48487 Commits

Author SHA1 Message Date
Sergey Biryukov
ff96003a0f Coding Standards: Upgrade WPCS to version 3.0.0.
This is an important release which makes significant changes to improve the accuracy, performance, stability and maintainability of all sniffs, as well as making WordPressCS much better at handling modern PHP.

WordPressCS 3.0.0 contains breaking changes, both for people using ignore annotations, people maintaining custom rulesets, as well as for sniff developers who maintain a custom PHPCS standard based on WordPressCS.

If you are an end-user or maintain a custom WordPressCS based ruleset, please start by reading the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-ruleset-maintainers Upgrade Guide to WordPressCS 3.0.0 for ruleset maintainers] which lists the most important changes and contains a step by step guide for upgrading.

If you are a maintainer of an external standard based on WordPressCS and any of your custom sniffs are based on or extend WordPressCS sniffs, please read the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-Developers-of-external-standards Upgrade Guide to WordPressCS 3.0.0 for Developers].

In all cases, please read the complete changelog carefully before you upgrade.

This commit:
* Updates the Composer dependencies to use the new version, including updating the underlying PHP_CodeSniffer dependency to the new minimum supported version for WPCS.[[BR]] Note: the Composer PHPCS installer plugin is no longer explicitly required as it is now a dependency of WPCS, so the dependency is inherited automatically.
* Updates the ruleset for WPCS 3.0.0. This includes:
 * Raising the memory limit to be on the safe side as WPCS 3.0.0 contains a lot more sniffs.
 * Removing explicit inclusions of extra rules, which have now been added to the `WordPress-Core` ruleset..
 * Updating property names for select sniffs.
 * Updating one exclusion — the `WordPress.CodeAnalysis.AssignmentInCondition` sniff has been (partially) replaced by the `Generic.CodeAnalysis.AssignmentInCondition` sniff.
 * Adding one new exclusion.
* Downgrades one new error to a warning.[[BR]] The `Generic.Files.OneObjectStructurePerFile` sniff enforces that there is only one OO structure declaration per file. At this time, this sniff would yield 29 errors. By downgrading the sniff to a ''warning'', the build can pass and the issues can be fixed in due time. For now, the test directory will be excluded until the issues are fixed (as the test directory CS run does not allow for warnings).
* Updates ignore annotations for WPCS 3.0.0.

Reference: [https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0 WPCS 3.0.0 release notes].

Follow-up to [43571], [44574], [45600], [47927].

Props jrf, jorbin, desrosj.
See #59161.

git-svn-id: https://develop.svn.wordpress.org/trunk@56695 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-26 00:24:43 +00:00
Sergey Biryukov
b011e827cf Code Modernization: Rename parameters that use reserved keywords in phpunit/tests/media.php.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit renames the `$match` parameter to `$matches` in shortcode image tests.

Note: This is enforced by WPCS 3.0.0.

Follow-up to [56693].

See #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56694 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-26 00:23:25 +00:00
Felix Arntz
6560f46a0f Media: Ensure images within shortcodes are correctly considered for loading optimization attributes.
Prior to this change, images added in shortcodes would be considered separately from all other images within post content, which led to incorrect application of the loading optimization attributes `loading="lazy"` and `fetchpriority="high"`.

This changeset changes the filter priority of `wp_filter_content_tags()` from the default `10` to `12` on the various content filters it is hooked in, in order to run that function after parsing shortcodes. While this may technically be considered a backward compatibility break, substantial research and lack of any relevant usage led to the assessment that the change is acceptable given its benefits.

An additional related fix included is that now the duplicate processing of images is prevented not only for post content blobs (`the_content` filter), but also for widget content blobs (`widget_text_content` and `widget_block_content` filters).

Props joemcgill, mukesh27, costdev, spacedmonkey, flixos90.
Fixes #58853.


git-svn-id: https://develop.svn.wordpress.org/trunk@56693 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-26 00:11:06 +00:00
Sergey Biryukov
0444cf5337 Coding Standards: Fix a few newly introduced WPCS issues.
Follow-up to [56683], [56689].

