Commit Graph

30461 Commits

Author SHA1 Message Date
Sergey Biryukov
22188b3e85 Users: Move retrieve_password() to wp-includes/user.php, for consistency with other user functions.
Follow-up to [25231], [50129].

Props jfarthing84, dimadin.
See #34281, #31039.
Built from https://develop.svn.wordpress.org/trunk@50140


git-svn-id: http://core.svn.wordpress.org/trunk@49819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 12:37:03 +00:00
Sergey Biryukov
e0bda3a704 Users: Use consistent strings for error messages in wp-admin/users.php.
Use `_n()` for a string with plural forms.

Follow-up to [50129].

See #34281.
Built from https://develop.svn.wordpress.org/trunk@50139


git-svn-id: http://core.svn.wordpress.org/trunk@49818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 12:17:04 +00:00
Sergey Biryukov
9a64276184 Docs: Add a @since note to map_meta_cap() for the update_https capability.
Follow-up to [50122], [50131].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@50138


git-svn-id: http://core.svn.wordpress.org/trunk@49817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 12:13:07 +00:00
noisysocks
351400af80 Editor: Update @wordpress npm packages
Update @wordpress npm packages to the latest published versions. This means that
the block editor includes functionality that exists in Gutenberg 9.9.

Fixes #52334.

Built from https://develop.svn.wordpress.org/trunk@50137


git-svn-id: http://core.svn.wordpress.org/trunk@49816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 05:17:13 +00:00
Joe McGill
2642a446b3 Media: Sanity check image meta in 'wp_image_src_get_dimensions'.
This fixes a potential illegal offset error introduced in [50134] if the `$image_meta` doesn't include a `file` key.
    
Props dd32.
Fixes #51865.

Built from https://develop.svn.wordpress.org/trunk@50136


git-svn-id: http://core.svn.wordpress.org/trunk@49815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 04:27:06 +00:00
Peter Wilson
7a8a7fdcd4 Cron API: Run alternative wp-cron later, do not run on archived blogs.
Runs cron jobs later on sites using alternative cron, ie the `ALTERNATE_WP_CRON` constant is true, to more closely match when standard cron jobs are run. Jobs now run on the `wp_loaded` hook at priority `20`. Prior to this change they would run on the `init` hook. This ensures custom post types and taxonomies are registered prior to the jobs running.

This change also prevents alternative wp-cron from running on archived or suspended multisite blogs as these are shut down prior to the `wp_loaded` hook from running.

Moves the existing functionality of `wp_cron()` in to a new private function `_wp_cron()`.

Props flixos90, jeremyfelt, johnbillion, jrf, kurtpayne, nacin, peterwilsoncc, prettyboymp, r-a-y, ryan, stevenkword, swissspidy.
Fixes #20537, #24160.


Built from https://develop.svn.wordpress.org/trunk@50135


git-svn-id: http://core.svn.wordpress.org/trunk@49814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 03:10:08 +00:00
Joe McGill
5ca780edb1 Media: Add filter to wp_image_src_get_dimensions.
This adds a new filter, `wp_image_src_get_dimensions` to the `wp_image_src_get_dimensions()` function to correct the dimensions returned for a file whenever WordPress isn't able to correctly get the dimensions from attachment metadata.

Fixes #51865.

Built from https://develop.svn.wordpress.org/trunk@50134


git-svn-id: http://core.svn.wordpress.org/trunk@49813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 02:59:05 +00:00
iandunn
683e767517 Community Events: Show organizer CTA when less than 3 events.
When no events are available in the Events Widget, people have always been shown a message encouraging them to help organize one (see `tmpl-community-events-no-upcoming-events`). Now that it's common for online WordCamps and Learn discussion groups to be pinned to the Events API, it's rare that there are no events in the widget, even if there are no _local_ events. Because of that, users are rarely encouraged to join their local community and help organize.

This commit adds an additional call-to-action message, which is shown when there are only 1 or 2 events available.

Props anyssa, sippis, AmethystAnswers.
Fixes #51664.

Built from https://develop.svn.wordpress.org/trunk@50133


git-svn-id: http://core.svn.wordpress.org/trunk@49812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:43:06 +00:00
Peter Wilson
faa29f5716 Canonical: Prevent ID enumeration of private post slugs.
Add check to `redirect_canonical()` to ensure private posts only redirect for logged in users.

Modifies the `read_post` mata capability to user `get_post_status()` rather than the post's `post_status` property to allow attachments to redirect based on the inherited post status.

Introduces `wp_force_ugly_post_permalink()` to unify the check to determine if an ugly link should be displayed in each of the functions used for determining permalinks: `get_permalink()`, `get_post_permalink()`, `_get_page_link()` and `get_attachment_link()`.

Improves logic of `get_attachment_link()` to validate parent post and resolution of inherited post status. This is an incomplete fix of #52373 to prevent the function returning links resulting in a file not found error. Required to unblock this ticket.

Props peterwilsoncc, TimothyBlynJacobs.
See #52373.
Fixes #5272.

Built from https://develop.svn.wordpress.org/trunk@50132


git-svn-id: http://core.svn.wordpress.org/trunk@49811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:40:01 +00:00
Felix Arntz
dbfbf5501a Security, Site Health: Make migrating a site to HTTPS a one-click interaction.
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.

This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.

* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
    * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
    * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
    * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
    * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
    * A new `wp_update_urls_to_https()` function takes care of the update routine.
    * A new `update_https` meta capability is introduced to control access.
    * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
    * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
    * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.

Props flixos90, timothyblynjacobs.
Fixes #51437.

Built from https://develop.svn.wordpress.org/trunk@50131


git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:10:01 +00:00
Peter Wilson
17ee62881a Posts, Post Types: Additional functions to check if a post is publicly viewable.
Introduces `is_post_status_viewable()` as a sibling to `is_post_type_viewable()`. Internal and protected statuses are never considered viewable. For built in posts statuses the `public` attribute is checked, for custom statuses the `publicly_queryable` attribute is checked.

