When encountering an HTML tag with duplicate copies of an attribute the tag processor ignores the duplicate values, according to the specification. However, when removing an attribute it must remove all copies of that attribute lest one of the duplicates becomes the primary and it appears as if no attributes were removed.
In this patch we're adding tests that will be used to ensure that all attribute copies are removed from a tag when one is request to be removed.
**Before**
{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br id="two" id='three' id>
}}}
**After**
{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br>
}}}
Previously we have been overlooking duplicate attributes since they don't have an impact on what parses into the DOM. However, as one unit test affirmed (asserting the presence of the bug in the tag processor) when removing an attribute where duplicates exist this meant we ended up changing the value of an attribute instead of removing it.
In this patch we're tracking the text spans of the parsed duplicate attributes so that ''if'' we attempt to remove them then we'll have the appropriate information necessary to do so. When an attribute isn't removed we'll simply forget about the tracked duplicates. This involves some overhead for normal operation ''when'' in fact there are duplicate attributes on a tag, but that overhead is minimal in the form of integer pairs of indices for each duplicated attribute.
Props dmsnell, zieladam.
Fixes#58119.
Built from https://develop.svn.wordpress.org/trunk@56684
git-svn-id: http://core.svn.wordpress.org/trunk@56196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit introduces a valuable utility function, get_block_asset_url, designed to simplify the retrieval of block asset URLs, such as those for CSS and JavaScript files. This utility eliminates redundancy in both register_block_script_handle and register_block_style_handle. Additionally, `get_block_asset_url` incorporates an early exit mechanism to optimize performance.
This update includes comprehensive unit tests, covering various scenarios, including asset registration from core (wp-includes), themes, child themes, plugins, and mu-plugins.
Props spacedmonkey, joemcgill, flixos90, gziolo.
Fixes#58525.
Built from https://develop.svn.wordpress.org/trunk@56683
git-svn-id: http://core.svn.wordpress.org/trunk@56195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags.
To ensure backward compatibility, the following functions have been deprecated and replaced:
- print_embed_styles
- print_emoji_styles
- wp_admin_bar_header
- _admin_bar_bump_cb
Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag.
However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository:
- custom-background
- wp-custom
These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core.
Props spacedmonkey, hlunter, westonruter, flixos90.
Fixes#58775.
Built from https://develop.svn.wordpress.org/trunk@56682
git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, a strict comparison between the old and new database value could lead to a false negative, since database values are generally stored as strings. For example, passing an integer to `update_option()` would almost always result in an update given any existing database value for that option would be that number cast to a string.
This changeset adjusts the logic to perform an intentional "loose-y" comparison by casting the values to strings. Extensive coverage previously added in [56648] provides additional confidence that this does not introduce any backward compatibility issues.
Props mukesh27, costdev, spacedmonkey, joemcgill, flixos90, nacin, atimmer, duck_, boonebgorges.
Fixes#22192.
Built from https://develop.svn.wordpress.org/trunk@56681
git-svn-id: http://core.svn.wordpress.org/trunk@56193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [50761], the block_has_support function was introduced. However, using `property_exists` within this function negatively impacted its performance. This commit replaces the `property_exists` function call with `instanceof WP_Block_Type`, resulting in improved performance.
Props mukesh27, gziolo, spacedmonkey.
Fixes#59441.
Built from https://develop.svn.wordpress.org/trunk@56678
git-svn-id: http://core.svn.wordpress.org/trunk@56190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [56610], the get_hooked_blocks function was introduced. However, using property_exists within this function negatively impacted its performance. This commit replaces the property_exists function call with instanceof WP_Block_Type, resulting in improved performance.
Props gziolo, spacedmonkey.
See #59383.
Built from https://develop.svn.wordpress.org/trunk@56677
git-svn-id: http://core.svn.wordpress.org/trunk@56189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Align the schema between `block.json` defined in Gutenberg and the REST API endpoint for block types. It looks like the `name` field isn't validated in all places and when it uses pattern matching in the REST API code, then it was slightly different.
Props spacedmonkey, ockham.
See #59346.
