The `permissions` key in a job declares the GitHub permissions that are granted to the token that's used by the job. Restricting the permissions reduces the impact that a vulnerability in the CI system can have.
Props desrosj, johnbillion
See #57865
Built from https://develop.svn.wordpress.org/trunk@55715
git-svn-id: http://core.svn.wordpress.org/trunk@55227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `view_items` post type label is used in the Editor, for the `aria-label` of the link to go back to the Posts list. When editing a Reusable block, it fallbacks to 'View Posts'. It should be 'View Reusable blocks'.
Fixes#58209.
Built from https://develop.svn.wordpress.org/trunk@55709
git-svn-id: http://core.svn.wordpress.org/trunk@55221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A bug was discovered where where the parser wasn't returning to the
start of the affected tag after making some updates.
In few words, the Tag Processor has not been treating its own internal
pointer `bytes_already_parsed` the same way it treats its bookmarks.
That is, when updates are applied to the input document and then
`get_updated_html()` is called, the internal pointer transfers to
the newly-updated content as if no updates had been applied since
the previous call to `get_updated_html()`.
In this patch we're creating a new "shift accumulator" to account for
all of the updates that accrue before calling `get_updated_html()`.
This accumulated shift will be applied when swapping the input document
with the output buffer, which should result in the pointer pointing to
the same logical spot in the document it did before the udpate.
In effect this patch adds a single workaround for treating the
internal pointer like a bookmark, plus a temporary pointer which points
to the beginning of the current tag when calling `get_updated_html()`.
This will preserve the assumption that updating a document doesn't
move that pointer, or shift which tag is currently matched.
Props dmsnell, zieladam.
Fixes#58179.
Built from https://develop.svn.wordpress.org/trunk@55706
git-svn-id: http://core.svn.wordpress.org/trunk@55218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).
WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.
While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.
Follow-up to [52039], [52040], [52326].
Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes#58012.
Built from https://develop.svn.wordpress.org/trunk@55703
git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed.
Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby.
Fixes#57905.
Built from https://develop.svn.wordpress.org/trunk@55702
git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [55252] the function `wp_queue_posts_for_term_meta_lazyload` was refactored to use `wp_cache_get_multiple`. This refactor included a call to `get_term`. However, calling get_term calls `sanitize_term`, which sanitizes all fields in a term. The full term object is not needed in this context as term meta only needs to the term id, which is already in the function. Saving calls to `sanitize_term` will improve performance of this function.
Props spacedmonkey, joemcgill, mukesh27.
Fixes#57966.
Built from https://develop.svn.wordpress.org/trunk@55701
git-svn-id: http://core.svn.wordpress.org/trunk@55213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The autosaves and revisions controllers used to set the same class properties in a slightly different order.
This commit makes the `::__construct()` methods of both classes more consistent to simplify future maintenance.
Follow-up to [46272], [51962].
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55697
git-svn-id: http://core.svn.wordpress.org/trunk@55209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This PR removes the `wp_enqueue_registered_block_scripts_and_styles` callback from the `enqueue_block_editor_assets` action.
There are two actions to enqueue block assets: `enqueue_block_editor_assets` and `enqueue_block_assets`. The former enqueues the assets to the editor and the later enqueues them to the front-end and the editor. Given `wp_enqueue_registered_block_scripts_and_styles` is already bound to the `enqueue_block_assets` (front-end and editor), it is unnecessary to bind it to `enqueue_block_editor_assets` (editor) as well.
This was originally introduced at [44157] and hasn't been modified since.
Props ellatrix, costdev.
Fixes#58208.
Built from https://develop.svn.wordpress.org/trunk@55695
git-svn-id: http://core.svn.wordpress.org/trunk@55207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `continue` to help separate each case for better readability, instead of having a wall of `if`/`elseif`.
Includes simplifying a similar fragment in `make_site_theme_from_default()`.
Follow-up to [1575], [2037], [2040], [2044], [2346], [7999], [14080], [14485].
Props costdev, krunal265, hellofromTonya, brookedot, SergeyBiryukov.
Fixes#56982.
Built from https://develop.svn.wordpress.org/trunk@55688
git-svn-id: http://core.svn.wordpress.org/trunk@55200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_block_templates()` is responsible for finding block templates that match a given search. The function receives a query parameter with the relevant metadata (slugs of the templates, areas of the template parts, etc) to find the user templates (database) and theme templates (file directory).
