* Switch back to running the PHPUnit test suite against the `src` directory instead of `build`
* Increase the reliability of backing up the `mu-plugins` directory during tests
* Split the PHPUnit tests for PHP versions below 7.0 in half, allowing them to run in parallel and reduce the overall test run duration on GitHub Actions
Merges [50441-50444] to the 5.7 branch.
Fixes#51734, #51735, #52645
git-svn-id: https://develop.svn.wordpress.org/branches/5.7@50464 602fd350-edb4-49c9-b593-d223f7449a82
Move `wp_get_script_tag()`, `wp_print_script_tag()`, `wp_print_inline_script_tag()` and `wp_get_inline_script_tag()` functions from `functions.php` to `script-loader.php`.
Relocate related tests to `dependencies` sub-directory.
Follow up to [50167].
Props adamsilverstein, hellofromTonya, SergeyBiryukov.
Fixes#39941.
git-svn-id: https://develop.svn.wordpress.org/trunk@50409 602fd350-edb4-49c9-b593-d223f7449a82
Prevent `wp_localize_script()` (via `WP_Scripts::localize()`) throwing warnings in PHP 8 when the translation data is passed as a string. This maintains backward compatibility with earlier versions of PHP.
Introduce a `_doing_it_wrong()` notice to `WP_Scripts::localize()` if the translation data is not passed as an array.
Props jrf, peterwilsoncc, SergeyBiryukov.
Fixes#52534.
git-svn-id: https://develop.svn.wordpress.org/trunk@50408 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only posts with the `publish` status could be embedded.
Props goaroundagain, peterwilsoncc, poena.
Fixes#47574.
git-svn-id: https://develop.svn.wordpress.org/trunk@50401 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this changeset, the check for the correct RSD link output was relying on a specific protocol, although it needs to accept both the HTTP and HTTPS version of the URL.
Props TimothyBlynJacobs.
Fixes#52542. See #47577.
git-svn-id: https://develop.svn.wordpress.org/trunk@50391 602fd350-edb4-49c9-b593-d223f7449a82
Ensure that subsequent renders of a reusable block will render correctly and that recursively inserting a reusable block into itself does not cause an internal server (500) error.
Props bernhard-reiter, SergeyBiryukov.
Fixes#52364.
git-svn-id: https://develop.svn.wordpress.org/trunk@50382 602fd350-edb4-49c9-b593-d223f7449a82
In `unstick_post()` if a post ID is duplicated in the `sticky_posts` option remove all instances.
In both `stick_post()` and `unstick_post()` check for duplicate IDs already stored in the `sticky_post` option and remove them if the option is updated.
Props rahmohn, archon810.
Fixes#52007.
git-svn-id: https://develop.svn.wordpress.org/trunk@50380 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()` should generally be preferred to `assertEquals()` where appropriate, to make the tests more reliable.
Follow-up to [49904], [49925], [49992], [50012], [50013], [50065], [50075], [50131], [50150], [50157].
See #38266, #52482.
git-svn-id: https://develop.svn.wordpress.org/trunk@50284 602fd350-edb4-49c9-b593-d223f7449a82
Rename `wp_force_plain_ugly_permalink()` to `wp_force_plain_post_permalink()` to match terminology used in the WordPress dashboard.
Follow up to [50132].
Props SergeyBiryukov.
Fixes#5272.
git-svn-id: https://develop.svn.wordpress.org/trunk@50282 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug causing wp.i18n.isRTL() to return false in RTL langauges by manually
loading the translated 'ltr' string for the i18n dependency. This ports over an
identical fix that was made in Gutenberg.
Fixes#52441.
Props @jonsurrell @youknowriad.
git-svn-id: https://develop.svn.wordpress.org/trunk@50259 602fd350-edb4-49c9-b593-d223f7449a82
This removes a test assertion defending against version ranges in the `node` value in `package.json` files. This is now supported.
Props peterwilsoncc.
See #52341.
git-svn-id: https://develop.svn.wordpress.org/trunk@50192 602fd350-edb4-49c9-b593-d223f7449a82
This adds a filter that allows `$post_statuses` to be modified in term count.
Props GunGeekATX, adamsilverstein, davecpage, nwjames, hellofromTonya, audrasjb, peterwilsoncc, TimothyBlynJacobs.
Fixes#38843.
git-svn-id: https://develop.svn.wordpress.org/trunk@50169 602fd350-edb4-49c9-b593-d223f7449a82
Add new functions `wp_get_script_tag`, `wp_print_script_tag`, `wp_print_inline_script_tag` and `wp_get_inline_script_tag` that support script attributes. Enables passing attributes such as `async` or `nonce`, creating a path forward for enabling a Content-Security-Policy in core, plugins and themes.
Props tomdxw, johnbillion, jadeddragoon, jrchamp, mallorydxw, epicfaace, alinod, enricocarraro, ocean90.
