This fixes an issue introduced in [59885] whereby calling `WP_Theme:is_block_theme()` before themes are set up resulted in the parent theme to not be resolved. To address this, post support for editor default-mode has been moved to a standalone callback, `wp_set_editor_default_mode()`, which is called on the `after_setup_theme` hook. In addition, if `WP_Theme::is_block_theme` is called too early, a `_doing_it_wrong()` error will now be thrown.
Props fabiankaegy, joemcgill, peterwilsoncc, jorbin, krupajnanda, riddhidave, ugyensupport, navi161, manojmaharrshi, Ankit K Gupta, narenin, shailu25, pooja1210.
Fixes#63062.
Built from https://develop.svn.wordpress.org/trunk@59968
git-svn-id: http://core.svn.wordpress.org/trunk@59310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue in multisite installations where archived sites remain accessible to network administrators, but the associated files do not. The previous implementation was checking if the blog is archived, marked as spam, or deleted, to subsequently return a 404 error for file requests. However, this did not account for network administrators who should retain access to these files.
Props antwortzeit, jeremyfelt, debarghyabanerjee, audrasjb.
Fixes#36803.
Built from https://develop.svn.wordpress.org/trunk@59967
git-svn-id: http://core.svn.wordpress.org/trunk@59309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures that pagination links stay consistent with the chosen permalink structure. When the permalink structure uses a trailing slash, pagination permalinks contain one as well, but when the permalink structure doesn't use trailing slash, then pagination links should not use a trailing slash.
This makes use of `user_trailingslashit()` with a `paged` value for the `type_of_url` parameter.
Props hmbashar, huzaifaalmesbah, rejaulalomkhan, mai21, rahulsprajapati, martinkrcho, ankitkumarshah, adamsilverstein, sourabhjain.
Fixes#61393.
Built from https://develop.svn.wordpress.org/trunk@59966
git-svn-id: http://core.svn.wordpress.org/trunk@59308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The active theme(s) now return two additional properties, `default_template_types` and `default_template_part_areas`, in the REST response.
Props mamaduka, joemcgill, timothyblynjacobs, audrasjb, gigitux, peterwilsoncc, youknowriad, jorbin.
Fixes#62574.
Built from https://develop.svn.wordpress.org/trunk@59965
git-svn-id: http://core.svn.wordpress.org/trunk@59307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates the `external-http` group in the PHPUnit test suite to include all tests that rely on network requests. This is to ensure the main test suite runs do not contain any tests that can fail due to network conditions.
Props sukhendu2002, azaozz, audrasjb.
Fixes#62325.
Built from https://develop.svn.wordpress.org/trunk@59964
git-svn-id: http://core.svn.wordpress.org/trunk@59306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The current `esversion` 6 corresponds to an ECMAScript version from a decade ago (2015). Updating from 6 to 10 allows the following features to be used in Core JS: the exponentiation operator, async functions, shared memory, atomics, asynchronous iteration, rest/spread properties, various RegExp extensions, and optional catch bindings. These features have been supported by all browsers (except for IE11) well beyond WordPress's browser support policy. This also brings Core's allowed ES version closer in line with Gutenberg which is currently using features like async functions.
Props westonruter, swissspidy, mukesh27.
Fixes#63077.
Built from https://develop.svn.wordpress.org/trunk@59963
git-svn-id: http://core.svn.wordpress.org/trunk@59305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change several error message across core to use WordPress standard styling. Ensure only prefixes are wrapped in `strong` tags rather than the whole message, use `notice notice-error` classes where appropriate, and replace a custom error with `wp_admin_notice()` in multisite.
Props afercia, rajinsharwar, robinmartijn, mukesh27, sabernhardt, oglekler, joedolson, chaion07, im3dabasia1, audrasjb, dkarfa, najmulsaju.
Fixes#50402.
Built from https://develop.svn.wordpress.org/trunk@59960
git-svn-id: http://core.svn.wordpress.org/trunk@59302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset updates `wp_video_shortcode()` to improve boolean attributes handling in accordance with HTML5 standards. Technically, it replaces `attr="1"` with `attr` for the `loop`, `autoplay` and `muted` attributes. The `preload` attribute is also updated to accept only allowed values: `none`, `metadata`, and `auto`. If a value outside of this list is provided, it will be ignored, preventing invalid attribute outputs.
Props jongycastillo, sabernhardt, joedolson, audrasjb, shub07, debarghyabanerjee.
Fixes#60178.
Built from https://develop.svn.wordpress.org/trunk@59954
git-svn-id: http://core.svn.wordpress.org/trunk@59296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes both a visual and functional bug related to template selection in the editor that occurred when having a custom block template registered that was using the same slug as another block template already registered by the theme, including the default block templates.
Props aljullu, antonvlasenko, apermo, audrasjb, azaozz, ntsekouras.
Fixes#62319.