This function can be made more performant by changing how it works. Before this change, it processed all the block templates and discarded the ones that didn't match the query after it occurred. This commit makes it so it discards the templates that don't match the query before processing them. As a result, it only has to process the subset of templates that will be used, instead of all of them.
This change impacts any theme with block templates. TwentyTwentyThree reports a 15% improvement in Time To First Byte.
Props spacedmonkey, jorgefilipecosta, youknowriad, flixos90, mukesh27.
Fixes#57756.
Built from https://develop.svn.wordpress.org/trunk@55687
git-svn-id: http://core.svn.wordpress.org/trunk@55199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove the `theme` parameter from the query passed to `get_block_templates()`. It is not used or documented. This removal doesn't have any effect in the code, as the data is ignored anyway.
Props draganescu, audrasjb, davidbaumwald, hellofromTonya.
Fixes#57736.
Built from https://develop.svn.wordpress.org/trunk@55686
git-svn-id: http://core.svn.wordpress.org/trunk@55198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The cache group `users-queries` was added in [55657]. This global cache group, was named to be inline with cache groups added in [55526]. However, the naming of the group does not match, as other cache groups, do not end with s at the end. This change fix this naming.
Props spacedmonkey, SergeyBiryukov, peterwilsoncc.
See #40613.
Built from https://develop.svn.wordpress.org/trunk@55680
git-svn-id: http://core.svn.wordpress.org/trunk@55192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds support for the new selectors property for block types. It adds it to the allowed metadata when registering a block type, makes the WP_Block_Type class aware of it, exposes it through the block types REST API, and the get_block_editor_server_block_settings function.
Corresponding work in the Gutenberg plugin: https://github.com/WordPress/gutenberg/pull/46496.
Fixes#57585.
Props aaronrobertshaw, hellofromTonya.
Built from https://develop.svn.wordpress.org/trunk@55673
git-svn-id: http://core.svn.wordpress.org/trunk@55185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [34529] introduced lazy loading of term meta. However, this was only in the context of `WP_Query`. Other parts of the codebase, like `WP_Term_Query` did not lazily load term meta. In this change, calls to `update_termmeta_cache` are now replaced with `wp_lazyload_term_meta`, that instead of priming term meta caches, just adds them to the queue to be primed it ever called. This results in far less database queries, as there a number of places where term meta is being primed unnecessarily and never used. Adding everything to the term meta queue, also means that if term meta is used, that is all loaded in a single database / cache call.
Props spacedmonkey, mukesh27, peterwilsoncc.
Fixes#57645.
Built from https://develop.svn.wordpress.org/trunk@55671
git-svn-id: http://core.svn.wordpress.org/trunk@55183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the security policy displayed on GitHub, `SECURITY.md`, to refer visitors to the [https://hackerone.com/wordpress HackerOne WordPress program] for the full policy.
This allows the project to maintain a single source of truth and avoid the potential for conflicting information across the two sites.
Props desrosj, hellofromTonya, costdev.
Fixes#57937.
Built from https://develop.svn.wordpress.org/trunk@55670
git-svn-id: http://core.svn.wordpress.org/trunk@55182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Comments created by means of a tag closer with an invalid tag name, e.g. `</3>`.
- Comments closed with the invalid `--!>` closer. (Comments should be closed by `-->` but if the `!` appears it will also close it, in error.)
- Empty tag name elements, which are technically skipped over and aren't comments, e.g. `</>`.
Props dmsnell, costdev.
Fixes#58007.
Built from https://develop.svn.wordpress.org/trunk@55667
git-svn-id: http://core.svn.wordpress.org/trunk@55179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This replaces a site ID comparison when displaying action links in `WP_MS_Sites_List_Table::handle_row_actions()` with a dedicated function call, `is_main_site()`, for clarity.
Follow-up to [13918], [25125], [26120], [32644], [38814].
Props ecorica, spacedmonkey, SergeyBiryukov.
Fixes#58150.
Built from https://develop.svn.wordpress.org/trunk@55666
git-svn-id: http://core.svn.wordpress.org/trunk@55178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to bring more consistency between the functions, as well as in filter parameters.
Includes minor code layout fixes for better readability.
Follow-up to [45667], [47287], [48579], [53719], [53723], [55308].
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55660
git-svn-id: http://core.svn.wordpress.org/trunk@55172 1a063a9b-81f0-0310-95a4-ce76da25c4cd