Fixes#39941.
git-svn-id: https://develop.svn.wordpress.org/trunk@50167 602fd350-edb4-49c9-b593-d223f7449a82
This adds a form option to skip the admin email alert when exporting personal data.
Props xkon, azaozz, TZ-Media, iandunn, desrosj, iprg, allendav, wesselvandenberg, karmatosed, birgire, davidbaumwald, estelaris, paaljoachim, hellofromTonya.
Fixes#43890.
git-svn-id: https://develop.svn.wordpress.org/trunk@50159 602fd350-edb4-49c9-b593-d223f7449a82
For example the `categories` or `categories_exclude` parameters can now optionally accept an object with a `terms` property that accepts the list of term ids and a new `include_children` property which controls the Tax Query `include_children` field.
Props jason_the_adams, jnylen0, birgire, dlh.
Fixes#39494.
git-svn-id: https://develop.svn.wordpress.org/trunk@50157 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `get_home_url()` would automatically switch to `https` if the current request is already `https`, but would only do so on the front end.
This addresses the inconsistent behavior of returning different values in the admin and on the frontend.
Follow-up to [12598], [21937], [24844].
Props herregroen, mukesh27.
Fixes#52421.
git-svn-id: https://develop.svn.wordpress.org/trunk@50156 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the first error message for each parameter was made available. Now, all error messages for a parameter are concatenated. Additionally, the detailed error for each parameter is made available in a new `details` section of the validation error. Each error is formatted following the standard REST API error formatting.
The `WP_REST_Server::error_to_response` method has been abstracted out into a standalone function `rest_convert_error_to_response` to allow for reuse by `WP_REST_Request`. The formatted errors now also contain an `additional_data` property which contains the additional error data provided by `WP_Error::get_all_error_data`.
Props dlh, xkon, TimothyBlynJacobs.
Fixes#46191.
git-svn-id: https://develop.svn.wordpress.org/trunk@50150 602fd350-edb4-49c9-b593-d223f7449a82
This allows the functions to return a `WP_Error` object containing more information in case of a problem, instead of just boolean false.
The various `pre_` filters in these functions are also updated so they can return or be passed a `WP_Error` object.
Fixes#49961
git-svn-id: https://develop.svn.wordpress.org/trunk@50143 602fd350-edb4-49c9-b593-d223f7449a82
Update @wordpress npm packages to the latest published versions. This means that
the block editor includes functionality that exists in Gutenberg 9.9.
Fixes#52334.
git-svn-id: https://develop.svn.wordpress.org/trunk@50137 602fd350-edb4-49c9-b593-d223f7449a82
Add check to `redirect_canonical()` to ensure private posts only redirect for logged in users.
Modifies the `read_post` mata capability to user `get_post_status()` rather than the post's `post_status` property to allow attachments to redirect based on the inherited post status.
Introduces `wp_force_ugly_post_permalink()` to unify the check to determine if an ugly link should be displayed in each of the functions used for determining permalinks: `get_permalink()`, `get_post_permalink()`, `_get_page_link()` and `get_attachment_link()`.
Improves logic of `get_attachment_link()` to validate parent post and resolution of inherited post status. This is an incomplete fix of #52373 to prevent the function returning links resulting in a file not found error. Required to unblock this ticket.
Props peterwilsoncc, TimothyBlynJacobs.
See #52373.
Fixes#5272.
git-svn-id: https://develop.svn.wordpress.org/trunk@50132 602fd350-edb4-49c9-b593-d223f7449a82
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.
This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.
* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
* A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
* The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
* The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
* For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
* A new `wp_update_urls_to_https()` function takes care of the update routine.
* A new `update_https` meta capability is introduced to control access.
* If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
* A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
* A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.
Props flixos90, timothyblynjacobs.
Fixes#51437.
git-svn-id: https://develop.svn.wordpress.org/trunk@50131 602fd350-edb4-49c9-b593-d223f7449a82
Introduces `is_post_status_viewable()` as a sibling to `is_post_type_viewable()`. Internal and protected statuses are never considered viewable. For built in posts statuses the `public` attribute is checked, for custom statuses the `publicly_queryable` attribute is checked.
Introduces `is_post_publicly_viewable()` for determining if an individual post can be viewed by logged out users. A post is considered viewable if both `is_post_status_viewable()` and `is_post_type_viewable()` return `true` for the post's attributes.
Additionally modifies `is_post_type_viewable()` to return `false` if an unregistered post type is passed to the function to avoid attempting to access properties on a non-object.
Props peterwilsoncc, SergeyBiryukov, whyisjake, TimothyBlynJacobs.
Fixes#49380.
git-svn-id: https://develop.svn.wordpress.org/trunk@50130 602fd350-edb4-49c9-b593-d223f7449a82
