In `WP_Upgrader::delete_temp_backup()`, a malformed `sprintf()` call did not pass the value, triggering a Warning in PHP 7 and a Fatal Error in PHP 8.
This fixes the malformed `sprintf()` call by correctly passing the value.
Follow-up to [55720].
Props akihiroharai, afragen.
Fixes#59320.
Built from https://develop.svn.wordpress.org/trunk@56550
git-svn-id: http://core.svn.wordpress.org/trunk@56062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces `trigger_error()` with `wp_trigger_error()` in each of the `WP_List_Table` magic methods.
[56349] added the dynamic properties deprecation messages to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods. Since that commit, `wp_trigger_error()` was introduced (see [56530]) as a wrapper for `trigger_error()`.
Follow-up to [56349], [56356], [56530].
See #58896, #57686.
Built from https://develop.svn.wordpress.org/trunk@56542
git-svn-id: http://core.svn.wordpress.org/trunk@56054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, bulk upgrades did not verify that a plugin package was compatible with the site's WordPress version or the server's PHP version. This could lead to incompatible updates being installed, causing various compatibility issues and errors.
This change implements the following checks:
- If available, the API response's `requires` and `requires_php` values are checked for compatibility. This saves time, diskspace, memory and file operations by failing the upgrade before the package is downloaded and unpacked.
- If the API check passes, the downloaded and unpacked package is verified using `Plugin_Upgrader::check_package()` to ensure a plugin file is present, and the plugin's "RequiresWP" and "RequiresPHP" headers are compatible, if present. This ensures that a mismatch between the API response and the plugin file's headers does not cause an incompatible plugin to be installed.
Props salcode, afragen, mukesh27, iammehedi1, zunaid321, johnbillion, SergeyBiryukov, costdev.
Fixes#59198.
Built from https://develop.svn.wordpress.org/trunk@56525
git-svn-id: http://core.svn.wordpress.org/trunk@56037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introducing Font Face, a server-side `@font-face` styles generator and printer.
tl;dr:
* Introduces Font Face.
* Deprecates `_wp_theme_json_webfonts_handler()`.
**Introduce Font Face**
From an array of fonts (i.e. each font-family and its font variations to be processed), it:
1. Validates each `font-face` declaration, i.e. the CSS property and value pairing. If validation fails, processing stops with no font-face styles printed.
3. Generates the `@font-face` CSS for each font-family.
4. Prints the CSS within a `<style id="wp-fonts-local">` element.
The entry point into Font Face is through a new global function called `wp_print_font_faces()`, which is automatically called:
* when the `'wp_head'` hook runs (for the front-end).
* when the `'admin_print_styles'` hook runs (for the back-end).
* when `_wp_get_iframed_editor_assets()` runs to inject the `@font-face` styles into the iframed editor.
Once called, it gets the fonts from Theme_JSON merged data layer, which includes theme defined fonts and user activated fonts (once the Font Library #59166 is introduced into Core).
For classic sites, themes and plugins can directly call `wp_print_font_faces()` and pass their fonts array to it for processing.
**Deprecates `_wp_theme_json_webfonts_handler()`.**
As Font Face is a direct replacement, the stopgap code in `_wp_theme_json_webfonts_handler()` (introduced in 6.0.0 via [53282]) is deprecated and unused in Core.
**Props note:**
There's a long multiple year history baked into Font Face, which dates back to the early versions of a web font API (see #46370 and [https://github.com/WordPress/gutenberg/issues/41479 roadmap]. The props list includes those who contributed from those early versions up to this commit.
**References:**
* #46370 original (Web)Fonts API proposal for registering and enqueuing web fonts.
* [https://github.com/WordPress/gutenberg/issues/41479 Gutenberg tracking issue] which includes the evolution from Webfonts API to Fonts API to Font Face.
* [53282] / #55567 Added the stopgap code `_wp_theme_json_webfonts_handler()` in 6.0.
* [https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face @font-face on mdn web docs]
* #59166 Font Library: Font manager for WordPress
Follow-up to [53282].
