Remove wordpress.org as an external dependency testing `WP_HTTP::handle_redirects()`.
This refactors and reenables an existing test to call the `WP_HTTP::handle_redirects()` method directly with a mocked array of HTTP headers containing multiple location headers.
The test is moved from the external-http group to the http test group as it no longer makes an HTTP request.
Follow up to [54955].
Props SergeyBiryukov, dd32, peterwilsoncc.
Merges [54968] to the 4.9 branch.
Fixes#57306.
See #56793.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@54986 602fd350-edb4-49c9-b593-d223f7449a82
Add strings for use in future maintenance/security releases to indicate the security support status of the version of WordPress.
Two strings are introduced:
* indicating the version of WordPress is not receiving security updates, and,
* indicating the version of WordPress will shortly stop receiving security updates.
This change does not make use of the strings, the purpose is to make them available to translators prior to dropping support of selected versions of WordPress.
Props costdev, chesio, robinwpdeveloper, desrosj, rudlinkon, mukesh27, sumitbagthariya16.
Merges [54322] to the 4.9 branch.
See #56532.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@54451 602fd350-edb4-49c9-b593-d223f7449a82
PHPCS scanning was added in WordPress 5.1, so the status of those checks should not be checked when passing the workflow results to the Slack notifications workflow.
See #56095.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@53612 602fd350-edb4-49c9-b593-d223f7449a82
This backports several changesets that are required to remove the reliance on the `workflow_run` event for posting Slack notifications.
The Slack notification workflow will now be called as a reusable one, which has several benefits (see [53591]).
Several other minor GitHub Actions related updates are also being backported in this commit to maintain tooling consistency across branches that still receive security updates as a courtesy when necessary.
Workflows that are not relevant to this branch that were mistakenly backported are also being deleted.
Merges [50473], [50704], [50796], [50930], [51341], [51355], [51498], [51511], [51535], [51924], [51925], [51937], [52002], [52130], [52183], [52233], [53112], [53581], [53582], [53592] to the 4.9 branch.
See #56095.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@53609 602fd350-edb4-49c9-b593-d223f7449a82
This updates the "jquery-query" library from version 2.1.7 to 2.2.3.
Props jorbin, peterwilsoncc, xknown, audrasjb, jorgefilipecosta.
Merges [52844] to the 4.9 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@52857 602fd350-edb4-49c9-b593-d223f7449a82
* REST API: Allow authors to read their own password protected posts.
* About page update
Merges [50717] to the 4.9 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@50732 602fd350-edb4-49c9-b593-d223f7449a82
This backports several build and test tool improvements to the 4.9 branch. Most notably, this includes:
- The changes required to allow each workflow to be triggered by the `workflow_dispatch` event so that tests can be run on a schedule [50590].
- Splitting single site and multisite tests into parallel jobs [50379].
- Split slow tests into separate, parallel jobs for PHP <= 5.6 [50444].
- Better branch and path scoping for GitHub Action workflows when running on `pull_request` [50432,50479].
- Several `devDependency` updates.
Merges [50379,50387,50413,50416,50432,50435,50436,50444,50446,50473,50474,50476,50479,50485,50486,50487,50545,50579,50590] to the 4.9 branch.
See #50401, #51801, #51802, #52548, #52608, #52612, #52624, #52625, #52645, #52653, #52658, #52660, #52667.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@50625 602fd350-edb4-49c9-b593-d223f7449a82
This commit merges the workflow files required to run automated testing on GitHub Actions.
In addition, [49836] and [50285] have been included in order to keep the local Docker environment consistent across all branches.
Merges [49162,49168-49169,49175,49204,49227-49228,49244,49369,49371,49548,49781-49784,49786,49836,49938,50268,50285,50298] to the 4.9 branch.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@50308 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 4.9 branch to support the latest LTS version of NodeJS (currently 14.x), allowing the same version to be used across all WordPress branches that receive security updates as a courtesy.
This also replaces the `npm-shrinkwrap.json` with a `package-lock.json` file. Lock files were not supported in earlier versions of NPM, but can now be used.