Built from https://develop.svn.wordpress.org/trunk@59951
git-svn-id: http://core.svn.wordpress.org/trunk@59293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add URL validation in the admin navigation menu manager that matches the validation in the customizer when adding custom links. Improve accessibility of both custom link forms by adding `aria-invalid` and `aria-describedby` attributes with visible error messages and announcing the error using `wp.a11y.speak()`.
Props joedolson, nikitasolanki1812, akrocks, pathan-amaankhan, rcreators, ironprogrammer, audrasjb, ankit-k-gupta, chaion07, rinkalpagdar, snehapatil02, jainil07, parthvataliya.
Fixes#60619, #60969.
Built from https://develop.svn.wordpress.org/trunk@59948
git-svn-id: http://core.svn.wordpress.org/trunk@59290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes:
* Using strict comparison and `$wpdb::prepare()`.
* Removing one-time variables so that `$wpdb::prepare()` calls are picked up correctly by PHPCS.
* Bringing consistency to the type of internal variables, i.e. `$thismonth` and `$thisyear` are both an integer now.
Follow-up to [508], [509], [510], [716], [933], [12590], [34463], [44809], [47223], [59908].
See #62279.
Built from https://develop.svn.wordpress.org/trunk@59947
git-svn-id: http://core.svn.wordpress.org/trunk@59289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces `sanitize_text_field()` with `esc_url_raw()` for URLs passed via `url` and `return` query vars. This fixes an issue where the URL `example.com/หน้าภาษาไทย` would incorrectly return `example.com//` due to improper sanitization when clicking on the Customize button through the admin bar.
Props okvee, yahaly, hellofromTonya, veryard, dilip2615, amin7, swissspidy, audrasjb.
Fixes#61317.
Built from https://develop.svn.wordpress.org/trunk@59945
git-svn-id: http://core.svn.wordpress.org/trunk@59287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes Cafelog links from `licence.txt` and `readme.html` files as the domain was purchased by another entity, providing unsafe content.
Props gencmedya, audrasjb, JeffPaul, peterwilsoncc, jorbin, johnbillion.
Fixes#63000.
Built from https://develop.svn.wordpress.org/trunk@59944
git-svn-id: http://core.svn.wordpress.org/trunk@59286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset restricts direct access call to `/wp-content/plugins/hello.php`, and removes the "Uncaught exception Error" warning that shows when `WP_DEBUG` is enabled and when accessing the related file directly.
Props deepakrohilla, SergeyBiryukov, szepeviktor, audrasjb.
Fixes#61214.
Built from https://develop.svn.wordpress.org/trunk@59943
git-svn-id: http://core.svn.wordpress.org/trunk@59285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes some issues where Select fields were misaligned with neighboring elements, creating visual inconsistency in the customizer.
Props rkradadiya, mukesh27, laxman-prajapati, dlh, karmatosed, ankitkumarshah, sabernhardt.
Fixes#51249.
Built from https://develop.svn.wordpress.org/trunk@59942
git-svn-id: http://core.svn.wordpress.org/trunk@59284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves caching of the `get_calendar()` function by:
* fixing incorrect cache collisions for different `initial` `post_type` and week values, and,
* ensuring parameter equivalents generate the same cache key, ie passing the same values in a different order.
Improves tests for the function by:
* navigating to February 2025 in test set up to ensure the correct calendar month is displayed,
* adding messages for tests with multiple assertions,
* improving the tests for the calendar captions by wrapping the expected value in the HTML tag,
* adding dedicated test for the different `initial` parameter,
* ensuring caches do not collide for different parameters, and,
* ensuring caches do collide for equivalent parameters.
Follow up to r4522, r59908, r59909, r59917 (reverted), r59918 (reverted), r59930.
Props peterwilsoncc, jorbin, audrasjb.
Fixes#34093.
Built from https://develop.svn.wordpress.org/trunk@59939
git-svn-id: http://core.svn.wordpress.org/trunk@59281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensures that the global post object is populated with the autosave post when a preview link is used for a published post. This allows post authors to preview the changes to a post prior to publication.
This modifies `WP_Query::the_post()` to only call `get_post()` if `WP_Query::$posts` does not contain `WP_Post` objects. Other data types (`stdClass` or numeric) indicates partial data was queried, a `WP_Post` object indicates the full data was queried and populated.
Props peterwilsoncc, mamaduka, wildworks, audrasjb.
Fixes#56992.
Built from https://develop.svn.wordpress.org/trunk@59937
git-svn-id: http://core.svn.wordpress.org/trunk@59279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
jsdoc is not currently in use and this theme for it is very out of date. There are currently a small handful of minor vulnerabilities within transitive dependencies being privately reported by Dependabot that cannot be resolved due to version constraints within ink-docstrap. While this in no way affects WordPress (since this code is not used by WordPress), it does create noise which can be eliminated.
This was first added in [41351] as a part of #41682.
Props desrosj.
Fixes#62935.