Props aristath, jonoaldersonwp, hellofromTonya, andraganescu, annezazu, antonvlasenko, arena, askdesign, azaozz, bph, bradley2083, colorful-tones, costdev, davidbaumwald, desrosj, dingo_d, djcowan, domainsupport, dryanpress, elmastudio, flixos90, francina, garrett-eclipse, gigitux, grantmkin, grapplerulrich, gziolo, ironprogrammer, jb510, jeffpaul, jeremyyip, jffng, joostdevalk, jorgefilipecosta, juanmaguitar, mamaduka, matveb, mburridge, mitogh, ndiego, ntsekouras, oandregal, ocean90, oglekler, paaljoachim, pagelab, peterwilsoncc, poena, priethor, scruffian, SergeyBiryukov, shiloey, simison, skorasaurus, soean, westonruter, wildworks, zaguiini.
Fixes#59165.
Built from https://develop.svn.wordpress.org/trunk@56500
git-svn-id: http://core.svn.wordpress.org/trunk@56012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- `__construct()` gets the new `_deprecated_class()` function
- `WP_User_Search` PHP4 style constructor is changed from `_deprecated_function()` to `_deprecated_constructor()`
Adds a test to confirm `WP_User_Search` class is testable as deprecated.
Props jrf, DrewAPicture.
Fixes#41125.
Built from https://develop.svn.wordpress.org/trunk@56469
git-svn-id: http://core.svn.wordpress.org/trunk@55981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the 'x' in the Help message that instructs a user how to remove an item from a group of bulk edit items to use the dashicon and text equivalent that matches the visual and accessible control name.
Props Presskopp, costdev, sabernhardt, matthewfarlymn, bvreeman22.
Fixes#58785.
Built from https://develop.svn.wordpress.org/trunk@56460
git-svn-id: http://core.svn.wordpress.org/trunk@55972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a few WPCS warnings:
{{{
Variable "$sX" is not in valid snake_case format, try "$s_x"
Variable "$sY" is not in valid snake_case format, try "$s_y"
}}}
The `$sX` and `$sY` variables are renamed to `$original_width` and `$original_height`, respectively.
Additionally, the `$fwidth` and `$fheight` variables are renamed to `$full_width` and `$full_height`, for clarity.
Follow-up to [11965], [22094], [56400].
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56411
git-svn-id: http://core.svn.wordpress.org/trunk@55923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add functions `wp_get_admin_notice()` and `wp_admin_notice()` to create and output admin notices & tests for usage. New functions accept a message and array of optional arguments. This commit does not implement the functions. Include new filters: `wp_admin_notice_args`, `wp_admin_notice_markup` and action: `wp_admin_notice`.
Props joedolson, costdev, sakibmd, dasnitesh780, sabernhardt.
Fixes#57791.
Built from https://develop.svn.wordpress.org/trunk@56408
git-svn-id: http://core.svn.wordpress.org/trunk@55920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the available disk space exceeds the `PHP_INT_MAX` value, i.e. a 32-bit PHP version is in use with more than 2 GB free, the type casting to `(int)` could cause an overflow, and the Site Health test would then erroneously report that there is not enough free space.
This commit removes the unnecessary type casting and uses the result from `disk_free_space()` directly.
Includes optimizing the logic to skip further checks if the available disk space could not be determined.
Follow-up to [55720].
Props mathsgrinds, Presskopp, rajinsharwar, SergeyBiryukov.
Fixes#59116.
Built from https://develop.svn.wordpress.org/trunk@56401
git-svn-id: http://core.svn.wordpress.org/trunk@55913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following dependencies to their latest versions:
- `chalk`
- `cssnano`
- `dotenv`
- `grunt-contrib-cssmin`
- `grunt-contrib-qunit`
- `grunt-webpack`
- `jest-image-snapshot`
- `postcss`
- `sass`
- `sinon`
- `webpack`
Additionally, `npm audit fix` has been run to automatically fix as many issues as possible.
See #58863.
Built from https://develop.svn.wordpress.org/trunk@56390
git-svn-id: http://core.svn.wordpress.org/trunk@55902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Changes "define" to "declare" in the deprecation message in `WP_List_Table` magic methods.
Why is "declare" better?
It aligns well to:
* the topic of and published information about dynamic properties.
* the act of explicitly listing the variable as a property on the class.
The goal of this message is guide developers to change their code. Changing the term to "declare" hopefully will aid in the understanding of what is being asked of developers when this deprecation is thrown.
Follow-up [56349].
Props hellofromTonya, antonvlasenko.
Fixes#58896.
