The Root Certificate bundle maintained by Mozilla ships in WordPress to allow SSL certificates to be verified on hosts with incomplete, outdated, or invalid local SSL configurations.
This updates the `ca-bundle.crt` file to the latest version, which applies upstream changes from the bundle maintained by Mozilla and keeps all unexpired legacy 1024bit certificates which are kept for backward compatibility purposes (see [35919]).
Partially merges [59740] and [59969] to the 6.4 branch.
Props johnbillion, desrosj, whyisjake, ayeshrajans, SergeyBiryukov, swissspidy, skithund, barry.
See #62811, #62711.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@59996 602fd350-edb4-49c9-b593-d223f7449a82
This updates `@playwright/test` to the latest version, currently `1.49.1`.
In older branches using Playwright, the E2E and Performance workflows have recently started failing. This is due to changes in the GitHub Actions runner images. Updating Playwright ensures more modern dependency trees are used when installing browsers for testing and fixes the issue.
Merges [59682] to the 6.4 branch.
Props swissspidy.
Fixes#62843.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@59686 602fd350-edb4-49c9-b593-d223f7449a82
The previous domain that was used to test for a host whose IPv4 address cannot be resolved, `exampleeeee.com`, got registered and has an A-record now, so it's not invalid anymore.
`.invalid` is intended for use in online construction of domain names that are sure to be invalid and which it is obvious at a glance are invalid.
Reference: [https://datatracker.ietf.org/doc/html/rfc2606#section-2 Reserved Top Level DNS Names: TLDs for Testing, & Documentation Examples].
Follow-up to [52084], [58384], [58388].
Props sippis, johnbillion, MattyRob, swissspidy.
Fixes#62303.
Reviewed by
Merges [59293] to the 6.4 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@59300 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.4 branch to make use of the new `gutenberg-version` input introduced in [59220].
The past version of the plugin that supports WordPress 6.4 is `18.9.0`.
Props swissspidy.
See #61530.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@59221 602fd350-edb4-49c9-b593-d223f7449a82
The minimum required version of WordPress for the Gutenberg plugin was recently raised to 6.5.
This updates the 6.4 branch to skip installing and activating Gutenberg during E2E testing as has already been done for older branches.
See #61530.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@59212 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default values for `LOCAL_PHP` and `LOCAL_DB_VERSION` in the 6.4 branch from `latest` to `8.3-fpm` (with beta support) and `8.0`, respectively, to properly reflect the highest versions of PHP and MySQL that this branch will support.
See #61533.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58659 602fd350-edb4-49c9-b593-d223f7449a82
- Editor: Fix Path Traversal issue on Windows in Template-Part Block.
- Editor: Sanitize Template Part HTML tag on save.
- HTML API: Run URL attributes through `esc_url()`.
Merges [58470], [58471], [58472] and [58473] to the 6.4 branch.
Props xknown, peterwilsoncc, jorbin, bernhard-reiter, azaozz, dmsnell, gziolo.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58475 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.5 branch to make use of [58345], which fixes a bug where a ZIP file with built WordPress is not saved as an artifact causing the performance workflow to fail.
Merges [53845] to the 6.4 branch.
Props jorbin.
See #59416.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58347 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.4 branch to utilize the new reusable workflows in trunk introduced in [58165].
This also includes backports for a some additional improvements and bug fixes that are necessary for the local development environment to continue working long term:
- Migrating to Docker Compose V2 (#60901).
- Removing the `version` property from `docker-compose.yml` (#59416).
- Improvements to how artifacts and comments for Playground testing are generated.
- Removing SVN related commands causing failures (#61216).
- Updating the `actions/github-scripts` action to the latest version.
Merges [57918], [58157], [57124], [57125], [57249] to the 6.4 branch.
Props johnbillion, joemcgill, swissspidy, thelovekesh, narenin, mukesh27, JeffPaul, peterwilsoncc, zieladam, ockham, SergeyBiryukov, jorbin.
