The reorganization of the PHPUnit workflow in [50441] unintentionally caused the tests to be run for every `push` event, even for forks and private mirrors.
Previously, the second job required the first one to pass, and the conditional check on the first prevented both from running. Because the first job is no longer required for the second, both jobs must have the appropriate conditional check.
Fixes#52983.
Built from https://develop.svn.wordpress.org/trunk@50670
git-svn-id: http://core.svn.wordpress.org/trunk@50282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reduce severity of failing HTTPS tests from critical to warning. Stop reporting failures if the site is being accessed over HTTPS but `wp_is_https_supported()` indicates a lack of support.
Props annalamprou, AnotherDave, ayeshrajans, bobbingwide, Clorith, dragongate, eatsleepcode, gab81, geoffrey1963, Ipstenu, k3nsai, mmuyskens, nicegamer7, peterwilsoncc, pwallner, SergeyBiryukov, TimothyBlynJacobs, Toru.
Fixes#52783.
Built from https://develop.svn.wordpress.org/trunk@50659
git-svn-id: http://core.svn.wordpress.org/trunk@50271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When validating `enum` values as `integer` or `number`, consider a number with a zero fractional part to be equivalent to an integer of the same value.
In `rest_are_values_equal()`, when comparing two values of type `int` or `float` (in any combination), first cast both of them to `float` and then compare.
This matches some test cases from the official JSON Schema test suite.
Follow-up to [50010].
Props yakimun, stefanjoebstl, TimothyBlynJacobs, rachelbaker.
Fixes#52932.
Built from https://develop.svn.wordpress.org/trunk@50653
git-svn-id: http://core.svn.wordpress.org/trunk@50265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[48658] documented that various metadata functions return false for an invalid ID. However, that does not clarify what an invalid ID is: a non-numeric, zero, or negative value. This change adds the clarification in all relevant metadata function docblocks.
Props icopydoc, SergeyBiryukov, davidkryzaniak, audrasjb.
Fixes#51797.
Built from https://develop.svn.wordpress.org/trunk@50641
git-svn-id: http://core.svn.wordpress.org/trunk@50253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [48242], the `link-manager` plugin is copied from `DIR_TESTDATA/plugins` to `DIR_TESTDATA` during the REST API unit tests, but was not cleaned up afterward. This created a "dirty" local working copy. This change `unlink`s the copied plugin from `DIR_TESTDATA` after unit tests are completed.
Props johnbillion, TimothyBlynJacobs, desrosj, rachelbaker.
Fixes#52579.
Built from https://develop.svn.wordpress.org/trunk@50633
git-svn-id: http://core.svn.wordpress.org/trunk@50245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [47198], parentheses were removed from `include` and `require` statements, as they are language constructs, not function calls. However, [50161] introduced a new `require_once` instance in `wp-admin/options-privacy.php`. This change removes the unnecessary parentheses.
See #53627.
Built from https://develop.svn.wordpress.org/trunk@50631
git-svn-id: http://core.svn.wordpress.org/trunk@50243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensures that `wp-format-library` assets are always loaded for the block editor. Otherwise, they have to be loaded individually for every screen that needs it. It's similar to how `wp-block-directory` assets are handled.
Props ellatrix.
See #52920.
Built from https://develop.svn.wordpress.org/trunk@50620
git-svn-id: http://core.svn.wordpress.org/trunk@50233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the following polyfill libraries:
- `formdata-polyfill` from `3.0.13` to `3.0.20`.
- `objectFitPolyfill` from `2.3.4` to `2.3.5`.
- `polyfill-library` from `3.42.0` to `3.104.0`.
Props gziolo, desrosj.
Fixes#52854.
Built from https://develop.svn.wordpress.org/trunk@50615
git-svn-id: http://core.svn.wordpress.org/trunk@50228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `fields` and `orderby` properties in `WP_Term_Query` are arrays and each accepts a variety of keys. To properly indent each key in the docblock, a `*` should be used, not `-`.
Props whyisjake, audrasjb, SergeyBiryukov.
Fixes#52839.
Built from https://develop.svn.wordpress.org/trunk@50614
git-svn-id: http://core.svn.wordpress.org/trunk@50227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error on PHP 8 in `wp_privacy_generate_personal_data_export_file()` if the `_export_data_grouped` post meta exists but is not an array.
Additionally, refactor unit tests for the function to:
* Reduce redundant code
* Switch to data provider
* Test on the full HTML output instead of select pieces of the output
* Expand unhappy path coverage
Follow-up to [43012], [44786], [47146], [47278].
Props hellofromTonya, jrf, xknown.
See #51423.
Built from https://develop.svn.wordpress.org/trunk@50613
git-svn-id: http://core.svn.wordpress.org/trunk@50226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was added in [48177] to fix an issue where Puppeteer was not being installed correctly as a dependency of `@wordpress/wp-scripts`. This has been fixed, so this explicit dependency can be removed.
Props isabel_brison, desrosj, SergeyBiryukov.
Fixes#52843.
Built from https://develop.svn.wordpress.org/trunk@50612
git-svn-id: http://core.svn.wordpress.org/trunk@50225 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because the changes in Twenty Twelve did not impact site look or functionality, version 3.4 of Twenty Twelve was not released in coordination with WordPress 5.7.
This reverts the portion of [50508] relevant to Twenty Twelve, changing the version back to 3.3 so that version 3.4 is not skipped accidentally when there are changes that should be released.
See #52704.
Built from https://develop.svn.wordpress.org/trunk@50596
git-svn-id: http://core.svn.wordpress.org/trunk@50209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [50441-50442] switched the test workflows to run from `src` instead of `build`, code coverage reporting has stopped working. This was caused by the code coverage configuration continuing to reference `build`. This corrects the configuration so coverage reporting can resume.
