Commit Graph

50110 Commits

Author SHA1 Message Date
John Blackbourn
6cf0577be8 Role/Capability: Introduce the user_can_for_blog() function.
This complements the existing user capability checking functions and enables checking a capability of any user on any site on a Multisite network.

Props tmanoilov, rajinsharwar, n8finch, johnbillion

Fixes #45197
Built from https://develop.svn.wordpress.org/trunk@59123


git-svn-id: http://core.svn.wordpress.org/trunk@58519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 11:05:15 +00:00
cbravobernal
81a6eddf77 Block bindings: Add canUpdateBlockBindings editor setting.
Adds a `canUpdateBlockBindings` editor setting that allows to decide if the user is able to create and modify bindings through the UI. By default, only admin users can do it, but it can be overridden with `block_editor_settings_all` filter.

Props santosguillamot, gziolo, jorbin, noisysocks, matveb, cbravobernal, youknowriad, mamaduka, timothyblynjacobs, peterwilsoncc, drivingralle.
Fixes #61945.

Built from https://develop.svn.wordpress.org/trunk@59122


git-svn-id: http://core.svn.wordpress.org/trunk@58518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 06:49:18 +00:00
Peter Wilson
76afc20e4e General: Delete tests/phpunit/tests/formatting/wpTargetedLinkRel.php.
Really delete `tests/phpunit/tests/formatting/wpTargetedLinkRel.php` this time rather than leaving it hanging around as an empty file.

Follow up to [59120].

Props noisysocks.
See #53843


Built from https://develop.svn.wordpress.org/trunk@59121


git-svn-id: http://core.svn.wordpress.org/trunk@58517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 05:29:17 +00:00
Peter Wilson
8c3dd2eb88 General: Remove noopener from links opening in a new tab.
Removes the automatic addition of `rel="noopener noreferrer"` from links targeting a new tab or window, `target='_blank'`. Since this was introduced, supported browsers have changed their security policies and no longer allow the opened link to have JavaScript access to the previous tab.

Deprecates:

* `wp_targeted_link_rel()`
* `wp_targeted_link_rel_callback()`
* `wp_init_targeted_link_rel_filters()`: converted to a noop function
* `wp_remove_targeted_link_rel_filters()`: converted to a noop function

The deprecated functions are retained in `formatting.php` as in `SHORTINIT` mode the file is included while `deprecated.php` is not.

This also removes the `noopener` from links hard coded within the WordPress dashboard linking to documentation and other resources.

Props audrasjb, azaozz, dhruval04, dorzki, neo2k23, presskopp, sabernhardt, swissspidy, tobiasbg.
Fixes #53843.

Built from https://develop.svn.wordpress.org/trunk@59120


git-svn-id: http://core.svn.wordpress.org/trunk@58516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 05:19:16 +00:00
noisysocks
cf877c686b Editor: Update packages for 6.7 Beta 1.
Syncs `@wordpress/*` packages to the `wp-6.7` npm tag.

See #61906.

Built from https://develop.svn.wordpress.org/trunk@59119


git-svn-id: http://core.svn.wordpress.org/trunk@58515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 05:11:31 +00:00
Peter Wilson
b7d4ca5298 Media: Add short-circuit filter to attachment_url_to_postid().
Introduces the filter `pre_attachment_url_to_postid` to allow developers to short-circuit the function `attachment_url_to_postid()`.

The return values are expected to be an attachment ID, zero (`0`) to indicate no attachment was found or `null` to indicate the function should proceed as usual.

The function performs an expensive database query so developers making use of the function frequently may wish to use a custom table with appropriate indexes to reduce the load on their database server.

Props antpb, apermo, audrasjb, joedolson.
Fixes #61383.

Built from https://develop.svn.wordpress.org/trunk@59118


git-svn-id: http://core.svn.wordpress.org/trunk@58514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 03:19:17 +00:00
Peter Wilson
a03401429b Editor: Prevent direct access to /wp-includes/blocks/index.php.
Adds a check for `ABSPATH` to the top of the `/wp-includes/blocks/index.php` file and prevents the file from loading if it is not defined.