See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56692 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-26 00:07:56 +00:00
Colin Stewart
a099b9a19f Filesystem API: Add missing ZIP file for unzip tests.
In [56689], a ZIP file is needed in `tests/phpunit/data/filesystem/` but wasn't included in the changeset. This produced an error when attempting to create a subdirectory during the tests.

This adds the `tests/phpunit/data/filesystem/archive.zip` file.

Follow-up to [56689].

Props flixos90.
Fixes #37719.

git-svn-id: https://develop.svn.wordpress.org/trunk@56691 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 23:38:38 +00:00
Felix Arntz
d33027c5ea Media: Rely on wp_get_loading_optimization_attributes() to add decoding="async" to images.
The `wp_get_loading_optimization_attributes()` function was introduced in 6.3, as a single centralized place to control loading optimization attributes for various tags, most importantly images.

This changeset consolidates the `decoding="async"` optimization, which was added in 6.1, to occur solely as part of `wp_get_loading_optimization_attributes()`, removing duplicate code and allowing centralized filtering based on [56651].

As part of the change, the `wp_img_tag_add_decoding_attr()` function has been deprecated. The filter of the same name continues to be maintained for backward compatibility, as before covering only images that are part of a content blob such as post content (`the_content`).

Props pereirinha, mukesh27, joemcgill, flixos90.
Fixes #58892.
See #53232.


git-svn-id: https://develop.svn.wordpress.org/trunk@56690 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 22:37:00 +00:00
Colin Stewart
6558db1756 Filesystem API: Introduce filters for before/after unzipping archives.
This introduces the following new filters which wrap the process of unzipping an archive:
- `pre_unzip_file` - Filters archive unzipping to allow an override with a custom process.
- `unzip_file` - Filters the result of unzipping an archive.

Both filters pass the following:
- `string $file` - Full path and filename of ZIP archive.
- `string $to` - Full path on the filesystem to extract archive to.
- `string[] $needed_dirs` - A full list of required folders that need to be created.
- `float|false $required_space` - The space required to unzip the file and copy its contents, with a 10% buffer.

Props dfavor, azaozz, oglekler, afragen, costdev.
Fixes #37719.

git-svn-id: https://develop.svn.wordpress.org/trunk@56689 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 22:14:11 +00:00
Tonya Mork
8b63003223 Fonts: Get font-family name from 'fontFamily' field.
Instead of getting the name from the optional `'name'` field, the font-family name now comes from the required `'fontFamily'` field.

This change fixes a back-compat (BC) break in how the font-family name is pulled from the incoming font data in the `WP_Font_Face_Resolver`.

Why?

WP Core does not require the `'name'` field in theme.json. For themes that do not declare it, that set of font variations is ignored, thus causing a BC break from how the stopgap code worked (see [53282]).

However, `WP_Theme_JSON` schema does require the `fontFamily` field in each of the `typography.fontFamilies`.

== Other details:

Includes a parser to extract the first entry when a `fontFamily` field has a comma-separated list of font-families, e.g. `Inter, sans-serif`.

References:
* Merge from Gutenberg's PR https://github.com/WordPress/gutenberg/pull/54615.

Follow-up to [56500], [53282].

Props ironprogrammer, hellofromTonya, mmaattiiaass, pbking.
Fixes #59165.

git-svn-id: https://develop.svn.wordpress.org/trunk@56688 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 21:27:51 +00:00
Weston Ruter
4df5cd15a5 Script Loader: Use wp_get_script_tag() and wp_get_inline_script_tag()/wp_print_inline_script_tag() helper functions to output scripts on the frontend and login screen.
Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`.

* Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5.
* Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat.
* Wrap existing `<script>` tags in output buffering to retain IDE supports.
* In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly.
* In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it.
* Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests.
* Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences.

Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz.
Fixes #58664.
See #39941.


git-svn-id: https://develop.svn.wordpress.org/trunk@56687 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 21:03:19 +00:00
Jonathan Desrosiers
5c8b4c1b00 Docs: Revert [56679].
`Memoizes` is actually correct in this context.

Unprops desrosj.
See #18298.

git-svn-id: https://develop.svn.wordpress.org/trunk@56686 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 20:47:32 +00:00
Bernie Reiter
4ffb12de54 HTML API: Remove all duplicate copies of an attribute when removing.
When encountering an HTML tag with duplicate copies of an attribute the tag processor ignores the duplicate values, according to the specification. However, when removing an attribute it must remove all copies of that attribute lest one of the duplicates becomes the primary and it appears as if no attributes were removed.