Introduces `is_post_publicly_viewable()` for determining if an individual post can be viewed by logged out users. A post is considered viewable if both `is_post_status_viewable()` and `is_post_type_viewable()` return `true` for the post's attributes.

Additionally modifies `is_post_type_viewable()` to return `false` if an unregistered post type is passed to the function to avoid attempting to access properties on a non-object.

Props peterwilsoncc, SergeyBiryukov, whyisjake, TimothyBlynJacobs.
Fixes #49380.


Built from https://develop.svn.wordpress.org/trunk@50130


git-svn-id: http://core.svn.wordpress.org/trunk@49809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 23:33:02 +00:00
Adam Silverstein
315b1c185d Users: enable admins to send users a reset password link.
Add a feature so Admins can send users a 'password reset' email. This doesn't change the password or force a password change. It only emails the user the password reset link.

The feature appears in several places:
* A "Send Reset Link" button on user profile screen.
* A "Send password reset" option in the user list bulk action dropdown.
* A "Send password reset" quick action when hovering over a username in the user list.

Props Ipstenu, DrewAPicture, eventualo, wonderboymusic, knutsp, ericlewis, afercia, JoshuaWold, johnbillion, paaljoachim, hedgefield.
Fixes #34281.


Built from https://develop.svn.wordpress.org/trunk@50129


git-svn-id: http://core.svn.wordpress.org/trunk@49808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:13:03 +00:00
Adam Silverstein
68c6e9982b Revisions: Address PHP/JS errors when viewing autosave on imported posts.
Fix an issue where viewing an autosave created on a post without any previous revisions would throw a PHP notice. Also fixes the revision screen which was broken in these cases and showed a console error.

Props iseulde.
Fixes #31249.


Built from https://develop.svn.wordpress.org/trunk@50128


git-svn-id: http://core.svn.wordpress.org/trunk@49807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:03:01 +00:00
John Blackbourn
3e12235a79 Posts, Post Types: Introduce new functions for determining if a post has a parent (has_post_parent()) and to fetch the post parent (get_post_parent()).
These functions are simple but reduce the logic needed in themes and plugins.

Props ramiy, sebastian.pisula, birgire, audrasjb, xkon

Fixes #33045

Built from https://develop.svn.wordpress.org/trunk@50127


git-svn-id: http://core.svn.wordpress.org/trunk@49806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 21:22:02 +00:00
ryelle
a69964f4a7 Build/Test Tools: Replace node-sass with Dart Sass
Switch the Sass implementation used by Grunt to `sass` (the Dart version), since LibSass & `node-sass` have been deprecated.

Props desrosj.
Fixes #51763.


Built from https://develop.svn.wordpress.org/trunk@50126


git-svn-id: http://core.svn.wordpress.org/trunk@49805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 20:24:16 +00:00
ryelle
17c79a583a Administration: Use correct color scheme color on admin bar icons when hovered.
This also removes a CSS rule in the light scheme which was flagged as temporary and overrides the hover text color.

Fixes #52229.


Built from https://develop.svn.wordpress.org/trunk@50125


git-svn-id: http://core.svn.wordpress.org/trunk@49804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 19:46:03 +00:00
antpb
3e6cc64e35 REST API, Media: Add batch image editing endpoints.
Introduces new endpoints to allow for batch image editing using the REST API. 

The new endpoints can take an array of modifiers that will be applied in the order they appear.

Props ajlende, TimothyBlynJacobs, hellofromTonya, Mista-Flo.
Fixes #52192.

Built from https://develop.svn.wordpress.org/trunk@50124


git-svn-id: http://core.svn.wordpress.org/trunk@49803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 18:37:03 +00:00
Sergey Biryukov
cb7d0efb45 Editor: Introduce a dynamic filter for the content of a single block:
`render_block_{$this->name}`

This complements the existing `render_block` hook and allows for filtering the content of a specific block without having to use conditionals inside the filter callback.

Props manzoorwani.jk, noisysocks, birgire, johnbillion.
Fixes #46187.
Built from https://develop.svn.wordpress.org/trunk@50123


git-svn-id: http://core.svn.wordpress.org/trunk@49802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 18:06:03 +00:00
Sergey Biryukov
2024649ea9 Docs: Add @since notes for some of the recently introduced meta capabilities.
Follow-up to [42832], [43085], [43147], [43155], [43381], [44973], [50114].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@50122


git-svn-id: http://core.svn.wordpress.org/trunk@49801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 17:24:02 +00:00
Sergey Biryukov
38293a6aa4 Upgrade/Install: Display correct message about the current version in the admin footer.
Previously, "You are using a development version" message could be displayed if the user has configured core updates to receive Beta or RC versions, but the update has not happened yet.

This brings some consistency with displaying a similar message in `core_upgrade_preamble()` on WordPress Updates screen.

Follow-up to [49708], [49736].

Props afragen, pbiron, azaozz, audrasjb, SergeyBiryukov.
Fixes #51976.
Built from https://develop.svn.wordpress.org/trunk@50121


git-svn-id: http://core.svn.wordpress.org/trunk@49800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 14:29:01 +00:00
Sergey Biryukov
81462ca73e Posts, Post Types: Introduce "Filter by date" and "Filter by category" as post type and taxonomy labels, respectively.
This provides a more consistent location for these strings and allows for reusing them in other places without hardcoding them in the markup.

Props nicolalaserra, audrasjb, johnjamesjacoby, SergeyBiryukov.
Fixes #42421.
Built from https://develop.svn.wordpress.org/trunk@50120


git-svn-id: http://core.svn.wordpress.org/trunk@49799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 14:13:00 +00:00
Sergey Biryukov
8bd85a870b Taxonomy: Reorder some WP_Taxonomy properties for consistency.
Follow-up to [48356], [50116].

