This change ensures that user-supplied global styles settings for blocks aren't lost due to sanitization. This could previously occur due to outdated blocks metadata that did not include all registered blocks.
Props jorgefilipecosta, andrewserong, oandregal, talldanwp, cbravobernal, bernhard-reiter, hellofromTonya.
Fixes#56644.
Built from https://develop.svn.wordpress.org/trunk@54385
git-svn-id: http://core.svn.wordpress.org/trunk@53944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
MariaDB version is reported differently between PHP versions:
* PHP 8.0.16 or later: `10.6.8-MariaDB`
* PHP 8.0.15 or earlier: `5.5.5-10.6.8-MariaDB`
The latter includes PHP 7.4.x and PHP 5.6.x as well, where the version is also reported with the `5.5.5-` prefix.
This commit makes an adjustment to `wpdb::has_cap()` to check for the correct MariaDB version.
This resolves an issue where the `utf8mb4_unicode_520_ci` collation, which is available in MariaDB since version 10.2, was previously not detected correctly.
References:
* [https://github.com/php/php-src/issues/7972 php-src: #7972: MariaDB version prefix 5.5.5- is not stripped]
* [https://github.com/php/php-src/pull/7963 php-src: PR #7963 Fix GH-7932: MariaDB version prefix not always stripped]
* [https://mariadb.com/docs/reference/mdb/collations/utf8mb4_unicode_520_ci/ MariaDB Documentation: utf8mb4_unicode_520_ci]
Follow-up to [37523], [53919].
Props jamieburchell, SergeyBiryukov.
Fixes#54841.
Built from https://develop.svn.wordpress.org/trunk@54384
git-svn-id: http://core.svn.wordpress.org/trunk@53943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This corrects the docblock for `get_block_file_template()` and the filters it contains: `pre_get_block_file_template` and `get_block_file_template`.
Prior to this change they were incorrectly documented with the docblocks for `get_block_template()` and its associated filters.
Props felipeelia.
Fixes#55929.
Built from https://develop.svn.wordpress.org/trunk@54380
git-svn-id: http://core.svn.wordpress.org/trunk@53939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Translate the default salt value "put your unique phrase here" in additional locations in which it is used. This further ensures that the default phrase is considered an error in non-english translations of `wp-config.php`.
Follow-up to [54249].
Props peterwilsoncc, audrasjb, JeffPaul.
Fixes#55937.
Built from https://develop.svn.wordpress.org/trunk@54379
git-svn-id: http://core.svn.wordpress.org/trunk@53938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove the private delegation from the following classes and function:
* `WP_List_Table`
* `WP_Application_Passwords_List_Table`
* `WP_Comments_List_Table`
* `WP_Links_List_Table`
* `WP_Media_List_Table`
* `WP_MS_Sites_List_Table`
* `WP_MS_Themes_List_Table`
* `WP_MS_Users_List_Table`
* `WP_Plugin_Install_List_Table`
* `WP_Plugins_List_Table`
* `WP_Post_Comments_List_Table`
* `WP_Posts_List_Table`
* `WP_Terms_List_Table`
* `WP_Theme_Install_List_Table`
* `WP_Themes_List_Table`
* `WP_Users_List_Table`
* `_get_list_table()`
This change is to reflect the reality that list tables are very, very, very widely used by extenders and backward compatibility therefore needs to be maintained.
Introduces the filter `wp_list_table_class_name` within `_get_list_table()` to allow extenders to modify the list table returned for custom screens.
Props audrasjb, birgire, costdev, desrosj, faison, johnbillion, jrbeilke, kurtpayne, milana_cap, miqrogroove, nacin, peterwilsoncc, scribu, sergeybiryukov, sirzooro, westonruter, wonderboymusic.
Fixes#18449.
Built from https://develop.svn.wordpress.org/trunk@54378
git-svn-id: http://core.svn.wordpress.org/trunk@53937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `get_page_by_title()` access the populated `WP_Query::posts` property directly rather than via the `WP_Query::get_posts()` method. This removes unnecessary reprocessing of the query.
Follow up to [54234].
Props david.binda, mukesh27, spacedmonkey.
Fixes#56721.
Built from https://develop.svn.wordpress.org/trunk@54377
git-svn-id: http://core.svn.wordpress.org/trunk@53936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a note to the Getting Started section of the `README.md` file mentioning that NodeJS `14.x` and npm `6.x` is currently required to spin up a development environment.