In this patch we're adding tests that will be used to ensure that all attribute copies are removed from a tag when one is request to be removed.

**Before**

{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br id="two" id='three' id>
}}}

**After**

{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br>
}}}

Previously we have been overlooking duplicate attributes since they don't have an impact on what parses into the DOM. However, as one unit test affirmed (asserting the presence of the bug in the tag processor) when removing an attribute where duplicates exist this meant we ended up changing the value of an attribute instead of removing it.

In this patch we're tracking the text spans of the parsed duplicate attributes so that ''if'' we attempt to remove them then we'll have the appropriate information necessary to do so. When an attribute isn't removed we'll simply forget about the tracked duplicates. This involves some overhead for normal operation ''when'' in fact there are duplicate attributes on a tag, but that overhead is minimal in the form of integer pairs of indices for each duplicated attribute.

Props dmsnell, zieladam.
Fixes #58119.

git-svn-id: https://develop.svn.wordpress.org/trunk@56684 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 19:02:42 +00:00
Jonny Harris
a68650ef19 Editor: Introduce get_block_asset_url Utility Function.
This commit introduces a valuable utility function, get_block_asset_url, designed to simplify the retrieval of block asset URLs, such as those for CSS and JavaScript files. This utility eliminates redundancy in both register_block_script_handle and register_block_style_handle. Additionally, `get_block_asset_url` incorporates an early exit mechanism to optimize performance.

This update includes comprehensive unit tests, covering various scenarios, including asset registration from core (wp-includes), themes, child themes, plugins, and mu-plugins.

Props spacedmonkey, joemcgill, flixos90, gziolo.
Fixes #58525.

git-svn-id: https://develop.svn.wordpress.org/trunk@56683 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 17:47:27 +00:00
Jonny Harris
54c4de13ed Script Loader: Replace hardcoded output of style tags with calls to wp_add_inline_style.
In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags.

To ensure backward compatibility, the following functions have been deprecated and replaced:

- print_embed_styles
- print_emoji_styles
- wp_admin_bar_header
- _admin_bar_bump_cb

Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag.

However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository:

- custom-background
- wp-custom

These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core.

Props spacedmonkey, hlunter, westonruter, flixos90.
Fixes #58775.

git-svn-id: https://develop.svn.wordpress.org/trunk@56682 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 17:04:41 +00:00
Felix Arntz
8d8b843eaf Options, Meta APIs: Improve logic to avoid unnecessary database writes in update_option().
Prior to this change, a strict comparison between the old and new database value could lead to a false negative, since database values are generally stored as strings. For example, passing an integer to `update_option()` would almost always result in an update given any existing database value for that option would be that number cast to a string.

This changeset adjusts the logic to perform an intentional "loose-y" comparison by casting the values to strings. Extensive coverage previously added in [56648] provides additional confidence that this does not introduce any backward compatibility issues.

Props mukesh27, costdev, spacedmonkey, joemcgill, flixos90, nacin, atimmer, duck_, boonebgorges.
Fixes #22192.


git-svn-id: https://develop.svn.wordpress.org/trunk@56681 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 16:23:52 +00:00
Sergey Biryukov
bccc6fcebd Coding Standards: Fix a few newly introduced WPCS issues.
Follow-up to [56570], [56573], [56589], [56604], [56612], [56620], [56629], [56631], [56638], [56642], [56644], [56649].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56680 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 15:34:34 +00:00
Jonathan Desrosiers
68347e0d70 Docs: Correct typo in new @since tag.
Follow up to [56635], [56641].

See #18298.

git-svn-id: https://develop.svn.wordpress.org/trunk@56679 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 15:16:32 +00:00
Jonny Harris
4ae2d1a533 Themes: Use instanceof in block_has_support.
In [50761], the block_has_support function was introduced. However, using `property_exists` within this function negatively impacted its performance. This commit replaces the `property_exists` function call with `instanceof WP_Block_Type`, resulting in improved performance.

