From 68c4efcd5729fbc1859f01f4a40928d5e33a0216 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Tue, 17 Dec 2024 23:56:28 +0000 Subject: [PATCH 01/44] Privacy: Use SHA-256 hashing algorithm for Gravatar. This aims to improve privacy by switching to a more secure algorithm, as an MD5 string can be reversed. Follow-up to [6748], [31107]. Props henry.wright, jucaduca, haozi, desrosj, dd32, SergeyBiryukov. See #60638. git-svn-id: https://develop.svn.wordpress.org/trunk@59532 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/link-template.php | 18 ++++++---- tests/phpunit/tests/avatar.php | 9 +++-- .../tests/rest-api/rest-schema-setup.php | 6 ++-- tests/qunit/fixtures/wp-api-generated.js | 36 +++++++++---------- 4 files changed, 38 insertions(+), 31 deletions(-) diff --git a/src/wp-includes/link-template.php b/src/wp-includes/link-template.php index 61798c379841b..a375b0ee06a4b 100644 --- a/src/wp-includes/link-template.php +++ b/src/wp-includes/link-template.php @@ -4289,7 +4289,7 @@ function the_shortlink( $text = '', $title = '', $before = '', $after = '' ) { * * @since 4.2.0 * - * @param mixed $id_or_email The avatar to retrieve a URL for. Accepts a user ID, Gravatar MD5 hash, + * @param mixed $id_or_email The avatar to retrieve a URL for. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args { * Optional. Arguments to use instead of the default arguments. @@ -4353,8 +4353,9 @@ function is_avatar_comment_type( $comment_type ) { * * @since 4.2.0 * @since 6.7.0 Gravatar URLs always use HTTPS. + * @since 6.8.0 Gravatar URLs use the SHA-256 hashing algorithm. * - * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, + * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args { * Optional. Arguments to use instead of the default arguments. @@ -4474,7 +4475,7 @@ function get_avatar_data( $id_or_email, $args = null ) { * @since 4.2.0 * * @param array $args Arguments passed to get_avatar_data(), after processing. - * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, + * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. */ $args = apply_filters( 'pre_get_avatar_data', $args, $id_or_email ); @@ -4496,7 +4497,10 @@ function get_avatar_data( $id_or_email, $args = null ) { if ( is_numeric( $id_or_email ) ) { $user = get_user_by( 'id', absint( $id_or_email ) ); } elseif ( is_string( $id_or_email ) ) { - if ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) { + if ( str_contains( $id_or_email, '@sha256.gravatar.com' ) ) { + // SHA-256 hash. + list( $email_hash ) = explode( '@', $id_or_email ); + } else if ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) { // MD5 hash. list( $email_hash ) = explode( '@', $id_or_email ); } else { @@ -4530,7 +4534,7 @@ function get_avatar_data( $id_or_email, $args = null ) { } if ( $email ) { - $email_hash = md5( strtolower( trim( $email ) ) ); + $email_hash = hash( 'sha256', strtolower( trim( $email ) ) ); } } @@ -4564,7 +4568,7 @@ function get_avatar_data( $id_or_email, $args = null ) { * @since 4.2.0 * * @param string $url The URL of the avatar. - * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, + * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. * @param array $args Arguments passed to get_avatar_data(), after processing. */ @@ -4576,7 +4580,7 @@ function get_avatar_data( $id_or_email, $args = null ) { * @since 4.2.0 * * @param array $args Arguments passed to get_avatar_data(), after processing. - * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash, + * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. */ return apply_filters( 'get_avatar_data', $args, $id_or_email ); diff --git a/tests/phpunit/tests/avatar.php b/tests/phpunit/tests/avatar.php index 97f24841e372b..baec404c81285 100644 --- a/tests/phpunit/tests/avatar.php +++ b/tests/phpunit/tests/avatar.php @@ -11,7 +11,7 @@ class Tests_Avatar extends WP_UnitTestCase { */ public function test_get_avatar_url_gravatar_url() { $url = get_avatar_url( 1 ); - $this->assertSame( preg_match( '|^https?://secure.gravatar.com/avatar/[0-9a-f]{32}\?|', $url ), 1 ); + $this->assertSame( preg_match( '|^https?://secure.gravatar.com/avatar/[0-9a-f]{64}\?|', $url ), 1 ); } /** @@ -90,9 +90,12 @@ public function test_get_avatar_url_user() { $url2 = get_avatar_url( WP_TESTS_EMAIL ); $this->assertSame( $url, $url2 ); - $url2 = get_avatar_url( md5( WP_TESTS_EMAIL ) . '@md5.gravatar.com' ); + $url2 = get_avatar_url( hash( 'sha256', WP_TESTS_EMAIL ) . '@sha256.gravatar.com' ); $this->assertSame( $url, $url2 ); + $url2 = get_avatar_url( md5( WP_TESTS_EMAIL ) . '@md5.gravatar.com' ); + $this->assertSame( preg_match( '|^https?://secure.gravatar.com/avatar/[0-9a-f]{32}\?|', $url2 ), 1 ); + $user = get_user_by( 'id', 1 ); $url2 = get_avatar_url( $user ); $this->assertSame( $url, $url2 ); @@ -267,7 +270,7 @@ public function test_get_avatar_data_should_return_gravatar_url_when_input_avata $actual_data = get_avatar_data( $comment ); $this->assertTrue( is_avatar_comment_type( $comment_type ) ); - $this->assertMatchesRegularExpression( '|^https?://secure.gravatar.com/avatar/[0-9a-f]{32}\?|', $actual_data['url'] ); + $this->assertMatchesRegularExpression( '|^https?://secure.gravatar.com/avatar/[0-9a-f]{64}\?|', $actual_data['url'] ); } /** diff --git a/tests/phpunit/tests/rest-api/rest-schema-setup.php b/tests/phpunit/tests/rest-api/rest-schema-setup.php index 4d5c269357a68..03dcb0631f133 100644 --- a/tests/phpunit/tests/rest-api/rest-schema-setup.php +++ b/tests/phpunit/tests/rest-api/rest-schema-setup.php @@ -729,9 +729,9 @@ public function test_build_wp_api_client_fixtures() { 'TagModel.meta.test_multi' => array(), 'TagModel.meta.test_tag_meta' => '', 'UsersCollection.0.link' => 'http://example.org/?author=1', - 'UsersCollection.0.avatar_urls.24' => 'https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=24&d=mm&r=g', - 'UsersCollection.0.avatar_urls.48' => 'https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=48&d=mm&r=g', - 'UsersCollection.0.avatar_urls.96' => 'https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=96&d=mm&r=g', + 'UsersCollection.0.avatar_urls.24' => 'https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=24&d=mm&r=g', + 'UsersCollection.0.avatar_urls.48' => 'https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=48&d=mm&r=g', + 'UsersCollection.0.avatar_urls.96' => 'https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=96&d=mm&r=g', 'UsersCollection.0._links.self.0.href' => 'http://example.org/index.php?rest_route=/wp/v2/users/1', 'UsersCollection.0._links.collection.0.href' => 'http://example.org/index.php?rest_route=/wp/v2/users', 'UsersCollection.1.id' => 2, diff --git a/tests/qunit/fixtures/wp-api-generated.js b/tests/qunit/fixtures/wp-api-generated.js index 4fc897a6242e7..448548aab0c07 100644 --- a/tests/qunit/fixtures/wp-api-generated.js +++ b/tests/qunit/fixtures/wp-api-generated.js @@ -13877,9 +13877,9 @@ mockedApiResponse.UsersCollection = [ "link": "http://example.org/?author=1", "slug": "admin", "avatar_urls": { - "24": "https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/96614ec98aa0c0d2ee75796dced6df54?