Add strings for use in future maintenance/security releases to indicate the security support status of the version of WordPress.
Two strings are introduced:
* indicating the version of WordPress is not receiving security updates, and,
* indicating the version of WordPress will shortly stop receiving security updates.
This change does not make use of the strings, the purpose is to make them available to translators prior to dropping support of selected versions of WordPress.
Props costdev, chesio, robinwpdeveloper, desrosj, rudlinkon, mukesh27, sumitbagthariya16.
See #56532.
Built from https://develop.svn.wordpress.org/trunk@54322
git-svn-id: http://core.svn.wordpress.org/trunk@53881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_xmlrpc_server::_insert_post()` method creates a new post via `wp_insert_post()` or updates an existing one via `wp_update_post()`, which subsequently calls `wp_insert_post()`. However, the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
Unfortunately, the conditional logic within the `wp_xmlrpc_server::_insert_post()` function itself often uses an `isset()` to trigger certain code blocks, so syncing the defaults with those used in the `wp_insert_post()` function was not an option.
This commit:
* Updates the default/fallback values in the `$defaults` array only for those values where this would not lead to a change in the behavior of the function.
* Adds a safeguard function, filtering out all remaining `null` values from the `$post_data` array before it is passed on to the `wp_insert_post()` or `wp_update_post()` functions. Removing those values is safe as this means that these array keys will now:
* either be set to the default/fallback value as defined in `wp_insert_post()`.
* or not be set and for those values which don't have a default/fallback value in `wp_insert_post()`, the function does an `! empty()` or `isset()` check anyway and those array keys not being defined means that the result of those checks will remain the same.
Includes
* Removing a couple of conditions which are now redundant.
* Removing an `expectDeprecation()` in the `Tests_Date_XMLRPC` test class, which is now no longer needed.
Fixes various errors along the lines of:
{{{
36) Tests_XMLRPC_wp_newPost::test_no_content
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1683
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1347
/var/www/tests/phpunit/tests/xmlrpc/wp/newPost.php:25
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [19873], [20632], [40677], [51968], [54320].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54321
git-svn-id: http://core.svn.wordpress.org/trunk@53880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_xmlrpc_server::mw_newPost()` method creates a new post via `wp_insert_post()`, but the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
This commit:
* Ensures that all arguments are defined before they are `compact()`'ed together to the arguments array.
* Verifies that the default/fallback value of the arguments as set within the `wp_xmlrpc_server::mw_newPost()` method are the same as the default/fallback values used in the `wp_insert_post()` function.
* Verifies that arguments which do not have a default/fallback value defined in the `wp_insert_post()` function are handled correctly.
* This was not the case for `$post_name`, which would previously already get an empty string default value in the `wp_xmlrpc_server::mw_newPost()` function, but then in the `wp_insert_post()` function, this would prevent the slug generation from being activated. Fixed now by setting the default in the `wp_xmlrpc_server::mw_newPost()` function to `null`.
* The `page_template` argument was handled, but not documented in the `wp_insert_post()` function. The argument is now documented in the `wp_insert_post()` function DocBlock. Note: There are more than likely several other potential arguments missing from that list, but verifying the whole list is outside the scope of this particular commit.
Includes minor simplifications, such as:
* Setting a default ahead of an `if`, instead of in an `else` clause (as long as no function call is needed to set the default).
* Removing the unnecessary logic duplication in the `$post_status` switch.
* Using a combined concatenation + assignment operator for adding `$post_more`.
Fixes various errors along the lines of:
{{{
1) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
/var/www/src/wp-includes/formatting.php:2497
/var/www/src/wp-includes/class-wp-hook.php:308
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5616
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
...
23) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5615
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [40677], [51968].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54320
git-svn-id: http://core.svn.wordpress.org/trunk@53879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[54248] reversed the wrapping of `do_shortcode` and `apply_shortcodes` and updated all direct internal calls of `do_shortcode` to `apply_shortcodes` after [47004]. After further consideration, the long history of `do_shortcodes` should be favored over any subjective semantic improvements. This change reverts the remaining changes from #55883 not already reverted in [54278].
Follow-up to [47004], [54248], and [54278].
Props azaozz, jorbin.
See #55883.
Built from https://develop.svn.wordpress.org/trunk@54319
git-svn-id: http://core.svn.wordpress.org/trunk@53878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Not all requests are accompanied by a `$request['email']`. This leads to a PHP 8.1 "passing null to non-nullable" deprecation notice when the `WP_REST_Users_Controller::update_item()` method passes a `null` email address onto `email_exists()`, which eventually reached the `WP_User::get_data_by()` method where things go wrong.
