp-media` info, into a separate method focused on that data.
This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code.
Developed in https://github.com/wordpress/wordpress-develop/pull/7356
Discussed in https://core.trac.wordpress.org/ticket/61648
Props apermo, dmsnell.
See #61648.
Built from https://develop.svn.wordpress.org/trunk@59060
git-svn-id: http://core.svn.wordpress.org/trunk@58456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
There are a number of ways to mitigate this:
* If it's an accidental typo for a declared property: fix the typo.
* For known properties: declare them on the class.
* For unknown properties: add the magic `__get()`, `__set()` et al methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods build in.
* For unknown _use of_ dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes.
In this case, the property added are explicitly referenced in this class, so fall in the "known property" category.
Refs:
* https://wiki.php.net/rfc/deprecate_dynamic_properties
Props jrf.
See #56034.
Built from https://develop.svn.wordpress.org/trunk@59058
git-svn-id: http://core.svn.wordpress.org/trunk@58454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces `WP_UnitTestCase_Base::assertSamePathIgnoringDirectorySeparators()` and an associated helper method `WP_UnitTestCase_Base::normalizeDirectorySeparatorsInPath()` to allow for comparing two file path strings independently of OS-specific differences.
The normalization is done in a separate method to also allow this method to be used for path normalization within test methods themselves, like for normalizing a group of paths in an array.
The pretty specific method name for the helper (`normalizeDirectorySeparatorsInPath()`) is an attempt to prevent naming conflicts with methods which may exist in plugin test suites build on top of the WP Core test suite.
Props jrf, hellofromTonya.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59057
git-svn-id: http://core.svn.wordpress.org/trunk@58453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions.
{{{
xml_set_object( $parser, $my_obj );
xml_set_character_data_handler( $parser, 'method_name_on_my_obj' );
}}}
Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to:
{{{
xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] );
}}}
The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well.
This commit fixes this deprecation for the `IXR_Message::parse()` method.
This change is safeguarded via the new`Tests_XMLRPC_Message::test_parse_sets_handlers()` test method.
Note: Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file.
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names
* https://www.php.net/manual/en/function.xml-set-object.php
* https://www.php.net/manual/en/ref.xml.php
Follow-up to [15612], [1346].
Props jrf, hellofromTonya.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59056
git-svn-id: http://core.svn.wordpress.org/trunk@58452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions.
{{{
xml_set_object( $parser, $my_obj );
xml_set_character_data_handler( $parser, 'method_name_on_my_obj' );
}}}
Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to:
{{{
xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] );
}}}
The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well.
This commit fixes this deprecation for the `TestXMLParser` helper utility. In this case, the callbacks were already using the recommended format and the call to `xml_set_object()` was completely redundant.
As this is a test utility and was already causing pre-existing tests using the utility to fail, there is no need for dedicated tests to cover this change.
Refs:
* https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names
* https://www.php.net/manual/en/function.xml-set-object.php
* https://www.php.net/manual/en/ref.xml.php
Follow-up to [25002].
Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59055
git-svn-id: http://core.svn.wordpress.org/trunk@58451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 8.4 deprecates implicitly nullable parameters, i.e. typed parameters with a `null` default value, which are not explicitly declared as nullable.
This commit the one instance of this in the `WP_HTML_Processor` class.
Fixed by adding the nullability operator to the type, which is supported since PHP 7.1, so we can use it now the minimum supported PHP version is PHP 7.2.
As this deprecation is thrown at compile time, it can be seen at the top of the test output when running on PHP 8.4 (which will be gone once this change has been committed). It is not possible to write a test to cover this.
Ref: https://wiki.php.net/rfc/deprecate-implicitly-nullable-types
Follow-up to [58867], [58769], [58304], [58192].
Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59053
git-svn-id: http://core.svn.wordpress.org/trunk@58449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 8.4 deprecates implicitly nullable parameters, i.e. typed parameters with a `null` default value, which are not explicitly declared as nullable.
The `Tests_HtmlApi_WpHtmlProcessorComments` test class contains one problematic parameter in the `test_comment_processing()` method declaration.
While this could be fixed by adding the nullability operator, the type declarations in the test method is removed instead, including other type declarations for this method and the second test method, which were not affected by the deprecation.
The reason for this is quite straight-forward: using type declarations in tests is bad practice and inhibits defense-in-depth type testing.
Using type declarations in tests prevents being able to test the "code under test" with unexpected input types as the values with unexpected (scalar) types will be juggled to the expected type between the data provider and the test method and the _real_ data value would therefore never reach the method under test.