Props elpanda13gmailcom, robinwpwebdeveloper, jakariaistauk, hztyfoon, seakashdiu, rudlinkon, fuadragib.
Fixes#55903.
Built from https://develop.svn.wordpress.org/trunk@54375
git-svn-id: http://core.svn.wordpress.org/trunk@53934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The latest version of the `actions/github-script` action fixes an issue where passing options to the action would remove any default values not passed (see https://github.com/actions/github-script/pull/293).
This also includes updates to other third-party actions, bringing all third-party versions in Core workflows to their latest versions:
- `actions/cache`
- `actions/setup-node`
- `codecov/codecov-action`
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54373
git-svn-id: http://core.svn.wordpress.org/trunk@53932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings over the latest bug fixes and improvements ahead of WordPress 6.1 beta 3.
For a full list of changes being included, see the `twentytwentythree` repository on GitHub: ac96e8d545...ca662828b7.
Props mikachan, poena, madhudollu, beafialho, colorful-tones, scruffian, tahmidulkarim, joen, taskotr, zoonini, mayuge, ndiego, collet.
See #56383.
Built from https://develop.svn.wordpress.org/trunk@54372
git-svn-id: http://core.svn.wordpress.org/trunk@53931 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When running PHPCS scans (both for checking coding standards and PHP version compatibility), the results are currently only returned silently in a format that GitHub can consume for contextually annotating any code being flagged.
This changes workflows using PHPCS to also display the results of each scan in the GitHub Action log, making it easier to find and understand what is causing failures.
Props jrf.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54371
git-svn-id: http://core.svn.wordpress.org/trunk@53930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the lead up to 6.1 Beta 2, dynamic titles and descriptions for site editor templates was deemed "feature incomplete" and [54280] was reverted. After further consideration, this code is being re-merged in preparation for Beta 3, reverting the revert in [54333].
Follow-up to [54280] and [54333].
Props bernie, ntsekouras, jorgefilipecosta, jameskoster, cbravobernal.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54370
git-svn-id: http://core.svn.wordpress.org/trunk@53929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With all known unit test failures now addressed, WordPress 6.1 aims to support PHP 8.1 and 8.2 as much as possible.
While full compatibility with PHP 8.1 and 8.2 is still a work in progress, this commit aims to actively prevent new PHP issues from being introduced in WordPress core.
All remaining known issues are deprecation notices. Please note, a deprecation notice is not an error, but rather an indicator of where additional work is needed for compatibility before PHP 9 (i.e. when the notices become fatal errors). With a deprecation notice, the PHP code will continue to work and nothing is broken.
Follow-up to [49077], [49162], [50299], [51588], [51604], [53922], [54072].
Props jrf, desrosj.
See #55652, #55656, #56009, #56681.
Built from https://develop.svn.wordpress.org/trunk@54369
git-svn-id: http://core.svn.wordpress.org/trunk@53928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This affects the following parameters subsequently passed to `wp_new_comment()`:
* `comment_author`
* `comment_author_email`
* `comment_author_url`
* `comment_content`
The default values for these parameters were previously set to `null`, causing PHP 8.1 "null to non-nullable" deprecation notices when running sanitization filters on them via `wp_filter_comment()`.
While the deprecation notices were temporarily silenced in the unit test suite, that caused an unexpected issue in a test for [source:tags/6.0.2/tests/phpunit/tests/comment-submission.php#L202 submitting a comment to a password protected post], where the `$_COOKIE[ 'wp-postpass_' . COOKIEHASH ]` value was no longer unset, as the test stopped any further execution once the deprecation notice was triggered.
Due to how WordPress handles password protected posts, once that value is set, it affects all posts protected with the same password, so this resulted in unintentionally affecting [source:tags/6.0.2/tests/phpunit/tests/rest-api/rest-posts-controller.php#L1866 another test] which happened to use the same password.
These values are all documented to be a string in various related filters, and core also expects them to be a string, so there is no reason for these defaults to be set to `null`. Setting them to an empty string instead resolves the issues.
This commit includes:
* Setting the defaults in `wp_handle_comment_submission()` to an empty string.
* Adding a dedicated unit test to verify the type of these default values.
* Removing the deprecation notice silencing as no longer needed.
Follow-up to [34799], [34801], [51968].
Props jrf, desrosj, mukesh27, SergeyBiryukov.
Fixes#56712. See #56681, #55656.
