The Root Certificate bundle maintained by Mozilla ships in WordPress to allow SSL certificates to be verified on hosts with incomplete, outdated, or invalid local SSL configurations.
This updates the `ca-bundle.crt` file to the latest version, which applies upstream changes from the bundle maintained by Mozilla and keeps all unexpired legacy 1024bit certificates which are kept for backward compatibility purposes (see [35919]).
Partially merges [59740] and [59969] to the 6.3 branch.
Props johnbillion, desrosj, whyisjake, ayeshrajans, SergeyBiryukov, swissspidy, skithund, barry.
See #62811, #62711.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@59997 602fd350-edb4-49c9-b593-d223f7449a82
The previous domain that was used to test for a host whose IPv4 address cannot be resolved, `exampleeeee.com`, got registered and has an A-record now, so it's not invalid anymore.
`.invalid` is intended for use in online construction of domain names that are sure to be invalid and which it is obvious at a glance are invalid.
Reference: [https://datatracker.ietf.org/doc/html/rfc2606#section-2 Reserved Top Level DNS Names: TLDs for Testing, & Documentation Examples].
Follow-up to [52084], [58384], [58388].
Props sippis, johnbillion, MattyRob, swissspidy.
Fixes#62303.
Reviewed by
Merges [59293] to the 6.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@59301 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default values for `LOCAL_PHP` and `LOCAL_DB_VERSION` in the 6.3 branch from `latest` to `8.2-fpm` (with beta support) and `5.7`, respectively, to properly reflect the highest versions of PHP and MySQL that this branch will support.
See #61533.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@58660 602fd350-edb4-49c9-b593-d223f7449a82
- Editor: Fix Path Traversal issue on Windows in Template-Part Block.
- Editor: Sanitize Template Part HTML tag on save.
- HTML API: Run URL attributes through `esc_url()`.
Merges [58470], [58471], [58472] and [58473] to the 6.3 branch.
Props xknown, peterwilsoncc, jorbin, bernhard-reiter, azaozz, dmsnell, gziolo.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@58476 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.3 branch to make use of [58345], which fixes a bug where a ZIP file with built WordPress is not saved as an artifact causing the performance workflow to fail.
Merges [53845] to the 6.3 branch.
Props jorbin.
See #59416.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@58348 602fd350-edb4-49c9-b593-d223f7449a82
This updates the 6.3 branch to utilize the new reusable workflows in trunk introduced in [58165].
This also includes backports for a some additional improvements and bug fixes that are necessary for the local development environment to continue working long term:
- The `image` and `platform` properties for the `mysql` container have been updated to always prefer `amd64` containers (#60822).
- `macos-13` is now pinned for MacOS jobs instead of `macos-latest` (#61340).
- Removes the performance testing workflow. This workflow was overhauled in 6.4 to use Playwright. Continuing to support Puppeteer-based performance testing in 6.1-6.3 (which was historically very flaky) in a reusable workflow outweighs the benefit.
- Migrating to Docker Compose V2 (#60901).
- Removing the `version` property from `docker-compose.yml` (#59416).
- Improvements to how artifacts and comments for Playground testing are generated.
- Removing SVN related commands causing failures (#61216).
- Updating the `actions/github-scripts` action to the latest version.
Merges [57918], [58157], [57124], [57125], [57249] to the 6.3 branch.
Props johnbillion, joemcgill, swissspidy, thelovekesh, narenin, mukesh27, JeffPaul, peterwilsoncc, zieladam, ockham, SergeyBiryukov, jorbin.
Fixes#61340, #60822. See #61216, #60901, #61101, #59416, #59805, #61213.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@58300 602fd350-edb4-49c9-b593-d223f7449a82
The purpose of `tests/e2e/specs/gutenberg-plugin.test.js` is to ensure that running the Gutenberg plugin (stable version) on a WordPress `trunk` install doesn't produce any fatals.
The test was introduced in [54913], i.e. it has been around since WP 6.2. It makes sense to have it present on older branches, as the Gutenberg plugin not only supports `trunk`, but also the current stable version of WordPress (i.e. currently 6.5), and one version below (6.4). However, it is not expected to work on any earlier versions beyond that; in practice, it has produced errors on some of those.
Additionally, the test was migrated from Puppeteer to Playwright after WP 6.3, so it's not possible to simply backport [58046] (which would skip the test from running on outdated WP versions) to the 6.3 branch.
As a consequence, it makes most sense to remove the test from the 6.3 branch altogether, as has already been done for 6.2.
Follow-up to [57972].
Props jorbin, johnbillion, swissspidy.
See #60971.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@58047 602fd350-edb4-49c9-b593-d223f7449a82
Due to some changes on the WP.com side to compress the requested images on the fly, the exact image size in the response could be different between platforms.
This commit aims to make the affected tests more reliable.
Follow-up to [139/tests], [31258], [34568], [47142], [57903], [57904], [57924].
Merges [57931] to the 6.3 branch.
Props peterwilsoncc, jorbin.