See #52142.
Built from https://develop.svn.wordpress.org/trunk@50119


git-svn-id: http://core.svn.wordpress.org/trunk@49798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 11:55:00 +00:00
Sergey Biryukov
651aeebe67 Twenty Twenty-One: Correct filter name in twenty_twenty_one_get_starter_content() DocBlock.
Props sabernhardt.
Fixes #52410.
Built from https://develop.svn.wordpress.org/trunk@50118


git-svn-id: http://core.svn.wordpress.org/trunk@49797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 11:49:05 +00:00
Adam Silverstein
5c4708f73f Login: Enable filtering the back to blog link.
Add a new `login_site_html_link` filter that developers can use to adjust the "Go to site" link displayed in the login page footer.

Props ebinnion, DrewAPicture, audrasjb, hellofromTonya, sabernhardt. 
Fixes #35449.


Built from https://develop.svn.wordpress.org/trunk@50117


git-svn-id: http://core.svn.wordpress.org/trunk@49796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 00:17:59 +00:00
John Blackbourn
a0d0c27eed Taxonomy: Declare and document the sort and args properties of the WP_Taxonomy class.
These properties have been in use since 2.5 and 2.6 but were never added as actual properties on the class. This fixes that.

Props gunnard, SergeyBiryukov

Fixes #52142

Built from https://develop.svn.wordpress.org/trunk@50116


git-svn-id: http://core.svn.wordpress.org/trunk@49795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 23:14:59 +00:00
joedolson
4789d7585c Menus: Add sticky footer to avoid duplicate save buttons.
Make the navigation menu footer sticky so a Save Menu button is always available in the viewport. Improves usability and effectiveness of the interface when in a responsive view. 

Props garrett-eclipse, audrasjb, maxpertici, sabernhardt, kburgoine, poena
Fixes #51631
Built from https://develop.svn.wordpress.org/trunk@50115


git-svn-id: http://core.svn.wordpress.org/trunk@49794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 20:11:03 +00:00
TimothyBlynJacobs
c27098a3a3 App Passwords: Introduce fine grained capabilities.
Previously, all permission checks for using app passwords were implemented using `edit_user`. This commit introduces a series of more fine grained meta capabilities that should be used instead: `create_app_password`, `list_app_passwords`, `read_app_password`, `edit_app_password`, `delete_app_password` and `delete_app_passwords`. These capabilities all map to `edit_user` by default, but may now be customized by developers.

Props johnbillion, TimothyBlynJacobs.
Fixes #51703.

Built from https://develop.svn.wordpress.org/trunk@50114


git-svn-id: http://core.svn.wordpress.org/trunk@49793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 19:03:59 +00:00
John Blackbourn
3a901bbc22 Comments: Fix a coding standards issue introduced in [50109].
See #33717

Built from https://develop.svn.wordpress.org/trunk@50113


git-svn-id: http://core.svn.wordpress.org/trunk@49792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 18:17:57 +00:00
Sergey Biryukov
68705af715 I18N: Correct placeholders in translator comments in wp_new_comment_notify_comment_author().
Follow-up to [42827], [45932], [50109].

See #33717.
Built from https://develop.svn.wordpress.org/trunk@50112


git-svn-id: http://core.svn.wordpress.org/trunk@49791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 17:36:57 +00:00
Sergey Biryukov
fc1677b504 Administration: Accommodate long translations of user roles in the "Role" list table column.
Follow-up to [49317].

Props Chaton666, audrasjb, kebbet.
Fixes #52184.
Built from https://develop.svn.wordpress.org/trunk@50111


git-svn-id: http://core.svn.wordpress.org/trunk@49790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 16:53:58 +00:00
John Blackbourn
6a7a31219e Bundled Theme: Add Twenty Twenty to the list of ignored themes in .gitignore. This brings it inline with other bundled themes.
Fixes #52265

Built from https://develop.svn.wordpress.org/trunk@50110


git-svn-id: http://core.svn.wordpress.org/trunk@49789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 16:52:00 +00:00
John Blackbourn
dad34fe877 Comments: Introduce a method for commenters to opt-in to receiving an email notification when their moderated comment gets approved.
The opt-in form is shown after the comment is submitted and held for moderation.

Sorry this took five years.

Props jeffr0, swissspidy, mrahmadawais, wonderboymusic, jdgrimes, obenland, Monika, imath, garrett-eclipse, johnbillion

Fixes #33717

Built from https://develop.svn.wordpress.org/trunk@50109


git-svn-id: http://core.svn.wordpress.org/trunk@49788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 12:50:01 +00:00
Sergey Biryukov
f6191c07df Upgrade/Install: Allow WordPress sites to opt-in to development releases.
The `WP_AUTO_UPDATE_CORE` constant now supports `development` and `branch-development` values.

This makes it possible for sites to opt-in to updating to nightly builds without having to install a plugin.

Follow-up to [49245], [49292].

Props xkon, knutsp, afragen, audrasjb, dd32.
Fixes #51978.
Built from https://develop.svn.wordpress.org/trunk@50082


git-svn-id: http://core.svn.wordpress.org/trunk@49782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-30 10:34:02 +00:00
desrosj
f35396e9b4 Twenty Nineteen: Update several devDependencies.
This updates the following dependencies:
- `@wordpress/browserslist-config` from `2.7.0` to `3.0.0`.
- `autoprefixer` from `9.8.5` to `9.8.6`.
- `node-sass` from `4.14.1` to `5.0.0`.
- `postcss-cli` from `7.1.1` to `7.1.2`.
- `postcss-focus-within` from `3.0.0` to `4.0.0`.
- `rtlcss` from `2.5.0` to `2.6.2`.

There are no changes after running `build`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@50081


git-svn-id: http://core.svn.wordpress.org/trunk@49781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 21:11:58 +00:00
desrosj
fb3cd7404f Twenty Nineteen: Update the RTL stylesheet with the block-patterns tag.
Rebuilding the RTL stylesheet was missed in [49585].