Built from https://develop.svn.wordpress.org/trunk@54368
git-svn-id: http://core.svn.wordpress.org/trunk@53927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [35186] and [51568], there are two sets of methods used for setup/teardown in the test suite before and after a test class is run:
* `set_up_before_class()` / `tear_down_after_class()`
* `wpSetUpBeforeClass()` / `wpTearDownAfterClass()`. (Note the `wp` prefix, these are WordPress' own methods and are not the same as the native PHPUnit `setUpBeforeClass()` / `tearDownAfterClass()` methods.)
The main difference is that `wpSetUpBeforeClass()` receives the `$factory` argument for ease of use, and both `wpSetUpBeforeClass()` and `wpTearDownAfterClass()` don't need to call `self::commit_transaction()`.
Many tests use the `wpTearDownAfterClass()` method to clean up posts, users, roles, etc. created via `wpSetUpBeforeClass()`. However, due to [source:tags/6.0/tests/phpunit/includes/abstract-testcase.php?marks=88-95#L82 how the method was previously called], this cleanup happened after all data is **already deleted** from the database.
This could cause some confusion when refactoring tests. For example:
{{{
public static function wpTearDownAfterClass() {
$GLOBALS['_wp_additional_image_sizes'] = self::$_sizes;
}
public static function tear_down_after_class() {
wp_delete_attachment( self::$large_id, true );
parent::tear_down_after_class();
}
}}}
At a glance, it seems like these two methods can be combined:
{{{
public static function wpTearDownAfterClass() {
wp_delete_attachment( self::$large_id, true );
$GLOBALS['_wp_additional_image_sizes'] = self::$_sizes;
}
}}}
However, that would not work as expected: by the time `wp_delete_attachment()` runs, the attachment ID is no longer in the database, so it returns early, leaving some files in the `uploads` directory.
By calling `wpTearDownAfterClass()` in `WP_UnitTestCase_Base::tear_down_after_class()` before deleting all data, instead of after, we ensure that both of these methods have access to the same data and can be used interchangeably to perform cleanup as necessary.
Additionally, this commit moves the calls to parent methods in `WP_UnitTestCase_Base`:
* `parent::set_up_before_class()` to be the first thing called in `::set_up_before_class()`
* `parent::tear_down_after_class()` to be the last thing called in `::tear_down_after_class()`
This does not have any effect in practice, but brings consistency with how these methods are called in the test suite.
Follow-up to [35186], [35225], [35242], [38398], [39626], [49001], [51568].
Props ironprogrammer, SergeyBiryukov.
Fixes#55918. See #55652.
Built from https://develop.svn.wordpress.org/trunk@54366
git-svn-id: http://core.svn.wordpress.org/trunk@53925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These three tests for `wp_dashboard_recent_drafts()` would run into a PHP 8.1 "passing null to non-nullable" deprecation for the call to `ltrim()` when the result of `get_edit_post_link()` is passed to `esc_url()`.
Setting a deprecation expectation would not solve this as the returned value would still not match the expected value(s).
The recent drafts list is only displayed on the Dashboard screen for users with the `edit_posts` capability. By setting the current user to Editor, the prerequisites for `wp_dashboard_recent_drafts()` are met, which means the deprecation notice is avoided and the assertions will succeed.
This commit addresses a few errors in the test suite along the lines of:
{{{
1) Tests_L10n::test_length_of_draft_should_be_counted_by_words
ltrim(): Passing null to parameter #1 ($string) of type string is deprecated
/var/www/src/wp-includes/formatting.php:4376
/var/www/src/wp-admin/includes/dashboard.php:657
/var/www/tests/phpunit/tests/l10n.php:449
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [45505], [52253], [52259].
Props jrf, desrosj, SergeyBiryukov.
See #56681, #55652, #55656.
Built from https://develop.svn.wordpress.org/trunk@54365
git-svn-id: http://core.svn.wordpress.org/trunk@53924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.
Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]
In this case, `parse_url()` is called with `PHP_URL_HOST` as `$component`, which returns `null` if the URL only has a path. The return value of `parse_url()` was then passed to `str_replace()`, leading to a notice on PHP 8.1:
{{{
str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
Adding validation for the return type value of `parse_url()` prevents that.
This commit addresses a few errors in the test suite along the lines of:
{{{
5) Tests_Rewrite::test_url_to_postid_home_has_path
str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
/var/www/src/wp-includes/rewrite.php:503
/var/www/tests/phpunit/tests/rewrite.php:271
/var/www/vendor/bin/phpunit:123
}}}
Includes adding a dedicated unit test for a URL that only has a path.