Fixes#61216. See #60901, #61101, #59416, #59805, #61213.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58276 602fd350-edb4-49c9-b593-d223f7449a82
This pins the `LOCAL_PHP` version to 8.2 in the Performance workflow to ensure that the base measurements taken from WordPress version 6.1.1 can be run, since PHP 8.2 is the greatest version that WordPress 6.1.1 supports.
The default PHP version used in the 6.4 branch was bumped to 8.3 in [57198] to reflect the highest version that WordPress 6.4 supports, resulting in the failures to the Performance workflow.
Props joemcgill, freewebmentor, desrosj, swissspidy.
Fixes#60127.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58272 602fd350-edb4-49c9-b593-d223f7449a82
The purpose of `tests/e2e/specs/gutenberg-plugin.test.js` is to ensure that running the Gutenberg plugin (stable version) on a WordPress `trunk` install doesn't produce any fatals.
The test was introduced in [54913], i.e. it has been around since WP 6.2. It makes sense to have it present on older branches, as the Gutenberg plugin not only supports `trunk`, but also the current stable version of WordPress (i.e. currently 6.5), and one version below (6.4). However, it is not expected to work on any earlier versions beyond that; in practice, it has produced errors on some of those.
This changeset checks the REST API response from the plugin activation request. If it returns an error with error code `plugin_wp_incompatible`, it skips the test.
Reviewed by jorbin.
Merges [58046] to the 6.4 branch.
Props jorbin, johnbillion, swissspidy.
Fixes#60971.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@58153 602fd350-edb4-49c9-b593-d223f7449a82
Due to some changes on the WP.com side to compress the requested images on the fly, the exact image size in the response could be different between platforms.
This commit aims to make the affected tests more reliable.
Follow-up to [139/tests], [31258], [34568], [47142], [57903], [57904], [57924].
Merges [57931] to the 6.4 branch.
Props peterwilsoncc, jorbin.
See #60865.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57938 602fd350-edb4-49c9-b593-d223f7449a82
It appears that something has changed on the WP.com side to compress the requested images on the fly, which interfered with the previous expectations in these tests.
This commit uses a direct file URL and updates the expected image size to match the currently returned response.
Follow-up to [139/tests], [31258], [47142].
Reviewed by jorbin.
Merges [57903] to the 6.4 branch.
Props dextorlobo, swissspidy, davidbaumwald, SergeyBiryukov.
See #60865.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57930 602fd350-edb4-49c9-b593-d223f7449a82
ZipArchive can fail to validate ZIP files correctly and report valid files as invalid. This introduces a fallback to PclZip to check validity of files if ZipArchive fails them.
This introduces the new function wp_zip_file_is_valid() to validate archives.
Follow up to [57388].
Reviewed by jorbin.
Merges [57537] to the 6.4 branch.
Props audunmb, azaozz, britner, cdevroe, colorful-tones, costdev, courane01, endymion00, feastdesignco, halounsbury, jeffpaul, johnbillion, jorbin, jsandtro, karinclimber, kevincoleman, koesper, maartenbelmans, mathewemoore, melcarthus, mujuonly, nerdpressteam, olegfuture, otto42, peterwilsoncc, room34, sayful, schutzsmith, stephencronin, svitlana41319, swissspidy, tnolte, tobiasbg, vikram6, welaunchio.
Fixes#60398.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57929 602fd350-edb4-49c9-b593-d223f7449a82
The MySQL Docker containers for versions 5.7 and below do not support recent Apple silicone chips. Previously this was fixed by including `amd64/` as a prefix to the image name in the `docker-compose.yml` file (see [54096]). However, this stopped working after recent updates to Docker Desktop.
This changeset removes the `amd64/` prefix for the image used as the database container and raises the default version of MySQL in the local development environment to the current LTS version (8.0). Because this version is still maintained, there are `arm64` containers available to use.
This also documents a new workaround for contributors looking to run the local Docker environment using MySQL 5.7 or earlier, which entails creating a small `docker-compose.override.yml`.
Merges [57568] to the 6.4 branch.