See #60865.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@57939 602fd350-edb4-49c9-b593-d223f7449a82
- Install: When populating options, maybe_serialize instead of always serialize.
- Uploads: Check for and verify ZIP archives.
Merges [57388] and [57389] to the 6.3 branch.
Props costdev, peterwilsoncc, azaozz, tykoted, johnbillion, desrosj, afragen, jorbin, xknown.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@57392 602fd350-edb4-49c9-b593-d223f7449a82
This changes the default value for `LOCAL_PHP` in the 6.3 branch from `latest` to `8.2-fpm` to reflect the highest version of PHP this branch will support (with beta support).
After this change, future updates to the `latest` container built and published by the `wpdev-docker-images` repository will not cause failures in this branch.
Follow up to [57198].
See #60095.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@57199 602fd350-edb4-49c9-b593-d223f7449a82
In WordPress 6.3, [https://wordpress.org/documentation/article/reusable-blocks/ Reusable Blocks were renamed to Patterns]. A synced pattern will behave in exactly the same way as a reusable block.
This commit updates some references in DocBlocks and inline comments to use the new name.
Follow-up to [56030].
Reviewed by hellofromTonya.
Merges [57032] and [57033] to the 6.3 branch.
Props benjaminknox, oglekler, hellofromTonya, marybaum, nicolefurlan.
Fixes#59388.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@57041 602fd350-edb4-49c9-b593-d223f7449a82
Merges [57012] to 6.3 branch.
[56834] adjusted the order of activity inside the rest server responses. This lead to the rest_pre_serve_request filter potentially blocking the sending of the no cache headers. This moves that action back to being after the sending of no cache headers has finished to restore the pre 6.3.2 order of these two actions.
Props perrelet, SergeyBiryukov, peterwilsoncc, hellofromTonya.
Fixes#59722.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@57015 602fd350-edb4-49c9-b593-d223f7449a82
Updates editor npm packages to latest patch versions for the 6.3.x branch.
This changeset is specifically for the 6.3 release branch.
Props mamaduka, gziolo, xknown, peterwilsoncc, jorbin, costdev, mcsf.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56861 602fd350-edb4-49c9-b593-d223f7449a82
This is a follow-up to [56528], which normalizes the `BLOCKS_PATH` for Windows prior to making paths relative for caches during the registration process. Prior to
this change, incorrect file paths would lead to broken styles for core blocks on Windows.
Props wildworks, pbiron, flixos90, joemcgill.
Merges [56785] to the 6.3 branch.
Fixes#59489. See #59111.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56789 602fd350-edb4-49c9-b593-d223f7449a82
Previously, bulk upgrades did not verify that a plugin package was compatible with the site's WordPress version or the server's PHP version. This could lead to
incompatible updates being installed, causing various compatibility issues and errors.
This change implements the following checks:
- If available, the API response's `requires` and `requires_php` values are checked for compatibility. This saves time, diskspace, memory and file operations by
failing the upgrade before the package is downloaded and unpacked.
- If the API check passes, the downloaded and unpacked package is verified using `Plugin_Upgrader::check_package()` to ensure a plugin file is present, and the
plugin's "RequiresWP" and "RequiresPHP" headers are compatible, if present. This ensures that a mismatch between the API response and the plugin file's headers does
not cause an incompatible plugin to be installed.
Props salcode, afragen, mukesh27, iammehedi1, zunaid321, johnbillion, SergeyBiryukov, costdev, nicolefurlan, audrasjb, nicolefurlan.
Merges [56525] to the 6.3 branch.
Fixes#59198.
--
_M 6.3
M 6.3/src/wp-admin/includes/class-plugin-upgrader.php
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56787 602fd350-edb4-49c9-b593-d223f7449a82
Updates editor npm packages to latest patch versions for the 6.3.x branch.
This changeset is specifically for the 6.3 release branch. It pulls the changes from [56520] and rebuilds them with 6.3's older node version.
Props ramonopoly, isabel_brison.
Merges [56520] to the 6.3 branch.
Fixes#59293.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56786 602fd350-edb4-49c9-b593-d223f7449a82
This changeset:
- Replaces `body` with `html` for the first CSS selector that makes text white against a dark background
- Moves `twentytwenty_block_editor_styles()` from the `enqueue_block_editor_assets` action to `enqueue_block_assets` for WordPress 6.3 and later
- Removes the obsolete `twentytwenty-block-editor-script` from the styles function to avoid an error in the iframe
Props floydwilde, poena, huzaifaalmesbah, greenshady, sabernhardt, audrasjb, pooja1210, shailu25, joemcgill.
Merges [56783] to the 6.3 branch.
Fixes#59086.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56784 602fd350-edb4-49c9-b593-d223f7449a82
This prevents erroneously copying a file from source onto itself in source.
Props westonruter, jorbin.
Merges [56461] to the 6.3 branch.
Fixes#59196.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56782 602fd350-edb4-49c9-b593-d223f7449a82
In r56093 schema caching was added above a comment instructing developers not to cache that controller's schema. However, there is no obvious penalty for re-caching
schema that is partially derived from a parent.