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/9387ed9432ec25ef93df84b8a0b9697ddef435a945e7f244670c4f79f88363e9?s=96&d=mm&r=g" }, "meta": { "meta_key": "meta_value" @@ -13914,9 +13914,9 @@ mockedApiResponse.UsersCollection = [ "link": "http://example.org/?author=2", "slug": "restapiclientfixtureuser", "avatar_urls": { - "24": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=96&d=mm&r=g" }, "meta": { "meta_key": "" @@ -13953,9 +13953,9 @@ mockedApiResponse.UserModel = { "link": "http://example.org/?author=2", "slug": "restapiclientfixtureuser", "avatar_urls": { - "24": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=96&d=mm&r=g" }, "meta": { "meta_key": "" @@ -13970,9 +13970,9 @@ mockedApiResponse.me = { "link": "http://example.org/?author=2", "slug": "restapiclientfixtureuser", "avatar_urls": { - "24": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/57cbd982c963c7eb2294e2eee1b4448e?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/ea862d9636c72500beece7b1990870e2776f89c2096d0c064c14f2beb910077d?s=96&d=mm&r=g" }, "meta": { "meta_key": "" @@ -13996,9 +13996,9 @@ mockedApiResponse.CommentsCollection = [ "status": "approved", "type": "comment", "author_avatar_urls": { - "24": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=96&d=mm&r=g" }, "meta": { "meta_key": "meta_value" @@ -14050,9 +14050,9 @@ mockedApiResponse.CommentModel = { "status": "approved", "type": "comment", "author_avatar_urls": { - "24": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=24&d=mm&r=g", - "48": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=48&d=mm&r=g", - "96": "https://secure.gravatar.com/avatar/bd7c2b505bcf39cc71cfee564c614956?s=96&d=mm&r=g" + "24": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=24&d=mm&r=g", + "48": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=48&d=mm&r=g", + "96": "https://secure.gravatar.com/avatar/9ca51ced0b389ffbeba3d269c6d824be664c84fa1b35503282abdd302e1f417c?s=96&d=mm&r=g" }, "meta": { "meta_key": "meta_value" From 2238011c33b55e68c1d8f91d850528c153582b67 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Wed, 18 Dec 2024 00:23:35 +0000 Subject: [PATCH 02/44] Coding Standards: Fix WPCS issues in `get_avatar_data()`. Follow-up to [59532]. See #60638. git-svn-id: https://develop.svn.wordpress.org/trunk@59533 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/link-template.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/link-template.php b/src/wp-includes/link-template.php index a375b0ee06a4b..da57ebd64df80 100644 --- a/src/wp-includes/link-template.php +++ b/src/wp-includes/link-template.php @@ -4353,7 +4353,7 @@ function is_avatar_comment_type( $comment_type ) { * * @since 4.2.0 * @since 6.7.0 Gravatar URLs always use HTTPS. - * @since 6.8.0 Gravatar URLs use the SHA-256 hashing algorithm. + * @since 6.8.0 Gravatar URLs use the SHA-256 hashing algorithm. * * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash, * user email, WP_User object, WP_Post object, or WP_Comment object. @@ -4500,7 +4500,7 @@ function get_avatar_data( $id_or_email, $args = null ) { if ( str_contains( $id_or_email, '@sha256.gravatar.com' ) ) { // SHA-256 hash. list( $email_hash ) = explode( '@', $id_or_email ); - } else if ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) { + } elseif ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) { // MD5 hash. list( $email_hash ) = explode( '@', $id_or_email ); } else { From 7af04695d86ebeeb0d3f314c53f1f425a14323a7 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Wed, 18 Dec 2024 11:29:53 +0000 Subject: [PATCH 03/44] Build/Test Tools: Remove an unnecessary call to svn in a debugging step. None of the steps in any of the workflows use svn, so this debugging step is unnecessary, and svn has been removed in the ubuntu-24.04 runner which will be rolling out to GitHub Actions imminently. See #62221 git-svn-id: https://develop.svn.wordpress.org/trunk@59534 602fd350-edb4-49c9-b593-d223f7449a82 --- .github/workflows/reusable-phpunit-tests-v1.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/reusable-phpunit-tests-v1.yml b/.github/workflows/reusable-phpunit-tests-v1.yml index ad45726102dbe..e02a890a6debf 100644 --- a/.github/workflows/reusable-phpunit-tests-v1.yml +++ b/.github/workflows/reusable-phpunit-tests-v1.yml @@ -143,7 +143,6 @@ jobs: node --version curl --version git --version - svn --version - name: Log running Docker containers run: docker ps -a From a2107c2f3958f307ea748d2431775766dde77dfa Mon Sep 17 00:00:00 2001 From: Jonathan Desrosiers Date: Wed, 18 Dec 2024 18:49:53 +0000 Subject: [PATCH 04/44] External Libraries: Append a string to `react`/`react-dom` versions. In 6.7, [58775] changed the way `react` and `react-dom` are bundled in Core. This commit resulted in some changes to the built files that are distributed in WordPress even though the actual version of the libraries remained the same. The result can be a blank white screen when trying to edit a post when those two script files are heavily cached. This adds `-umd` to the end of the version number to properly purge caches until the next update to these libraries occurs. Props levskipg, get_dave, smerriman, jdnd, juanwp22, seanlanglands, robertstaddon. Fixes 62422. git-svn-id: https://develop.svn.wordpress.org/trunk@59536 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/script-loader.