Props mukesh27, gziolo, spacedmonkey.
Fixes #59441.

git-svn-id: https://develop.svn.wordpress.org/trunk@56678 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 12:15:06 +00:00
Jonny Harris
f9299148b7 Themes: Use instanceof in get_hooked_blocks.
In [56610], the get_hooked_blocks function was introduced. However, using property_exists within this function negatively impacted its performance. This commit replaces the property_exists function call with instanceof WP_Block_Type, resulting in improved performance.

Props gziolo, spacedmonkey.
See #59383.

git-svn-id: https://develop.svn.wordpress.org/trunk@56677 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 11:46:08 +00:00
Greg Ziółkowski
de9e06a4c0 REST API: Improve the block type schema for the name field
Align the schema between `block.json` defined in Gutenberg and the REST API endpoint for block types. It looks like the `name` field isn't validated in all places and when it uses pattern matching in the REST API code, then it was slightly different.

Props spacedmonkey, ockham.
See #59346.



git-svn-id: https://develop.svn.wordpress.org/trunk@56676 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 10:00:33 +00:00
Andrea Fercia
6f0ddc2260 Editor: Add missing parameter to the block_editor_no_javascript_message filter after [56672].
Props mukesh27.

Fixes #59229.


git-svn-id: https://develop.svn.wordpress.org/trunk@56675 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 10:00:19 +00:00
Bernie Reiter
2423ed55a5 Blocks: Remove inject_hooked_block_markup filter.
Per discussion in #59424, there's agreement that the new `hooked_block_types` filter  (introduced in [56673]) covers conditional addition and removal of hooked blocks better and at a higher level than the `inject_hooked_block_markup` filter that was originally added in [56649] for that same purpose.
Consequently, this changeset removes the latter filter.

Props gziolo.
Fixes #59439.

git-svn-id: https://develop.svn.wordpress.org/trunk@56674 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 09:12:08 +00:00
Bernie Reiter
75c06d620c Blocks: Introduce filter to allow easy addition of hooked blocks.
Introduce a `hooked_block_types` filter that allows easier conditional addition (or removal) of hooked blocks for a given anchor block and relative position.

{{{#!php
function insert_shopping_cart_hooked_block( $hooked_blocks, $position, $anchor_block, $context ) {
	if ( 'after' === $position && 'core/navigation' === $anchor_block && /** $context is header template part **/ ) {
		$hooked_blocks[] = 'mycommerce/shopping-cart';
	}
	return $hooked_blocks;
}
add_filter( 'hooked_block_types', 'insert_shopping_cart_hooked_block', 10, 4 );
}}}

Props gziolo, nerrad, dmsnell, ndiego.
Fixes #59424.

git-svn-id: https://develop.svn.wordpress.org/trunk@56673 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 08:42:45 +00:00
Joe Dolson
cc40da134e Editor: Improve no JS message for block editor.
Show the user a link to install the classic editor if they do not have JavaScript available and the plugin is not already installed.

Props bosskhj, audrasjb, huzaifaalmesbah, sajjad67, joedolson, costdev.
Fixes #59229.

git-svn-id: https://develop.svn.wordpress.org/trunk@56672 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-25 00:05:31 +00:00
Joe Dolson
c1f6801055 Widgets: Add missing no JS notice in Widgets screen.
Add an H1 heading and an admin notice to display on the Widgets screen when JS is not available. Invite the user to either install or activate the Classic Widgets plugin, as that plugin provides basic functionality without JS.

Props afercia, nihar007, huzaifaalmesbah, joedolson, matthewfarlymn, bvreeman22, bosskhj, devmuhib, shailu25, joedolson.
Fixes #58738.

git-svn-id: https://develop.svn.wordpress.org/trunk@56671 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-24 23:58:42 +00:00
Joe Dolson
816561d1fd Site Health: Improve wp.a11y.speak() notifications.
Improve the experience for screen reader users by removing announcements produced in the Dashboard, simplifying the text to reduce verbosity, and ensuring that messages are spoken in the correct order to match the state of the user interface without repetition.

Props afercia, alexstine.
Fixes #58573.

git-svn-id: https://develop.svn.wordpress.org/trunk@56670 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-24 20:11:59 +00:00
Sergey Biryukov
9cec160110 Build/Test Tools: Remove random_compat from PHPCS and PHPUnit configuration files.
This package was removed in WP 6.3, so these exclusion entries are no longer necessary.