The knock-on effects of this are:
* That the input handling of the "code under test" can not be safeguarded, whether this input handling is done via in-function type checking or via a type declaration in the "code under test".
* That if such "unexpected data type" tests are added to the data provider, they will silently pass (due to the type being juggled before reaching the "code under test"), giving a false sense of security, while in actual fact, these data sets would not be testing anything at all and if, for instance, the type declaration in the "code under test" would be removed, these tests would still pass, while by rights they should start failing.
Also note that this problem would only be exacerbated if the file would be put under `strict_types`.
Ref: https://wiki.php.net/rfc/deprecate-implicitly-nullable-types
Follow-up to [58734].
Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59052
git-svn-id: http://core.svn.wordpress.org/trunk@58448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WordPress Hosting Test Results now supports multiple reports for the same commit from the same test bot. This updates the PHPUnit test workflow to submit results for each version of PHP running the tests.
Props swissspidy, jorbin, crixu, kirasong, desrosj.
See #61564.
Built from https://develop.svn.wordpress.org/trunk@59049
git-svn-id: http://core.svn.wordpress.org/trunk@58445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This patch any role that can edit a post, including custom post types, or edit theme options to read global styles from the API. This enables read-only access to global styles in the post editor. Test coverage in included.
Props ramonopoly, peterwilsoncc, mukesh27, aaronrobertshaw, mamaduka, spacedmonkey, talldanwp, timothyblynjacobs.
Fixes#62042.
Built from https://develop.svn.wordpress.org/trunk@59048
git-svn-id: http://core.svn.wordpress.org/trunk@58444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As indicated by name, this is a compatibility file which warrants more care to begin with, but it's still worth warning folks about how narrow function availability is in this file.
Props jorbin, dmsnell, helen.
See #61694.
Built from https://develop.svn.wordpress.org/trunk@59043
git-svn-id: http://core.svn.wordpress.org/trunk@58439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Set the AVIF encoder to work faster by raising heic:speed to 7 from the default of 5. AVIF generation time is reduced by up to 20% with minimal impact on image size.
Props: adamsilverstein, erikyo, mukesh27, yguyon, felixarntz, jzern.
Fixes#61758.
Built from https://develop.svn.wordpress.org/trunk@59042
git-svn-id: http://core.svn.wordpress.org/trunk@58438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add outlines and borders to mark the boundaries between the admin navigation menu and content and around adminbar submenus that are visible when Windows High Contrast Mode is enabled. This clarifies the page structure and makes high contrast mode easier to use.
Props wildworks, hbhalodia, sabernhardt, joedolson, rcreators.
Fixes#61616.
Built from https://develop.svn.wordpress.org/trunk@59041
git-svn-id: http://core.svn.wordpress.org/trunk@58437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Explicitly checks date parsing return values for `false`, so that `0` (the value returned for the UNIX epoch of `1970-01-01 00:00:00`) is correctly treated as a valid timestamp.
It should be valid to create a post dated to any point in history.
Props emmanuel78, sabernhardt, siliconforks, drjosh07, antpb, TimothyBlynJacobs.
Fixes#60184.
Built from https://develop.svn.wordpress.org/trunk@59040
git-svn-id: http://core.svn.wordpress.org/trunk@58436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`set_time_limit` can cause unexpected behavior so it general should be avoided. There are instances though where they should be used so those instances should be properly documented.
Props Rcrayno, ryan, kurtpayne, jorbin.
Fixes#21521. See #19487.
Built from https://develop.svn.wordpress.org/trunk@59039
git-svn-id: http://core.svn.wordpress.org/trunk@58435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The .env file allows for configuring how the WordPress Local environment should be configured. However, because the file is version controlled, developers must be careful not to commit their modifications.
This commit renames the .env file to be .env.example. During env start, the .env.example file is copied to .env if it does not exist. This allows for contributors to continue using the project without thinking about .env and to make changes when needed. This brings WordPress Core into the dotenv project guidelines.
Props johnbillion, afragen, h71, desrosj.
Fixes#52668.
Built from https://develop.svn.wordpress.org/trunk@59038
git-svn-id: http://core.svn.wordpress.org/trunk@58434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `password` property which gets sent as part of a request POST body while setting a post's password should not be checked when calculating post visibility permissions.
That value in the request body is intended to update the post, not to authenticate, and may be malformed or an invalid non-string type which would cause a fatal when checking against the hashed post password value.
Query parameter `?password=` values are the correct interface to check, and are also guaranteed to be strings.
Props mlf20, devansh016, antonvlasenko, TimothyBlynJacobs, kadamwhite.
Fixes#61837.