This change also introduces the `workflow_dispatch` event to the workflow, which will allow committers to manually run the workflow when desired. For example, to confirm changes to the test suite do not break reporting.
This also adds the `phpunit.xml.dist` and `tests/phpunit/multisite.xml` files to the `paths` list. Since these files are responsible for configuring the test suite and code coverage reporting, any changes to them should verify that no problems were introduced.
Props jrf, johnbillion.
Fixes#52786. See #51734.
Built from https://develop.svn.wordpress.org/trunk@50592
git-svn-id: http://core.svn.wordpress.org/trunk@50205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On TravisCI, old branches still receiving security updates were tested on a regular basis. This ensured tests continued to pass as time passed even if updates were not made to these branches.
On GitHub Actions, there is no interface to configure this (TravisCI had a UI), but there is a `schedule` event that can trigger workflow runs on cron that can be used to accomplish the same thing.
This introduces a workflow file that runs twice a month (on the 1st and 15th) to verify the tests within older branches.
Because the `schedule` event only runs within the primary branch, the appropriate workflows in each old branch will be triggered manually through the `workflow_dispatch` trigger using the GitHub REST API. `workflow_dispatch` will need to be added to all workflows in all old branches in order for the event to dispatch successfully.
Fixes#52653.
Built from https://develop.svn.wordpress.org/trunk@50590
git-svn-id: http://core.svn.wordpress.org/trunk@50203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the wrapper function `wp_getimagesize()` check if the second parameter was passed before sending it to the PHP function `getimagesize()`.
The PHP function has a different execution path depending on the number of parameters passed, this ensures the wrapper function follows the appropriate path.
Follow up to [50552].
Props azaozz, hellofromtonya, Mista-Flo, peterwilsoncc, rinatkhaziev, RogerTheriault, SergeyBiryukov, terriann, whyisjake.
Fixes#52826.
Built from https://develop.svn.wordpress.org/trunk@50586
git-svn-id: http://core.svn.wordpress.org/trunk@50199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change switches out `sprintf` for `printf` on the "Copy suggested policy text from..." button screen reader text. Also, wrap the actual button text in a `<span aria-hidden="true">` to prevent both the button text and the screen reader text from being spoken.
Props mukesh27, SergeyBiryukov, sabernhardt.
Fixes#52891.
Built from https://develop.svn.wordpress.org/trunk@50585
git-svn-id: http://core.svn.wordpress.org/trunk@50198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [49178], self-closing `br` tags were switched to non-self-closing `div` elements for "clearing" purposes, but the self-closing "/" remained in place. This fix removes the unnecessary slash.
Props pavelvisualcomposer, audrasjb, sabernhardt, akabarikalpesh, SergeyBiryukov.
Fixes#52878.
Built from https://develop.svn.wordpress.org/trunk@50582
git-svn-id: http://core.svn.wordpress.org/trunk@50195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This disables the `fail-fast` option in the GitHub Actions workflow for testing NPM. This allows all jobs in the test matrix to complete, even if one fails, painting a clear picture of where the issue lies.
Follow up to [50435].
See #52625.
Built from https://develop.svn.wordpress.org/trunk@50579
git-svn-id: http://core.svn.wordpress.org/trunk@50192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent misalignment of "generate password" and "save password" buttons on the password reset screen on narrow screens and in languages requiring longer text than English.
Props audrasjb, grapplerulrich, ryelle.
Fixes#52834.
Built from https://develop.svn.wordpress.org/trunk@50569
git-svn-id: http://core.svn.wordpress.org/trunk@50182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On narrow screens allow the text to wrap in the copy buttons on the privacy policy guide screen to avoid horizontal overflow of the parent container.
Props audrasjb, davidbaumwald, jaymanpandya, paaljoachim, palmiak, sabernhardt, SergeyBiryukov, sumitsingh.
Fixes#52751.
Built from https://develop.svn.wordpress.org/trunk@50568
git-svn-id: http://core.svn.wordpress.org/trunk@50181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a check to `WP_REST_Meta_Fields::delete_meta_value()` ensuring meta data is set before attempting to delete it from the database. If the data does not exist, the delete is considered successful as the data matches the desired state.
Props BrechtVds, goaroundagain, TimothyBlynJacobs.
Fixes#52787.
Built from https://develop.svn.wordpress.org/trunk@50567
git-svn-id: http://core.svn.wordpress.org/trunk@50180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes the mutually exclusive directives check in `wp_robots()`, ie allow both `follow` and `nofollow` to be specified and for `archive` and `noarchive` to be specified.
This fixes a bug in which WordPress would defer to the most permissive over the least permissive. When contradictory instructions are included, WordPress will defer to the search engine's or archivist's resolution policy: generally this is to observe the least, not most permissive.
Props Cybr, flixos90.
Fixes#52713.
Built from https://develop.svn.wordpress.org/trunk@50566
git-svn-id: http://core.svn.wordpress.org/trunk@50179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `get_bookmark()`
* `get_comment()`
* `get_post()`
* `get_children()`
* `wp_get_recent_posts()`
* `wp_get_post_revision()`
* `wp_get_nav_menu_items()`
Follow-up to [45710] for `get_term()`, [48507] for `wpdb::get_row()` and `wpdb::get_results()`.
See #52627.
Built from https://develop.svn.wordpress.org/trunk@50558
git-svn-id: http://core.svn.wordpress.org/trunk@50171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When collapsed or on a small screen, these styles would override the color schemes, causing a dark background to appear regardless of the color scheme's settings. This change also uses `focus-within` to show or hide the menu item's arrow, consistent with how the arrow behaves on hover.
Props afercia, Bueltge.
Fixes#32579.
Built from https://develop.svn.wordpress.org/trunk@50549
git-svn-id: http://core.svn.wordpress.org/trunk@50162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This point release does not add any new Emoji and only slightly modifies 14 existing Emoji without changing their meanings.