Follow-up to [41786], [51606], [51622], [51626], [51629], [51630], [52799].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54364
git-svn-id: http://core.svn.wordpress.org/trunk@53923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit aims to fix errors caused by incorrect usage of the `strncmp()` function inside the `WP_Theme_JSON::get_property_value()` method on PHP 8.1 and above.
Some history of the affected code:
* [50973] introduced the `WP_Theme_JSON::get_property_value()` method.
* [54162] removed the `$default` parameter from the `_wp_array_get()` call in the method.
With the latter change, the default value that is returned if the path does not exist within the array, or if `$array` or `$path` are not arrays, became `null` instead of an empty string. Since `null` would then be unintentionally passed to the `strncmp()` function further in the code, this caused ~35 errors in the test suite along the lines of:
{{{
1) Tests_Blocks_Editor::test_get_block_editor_settings_theme_json_settings
strncmp(): Passing null to parameter #1 ($string1) of type string is deprecated
/var/www/src/wp-includes/class-wp-theme-json.php:1754
/var/www/src/wp-includes/class-wp-theme-json.php:1641
/var/www/src/wp-includes/class-wp-theme-json.php:2066
/var/www/src/wp-includes/class-wp-theme-json.php:1002
/var/www/src/wp-includes/class-wp-theme-json.php:898
/var/www/src/wp-includes/global-styles-and-settings.php:140
/var/www/src/wp-includes/block-editor.php:421
/var/www/tests/phpunit/tests/blocks/editor.php:388
/var/www/vendor/bin/phpunit:123
}}}
This commit includes:
* Restoring the `$default` value for `_wp_array_get()` call.
* Adding an early return if the value is an empty string or `null`.
* Adding a dedicated unit test to ensure that the method returns a string for invalid paths or `null` values.
Follow-up to [50973], [54162].
Props antonvlasenko, jrf, imadarshakshat, SergeyBiryukov.
Fixes#56620.
Built from https://develop.svn.wordpress.org/trunk@54362
git-svn-id: http://core.svn.wordpress.org/trunk@53921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When running the full test suite locally via `npm run grunt phpunit` or `composer test`, it is not uncommon for the test run to exceed the Composer's default timeout, causing an error in the middle of the test output:
{{{
The process "..." exceeded the timeout of 300 seconds.
}}}
This commit disables the process timeout for the `composer test` command, allowing the test run to complete successfully.
Follow-up to [47881], [51016].
Props ironprogrammer, robinwpdeveloper, SergeyBiryukov.
Fixes#55919.
Built from https://develop.svn.wordpress.org/trunk@54355
git-svn-id: http://core.svn.wordpress.org/trunk@53914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [53941] database query caching was added to `WP_Query`. However on sites with persistent object caching enabled, this resulted in a high number of unnecessary cache set and adds being run on every request. Caches are not set, if the query cache already exists and is cached. Replace usage of `update_post_caches` with `_prime_post_caches` to ensure that only posts that are not in cache are primed.
Props spacedmonkey, peterwilsoncc, mukesh27.
See #22176.
Built from https://develop.svn.wordpress.org/trunk@54352
git-svn-id: http://core.svn.wordpress.org/trunk@53911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$path` parameter of some script translation functions had a default value of `null`, even though the parameter is documented as a string.
This commit corrects the default value for `$path` in:
* `WP_Dependency::set_translations()`
* `WP_Scripts::set_translations()`
* `wp_set_script_translations()`
Additionally, this commit removes an `is_string()` check for `$path` in `load_script_textdomain()`. Now that the default value for `$path` in that function has also been corrected to an empty string instead of `null`, that check is no longer necessary, as it would ''hide'' an error which should be ''fixed'' (at the source of the problem) instead.
Follow-up to [54349].
Props jrf, johnjamesjacoby.
See #55967, #55656.
Built from https://develop.svn.wordpress.org/trunk@54351
git-svn-id: http://core.svn.wordpress.org/trunk@53910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$path` parameter of `load_script_textdomain()` had a default value of `null`, but would be passed onto the `untrailingslashit()` function without any input validation, even though the latter explicitly only expects/supports a string input.
This commit changes the default value for `$path` to an empty string, and adds an `is_string()` check before passing the value to `untrailingslashit()` to fix the issue at the point where the invalid input is incorrectly (not) validated.
Note: Changing the `untrailingslashit()` function is outside the scope of this commit.
Includes:
* Adding a dedicated unit test for this issue.