This prevents the file from throwing errors when accessed directly.

Props khokansardar, mukesh27.
Fixes #62108.
See #60352.

Built from https://develop.svn.wordpress.org/trunk@59117


git-svn-id: http://core.svn.wordpress.org/trunk@58513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 01:56:14 +00:00
Peter Wilson
849b0c0e5e Build/Test Tools: Re-order assertion parameters query block tests.
Corrects the order of the expected and actual values in several tests of the `build_query_vars_from_query_block()` function.

See #61530.

Built from https://develop.svn.wordpress.org/trunk@59116


git-svn-id: http://core.svn.wordpress.org/trunk@58512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 01:31:17 +00:00
Peter Wilson
998a74eb6f REST API/Editor: Support post formats in Query Block & Posts API.
Introduces post format support for both the Query Block with the new parameter `format`. In the `build_query_vars_from_query_block()` function, this is converted to a `post_format` taxonomy query passed to `WP_Query`.

Also introduces the `format` parameter to the REST API's Posts controller to support the feature in the Query block. The parameter type is an enumerated  string accepted the post formats supported by each post type.

Props poena, mukesh27, mamaduka, noisysocks, TimothyBlynJacobs.
Fixes #62014.

Built from https://develop.svn.wordpress.org/trunk@59115


git-svn-id: http://core.svn.wordpress.org/trunk@58511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 01:19:16 +00:00
Sergey Biryukov
8838465b5e Date/Time: Use numeric input for touch_time() fields.
This aims to make it easier to enter digits in datetime text fields on mobile devices, instead of opening the full keyboard.

Follow-up to [43], [1506], [2998], [3648], [6078], [6989], [7285], [7338], [20168], [20217], [28730], [32945], [49283].

Props sabernhardt.
Fixes #62109.
Built from https://develop.svn.wordpress.org/trunk@59114


git-svn-id: http://core.svn.wordpress.org/trunk@58510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-29 22:49:16 +00:00
joedolson
1d13bc7bff Accessibility: Clarify aria-label in pagination links.
Change posts and comments pagination `nav` regions to have an aria-label of "Posts pagination" and "Comments pagination", respectively. This provides improved context for the numeric links contained within these regions and differentiates between posts navigation regions and posts pagination regions.

Props michaelbourne, sabernhardt, afercia, xyulex, webmandesign, tirth03, joedolson.
Fixes #54260.
Built from https://develop.svn.wordpress.org/trunk@59113


git-svn-id: http://core.svn.wordpress.org/trunk@58509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-28 23:36:13 +00:00
joedolson
0820aefa32 Code Standards: Correct @since reference in get_user().
Change `@since` from 6.7 to 6.7.0, per coding standards. Follow-up to [59111].

Props joedolson, peterwilsoncc.
See #35124.
Built from https://develop.svn.wordpress.org/trunk@59112


git-svn-id: http://core.svn.wordpress.org/trunk@58508 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-28 23:20:17 +00:00
joedolson
dfa14f95bb Users: Add get_user() alias.
Add `get_user()` as an alias for `get_user_by( 'id', $user_id )`. Add `get_user()` to `user.php` so it is not a pluggable function. Bring parity with other standard `get_` functions for a more intuitive developer experience.

Props sc0ttkclark, kushang78, joedolson, peterwilsoncc.
Fixes #35124.
Built from https://develop.svn.wordpress.org/trunk@59111


git-svn-id: http://core.svn.wordpress.org/trunk@58507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-28 23:08:18 +00:00
Sergey Biryukov
cfc609eb3e Twenty Fifteen: Document the $more parameter in twentyfifteen_excerpt_more().
Follow-up to [30237], [30569].

Props pitamdey, sabernhardt.
See #62079.
Built from https://develop.svn.wordpress.org/trunk@59110


git-svn-id: http://core.svn.wordpress.org/trunk@58506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-28 15:09:17 +00:00
hellofromTonya
029f97976d Code Modernization: Fix trigger_error() with E_USER_ERROR deprecation in TestXMLParser::parse().
PHP 8.4 deprecates the use of `trigger_errror()` with `E_USER_ERROR` as the error level, as there are a number of gotchas to this way of creating a `Fatal Error` (`finally` blocks not executing, destructors not executing).
The recommended replacements are either to use exceptions or to do a hard `exit`.