Because of this, the same CDN location (currently `/images/core/emoji/13.0.1`) can be updated with the new versions and sites running WordPress 5.6 or higher will start using the updated versions once their cache expires.
See #52852.
Built from https://develop.svn.wordpress.org/trunk@50548
git-svn-id: http://core.svn.wordpress.org/trunk@50161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was added in [48177] to fix an issue where Puppeteer was not being installed correctly as a dependency of `@wordpress/wp-scripts`. This has been fixed, so this explicit dependency can be removed.
Props isabel_brison.
Fixes#52843.
Built from https://develop.svn.wordpress.org/trunk@50540
git-svn-id: http://core.svn.wordpress.org/trunk@50153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the callback is called before the images are loaded, the comparison doesn't work. `wp.domReady` uses `DOMContentLoaded`, which does not guarantee that the images are loaded. This switches to use the `load` event, which waits for all resources to load.
Props vladytimy, joyously, sergeybiryukov.
Fixes#52758.
Built from https://develop.svn.wordpress.org/trunk@50535
git-svn-id: http://core.svn.wordpress.org/trunk@50148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The editor uses the full height of its container, so the added margins cause the visual editor to break out of the container. This removes the top & bottom margins, and makes the left & right margins consistent with the meta box area.
Follow-up to [50465].
Props joseeyoast, audrasjb.
Fixes#52816.
Built from https://develop.svn.wordpress.org/trunk@50534
git-svn-id: http://core.svn.wordpress.org/trunk@50147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `unregister_block_style`, the `$block_name` parameter was documented as an array. This change corrects the type to `string`, as that's what is expected in `WP_Block_Styles_Registry->unregister`.
Props kraftner.
Fixes#52795.
Built from https://develop.svn.wordpress.org/trunk@50528
git-svn-id: http://core.svn.wordpress.org/trunk@50141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Additionally, adjust the "Update to latest nightly" button to include the major version number of the nightly build.
This makes the button labels more accurate and provides more clear understanding of what the update will be.
Follow-up to [49984].
Props afragen, pbiron, SergeyBiryukov.
Fixes#52513.
Built from https://develop.svn.wordpress.org/trunk@50506
git-svn-id: http://core.svn.wordpress.org/trunk@50119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change ensures that the text in the Media & Text block is readable when dark background colors are selected.
This is a regression that was introduced in [49987].
Props hellofromTonya, poena, paaljoachim, ryelle.
Fixes#52702.
Built from https://develop.svn.wordpress.org/trunk@50493
git-svn-id: http://core.svn.wordpress.org/trunk@50106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure `current_user_can()` and `user_can()` return the same results for logged out users. For core capabilities this changes `user_can( 0, 'exist' )` to return `true` rather than `false` in line with `current_user_can( 'exist' )` for logged out users.
Convert `current_user_can()` and `current_user_can_for_blog()` to wrapper functions ultimately calling `user_can()`.
Add anonymous user to primitive capability checks as appropriate. Convert `Tests_User_Capabilities::test_other_caps_for_all_roles()` to use a data provider and add tests to check whether user exists in the database (`WP_User::exists()`) as that intentionally differs from the `exist` capability.
Props jjj, johnbillion, peterwilsoncc, SergeyBiryukov, TimothyBlynJacobs.
Fixes#52076.
Built from https://develop.svn.wordpress.org/trunk@50490
git-svn-id: http://core.svn.wordpress.org/trunk@50103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This also adds inline comments to the end of each action installed using a SHA value to make it easier to determine which version of an action is currently being used.
Follow up to [50474,50476].
Props johnbillion.
See #52625.
Built from https://develop.svn.wordpress.org/trunk@50486
git-svn-id: http://core.svn.wordpress.org/trunk@50099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The NPM test GitHub Actions workflow is currently used to verify that `npm install` and `npm run build` will complete successfully on Windows.
This generalizes the workflow and adds testing for Linux and MacOS to confirm that the scripts used to build WordPress also complete successfully in those environments.
Because MacOS workflow runs consume GHA minutes at a 10x rate, it’s added in a separate job in order to perform a more strict check.
This also adds steps to verify that using `npm run build:dev` and `npm run grunt clean`/`npm run grunt clean —dev` run successfully
Props johnbillion.
Fixes#52658.
Built from https://develop.svn.wordpress.org/trunk@50485
git-svn-id: http://core.svn.wordpress.org/trunk@50098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds a list of paths to check when determining which workflows to run on `pull_request`. This will prevent certain workflows from running unnecessarily when the files updated are not related to the tests and checks being performed.
Props peterwilsoncc, johnbillion.
Fixes#52667.
Built from https://develop.svn.wordpress.org/trunk@50479
git-svn-id: http://core.svn.wordpress.org/trunk@50090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a more obviously interactive comparison for viewing the color scheme differences. Improvements on RTL and IE11. Update strings to be more clear and consistent. Switch to the CDN for loading images.
Props sarahricker, desrosj, melchoyce, SergeyBiryukov, tikifez, clorith, marybaum, audrasjb, francina, hellofromTonya.
Fixes#52693. See #52347.
Built from https://develop.svn.wordpress.org/trunk@50478
git-svn-id: http://core.svn.wordpress.org/trunk@50089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some GitHub Action scripts require additional permissions to perform the desired operations. This permission is usually given by passing a personal access token (PAT) to the action as an input.
Because PATs grant access to sensitive information about the repository and actions with PATs become trusted actors, 3rd party actions should not be installed by specifying a major or minor version.
Instead, specifying a full length commit SHA will use the 3rd party action as an immutable release, ensuring the workflows within the repository are not affected by upstream security problems should they occur.
Props johnbillion.
See #52625.