See #51098, #51099.
Built from https://develop.svn.wordpress.org/trunk@50080


git-svn-id: http://core.svn.wordpress.org/trunk@49780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 21:08:02 +00:00
desrosj
5dc1f1ff8a Twenty Twenty: Update @wordpress/scripts to the latest version.
See #51801.
Built from https://develop.svn.wordpress.org/trunk@50079


git-svn-id: http://core.svn.wordpress.org/trunk@49779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 20:45:58 +00:00
Felix Arntz
8aacac3486 Robots: Add max-image-preview:large directive by default.
This changeset introduces a `wp_robots_max_image_preview_large()` function which is hooked into the `wp_robots` filter to include the `max-image-preview:large` directive for all sites which are configured to be indexed by search engines. The directive allows search engines to display large image previews for the site in search results.

Props adamsilverstein, Clorith, flixos90, helen, joostdevalk, tweetythierry, westonruter.
Fixes #51511.

Built from https://develop.svn.wordpress.org/trunk@50078


git-svn-id: http://core.svn.wordpress.org/trunk@49778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 20:38:03 +00:00
desrosj
eac269decd Twenty Twenty: Update several dependencies.
This updates the following packages:
- `@wordpress/browserslist-config` from `2.6.0` to `2.7.0`.
- `autoprefixer` from `9.6.1` to `9.8.6`.
- `concurrently` from `5.2.0` to `5.3.0`.
- `postcss-cli` from `7.1.1` to `7.1.2`.
- `rtlcss` from `2.5.0` to `2.6.2`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@50077


git-svn-id: http://core.svn.wordpress.org/trunk@49777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 20:26:59 +00:00
desrosj
f3b62c5a27 Twenty Twenty: Update the RTL stylesheet with the block-patterns tag.
Rebuilding the RTL stylesheet was missed in [49585].

See #51098, #51099.
Built from https://develop.svn.wordpress.org/trunk@50076


git-svn-id: http://core.svn.wordpress.org/trunk@49776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 20:10:01 +00:00
Felix Arntz
d9d883468b Security: Allow short-circuiting the wp_update_https_detection_errors() process.
This changeset introduces a `pre_wp_update_https_detection_errors` filter which can be used to short-circuit the default logic for detecting problems with HTTPS support for the site, by returning a `WP_Error` object.

Props timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50075


git-svn-id: http://core.svn.wordpress.org/trunk@49775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 20:00:02 +00:00
desrosj
1a27e15bb2 Twenty Twenty-One: Update several devDependencies.
This updates the following dependencies:
- `@wordpress/browserslist-confg` from `2.7.0` to `3.0.0`.
- `@wordpress/eslint-plugin` from `7.3.0` to `8.0.1`.
- `sass` from `1.29.0` to `1.32.5`.
- `stylelint` from `13.8.0` to `13.9.0`

There are no changes after running `build`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@50073


git-svn-id: http://core.svn.wordpress.org/trunk@49774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:44:03 +00:00
Felix Arntz
9d348e26f3 Security, Site Health: Improve accuracy in messaging about HTTPS support.
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50072


git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:10:58 +00:00
Sergey Biryukov
ae40aad4c0 Docs: Switch a comment in WP_Media_List_Table::prepare_items() to multi-line format, per the documentation standards.
Follow-up to [48417].

Props pinkalbeladiya, davidbaumwald.
Fixes #52025.
Built from https://develop.svn.wordpress.org/trunk@50071


git-svn-id: http://core.svn.wordpress.org/trunk@49772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 18:54:01 +00:00
noisysocks
4825dccd26 Block Editor: Add enableCustomSpacing
Adds the `enableCustomSpacing` editor setting. This enables the custom block
spacing feature from Gutenberg.

Props nosolosw, gziolo.
Fixes #51760.

Built from https://develop.svn.wordpress.org/trunk@50070


git-svn-id: http://core.svn.wordpress.org/trunk@49771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 05:04:59 +00:00
noisysocks
2152259257 Block Editor: Add defaultEditorStyles
The `defaultEditorStyles` setting was missing from the default block
editor settings. This causes the "Use theme styles" setting which was
added in WordPress 5.6 to not function properly.

Also, the RTL version of editor styles were not being loaded. This
change has not yet been ported over from Gutenberg.

Fixes #52394.

Built from https://develop.svn.wordpress.org/trunk@50069


git-svn-id: http://core.svn.wordpress.org/trunk@49770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 04:58:58 +00:00
antpb
3dc428f0de Media: Remove unused refresh from _requery.
In [50067] `props.cache` was removed as it was unused. This left a lingering unused `refresh` in the `_requery` function.

Props peterwilsoncc.
See #50025.

Built from https://develop.svn.wordpress.org/trunk@50068


git-svn-id: http://core.svn.wordpress.org/trunk@49769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 02:41:57 +00:00
antpb
ffc2cc5617 Media: Remove caching from filter by date in media library.
Previously, newly uploaded media attachments were missing when filtering media items by date due to lack of cache invalidation.

Props adamsilverstein, teamdnk, afercia, Mista-Flo, joedolson, youknowriad, talldanwp.
Fixes #50025.

Built from https://develop.svn.wordpress.org/trunk@50067


git-svn-id: http://core.svn.wordpress.org/trunk@49768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 01:35:59 +00:00
noisysocks
97acbb1c7f Editor: Move blocks/classic -> blocks/freeform
Moves src/wp-includes/blocks/classic to src/wp-includes/blocks/freeform. This
reflects the 'classic' block being renamed to 'freeform'.

Follows [50048].
See #52334.

Built from https://develop.svn.wordpress.org/trunk@50066


git-svn-id: http://core.svn.wordpress.org/trunk@49767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 00:26:58 +00:00
TimothyBlynJacobs
cd6238947e App Passwords: Introduce introspection endpoint.
This introduces a new endpoint, `wp/v2/users/me/application-passwords/introspect`, that will return details about the App Password being used to authenticate the current request. This allows for an application to disambiguate between multiple installations of their application which would all share the same `app_id`.