As this is a test-only class, do not have to take BC-breaks into account.

Also, as this is a test helper, throwing a exception is the most appropriate solution.

Reference:
* https://wiki.php.net/rfc/deprecations_php_8_4#deprecate_passing_e_user_error_to_trigger_error

Follow-up to [25002].

Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59109


git-svn-id: http://core.svn.wordpress.org/trunk@58505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 20:00:16 +00:00
hellofromTonya
b6b862529b Code Modernization: Fix trigger_error() with E_USER_ERROR deprecation in WP_Test_Stream::open().
PHP 8.4 deprecates the use of `trigger_errror()` with `E_USER_ERROR` as the error level, as there are a number of gotchas to this way of creating a `Fatal Error` (`finally` blocks not executing, destructors not executing).
The recommended replacements are either to use exceptions or to do a hard `exit`.

As this is a test-only class, do not have to take BC-breaks into account.

Also, as this is a test helper, throwing a exception is the most appropriate solution.

Reference:
* https://wiki.php.net/rfc/deprecations_php_8_4#deprecate_passing_e_user_error_to_trigger_error

Follow-up to [49230].

Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59108


git-svn-id: http://core.svn.wordpress.org/trunk@58504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 19:53:22 +00:00
hellofromTonya
9160482cf3 Code Modernization: Fix trigger_error() with E_USER_ERROR deprecation in wp_trigger_error().
PHP 8.4 deprecates the use of `trigger_errror()` with `E_USER_ERROR` as the error level, as there are a number of gotchas to this way of creating a `Fatal Error` (`finally` blocks not executing, destructors not executing). The recommended replacements are either to use exceptions or to do a hard `exit`.

WP has its own `wp_trigger_error()` function, which under the hood calls `trigger_error()`. If passed `E_USER_ERROR` as the `$error_level`, this will hit the PHP 8.4 deprecation.

Now, there were basically three options:
* Silence the deprecation until PHP 9.0 and delay properly solving this until then. This would lead to an awkward solution, as prior to PHP 8.0, error silencing would apply to all errors, while, as of PHP 8.0, it will no longer apply to fatal errors. It also would only buy us some time and wouldn't actually solve anything.

* Use `exit($status)` when `wp_trigger_error()` is called with `E_USER_ERROR`. This would make the code untestable and would disable handling of these errors via custom error handlers, which makes this an undesirable solution.

* Throw an exception when `wp_trigger_error()` is called with `E_USER_ERROR`. This makes for the most elegant solution with the least BC-breaking impact, though it does open it up to the error potential being "caught" via a `try-catch`. That's not actually a bad thing and is likely to only happen for those errors which can be worked around, in which case, it's a bonus that that's now possible.

The third option is implemented which:
* Introduces a new `WP_Exception` class.
* Starts using `WP_Exception` in the `wp_trigger_error()` function when the `$error_level` is set to `E_USER_ERROR`.

This change is covered by pre-existing tests, which have been updated to expect the exception instead of a PHP error.

Why not use `WP_Error`?

Well, for one, this would lead to completely different behaviour (BC).

As `WP_Error` doesn't extend `Exception`, the program would not be stopped, but would continue running, which would be a much bigger breaking change and carries security risks. `WP_Error` also doesn't natively trigger displaying/logging of the error message, so in that case, it would still need an `exit` with the error message, bringing us back to point 2 above.

Introducing `WP_Exception` provides (essentially) the same behaviour in that it retains the fatal error and error message displaying/logging behaviors. It also introduces a base Exception class, from which future exception classes can extend.

References:
* https://wiki.php.net/rfc/deprecations_php_8_4#deprecate_passing_e_user_error_to_trigger_error
* https://www.php.net/manual/en/migration80.incompatible.php

Follow-up to [56530].