Built from https://develop.svn.wordpress.org/trunk@50474
git-svn-id: http://core.svn.wordpress.org/trunk@50085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the logic in `update_https_detection_errors()` to never store error messages from the actual request since they could use a different encoding, which would make storing them in an option potentially fail, leading WordPress to then falsely assume that HTTPS is supported.
While this doesn't actually fix the encoding issue, it is not crucial to do so anyway, since these messages are not used anywhere. A simple differentiation between whether the overall HTTPS request or only the SSL verification failed should be sufficient for the purpose of this function.
Props flixos90, tmatsuur, lukecarbis.
Fixes#52484.
Built from https://develop.svn.wordpress.org/trunk@50471
git-svn-id: http://core.svn.wordpress.org/trunk@50082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adjust the background color palette rules so they don't show up on inner containers when they're not supposed to:
- When an inner container block is present, it only applies them to direct children of the block with the background color assigned.
- Since the background color should only be applied to the Cover block's overlay, not to the inner container, it opts that specific block out of this rule.
Props dianeco, kjellr, paaljoachim.
Fixes#52676.
Built from https://develop.svn.wordpress.org/trunk@50466
git-svn-id: http://core.svn.wordpress.org/trunk@50077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The editor uses the full height of its container, so the added margins cause the visual editor to break out of the container. This removes the top & bottom margins, and makes the left & right margins consistent with the meta box area.
Props antonlukin, paaljoachim, felipeelia.
Fixes#52646.
Built from https://develop.svn.wordpress.org/trunk@50465
git-svn-id: http://core.svn.wordpress.org/trunk@50076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error on PHP 8 if `error_reporting()` is disabled in `php.ini`.
On systems with this function disabled, it's best to add a dummy function to the `wp-config.php` file, as there are multiple other calls in core or plugins.
However, as this call to the function is run prior to `wp-config.php` loading, it is now wrapped in a `function_exists()` check.
Props peterwilsoncc, fijisunshine, ayeshrajans.
Fixes#52226.
Built from https://develop.svn.wordpress.org/trunk@50447
git-svn-id: http://core.svn.wordpress.org/trunk@50058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, jQuery 1.12.4 was added to the WordPress SVN repo in order to backport an upstream security patch from jQuery 3.4.0.
Now that WordPress includes an unmodified version of jQuery 3.5.1 and no longer needs to maintain a fork, it can be removed from the SVN repo and installed via NPM again as part of the build.
Follow-up to [45342], [49101].
Props peterwilsoncc, SergeyBiryukov.
Fixes#52647.
Built from https://develop.svn.wordpress.org/trunk@50445
git-svn-id: http://core.svn.wordpress.org/trunk@50056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `external-http`, `media`, and `restapi` groups combined take roughly the same time as all the other tests combined. Splitting the test run in two speeds up the PHP 5.6 test runs which are the slowest by quite a margin. The net reduction in duration is only seen on PHP versions older than 7.0 where the reduction is greater than the time taken for the job to be set up.
Props peterwilsoncc, desrosj, johnbillion
Special shout out to manzoorwanijk whose article about running steps in parallel started me down this path.
Fixes#52645
Built from https://develop.svn.wordpress.org/trunk@50444
git-svn-id: http://core.svn.wordpress.org/trunk@50055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some PHPUnit tests were concerned with the state of files in the `build` directory. In order to allow the tests to run without requiring a build to be run first, these have been moved into assertions that run after the build step (and therefore cause it to fail if they do not pass), or into QUnit tests as necessary.
Various other PHPUnit tests implictly depend on built JavaScript files being present. These files are now touched during the test setup to avoid PHP warnings if the `build` files are not present.
The `wp-tests-config-sample.php` file and the GitHub Actions configuration have also been changed so `ABSPATH` uses `src` instead of `build`, therefore allowing the PHPUnit tests to be run without a build having to be run first. This means all new local installations of WordPress will use `src` for PHPUnit testing. If you would like to switch your existing installation over then change the location of `ABSPATH` in `wp-tests-config.php` to point to `src` instead of `build`.
Props peterwilsoncc, iandunn, gziolo, desroj, johnbillion
Fixes#51734
See #45863
Built from https://develop.svn.wordpress.org/trunk@50441
git-svn-id: http://core.svn.wordpress.org/trunk@50052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `actions/cache` GitHub action uses a `key` input to find the desired cache in storage. Currently, this is defined as a combination of the operating system being used, the software being cached (NPM or Composer), PHP version (Composer only), and a hash of the relevant lock file.
The `cache` action also supports a `restore-keys` input, which is an ordered list of keys to use for restoring a cache if no cache hit occurred for the specified key.
However, this means that every time a lock file is updated, the cache is being recreated by first restoring a previous one (when available), and then installing new versions of dependencies on top of that. This results in old, unused versions of dependencies never being removed from the cache.
In this change, the `restore-keys` are removed. This will force a new, fresh cache to be generated when the desired `key` is not matched. In testing, this results in a ~40% reduction in cache size when compared to the latest successful workflow runs. Since there is no way to manually flush the cache in GHA, the benefits of this change will not be seen until the `package-lock.json` and `composer.lock` files are updated, or the cache at the desired key is evicted.
Props johbillion.
See #52660.
Built from https://develop.svn.wordpress.org/trunk@50436
git-svn-id: http://core.svn.wordpress.org/trunk@50047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In GitHub Actions, there is a `fail-fast` option that will cancel all incomplete jobs within a workflow as soon as one failure is encountered. This defaults to `true`.
This is great for alerting you of a failure faster, but does not give you the full picture of what is failing. For example, it’s possible that there is a failing test on 2 versions of PHP, but not others. If `fail-fast` is enabled, it’s impossible to know this.
Even with `fail-fast` disabled, the workflow will still report a failure if one or more jobs produce a failing result.
Props johbillion, jorbin.
Fixes#52612.
