The Block Hooks UI relies on the `ignoredHookedBlocks` metadata when determining whether to show the toggle in the Site Editor. The problem is that for uncustomized templates we don't add this metadata.
Currently the visitor functions have a default callback of `insert_hooked_blocks` and we only add the metadata when we're writing to the database via an available filter in the template controller.
This changeset creates a new callback which both inserts the hooked blocks and adds the `ignoredHookedBlocks` metadata to the anchor block, and uses this new callback explicitly in the visitor functions that are run upon reading from the database.
We continue to set the `ignoredHookedBlocks` metadata when writing to the database, i.e. this operation happens twice. Although not ideal, this is necessary to cover the following scenarios:
* When the user adds an anchor block within the editor, we still need to add the `ignoredHookedBlocks` meta to it to prevent hooked blocks hooking on to it unexpectedly on the frontend. This is required to keep parity between the frontend and editor.
* When a user writes template data to the database directly through the API (instead of the editor), we need to again ensure we're not inserting hooked blocks unexpectedly.
It is worth noting that with this change, the first hooked block to insert relative to its anchor block will be accepted. Any additional blocks of the same type (e.g. a second `core/loginout` block) trying to hook onto the same anchor block will be ignored, irrespective of the position.
Props tomjcafferkey, bernhard-reiter, gziolo.
Fixes#59574.
Built from https://develop.svn.wordpress.org/trunk@58186
git-svn-id: http://core.svn.wordpress.org/trunk@57649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [56052].
See #60705.
Built from https://develop.svn.wordpress.org/trunk@58183
git-svn-id: http://core.svn.wordpress.org/trunk@57646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress's `get_network_option` function generally makes individual database requests for each network option. While some options are preloaded in `wp_load_core_site_options`, many still require single database calls to the network options table.
Building on the work done in [56445], [56990], and [57013], which introduced the `wp_prime_option_caches` function, this commit adds two new functions: `wp_prime_network_option_caches` and `wp_prime_site_option_caches`. These functions enable developers to pass an array of option names, allowing caches for these options to be primed in a single object cache or database request. If an option is not found, the notoptions cache key is refreshed, preventing unnecessary repeated requests.
The function `wp_prime_site_option_caches` is similar to `get_site_option`, enabling developers to retrieve network options on the current network without needing to know the current network ID. If these functions are called in a non-multisite environment, they fall back to using wp_prime_option_caches.
These functions have been implemented in `wp_load_core_site_options`, `get_site_transient`, and `set_site_transient`.
Props to spacedmonkey, peterwilsoncc, mukesh27, joemcgill.
Fixes#61053.
Built from https://develop.svn.wordpress.org/trunk@58182
git-svn-id: http://core.svn.wordpress.org/trunk@57645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add more context to the `split_the_query` filter by adding two new parameters: '$old_request' and '$clauses'. This enriches the filter with additional information about the SQL query before the query is run, enabling developers to have more context to help decide if a query should be split.
Props spacedmonkey, shailu25, rcorrales, tillkruess.
Fixes#59514.
Built from https://develop.svn.wordpress.org/trunk@58180
git-svn-id: http://core.svn.wordpress.org/trunk@57643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The measurement in px for zero values is not needed. It does this for Twenty Twenty-One, Twenty Ten, Twenty Eleven and Twenty Nineteen. This also adds short-hand-property-no-redudant-values to Twenty Twenty-One's stylelint rules. Included is removing box-shadow prefixed rules before the standard property in Twenty Ten. Finally, it also removes empty spaces at the ends of lines in Twenty Thirteen, Twenty Nineteen and Twenty Twenty.
Props ankitmaru, SergeyBiryukov, netweb, mukesh27, ryelle, audrasjb, sabernhardt.
Fixes#53874.