Caching schema in the same way in every controller is beneficial consistency, and discussion at WCUS2023 contributor day concluded we could remove this comment.
Props ahardyjpl, davidbinda, johnjamesjacoby, TimothyBlynJacobs, kadamwhite.
Fixes#59193.
See #58657.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56781 602fd350-edb4-49c9-b593-d223f7449a82
Adds the ability to process block style variations to the `remove_insecure_properties` function of theme json class.
Props dsas, ramonopoly, dean, isabel_brison, joemcgill, audrasjb.
Merges [56502] and [56778] to the 6.3 branch.
Fixes#59108.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56779 602fd350-edb4-49c9-b593-d223f7449a82
Adds `delete_posts` to capabilities for the `wp_block` post type.
Props ramonopoly, johnbillion, dhruvishah2203, audrasjb, isabel_brison, joemcgill.
Merges [56577] to the 6.3 branch.
Fixes#59041.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56777 602fd350-edb4-49c9-b593-d223f7449a82
Ensures that preview callbacks attached to the `stylesheet` and `template` filters do not run before `pluggable.php` has been included. These callbacks need functionality from `pluggable.php`.
Props scruffian, johnbillion, SergeyBiryukov, okat, azaozz.
Merges [56529] and [56757] to the 6.3 branch.
Fixes#59000.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56758 602fd350-edb4-49c9-b593-d223f7449a82
Changes fluid typography calculation to use fallback value if layout wide size is a fluid value.
Props ramonopoly, mukesh27, jastos, aurooba.
Merges [56503] to the 6.3 branch.
Fixes#58754.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56737 602fd350-edb4-49c9-b593-d223f7449a82
When encountering an HTML tag with duplicate copies of an attribute the tag processor ignores the duplicate values, according to the specification. However, when removing an attribute it must remove all copies of that attribute lest one of the duplicates becomes the primary and it appears as if no attributes were removed.
In this patch we're adding tests that will be used to ensure that all attribute copies are removed from a tag when one is request to be removed.
**Before**
{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br id="two" id='three' id>
}}}
**After**
{{{#!php
<?php
$p = new WP_HTML_Tag_Processor( '<br id=one id="two" id='three' id>' );
$p->next_tag();
$p->remove_attribute( 'id' );
$p->get_updated_html();
// <br>
}}}
Previously we have been overlooking duplicate attributes since they don't have an impact on what parses into the DOM. However, as one unit test affirmed (asserting the presence of the bug in the tag processor) when removing an attribute where duplicates exist this meant we ended up changing the value of an attribute instead of removing it.
In this patch we're tracking the text spans of the parsed duplicate attributes so that ''if'' we attempt to remove them then we'll have the appropriate information necessary to do so. When an attribute isn't removed we'll simply forget about the tracked duplicates. This involves some overhead for normal operation ''when'' in fact there are duplicate attributes on a tag, but that overhead is minimal in the form of integer pairs of indices for each duplicated attribute.
Props dmsnell, zieladam.
Merges [56684] to the 6.3 branch.
Fixes#58119.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56685 602fd350-edb4-49c9-b593-d223f7449a82
In PHPUnit 10.3.5, 9.6.13 and 8.5.34, the child processes used for process isolation now use temporary files to communicate their result to the parent process.
This caused a failure in some tests that set the `open_basedir` PHP directive to a value that did not include `sys_get_temp_dir()`.
This adds `sys_get_temp_dir()` to the `open_basedir` value set by the tests to ensure that permission is still granted for the temporary directory.
PHPUnit uses `sys_get_temp_dir()`. To ensure the result is the same, Core's `get_temp_dir()` function is not used.
References:
- https://github.com/sebastianbergmann/phpunit/issues/5356
Props desrosj, mukesh27, SergeyBiryukov, costdev.
Merges [56622] to the 6.3 branch.
See #59394.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56624 602fd350-edb4-49c9-b593-d223f7449a82
In `WP_Upgrader::delete_temp_backup()`, a malformed `sprintf()` call did not pass the value, triggering a Warning in PHP 7 and a Fatal Error in PHP 8.
This fixes the malformed `sprintf()` call by correctly passing the value.
Follow-up to [55720].
Props akihiroharai, afragen.
Merges [56550] to the 6.3 branch.
Fixes#59320.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56582 602fd350-edb4-49c9-b593-d223f7449a82
When encountering elements that imply switching into the RAWTEXT parsing state,
the Tag Processor should skip processing until exiting the RAWTEXT state.
In this patch the Tag Processor does just that, except for the case of the
deprecated XMP element which implies further and more complicated rules.
There's an implicit assumption that the SCRIPT ENABLED flag in HTML parsing
is enabled so that the contents of NOSCRIPT can be skipped. Otherwise, it would
be required to parse the contents of that tag.
Props dmsnell.
Merges [56563] to the 6.3 branch.
Fixes#59292.
git-svn-id: https://develop.svn.wordpress.org/branches/6.3@56564 602fd350-edb4-49c9-b593-d223f7449a82