Built from https://develop.svn.wordpress.org/trunk@50435
git-svn-id: http://core.svn.wordpress.org/trunk@50046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Different branches have support for different types of testing based on the tooling that was in place at the time each version was branched. The workflows currently in place have patterns configured to match the relevant `branches` and `tags` for each workflow, but only for `push` events.
This copies the patterns for matching supported `branches` over to the `pull_request` event to prevent workflows from running for a pull request to a branch that does not support that workflow.
Fixes#52643.
Built from https://develop.svn.wordpress.org/trunk@50432
git-svn-id: http://core.svn.wordpress.org/trunk@50043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures a transparent logo remains visible while focused. Also cleans up dark mode CSS, consolidating styles and removing overrides that are no longer needed.
Follow up to [50154].
Props poena, sabernhardt, ryelle.
Fixes#52257.
Built from https://develop.svn.wordpress.org/trunk@50423
git-svn-id: http://core.svn.wordpress.org/trunk@50034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes many minor adjustments to a wide array of core files to replace shorthands with full declarations.
Follow-up to [50001], [50270], [50367].
Props Clorith, hellofromTonya, peterwilsoncc, adamsilverstein, aristath.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50420
git-svn-id: http://core.svn.wordpress.org/trunk@50031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a reference to `WP_Block_Type::__construct()` for information on accepted arguments in `register_block_type()`.
Synchronize the documentation between several places, use `WP_Block_Type::__construct()` as the canonical source.
Props ediamin, audrasjb, peterwilsoncc.
Fixes#48640.
Built from https://develop.svn.wordpress.org/trunk@50419
git-svn-id: http://core.svn.wordpress.org/trunk@50030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move `wp_get_script_tag()`, `wp_print_script_tag()`, `wp_print_inline_script_tag()` and `wp_get_inline_script_tag()` functions from `functions.php` to `script-loader.php`.
Relocate related tests to `dependencies` sub-directory.
Follow up to [50167].
Props adamsilverstein, hellofromTonya, SergeyBiryukov.
Fixes#39941.
Built from https://develop.svn.wordpress.org/trunk@50409
git-svn-id: http://core.svn.wordpress.org/trunk@50020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent `wp_localize_script()` (via `WP_Scripts::localize()`) throwing warnings in PHP 8 when the translation data is passed as a string. This maintains backward compatibility with earlier versions of PHP.
Introduce a `_doing_it_wrong()` notice to `WP_Scripts::localize()` if the translation data is not passed as an array.
Props jrf, peterwilsoncc, SergeyBiryukov.
Fixes#52534.
Built from https://develop.svn.wordpress.org/trunk@50408
git-svn-id: http://core.svn.wordpress.org/trunk@50019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace loopback health check URL with a `POST` request to `wp-cron.php` in the WordPress install directory. This more closely represents how WordPress uses loopback requests.
A `POST` request is used to cause `wp-cron.php` to exit prior to running any cron jobs. This allows the test to indicate success quicker and accounts for sites that set the `DISABLE_WP_CRON` constant to avoid running cron jobs on loopback requests.
Props clorith, peterwilsoncc, TimothyBlynJacobs.
Fixes#52547.
Built from https://develop.svn.wordpress.org/trunk@50399
git-svn-id: http://core.svn.wordpress.org/trunk@50010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a maintenance release. Changes include:
* Handle early connection errors such as 421 during connection and EHLO states.
* Make the `mail()` and sendmail transports set the envelope sender the same way as SMTP does, i.e. use whatever `From` is set to, only falling back to the `sendmail_from` php.ini setting if `From` is unset. This avoids errors from the `mail()` function if `Sender` is not set explicitly and php.ini is not configured. This is a minor functionality change, so bumps the minor version number.
* Extend `parseAddresses` to decode encoded names.
Release notes: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.3.0
For a full list of changes in this update, see the PHPMailer GitHub:
https://github.com/PHPMailer/PHPMailer/compare/v6.2.0...v6.3.0
Props ayeshrajans.
Fixes#52577.
Built from https://develop.svn.wordpress.org/trunk@50397
git-svn-id: http://core.svn.wordpress.org/trunk@50008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids an "Undefined index" PHP notice in `wp_resource_hints()` tests when running the full test suite.
Remove the unused global from `get_home_url()`.
Follow-up to [25443], [38100], [38174], [50156], [50164].
Props peterwilsoncc.
Fixes#52566.
Built from https://develop.svn.wordpress.org/trunk@50393
git-svn-id: http://core.svn.wordpress.org/trunk@50004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When deleting a term, it has to be removed individually from each object it's connected to, which can take some significant time when there are a lot of objects.
By calling `wp_remove_object_terms()` when no default term is required, we can skip the terms fetch/diff step and significantly speed up the deletion process.
Props dd32.
Fixes#52549.
Built from https://develop.svn.wordpress.org/trunk@50389
git-svn-id: http://core.svn.wordpress.org/trunk@50000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The admin bar height custom property is used in `calc` functions, which require consistent unit use, even when the value is zero. A unitless value returns an invalid value for the "height" property, where this variable is used. This also changes the stylelint rule in the theme to allow zero values with a unit, just in custom properties.
Props nico23.
Fixes#52564.
Built from https://develop.svn.wordpress.org/trunk@50388
git-svn-id: http://core.svn.wordpress.org/trunk@49999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In #50547, the admin color schemes were added to the customizer UI, but at some point specificity changed and the colors were overridden by the defaults. This brings the color schemes back into the customizer, using the button color as a highlight, with the link color for text to keep things readable.
Follow up to [48371].
Props audrasjb, peterwilsoncc.
Fixes#52230.
Built from https://develop.svn.wordpress.org/trunk@50386
git-svn-id: http://core.svn.wordpress.org/trunk@49997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `blur()` method there is not the jQuery method, but is an HTML DOM method instead.