Built from https://develop.svn.wordpress.org/trunk@56676
git-svn-id: http://core.svn.wordpress.org/trunk@56188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per discussion in #59424, there's agreement that the new `hooked_block_types` filter (introduced in [56673]) covers conditional addition and removal of hooked blocks better and at a higher level than the `inject_hooked_block_markup` filter that was originally added in [56649] for that same purpose.
Consequently, this changeset removes the latter filter.
Props gziolo.
Fixes#59439.
Built from https://develop.svn.wordpress.org/trunk@56674
git-svn-id: http://core.svn.wordpress.org/trunk@56186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add an H1 heading and an admin notice to display on the Widgets screen when JS is not available. Invite the user to either install or activate the Classic Widgets plugin, as that plugin provides basic functionality without JS.
Props afercia, nihar007, huzaifaalmesbah, joedolson, matthewfarlymn, bvreeman22, bosskhj, devmuhib, shailu25, joedolson.
Fixes#58738.
Built from https://develop.svn.wordpress.org/trunk@56671
git-svn-id: http://core.svn.wordpress.org/trunk@56183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve the experience for screen reader users by removing announcements produced in the Dashboard, simplifying the text to reduce verbosity, and ensuring that messages are spoken in the correct order to match the state of the user interface without repetition.
Props afercia, alexstine.
Fixes#58573.
Built from https://develop.svn.wordpress.org/trunk@56670
git-svn-id: http://core.svn.wordpress.org/trunk@56182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [56587], a spelling error was introduced in the documentation of the new `block_hooks` field in `WP_REST_Block_Types_Controller`.
This fixes the spelling error.
Follow-up to [56587].
Props kebbet, mukesh27, tahmina1du.
Fixes#59426. See #59346.
Built from https://develop.svn.wordpress.org/trunk@56668
git-svn-id: http://core.svn.wordpress.org/trunk@56180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit:
* Removes the unnecessary exclusion patterns for the `node_modules` and `vendor` directories. As this ruleset only scans the `src` directory, those directories would never be scanned anyway.
* Removes the selective excludes related to the random_compat package. This package was removed in WP 6.3, so these excludes are no longer necessary.
Follow-up to [46290], [56141].
Props jrf.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56667
git-svn-id: http://core.svn.wordpress.org/trunk@56179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move the label after the checkbox in `WP_List_Table` instances. Resolve a false positive that will be presented by automated accessibility testing tools. Follow up to [55954].
Props dimitrism, joedolson, sabernhardt, oglekler, marybaum, tobiasbg.
Fixes#58703.
Built from https://develop.svn.wordpress.org/trunk@56665
git-svn-id: http://core.svn.wordpress.org/trunk@56177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where a cron job ran every 12 hours to check for https support - even when https support was already enabled. The check is now run only when the user visits the Site Health page. Reducing the unneeded requests lowers the impact and load of hosting WordPress sites.
The `wp_update_https_detection_errors` function is deprecated and the `https_detection_errors` option that was previously set by the cron job is no longer maintained. The `pre_wp_update_https_detection_errors` filter is deprecated and replaced by the `pre_wp_get_https_detection_errors` filter which serves the same function.
Props audrasjb, johnbillion, Michi91.
Fixes#58494.
Built from https://develop.svn.wordpress.org/trunk@56664
git-svn-id: http://core.svn.wordpress.org/trunk@56176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces GitHub Action workflows for testing the installation and upgrade process to ensure there are no unexpected issues. The goal of these workflows is to replicate some of the manual testing that happens during the release process. This does not replace that testing which is a fantastic, low barrier way for someone newer to contributing to get involved. Instead, it should serve as an additional sanity check to ensure no combinations are missed.
The installation workflow tests installing the latest or specified version of WordPress on all PHP and MySQL version combinations for both single and multisite.
The upgrade testing will test upgrading from each branch that still receives security updates to the latest or specified version on all PHP and MySQL version combinations for both single and multisite.
Both workflows confirm that no errors are encountered when using WP-CLI to install or upgrade WordPress. No test assertions of any type are currently performed, but adding some will be explored.
Props costdev, azaozz, ironprogrammer, desrosj.
See #58977.
Built from https://develop.svn.wordpress.org/trunk@56661
git-svn-id: http://core.svn.wordpress.org/trunk@56173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This simplifies the logic within the `slack-notifications` and `failed-workflow` steps in GitHub Action workflows to use the `contains()` function and object filtering.