Built from https://develop.svn.wordpress.org/trunk@56356
git-svn-id: http://core.svn.wordpress.org/trunk@55868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The unknown use of unknown dynamic property within the `WP_List_Table` property magic methods is now deprecated. A descriptive deprecation notice is provided to alert developers to declare the property on the child class extending `WP_List_Table`.
Changes in this commit:
* Adds a deprecation notice to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods, i.e. to alert and inform developers when attempting to get/set/isset/unset a dynamic property.
* Fixes `__get()` to explicitly returns `null` when attempting to get a dynamic property.
* Removes returning the value when setting a declared property, as (a) unnecessary and (b) `__set()` should return `void` [https://www.php.net/manual/en/language.oop5.overloading.php#object.set per the PHP handbook].
* Adds unit tests for happy and unhappy paths.
For backward compatibility, no changes are made to the internal declared properties listed in `$compat_fields` and accessed through the magic methods.
For example:
A child class uses a property named `$data` that is not declared / defined as a property on the child class. When getting its value, e.g. `$list_table->data`, the `WP_List_Table::__get()` magic method is invoked, the following deprecation notice thrown, and `null` returned:
>The property `data` is not defined. Setting a dynamic (undefined) property is deprecated since version 6.4.0! Instead, define the property on the class.
=== Why not remove the magic methods, remove the `$compat_fields` property, and restore the properties `public`?
tl;dr Backward compatibility.
Several plugins, one of which has over 5M installs, add a property to the `$compat_fields` array. Removing the property would cause an `Undefined property` `Warning` (PHP 8) | `Notice` (PHP 7) to be thrown. Removing the associated code would change the functionality.
=== Why not limit the deprecation for PHP versions >= 8.2?
tl;dr original design intent and inform
The magic methods and `$compat_fields` property were added for one purpose: to continue providing external access to internal properties declared on `WP_List_Table`. They were not intended to be used for dynamic properties.
Deprecating that unintended usage both alerts developers a change is needed in their child class and informs them what to change.
References:
* Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
* A [https://www.youtube.com/live/vDZWepDQQVE?feature=share&t=10097 live open public working session] where these changes were discussed and agreed to.
* [https://wiki.php.net/rfc/deprecate_dynamic_properties PHP RFC: Deprecate dynamic properties.]
Related to #14579, #22234, #30891.
Follow-up to [15491], [28493], [28521], [28524], [31146].
Props antonvlasenko, jrf, markjaquith, hellofromTonya, SergeyBiryukov, desrosj, peterwilsoncc, audrasjb, costdev, oglekler, jeffpaul.
Fixes#58896.
See #56034.
Built from https://develop.svn.wordpress.org/trunk@56349
git-svn-id: http://core.svn.wordpress.org/trunk@55861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the introduction of temporary backups of plugins and themes before updating, a new Site Health test was added to verify that plugin and theme temporary backup directories are writable or can be created.
When using a non-direct filesystem, the Site Health test did not include the required credentials, leading to a fatal error as the connection was not initialized properly.
This commit attemps to use the stored credentials if available, and displays a message otherwise.
Includes a similar fix in a function that performs a cleanup of the temporary backup directory.
Follow-up to [55720].
Props utsav72640, rajinsharwar, costdev, mukesh27, peterwilsoncc, audrasjb, SergeyBiryukov.
See #58940.
Built from https://develop.svn.wordpress.org/trunk@56341
git-svn-id: http://core.svn.wordpress.org/trunk@55853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit updates the link URL to send contributors to an orientation tool for a short survey on what team they may be interested in joining. This coincides with the Get Involved tab.
Follow-up to [17877], [26354], [35898], [43032], [56220].
Props courane01, audrasjb.
See #23348.
Built from https://develop.svn.wordpress.org/trunk@56311
git-svn-id: http://core.svn.wordpress.org/trunk@55823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, Site Editor client-side routing started using only the path query argument for loading non-editor views. The router removed the `postType` query
argument, which caused an error message to be displayed when the template parts list page was reloaded.
This changeset fixes the issue as it was affecting hybrid themes.
Props Mamaduka, isabel_brison, ramonopoly.
Fixes#58889.
Built from https://develop.svn.wordpress.org/trunk@56302
git-svn-id: http://core.svn.wordpress.org/trunk@55814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the headers, icons, and avatar style to match the designs. Fix the version strings on embedded images. Remove the tagline on main About page. Update "ctrl" to the correct capitalization, "Ctrl".