This makes the Close button on the "View details" modal on Plugins screen functional again.
Follow-up to [50367].
Props afragen.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50383
git-svn-id: http://core.svn.wordpress.org/trunk@49994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure that subsequent renders of a reusable block will render correctly and that recursively inserting a reusable block into itself does not cause an internal server (500) error.
Props bernhard-reiter, SergeyBiryukov.
Fixes#52364.
Built from https://develop.svn.wordpress.org/trunk@50382
git-svn-id: http://core.svn.wordpress.org/trunk@49993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `unstick_post()` if a post ID is duplicated in the `sticky_posts` option remove all instances.
In both `stick_post()` and `unstick_post()` check for duplicate IDs already stored in the `sticky_post` option and remove them if the option is updated.
Props rahmohn, archon810.
Fixes#52007.
Built from https://develop.svn.wordpress.org/trunk@50380
git-svn-id: http://core.svn.wordpress.org/trunk@49991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates older themes to fix alignment, spacing, and font issues to better match the frontend display. Applies to themes: Twenty Eleven, Twenty Thirteen, Twenty Fourteen, Twenty Sixteen, Twenty Seventeen, and Twenty Twenty.
Props burnuser, talldanwp, cristinasoponar, poena, kjellr
Fixes#52009.
Built from https://develop.svn.wordpress.org/trunk@50358
git-svn-id: http://core.svn.wordpress.org/trunk@49969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds an explicit relationship between the upload button and the maximum upload limit, moves focus to the error dismiss button if an error occurs, and adds a call to wp.a11y.speak to report the error after it occurs.
Props afercia, anevins, antpb, adamsilverstein, poena
Fixes#47120
Built from https://develop.svn.wordpress.org/trunk@50352
git-svn-id: http://core.svn.wordpress.org/trunk@49963 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WordPress Importer plugin is now downloaded to the `tests/phpunit/data/plugins` directory when running `npm run env:install`.
This ensures that the PHPUnit test suite will not fail when the plugin is missing.
This also introduces a new `WP_IMPORTER_REVISION` variable to the `.env` file, to control the SVN revision that is checked out.
Props johnbillion.
Fixes#49720.
Built from https://develop.svn.wordpress.org/trunk@50285
git-svn-id: http://core.svn.wordpress.org/trunk@49930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [49904], [49925], [49992], [50012], [50013], [50065], [50075], [50131], [50150], [50157].
See #38266, #52482.
Built from https://develop.svn.wordpress.org/trunk@50284
git-svn-id: http://core.svn.wordpress.org/trunk@49929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The color palette changes in #49999 introduced some contrast issues on buttons, input elements, and links. This change ensures that all interactive elements have an appropriate contrast ratio.
Follow-up to [50025].
Props audrasjb, joedolson.
Fixes#52402.
Built from https://develop.svn.wordpress.org/trunk@50278
git-svn-id: http://core.svn.wordpress.org/trunk@49923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some files ignored within the `.gitignore` file were not included in the `svn:ignore` property.
This also removed `wp-config.php` and `wp-tests-config.php` from the `svn:ignore` property. It’s already specified in `svn:global-ignores`.
Props johnbillion.
Fixes#49784.
Built from https://develop.svn.wordpress.org/trunk@50277
git-svn-id: http://core.svn.wordpress.org/trunk@49922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using the `adjacent_image_link()` function there is a condition that will return a linked image. Previously, the returned image was sent without alt attributes.
Now, `adjacent_image_link()` will include alt attributes of the image's title when an image is returned.
Props joedolson, Mista-Flo, sabernhardt.
Fixes#52387.
Built from https://develop.svn.wordpress.org/trunk@50274
git-svn-id: http://core.svn.wordpress.org/trunk@49919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This extension is necessary because the comment approval notification opt-in form introduced in [47887] uses the same mechanism, and the previous limit of one minute meant that users on a slow connection, using assistive technology, with limited motor skills, or who are generally indecisive may not complete the opt-in action within one minute, and therefore not see the confirmation message.
Props joedolson, imath, hellofromTonya, peterwilsoncc, alexstine, davidbaumwald
Fixes#52406
Built from https://develop.svn.wordpress.org/trunk@50271
git-svn-id: http://core.svn.wordpress.org/trunk@49916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a more descriptive text in scenarios where `post_max_size` and `upload_max_filesize` differ, and `post_max_size` is set to a value of `0`.
In some scenarios, PHP may read `0` as a literal zero size, and not as unlimited, which it also means in other scenarios.
See https://www.php.net/manual/en/ini.core.php#ini.post-max-size for details, as PHP 5.3.4 introduced this behavior for literal zero interpretation when the content type of a request is `application/x-www-form-urlencoded` or is not registered with PHP.
Props Clorith, pixolin, helen, ratneshk.
Fixes#51466.
Built from https://develop.svn.wordpress.org/trunk@50263
git-svn-id: http://core.svn.wordpress.org/trunk@49908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug causing wp.i18n.isRTL() to return false in RTL langauges by manually
loading the translated 'ltr' string for the i18n dependency. This ports over an
identical fix that was made in Gutenberg.
Fixes#52441.
Props @jonsurrell @youknowriad.
Built from https://develop.svn.wordpress.org/trunk@50259
git-svn-id: http://core.svn.wordpress.org/trunk@49904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, date information was unable to be changed when using `media_handle_sideload()`.
Now you can override the date for a media item using `$post_data['post_date']` before using the function.
Props jamesgol, mukesh27, SergeyBiryukov, hellofromTonya, Mista-Flo.
Fixes#50972.
Built from https://develop.svn.wordpress.org/trunk@50258
git-svn-id: http://core.svn.wordpress.org/trunk@49903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add references to `WP_Query` to the documentation of `get_posts()`. As the developer documentation for `WP_Query` includes an expanded explanation a full link to developer.wordpress.org is included rather than a standard `@see`.