Props xkon, peterwilsoncc, TimothyBlynJacobs.
Fixes #52275.

Built from https://develop.svn.wordpress.org/trunk@50065


git-svn-id: http://core.svn.wordpress.org/trunk@49766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 00:07:02 +00:00
TimothyBlynJacobs
0000f669b6 REST API: Refactor rest_validate_value_from_schema into separate validation functions per-type.
Props yakimun.
Fixes #52375.

Built from https://develop.svn.wordpress.org/trunk@50060


git-svn-id: http://core.svn.wordpress.org/trunk@49761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 18:00:58 +00:00
whyisjake
22bb49e4d6 Site Health: Update the language around how PHP should be updated.
Follow-up to [50042].

Props SergeyBiryukov.

See #52327.

Built from https://develop.svn.wordpress.org/trunk@50058


git-svn-id: http://core.svn.wordpress.org/trunk@49759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 17:23:09 +00:00
Sergey Biryukov
5478a88919 Docs: Update documentation for WP_Application_Passwords::application_name_exists_for_user() per the documentation standards.
Follow-up to [50030].

See #51941.
Built from https://develop.svn.wordpress.org/trunk@50057


git-svn-id: http://core.svn.wordpress.org/trunk@49758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 13:10:57 +00:00
Sergey Biryukov
6f2bba08d9 Privacy: Add newlines to the index.php file in wp-personal-data-exports directory, for consistency with other similar files.
Follow-up to [50037].

See #52299.
Built from https://develop.svn.wordpress.org/trunk@50055


git-svn-id: http://core.svn.wordpress.org/trunk@49756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 12:58:58 +00:00
Sergey Biryukov
7f7c0914af Docs: Update documentation for wp_is_site_protected_by_basic_auth() per the documentation standards.
Follow-up to [49752], [50006].

See #52066.
Built from https://develop.svn.wordpress.org/trunk@50053


git-svn-id: http://core.svn.wordpress.org/trunk@49754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 11:05:58 +00:00
Sergey Biryukov
2ca69453bd Docs: Revert documentation change for wp_get_attachment_metadata().
This more accurately describes the behavior of the function, and is more consistent with the documentation for other post and attachment functions.

Follow-up to [50039].

Props Mista-Flo.
See #52196.
Built from https://develop.svn.wordpress.org/trunk@50051


git-svn-id: http://core.svn.wordpress.org/trunk@49752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 10:42:01 +00:00
Sergey Biryukov
38b205e5dc Coding Standards: Simplify a long condition in WP_Site_Health_Auto_Updates::test_wp_version_check_attached() for better readability.
Follow-up to [50035].

See #52135.
Built from https://develop.svn.wordpress.org/trunk@50049


git-svn-id: http://core.svn.wordpress.org/trunk@49750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 10:35:59 +00:00
noisysocks
43e36a3541 Editor: Update @wordpress npm packages
Update @wordpress npm packages to the latest published versions. This means that
the block editor includes functionality that exists in Gutenberg 9.8.

See #52334.
Props isabel_brison.

Built from https://develop.svn.wordpress.org/trunk@50048


git-svn-id: http://core.svn.wordpress.org/trunk@49749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 02:04:13 +00:00
whyisjake
d3d95965dd Site Health: Update php update strings to not overpromise performance.
Fixes #52327.

Props chanthaboune, SergeyBiryukov, audrasjb, Clorith, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@50041


git-svn-id: http://core.svn.wordpress.org/trunk@49742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 00:17:58 +00:00
whyisjake
3beabe0b11 Media: Ensure that wp_get_attachment_metadata can return values from the global $post, if avaiable.
In [49084] (for #50679), wp_get_attachment_metadata() was changed to improve performance, but it had the side effect of eliminating the ability to call it with no arguments and have it default to using the global $post.

This change restores that ability, while keeping the performance improvements from the original change.

Fixes #52196.

Props cfinke, hellofromTonya, mukesh27, dilipbheda, Mista-Flo, audrasjb, SergeyBiryukov, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@50039


git-svn-id: http://core.svn.wordpress.org/trunk@49740 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 00:08:58 +00:00
whyisjake
5f532382aa Privacy: Ensure that exported user data reports can't be found with directory listings.
By moving from `.html` to `.php` files, we can prevent directory listings, and ensure that WordPress can load.

Fixes #52299.

Props lucasbustamante, xkon, freewebmentor, SergeyBiryukov, whyisjake. 

Built from https://develop.svn.wordpress.org/trunk@50037


git-svn-id: http://core.svn.wordpress.org/trunk@49738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 23:46:58 +00:00
whyisjake
ab6271c0a7 Site Health: Only run the version checks on the main site.
The version checks that are setup in `wp-includes/update.php` do set up the action, but only for the main site.

Fixes #52135.

Props audrasjb, SergeyBiryukov, maxpertici, aaribaud.
 

Built from https://develop.svn.wordpress.org/trunk@50035


git-svn-id: http://core.svn.wordpress.org/trunk@49736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 23:27:00 +00:00
joedolson
35aaaacc04 Revisions: Generate correct number of columns in wp_text_diff.
The function `wp_text_diff` generated an invalid table structure if the $args parameter contained any values. This patch corrects the structure generated by `wp_text_diff` and related usages so that the column count matches the data generated. Additionally, this patch passes arguments to the Revisions screen so that the screen has column headings that reflect the content in each column. Improves the accessibility and usability of the Revisions table.

Props joedolson, mehulkaklotar, afercia, adamsilverstein, zodiac1978, jeremyfelt
Fixes #25473
Built from https://develop.svn.wordpress.org/trunk@50034


git-svn-id: http://core.svn.wordpress.org/trunk@49735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:53:58 +00:00
joedolson
830d3942a0 Twenty Twenty: Remove aria-expanded on search modal close button.
The Twenty Twenty search modal uses aria-expanded correctly on the Search button, but toggles the aria-expanded value on the 'close' button. The close button is a different control, however, so the attribute value toggling is uneven. The close button does not toggle any behavior; it only closes a control that has already been opened.