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/script-loader.php b/src/wp-includes/script-loader.php index d2c8dbe97e393..14027aa52a88f 100644 --- a/src/wp-includes/script-loader.php +++ b/src/wp-includes/script-loader.php @@ -106,8 +106,8 @@ function wp_default_packages_vendor( $scripts ) { ); $vendor_scripts_versions = array( - 'react' => '18.3.1', - 'react-dom' => '18.3.1', + 'react' => '18.3.1-umd', + 'react-dom' => '18.3.1-umd', 'react-jsx-runtime' => '18.3.1', 'regenerator-runtime' => '0.14.1', 'moment' => '2.30.1', From 9e4b268049b69e96e78bcc1ab77d9d6a4134f8cf Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Thu, 19 Dec 2024 03:07:09 +0000 Subject: [PATCH 05/44] External Libraries: Append `.1` to `react`/`react-dom` versions. Replaces the `-umd` appendage for the `react` and `react-dom` script versions with `.1`. This it to prevent issues with third party code expecting the version number in the form `/^[\d\.]+$/`. Updates the version to tests in `Tests_Dependencies_Scripts::test_vendor_script_versions_registered_manually` to include the modified version used for cache busting. Follow up to [59536], [58775]. Props azaozz, desrosj, peterwilsoncc. Fixes #62422. git-svn-id: https://develop.svn.wordpress.org/trunk@59540 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/script-loader.php | 4 ++-- tests/phpunit/tests/dependencies/scripts.php | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/script-loader.php b/src/wp-includes/script-loader.php index 14027aa52a88f..f4e37d7164139 100644 --- a/src/wp-includes/script-loader.php +++ b/src/wp-includes/script-loader.php @@ -106,8 +106,8 @@ function wp_default_packages_vendor( $scripts ) { ); $vendor_scripts_versions = array( - 'react' => '18.3.1-umd', - 'react-dom' => '18.3.1-umd', + 'react' => '18.3.1.1', // Final .1 due to switch to UMD build, can be removed in the next update. + 'react-dom' => '18.3.1.1', // Final .1 due to switch to UMD build, can be removed in the next update. 'react-jsx-runtime' => '18.3.1', 'regenerator-runtime' => '0.14.1', 'moment' => '2.30.1', diff --git a/tests/phpunit/tests/dependencies/scripts.php b/tests/phpunit/tests/dependencies/scripts.php index 03dba5df69744..89bfb4ef922e6 100644 --- a/tests/phpunit/tests/dependencies/scripts.php +++ b/tests/phpunit/tests/dependencies/scripts.php @@ -3413,6 +3413,21 @@ public function test_vendor_script_versions_registered_manually( $script, $handl $handle = $script; } + /* + * Append '.1' to the version number for React and ReactDOM. + * + * This is due to a change in the build to use the UMD version of the + * scripts, requiring a different version number in order to break the + * caches of some CDNs. + * + * This can be removed in the next update to the packages. + * + * See https://core.trac.wordpress.org/ticket/62422 + */ + if ( in_array( $handle, array( 'react', 'react-dom' ), true ) ) { + $package_json[ $script ] .= '.1'; + } + $script_query = $wp_scripts->query( $handle, 'registered' ); $this->assertNotFalse( $script_query, "The script '{$handle}' should be registered." ); From 17b50d3d9c0c3f1383bae3c9241bd618c9160b09 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 19 Dec 2024 03:42:32 +0000 Subject: [PATCH 06/44] Privacy: Replace hardcoded MD5 references in `wp_credits_section_list()`. The Credits API has been updated to return SHA-256 email hashes. Follow-up to [59532], [meta14307]. Props haozi. Fixes #62706, #60638. git-svn-id: https://develop.svn.wordpress.org/trunk@59541 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/credits.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-admin/includes/credits.php b/src/wp-admin/includes/credits.php index 1ad2a37c2bb7e..79b2a0b46c854 100644 --- a/src/wp-admin/includes/credits.php +++ b/src/wp-admin/includes/credits.php @@ -147,8 +147,8 @@ function wp_credits_section_list( $credits = array(), $slug = '' ) { echo '
  • ' . "\n\t"; echo ''; $size = $compact ? 80 : 160; - $data = get_avatar_data( $person_data[1] . '@md5.gravatar.com', array( 'size' => $size ) ); - $data2x = get_avatar_data( $person_data[1] . '@md5.gravatar.com', array( 'size' => $size * 2 ) ); + $data = get_avatar_data( $person_data[1] . '@sha256.gravatar.com', array( 'size' => $size ) ); + $data2x = get_avatar_data( $person_data[1] . '@sha256.gravatar.com', array( 'size' => $size * 2 ) ); echo '' . "\n"; echo esc_html( $person_data[0] ) . "\n\t"; if ( ! $compact && ! empty( $person_data[3] ) ) { From 816ec5df8a5970254d4b6d6ab73ba01b06d3c6f4 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 19 Dec 2024 10:22:34 +0000 Subject: [PATCH 07/44] Docs: Add missing single quote in `WP_User_Query::prepare_query()` DocBlock. Follow-up to [38715], [52226]. Props kkmuffme, mukesh27. Fixes #62714. git-svn-id: https://develop.svn.wordpress.org/trunk@59542 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/class-wp-user-query.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/class-wp-user-query.php b/src/wp-includes/class-wp-user-query.php index f9bb823c55900..fd35182eab9f5 100644 --- a/src/wp-includes/class-wp-user-query.php +++ b/src/wp-includes/class-wp-user-query.php @@ -202,7 +202,7 @@ public static function fill_query_vars( $args ) { * - 'login__in' * - 'user_nicename' (or 'nicename') * - 'nicename__in' - * - 'user_email (or 'email') + * - 'user_email' (or 'email') * - 'user_url' (or 'url') * - 'user_registered' (or 'registered') * - 'post_count' From ef7606073b8a016c5e32e230e50685ec62b3e7d2 Mon Sep 17 00:00:00 2001 From: bernhard-reiter Date: Thu, 19 Dec 2024 13:24:22 +0000 Subject: [PATCH 08/44] Block Hooks: Apply to synced patterns. Apply Block Hooks to synced patterns (i.e. `core/block` instances). Props bernhard-reiter, gziolo. Fixes #62704. git-svn-id: https://develop.svn.wordpress.org/trunk@59543 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/blocks.php | 11 ++++++++++- src/wp-includes/default-filters.php | 4 +++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/blocks.php b/src/wp-includes/blocks.php index 6a4ab4636c803..25a4a7e3b29a1 100644 --- a/src/wp-includes/blocks.php +++ b/src/wp-includes/blocks.php @@ -1219,6 +1219,8 @@ function update_ignored_hooked_blocks_postmeta( $post ) { if ( 'wp_navigation' === $post->post_type ) { $wrapper_block_type = 'core/navigation'; + } elseif ( 'wp_block' === $post->post_type ) { + $wrapper_block_type = 'core/block'; } else { $wrapper_block_type = 'core/post-content'; } @@ -1291,7 +1293,7 @@ function insert_hooked_blocks_and_set_ignored_hooked_blocks_metadata( &$parsed_a * @return WP_REST_Response The response object. */ function insert_hooked_blocks_into_rest_response( $response, $post ) { - if ( empty( $response->data['content']['raw'] ) || empty( $response->data['content']['rendered'] ) ) { + if ( empty( $response->data['content']['raw'] ) ) { return $response; } @@ -1306,6 +1308,8 @@ function insert_hooked_blocks_into_rest_response( $response, $post ) { if ( 'wp_navigation' === $post->post_type ) { $wrapper_block_type = 'core/navigation'; + } elseif ( 'wp_block' === $post->post_type ) { + $wrapper_block_type = 'core/block'; } else { $wrapper_block_type = 'core/post-content'; } @@ -1327,6 +1331,11 @@ function insert_hooked_blocks_into_rest_response( $response, $post ) { $response->data['content']['raw'] = $content; + // If the rendered content was previously empty, we leave it like that. + if ( empty( $response->data['content']['rendered'] ) ) { + return $response; + } + // `apply_block_hooks_to_content` is called above. Ensure it is not called again as a filter. $priority = has_filter( 'the_content', 'apply_block_hooks_to_content' ); if ( false !== $priority ) { diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php index 18ef8517edce2..9eff6ecbeb67a 100644 --- a/src/wp-includes/default-filters.php +++ b/src/wp-includes/default-filters.php @@ -760,14 +760,16 @@ add_filter( 'rest_pre_insert_wp_template', 'inject_ignored_hooked_blocks_metadata_attributes' ); add_filter( 'rest_pre_insert_wp_template_part', 'inject_ignored_hooked_blocks_metadata_attributes' ); -// Update ignoredHookedBlocks postmeta for wp_navigation post type. +// Update ignoredHookedBlocks postmeta for some post types. add_filter( 'rest_pre_insert_page', 'update_ignored_hooked_blocks_postmeta' ); add_filter( 'rest_pre_insert_post', 'update_ignored_hooked_blocks_postmeta' ); +add_filter( 'rest_pre_insert_wp_block', 'update_ignored_hooked_blocks_postmeta' ); add_filter( 'rest_pre_insert_wp_navigation', 'update_ignored_hooked_blocks_postmeta' ); // Inject hooked blocks into the Posts endpoint REST response for some given post types. add_filter( 'rest_prepare_page', 'insert_hooked_blocks_into_rest_response', 10, 2 ); add_filter( 'rest_prepare_post', 'insert_hooked_blocks_into_rest_response', 10, 2 ); +add_filter( 'rest_prepare_wp_block', 'insert_hooked_blocks_into_rest_response', 10, 2 ); add_filter( 'rest_prepare_wp_navigation', 'insert_hooked_blocks_into_rest_response', 10, 2 ); unset( $filter, $action ); From 7381a8273a3c5c3e63a194dace734612a610a135 Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Thu, 19 Dec 2024 21:41:19 +0000 Subject: [PATCH 09/44] REST API: Protect against fatal error for post types without format support. Ignore the `format` parameter introduced in WordPress 6.7 for post types that do not support post formats. This protects against a fatal error being thrown in later version of PHP or a warning in earlier versions of PHP. Follow up to r59115. Props dd32, sergeybiryukov, yogeshbhutkar. Fixes #62646. See #62014. git-svn-id: https://develop.svn.wordpress.org/trunk@59544 602fd350-edb4-49c9-b593-d223f7449a82 --- .../class-wp-rest-posts-controller.php | 2 +- .../tests/rest-api/rest-posts-controller.php | 39 +++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php index 8852519ec45c9..95851199c6e4d 100644 --- a/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php +++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php @@ -346,7 +346,7 @@ public function get_items( $request ) { $args = $this->prepare_tax_query( $args, $request ); - if ( ! empty( $request['format'] ) ) { + if ( isset( $registered['format'], $request['format'] ) ) { $formats = $request['format']; /* * The relation needs to be set to `OR` since the request can contain diff --git a/tests/phpunit/tests/rest-api/rest-posts-controller.php b/tests/phpunit/tests/rest-api/rest-posts-controller.php index 4574bde83621e..e2fd7139f3f54 100644 --- a/tests/phpunit/tests/rest-api/rest-posts-controller.php +++ b/tests/phpunit/tests/rest-api/rest-posts-controller.php @@ -5507,6 +5507,45 @@ public function test_draft_post_does_not_have_the_same_slug_as_existing_post() { ); } + /** + * Test the REST API ignores the post format parameter for post types that do not support them. + * + * @ticket 62646 + * @ticket 62014 + * + * @covers WP_REST_Posts_Controller::get_items + */ + public function test_standard_post_format_ignored_for_post_types_that_do_not_support_them() { + $initial_theme_support = get_theme_support( 'post-formats' ); + add_theme_support( 'post-formats', array( 'aside', 'gallery', 'link', 'image', 'quote', 'status', 'video', 'audio', 'chat' ) ); + + self::factory()->post->create( + array( + 'post_type' => 'page', + 'post_status' => 'publish', + ) + ); + + $request = new WP_REST_Request( 'GET', '/wp/v2/pages' ); + $request->set_param( 'format', 'invalid_type' ); + + $response = rest_get_server()->dispatch( $request ); + + /* + * Restore the initial post formats support. + * + * This needs to be done prior to the assertions to avoid unexpected + * results for other tests should an assertion fail. + */ + if ( $initial_theme_support ) { + add_theme_support( 'post-formats', $initial_theme_support[0] ); + } else { + remove_theme_support( 'post-formats' ); + } + + $this->assertCount( 1, $response->get_data(), 'The response should ignore the post format parameter' ); + } + /** * Test the REST API support for the standard post format. * From b8ecfbf9542198b1d88230221faeca6b71fa0ac7 Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Thu, 19 Dec 2024 21:54:57 +0000 Subject: [PATCH 10/44] Help/About: Add additional release squad titles to credits page. Introduces translatable strings for additional [https://make.wordpress.org/core/handbook/about/release-cycle/wordpress-release-team-and-focus-leads/ release squad titles]. This is to allow improved acknowledgement of an individual's role in a release squad by enabling the use of these roles in the credits API going forward. Props audrasjb, desrosj, jorbin, timse201, yogeshbhutkar. Fixes #62386. git-svn-id: https://develop.svn.wordpress.org/trunk@59545 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/credits.