Props dam6pl, peterwilsoncc.
See #51852, #51800.
Built from https://develop.svn.wordpress.org/trunk@50257
git-svn-id: http://core.svn.wordpress.org/trunk@49902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, any video or audio playing in the media modal failed to stop playing when the modal was closed. Now we pause the player when the modal is closed.
Props adamsilverstein, hellofromTonya, paaljoachim, Mista-Flo, Clorith, justinahinon, afercia, amolv.
Fixes#48562.
Built from https://develop.svn.wordpress.org/trunk@50256
git-svn-id: http://core.svn.wordpress.org/trunk@49901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the color change was done, the background of plugins with updates had to be manually changed. This section was missed, which caused a visual bug. This fix also removes some redundant CSS for the same element.
Follow-up to [50025].
Props afragen.
Fixes#52452.
Built from https://develop.svn.wordpress.org/trunk@50237
git-svn-id: http://core.svn.wordpress.org/trunk@49898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes improper triggering of the "Are you sure?" prompt when navigating away from the old, "classic" Edit Post screen and there are no changes.
The previous check did not account for Pages or any custom post types that don't have a Title, Content, or Excerpt field.
Follow-up to [50031].
Props hwk-fr, mukesh27, audrasjb, archon810, Clorith, ibiza69, tonysandwich, roger995, bartosz777, viablethought, dbtedg, worldedu, hmabpera, magnuswebdesign.
Fixes#52440.
Built from https://develop.svn.wordpress.org/trunk@50232
git-svn-id: http://core.svn.wordpress.org/trunk@49893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, we used `DIR_TESTDATA` to determine if a test should skip a newly silenced error in `wp_getimagesize()`.
We are now using `WP_RUN_CORE_TESTS` instead for consistency.
Props hellofromTonya, SergeyBiryukov.
See #49889.
Built from https://develop.svn.wordpress.org/trunk@50170
git-svn-id: http://core.svn.wordpress.org/trunk@49849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `network_home_url()` would automatically switch to `https` if the current request is already `https`, but would only do so on the front end.
This mirrors the change made earlier for `get_home_url()`.
Follow-up to [12598], [21937], [24844], [50156].
See #52421.
Built from https://develop.svn.wordpress.org/trunk@50168
git-svn-id: http://core.svn.wordpress.org/trunk@49847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add new functions `wp_get_script_tag`, `wp_print_script_tag`, `wp_print_inline_script_tag` and `wp_get_inline_script_tag` that support script attributes. Enables passing attributes such as `async` or `nonce`, creating a path forward for enabling a Content-Security-Policy in core, plugins and themes.
Props tomdxw, johnbillion, jadeddragoon, jrchamp, mallorydxw, epicfaace, alinod, enricocarraro, ocean90.
Fixes#39941.
Built from https://develop.svn.wordpress.org/trunk@50167
git-svn-id: http://core.svn.wordpress.org/trunk@49846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As this can cause large, long running queries on sites with many posts, this filter allows the query to be modified, bypassing entirely if needed.
Fixes#51660.
Props geoffguillain, SergeyBiryukov, hareesh-pillai, hellofromTonya, TimothyBlynJacobs, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@50163
git-svn-id: http://core.svn.wordpress.org/trunk@49842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Privacy settings pages now use the same design patterns as the Site Health screen. Additionally, each privacy policy guide is now contained in an accordion to make the page easier to navigate when multiple plugins are in use.
Props xkon, hedgefield, garrett-eclipse, hellofromTonya, paaljoachim, joedolson.
Fixes#49264.
Built from https://develop.svn.wordpress.org/trunk@50161
git-svn-id: http://core.svn.wordpress.org/trunk@49840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a form option to skip the admin email alert when exporting personal data.
Props xkon, azaozz, TZ-Media, iandunn, desrosj, iprg, allendav, wesselvandenberg, karmatosed, birgire, davidbaumwald, estelaris, paaljoachim, hellofromTonya.
Fixes#43890.
Built from https://develop.svn.wordpress.org/trunk@50159
git-svn-id: http://core.svn.wordpress.org/trunk@49838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For example the `categories` or `categories_exclude` parameters can now optionally accept an object with a `terms` property that accepts the list of term ids and a new `include_children` property which controls the Tax Query `include_children` field.
Props jason_the_adams, jnylen0, birgire, dlh.
Fixes#39494.
Built from https://develop.svn.wordpress.org/trunk@50157
git-svn-id: http://core.svn.wordpress.org/trunk@49836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `get_home_url()` would automatically switch to `https` if the current request is already `https`, but would only do so on the front end.
This addresses the inconsistent behavior of returning different values in the admin and on the frontend.
Follow-up to [12598], [21937], [24844].
Props herregroen, mukesh27.
Fixes#52421.
Built from https://develop.svn.wordpress.org/trunk@50156
git-svn-id: http://core.svn.wordpress.org/trunk@49835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, it was unclear that the displayed password is only being suggested and should be saved by clicking the Reset Password button.
This adds separate Generate Password and Save Password buttons, for clarity.
Props xkon, estelaris, jaymanpandya, hedgefield, audrasjb, erichmond, magicroundabout, lukecavanagh, knutsp, tinodidriksen, nico_martin, markhowellsmead, kara.mcnair, e_baker, pixelverbieger, souri_wpaustria, megabyterose, poena, whyisjake.
Fixes#39638.
Built from https://develop.svn.wordpress.org/trunk@50153
git-svn-id: http://core.svn.wordpress.org/trunk@49832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, only the first error message for each parameter was made available. Now, all error messages for a parameter are concatenated. Additionally, the detailed error for each parameter is made available in a new `details` section of the validation error. Each error is formatted following the standard REST API error formatting.