In addition to backporting the package updates that happened after branching 4.9, dependencies that were removed in future releases have also been updated to their latest versions.
Props desrosj, dd32, netweb, jorbin.
Merges [42460-42461,42463,42887,43320,43323,43977,44219,44233,44728,45321,45765,46404,46408-46409,47404,47867-47869,47872-47873,48705,49636,49933,49937,49939,50017,50126,50176,50185,50192] to the 4.9 branch.
See #52341.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@50202 602fd350-edb4-49c9-b593-d223f7449a82
Move `skipTestOnTimeout()` to `WP_UnitTestCase_Base` to avoid duplication.
Merges [46682] and [46996] to the 4.9 branch.
See #51669.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@50096 602fd350-edb4-49c9-b593-d223f7449a82
In [49162], GitHub Action workflow configuration files were introduced to run all of Core’s automated testing with the intent to fully transition after some time was allowed for testing.
After two full months of testing, the time to finish this transition has come.
We thank TravisCI for testing the codebase through nearly 20 major and many more minor releases.
Merges [49876] to the 4.9 branch.
See #52161. See #50401.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@49884 602fd350-edb4-49c9-b593-d223f7449a82
Let's match up the versions from package.json, .travis.yml and .nvmrc.
This is the commit for the 4.9 branch.
Fixes#51682.
Props SergeyBiryukov, desrosj, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@49653 602fd350-edb4-49c9-b593-d223f7449a82
This commit introduces the Docker-based local WordPress development environment to the 4.9 branch and converts the Travis test jobs to utilize this environment for easier and more consistent testing.
Until existing blockers with the PHP 5.2 Docker container can be solved, the PHP 5.2 test job will remain using the Travis `precise` image.
Merges [45745,45762,45783-45784,45800,45819,45885,46320,46999,47225,47912,48121,49335,49358,49360,49362] to the 4.9 branch.
See #48301, #47767.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@49530 602fd350-edb4-49c9-b593-d223f7449a82
Fix off-by-one error in pixel color checks for rotate and flip image tests. Change to using PNG with single pixel to ensure that errors are caught in the future, rather than lost in JPEG noise.
Props Fuegas, mikeschroder.
Merges [45067] to the 4.9 branch.
See #46073, #48301.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@49519 602fd350-edb4-49c9-b593-d223f7449a82
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.
Brings the changes from [49380,49382-49388] to the 4.9 branch.
Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@49397 602fd350-edb4-49c9-b593-d223f7449a82
Rename the `$keep` parameter of both filters to `$screen_option` for clarity, update the documentation to better reflect its purpose.
Follow-up to [47951].
Props Chouby, sswells, SergeyBiryukov.
Merges [48241] to the 4.9 branch.
Fixes#50392.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@48249 602fd350-edb4-49c9-b593-d223f7449a82
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.
Merges [47948-47951] to the 4.9 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@47967 602fd350-edb4-49c9-b593-d223f7449a82
User: Invalidate `user_activation_key` on password update.
Query: Ensure that only a single post can be returned on date/time based queries.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand `sanitize_file_name` to have better support for utf8 characters.
Brings the changes in [47633], [47634], [47635], [47637], and [47638] to the 4.9 branch.
Props: batmoo, ehti, nickdaugherty, peterwilsoncc, sergeybiryukov, sstoqnov, westi, westonruter, whyisjake, whyisjake, xknown.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@47648 602fd350-edb4-49c9-b593-d223f7449a82
Props: danielbachhuber, whyisjake, peterwilson, xknown.
Brings r46893 to the 4.9 branch.
Update `wp_kses_bad_protocol()` to recognize `:` on uri attributes,
`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.
Brings r46895 to the 4.9 branch.
Props: xknown, nickdaugherty, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46918 602fd350-edb4-49c9-b593-d223f7449a82
This removes the PHP 5.6 job which runs without an object cache in place as the likelihood of a change being backported that only breaks 5.6 environments without an object cache is small.
Merges [45005] into the 4.9 branch.
See #42387
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45006 602fd350-edb4-49c9-b593-d223f7449a82