Follow-up to [42346], [42665], [49797], [56141], [56667].

See #58831, #58955.

git-svn-id: https://develop.svn.wordpress.org/trunk@56669 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-24 07:43:50 +00:00
Colin Stewart
7211cf62d2 REST API: Correct spelling error in block_hooks field documentation.
In [56587], a spelling error was introduced in the documentation of the new `block_hooks` field in `WP_REST_Block_Types_Controller`.

This fixes the spelling error.

Follow-up to [56587].

Props kebbet, mukesh27, tahmina1du.
Fixes #59426. See #59346.

git-svn-id: https://develop.svn.wordpress.org/trunk@56668 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-23 15:36:00 +00:00
Sergey Biryukov
3dbfc06512 Coding Standards: Remove unnecessary directives in the PHPCompatibility ruleset.
This commit:

* Removes the unnecessary exclusion patterns for the `node_modules` and `vendor` directories. As this ruleset only scans the `src` directory, those directories would never be scanned anyway.
* Removes the selective excludes related to the random_compat package. This package was removed in WP 6.3, so these excludes are no longer necessary.

Follow-up to [46290], [56141].

Props jrf.
See #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56667 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-23 11:05:18 +00:00
Sergey Biryukov
d7388b594d Coding Standards: Improve organization of the PHPCompatibility ruleset.
This commit:
* Adds section headers to the ruleset file.
* Organizes all directives in their respective sections.

No functional changes.

Props jrf.
See #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56666 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-23 10:56:24 +00:00
Joe Dolson
32ba91e6f5 Administration: Switch order of label/checkbox in WP_List_Table.
Move the label after the checkbox in `WP_List_Table` instances. Resolve a false positive that will be presented by automated accessibility testing tools. Follow up to [55954].

Props dimitrism, joedolson, sabernhardt, oglekler, marybaum, tobiasbg.
Fixes #58703.

git-svn-id: https://develop.svn.wordpress.org/trunk@56665 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 19:56:48 +00:00
Adam Silverstein
9608dd5f69 Security: remove the cron event that checked for https support.
Fix an issue where a cron job ran every 12 hours to check for https support - even when https support was already enabled. The check is now run only when the user visits the Site Health page. Reducing the unneeded requests lowers the impact and load of hosting WordPress sites.

The `wp_update_https_detection_errors` function is deprecated and the `https_detection_errors` option that was previously set by the cron job is no longer maintained. The `pre_wp_update_https_detection_errors` filter is deprecated and replaced by the `pre_wp_get_https_detection_errors` filter  which serves the same function.

Props audrasjb, johnbillion, Michi91.
Fixes #58494.



git-svn-id: https://develop.svn.wordpress.org/trunk@56664 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 19:06:45 +00:00
Joe Dolson
b891120f8b Administration: Remove duplicate wp_admin_notice() call.
Remove duplicate success message displayed in `wp-admin/upload.php`. Follow up to [56573].

Props davidbinda.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56663 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 18:17:44 +00:00
Joe Dolson
34d73cbcf6 Code Modernization: Rename reserved keyword used as variable.
Change the `$echo` parameter added to `wp_update_php_annnotation()` to `$display` to avoid using reserved PHP keywords as parameters. Follow up to [56570].

Props kebbet, mukesh27.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56662 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 18:12:12 +00:00
Jonathan Desrosiers
5523bd276b Build/Test Tools: Introduce install and upgrade testing workflows.
This introduces GitHub Action workflows for testing the installation and upgrade process to ensure there are no unexpected issues. The goal of these workflows is to replicate some of the manual testing that happens during the release process. This does not replace that testing which is a fantastic, low barrier way for someone newer to contributing to get involved. Instead, it should serve as an additional sanity check to ensure no combinations are missed.

The installation workflow tests installing the latest or specified version of WordPress on all PHP and MySQL version combinations for both single and multisite.

The upgrade testing will test upgrading from each branch that still receives security updates to the latest or specified version on all PHP and MySQL version combinations for both single and multisite.