Props bernhard-reiter, johnbillion, afragen, huzaifaalmesbah.
Fixes#59930.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57862 602fd350-edb4-49c9-b593-d223f7449a82
This bumps the version of Node.js used in GitHub Codespaces from 16 to 20.
Follow up to [57212].
Merges [57667] to the 6.4 branch.
Props itschristiandale, huzaifaalmesbah.
Fixes#60555.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57672 602fd350-edb4-49c9-b593-d223f7449a82
Ensure logged out users are redirected to the media file when attachment pages are inactive. This removes the read_post capability check from the canonical redirects as anonymous users lack the permission.
This was previously committed in [57310] before being reverted in [57318]. This update includes a fix to cover instances where revealing a URL could be considered a data leak and greatly expands the unit tests to ensure that this is covered along with many other instances.
Follow-up to [56657], [56658], [56711], [57310], [57318].
Reviewed by joemcgill.
Merges [57357] to 6.4 branch.
Props peterwilsoncc, jorbin, afercia, aristath, chesio, joppuyo, jorbin, lakshmananphp, poena, sergeybiryukov, swissspidy, johnbillion, mukesh27.
Fixes#59866.
See #57913.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57358 602fd350-edb4-49c9-b593-d223f7449a82
Ensure that the proper new function wp_enqueue_emoji_styles is used in embeds.
Follow-up to: [56194].
Reviewed by davidbaumwald.
Merges [57306] to the 6.4 branch.
Props peterwilsoncc, bobbingwide, hellofromTonya.
Fixes#59892. See: #58775.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57347 602fd350-edb4-49c9-b593-d223f7449a82
Package Update includes fixes for:
- Fix block rename control shown in "Advanced" for unsupported blocks
- Query block: remove unnecessary class
- Fix duotone not showing in site editor style block level styles
- Query Loop - Add accessibility markup at the end of the loop in all cases.
- Background Image Support: Hide the background image reset button when there's no image
- Background image support: Fix focus loss when resetting background image
- Autocomplete: Fix Voiceover not announcing suggestions
- Fix pattern category renaming causing potential duplicate categories
- Patterns: use existing download function for JSON downloads to fix non-ASCII encoding
- Add context for translators to any unclear usage of "synced"
- Image block: Add check for lightbox values during image block migration
- Image Block: Enable image block to be selected correctly when clicked
- Reduce specificity of default Cover text color styles.
- Image Block: Fix deprecation when width/height attribute is number
- Text selection: show CSS hack to Safari only.
- SlotFill: Allow contextual SlotFillProviders
Reviewed by peterwilsoncc.
Merges [57258] and [57109] to 6.4 branch.
Props mikachan, isabel_brison, kebbet, artemiosans, talldanwp, ramonopoly, alexstine, andrewserong, mamaduka, cbravobernal, ajlende, luisherranz, wildworks, poena, czapla, andraganescu, joen, ellatrix, youknowriad, ntsekouras.
Fixes#59828.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57346 602fd350-edb4-49c9-b593-d223f7449a82
In order to release the fix for #60241, this bumps the version of the following themes:
- Twenty Seventeen: 3.5
- Twenty Twenty: 2.5
- Twenty Twenty-One: 2.2
Merges [57296] to the 6.4 branch.
Props sabernhardt, jorbin.
See #60267.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57297 602fd350-edb4-49c9-b593-d223f7449a82
The theme supports WordPress 5.3 or later, while the polyfill for str_contains() only exists in WordPress 5.9 or later.
Follow-up to [55988], [57275], [57276].
Merges [57277] to the 6.4 branch.
Props poena, SergeyBiryukov.
Fixes#60241.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57293 602fd350-edb4-49c9-b593-d223f7449a82
The theme supports WordPress 4.7 or later, while the polyfill for str_contains() only exists in WordPress 5.9 or later.
Follow-up to [55988], [57275].
Merges [57276] to the 6.4 branch.
Props poena, SergeyBiryukov.
