Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-09-27 14:53:08 +02:00
Code Issues Projects Releases Wiki Activity
29,826 Commits 49 Branches 747 Tags 728 MiB
be121a35d7
Commit Graph

14092 Commits

Author SHA1 Message Date
desrosj
be121a35d7 Grouped backports to the 4.2 branch. 
- Query: Improve sanitization within `WP_Tax_Query`.
- Query: Improve sanitization within `WP_Meta_Query`.
- Upgrade/Install: Avoid using `unserialize()` unnecessarily.
- Formatting: Correctly encode ASCII characters in post slugs.

Merges [52454-52457] to the 4.2 branch.
Props vortfu, dd32, ehtis, zieladam, whyisjake, xknown, peterwilsoncc, desrosj, iandunn.
Built from https://develop.svn.wordpress.org/branches/4.2@52481


git-svn-id: http://core.svn.wordpress.org/branches/4.2@52073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-01-06 18:20:40 +00:00
Peter Wilson
23f87c7bc2 WordPress 4.2.30. 
Built from https://develop.svn.wordpress.org/branches/4.2@50884


git-svn-id: http://core.svn.wordpress.org/branches/4.2@50493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2021-05-12 23:23:18 +00:00
desrosj
4a80453fcf Build/Test Tools: Backport GitHub Action and build improvements to the 4.2 branch. 
This backports several build and test tool improvements to the 4.2 branch. Most notably, this includes:

- The changes required to allow each workflow to be triggered by the `workflow_dispatch` event so that tests can be run on a schedule [50590].
- Splitting single site and multisite tests into parallel jobs [50379].
- Split slow tests into separate, parallel jobs for PHP <= 5.6 [50444].
- Better branch and path scoping for GitHub Action workflows when running on `pull_request` [50432,50479].
- Several `devDependency` updates.

Merges [50379,50387,50416,50432,50435,50436,50444,50446,50473,50474,50476,50479,50485,50486,50487,50545,50579,50590] to the 4.2 branch.
See #50401, #51801, #51802, #52548, #52612, #52624, #52625, #52645, #52653, #52658, #52660, #52667.
Built from https://develop.svn.wordpress.org/branches/4.2@50642


git-svn-id: http://core.svn.wordpress.org/branches/4.2@50254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2021-04-02 15:50:22 +00:00
desrosj
e3353e0860 Build/Test Tools: Support NodeJS 14.x in the 4.2 branch. 
This updates the 4.2 branch to support the latest LTS version of NodeJS (currently 14.x), allowing the same version to be used across all WordPress branches that receive security updates as a courtesy.

Because older branches use (really) old versions of NodeJS, the local Docker environment cannot be backported since the needed dependencies will not run on these older versions (see #48301). This also blocks the ability to move automated testing over to GitHub Actions (see #50401).

This change also introduces a `packager-lock.json` file to the branch.

In addition to backporting the package updates that happened after branching 4.2, dependencies that were removed in future releases have also been updated to their latest versions.

Props desrosj, dd32, netweb, jorbin.
Merges [32356-32357,32988,33726,34888,35335,35363,35513,35521,35538-35541,35859,36861-36865,36935,36979,37017,37019-37020,37212,37612,38111,39110,39113,39115-39119,39478,41835,42460,42461,42463,42887,43320,43323,43977,44219,44233,45321,45765,46404,46408-46409,47404,47867,47872-47873,48705,49636,49933,49937,49939,50126,50176,50185] to the 4.2 branch.
See #52341.
Built from https://develop.svn.wordpress.org/branches/4.2@50214


git-svn-id: http://core.svn.wordpress.org/branches/4.2@49883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2021-02-05 04:28:43 +00:00
desrosj
c22a2a6998 WordPress 4.2.29. 
Built from https://develop.svn.wordpress.org/branches/4.2@49422


git-svn-id: http://core.svn.wordpress.org/branches/4.2@49181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 19:42:23 +00:00
whyisjake
b2b0e0d427 General: WordPress updates 
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.2 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.2@49404


git-svn-id: http://core.svn.wordpress.org/branches/4.2@49163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 19:08:22 +00:00
Sergey Biryukov
0998a57991 Administration: Pass the result of set-screen-option filter to the new set_screen_option_{$option} filter to ensure backward compatibility. 
Rename the `$keep` parameter of both filters to `$screen_option` for clarity, update the documentation to better reflect its purpose.