This makes it simpler to perform the needed checks by removing the need to list out every single dependent job defined in `needs`.
See #58867.
Built from https://develop.svn.wordpress.org/trunk@56660
git-svn-id: http://core.svn.wordpress.org/trunk@56172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the environment variable used in GitHub Action workflows to skip downloading the browser binary that’s a peer dependency when it’s not needed.
In [56647], the version of `puppeteer` peer-dependency was bumped to `>= 20.0.0`. Starting in version `20.0.0`, puppeteer switched to using Chrome for testing instead of Chromium. With this release, the `PUPPETEER_SKIP_CHROMIUM_DOWNLOAD` environment variable was removed in favor of the more generic `PUPPETEER_SKIP_DOWNLOAD`.
All workflows that do not need a browser binary now contain the correct `PUPPETEER_SKIP_CHROMIUM_DOWNLOAD` variable.
Follow up to [56647].
See #58863.
Built from https://develop.svn.wordpress.org/trunk@56659
git-svn-id: http://core.svn.wordpress.org/trunk@56171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress creates attachment pages by default for every attachment uploaded. On the vast majority of sites, these attachment pages don't contain any meaningful information. They do however exist, get indexed by search engines, and sometimes even rank in search results, leading to bad results for users and site owners.
This commit introduces a `wp_attachment_pages_enabled` database option to control the attachment pages behavior:
* On existing sites, the option is set to `1` on upgrade, so that attachment pages continue to work as is.
* For new sites, the option is set to to `0` by default, which means attachment pages are redirected to the attachment URL.
* Sites that want to enable or disable the attachment pages can set the option to `1` or `0`, respectively.
Follow-up to [2958], [3303], [7149], [34690].
Props aristath, poena, afercia, joostdevalk, jonoaldersonwp, azaozz, johnbillion, joedolson, basiliskan, audrasjb, davelo, rilwis, manfcarlo, tyxla, garrett-eclipse, seedsca, eatingrules, matveb, antpb, zodiac1978, oglekler, zunaid321, costdev, SergeyBiryukov.
Fixes#57913.
Built from https://develop.svn.wordpress.org/trunk@56657
git-svn-id: http://core.svn.wordpress.org/trunk@56169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_Query` class enables developers to customize queries using filters like `posts_fields_request`, `posts_request`, and `the_posts`, which can modify both the queried fields and retrieved post objects. In some cases with these filters, incomplete or invalid post objects lacking essential data may arise. To address this, if any of these filters are active during a query, the `get_posts` method now avoids caching post objects with the usual `update_post_caches` function call, opting for a call to `_prime_post_caches` instead. This may occasionally trigger new database queries to prime the post data cache. While this enhancement may result in rare additional database queries, it ensures that invalid post objects aren't cached, prioritizing data consistency and integrity in filtered query scenarios.
Props saulirajala, spacedmonkey, flixos90, mukesh27, peterwilsoncc.
Fixes#58599.
Built from https://develop.svn.wordpress.org/trunk@56656
git-svn-id: http://core.svn.wordpress.org/trunk@56168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These classes have not been used in WordPress Core since the Requests library was introduced in [37428]. These classes are now deprecated in favor of `WP_Http`.
There are two remaining spots in Core that reference these classes:
- The `WP_Http::_dispatch_request()` method, which was marked as deprecated in favor of `WP_Http::request()` in [42766]/[44346].
- The `WP_Http::_get_first_available_transport()`.
That latter is now also marked as deprecated in favor of `\WpOrg\Requests\Requests::get_transport_class()`.
Props SergeyBiryukov, rajinsharwar, hellofromTonya.
Fixes#58705.
Built from https://develop.svn.wordpress.org/trunk@56655
git-svn-id: http://core.svn.wordpress.org/trunk@56167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve markup on Login and Registration errors. Use list markup for multiple issues, paragraph when only one to reduce semantic burden in the most common case. Normalize classes and markup for wrapper using `wp_admin_notice()` and `wp_get_admin_notice()` functions. Move definition of those functions from `wp-admin\includes\misc.php` to `wp-includes\functions.php`. Move tests to functions group.