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/wp-admin/credits.php b/src/wp-admin/credits.php index d3d0bbf7d6ece..acc8a21c28ab8 100644 --- a/src/wp-admin/credits.php +++ b/src/wp-admin/credits.php @@ -135,3 +135,17 @@ __( 'Release Deputy' ); __( 'Core Developer' ); __( 'External Libraries' ); +__( 'Release Coordination' ); +__( 'Core Tech Lead' ); +__( 'Core Triage Lead' ); +__( 'Editor Tech Lead' ); +__( 'Editor Triage Lead' ); +__( 'Documentation Lead' ); +__( 'Test Lead' ); +__( 'Design Lead' ); +__( 'Performance Lead' ); +__( 'Default Theme Design Lead' ); +__( 'Default Theme Development Lead' ); +__( 'Tech Lead' ); +__( 'Triage Lead' ); +__( 'Minor Release Lead' ); From a64ad57db6837a6b1c681676c0c31d43dced7508 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Fri, 20 Dec 2024 23:33:05 +0000 Subject: [PATCH 11/44] Docs: Update parameter type hints to include `null` for post thumbnail functions. Follow-up to [12320], [12351], [20646], [32618], [34167], [34373], [37915]. Props apermo, jasonsa19. Fixes #62720. git-svn-id: https://develop.svn.wordpress.org/trunk@59548 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post-thumbnail-template.php | 24 ++++++++++----------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/wp-includes/post-thumbnail-template.php b/src/wp-includes/post-thumbnail-template.php index 7d722ae9de407..59723c7fadb07 100644 --- a/src/wp-includes/post-thumbnail-template.php +++ b/src/wp-includes/post-thumbnail-template.php @@ -19,7 +19,7 @@ * @since 2.9.0 * @since 4.4.0 `$post` can be a post ID or WP_Post object. * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. * @return bool Whether the post has an image attached. */ function has_post_thumbnail( $post = null ) { @@ -46,7 +46,7 @@ function has_post_thumbnail( $post = null ) { * @since 5.5.0 The return value for a non-existing post * was changed to false instead of an empty string. * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. * @return int|false Post thumbnail ID (which can be 0 if the thumbnail is not set), * or false if the post does not exist. */ @@ -99,7 +99,7 @@ function the_post_thumbnail( $size = 'post-thumbnail', $attr = '' ) { * * @global WP_Query $wp_query WordPress Query object. * - * @param WP_Query $wp_query Optional. A WP_Query instance. Defaults to the $wp_query global. + * @param WP_Query|null $wp_query Optional. A WP_Query instance. Defaults to the $wp_query global. */ function update_post_thumbnail_cache( $wp_query = null ) { if ( ! $wp_query ) { @@ -156,10 +156,10 @@ function update_post_thumbnail_cache( $wp_query = null ) { * @since 2.9.0 * @since 4.4.0 `$post` can be a post ID or WP_Post object. * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. - * @param string|int[] $size Optional. Image size. Accepts any registered image size name, or an array of - * width and height values in pixels (in that order). Default 'post-thumbnail'. - * @param string|array $attr Optional. Query string or array of attributes. Default empty. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param string|int[] $size Optional. Image size. Accepts any registered image size name, or an array of + * width and height values in pixels (in that order). Default 'post-thumbnail'. + * @param string|array $attr Optional. Query string or array of attributes. Default empty. * @return string The post thumbnail image tag. */ function get_the_post_thumbnail( $post = null, $size = 'post-thumbnail', $attr = '' ) { @@ -241,9 +241,9 @@ function get_the_post_thumbnail( $post = null, $size = 'post-thumbnail', $attr = * * @since 4.4.0 * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. - * @param string|int[] $size Optional. Registered image size to retrieve the source for or a flat array - * of height and width dimensions. Default 'post-thumbnail'. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param string|int[] $size Optional. Registered image size to retrieve the source for or a flat array + * of height and width dimensions. Default 'post-thumbnail'. * @return string|false Post thumbnail URL or false if no image is available. If `$size` does not match * any registered image size, the original image URL will be returned. */ @@ -291,7 +291,7 @@ function the_post_thumbnail_url( $size = 'post-thumbnail' ) { * * @since 4.6.0 * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. * @return string Post thumbnail caption. */ function get_the_post_thumbnail_caption( $post = null ) { @@ -315,7 +315,7 @@ function get_the_post_thumbnail_caption( $post = null ) { * * @since 4.6.0 * - * @param int|WP_Post $post Optional. Post ID or WP_Post object. Default is global `$post`. + * @param int|WP_Post|null $post Optional. Post ID or WP_Post object. Default is global `$post`. */ function the_post_thumbnail_caption( $post = null ) { /** From afc8acfbf6ba5b03f28bed2716bfc48f54dd159e Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Sat, 21 Dec 2024 17:21:30 +0000 Subject: [PATCH 12/44] Docs: Docblock improvements in . Props shailu25. Fixes #62730. See #62281. git-svn-id: https://develop.svn.wordpress.org/trunk@59549 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/block-supports/block-style-variations.