Follow-up to [47951].

Props Chouby, sswells, SergeyBiryukov.
Merges [48241] to the 4.2 branch.
Fixes #50392.
Built from https://develop.svn.wordpress.org/branches/4.2@48256


git-svn-id: http://core.svn.wordpress.org/branches/4.2@48025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-07-01 09:53:39 +00:00
desrosj
370ecdfd1a WordPress 4.2.28. 
Built from https://develop.svn.wordpress.org/branches/4.2@48001


git-svn-id: http://core.svn.wordpress.org/branches/4.2@47769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 21:39:36 +00:00
whyisjake
426696ba21 General: Backport several commits for release. 
- Embeds: Ensure that the title attribute is set correctly on embeds.
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.
Merges [47947-47951] to the 4.2 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Built from https://develop.svn.wordpress.org/branches/4.2@47970


git-svn-id: http://core.svn.wordpress.org/branches/4.2@47741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 18:53:51 +00:00
desrosj
7fb64672ce Update the About page for WordPress 4.2.27 
Built from https://develop.svn.wordpress.org/branches/4.2@47692


git-svn-id: http://core.svn.wordpress.org/branches/4.2@47469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-04-29 18:23:21 +00:00
Sergey Biryukov
00ae10906e WordPress 4.2.26 
Built from https://develop.svn.wordpress.org/branches/4.2@46931


git-svn-id: http://core.svn.wordpress.org/branches/4.2@46731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-12-12 20:32:20 +00:00
desrosj
229d71e0f8 WordPress 4.2.25. 
Built from https://develop.svn.wordpress.org/branches/4.2@46518


git-svn-id: http://core.svn.wordpress.org/branches/4.2@46315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-10-14 20:15:21 +00:00
desrosj
de854c38b5 WordPress 4.2.24. 
Built from https://develop.svn.wordpress.org/branches/4.2@46036


git-svn-id: http://core.svn.wordpress.org/branches/4.2@45848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 22:03:21 +00:00
Sergey Biryukov
9807e138d3 Escape the output in wp_ajax_upload_attachment(). 
Merges [45936] to the 4.2 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.2@45953


git-svn-id: http://core.svn.wordpress.org/branches/4.2@45764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 16:39:00 +00:00
Gary Pendergast
ebbc9ff12e WordPress 4.2.23 
Built from https://develop.svn.wordpress.org/branches/4.2@44882


git-svn-id: http://core.svn.wordpress.org/branches/4.2@44713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-13 01:43:20 +00:00
Sergey Biryukov
bc4ed1a93e Comments: Improve comment content filtering. 
Merges [44842] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@44852


git-svn-id: http://core.svn.wordpress.org/branches/4.2@44684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-12 22:42:20 +00:00
Jeremy Felt
3efe9a5fdb Bump 4.2 branch to version 4.2.22. 
Built from https://develop.svn.wordpress.org/branches/4.2@44085


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 02:15:37 +00:00
Gary Pendergast
aab268600a Editor: Remove unwanted fields before saving posts. 
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@44066


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:52:19 +00:00
Peter Wilson
303bd241f3 Multisite: Validate activation links. 
Merges [44048] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@44065


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:51:37 +00:00
Aaron Campbell
61881c7156 Bump 4.2 branch to version 4.2.21 
Built from https://develop.svn.wordpress.org/branches/4.2@43414


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-05 16:13:28 +00:00
Aaron Campbell
dac39608a3 Bump 4.2 branch to version 4.2.20 
Built from https://develop.svn.wordpress.org/branches/4.2@42940


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-03 20:31:29 +00:00
Dion Hulse
e74c55ff6d Bump the 4.2 branch to 4.2.19. 
Built from https://develop.svn.wordpress.org/branches/4.2@42501


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 21:45:31 +00:00
Dion Hulse
507c958ab6 External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.2 branch.
Fixes #42720 for 4.2.