Props alexstine, audrasjb
Fixes #52355
Built from https://develop.svn.wordpress.org/trunk@50033


git-svn-id: http://core.svn.wordpress.org/trunk@49734 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:32:58 +00:00
joedolson
ee751b9779 Administration: Remove italic text to improve readability.
Italicized text can be difficult to read for some people with dyslexia or related forms of reading disorders. This removes italics on a number of larger blocks onpm run grunt rpf text in the admin. This has been a task 5.3; this commit closes the task. Further instances of italicized text should be addressed individually.

Props afercia, xkon, audrasjb
Fixes #47327
Built from https://develop.svn.wordpress.org/trunk@50032


git-svn-id: http://core.svn.wordpress.org/trunk@49733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:03:57 +00:00
TimothyBlynJacobs
ee710f2c16 App Passwords: Improve validation and sanitization of the application name.
Application names are now required to be unique and cannot contain solely whitespace characters. Additionally, invalid characters are now stripped from the application name using `sanitize_text_field()`.

Props Boniu91, hellofromTonya, engahmeds3ed, xkon, francina.
Fixes #51941.

Built from https://develop.svn.wordpress.org/trunk@50030


git-svn-id: http://core.svn.wordpress.org/trunk@49731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 19:05:02 +00:00
antpb
d7e0ddebd1 Media: Reintroduce caching for Media Library query.
In [50021], caching was removed causing unintended classic block media flows to fail.

Reverts [50021].
See #50025.

Built from https://develop.svn.wordpress.org/trunk@50029


git-svn-id: http://core.svn.wordpress.org/trunk@49730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 14:51:00 +00:00
Sergey Biryukov
401b0bbe8c Accessibility: Administration: Respect the prefers-reduced-motion media query for update icon spinner animations.
The update icon rotation should not occur when the user has opted to reduce motion, for example by selecting the "Reduce motion" option in macOS' preferences or unselecting "Show animations in Windows" in Windows' preferences.

Follow-up to [47813], [50027].

Props xkon, audrasjb, johnbillion.
Fixes #52263. See #51476.
Built from https://develop.svn.wordpress.org/trunk@50028


git-svn-id: http://core.svn.wordpress.org/trunk@49729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 11:40:59 +00:00
Sergey Biryukov
3a695a7be2 Plugins: Rotate the Updates icon in the admin bar when performing inline updates on the Plugins screen.
This provides better indication within the viewport about ongoing processes on the page when updating several plugins at the same time, but without using the bulk updater.

Props ravipatel, audrasjb, johnjamesjacoby, paaljoachim, hellofromTonya, sabernhardt, mdwolinski, karmatosed, SergeyBiryukov.
Fixes #51476.
Built from https://develop.svn.wordpress.org/trunk@50027


git-svn-id: http://core.svn.wordpress.org/trunk@49728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 10:59:02 +00:00
Sergey Biryukov
11ea669f7f Twenty Twenty-One: Correct colors for the Menu button.
As per design, the background should be transparent and the text should be dark grey, not vice versa.

Follow-up to [49987].

Props poena.
Fixes #52374. See #51927.
Built from https://develop.svn.wordpress.org/trunk@50026


git-svn-id: http://core.svn.wordpress.org/trunk@49727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 18:59:57 +00:00
ryelle
fed21a9863 Administration: Standardize colors used in CSS to a single palette.
This is part of a larger project in cleaning up core's admin CSS. This collapses all colors used in the CSS to one of 12 blues, greens, reds, and yellows, 13 grays, pure black, and pure white. The colors are perceptually uniform from light to dark, half of each range has a 4.5 or higher contrast against white, the other half has a 4.5 or higher contrast against black.

Standardizing on this set of colors will help contributors make consistent, accessible design decisions. The full color palette can be seen here: https://codepen.io/ryelle/full/WNGVEjw

Props notlaura, danfarrow, kburgoine, drw158, audrasjb, Joen, hedgefield, ibdz, melchoyce.
See #49999.


Built from https://develop.svn.wordpress.org/trunk@50025


git-svn-id: http://core.svn.wordpress.org/trunk@49726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 18:54:59 +00:00
John Blackbourn
3670cc0b36 REST API: Introduce modified_before and modified_after query parameters for the posts endpoints.
These parameters work just the same as `before` and `after` except they operate on the post modified date instead of the post published date.

Props claytoncollie, TimothyBlynJacobs, hellofromTonya

Fixes #50617

Built from https://develop.svn.wordpress.org/trunk@50024


git-svn-id: http://core.svn.wordpress.org/trunk@49725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 18:28:03 +00:00
Sergey Biryukov
4ad17435f9 Mail: Make sure the SMTP class is only required once if a plugin requires wp-includes/class-smtp.php directly.
Follow-up to [48033], [48530].

Props oellin, greatsaltlake, audrasjb.
Fixes #52369. See #50716, #41750.
Built from https://develop.svn.wordpress.org/trunk@50022


git-svn-id: http://core.svn.wordpress.org/trunk@49723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 13:45:57 +00:00
antpb
c699cbcf0a Media: Remove caching from filter by date in media library.
Previously, newly uploaded media attachments were missing when filtering media items by date due to lack of cache invalidation.
Props adamsilverstein, teamdnk, afercia, Mista-Flo, joedolson.
Fixes #50025.