In the next condition in the code of the `WP_REST_Users_Controller::update_item()` method - `if ( $owner_id && $owner_id !== $id )` - you can see that the code already takes this into account as it will not throw a `WP_Error` if `$owner_id` is falsey.
`WP_User::get_data_by()` returns `false` for a failed field request. The other functions through which the return value is passed through, do the same.
So, by setting a default value for `$owner_id` of `false` and only checking `email_exists()` when there is an email to check, the "passing null to non-nullable" deprecation notice is bypassed without breaking BC.
Fixes a whole slew of test errors along the lines of:
{{{
6) WP_Test_REST_Users_Controller::test_update_item_en_US_locale
trim(): Passing null to parameter https://github.com/WordPress/wordpress-develop/pull/1 ($string) of type string is deprecated
/var/www/src/wp-includes/class-wp-user.php:211
/var/www/src/wp-includes/pluggable.php:105
/var/www/src/wp-includes/user.php:1953
/var/www/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:728
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:1143
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:990
/var/www/tests/phpunit/includes/spy-rest-server.php:67
/var/www/tests/phpunit/tests/rest-api/rest-users-controller.php:1719
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [44641], [38832].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54317
git-svn-id: http://core.svn.wordpress.org/trunk@53876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of version `2.17.0` of the `shivammathur/setup-php` action, the `COMPOSER_NO_INTERACTION` environment variable is configured by default. `—-no-interaction` will always be used.
Props jrf, hellofromTonya, SergeyBiryukov, costdev, desrosj.
Fixes#54695.
Built from https://develop.svn.wordpress.org/trunk@54313
git-svn-id: http://core.svn.wordpress.org/trunk@53872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings over the latest bug fixes and improvements ahead of WordPress 6.1 beta 2, which includes an additional style variation, “Aubergine”.
For a full list of changes being included, see the `twentytwentythree` repository on GitHub: 1b97bb83f1...ac96e8d545.
Props mikachan, poena, madhudollu, critterverse, beafialho, felipeelia.
See #56383.
Built from https://develop.svn.wordpress.org/trunk@54312
git-svn-id: http://core.svn.wordpress.org/trunk@53871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`realpath()` already checks if the file exists, and returns `false` on failure. The additional `file_exists()` check is not necessary and can be removed, improving the performance.
This commit simplifies the checks in two functions:
* `register_block_type_from_metadata()`
* `wp_json_file_decode()`
Note: In both of these cases, the values are passed through `wp_normalize_path()` after `realpath()`, so if the file does not exist, the `false` value gets converted to an empty string. The updated checks work both for `false` and `''` values.
Though this is a small tweak, it saves a lot of checks since one of the places we do this is when registering block styles, so it runs quite a few times on each page load.
Reference: [https://www.php.net/manual/en/function.realpath.php PHP Manual: realpath()].
Follow-up to [51599], [54132], [54290], [54291].
Props aristath.
Fixes#56654.
Built from https://develop.svn.wordpress.org/trunk@54309
git-svn-id: http://core.svn.wordpress.org/trunk@53868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up [53688].
Removes the hardcoded list of blocks that should be synced from the Gutenberg plugin. webpack reads all information from the `@wordpress/block-library` by scanning `block.json` files.
Props zieladam, azaozz.
Fixes#56179.
Built from https://develop.svn.wordpress.org/trunk@54308
git-svn-id: http://core.svn.wordpress.org/trunk@53867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This appears to need more investigation. Instead, delete the `test-plugin` and `link-manager` directories in REST API plugins controller tests, for which this change was initially intended.
Follow-up to [54300], [54301], [54303].
See #55652, #56629.
Built from https://develop.svn.wordpress.org/trunk@54304
git-svn-id: http://core.svn.wordpress.org/trunk@53863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After running the multisite PHPUnit test suite, the following files remained, contributing towards a dirty working copy:
{{{
tests/phpunit/data/plugins/link-manager/link-manager.php
tests/phpunit/data/plugins/link-manager/readme.txt
}}}
These files should be deleted after running the tests.
This commit ensures the `link-manager` plugin is deleted during test tear down, which was previously done at the beginning of some test methods, but not afterwards.
Follow-up to [48242], [54300].
Props ironprogrammer.
Fixes#56629.
Built from https://develop.svn.wordpress.org/trunk@54301
git-svn-id: http://core.svn.wordpress.org/trunk@53860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_UnitTestCase_Base::rmdir()` method selectively deletes files from a directory, skipping any paths from the `$ignore_files` property.
This commit updates the method to remove the empty directory if there are no files left, bringing some parity with PHP native `rmdir()` function.
