🎵 60,000 certs on the wall. 60,000 certs. Take one down, pass it around, 59,999 certs on the wall. 🎵
The Root Certificate bundle maintained by Mozilla ships in WordPress to allow SSL certificates to be verified on hosts with incomplete, outdated, or invalid local SSL configurations.
This updates the `ca-bundle.crt` file to the latest version, which applies upstream changes from the bundle maintained by Mozilla and keeps all unexpired legacy 1024bit certificates which are kept for backward compatibility purposes (see [35919]).
This equals `alot` of certificates.
Partially merges [59740] and [59969] to the 6.0 branch.
Props johnbillion, desrosj, whyisjake, ayeshrajans, SergeyBiryukov, swissspidy, skithund, barry, joedolson.
Fixes#60000. See #62811, #62711.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@60000 602fd350-edb4-49c9-b593-d223f7449a82
The previous domain that was used to test for a host whose IPv4 address cannot be resolved, `exampleeeee.com`, got registered and has an A-record now, so it's not invalid anymore.
`.invalid` is intended for use in online construction of domain names that are sure to be invalid and which it is obvious at a glance are invalid.
Reference: [https://datatracker.ietf.org/doc/html/rfc2606#section-2 Reserved Top Level DNS Names: TLDs for Testing, & Documentation Examples].
Follow-up to [52084], [58384], [58388].
Reviewed by peterwilsoncc.
Merges test changes from [59293] to the 6.0 branch.
Props sippis, johnbillion, MattyRob, swissspidy, SergeyBiryukov.
Fixes#62303.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@59304 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default values for `LOCAL_PHP` and `LOCAL_DB_VERSION` in the 6.0 branch from `latest` to `8.1-fpm` (with beta support) and `5.7`, respectively, to properly reflect the highest versions of PHP and MySQL that this branch will support.
See #61533.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@58663 602fd350-edb4-49c9-b593-d223f7449a82
- Editor: Fix Path Traversal issue on Windows in Template-Part Block.
- Editor: Sanitize Template Part HTML tag on save.
Merges [58470], [58471], [58472] and [58473] to the 6.0 branch.
Props xknown, peterwilsoncc, jorbin, bernhard-reiter, azaozz.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@58481 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.0 branch to utilize the new reusable workflows in trunk introduced in [58165].
This also includes backports for a some additional improvements and bug fixes that are necessary for the local development environment to continue working long term:
- The `image` and `platform` properties for the `mysql` container have been updated to always prefer `amd64` containers (#60822).
- `macos-13` is now pinned for MacOS jobs instead of `macos-latest` (#61340).
- Run E2E tests with and without `SCRIPT_DEBUG` (#58661).
- Migrating to Docker Compose V2 (#60901).
- Removing the `version` property from `docker-compose.yml` (#59416).
- Improvements to how artifacts and comments for Playground testing are generated.
- Removing SVN related commands causing failures (#61216).
- Updating the `actions/github-scripts` action to the latest version.
- Move the Memcached container into the Docker Compose config (#55700).
- Configure Xdebug modes in the local Docker environment (#56022).
Merges [53895], [53552], [56113], [56114], [57918], [58157], [57124], [57125], [57249] to the 6.0 branch.
Props johnbillion, joemcgill, swissspidy, thelovekesh, narenin, mukesh27, JeffPaul, peterwilsoncc, zieladam, ockham, SergeyBiryukov, jorbin, Clorith, afragen.
See #55700, #61340, #60822, #61216, #60901, #61101, #59416, #59805, #61213, #58661.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@58357 602fd350-edb4-49c9-b593-d223f7449a82
This warning is legitimate but needs to be investigated more thoroughly across all branches. Ignoring these files allows the build to complete without warnings.
Props gziolo, jorbin, desrosj
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@57958 602fd350-edb4-49c9-b593-d223f7449a82
Due to some changes on the WP.com side to compress the requested images on the fly, the exact image size in the response could be different between platforms.
This commit aims to make the affected tests more reliable.
Follow-up to [139/tests], [31258], [34568], [47142], [57903], [57904], [57924].
Merges [57931] to the 6.0 branch.
Props peterwilsoncc, jorbin.
See #60865.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@57942 602fd350-edb4-49c9-b593-d223f7449a82
- Install: When populating options, maybe_serialize instead of always serialize.
- Uploads: Check for and verify ZIP archives.
Merges [57388] and [57389] to the 6.0 branch.
Props costdev, peterwilsoncc, azaozz, tykoted, johnbillion, desrosj, afragen, jorbin, xknown.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@57395 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default value for `LOCAL_PHP` in the 6.0 branch from `latest` to `8.1-fpm` to reflect the highest version of PHP this branch will support (with beta support).