The `WP_REST_Server::error_to_response` method has been abstracted out into a standalone function `rest_convert_error_to_response` to allow for reuse by `WP_REST_Request`. The formatted errors now also contain an `additional_data` property which contains the additional error data provided by `WP_Error::get_all_error_data`.
Props dlh, xkon, TimothyBlynJacobs.
Fixes#46191.
Built from https://develop.svn.wordpress.org/trunk@50150
git-svn-id: http://core.svn.wordpress.org/trunk@49829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, all logic utilizing `getimagesize()` was supressing errors making it difficult to debug usage of the function.
A new `wp_getimagesize()` function has been added to allow the errors to no longer be suppressed when `WP_DEBUG` is enabled.
Props Howdy_McGee, SergeyBiryukov, mukesh27, davidbaumwald, noisysocks, hellofromTonya.
Fixes#49889.
Built from https://develop.svn.wordpress.org/trunk@50146
git-svn-id: http://core.svn.wordpress.org/trunk@49825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings some consistency with other list tables and allows for adding custom column data to columns registered with `manage_export-personal-data_columns` or `manage_erase-personal-data_columns` filters.
Props xkon, garrett-eclipse, birgire, pbiron, hellofromTonya, TimothyBlynJacobs, 7studio, mukesh27, Mista-Flo.
Fixes#44354.
Built from https://develop.svn.wordpress.org/trunk@50145
git-svn-id: http://core.svn.wordpress.org/trunk@49824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows the functions to return a `WP_Error` object containing more information in case of a problem, instead of just boolean false.
The various `pre_` filters in these functions are also updated so they can return or be passed a `WP_Error` object.
Fixes#49961
Built from https://develop.svn.wordpress.org/trunk@50143
git-svn-id: http://core.svn.wordpress.org/trunk@49822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Runs cron jobs later on sites using alternative cron, ie the `ALTERNATE_WP_CRON` constant is true, to more closely match when standard cron jobs are run. Jobs now run on the `wp_loaded` hook at priority `20`. Prior to this change they would run on the `init` hook. This ensures custom post types and taxonomies are registered prior to the jobs running.
This change also prevents alternative wp-cron from running on archived or suspended multisite blogs as these are shut down prior to the `wp_loaded` hook from running.
Moves the existing functionality of `wp_cron()` in to a new private function `_wp_cron()`.
Props flixos90, jeremyfelt, johnbillion, jrf, kurtpayne, nacin, peterwilsoncc, prettyboymp, r-a-y, ryan, stevenkword, swissspidy.
Fixes#20537, #24160.
Built from https://develop.svn.wordpress.org/trunk@50135
git-svn-id: http://core.svn.wordpress.org/trunk@49814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new filter, `wp_image_src_get_dimensions` to the `wp_image_src_get_dimensions()` function to correct the dimensions returned for a file whenever WordPress isn't able to correctly get the dimensions from attachment metadata.
Fixes#51865.
Built from https://develop.svn.wordpress.org/trunk@50134
git-svn-id: http://core.svn.wordpress.org/trunk@49813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When no events are available in the Events Widget, people have always been shown a message encouraging them to help organize one (see `tmpl-community-events-no-upcoming-events`). Now that it's common for online WordCamps and Learn discussion groups to be pinned to the Events API, it's rare that there are no events in the widget, even if there are no _local_ events. Because of that, users are rarely encouraged to join their local community and help organize.
This commit adds an additional call-to-action message, which is shown when there are only 1 or 2 events available.
Props anyssa, sippis, AmethystAnswers.
Fixes#51664.
Built from https://develop.svn.wordpress.org/trunk@50133
git-svn-id: http://core.svn.wordpress.org/trunk@49812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add check to `redirect_canonical()` to ensure private posts only redirect for logged in users.
Modifies the `read_post` mata capability to user `get_post_status()` rather than the post's `post_status` property to allow attachments to redirect based on the inherited post status.
Introduces `wp_force_ugly_post_permalink()` to unify the check to determine if an ugly link should be displayed in each of the functions used for determining permalinks: `get_permalink()`, `get_post_permalink()`, `_get_page_link()` and `get_attachment_link()`.
Improves logic of `get_attachment_link()` to validate parent post and resolution of inherited post status. This is an incomplete fix of #52373 to prevent the function returning links resulting in a file not found error. Required to unblock this ticket.
Props peterwilsoncc, TimothyBlynJacobs.
See #52373.
Fixes#5272.
Built from https://develop.svn.wordpress.org/trunk@50132
git-svn-id: http://core.svn.wordpress.org/trunk@49811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.
This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.
* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
* A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
* The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
* The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
* For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
* A new `wp_update_urls_to_https()` function takes care of the update routine.
* A new `update_https` meta capability is introduced to control access.
* If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
* A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
* A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.
Props flixos90, timothyblynjacobs.
Fixes#51437.
Built from https://develop.svn.wordpress.org/trunk@50131
git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces `is_post_status_viewable()` as a sibling to `is_post_type_viewable()`. Internal and protected statuses are never considered viewable. For built in posts statuses the `public` attribute is checked, for custom statuses the `publicly_queryable` attribute is checked.
Introduces `is_post_publicly_viewable()` for determining if an individual post can be viewed by logged out users. A post is considered viewable if both `is_post_status_viewable()` and `is_post_type_viewable()` return `true` for the post's attributes.
Additionally modifies `is_post_type_viewable()` to return `false` if an unregistered post type is passed to the function to avoid attempting to access properties on a non-object.
Props peterwilsoncc, SergeyBiryukov, whyisjake, TimothyBlynJacobs.
Fixes#49380.
Built from https://develop.svn.wordpress.org/trunk@50130
git-svn-id: http://core.svn.wordpress.org/trunk@49809 1a063a9b-81f0-0310-95a4-ce76da25c4cd