Both workflows confirm that no errors are encountered when using WP-CLI to install or upgrade WordPress. No test assertions of any type are currently performed, but adding some will be explored.

Props costdev, azaozz, ironprogrammer, desrosj.
See #58977.

git-svn-id: https://develop.svn.wordpress.org/trunk@56661 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 17:41:11 +00:00
Jonathan Desrosiers
ba71767faf Build/Test Tools: Simplify some logic in GitHub Action workflows.
This simplifies the logic within the `slack-notifications` and `failed-workflow` steps in GitHub Action workflows to use the `contains()` function and object filtering.

This makes it simpler to perform the needed checks by removing the need to list out every single dependent job defined in `needs`.

See #58867.

git-svn-id: https://develop.svn.wordpress.org/trunk@56660 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 14:28:01 +00:00
Jonathan Desrosiers
8baf4f643c Build/Test Tools: Update the environment variable for skipping browser binaries.
This changes the environment variable used in GitHub Action workflows to skip downloading the browser binary that’s a peer dependency when it’s not needed.

In [56647], the version of `puppeteer` peer-dependency was bumped to `>= 20.0.0`. Starting in version `20.0.0`, puppeteer switched to using Chrome for testing instead of Chromium. With this release, the `PUPPETEER_SKIP_CHROMIUM_DOWNLOAD` environment variable was removed in favor of the more generic `PUPPETEER_SKIP_DOWNLOAD`.

All workflows that do not need a browser binary now contain the correct `PUPPETEER_SKIP_CHROMIUM_DOWNLOAD` variable.

Follow up to [56647].

See #58863.

git-svn-id: https://develop.svn.wordpress.org/trunk@56659 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 13:55:14 +00:00
Sergey Biryukov
e413569b67 Media: Use correct option name for attachment pages in upgrade_640().
Follow-up to [56657].

See #57913.

git-svn-id: https://develop.svn.wordpress.org/trunk@56658 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 01:16:42 +00:00
Sergey Biryukov
15e37005db Media: Disable attachment pages for new installations.
WordPress creates attachment pages by default for every attachment uploaded. On the vast majority of sites, these attachment pages don't contain any meaningful information. They do however exist, get indexed by search engines, and sometimes even rank in search results, leading to bad results for users and site owners.

This commit introduces a `wp_attachment_pages_enabled` database option to control the attachment pages behavior:

* On existing sites, the option is set to `1` on upgrade, so that attachment pages continue to work as is.
* For new sites, the option is set to to `0` by default, which means attachment pages are redirected to the attachment URL.
* Sites that want to enable or disable the attachment pages can set the option to `1` or `0`, respectively.

Follow-up to [2958], [3303], [7149], [34690].

Props aristath, poena, afercia, joostdevalk, jonoaldersonwp, azaozz, johnbillion, joedolson, basiliskan, audrasjb, davelo, rilwis, manfcarlo, tyxla, garrett-eclipse, seedsca, eatingrules, matveb, antpb, zodiac1978, oglekler, zunaid321, costdev, SergeyBiryukov.
Fixes #57913.

git-svn-id: https://develop.svn.wordpress.org/trunk@56657 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-22 00:02:28 +00:00
Jonny Harris
e486ac0745 Query: Improved handling of filtered queries in WP_Query.
The `WP_Query` class enables developers to customize queries using filters like `posts_fields_request`, `posts_request`, and `the_posts`, which can modify both the queried fields and retrieved post objects. In some cases with these filters, incomplete or invalid post objects lacking essential data may arise. To address this, if any of these filters are active during a query, the `get_posts` method now avoids caching post objects with the usual `update_post_caches` function call, opting for a call to `_prime_post_caches` instead. This may occasionally trigger new database queries to prime the post data cache. While this enhancement may result in rare additional database queries, it ensures that invalid post objects aren't cached, prioritizing data consistency and integrity in filtered query scenarios.

Props saulirajala, spacedmonkey, flixos90, mukesh27, peterwilsoncc.
Fixes #58599.

git-svn-id: https://develop.svn.wordpress.org/trunk@56656 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 19:32:55 +00:00
Jonathan Desrosiers
58d47f5c80 HTTP API: Deprecate WP_Http_Curl and WP_Http_Streams classes.
These classes have not been used in WordPress Core since the Requests library was introduced in [37428]. These classes are now deprecated in favor of `WP_Http`.