Follow-up to [56263].
Props richtabor, markoserb, audrasjb, nekojonez.
See #58067.
Built from https://develop.svn.wordpress.org/trunk@56292
git-svn-id: http://core.svn.wordpress.org/trunk@55804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the background image and styles for the Welcome Panel. This iteration does not use different colors on the admin color schemes, so the CSS for that has been removed. This also adds back in a working "Edit styles" link, which was removed in 6.2 because the link was broken.
Props richtabor, markoserb.
Fixes#58545.
Built from https://develop.svn.wordpress.org/trunk@56291
git-svn-id: http://core.svn.wordpress.org/trunk@55803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `{min|max}-device-pixel-ratio` syntax as a a non-standard CSS media feature that was used as an alternative to the now standard `resolution`. Prior to Safari 16.0, `-webkit-{min|max}-device-pixel-ratio` was needed to correctly support it.
This change is a result of the `caniuse-lite` update that was applied recently in [56065]. Though there were no changes to target browsers as a result of this update, it seems an upstream change identified these as unnecessary.
See #57856, #58869.
Props desrosj, joemcgill, isabel_brison.
Built from https://develop.svn.wordpress.org/trunk@56279
git-svn-id: http://core.svn.wordpress.org/trunk@55791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a WPCS warning:
> A gettext call containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
Includes moving `wp-content` out of the translatable string in a similar message in `_wp_delete_all_temp_backups()`.
Follow-up to [55720], [56117].
Props jrf.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56276
git-svn-id: http://core.svn.wordpress.org/trunk@55788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a few WPCS warnings:
{{{
Equals sign not aligned with surrounding statements
}}}
so that the output of `composer format` is clean.
Follow-up to [55971], [56033], [56056], [56143], [56214].
Props jrf.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56273
git-svn-id: http://core.svn.wordpress.org/trunk@55785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the start of the WordPress 6.3 about page, introducing new content and a first pass of the new style.
Props jpantani, dansoschin, annezazu, priethor, marybaum, eidolonnight, clarkeemily, flixos90, cbringmann, meher, richtabor, markoserb, joen, saxonafletcher, jameskoster, davidbaumwald, peterwilsoncc, ryelle.
See #58067.
Built from https://develop.svn.wordpress.org/trunk@56263
git-svn-id: http://core.svn.wordpress.org/trunk@55775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [55854], `upgrade_630` function was introduced to update `can_compress_scripts` option to autoload. However the function `add_option` was invoked incorrectly, passing 3 parameters and not 4. The third parameter, which is deprecated, triggers a deprecated argument warning. In this change, pass 4 parameters instead of 3.
Props gudmdharalds, spacedmonkey, costdev, mukesh27.
Fixes#58821.
Built from https://develop.svn.wordpress.org/trunk@56258
git-svn-id: http://core.svn.wordpress.org/trunk@55770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset updates some deprecated jQuery code in the Farbtastic external library. As this vendor script is not maintained anymore, this changeset
also adds a docblock to specify that the library has been "adopted" by WP Core.
Props Malae, sabernhardt, SergeyBiryukov, Presskopp, mrinal013, peterwilsoncc, oglekler, jorbin.
Fixes#57946.
Built from https://develop.svn.wordpress.org/trunk@56252
git-svn-id: http://core.svn.wordpress.org/trunk@55764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988], [55990], [56014], [56021], [56031], [56032], [56065], [56241].
See #58206.
Built from https://develop.svn.wordpress.org/trunk@56245
git-svn-id: http://core.svn.wordpress.org/trunk@55757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change from `scrollIntoView` to `scrollIntoViewIfNeeded` so scrolling will only fire when it is required. `scrollIntoViewIfNeeded` is a proprietary method that is not standardized and not currently on a track towards standards. However, testing has it working well, including in Firefox, which supposedly does not support it.
Props mikecho, studionashvegas, mai21, piotrek, Heiko_Mamerow, costdev, joedolson.
Fixes#55342.
Built from https://develop.svn.wordpress.org/trunk@56243
git-svn-id: http://core.svn.wordpress.org/trunk@55755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow up to [56189], which resolved the initial problem but created new problems with control proximity on wide monitors. Change admin image editor panels to use flex so panels only occupy the space needed.