After this change, future updates to the `latest` container built and published by the `wpdev-docker-images` repository will not cause failures in this branch.
This also pins the version of PHP used in the E2E test workflow to PHP 8.0 to avoid deprecated notices mostly related to #54914, which was not fixed until version 6.1.
Follow up to [57198], [57199], [57200], [57201].
See #60095.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@57202 602fd350-edb4-49c9-b593-d223f7449a82
- REST API: Limit `search_columns` for users without `list_users`.
- Comments: Prevent users who can not see a post from seeing comments on it.
- Application Passwords: Prevent the use of some pseudo protocols in application passwords.
- Restrict media shortcode ajax to certain type
- REST API: Ensure no-cache headers are sent when methods are overriden.
- Prevent unintended behavior when certain objects are unserialized.
Merges [56833], [56834], [56835], [56836], [56837], and [56838] to the 6.0 branch.
Props xknown, jorbin, Vortfu, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, martinkrcho, paulkevan, dd32, antpb, rmccue.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@56870 602fd350-edb4-49c9-b593-d223f7449a82
As of PHP 8.1.12, which includes libmagic/file update to version 5.42, the expected mime type for WOFF files has changed to `font/woff`, so the type needs to be adjusted accordingly in `wp_check_filetype_and_ext()` tests.
References:
* [https://github.com/php/php-src/issues/8805 php-src: #8805: finfo returns wrong mime type for woff/woff2 files]
* [https://www.php.net/ChangeLog-8.php#8.1.12 PHP 8.1.12 changelog]
Follow-up to [40124], [54508], [54509], [54724].
Props desrosj, jrf, costdev, SergeyBiryukov.
Merges [55462] to the 6.0 branch.
Fixes#56817.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@55497 602fd350-edb4-49c9-b593-d223f7449a82
This updates three GitHub Actions to their latest versions:
- `shivammathur/setup-php`
- `actions/cache`
- `wow-actions/welcome`
The welcome action now uses the `GITHUB_TOKEN` by default, so it no longer needs to be passed manually.
Merges [54651] and [55487] to the 6.0 branch.
See #56793, #57572.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@55490 602fd350-edb4-49c9-b593-d223f7449a82
This backports several changesets to GitHub Actions workflows. These changesets:
- address the deprecated notices related to `save-output` and `set-output` to ensure the workflows continue to run after these are removed.
- adds support for automatically retrying a failed workflow once.
- backports some Docker environment related tooling updates for the sake of consistency across branches.
Merges [53628], [53636], [53736], [53737], [53895], [53940], [53947], [54039], [54096], [54108], [54293], [54297], [54313], [54342], [54343], [54371], [54373], [54511], [54649], [54650], [54674], [54678], [54750], [54851], [54852], [54856], [54921], [55152] to the 6.0 branch.
See 55702, #52708, #55652, #55652, #55700, #55652, #56407, #56407, #56528, #55652, #55652, #55652, #54695, #55652, #55652, #55652, #55652, #56820, #56820, #56816, #55652, #55652, #56820, #56793, #56793, #53841, #57148, #57572, #56682.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@55482 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adds two additional translation strings in the changelog file, for use when releasing the final version of WordPress on a particular branch.
Props peterwilsoncc, audrasjb, mukesh27.
Merges [55350] to the 6.0 branch.
Fixes#57216.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@55372 602fd350-edb4-49c9-b593-d223f7449a82
Remove wordpress.org as an external dependency testing `WP_HTTP::handle_redirects()`.
This refactors and reenables an existing test to call the `WP_HTTP::handle_redirects()` method directly with a mocked array of HTTP headers containing multiple location headers.
The test is moved from the external-http group to the http test group as it no longer makes an HTTP request.
Follow up to [54955].
Props SergeyBiryukov, dd32, peterwilsoncc.
Merges [54968] to the 6.0 branch.
Fixes#57306.
See #56793.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@54975 602fd350-edb4-49c9-b593-d223f7449a82
This resolves a bug in Featured Image blocks where `object-fit` was being removed during the `render_callback`.
Props raduiason, pbiron, kebbet, SergeyBiryukov, bernhard-reiter, ironprogrammer, xknown, audrasjb, ckanderson22, ivanjeronimo, seriouslysenpai, davidbaumwald.
Merges [54675] to the 6.0 branch.
Fixes#56855.
git-svn-id: https://develop.svn.wordpress.org/branches/6.0@54763 602fd350-edb4-49c9-b593-d223f7449a82
