Fix an issue where users could save a password with only spaces, or spaces at the beginning or end of their password, preventing them from logging in.
Props ronakganatra, 1naveengiri, ajensen, oolleegg55, bookdude13, nrqsnchz, aristath.
Fixes#42766.
Built from https://develop.svn.wordpress.org/trunk@49118
git-svn-id: http://core.svn.wordpress.org/trunk@48880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings some consistency to the YouTube and Vimeo URLs used for tests:
* For YouTube, use the video of WordPress 5.0 release.
* For Vimeo, use one of the official test videos.
Props garrett-eclipse, dd32.
Fixes#51487. See #meta5467.
Built from https://develop.svn.wordpress.org/trunk@49117
git-svn-id: http://core.svn.wordpress.org/trunk@48879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These days there are often 2 posts published close to each other, like a release announcement and a Month In WordPress post. When that happens, the earlier post is often pushed out of the widget before many people have had a chance to see it.
Ideally, the number of total items would remain at `4`, to reduce visual clutter. Implementing a conditional item would require a significant refactor, though. Increasing the total number of items to `5` is a practical compromise.
Props hlashbrooke, tellyworth.
Fixes#43441.
Built from https://develop.svn.wordpress.org/trunk@49114
git-svn-id: http://core.svn.wordpress.org/trunk@48876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The action fires immediately after transitioning a comment's status from one to another in the database and removing the comment from the object cache, but prior to all status transition hooks.
Props davidbaumwald, henry.wright.
Fixes#51481.
Built from https://develop.svn.wordpress.org/trunk@49111
git-svn-id: http://core.svn.wordpress.org/trunk@48873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
Built from https://develop.svn.wordpress.org/trunk@49109
git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes test_block_styles_for_editing_with_theme_support and
test_block_styles_for_viewing_with_theme_support by partially reverting [49102]
and only calling wp_should_load_block_editor_scripts_and_styles() when on an
admin screen.
Props TimothyBlynJacobs.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49104
git-svn-id: http://core.svn.wordpress.org/trunk@48866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Do not call the should_load_block_editor_scripts_and_styles filter on non-admin
screens. This makes it less likely that one will accidentally call
get_current_screen() when it doesn't exist.
Follow-up to [49080].
Props noahtallen.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49102
git-svn-id: http://core.svn.wordpress.org/trunk@48864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add jquery-migrate.js v.3.3.1 to core and load it in debug mode when `SCRIPT_DEBUG` is true.
- Add jquery.min.js, update jquery.js to 3.5.1 non-minified. This should help when debugging.
- Rebuild jQuery UI 1.12.1 and add it to core.
- Fix/adjust tests to match the above changes.
See #50564.
Built from https://develop.svn.wordpress.org/trunk@49101
git-svn-id: http://core.svn.wordpress.org/trunk@48863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `test:php` NPM script runs the PHP test suite using the system installed version of PHPUnit. In some cases, the version of PHPUnit installed through Composer may be preferred.
Currently, this is true when running the test suite using PHP 8. In order to add support for PHP 8 while maintaining compatibility for PHP 5.6.20, PHPUnit 7.x must be used. But, some modifications are required to be compatible with PHP 8 (see [49037], [48957]).
This change introduces the `test:php-composer` NPM script, which will run the test suite using the composer installed version.
Props desrosj, SergeyBiryukov.
Fixes#51456.
Built from https://develop.svn.wordpress.org/trunk@49099
git-svn-id: http://core.svn.wordpress.org/trunk@48861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the search controller infrastructure required that the id property was an integer. This prevents data models that use a string id from utilizing the search infrastructure.
This commit lifts the restraint that search handlers return integer ids. This will allow for the Post Formats search handler coming in 5.6 to use slugs instead of creating fake ids.
Props stoyangeorgiev.
Fixes#51131.
Built from https://develop.svn.wordpress.org/trunk@49088
git-svn-id: http://core.svn.wordpress.org/trunk@48850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a new should_load_block_editor_scripts_and_styles filter which can be used
by plugins including Gutenberg to more precisely customise when block editor
scripts and styles should be loaded by script-loader.php. Previously, plugins
had to fiddle with $current_screen->is_block_editor().
Props zieladam.
See #51330.
Built from https://develop.svn.wordpress.org/trunk@49080
git-svn-id: http://core.svn.wordpress.org/trunk@48842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 8 changes the way string to number comparisons are performed: https://wiki.php.net/rfc/string_to_number_comparison
In particular, when calling `max()` on an array with numeric values and a non-numeric string, in PHP 8 the string is returned instead of a number.
For `::import_theme_starter_content()`, this resulted in retrieving the `_multiwidget` property instead of the maximum widget number for a particular type.
By explicitly ignoring the `_multiwidget` property, we make sure to retrieve the correct widget number value.
Follow-up to [48960], [49043].
See #50913.
Built from https://develop.svn.wordpress.org/trunk@49076
git-svn-id: http://core.svn.wordpress.org/trunk@48838 1a063a9b-81f0-0310-95a4-ce76da25c4cd