Props joedolson, sabernhardt, mikinc860.
Fixes#58692.
Built from https://develop.svn.wordpress.org/trunk@56242
git-svn-id: http://core.svn.wordpress.org/trunk@55754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add visual affordance to expanded/collapsed states and move panel under the control rather than placing it next to the toggle, to prevent overflow with the save menu.
Props nithi22, deepakvijayan, antpb, joedolson.
Fixes#58756.
Built from https://develop.svn.wordpress.org/trunk@56239
git-svn-id: http://core.svn.wordpress.org/trunk@55751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the About / Credits / Freedoms / Privacy / Get Involved tabs menu does not expand beyond the container when the side admin menu is expanded.
Follow-up to [56220], [56227], [56233].
Props costdev, mukesh27.
See #23348.
Built from https://develop.svn.wordpress.org/trunk@56234
git-svn-id: http://core.svn.wordpress.org/trunk@55746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to make all the various ways of contributing to open-source WordPress project more discoverable, as well as make it easier to find an area that aligns with new contributor’s skills and interests.
Props oglekler, jpantani, SeReedMedia, ryelle, marybaum, karmatosed, eidolonnight, mt_suzette, Shelob9, desrosj, cathibosco1, jenmylo, nacin, helen, joostdevalk, hugobaeta, TacoVerdo, swissspidy, markoheijnen, lukecavanagh, boemedia, bridgetwillard, jeffmora, davidmusnik, mehdi01, johnbillion, fierevere, tobifjellner, richtabor, meher, courane01, webcommsat, audrasjb, mukesh27, davidbaumwald, costdev, joedolson, robinwpdeveloper, estelaris, mohiuddinomran, SergeyBiryukov.
See #23348.
Built from https://develop.svn.wordpress.org/trunk@56220
git-svn-id: http://core.svn.wordpress.org/trunk@55732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset modifies how the `dashicons-external` icon is used in external links by editing its styles and adding a space between the text and the icon
for better accessibility.
Props SergeyBiryukov, afercia, isabel_brison, mukesh27, sabernhardt, oglekler, audrasjb.
Fixes#47303.
Built from https://develop.svn.wordpress.org/trunk@56211
git-svn-id: http://core.svn.wordpress.org/trunk@55723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a nonce so that activation works for block theme previews. Temporary fix until there is a REST API endpoint for activating themes.
Props scruffian, peterwilsoncc, nithins53, nithi22, jomonthomaslobo1, poena, syamraj24, vivekawsm, mrinal013.
Fixes#58712.
Built from https://develop.svn.wordpress.org/trunk@56199
git-svn-id: http://core.svn.wordpress.org/trunk@55711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a new Help text for Rollback feature in the WordPress Updates screen. Also adds a link to the "Common Errors" HelpHub documentation page.
Follow-up to [51857].
Props costdev, afragen, audrasjb, kebbet, marybaum.
Fixes#58199.
Built from https://develop.svn.wordpress.org/trunk@56171
git-svn-id: http://core.svn.wordpress.org/trunk@55683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This also introduces `wp_is_password_reset_allowed_for_user()` which returns `false` when password reset is not allowed for a specific user. This can be
filtered by developers using the existing `allow_password_reset` hook.
Props ocean90, cshark, robinwpdeveloper, tahmina1du, kraftbj.
Fixes#58194.
Built from https://develop.svn.wordpress.org/trunk@56150
git-svn-id: http://core.svn.wordpress.org/trunk@55662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids an `Undefined variable $checkout` PHP warning if all of the directories checked for access are disallowed due to the PHP `open_basedir` restrictions.
Follow-up to [55425].
Props jqz, costdev, audrasjb.
Fixes#58563.
Built from https://develop.svn.wordpress.org/trunk@56124
git-svn-id: http://core.svn.wordpress.org/trunk@55636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures scheduled posts are actually published when changing their status to "Published" using bulk edit. Also adds related unit tests.
Props siobhan, Clorith, webcommsat, cadic, oglekler, audrasjb, pavanpatil1.
Fixes#31635.
Built from https://develop.svn.wordpress.org/trunk@56123
git-svn-id: http://core.svn.wordpress.org/trunk@55635 1a063a9b-81f0-0310-95a4-ce76da25c4cd