Registered widgets that do not extend WP_Widget should appear in the
wp_inactive_widgets sidebar by default. Having the widgets REST API call
retrieve_widgets() before serving any request ensures that this will happen.
This is a similar fix to [51235].
Fixes#53534.
Props zieladam, timothyblynjacobs.
Built from https://develop.svn.wordpress.org/trunk@51248
git-svn-id: http://core.svn.wordpress.org/trunk@50857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes issues where sidebars would be unexpectedly missing from the new widgets screen. Running retrieve_widgets syncs sidebars that were registered after the last theme switch.
Props walbo, hellofromTonya, noisysocks.
Fixes#53489.
Built from https://develop.svn.wordpress.org/trunk@51235
git-svn-id: http://core.svn.wordpress.org/trunk@50844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The register_widget function can be called with a class name or a class
instance. Once called with a class instance, the class instance is converted to
hash as used key in array.
Props spacedmonkey, zieladam.
Built from https://develop.svn.wordpress.org/trunk@51216
git-svn-id: http://core.svn.wordpress.org/trunk@50825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The class has been heavily modified from the original source, so the copyright can be modified to simply reference the original author’s work. The carry forward of the copyright and original code is implied.
Follow up to [50993-50995,51007,51020,51029].
Props SergeyBiryukov, cbringmann, chanthaboune, desrosj.
Fixes#41683.
Built from https://develop.svn.wordpress.org/trunk@51210
git-svn-id: http://core.svn.wordpress.org/trunk@50819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds new hooks (rest_save_sidebar, rest_delete_widget, rest_after_save_widget)
to the widgets REST API and uses them to delete the fresh_site option when
updating widgets via the REST API. This ensures that starter content isn't
loaded in the Customizer after a user makes changes.
Fixes#53317.
Props kevin940726, garrett-eclipse, andraganescu, hellofromtonya.
Built from https://develop.svn.wordpress.org/trunk@51068
git-svn-id: http://core.svn.wordpress.org/trunk@50677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By default, a post most contain any of the requested terms to be included in the response. This commit adds a new `operator` property that can be set to `AND` to require a post to contain all of the requested terms.
For example, `/wp/v2/posts?tags[terms]=1,2,3&tags[operator]=AND` will return posts that have tags with the ids of 1, 2, and 3.
Props dlh, earnjam, Clorith, jnylen0, sebbb.
Fixes#41287.
Built from https://develop.svn.wordpress.org/trunk@51026
git-svn-id: http://core.svn.wordpress.org/trunk@50635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add an endpoint for fetching block patterns from WordPress.org, and load the block patterns from this new API. Remove the block patterns that have already been moved to WordPress.org/patterns.
Props ryelle, iandunn, youknowriad, timothyblynjacobs.
Fixes#53246.
Built from https://develop.svn.wordpress.org/trunk@51021
git-svn-id: http://core.svn.wordpress.org/trunk@50630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add support for uploading, editing and saving WebP images when supported by the server.
Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.
Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes#35725.
Built from https://develop.svn.wordpress.org/trunk@50810
git-svn-id: http://core.svn.wordpress.org/trunk@50419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow authenticated users to read the contents of password protected posts if they have the `edit_post` meta capability for the post.
Props xknown, zieladam, peterwilsoncc, swissspidy, timothyblynjacobs.
Built from https://develop.svn.wordpress.org/trunk@50717
git-svn-id: http://core.svn.wordpress.org/trunk@50326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For example the `categories` or `categories_exclude` parameters can now optionally accept an object with a `terms` property that accepts the list of term ids and a new `include_children` property which controls the Tax Query `include_children` field.
Props jason_the_adams, jnylen0, birgire, dlh.
Fixes#39494.
Built from https://develop.svn.wordpress.org/trunk@50157
git-svn-id: http://core.svn.wordpress.org/trunk@49836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces new endpoints to allow for batch image editing using the REST API.
The new endpoints can take an array of modifiers that will be applied in the order they appear.
Props ajlende, TimothyBlynJacobs, hellofromTonya, Mista-Flo.
Fixes#52192.
Built from https://develop.svn.wordpress.org/trunk@50124
git-svn-id: http://core.svn.wordpress.org/trunk@49803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, all permission checks for using app passwords were implemented using `edit_user`. This commit introduces a series of more fine grained meta capabilities that should be used instead: `create_app_password`, `list_app_passwords`, `read_app_password`, `edit_app_password`, `delete_app_password` and `delete_app_passwords`. These capabilities all map to `edit_user` by default, but may now be customized by developers.
Props johnbillion, TimothyBlynJacobs.
Fixes#51703.
Built from https://develop.svn.wordpress.org/trunk@50114
git-svn-id: http://core.svn.wordpress.org/trunk@49793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.
* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.
Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.
Built from https://develop.svn.wordpress.org/trunk@50072
git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces a new endpoint, `wp/v2/users/me/application-passwords/introspect`, that will return details about the App Password being used to authenticate the current request. This allows for an application to disambiguate between multiple installations of their application which would all share the same `app_id`.
Props xkon, peterwilsoncc, TimothyBlynJacobs.
Fixes#52275.
Built from https://develop.svn.wordpress.org/trunk@50065
git-svn-id: http://core.svn.wordpress.org/trunk@49766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Application names are now required to be unique and cannot contain solely whitespace characters. Additionally, invalid characters are now stripped from the application name using `sanitize_text_field()`.
Props Boniu91, hellofromTonya, engahmeds3ed, xkon, francina.
Fixes#51941.
Built from https://develop.svn.wordpress.org/trunk@50030
git-svn-id: http://core.svn.wordpress.org/trunk@49731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