There are two remaining spots in Core that reference these classes:
- The `WP_Http::_dispatch_request()` method, which was marked as deprecated in favor of `WP_Http::request()` in [42766]/[44346].
- The `WP_Http::_get_first_available_transport()`.

That latter is now also marked as deprecated in favor of `\WpOrg\Requests\Requests::get_transport_class()`.

Props SergeyBiryukov, rajinsharwar, hellofromTonya.
Fixes #58705.

git-svn-id: https://develop.svn.wordpress.org/trunk@56655 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 18:27:17 +00:00
Joe Dolson
b9adbb33da Login and Registration: Improve HTML for errors and notices.
Improve markup on Login and Registration errors. Use list markup for multiple issues, paragraph when only one to reduce semantic burden in the most common case. Normalize classes and markup for wrapper using `wp_admin_notice()` and `wp_get_admin_notice()` functions. Move definition of those functions from `wp-admin\includes\misc.php` to `wp-includes\functions.php`. Move tests to functions group. 

Props extendwings, sabernhardt, afercia, lukecavanagh, rianrietveld, oglekler, sergeybiryukov, costdev, joedolson.
Fixes #30685.

git-svn-id: https://develop.svn.wordpress.org/trunk@56654 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 18:22:10 +00:00
Joe Dolson
fa0969d06a Coding Standards: Remove unused variable el in monitorPopup.
Remove an unused variable to resolves coding standards failure. Follow up to [56651].

Props joedolson.
See #58756.

git-svn-id: https://develop.svn.wordpress.org/trunk@56653 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 18:02:22 +00:00
Joe Dolson
ad4a7b8879 Media: Close image rotation menu when not focused.
Implement a focus monitor so that if user focus moves away from the image rotation menu, it closes and doesn't block the image editing canvas. Follow up to [56239], [55919].

Props nithi22, deepakvijayan, dharm1025, faisal03.
Fixes #58756.

git-svn-id: https://develop.svn.wordpress.org/trunk@56652 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 17:47:42 +00:00
Felix Arntz
22b71b755d Media: Introduce filters to customize the results from wp_get_loading_optimization_attributes().
This changeset introduces two filters that allow customizing the loading optimization attributes array returned from `wp_get_loading_optimization_attributes()` for individual HTML tags:
* The `wp_get_loading_optimization_attributes` filter can be used to modify the results from the WordPress core logic.
* The `pre_wp_get_loading_optimization_attributes` filter can be used to use entirely custom logic and effectively short-circuit the core function.

Props pereirinha, mukesh27, spacedmonkey, joemcgill.
Fixes #58893.


git-svn-id: https://develop.svn.wordpress.org/trunk@56651 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 16:35:30 +00:00
Jonny Harris
c1247f6a27 Taxonomy: Stop double sanitization in get_term function.
In the `get_term` function, the filter method is invoked on the `WP_Term` object, which subsequently triggers the execution of `sanitize_term`. The filter method is also executed within `WP_Term::get_instance`.

A common scenario when calling the `get_term` function is to invoke the function with an integer ID for the term and a filter set to "raw." This results in a call to `WP_Term::get_instance`. However, since both `get_term` and `WP_Term::get_instance` invoke the filter method, it leads to double sanitization of the term.

Considering that `get_term` may be called thousands of times on a page, especially when priming a large number of terms into memory, this redundancy can result in thousands of unnecessary calls to `sanitize_term`. Performing the same sanitization operation twice with the same parameters is wasteful and detrimental to performance.

To address this issue, the code has been updated to execute the filter method only when the filter parameter does not match or when changes have been made to the term object within the get_term hook. This optimization ensures that the filter is applied selectively, mitigating performance concerns and avoiding unnecessary sanitization calls.

Props spacedmonkey, flixos90, costdev, mukesh27, joemcgill, oglekler, peterwilsoncc.
Fixes #58329.

git-svn-id: https://develop.svn.wordpress.org/trunk@56650 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 16:34:59 +00:00
Bernie Reiter
f21ccabadb Blocks: Implement automatic block insertion into Block Hooks.
Block Hooks allow a third-party block to specify a position relative to a given block into which it will then be automatically inserted (e.g. a "Like" button block can ask to be inserted after the Post Content block, or an eCommerce shopping cart block can ask to be inserted after the Navigation block).