Props extendwings, sabernhardt, afercia, lukecavanagh, rianrietveld, oglekler, sergeybiryukov, costdev, joedolson.
Fixes#30685.
Built from https://develop.svn.wordpress.org/trunk@56654
git-svn-id: http://core.svn.wordpress.org/trunk@56166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Implement a focus monitor so that if user focus moves away from the image rotation menu, it closes and doesn't block the image editing canvas. Follow up to [56239], [55919].
Props nithi22, deepakvijayan, dharm1025, faisal03.
Fixes#58756.
Built from https://develop.svn.wordpress.org/trunk@56652
git-svn-id: http://core.svn.wordpress.org/trunk@56164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduces two filters that allow customizing the loading optimization attributes array returned from `wp_get_loading_optimization_attributes()` for individual HTML tags:
* The `wp_get_loading_optimization_attributes` filter can be used to modify the results from the WordPress core logic.
* The `pre_wp_get_loading_optimization_attributes` filter can be used to use entirely custom logic and effectively short-circuit the core function.
Props pereirinha, mukesh27, spacedmonkey, joemcgill.
Fixes#58893.
Built from https://develop.svn.wordpress.org/trunk@56651
git-svn-id: http://core.svn.wordpress.org/trunk@56163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the `get_term` function, the filter method is invoked on the `WP_Term` object, which subsequently triggers the execution of `sanitize_term`. The filter method is also executed within `WP_Term::get_instance`.
A common scenario when calling the `get_term` function is to invoke the function with an integer ID for the term and a filter set to "raw." This results in a call to `WP_Term::get_instance`. However, since both `get_term` and `WP_Term::get_instance` invoke the filter method, it leads to double sanitization of the term.
Considering that `get_term` may be called thousands of times on a page, especially when priming a large number of terms into memory, this redundancy can result in thousands of unnecessary calls to `sanitize_term`. Performing the same sanitization operation twice with the same parameters is wasteful and detrimental to performance.
To address this issue, the code has been updated to execute the filter method only when the filter parameter does not match or when changes have been made to the term object within the get_term hook. This optimization ensures that the filter is applied selectively, mitigating performance concerns and avoiding unnecessary sanitization calls.
Props spacedmonkey, flixos90, costdev, mukesh27, joemcgill, oglekler, peterwilsoncc.
Fixes#58329.
Built from https://develop.svn.wordpress.org/trunk@56650
git-svn-id: http://core.svn.wordpress.org/trunk@56162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Block Hooks allow a third-party block to specify a position relative to a given block into which it will then be automatically inserted (e.g. a "Like" button block can ask to be inserted after the Post Content block, or an eCommerce shopping cart block can ask to be inserted after the Navigation block).
The underlying idea is to provide an extensibility mechanism for Block Themes, in analogy to WordPress' [https://developer.wordpress.org/plugins/hooks/ Hooks] concept that has allowed extending Classic Themes through filters and actions.
The two core tenets for Block Hooks are:
1. Insertion into the frontend should happen right after a plugin containing a hooked block is activated (i.e. the user isn't required to insert the block manually in the editor first); similarly, disabling the plugin should remove the hooked block from the frontend.
2. The user has the ultimate power to customize that automatic insertion: The hooked block is also visible in the editor, and the user's decision to persist, dismiss (i.e. remove), customize, or move it will be respected (and reflected on the frontend).
To account for both tenets, the **tradeoff** was made to limit automatic block insertion to unmodified templates (and template parts, respectively). The reason for this is that the simplest way of storing the information whether a block has been persisted to (or dismissed from) a given template (or part) is right in the template markup.
To accommodate for that tradeoff, [https://github.com/WordPress/gutenberg/pull/52969 UI controls (toggles)] are being added to increase visibility of hooked blocks, and to allow for their later insertion into templates (or parts) that already have been modified by the user.
For hooked blocks to appear both in the frontend and in the editor (see tenet number 2), they need to be inserted into both the frontend markup and the REST API (templates and patterns endpoints) equally. As a consequence, this means that automatic insertion couldn't (only) be implemented at block ''render'' stage, as for the editor, the ''serialized'' (but ''unrendered'') markup needs to be modified.