Built from https://develop.svn.wordpress.org/trunk@59036
git-svn-id: http://core.svn.wordpress.org/trunk@58432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a Ctrl/Command + Enter keyboard shortcut to insert the currently selected single media or multiple media items when selecting in the Media Library modal.
Props poena, hirschferkel, antpb, joedolson, skobe, rcreators, plaidharper.
Fixes#60369.
Built from https://develop.svn.wordpress.org/trunk@59035
git-svn-id: http://core.svn.wordpress.org/trunk@58431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds support for a new `search_semantics` enum query parameter that can be passed alongside the `search` string parameter. At this point, it only supports "exact" as possible value, but an enum is used for forward compatibility with potential enhancements like "sentence" search support. If `search_semantics=exact` is passed, it will look for an exact match rather than do a full text search, which for some use-cases is more appropriate and more performant.
Props mehulkaklotar, timothyblynjacobs, jimmyh61, ironprogrammer, johnregan3, mukesh27, costdev.
Fixes#56350.
Built from https://develop.svn.wordpress.org/trunk@59034
git-svn-id: http://core.svn.wordpress.org/trunk@58430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The REST API uses the "Allow" header to communicate what methods a user is authorized to perform on a resource. This works great when operating on a single item route, but can break down when needing to determine authorization over a collection of items.
This commit uses the "targetHints" property of JSON Hyper Schema to provide access to the "allow" header for "self" links. This alleviates needing to make a separate network request for each item in a collection.
Props mamaduka, noisysocks, peterwilsoncc, spacedmonkey, swissspidy, timothyblynjacobs, tyxla, youknowriad.
Fixes#61739.
Built from https://develop.svn.wordpress.org/trunk@59032
git-svn-id: http://core.svn.wordpress.org/trunk@58428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the introduction of Block Bindings, it became more common to see workflows where users need to see the custom fields that are available or connected. They were relying on the meta key, however it feelt too technical sometimes. The solution is adding a new label argument to include a human-readable name that can be used across the UI.
Props santosguillamot, mamaduka, gziolo, timothyblynjacobs, peterwilsoncc.
Fixes#61998.
Built from https://develop.svn.wordpress.org/trunk@59023
git-svn-id: http://core.svn.wordpress.org/trunk@58419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Increases the frequency of heartbeat API requests from once every 15 seconds to once every 10 seconds.
The purpose of this change is to reduce the length of time before a post becomes unlocked as a user navigates around the WordPress Dashboard and ceases editing a post.
`wp.heartbeat.interval()` has been modified to allow theme and plugin authors to set the heartbeat interval to any value between one second and one hour rather than limiting them to a fixed set of values.
Props azaozz, annezazu, jorbin, kirasong.
Fixes#61960.
Built from https://develop.svn.wordpress.org/trunk@59016
git-svn-id: http://core.svn.wordpress.org/trunk@58412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the part five in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other.
This patch separates the fifth of twelve groups, the `wp-mu-plugins` info, into a separate method focused on that data.
This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code.
Developed in https://github.com/wordpress/wordpress-develop/7305
Discussed in https://core.trac.wordpress.org/ticket/61648
Props apermo, dmsnell.
See #61648.
Built from https://develop.svn.wordpress.org/trunk@59011
git-svn-id: http://core.svn.wordpress.org/trunk@58407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the part four in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other.
This patch separates the fourth of twelve groups, the `wp-server` info, into a separate method focused on that data.
This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code.
Developed in https://github.com/wordpress/wordpress-develop/7283
Discussed in https://core.trac.wordpress.org/ticket/61648
Props apermo, costdev, dmsnell, kebbet, mukesh27.
See #61648.
Built from https://develop.svn.wordpress.org/trunk@59002
git-svn-id: http://core.svn.wordpress.org/trunk@58398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are places in the HTML API code where some tools get confused and flag invalid types for the return of a function because they are unable to detect that the end of the function is unreachable.
Since PHP doesn't provide a way to encode total matching in the source code, this patch adds a few extra lines in those unreachable locations to satisfy any tooling which isn't able to fully analyze the code.
Additionally this serves as extra guarding in case someone changes these functions in a way which would break them and the existing test suite doesn't catch those breakages.
Developed in https://github.com/WordPress/wordpress-develop/pull/7315
Discussed in https://core.trac.wordpress.org/ticket/62018
Props dlh, dmsnell.
Fixes#62018.
Built from https://develop.svn.wordpress.org/trunk@59001
git-svn-id: http://core.svn.wordpress.org/trunk@58397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
About half of the file's code was a back-compat polyfill of base64 functions for IE9.