Props jrf, hellofromTonya.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59107


git-svn-id: http://core.svn.wordpress.org/trunk@58503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 19:28:14 +00:00
hellofromTonya
e97af52b4f Code Modernization: Fix trigger_error() with E_USER_ERROR deprecation in Text_Diff_Op::reverse().
PHP 8.4 deprecates the use of `trigger_errror()` with `E_USER_ERROR` as the error level, as there are a number of gotchas to this way of creating a `Fatal Error` (`finally` blocks not executing, destructors not executing).
The recommended replacements are either to use exceptions or to do a hard `exit`.

This is an unmaintained external dependency; thus, the fix is made in the WP specific copy of the dependency.

As `trigger_error()` call looks to be a remnant of the PHP 4 era before a class could be declared as `abstract`, fixed by making both the method as well as the class `abstract` and removing the call to `trigger_error()`.

Ref:
* https://wiki.php.net/rfc/deprecations_php_8_4#deprecate_passing_e_user_error_to_trigger_error
* https://www.php.net/manual/en/migration80.incompatible.php

Follow-up to [7747].

Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59106


git-svn-id: http://core.svn.wordpress.org/trunk@58502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 18:19:17 +00:00
hellofromTonya
65d27642af Code Modernization: Fix trigger_error() with E_USER_ERROR deprecation in Text_Diff::_check().
PHP 8.4 deprecates the use of `trigger_errror()` with `E_USER_ERROR` as the error level, as there are a number of gotchas to this way of creating a `Fatal Error` (`finally` blocks not executing, destructors not executing). The recommended replacements are either to use exceptions or to do a hard `exit`.

This is an unmaintained external dependency; thus, the fix is made in the WP specific copy of the dependency.

Now, there were basically three options:
* Silence the deprecation until PHP 9.0 and delay properly solving this until then.
    This would lead to an awkward solution, as prior to PHP 8.0, error silencing would apply to all errors, while, as of PHP 8.0, it will no longer apply to fatal errors.
    It also would only buy us some time and wouldn't actually solve anything.
* Use `exit($status)`.
    This would make the code untestable and would disable handling of these errors via custom error handlers, which makes this an undesirable solution.
* Throw an exception.
    This makes for the most elegant solution with the least BC-breaking impact.

The third option is implemented which:
* Introduces a new `Text_Exception` class.
* Starts using that in the `Text_Diff::_check()` method in all applicable places.
* Adds tests for the first two error conditions.

References:
* https://wiki.php.net/rfc/deprecations_php_8_4#deprecate_passing_e_user_error_to_trigger_error
* https://www.php.net/manual/en/migration80.incompatible.php

Follow-up to [59070], [52978], [7747].

Props jrf.
See #62061.
Built from https://develop.svn.wordpress.org/trunk@59105


git-svn-id: http://core.svn.wordpress.org/trunk@58501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 17:53:19 +00:00
dmsnell
c41e36b3c4 WP_Debug_Data: Formatting update to code in wp-dropins method.
Resolves an indentation issue introduced while extracting the `wp-dropins` data into a separate method from the main `debug_data()` method.

Developed in https://github.com/wordpress/wordpress-develop/pull/7446
Discussed in https://core.trac.wordpress.org/ticket/61648

Follow-up to [59100].

Props mukesh27.
See #61648.

Built from https://develop.svn.wordpress.org/trunk@59104


git-svn-id: http://core.svn.wordpress.org/trunk@58500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 16:37:18 +00:00
Sergey Biryukov
11e422b785 Twenty Nineteen: Remove trailing spaces in DocBlocks.
Follow-up to [59102].

Props mukesh27.
See #62112.
Built from https://develop.svn.wordpress.org/trunk@59103


git-svn-id: http://core.svn.wordpress.org/trunk@58499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 16:25:14 +00:00
Sergey Biryukov
d6a8139302 Twenty Nineteen: Add more missing documentation for helper function parameters.
Follow-up to [59090].

Props viralsampat.
See #62112.
Built from https://develop.svn.wordpress.org/trunk@59102


git-svn-id: http://core.svn.wordpress.org/trunk@58498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 16:13:22 +00:00
Bernhard Reiter
020fde0d1d Block Hooks: apply_block_hooks_to_content in Patterns, Templates.
In the Patterns registry, use `apply_block_hooks_to_content` (introduced in [58291])  instead of the `WP_Block_Patterns_Registry` class's private `get_content` method. (The latter is removed as part of this changeset.)