Built from https://develop.svn.wordpress.org/trunk@58178
git-svn-id: http://core.svn.wordpress.org/trunk@57641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a few warnings when running PHPUnit with the code coverage report:
{{{
"@covers WP_Privacy_Requests_List_Table::get_views" is invalid
"@covers WP_Block_Bindings_Registry::register_block_bindings_source" is invalid
"@covers WP_Block_Patterns_Registry::_register_theme_block_patterns" is invalid
}}}
The two removed `@coversDefaultClass` annotations are redundant, as the class name is already included in the individual `@covers` tags. Removing them allows `@covers ::_register_theme_block_patterns` to work as expected, where `_register_theme_block_patterns` is an standalone function, not a class method.
Follow-up to [54215], [56733], [57373], [57562].
See #60705.
Built from https://develop.svn.wordpress.org/trunk@58176
git-svn-id: http://core.svn.wordpress.org/trunk@57639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The post editor uses the permalink_template property from the posts REST API to render the post slug input or not. For auto-drafts or newly created posts, this property was not set properly. This PR solves by fixing the get_sample_permalink function used to compute this property.
Props youknowriad, mcsf, antonvlasenko, azaozz, peterwilsoncc, andrewserong, hellofromTonya, spacedmonkey.
Fixes#59283.
Built from https://develop.svn.wordpress.org/trunk@58174
git-svn-id: http://core.svn.wordpress.org/trunk@57637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Any usage of `'who' => 'authors'` should be updated to use capability queries instead.
Includes documenting the capability query parameters in `wp_dropdown_users()`.
Follow-up to [51943].
Props kkmuffme, swissspidy, SergeyBiryukov.
See #61243.
Built from https://develop.svn.wordpress.org/trunk@58172
git-svn-id: http://core.svn.wordpress.org/trunk@57635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This caused issues in maintenance mode, and it's not warranted to have
its own module. This will live alongside `_canonical_charset()`, it's
partner function.
Fixes: #61182.
Props: dmsnell, sergeybiryukov, swisspiddy.
Follow-up to: [58148].
Built from https://develop.svn.wordpress.org/trunk@58169
git-svn-id: http://core.svn.wordpress.org/trunk@57632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add `aria-hidden="true"` to the dashicon symbol used as the `close` icon in Thickbox modals. Prevent the icon from being read as a replacement character by screen readers.
Props stevejonesdev, sabernhardt, joedolson.
See #61028.
Built from https://develop.svn.wordpress.org/trunk@58167
git-svn-id: http://core.svn.wordpress.org/trunk@57630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With a few exceptions, GitHub Actions workflows run using the version of the workflow file present in the commit SHA or Git ref for the triggering event. This is useful for maintaining different versions of a workflow file.
In the case of WordPress where there are currently 25+ branches that could potentially receive a security fix, it creates a huge maintenance burden. When 3rd party actions are updated or features are deprecated on GitHub Actions, the required changes need to be backported to all of those branches. This takes considerable time and effort.
This change converts Core’s workflow files to reusable ones. This allows the same workflow to be used for all (or most) branches, allowing the described maintenance updates to be made once in `trunk`.
To keep track of which files are reusable vs. those that are responsible for holding the strategy matrix for that branch, reusable workflows are now prefixed with `reusable-`.
Props johnbillion, swissspidy, jorbin, desrosj.
Fixes#61213.
Built from https://develop.svn.wordpress.org/trunk@58165
git-svn-id: http://core.svn.wordpress.org/trunk@57628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow-up to [57981] to ensure that `wp-polyfill` is no longer automatically added as a dependency to package scripts. This avoids unnecessarily loading the polyfill script in places such as the block editor.
See #60962.
Built from https://develop.svn.wordpress.org/trunk@58162
git-svn-id: http://core.svn.wordpress.org/trunk@57625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Clicking on these links initiates an action, so they are more semantically a button rather than a link. Keeping them as an anchor in html allows any existing JS that is targeted to these items to continue to function. The addition of the role helps assistive technology to know that they should treat this as a button.
Props stevejonesdev, sabernhardt, vipulgupta003, rcreators, joedolson.