Furthermore, hooked blocks also have to be inserted into block patterns. Since practically no filters exist for the patterns registry, this has to be done in the registry's `get_registered` and `get_all_registered` methods.
Props gziolo.
Fixes#59313.
Built from https://develop.svn.wordpress.org/trunk@56649
git-svn-id: http://core.svn.wordpress.org/trunk@56161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following npm dependencies:
- `autoprefixer` to version `10.4.16`.
- `grunt-contrib-qunit` to version `8.0.1`.
- `postcss` to version `8.4.30`.
- `react-refresh` to version `0.14.0`.
- `sass` to version `1.68.0`.
- `sinon` to version `16.0.0`.
- `uuid` to version `9.0.1`.
- `tslib` to version `2.6.2`.
This change accompanies a similar one in the Gutenberg repository: https://github.com/WordPress/gutenberg/pull/54657.
Props gziolo, desrosj.
Fixes#58863.
Built from https://develop.svn.wordpress.org/trunk@56647
git-svn-id: http://core.svn.wordpress.org/trunk@56159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the `wp-polyfill-node-contains` and `'wp-polyfill-dom-rect` scripts to the latest version, `4.8.0`.
These scripts are no longer used by WordPress Core, but are kept up to date as a courtesy.
Props rajinsharwar, hrshahin, oglekler.
Fixes#59077.
Built from https://develop.svn.wordpress.org/trunk@56646
git-svn-id: http://core.svn.wordpress.org/trunk@56158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously initialized in `WP_REST_Server::dispatch()`, the `$response` variable became unused when the logic was split into two new methods, `::match_request_to_handler()` and `::respond_to_request()`.
Follow-up to [34928], [48947].
Props upadalavipul, mukesh27.
Fixes#59420.
Built from https://develop.svn.wordpress.org/trunk@56645
git-svn-id: http://core.svn.wordpress.org/trunk@56157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
During work on #59399, it was discovered that ''sibling'' block insertion wasn't likely going to work the way it was planned, which required devising an alternative solution. This new solution requires some changes to `traverse_and_serialize_block(s)`:
- Change the signature of the existing callback such that:
- the return value is a string that will be prepended to the result of the inner block traversal and serialization;
- the function arguments are: a ''reference'' to the current block (so it can be modified inline, which is important e.g. for `theme` attribute insertion), the parent block, and the previous block (instead of the block index and chunk index).
- Add a second callback argument to `traverse_and_serialize_block(s)`, which is called ''after'' the block is traversed and serialized.
- Its function arguments are a reference to the current block, the parent block, and the next block.
Props gziolo.
Fixes#59412. See #59313.
Built from https://develop.svn.wordpress.org/trunk@56644
git-svn-id: http://core.svn.wordpress.org/trunk@56156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following [56635], a fatal error occurred in `load-styles.php` leading to admin styles not working, because of a `has_filter()` call being added to `get_stylesheet_director()` and `get_template_directory()`.
This changeset adds `has_filter()` to `wp-admin/includes/noop.php` to prevent such errors. The lack of loading the function does not cause any unintended side effects itself.
Props iandunn, adamsilverstein.
Fixes#59417.
See #18298.
Built from https://develop.svn.wordpress.org/trunk@56641
git-svn-id: http://core.svn.wordpress.org/trunk@56153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the theme details modals in the Customizer and at Appearance > Themes consistent. Change the order of controls so both modals are in the same sequence, center all controls in both desktop and mobile views, and change delete link color to meet color contrast requirements.
Props trishasalas, afercia, melchoyce, karmatosed, cathibosco1, michaelarestad, joedolson, petitphp, mikinc860.
Fixes#59372. See #59371, #40822.
Built from https://develop.svn.wordpress.org/trunk@56639
git-svn-id: http://core.svn.wordpress.org/trunk@56151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add alt text to the `wp.getMediaItem` method in the XML-RPC API. Allows users to fetch alt text as a first-class member of a media object.
Props thomashorta, joedolson, jivygraphics, stephenerdelyi, mukesh27, whyisjake.
Fixes#58582.
Built from https://develop.svn.wordpress.org/trunk@56637
git-svn-id: http://core.svn.wordpress.org/trunk@56149 1a063a9b-81f0-0310-95a4-ce76da25c4cd