In a similar vein, use `apply_block_hooks_to_content` in the `_build_block_template_result_from_file` and `_build_block_template_result_from_post` functions, respectively.

For that to work, `apply_block_hooks_to_content` is amended to inject the `theme` attribute into Template Part blocks, even if no hooked blocks are present.

This kind of centralization is required as a preparation for #61902.

Props bernhard-reiter, jonsurrell.
See #61902.
Built from https://develop.svn.wordpress.org/trunk@59101


git-svn-id: http://core.svn.wordpress.org/trunk@58497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 09:20:18 +00:00
dmsnell
c73731e74e WP_Debug_Data: Extract wp-dropins data into separate method.
This is the seventh part in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other.

This patch separates the seventh of twelve groups, the `wp-dropins` info, into a separate method focused on that data.

This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code.

Developed in https://github.com/wordpress/wordpress-develop/pull/7418
Discussed in https://core.trac.wordpress.org/ticket/61648

Props apermo.
See #61648.

Built from https://develop.svn.wordpress.org/trunk@59100


git-svn-id: http://core.svn.wordpress.org/trunk@58496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 05:58:18 +00:00
dmsnell
ed654177cd HTML API: Switch to HTML namespace when entering Integration Points.
When encountering inline SVG and MathML content in an HTML document, there are certain "integration points" which transition back into the HTML parsing ruleset. Previously, the HTML API was incorrectly switching into the namespace of the element transitioning into that ruleset.

In this patch, the correct transition is made, where all integration points refer to HTML rules, while non-integration points refer to the rules of the namespace corresponding to the token itself.

Developed in https://github.com/wordpress/wordpress-develop/pull/7425
Discussed in https://core.trac.wordpress.org/ticket/61576

Props dmsnell, jonsurrell.
See #61576.

Built from https://develop.svn.wordpress.org/trunk@59099


git-svn-id: http://core.svn.wordpress.org/trunk@58495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 00:44:19 +00:00
czapla
d5c6e455e8 Revert [59097] because it was renaming a public method that should be deprecated instead.
Built from https://develop.svn.wordpress.org/trunk@59098


git-svn-id: http://core.svn.wordpress.org/trunk@58494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 19:37:22 +00:00
czapla
8786fe5da6 Interactivity API: Move interactivity-router i18n strings to Script Module data.
Moves the 'loading' and 'loaded' i18n strings for the `interactivity-router` to the script module data via the `script_module_data_@wordpress/interactivity-router` filter.

Key changes:

- Add the `filter_script_module_interactivity_router_data()` method, hooked into the `script_module_data_@wordpress/interactivity-router` filter, to set the `i18n` data with the 'loading' and 'loaded' messages.
- Rename the `print_router_loading_and_screen_reader_markup()` method to `print_router_markup()` and remove the screen reader markup from it because it's no longer needed.
- Remove the `loading` and `loaded` strings from the `core/router` store state because they're no longer needed.
- Initialize the `core/router` store with a minimal navigation object to prevent errors in the interactivity-router script module when the store is not properly initialized.
- Update corresponding unit tests to reflect these changes.

This change ensures that the `interactivity-router` i18n messages are localized in a single place and removes the need to initialize them in the `core/router` store state.

Props jonsurrell, swissspidy, czapla. 
See #60647.

Built from https://develop.svn.wordpress.org/trunk@59097


git-svn-id: http://core.svn.wordpress.org/trunk@58493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 17:55:13 +00:00
Sergey Biryukov
8f95d7bc14 Administration: Escape the WordPress.org URL in wp-admin/admin-footer.php.
Follow-up to [5892], [5955], [10976], [17879], [21366], [27469], [45927].

Props ramswarup, narenin, swissspidy.
Fixes #62118.
Built from https://develop.svn.wordpress.org/trunk@59096


git-svn-id: http://core.svn.wordpress.org/trunk@58492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 15:41:14 +00:00
cbravobernal
23e8ce70f0 Block bindings: Ensure block receives __default bindings when render.
Fixes an issue with the image block when using pattern overrides, where the image block with overrides enabled was not outputting all the expected image attributes. Ensures that the `process_block_bindings` method returns any updates to the block's binding metadata along with other computed attributes.