Built from https://develop.svn.wordpress.org/trunk@50021


git-svn-id: http://core.svn.wordpress.org/trunk@49722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 05:26:01 +00:00
desrosj
ad7754dbd9 Build/Test Tools: Update autoprefixer dependency.
This updates `autoprefixer` from version `9.6.2` to `9.8.6`. This includes changes as a result of running `npm run grunt precommit:css`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@50017


git-svn-id: http://core.svn.wordpress.org/trunk@49718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 14:51:15 +00:00
desrosj
55df82ab1e Build/Test Tools: Update sinon dependency.
This updates `sinon` from version `9.2.3` to `9.2.4`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@50016


git-svn-id: http://core.svn.wordpress.org/trunk@49717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 13:34:14 +00:00
Sergey Biryukov
b97ae4e14c Toolbar: Update Documentation and Support links.
This replaces the Codex URL in the "WordPress" section of the admin bar with the HelpHub URL, and updates the Support link to point to the forums.

Follow-up to [45140], [45412].

Props audrasjb.
Fixes #52352. See #46790, #47239.
Built from https://develop.svn.wordpress.org/trunk@50015


git-svn-id: http://core.svn.wordpress.org/trunk@49716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 12:53:58 +00:00
Gary Pendergast
91a89f2df2 Menus: Fix linting errors introduced in [50013].
Props TimothyBlynJacobs.
Fixes #52189.


Built from https://develop.svn.wordpress.org/trunk@50014


git-svn-id: http://core.svn.wordpress.org/trunk@49715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 06:55:02 +00:00
Gary Pendergast
2660382579 Menus: Make use of wp_resolve_post_date() when updating menu items.
This allows a menu item `post_date` to be set to particular value, rather than only allowing it to be set to "now". In particular, the WordPress Importer can use this to perform faster, more accurate duplicate checks.

Props jmdodd.
Fixes #52189.


Built from https://develop.svn.wordpress.org/trunk@50013


git-svn-id: http://core.svn.wordpress.org/trunk@49714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 01:23:58 +00:00
Gary Pendergast
ce19f7a630 Posts: Create a new function for resolving the post date.
`wp_insert_post()` has a few checks using `post_date` and `post_date_gmt`, to determine the correct post date. This functionality is now extracted out into a new `wp_resolve_post_date()` function, allowing the checks to be reused elsewhere.

Props jmdodd.
Fixes #52187.


Built from https://develop.svn.wordpress.org/trunk@50012


git-svn-id: http://core.svn.wordpress.org/trunk@49713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 01:07:59 +00:00
Gary Pendergast
7e93e28784 Export: Create an export-specific filter for post titles.
Since WordPress 2.5 and 2.6, `post_content` and `post_excerpt` have both had export-specific filters: `the_content_export`, and `the_excerpt_export`, respectively. `post_title`, however, has used `the_title_rss`, which behaves differently in two important ways:

- It strips HTML tags from the string.
- It HTML-encodes the title string.

These behaviours are not ideal for exports, since it changes the post title, resulting in data loss in export files, and incorrect post duplicate matching on import. This changes replaces the usage of `the_title_rss` with a new filter, `the_title_export`. The new filter is intended to be used in the same as `the_content_export` and `the_excerpt_export`.

Props jmdodd, audrasjb.
Fixes #52250.


Built from https://develop.svn.wordpress.org/trunk@50011


git-svn-id: http://core.svn.wordpress.org/trunk@49712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 00:09:59 +00:00
TimothyBlynJacobs
1a65652cbc REST API: Support type coercion when validating the enum JSON Schema keyword.
Previously, the `enum` keyword was validated by perform a strict equality check. For `string` types this is generally ok, but it prevented using alternative types like `number` when rich type support isn't available.

Now the same level of type coercion/sanitization is applied when validating `enum` as all other validation checks. This means that a value of `"1"` will be accepted for an `enum` of `[ 0, 1 ]`. Additionally, `object` types now properly ignore key order when checking for equality.

Props yakimun.
Fixes #51911.

Built from https://develop.svn.wordpress.org/trunk@50010


git-svn-id: http://core.svn.wordpress.org/trunk@49711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 16:52:00 +00:00
Sergey Biryukov
db01832512 Docs: Correct default value for the number argument of wp_tag_cloud().
Follow-up to [42658].

Props audrasjb, pawki07.
Fixes #52348.
Built from https://develop.svn.wordpress.org/trunk@50009


git-svn-id: http://core.svn.wordpress.org/trunk@49710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 14:07:57 +00:00
Sergey Biryukov
2259adf433 Docs: Document globals in dropdown_categories() and dropdown_link_categories().
Props umangvaghela123, pawki07.
Fixes #41504.
Built from https://develop.svn.wordpress.org/trunk@50008


git-svn-id: http://core.svn.wordpress.org/trunk@49709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 13:59:58 +00:00
TimothyBlynJacobs
1ae368e91d REST API: Add more specific error codes for schema validation.
Previously, the majority of JSON Schema validation errors returned a generic `rest_invalid_param` error code. In preparation for #46191, where the underlying validation error code will be exposed, this commit adds specific error codes for each failure scenario.

Fixes #52317.

Built from https://develop.svn.wordpress.org/trunk@50007


git-svn-id: http://core.svn.wordpress.org/trunk@49708 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 03:58:57 +00:00
TimothyBlynJacobs
6a8a83ea09 App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.

This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.

In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.

Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.

Built from https://develop.svn.wordpress.org/trunk@50006


git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 02:57:59 +00:00
TimothyBlynJacobs
20d961e622 REST API: Support embedding links in rest_preload_api_request().
Props lpawlik, spacedmonkey.
Fixes #51722.

Built from https://develop.svn.wordpress.org/trunk@50005


git-svn-id: http://core.svn.wordpress.org/trunk@49706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-23 23:26:58 +00:00
Sergey Biryukov
c3e48b857b App Passwords: Use correct translation function for a heading on Authorize Application screen.
Props akramipro.
Fixes #52351.
Built from https://develop.svn.wordpress.org/trunk@50003


git-svn-id: http://core.svn.wordpress.org/trunk@49704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-23 13:12:57 +00:00
Sergey Biryukov
a45a292777 Docs: Fix typo in WP_Links_List_Table DocBlock.
Props audrasjb.
Fixes #52349.
Built from https://develop.svn.wordpress.org/trunk@50002


git-svn-id: http://core.svn.wordpress.org/trunk@49703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-23 07:25:02 +00:00
Sergey Biryukov
9f12d7f575 External Libraries: First pass at fixing jQuery deprecations in WordPress core and bundled themes.
To be able to disable jQuery Migrate as step 3 of updating the jQuery version shipped with WordPress, all `JQMIGRATE` warnings in the browser console will have to be addressed.