Built from https://develop.svn.wordpress.org/branches/4.2@42484


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 08:12:32 +00:00
Dion Hulse
4b860b51ae Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. 
Props joemcgill, dd32.
Merges [42434] to the 4.2 branch.
Fixes #42963 for 4.2.

Built from https://develop.svn.wordpress.org/branches/4.2@42472


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 06:57:57 +00:00
John Blackbourn
ec85529fb7 Bump 4.2 branch to version 4.2.18. 
Built from https://develop.svn.wordpress.org/branches/4.2@42323


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 19:02:31 +00:00
John Blackbourn
f345c93563 Hardening: Use a properly generated hash for the newbloguser key instead of a determinate substring. 
Merges [42258] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@42292


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 16:33:25 +00:00
Gary Pendergast
eb5a635d04 Bump 4.2 branch to version 4.3.17. 
Built from https://develop.svn.wordpress.org/branches/4.2@42075


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:42:30 +00:00
Dominik Schilling
7a5426f3fe Users: Use correct escaping function for URLs. 
Merge of [41522] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41529


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 21:38:56 +00:00
Dominik Schilling
c4fb8dfbf1 Bump 4.2 branch to version 4.2.16. 
Built from https://develop.svn.wordpress.org/branches/4.2@41516


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 20:03:31 +00:00
John Blackbourn
a59dfc257f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41464


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:43:56 +00:00
John Blackbourn
6ddef3f8ab General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41434] with changes to the 4.2 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/4.2@41445


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:32:30 +00:00
Dominik Schilling
e7865eb9ae Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41423


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:14:36 +00:00
Aaron Campbell
a01117bf0d Bump 4.2 branch to version 4.2.15. 
Built from https://develop.svn.wordpress.org/branches/4.2@40753


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:52:23 +00:00
Aaron Campbell
566df4de1a Add nonce for updating file system credentials. 
Merges [40723] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40729


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:56:24 +00:00
Dominik Schilling
8f47014af6 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@40710


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:19:29 +00:00
Pascal Birchler
5565b98dde Bump 4.2 branch to version 4.2.14. 
Built from https://develop.svn.wordpress.org/branches/4.2@40492


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:26:30 +00:00
Pascal Birchler
82c9b36ce7 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40465


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:22:30 +00:00
James Nylen
b9a98e7562 Bump 4.2 branch to version 4.2.13. 
Built from https://develop.svn.wordpress.org/branches/4.2@40207


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:32:30 +00:00
John Blackbourn
8299a48476 Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40201


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 14:04:31 +00:00
Aaron Campbell
2bc231688e Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@40175


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:03:30 +00:00
Jeremy Felt
933f556e84 Validate video and audio metadata. 
Merge of [40148] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40154


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:09:31 +00:00
Aaron Campbell
f449b0a0ce Bump 4.2 branch to version 4.2.12. 
Built from https://develop.svn.wordpress.org/branches/4.2@40001


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:25:29 +00:00
John Blackbourn
22688ca8c6 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39984


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:17:17 +00:00
Dominik Schilling
afc91088f4 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@39975


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:13:31 +00:00
Aaron Campbell
ab64033700 Bump 4.2 branch to version 4.2.11. 
Built from https://develop.svn.wordpress.org/branches/4.2@39865


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:58:29 +00:00
Dominik Schilling
87912afcf6 Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@39825


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:42:26 +00:00
Aaron Campbell
9f4a883e2f Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39765] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39766


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:49:32 +00:00
Joe McGill
8afdd2be32 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 4.2 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/4.2@39714


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:01:02 +00:00
Jeremy Felt
e57416e1d7 Bump 4.2 branch to 4.2.10. 
Built from https://develop.svn.wordpress.org/branches/4.2@38553


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 15:00:32 +00:00
Jeremy Felt
f7adf3c9d2 Media: Sanitize upload filename. 
Merge of [38538] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@38543


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:59:32 +00:00