Props talldanwp, cbravobernal, santosguillamot, mukesh27, gziolo.

Fixes #62069.


Built from https://develop.svn.wordpress.org/trunk@59095


git-svn-id: http://core.svn.wordpress.org/trunk@58491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 14:51:18 +00:00
audrasjb
5e4a97f589 Help/About: Add plugin dependencies help tab on Plugins screen.
This changeset adds a help tab added about plugin dependencies on the Plugins screen.

Follow-up to [57545].

Fixes #60466.
See #22316.
Props desrosj, swissspidy, adarshposimyth, audrasjb, NekoJonez, DorZki, Boniu91, Ankit-K-Gupta, sigurdwatt.
Built from https://develop.svn.wordpress.org/trunk@59094


git-svn-id: http://core.svn.wordpress.org/trunk@58490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 13:50:16 +00:00
gziolo
c338d57273 Editor: Default attribute value not used with get_block_wrapper_attributes
Ensures that the default values defined in the schema for block attributes are used when rendering the output of the block with `get_block_wrapper_attributes` helper.

Props gziolo, jonsurrell, youknowriad, ryelle.
Fixes #62114.


Built from https://develop.svn.wordpress.org/trunk@59093


git-svn-id: http://core.svn.wordpress.org/trunk@58489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-26 12:47:16 +00:00
Andrew Ozz
a8af90bcd1 Administration: Fix increasing of the frequency of Heartbeat API requests.
Props peterwilsoncc, azaozz.
Fixes #61960.
Built from https://develop.svn.wordpress.org/trunk@59092


git-svn-id: http://core.svn.wordpress.org/trunk@58488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 20:51:14 +00:00
hellofromTonya
0f1eaa6ca3 Canonical: Redirect when front page's paginated states not found.
Perform a canonical redirect for an invalid pagination request of a static front page.

When a site has a static front page assigned and that page has a `<!--nextpage-->` within its content, previously accessing non-existing pages (e.g. `example.com/page/3/`) did not redirect or return a 404 or 301. This changeset resolves that issue by performing a canonical redirect.

Unit tests are also included for this specific use case and to ensure the fix does not affect a blog listing home page.

Follow-up to [47738], [47727], [34492].

Props dd32, audrasjb, chaion07, hellofromTonya, joemcgill, lukecarbis, Mte90, mukesh27, peterwilsoncc, rajinsharwar, SergeyBiryukov. 
Fixes #50163.
See meta#5184.
Built from https://develop.svn.wordpress.org/trunk@59091


git-svn-id: http://core.svn.wordpress.org/trunk@58487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 19:37:19 +00:00
Sergey Biryukov
254251d7c6 Twenty Nineteen: Add missing documentation for helper function parameters.
Follow-up to [43808], [44149], [47214], [47242].

Props pitamdey.
Fixes #62112.
Built from https://develop.svn.wordpress.org/trunk@59090


git-svn-id: http://core.svn.wordpress.org/trunk@58486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 18:08:17 +00:00
czapla
7f7d48df61 Script Loader: Add @wordpress/a11y as a Script Module.
The Script Module has the same API as the `wp-a11y` WP Script.

Key changes:
- Add `@wordpress/a11y` to the list of Script and Module dual packages.
- Update `script-modules-packages.min.php` to include the a11y module.
- Modify `WP_Script_Modules` class to track and handle a11y module availability.
- Add method to print required HTML markup for a11y `speak()` functionality.

See #60647.
Props jonsurrell, gziolo, czapla.