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/wp-includes/block-supports/block-style-variations.php b/src/wp-includes/block-supports/block-style-variations.php index 4397a34af9701..62fb04e1a0c86 100644 --- a/src/wp-includes/block-supports/block-style-variations.php +++ b/src/wp-includes/block-supports/block-style-variations.php @@ -62,7 +62,7 @@ function wp_resolve_block_style_variation_ref_values( &$variation_data, $theme_j } } /** - * Render the block style variation's styles. + * Renders the block style variation's styles. * * In the case of nested blocks with variations applied, we want the parent * variation's styles to be rendered before their descendants. This solves the @@ -194,15 +194,15 @@ function wp_render_block_style_variation_support_styles( $parsed_block ) { } /** - * Ensure the variation block support class name generated and added to + * Ensures the variation block support class name generated and added to * block attributes in the `render_block_data` filter gets applied to the * block's markup. * - * @see wp_render_block_style_variation_support_styles - * * @since 6.6.0 * @access private * + * @see wp_render_block_style_variation_support_styles + * * @param string $block_content Rendered block content. * @param array $block Block object. * From 17d5e47aee6c849f4cde733eba4d9403af1406e4 Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Sat, 21 Dec 2024 21:52:56 +0000 Subject: [PATCH 13/44] Media: Fix margin issues on the Media file upload screen. This changeset fixes an issue in the Media Library where icons or thumbnails of uploaded files were stuck to the border of their container after file upload. Follow-up to [58279]. Props sukhendu2002, im3dabasia1, sainathpoojary, joedolson. Fixes #62573. See #60141. git-svn-id: https://develop.svn.wordpress.org/trunk@59550 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/css/media.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-admin/css/media.css b/src/wp-admin/css/media.css index 41beffc2e8669..0db92775a9f2b 100644 --- a/src/wp-admin/css/media.css +++ b/src/wp-admin/css/media.css @@ -174,7 +174,7 @@ .media-item .pinkynail { float: left; - margin: 0 10px 0 0; + margin: 14px; max-height: 70px; max-width: 70px; } From 08c3dd4aff7298ffc882072f9c3d9f2c46a9a927 Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Sat, 21 Dec 2024 22:37:35 +0000 Subject: [PATCH 14/44] Login and Registration: Adjust login form margins for better consistency. This changeset addresses adjusts margins around the login form for visual consistency. The margin above and below the form is now consistently set to 24px, and the margin below the logo has also been adjusted to 24px. Follow-up to [26072]. Props deeppatel8950, audrasjb, priyank9033, viralsampat, vijaysinh9094, sabernhardt, . Fixes #61667. git-svn-id: https://develop.svn.wordpress.org/trunk@59551 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/css/login.css | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/wp-admin/css/login.css b/src/wp-admin/css/login.css index c2211d9da681e..269f1115e2417 100644 --- a/src/wp-admin/css/login.css +++ b/src/wp-admin/css/login.css @@ -139,8 +139,7 @@ p { } .login form { - margin-top: 20px; - margin-left: 0; + margin: 24px 0; padding: 26px 24px; font-weight: 400; overflow: hidden; @@ -284,7 +283,7 @@ p { font-size: 20px; font-weight: 400; line-height: 1.3; - margin: 0 auto 25px; + margin: 0 auto 24px; padding: 0; text-decoration: none; width: 84px; From 322b9843959c2cc7261001a336961cf1bc73f06e Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sat, 21 Dec 2024 23:14:46 +0000 Subject: [PATCH 15/44] Help/About: Reorder release squad titles for some consistency in translation tools. Follow-up to [59545]. See #62386. git-svn-id: https://develop.svn.wordpress.org/trunk@59552 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/credits.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/wp-admin/credits.php b/src/wp-admin/credits.php index acc8a21c28ab8..46b035419cc87 100644 --- a/src/wp-admin/credits.php +++ b/src/wp-admin/credits.php @@ -133,9 +133,9 @@ __( 'Release Lead' ); __( 'Release Design Lead' ); __( 'Release Deputy' ); -__( 'Core Developer' ); -__( 'External Libraries' ); __( 'Release Coordination' ); +__( 'Minor Release Lead' ); +__( 'Core Developer' ); __( 'Core Tech Lead' ); __( 'Core Triage Lead' ); __( 'Editor Tech Lead' ); @@ -148,4 +148,4 @@ __( 'Default Theme Development Lead' ); __( 'Tech Lead' ); __( 'Triage Lead' ); -__( 'Minor Release Lead' ); +__( 'External Libraries' ); From 71eaaad6895608e85443a46106a4f3171c6557f4 Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Sun, 22 Dec 2024 08:34:08 +0000 Subject: [PATCH 16/44] Themes: Fix unwanted horizontal scrolling in theme details screen on mobile. This changeset fixes an issue where the theme browser created unwanted horizontal scrolling on some mobile devices. The issue occured when viewing theme details on mobile. Follow-up to [26142]. Props wildworks, abcd95, sainathpoojary, dhruvang21, sabernhardt. Fixes #62411. git-svn-id: https://develop.svn.wordpress.org/trunk@59553 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/css/themes.css | 1 + 1 file changed, 1 insertion(+) diff --git a/src/wp-admin/css/themes.css b/src/wp-admin/css/themes.css index e7c58b257fc76..2d81613dbce47 100644 --- a/src/wp-admin/css/themes.css +++ b/src/wp-admin/css/themes.css @@ -935,6 +935,7 @@ body.folded .theme-browser ~ .theme-overlay .theme-wrap { .theme-overlay .theme-screenshots { width: 100%; float: none; + margin: 0; } .theme-overlay .theme-info { From de76b6ee76b7052b2da246476cadc05c21686dd8 Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Sun, 22 Dec 2024 19:13:23 +0000 Subject: [PATCH 17/44] I18n: Add translator context for various occurrences of "upload". This changeset adds a `noun` or `verb` context to the various occurrences of "upload" in the admin, to make it easier for translators to differenciate these strings depending on the context. Props timse201, wpgerd. Fixes #62732. git-svn-id: https://develop.svn.wordpress.org/trunk@59554 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/class-custom-background.php | 2 +- src/wp-admin/includes/class-custom-image-header.php | 2 +- src/wp-admin/includes/class-wp-theme-install-list-table.php | 2 +- src/wp-admin/includes/media.php | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/wp-admin/includes/class-custom-background.php b/src/wp-admin/includes/class-custom-background.php index 3dab05c99a49c..d8500d8570405 100644 --- a/src/wp-admin/includes/class-custom-background.php +++ b/src/wp-admin/includes/class-custom-background.php @@ -354,7 +354,7 @@ public function admin_page() { - +