Built from https://develop.svn.wordpress.org/trunk@59935
git-svn-id: http://core.svn.wordpress.org/trunk@59277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The data provider for tests added in [59902] had an @test annotation, causing it to be run as if it were a test, throwing a risky test warning. Remove the @test annotation to prevent this undesired warning.
Props johnbillion, joedolson.
Fixes#54738.
Built from https://develop.svn.wordpress.org/trunk@59934
git-svn-id: http://core.svn.wordpress.org/trunk@59276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following `devDependencies` to their latest versions:
- `@playwright/test` from `1.49.1` to `1.50.1`
- `chalk` from `5.3.0` to `5.4.1`
- `copy-webpack-plugin` from `12.0.2` to `13.0.0`
- `grunt-sass` from `3.1.0` to `4.0.0`
- `postcss` from `8.4.49` to `8.5.3`
- `sass` from `1.83.4` to `1.85.1`
- `terser-webpack-plugin` from `5.3.11` to `5.3.12`
- `uuid` from `11.0.3` to `11.1.0`
- `wait-on` from `8.0.1` to `8.0.2`
- `wepback` from `5.97.1` to `5.98.0`
Additionally, `npm dedupe` and `npm audit fix` have been run.
Fixes#62220.
Built from https://develop.svn.wordpress.org/trunk@59929
git-svn-id: http://core.svn.wordpress.org/trunk@59271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures the `checked` property is always populated with the latest plugin data before determining whether to perform an update check. Previously this was only populated when the data was already identified as being stale, which could result in a subsequent unnecessary update check when viewing the Plugins screen.
Props siliconforks, bookdude13, pbiron, francina, Cybr, snehapatil02, johnbillion
Fixes#44118, #61055
Built from https://develop.svn.wordpress.org/trunk@59926
git-svn-id: http://core.svn.wordpress.org/trunk@59268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds server-side registration for `ariaLabel` block support and its required fields. Fully enabling feature support for dynamic blocks and consumers using `ServerSideRender` component.
Props wildworks, fabiankaegy, joemcgill, poena.
Fixes#62919.
Built from https://develop.svn.wordpress.org/trunk@59925
git-svn-id: http://core.svn.wordpress.org/trunk@59267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces `edit_theme_options` with the `export` capability to determine whether the current user can export themes. That condition determines whether to show the Export Theme button in the Site Editor. Using `export` capability makes it more consistent with general export capabilities across the administration.
Props unsalkorkmaz, rajinsharwar, audrasjb, peterwilsoncc, desrosj, Mamaduka, TimothyBlynJacobs.
Fixes#57379.
Built from https://develop.svn.wordpress.org/trunk@59924
git-svn-id: http://core.svn.wordpress.org/trunk@59266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the `link_updated` field was not updated in the old Link Manager. When a link was created or updated the `link_updated` field remained `0000-00-00 00:00:00`.
Props lenasterg, audrasjb.
Fixes#56851.
Built from https://develop.svn.wordpress.org/trunk@59923
git-svn-id: http://core.svn.wordpress.org/trunk@59265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This JSON decoding is no longer needed since the commit message was converted to a plain string in r59920. The commit message can now be treated as a plain text string in an environment variable throughout the workflow.
Props johnbillion.
See #62221
Built from https://develop.svn.wordpress.org/trunk@59922
git-svn-id: http://core.svn.wordpress.org/trunk@59264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Don't set `aria-expanded` and `aria-haspopup` attributes outside of the primary menu. Secondary menus (social and footer) are set to a depth of 1, and have nothing to expand or popup.
Props bschneidewind, joedolson, mikinc860.
Fixes#62896.
Built from https://develop.svn.wordpress.org/trunk@59921
git-svn-id: http://core.svn.wordpress.org/trunk@59263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This escaping is no longer needed since all instances of inline expressions were removed from workflows in r59679. The commit message can now be treated as a plain text string in an environment variable throughout the workflow.
Props johnbillion, swissspidy
Unprops johnblackbourn
See #62221
Built from https://develop.svn.wordpress.org/trunk@59920
git-svn-id: http://core.svn.wordpress.org/trunk@59262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Modifies `WP_Query::the_post()` to ensure the entire global post object is populated regardless of the `fields` parameter initially set by the developer.
In secondary loops, this ensures that `get_the_content()` and other getter functions operate as documented when called without a post ID and return the appropriate data for the global post object.
This introduces consistency when starting the loop and the `fields` parameter is set to `id=>parent` to the behaviour when set to either `all` or `ids`.
There is no change to the `WP_Query::$posts` parameter nor when a query is made without starting the secondary loop, ie without calling `WP_Query::the_post()`.
Props juzar, mukesh27, oglekler, peterwilsoncc, sirlouen, joemcgill.
Fixes#56992.
Built from https://develop.svn.wordpress.org/trunk@59919
git-svn-id: http://core.svn.wordpress.org/trunk@59261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