Since WordPress no longer supports IE9 as of version 4.8, and all modern browsers come with these functions, the polyfills can be removed.
Follow-up to [26072], [26131], [26601], [47771].
Props TobiasBg, sabernhardt.
Fixes#61995.
Built from https://develop.svn.wordpress.org/trunk@58997
git-svn-id: http://core.svn.wordpress.org/trunk@58393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
During a refactor to modularize the debug data class, it came up that the ordering of the sections inside of the returned debug info is relevant to existing UIs, as they iterate the array, which happens in insertion order.
This patch presets each section at the start to ensure that the ordering remains consistent even as code within the method is rearranged. As the mini-project progresses, this assignment will be the final place all the sections are referenced.
Developed in https://github.com/WordPress/wordpress-develop/pull/7289
Discussed in https://core.trac.wordpress.org/ticket/61648
Props apermo, dmsnell, sergeybiryukov.
See #61648.
Built from https://develop.svn.wordpress.org/trunk@58996
git-svn-id: http://core.svn.wordpress.org/trunk@58392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `pop_until( $tag_name )` method in the stack of open elements should only be examining HTML elements, but it has only been checking the tag name. This has led to closing the wrong tags when run from inside foreign content. A very specific situation where this may arise is when a `TEMPLATE` closer is found inside foreign content, inside another template.
{{{
HTML:template SVG:template HTML:/template
<template><svg><template><foreignObject><div></template><div>
╰──< this outer TEMPLATE is closed by this one >───╯
}}}
This patch constains the method to checking for elements matching the tag name which are in the HTML namespace so that the proper detection occurs.
Developed in https://github.com/WordPress/wordpress-develop/pull/7286
Discussed in https://core.trac.wordpress.org/ticket/61576
Follow-up to [58867].
Props dmsnell, jonsurrell.
See #61576.
Built from https://develop.svn.wordpress.org/trunk@58992
git-svn-id: http://core.svn.wordpress.org/trunk@58388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The HTML API has been behaving as if CSS class name selectors matched class names in an ASCII case-insensitive manner. This is only true if the document in question is set to quirks mode. Unfortunately most documents processed will be set to no-quirks mode, meaning that some CSS behaviors have been matching incorrectly when provided with case variants of class names.
In this patch, the CSS methods have been audited and updated to adhere to the rules governing ASCII case sensitivity when matching classes. This includes `add_class()`, `remove_class()`, `has_class()`, and `class_list()`. Now, it is assumed that a document is in no-quirks mode unless a full HTML parser infers quirks mode, and these methods will treat class names in a byte-for-byte manner. Otherwise, when a document is in quirks mode, the methods will compare the provided class names against existing class names for the tag in an ASCII case insensitive way, while `class_list()` will return a lower-cased version of the existing class names.
The lower-casing in `class_list()` is performed for consistency, since it's possible that multiple case variants of the same comparable class name exists on a tag in the input HTML.
Developed in https://github.com/WordPress/wordpress-develop/pull/7169
Discussed in https://core.trac.wordpress.org/ticket/61531
Props dmsnell, jonsurrell.
See #61531.
Built from https://develop.svn.wordpress.org/trunk@58985
git-svn-id: http://core.svn.wordpress.org/trunk@58381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add the `OPTIONS /wp/v2/pages` route to the list. The request is made via the `useBlockEditorSettings` hook at the top of the editor React tree. Preloading should improve the editor's loading time.
Avoid hardcoding paths for the 'attachment' post type; use the `rest_get_route_for_post_type_items` helper method instead.
Props mamaduka, noisysocks.
See #61884.
Built from https://develop.svn.wordpress.org/trunk@58984
git-svn-id: http://core.svn.wordpress.org/trunk@58380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a guard to verify the result of `get_post_type_object()` before retrieving the `all_items` label, as the function returns `null` if the post type does not exist.
Follow-up to [24527].
Props pcarvalho, akshat280, mukesh27, SergeyBiryukov.
Fixes#60947.
Built from https://develop.svn.wordpress.org/trunk@58983
git-svn-id: http://core.svn.wordpress.org/trunk@58379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
hellofromTonya
Sergey Biryukov
czapla
TimothyBlynJacobs
gziolo
noisysocks
dmsnell
Peter Wilson
poena
Drew Jaynes
desrosj
ramonopoly
davidbaumwald
Jeremy Felt
Aaron Jorbin
Helen Hou-Sandí
Adam Silverstein
joedolson
K. Adam White
antpb
Felix Arntz
John Blackbourn
Pascal Birchler
Joe McGill
Mamaduka