This includes many minor adjustments to a wide array of core files.

Follow-up to:
* Step 1: Disabling jQuery Migrate 1.4.1 in WordPress 5.5: [48323], [48324]
* Step 2: Updating jQuery to 3.5.1 and adding jQuery Migrate 3.3.x in WordPress 5.6: [49101], [49338], [49615], [49649]

Props Clorith, azaozz.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50001


git-svn-id: http://core.svn.wordpress.org/trunk@49702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-22 12:32:03 +00:00
Sergey Biryukov
8b1be13c86 5.7-alpha-50000 🎉🙌❤️
Thank you for the past
Excited for the future
We are #WordPressStrong!
Built from https://develop.svn.wordpress.org/trunk@50000


git-svn-id: http://core.svn.wordpress.org/trunk@49701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:39:54 +00:00
Sergey Biryukov
4e8ff35289 Twenty Twenty-One: Consistently use Yoda condition for display_title_and_tagline setting.
Props mukesh27.
Fixes #52329.
Built from https://develop.svn.wordpress.org/trunk@49994


git-svn-id: http://core.svn.wordpress.org/trunk@49695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:16:59 +00:00
Sergey Biryukov
334c279d5b Twenty Twenty-One: Add missing HTML comments for </header> tag.
This brings some consistency to closing `</header>` tags in theme templates and ensures they all have an associated HTML comment.

Props freewebmentor, mukesh27.
Fixes #52328.
Built from https://develop.svn.wordpress.org/trunk@49993


git-svn-id: http://core.svn.wordpress.org/trunk@49694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 12:10:01 +00:00
Felix Arntz
3716c8c20f Robots: Introduce Robots API.
This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag.

* Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included.
* Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted.
* Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag:
    * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated.
    * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated.
    * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`.

Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`.

Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core.

Props adamsilverstein, flixos90, timothyblynjacobs, westonruter.
See #51511.

Built from https://develop.svn.wordpress.org/trunk@49992


git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 01:37:00 +00:00
desrosj
3eb9b3e714 Build/Test Tools: Update CSS files after grunt precommit:css.
This removes instances of the `-moz-user-select` property, which was required until Firefox 68.

Firefox is currently in version 84, so these can safely be removed.

Fixes #52332.
Built from https://develop.svn.wordpress.org/trunk@49991


git-svn-id: http://core.svn.wordpress.org/trunk@49692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 19:07:00 +00:00
desrosj
6a12c9522b Build/Test Tools: Update more NPM packages
This updates two NPM packages:
- `qunit` from `2.13.0` to `2.14.0`.
- `sinon` from `9.2.2` to `9.2.3`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@49990


git-svn-id: http://core.svn.wordpress.org/trunk@49691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 14:42:15 +00:00
desrosj
ebeaae9de0 Build/Test Tools: Update the uglify-js package.
This updates the `uglify-js` package from version `3.12.4` to `3.12.5`.

See #51801.
Built from https://develop.svn.wordpress.org/trunk@49989


git-svn-id: http://core.svn.wordpress.org/trunk@49690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 13:35:18 +00:00
Sergey Biryukov
a0db82e9c8 Twenty Twenty-One: Add missing styles for <button> element.
Props poena, slaFFik.
Fixes #52029.
Built from https://develop.svn.wordpress.org/trunk@49988


git-svn-id: http://core.svn.wordpress.org/trunk@49689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 07:05:58 +00:00
Sergey Biryukov
b3bb99b3d7 Twenty Twenty-One: Clean up Button styles.
This change restructures the Button element styles for better a11y and expected color behaviors. Here what has changed:

- The `button-style()` mixin is now the ''single source or truth'' for how Button should look site-wide.
  - Button Block, File Block, and Search form Blocks all rely on this one mixin.
  - The same styles is also applied to the `<button>` element which appears in widgets, the 404 search form and comments form.
- Improves expected button styles for various conditions and contexts as follows: 
  - User color palette selections for Buttons are retained regardless of a parent block’s color settings or dark-mode.
  - Supports both Default/Filled styles and Outline styles.
  - More consistent `:hover` and `:active` styles.
  - `:focus` styles are now always visible and legible.
- Adds a `--local-color` color variable to scope color relationships to nested blocks.
- Reduces selectors in `style.css` output.
- 1:1 experience between editor and front end button styles.
- Properly supports Dark-mode.

Props allancole, poena, scruffian, megphillips91.
Fixes #51927.
Built from https://develop.svn.wordpress.org/trunk@49987


git-svn-id: http://core.svn.wordpress.org/trunk@49688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 05:51:02 +00:00
Peter Wilson
ce5a508734 Media: Ensure get_post_status() does not contain half a comment.
Removes a misplaced comment, follow up to [49985].

Props SergeyBiryukov.
Fixes #52326.


Built from https://develop.svn.wordpress.org/trunk@49986


git-svn-id: http://core.svn.wordpress.org/trunk@49687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 05:00:01 +00:00
Peter Wilson
9c2c78b6c8 Media: Ensure get_post_status() returns correct result for attachments.
Prevent `get_post_status()` returning `false` for attachments if the parent post has been deleted. The returned attachment post status is now passed through the `get_post_status` filter.

Add tests for `get_post_status()`.

Props peterwilsoncc, timothyblynjacobs for review.
Fixes #52326.


Built from https://develop.svn.wordpress.org/trunk@49985


git-svn-id: http://core.svn.wordpress.org/trunk@49686 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-20 04:41:03 +00:00