Fixes#61011.
Built from https://develop.svn.wordpress.org/trunk@58161
git-svn-id: http://core.svn.wordpress.org/trunk@57624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [56382].
See #60706.
Built from https://develop.svn.wordpress.org/trunk@58160
git-svn-id: http://core.svn.wordpress.org/trunk@57623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Interactivity API has been rendering client data in a SCRIPT element with the
type `application/json` so that it's not executed as a script, but is available
to one. The data runs through `wp_json_encode()` and is encoded with some flags
to ensure that potentially-dangerous characters are escaped.
However, this can lead to some challenges. Eagerly escaping when not necessary
can make the data difficult to comprehend when reading the output HTML. For example,
all non-ASCII Unicode characters are escaped with their code point equivalent.
This results in `\ud83c\udd70` instead of `🅰`.
In this patch, the flags for JSON encoding are refined to ensure what's necessary
while relaxing other rules (leaving in those Unicode characters if the blog charset
is UTF-8). This makes for Interactivity API data that's quicker as a human reader
to decipher and diagnose.
In summary:
- This data is JSON encoded and printed in a `<script type="application/json">` tag.
- If we ensure that `<` is never printed inside the data, it should be impossible to
break out of the script tag and the browser treats everything as the element's `textContent`.
- All other escaping becomes unnecessary at that point, including unicode escaping
if the page uses the UTF-8 charset (the same encoding as JSON).
See https://github.com/WordPress/wordpress-develop/pull/6433#pullrequestreview-2043218338
Developed in https://github.com/WordPress/wordpress-develop/pull/6520
Discussed in https://core.trac.wordpress.org/ticket/61170Fixes: #61170
Follow-up to: [57563].
Props: bjorsch, dmsnell, jonsurrell, sabernhardt, westonruter.
Built from https://develop.svn.wordpress.org/trunk@58159
git-svn-id: http://core.svn.wordpress.org/trunk@57622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `version` property throws a warning when working with the local Docker environment. According to the Docker Compose spec, the property only remains for backward compatibility and should be removed.
Props narenin, mukesh27, swissspidy.
Fixes#61101.
Built from https://develop.svn.wordpress.org/trunk@58157
git-svn-id: http://core.svn.wordpress.org/trunk@57620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Includes correcting a few erroneously duplicated test cases to match their intended purpose.
Follow-up to [57724].
See #60706.
Built from https://develop.svn.wordpress.org/trunk@58150
git-svn-id: http://core.svn.wordpress.org/trunk@57615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are several exist places in Core that attempt to detect if a blog charset
is UTF-8. Each place attempts to perform the same check, except the logic is
spread throughout and there's no single method provided to make this
determination in a consistent way. The `_canonical_charset()` method exists,
but is marked private for use.
In this patch the new `unicode` module provides `is_utf8_charset()` as a method
taking an optional charset slug and indicating if it represents UTF-8,
examining all of the allowable variants of that slug. Associated code is
updated to use this new function, including `_canonical_charset()`. If no slug
is provided, it will look up the current `get_option( 'blog_charset' )`.
Finally, the test functions governing `_canonical_charset()` have been
rewritten as a single test with a data provider instead of as separate test
functions.
Developed in https://github.com/WordPress/wordpress-develop/pull/6535
Discussed in https://core.trac.wordpress.org/ticket/61182Fixes#61182.
Props dmsnell, jonsurrell.
Built from https://develop.svn.wordpress.org/trunk@58147
git-svn-id: http://core.svn.wordpress.org/trunk@57612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add visible labels to inputs that are using placeholder attributes as a substitute for visible labeling.
Labels added or made visible on the customizer theme search, customizer widget search, customizer menu item search, customizer new page UI, the search plugins screens, the media search screens, and the classic editor link inserter.
Props afercia, joedolson, rcreators, sabernhardt.
See #40331.