Follow-up to [677/tests], [29120].
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54300
git-svn-id: http://core.svn.wordpress.org/trunk@53859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `apache_get_modules()` function is redeclared to return an empty array, `apache_mod_loaded()` would assume that no Apache modules are installed and activated, which may not be correct.
This commit improves the logic by using pre-existing `phpinfo()` fallback to check for loaded modules in that case.
Includes replacing a hardcoded number passed as a flag to `phpinfo()` with the `INFO_MODULES` predefined constant for clarity.
Follow-up to [7441], [7508], [29330].
Props engahmeds3ed, audrasjb, Clorith, SergeyBiryukov.
Fixes#56010.
Built from https://develop.svn.wordpress.org/trunk@54299
git-svn-id: http://core.svn.wordpress.org/trunk@53858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because of the scripts that run when `build:dev` is run, it’s more common for this Grunt task to change version-controlled files than when building WordPress to run from `build`.
This moves the `build:dev` tests before the `build` ones in order to detect changes earlier in the workflow.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54297
git-svn-id: http://core.svn.wordpress.org/trunk@53856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The following dependencies are being updated:
- `copy-webpack-plugin` from `10.2.4` to `11.0.0`.
- `dotenv` from `16.0.1` to `16.0.2`.
- `dotenv-expand` from `8.0.3` to `9.0.0`.
- `sass` from `1.53.0` to `1.55.0`.
- `sinon-test` from `3.1.3` to `3.1.4`.
- `source-map-loader` from `3.0.1` to `4.0.0`.
- `terser-webpack-plugin` from `5.3.1` to `5.3.6`.
- `uglify-js` from `3.16.1` to `3.17.1`.
- `uuid` from `8.3.2` to `9.0.0`.
- `webpack` from `5.72.0` to `5.74.0`.
This also contains changes after running `npm audit fix`.
Fixes#56641.
Built from https://develop.svn.wordpress.org/trunk@54296
git-svn-id: http://core.svn.wordpress.org/trunk@53855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The current `timeout-minutes` value of `20` is a bit too short for MacOS jobs in GitHub Actions, which on occasion take a bit longer.
This bumps that limit to `30` to avoid unnecessarily flagging a job as stuck.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54293
git-svn-id: http://core.svn.wordpress.org/trunk@53852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_default_block_editor_settings()` function used to repeatedly get the `default-editor-styles.css` file contents without any implementation to avoid this.
This commit utilizes a static variable to remove repetitive calls made during the same request. In tests ran on the front page of a site using Xdebug & Webgrind, the total `file_get_contents()` invocation count goes down from 181 to 93, and total self cost (the time that the function is responsible for) goes down from 160 ms to 93 ms.
Follow-up to [52042].
Props aristath, mukesh27.
Fixes#56637.
Built from https://develop.svn.wordpress.org/trunk@54291
git-svn-id: http://core.svn.wordpress.org/trunk@53850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `register_block_style_handle()` function called `realpath()` when retrieving the normalized style path, and then a few lines below that, recalculated the exact same value, running `realpath()` again.
This commit removes duplicate calculations, reducing the number of `realpath()` calls in the function by half. In tests ran using Xdebug & Webgrind, the total `realpath()` invocation count goes down from 639 to 461, and total self cost (the time that the function is responsible for) goes down from 146 ms to 89 ms.
Follow-up to [48141], [52291], [53091], [54155].
Props aristath.
Fixes#56636.
Built from https://develop.svn.wordpress.org/trunk@54290
git-svn-id: http://core.svn.wordpress.org/trunk@53849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows to revert changes applied in [54277] - temporary workaround for the failing Test NPM CI check on Windows.
Improvements included:
- generate combined asset files for both production and development
- store in the repository only the production version of the combined assets for packages, we use everything else only in development
- to make unit tests work, ensure that they ignore react fast refresh and use the production version of combined assets that are present in the source code
Props bernhard-reiter, jsnajdr, clorith, wildworks.
Fixes#56615.
Built from https://develop.svn.wordpress.org/trunk@54289
git-svn-id: http://core.svn.wordpress.org/trunk@53848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The value comes from `get_available_languages()`, which returns an array of strings.
This affects:
* `plugins_update_check_locales` filter.
* `update_plugins_{$hostname}` filter.
Follow-up to [36630], [46660], [50921], [53933], [54284].
See #55646.
Built from https://develop.svn.wordpress.org/trunk@54287
git-svn-id: http://core.svn.wordpress.org/trunk@53846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When initially deprecated in [54240], `global_terms_enabled()` was incorrectly moved to the `wp-includes/ms-deprecated.php` file. This file is only loaded for multisite installs.