See #60241.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57292 602fd350-edb4-49c9-b593-d223f7449a82
The theme supports WordPress 4.7 or later, while the polyfill for str_contains() only exists in WordPress 5.9 or later.
Follow-up to [55988].
Merges [57275] to the 6.4 branch.
Props poena, SergeyBiryukov.
See #60241.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57291 602fd350-edb4-49c9-b593-d223f7449a82
When the `wp_login_errors` filter is used to add an error message followed by an instructional message, the former was not displayed and the latter was errouneously displayed twice above the login form.
This commit ensures that the error message is displayed as expected.
Follow-up to [56654].
Reviewed by jorbin.
Merges [57142] to the 6.4 branch.
Props mapumba, SergeyBiryukov.
Fixes#59983.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57288 602fd350-edb4-49c9-b593-d223f7449a82
This bumps the minimum required version of Node.js/npm from 16.19.1 and 8.19.3 to 20.10.0 and 10.2.3.
Since 20.10.0 is the latest 20.x version of Node.js, the check-latest option has been enabled for actions/setup-node in GitHub Actions workflows. This performs an additional external call to the Node.js API confirming the latest version is installed on the runner for use. In testing, it seems that 20.10.0 was not consistently deployed to all runner machines in use. This should be removed in the near future when the version of Node.js is reliably above the new minimum requirement.
The Gutenberg repository has also been updated to use the same values for engines.
Merges [57212] to the 6.4 branch.
Props jorbin, joemcgill, swissspidy, benharri, dhrupo, flootr, gziolo, noahtallen.
See #59663.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57214 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default value for `LOCAL_PHP` in the 6.4 branch from `latest` to `8.3-fpm` to reflect the highest version of PHP this branch will support (with beta support).
After this change, future updates to the `latest` container built and published by the `wpdev-docker-images` repository will not cause failures in this branch.
While there are currently no failures in the 6.4 branch, the `latest` container was recently changed from using PHP 7.4 to 8.2 and caused failures in the 5.8-6.3 branches. Pinning a PHP version to this branch now will prevent that same scenario in the future. Going forward, this should be done at the time of branching.
Older branches already have specific PHP versions defined.
See #60095.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57198 602fd350-edb4-49c9-b593-d223f7449a82
This is a followup to [57167] to fix a version number in `package-lock.json` that was missed in the initial commit.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57168 602fd350-edb4-49c9-b593-d223f7449a82
The values of start and end are not fully supported by Opera Mini which has 1.01% usage. There is no material change in functionality with this change.
Reviewed by hellofromTonya.
Merges [57151] to 6.4 branch.
Props kebbet, NekoJonez, luminuu, hellofromTonya.
Fixes#59819.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57160 602fd350-edb4-49c9-b593-d223f7449a82
This fixes bugs introduced in [56635] whereby the template or stylesheet path could be memoized incorrectly if get_template_directory() or get_stylesheet_directory() were called before the theme has been fully initialized.
Reviewed by Jorbin.
Merges [57129] to 6.4 branch.
Props partyfrikadelle, coreyw, kdowns, rebasaurus, meta4, flixos90, mukesh27, joemcgill, icaleb.
Fixes#59847.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57156 602fd350-edb4-49c9-b593-d223f7449a82
Restores setting the site's logo, icon, and wp-admin's back button image (which defaults to W).
Prior to [56566], the site logo and icon were unconditionally added to the index. [56566] changed this by conditionally adding them if either the `_links` or `_embedded` fields were included. However, these fields are not included when using the Site Logo block, as it uses the `site_logo`, `site_icon`, and `site_icon_url` fields instead.
This changeset restores the functionality by checking specifically for the `site_*` fields when neither of the `_links` or `_embedded` fields are present.
Follow up to [56566].
Reviewed by jorbin.
Merges [57147] to the 6.4 branch.
Props antonvlasenko, hellofromTonya, ironprogrammer, priethor, wildworks.
Fixes#59935.
git-svn-id: https://develop.svn.wordpress.org/branches/6.4@57154 602fd350-edb4-49c9-b593-d223f7449a82