    diff --git a/src/wp-admin/includes/class-custom-image-header.php b/src/wp-admin/includes/class-custom-image-header.php index 480a0643244d4..2e1bf47fdaf5e 100644 --- a/src/wp-admin/includes/class-custom-image-header.php +++ b/src/wp-admin/includes/class-custom-image-header.php @@ -664,7 +664,7 @@ public function step_1() { - +

    - +

    From d030306983076b1834fb9d6d25776d0b49112430 Mon Sep 17 00:00:00 2001 From: Joe Dolson Date: Sun, 22 Dec 2024 20:44:06 +0000 Subject: [PATCH 18/44] Customizer: Allow custom accordion items with obsolete structure. In [59224], customizer accordion item HTML structure was changed to include a `button` element as the interactive control. However, some themes inject custom markup for panel headings. Fix `controls.js` to handle both the new markup and the old markup, which is relatively common in themes. Props paullb, desrosj, sabernhardt, joedolson, jorbin. Fixes #62494. git-svn-id: https://develop.svn.wordpress.org/trunk@59555 602fd350-edb4-49c9-b593-d223f7449a82 --- src/js/_enqueues/wp/customize/controls.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/js/_enqueues/wp/customize/controls.js b/src/js/_enqueues/wp/customize/controls.js index 1d402bc1c3273..7a6e69cf3eb9c 100644 --- a/src/js/_enqueues/wp/customize/controls.js +++ b/src/js/_enqueues/wp/customize/controls.js @@ -1530,7 +1530,7 @@ } // Expand/Collapse accordion sections on click. - section.container.find( '.accordion-section-title button, .customize-section-back' ).on( 'click keydown', function( event ) { + section.container.find( '.accordion-section-title button, .customize-section-back, .accordion-section-title[tabindex]' ).on( 'click keydown', function( event ) { if ( api.utils.isKeydownButNotEnterEvent( event ) ) { return; } @@ -1605,7 +1605,7 @@ content = section.contentContainer, overlay = section.headContainer.closest( '.wp-full-overlay' ), backBtn = content.find( '.customize-section-back' ), - sectionTitle = section.headContainer.find( '.accordion-section-title button' ).first(), + sectionTitle = section.headContainer.find( '.accordion-section-title button, .accordion-section-title[tabindex]' ).first(), expand, panel; if ( expanded && ! content.hasClass( 'open' ) ) { @@ -2694,7 +2694,7 @@ container = section.headContainer.closest( '.wp-full-overlay-sidebar-content' ), content = section.contentContainer, backBtn = content.find( '.customize-section-back' ), - sectionTitle = section.headContainer.find( '.accordion-section-title button' ).first(), + sectionTitle = section.headContainer.find( '.accordion-section-title button, .accordion-section-title[tabindex]' ).first(), body = $( document.body ), expand, panel; @@ -2833,7 +2833,7 @@ var meta, panel = this; // Expand/Collapse accordion sections on click. - panel.headContainer.find( '.accordion-section-title button' ).on( 'click keydown', function( event ) { + panel.headContainer.find( '.accordion-section-title button, .accordion-section-title[tabindex]' ).on( 'click keydown', function( event ) { if ( api.utils.isKeydownButNotEnterEvent( event ) ) { return; } @@ -2937,7 +2937,7 @@ accordionSection = panel.contentContainer, overlay = accordionSection.closest( '.wp-full-overlay' ), container = accordionSection.closest( '.wp-full-overlay-sidebar-content' ), - topPanel = panel.headContainer.find( '.accordion-section-title button' ), + topPanel = panel.headContainer.find( '.accordion-section-title button, .accordion-section-title[tabindex]' ), backBtn = accordionSection.find( '.customize-panel-back' ), childSections = panel.sections(), skipTransition; From 07be2445e45066147105206da08acf31bcee974d Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sun, 22 Dec 2024 22:42:35 +0000 Subject: [PATCH 19/44] Coding Standards: Use strict comparison in `wp_handle_comment_submission()`. Follow-up to [549], [1985], [2464], [2556], [2558], [34799], [40667]. Props deepakrohilla, narenin. See #62316. git-svn-id: https://develop.svn.wordpress.org/trunk@59556 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/comment.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php index 4360f14d09554..2762b77593308 100644 --- a/src/wp-includes/comment.php +++ b/src/wp-includes/comment.php @@ -3658,7 +3658,7 @@ function wp_handle_comment_submission( $comment_data ) { $comment_type = 'comment'; if ( get_option( 'require_name_email' ) && ! $user->exists() ) { - if ( '' == $comment_author_email || '' == $comment_author ) { + if ( '' === $comment_author_email || '' === $comment_author ) { return new WP_Error( 'require_name_email', __( 'Error: Please fill the required fields.' ), 200 ); } elseif ( ! is_email( $comment_author_email ) ) { return new WP_Error( 'require_valid_email', __( 'Error: Please enter a valid email address.' ), 200 ); From a9e2f1c1e55f55c105b58fcc9c2303fead4870fc Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Mon, 23 Dec 2024 20:04:18 +0000 Subject: [PATCH 20/44] Coding Standards: Use strict comparison in `wpmu_validate_user_signup()`. Follow-up to [14298], [19852]. Props debarghyabanerjee. See #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59557 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index fa8df6d10875b..d17de7ead01da 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -462,7 +462,7 @@ function wpmu_validate_user_signup( $user_name, $user_email ) { $orig_username = $user_name; $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) ); - if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) { + if ( $user_name !== $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) { $errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) ); $user_name = $orig_username; } From 9dd87b8f91300917447c271968d3c36289b440e8 Mon Sep 17 00:00:00 2001 From: Jb Audras Date: Mon, 23 Dec 2024 22:07:47 +0000 Subject: [PATCH 21/44] Coding Standards: Fix a comment indentation issue in `script-loader.php`. Follow-up to [58703]. Props mukesh27. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59558 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/script-loader.