The underlying idea is to provide an extensibility mechanism for Block Themes, in analogy to WordPress' [https://developer.wordpress.org/plugins/hooks/ Hooks] concept that has allowed extending Classic Themes through filters and actions.

The two core tenets for Block Hooks are:

1. Insertion into the frontend should happen right after a plugin containing a hooked block is activated (i.e. the user isn't required to insert the block manually in the editor first); similarly, disabling the plugin should remove the hooked block from the frontend.
2. The user has the ultimate power to customize that automatic insertion: The hooked block is also visible in the editor, and the user's decision to persist, dismiss (i.e. remove), customize, or move it will be respected (and reflected on the frontend).

To account for both tenets, the **tradeoff** was made to limit automatic block insertion to unmodified templates (and template parts, respectively). The reason for this is that the simplest way of storing the information whether a block has been persisted to (or dismissed from) a given template (or part) is right in the template markup.

To accommodate for that tradeoff, [https://github.com/WordPress/gutenberg/pull/52969 UI controls (toggles)] are being added to increase visibility of hooked blocks, and to allow for their later insertion into templates (or parts) that already have been modified by the user.

For hooked blocks to appear both in the frontend and in the editor (see tenet number 2), they need to be inserted into both the frontend markup and the REST API (templates and patterns endpoints) equally. As a consequence, this means that automatic insertion couldn't (only) be implemented at block ''render'' stage, as for the editor, the ''serialized'' (but ''unrendered'') markup needs to be modified.

Furthermore, hooked blocks also have to be inserted into block patterns. Since practically no filters exist for the patterns registry, this has to be done in the registry's `get_registered` and `get_all_registered` methods.

Props gziolo.
Fixes #59313.

git-svn-id: https://develop.svn.wordpress.org/trunk@56649 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 16:16:05 +00:00
Felix Arntz
6b50b1b47e Options, Meta APIs: Add further test coverage for comparison between old and new option value.
This ensures potential future changes to the logic are covered by existing tests that should pass before and after.

Props joemcgill.
See #22192.


git-svn-id: https://develop.svn.wordpress.org/trunk@56648 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 15:21:45 +00:00
Jonathan Desrosiers
d13208e291 Build/Test Tools: Update build related dependencies to their latest versions.
This updates the following npm dependencies:
- `autoprefixer` to version `10.4.16`.
- `grunt-contrib-qunit` to version `8.0.1`.
- `postcss` to version `8.4.30`.
- `react-refresh` to version `0.14.0`.
- `sass` to version `1.68.0`.
- `sinon` to version `16.0.0`.
- `uuid` to version `9.0.1`.
- `tslib` to version `2.6.2`.

This change accompanies a similar one in the Gutenberg repository: https://github.com/WordPress/gutenberg/pull/54657.

Props gziolo, desrosj.
Fixes #58863.

git-svn-id: https://develop.svn.wordpress.org/trunk@56647 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 13:24:50 +00:00
Jonathan Desrosiers
9db15f2863 External Libraries: Update the polyfill-library package.
This updates the `wp-polyfill-node-contains` and `'wp-polyfill-dom-rect` scripts to the latest version, `4.8.0`.

These scripts are no longer used by WordPress Core, but are kept up to date as a courtesy.

Props rajinsharwar, hrshahin, oglekler.
Fixes #59077.

git-svn-id: https://develop.svn.wordpress.org/trunk@56646 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 12:26:53 +00:00
Sergey Biryukov
ecaef7c4f7 REST API: Remove unused variable in WP_REST_Server::match_request_to_handler().
Previously initialized in `WP_REST_Server::dispatch()`, the `$response` variable became unused when the logic was split into two new methods, `::match_request_to_handler()` and `::respond_to_request()`.

Follow-up to [34928], [48947].

Props upadalavipul, mukesh27.
Fixes #59420.

git-svn-id: https://develop.svn.wordpress.org/trunk@56645 602fd350-edb4-49c9-b593-d223f7449a82
2023-09-21 12:17:42 +00:00