Built from https://develop.svn.wordpress.org/trunk@59089


git-svn-id: http://core.svn.wordpress.org/trunk@58485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 16:51:16 +00:00
czapla
621d0a47e8 Revert [59087] due to empty commit message
Built from https://develop.svn.wordpress.org/trunk@59088


git-svn-id: http://core.svn.wordpress.org/trunk@58484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 16:34:16 +00:00
czapla
d8e532f388 Built from https://develop.svn.wordpress.org/trunk@59087
git-svn-id: http://core.svn.wordpress.org/trunk@58483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-25 15:57:15 +00:00
Sergey Biryukov
9178c75ac6 Build/Test Tools: Only require the WordPress Importer plugin when running core tests.
This allows other users of the WordPress unit test suite framework to run their own unit tests without needing the WordPress Importer plugin, which should only be a requirement if running core tests.

Follow-up to [59085].

Props bjorsch.
Fixes #62106.
Built from https://develop.svn.wordpress.org/trunk@59086


git-svn-id: http://core.svn.wordpress.org/trunk@58482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-24 19:17:13 +00:00
Sergey Biryukov
970609c393 Build/Test Tools: Check if the WordPress Importer plugin is installed in test bootstrap.
If a hard requirement for the test suite is not fulfilled, running the tests should be blocked from the test bootstrap. A test should only fail when it doesn't produce the expected result.

Since the WordPress Importer plugin is considered a hard requirement for the test suite at this time, this commit moves the check whether the plugin is installed from individual tests to the test bootstrap.

Includes defining a global constant for the path to the file for reuse in the tests.

Reference: [https://make.wordpress.org/core/handbook/contribute/git/#unit-tests Core Contributor Handbook: The Code Repository (Git): Unit Tests].

Follow-up to [40531], [40532], [41090], [41169], [48592], [49535], [49571].

Props jrf, hellofromTonya.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59085


git-svn-id: http://core.svn.wordpress.org/trunk@58481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-24 18:11:16 +00:00
TimothyBlynJacobs
e612354728 App Passwords: Don't prevent non-unique App Password names.
In [50030] we enforced that Application Passwords have unique names. This was done with the assumption that applications would not connect to a user multiple times. However, in practice we've seen applications run into issues with the unique name constraint. Depending on the app, they may not know if they've been authorized before, or they may intentionally allow connecting multiple times. To prevent friction, App developers need to make their App Name unique, and in doing so often include things like the current date & time, which is already included in the App Passwords list table.

This commit removes this requirement to simplify usage of the Authorize Application flow.

Props mark-k, Boniu91, timothyblynjacobs, peterwilsoncc.
Fixes #54213.

Built from https://develop.svn.wordpress.org/trunk@59084


git-svn-id: http://core.svn.wordpress.org/trunk@58480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-24 16:40:17 +00:00
gziolo
0dd5a7eb4e Build: Prepare for more Script Modules
This is a companion to https://github.com/WordPress/gutenberg/pull/65460 that requires syncing in WordPress Core. Namely, the block-library changes require registration with their updated script module IDs so that the blocks continue to work correctly.

They key improvement is script modules registration is handled in one central place, and a combined asset file is used to improve the performance by avoiding multiple disk operations for every individual file.

Props jonsurrell, gziolo, wildworks, noisysocks.
See #60647, #59462.


Built from https://develop.svn.wordpress.org/trunk@59083


git-svn-id: http://core.svn.wordpress.org/trunk@58479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-24 07:35:17 +00:00
Sergey Biryukov
682c23179a Build/Test Tools: Prevent Composer lock file from being created.
Composer 1.10.0 introduced a `lock` config option, which, when set to `false` will prevent a `composer.lock` file from being created and will ignore it when one exists.

This is a useful option for packages like WordPress where the `lock` file has no meaning.

It also makes life more straightforward for contributors as they don't have to remember that for this repo they should use `composer update` instead of `composer install`. Both will now work the same.

Reference: [https://getcomposer.org/doc/06-config.md#lock Composer Documentation: Config: lock].
 
Follow-up to [51543].

Props jrf.
See #61530.
Built from https://develop.svn.wordpress.org/trunk@59082


git-svn-id: http://core.svn.wordpress.org/trunk@58478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-23 22:17:17 +00:00
gziolo
24ca39bf89 Comments: Pass $page as argument to comments functions
Removes query alteration from `build_comment_query_vars_from_block` by introducing a new way to pass the `$page` as argument to functions handling pagination for the comments.