* Correcting the default value for `$path` from `null` to an empty string in a few related methods and functions:
* `WP_Dependency::set_translations()`
* `WP_Scripts::set_translations()`
* `wp_set_script_translations()`
* `load_script_textdomain()`
This fix also allows to remove a couple of calls to `expectDeprecation()` in unrelated tests.
Fixes an error when running the test suite:
{{{
4) Tests_Dependencies_Scripts::test_wp_external_wp_i18n_print_order
rtrim(): Passing null to parameter #1 ($string) of type string is deprecated
/var/www/src/wp-includes/formatting.php:2782
/var/www/src/wp-includes/l10n.php:1068
/var/www/src/wp-includes/class.wp-scripts.php:605
/var/www/src/wp-includes/class.wp-scripts.php:320
/var/www/src/wp-includes/class.wp-dependencies.php:136
/var/www/src/wp-includes/functions.wp-scripts.php:109
/var/www/tests/phpunit/tests/dependencies/scripts.php:1505
/var/www/tests/phpunit/includes/utils.php:436
/var/www/tests/phpunit/tests/dependencies/scripts.php:1507
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [44169], [44607], [51968].
Props jrf, ocean90, Chouby, swissspidy, lovor, iviweb, meysamnorouzi, DarkoG, oneearth27, SergeyBiryukov.
Fixes#55967. See #55656.
Built from https://develop.svn.wordpress.org/trunk@54349
git-svn-id: http://core.svn.wordpress.org/trunk@53908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the `notoptions` key does not exist in a persistent object cache, it was requested hundreds of times until the first not-option is written.
This commit improves performance by setting the value to an empty array to prevent non-existent `notoptions` key from triggering multiple key lookups.
Follow-up to [4855], [14515].
Props tillkruess, dd32, spacedmonkey.
Fixes#56639.
Built from https://develop.svn.wordpress.org/trunk@54345
git-svn-id: http://core.svn.wordpress.org/trunk@53904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds missing escaping to some instances of `get_author_posts_url()` used in Twenty Ten, as per WordPress Coding Standards.
Props hztyfoon, robinwpdeveloper, mukesh27, rudlinkon, SergeyBiryukov, jakariaistauk.
Fixes#56674.
Built from https://develop.svn.wordpress.org/trunk@54344
git-svn-id: http://core.svn.wordpress.org/trunk@53903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This version adds support for `octokit/plugin-retry.js`, which retries requests automatically when `4xx` or `5xx` response codes are returned.
To start, the feature is configured to retry all `4xx` and `5xx` response codes, unless the server identifies as a teapot.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54342
git-svn-id: http://core.svn.wordpress.org/trunk@53901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the text color selected for the text of the Table Block is reflected on the `thead` cells, on the figcaption and on the border below it. It also adds better consistency in headings cells padding.
Props umesh84, mukesh27, multidots1896, sabernhardt.
Fixes#56462.
Built from https://develop.svn.wordpress.org/trunk@54340
git-svn-id: http://core.svn.wordpress.org/trunk@53899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When calling `register_rest_route()`, the `args` parameter for a route should be an array of arrays. However, some plugins/themes have passed an array of strings or key-value pairs which produces a PHP warning when `array_intersect_key` is used to filter the array keys based on an allowed list of schema keywords.
This change adds a check of the `args` parameter to ensure it's an array of arrays, presenting a `_doing_it_wrong` if any element of `args` is not an array and restructuring to an array of arrays. This change also adds a unit test for the incorrect usage described above, expecting that a `_doing_it_wrong` is produced.
Props slaFFik, desrosj, apermo, AndrewNZ, aristath, poena, dovyp, timothyblynjacobs, Hinjiriyo, johnmark8080, nateallen.
Fixes#51986.
Built from https://develop.svn.wordpress.org/trunk@54339
git-svn-id: http://core.svn.wordpress.org/trunk@53898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Inside `WP_Community_Events::get_cached_events()`, `WP_Community_Events::get_events_transient_key()` is used to retrieve the transient key name, based on the user's location. However, the transient key can potentially return `false`, resulting in a call to `get_site_transient()` with the `$key` being `false`.
This change first attempts to evaluate and guard against a `false` return from `WP_Community_Events::get_events_transient_key()`. The result is an early `false` return from `WP_Community_Events::get_cached_events()`.
Props malthert, rafiahmedd, audrasjb, costdev.
Fixes#55888.
Built from https://develop.svn.wordpress.org/trunk@54338
git-svn-id: http://core.svn.wordpress.org/trunk@53897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