The function previously lived in `wp-includes/functions.php`, which is loaded for all sites. The proper deprecated file is `wp-includes/deprecated.php`.
Props vikasprogrammer, davidbaumwald, courane01, desrosj.
Fixes#21734.
Built from https://develop.svn.wordpress.org/trunk@54283
git-svn-id: http://core.svn.wordpress.org/trunk@53842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Backports PHP changes in WordPress/gutenberg#43862 to the core. Adds a mechanism to dynamically compute names and descriptions of the author, page, single, tag, category, and taxonomy templates.
Props mcsf, ntsekouras, antonvlasenko, jameskoster.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54280
git-svn-id: http://core.svn.wordpress.org/trunk@53839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Verify that the `resized` property exists on a video in the playlist before attempting to read it. Prevent a TypeError from being thrown and breaking the playlist if a video type requires native video support.
Props afercia, here.
Fixes#47513.
Built from https://develop.svn.wordpress.org/trunk@54279
git-svn-id: http://core.svn.wordpress.org/trunk@53838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[54248] reversed the wrapping of `do_shortcode` and `apply_shortcodes` and updated all direct internal calls of `do_shortcode` to `apply_shortcodes` after [47004]. Default filter callbacks that used `do_shortcode` were also updated to use `apply_shortcodes`. However, this introduced a backward-compatibility break because any attempt to unhook a filter using the previous `do_shortcode` callback would be futile.
This change reverts only the filter callback changes in [54248] to resolve the backward-compatibility break.
Follow-up to [47004] and [54248].
Props ocean90, SergeyBiryukov.
See #55883.
Built from https://develop.svn.wordpress.org/trunk@54278
git-svn-id: http://core.svn.wordpress.org/trunk@53837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the Test NPM GitHub Action workflow to temporarily allow the job validating build tools on Windows to fail.
When the `build:dev` Grunt task is run on Windows, the resulting hashes calculated by Webpack are different than other platforms. This seems to be related to how the `remove-accents` dependency is read and processed during the build script.
Since a Windows machine is not used to build WordPress on the build server, this will only affect local development installs for Windows contributors. While this is investigated, this workflow job can be allowed to fail.
Props bernhard-reiter, desrosj, Clorith, gziolo.
See #56615.
Built from https://develop.svn.wordpress.org/trunk@54277
git-svn-id: http://core.svn.wordpress.org/trunk@53836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit improves PHP performance for core blocks by reading a single PHP file with block metadata, instead of reading a JSON file per-block and then decoding from JSON to PHP.
Includes:
* Adding a new Grunt task to convert `block.json` files to `block-json.php`.
* Using the new `block-json.php` file in the `register_block_type_from_metadata()` function.
Follow-up to [48141].
Props aristath, gziolo, johnbillion, presstoke, mukesh27, hellofromTonya, petitphp, adamsilverstein, costdev, desrosj, SergeyBiryukov.
Fixes#55005.
Built from https://develop.svn.wordpress.org/trunk@54276
git-svn-id: http://core.svn.wordpress.org/trunk@53835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Changed `boolean` to `bool`.
* Added `Optional.` and `Default` for each optional parameter.
* Improved `@return` documentation to include empty string.
Follow-up to [54274], [53421], [53085], [52069].
Props mukesh27, hellofromTonya.
See #55646.
Built from https://develop.svn.wordpress.org/trunk@54275
git-svn-id: http://core.svn.wordpress.org/trunk@53834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit merges the remaining changes from [https://github.com/WordPress/gutenberg/pull/40875 Gutenberg PR 40875]. It's Part 2 (see [54162] for Part 1) of a layout improvement initiative and targets `wp_get_layout_style()` in `layout.php`.
Context:
The overall initiative is to improve layout block support:
>to use centralised layout definitions, output base layout styles from global styles, introduce a layout type semantic classname, reduce duplication of container class and style tag output, and fix blockGap at the block level in global styles.
Changes include:
* Adding an optional parameter `$block_spacing` to `wp_get_layout_style()` for setting a custom spacing on the block.
* Adding handle for the block spacing.
* Using the style engine to to enqueue and render layout styles via `wp_style_engine_get_stylesheet_from_css_rules()`.
* Introduces a new test file for `wp_get_layout_style()`.
Follow-up to [54162], [54160], [54159], [53421], [52380], [53085], [52069].
Props andrewserong, isabel_brison, costdev, hellofromTonya.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54274
git-svn-id: http://core.svn.wordpress.org/trunk@53833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