Built from https://develop.svn.wordpress.org/trunk@58146
git-svn-id: http://core.svn.wordpress.org/trunk@57611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When generating a human readable code coverage report in HTML format, the Codecov action used to fail silently. An error is now being returned, resulting in a workflow failure.
This adds a skip condition to the appropriate steps so the coverage report is only uploaded when a `clover` format is generated.
See #60733.
Built from https://develop.svn.wordpress.org/trunk@58144
git-svn-id: http://core.svn.wordpress.org/trunk@57609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Chrome unreliably loads a lazy-loaded iframe when it is hidden using `clip: rect(1px, 1px, 1px, 1px)`. Instead of using `clip`, a lazy-loaded iframe can also be hidden with `visibility:hidden` which results in it loading not only in Chrome but all other browsers. With this change applied, the hard-coded check to prevent lazy-loading post embeds is now removed. An added benefit to using `visibility:hidden` is that the entire iframe in this case is not interactable, meaning that users navigating the document with the keyboard will not unexpectedly encounter tab stops inside of the hidden iframe, as can happen now with `clip` when the JS fails to reveal the loaded iframe. Note also that the `clip` property is deprecated.
Lastly, when such a post embed iframe is rendered in an RSS feed, the `style` attribute is now removed using the HTML Tag Processor as opposed to using string replacement.
Fixes#58773.
Props westonruter, joemcgill, swissspidy, joedolson, adamsilverstein.
Built from https://develop.svn.wordpress.org/trunk@58143
git-svn-id: http://core.svn.wordpress.org/trunk@57608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The primary menu was disappearing at 481px. This adjusts to resolve this. It was shown when adjust the browser window not in responsive design mode.
Props stephenbrook, audrasjb, mukesh27, sabernhardt, poena, kristenfisher427, siliconforks, jwgoedert, joedolson.
Fixes#52354.
Built from https://develop.svn.wordpress.org/trunk@58142
git-svn-id: http://core.svn.wordpress.org/trunk@57607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The link is a part of the deprecation notice displayed when saving an unregistered setting.
Follow-up to [13646], [13785], [14070], [32116], [34315], [45674].
Props timse201, sabernhardt, amitraj2203, khokansardar, SergeyBiryukov.
Fixes#61199.
Built from https://develop.svn.wordpress.org/trunk@58140
git-svn-id: http://core.svn.wordpress.org/trunk@57605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a confirmation dialog when users navigate away from the user profile screen if they have unsaved changes to prevent data loss.
Props ashokrane, karlijnbk, diedeexterkate, jwgoedert, joedolson, swissspidy, afercia.
Fixes#40493.
Built from https://develop.svn.wordpress.org/trunk@58137
git-svn-id: http://core.svn.wordpress.org/trunk@57602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The heading image had quality issues on iOS Safari in portrait and landscape modes. This resolves it through adding 200cv for smaller screens so less than full size.
Props poena, richardevs, laurelfulford, davidakennedy, joemcgill, SergeyBiryukov, ianbelanger, sabernhardt, shailu25, robertghetau.
Fixes#39253.
Built from https://develop.svn.wordpress.org/trunk@58135
git-svn-id: http://core.svn.wordpress.org/trunk@57600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reduce the number of queries getting and setting transients on sites without a persistent cache.
Transients are stored in two options: one each for the transient value and timeout. Priming the cache reduces the database queries for getting a transient from two to one.
Props peterwilsoncc, swissspidy.
Fixes#61193.
Built from https://develop.svn.wordpress.org/trunk@58134
git-svn-id: http://core.svn.wordpress.org/trunk@57599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Based on the current browser support policies and expectations, this is no longer needed. There are almost no browsers in use where this is still in use. The same fix was removed from core themes in #54421.
Props joedolson, sabernhardt, shailu25.
Fixes#60479.
Built from https://develop.svn.wordpress.org/trunk@58133
git-svn-id: http://core.svn.wordpress.org/trunk@57598 1a063a9b-81f0-0310-95a4-ce76da25c4cd