Props cybr, santosguillamot, bernhard-reiter, gziolo.
Fixes #60806.


Built from https://develop.svn.wordpress.org/trunk@59081


git-svn-id: http://core.svn.wordpress.org/trunk@58477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-23 12:50:15 +00:00
gziolo
71a4092291 Block Bindings: Adds context needed by sources during its processing
Extends block context during block bindings processing. This implies that the context is extended ONLY for the blocks where bindings are defined and only when rendered on the page.

Props santosguillamot, gziolo, artemiosans, cbravobernal.
Fixes #61642.



Built from https://develop.svn.wordpress.org/trunk@59080


git-svn-id: http://core.svn.wordpress.org/trunk@58476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-23 12:35:15 +00:00
noisysocks
3bb03c7654 Editor: Update packages for 6.7 Beta 1.
Syncs `@wordpress/*` packages to the `wp-6.7` npm tag.

See #61906.

Built from https://develop.svn.wordpress.org/trunk@59079


git-svn-id: http://core.svn.wordpress.org/trunk@58475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-23 06:52:26 +00:00
Sergey Biryukov
82c0168bbd Editor: Respect show_avatars option in block editor and Customizer.
This adds checks for the `show_avatars` option before setting the avatar for post lock modals in the block editor and the Customizer.

Follow-up to [41839], [53070].

Props ffffelix.
Fixes #62081.
Built from https://develop.svn.wordpress.org/trunk@59078


git-svn-id: http://core.svn.wordpress.org/trunk@58474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-22 22:50:18 +00:00
Sergey Biryukov
d2c835af27 Editor: Optimize is_callable() checks in traverse_and_serialize_blocks().
This aims to improve performance by reducing the number of function calls.

Follow-up to [56644].

Props welcher, Cybr, mukesh27, aristath.
Fixes #62063.
Built from https://develop.svn.wordpress.org/trunk@59077


git-svn-id: http://core.svn.wordpress.org/trunk@58473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-21 14:41:17 +00:00
dmsnell
5b3b3f7df2 HTML API: Add normalize() to give us the HTML we always wanted.
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets.

This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing.

Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not
able to provide the full safety that will eventually appear with `set_inner_html()`.

Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text).

Developed in https://github.com/wordpress/wordpress-develop/pull/7331
Discussed in https://core.trac.wordpress.org/ticket/62036

Props dmsnell, jonsurrell, westonruter.
Fixes #62036.

Built from https://develop.svn.wordpress.org/trunk@59076


git-svn-id: http://core.svn.wordpress.org/trunk@58472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-20 22:32:17 +00:00
dmsnell
00dd23da6a HTML API: Add get_full_comment_text() method.
Previously, there were a few cases where the modifiable text read from an HTML comment differs slightly from the parsed value of its inner text in a browser. This is due to the specific way that invalid HTML syntax tokens become "bogus comments."

This patch introduces a new method to the Tag Processor to allow differentiating these specific cases, such as when copying or serializing HTML from one source to another. Similar code has already been in use in the html5lib tests, and this patch simplifies the test runner, evidencing the fact that this method was already needed.

Developed in https://github.com/wordpress/wordpress-develop/pull/7342
Discussed in https://core.trac.wordpress.org/ticket/62036

Props dmsnell, jonsurrell.
See #62036.

Built from https://develop.svn.wordpress.org/trunk@59075


git-svn-id: http://core.svn.wordpress.org/trunk@58471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-20 20:23:15 +00:00
Sergey Biryukov
5959fb256f Editor: Restore the merging of TinyMCE settings in wp_tinymce_inline_scripts().
This ensures that the function applies the `wp_editor_settings` filter and merges the resulting array with the rest of TinyMCE init settings.

Includes a unit test to verify that the settings are merged correctly after adding the assignment of `array_merge()` result that was missed in the initial commit.

Follow-up to [44265], [59033].

Props kkmuffme, akshat2802, davidbaumwald, SergeyBiryukov.
Fixes #61754.
Built from https://develop.svn.wordpress.org/trunk@59074


git-svn-id: http://core.svn.wordpress.org/trunk@58470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-20 14:09:18 +00:00