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/wp-includes/script-loader.php b/src/wp-includes/script-loader.php index f4e37d7164139..6a5768a8a4b9b 100644 --- a/src/wp-includes/script-loader.php +++ b/src/wp-includes/script-loader.php @@ -2517,9 +2517,9 @@ function wp_enqueue_global_styles() { if ( $is_block_theme ) { /* - * Dequeue the Customizer's custom CSS - * and add it before the global styles custom CSS. - */ + * Dequeue the Customizer's custom CSS + * and add it before the global styles custom CSS. + */ remove_action( 'wp_head', 'wp_custom_css_cb', 101 ); // Get the custom CSS from the Customizer and add it to the global stylesheet. $custom_css = wp_get_custom_css(); From 70ecc6b6423b4a7de607c196933bc5935588a091 Mon Sep 17 00:00:00 2001 From: Joe Dolson Date: Mon, 23 Dec 2024 23:01:23 +0000 Subject: [PATCH 22/44] Themes: Add an ID to the block theme skip link. Add the ID `wp-skip-link` to the block theme generated skip link, so that block themes have a standardized target at the top of the `body` element. Props philliproth, audrasjb, debarghyabanerjee, sabernhardt, joedolson, apermo. Fixes #62311. git-svn-id: https://develop.svn.wordpress.org/trunk@59559 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/theme-templates.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/wp-includes/theme-templates.php b/src/wp-includes/theme-templates.php index c01a4ec6721e8..55b9c8fac4990 100644 --- a/src/wp-includes/theme-templates.php +++ b/src/wp-includes/theme-templates.php @@ -203,6 +203,7 @@ function wp_enqueue_block_template_skip_link() { // Create the skip link. skipLink = document.createElement( 'a' ); skipLink.classList.add( 'skip-link', 'screen-reader-text' ); + skipLink.id = 'wp-skip-link'; skipLink.href = '#' + skipLinkTargetID; skipLink.innerHTML = ''; From 87f99b4316bf2bf8f20efead24424e6fdeb1e976 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Tue, 24 Dec 2024 22:22:49 +0000 Subject: [PATCH 23/44] Coding Standards: Use strict comparison in `wpmu_signup_blog_notification()`. Follow-up to [https://mu.trac.wordpress.org/changeset/1970 mu:1970]. Props debarghyabanerjee. See #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59560 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index d17de7ead01da..7cfb403e9e289 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -941,7 +941,7 @@ function wpmu_signup_blog_notification( $domain, $path, $title, $user_login, $us } // Send email with activation link. - if ( ! is_subdomain_install() || get_current_network_id() != 1 ) { + if ( ! is_subdomain_install() || get_current_network_id() !== 1 ) { $activate_url = network_site_url( "wp-activate.php?key=$key" ); } else { $activate_url = "http://{$domain}{$path}wp-activate.php?key=$key"; // @todo Use *_url() API. From 27bb7ac2349eb81eb4e0ff5d275ff4ff3b98f3c4 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Wed, 25 Dec 2024 18:29:51 +0000 Subject: [PATCH 24/44] Coding Standards: Use strict comparison in `remove_user_from_blog()`. Follow-up to [https://mu.trac.wordpress.org/changeset/543 mu:543]. Props debarghyabanerjee, aristath, poena, afercia, SergeyBiryukov. See #62279, #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59561 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 7cfb403e9e289..9f1889fda6b36 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -230,8 +230,10 @@ function add_user_to_blog( $blog_id, $user_id, $role ) { function remove_user_from_blog( $user_id, $blog_id = 0, $reassign = 0 ) { global $wpdb; - switch_to_blog( $blog_id ); $user_id = (int) $user_id; + $blog_id = (int) $blog_id; + + switch_to_blog( $blog_id ); /** * Fires before a user is removed from a site. @@ -249,13 +251,13 @@ function remove_user_from_blog( $user_id, $blog_id = 0, $reassign = 0 ) { * If being removed from the primary blog, set a new primary * if the user is assigned to multiple blogs. */ - $primary_blog = get_user_meta( $user_id, 'primary_blog', true ); - if ( $primary_blog == $blog_id ) { + $primary_blog = (int) get_user_meta( $user_id, 'primary_blog', true ); + if ( $primary_blog === $blog_id ) { $new_id = ''; $new_domain = ''; $blogs = get_blogs_of_user( $user_id ); foreach ( (array) $blogs as $blog ) { - if ( $blog->userblog_id == $blog_id ) { + if ( $blog->userblog_id === $blog_id ) { continue; } $new_id = $blog->userblog_id; From 20110f63aac507e2b64bb2b6270471957dec8ca3 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 26 Dec 2024 23:55:05 +0000 Subject: [PATCH 25/44] Coding Standards: Use strict comparison in `get_active_blog_for_user()`. Follow-up to [https://mu.trac.wordpress.org/changeset/804 mu:804], [https://mu.trac.wordpress.org/changeset/1918 mu:1918]. Props debarghyabanerjee, aristath, poena, afercia, SergeyBiryukov. See #62279, #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59562 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 9f1889fda6b36..fdbcc6fb78e83 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -71,18 +71,23 @@ function get_active_blog_for_user( $user_id ) { } } - if ( ( ! is_object( $primary ) ) || ( 1 == $primary->archived || 1 == $primary->spam || 1 == $primary->deleted ) ) { + if ( ( ! is_object( $primary ) ) + || ( '1' === $primary->archived || '1' === $primary->spam || '1' === $primary->deleted ) + ) { $blogs = get_blogs_of_user( $user_id, true ); // If a user's primary blog is shut down, check their other blogs. $ret = false; if ( is_array( $blogs ) && count( $blogs ) > 0 ) { foreach ( (array) $blogs as $blog_id => $blog ) { - if ( get_current_network_id() != $blog->site_id ) { + if ( get_current_network_id() !== $blog->site_id ) { continue; } + $details = get_site( $blog_id ); - if ( is_object( $details ) && 0 == $details->archived && 0 == $details->spam && 0 == $details->deleted ) { + if ( is_object( $details ) + && '0' === $details->archived && '0' === $details->spam && '0' === $details->deleted + ) { $ret = $details; - if ( get_user_meta( $user_id, 'primary_blog', true ) != $blog_id ) { + if ( (int) get_user_meta( $user_id, 'primary_blog', true ) !== $blog_id ) { update_user_meta( $user_id, 'primary_blog', $blog_id ); } if ( ! get_user_meta( $user_id, 'source_domain', true ) ) { From 779ed48a034c60a65cd1ac7ab35262e496e39c99 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Fri, 27 Dec 2024 23:00:41 +0000 Subject: [PATCH 26/44] Coding Standards: Use strict comparison in `is_user_spammy()`. Follow-up to [https://mu.trac.wordpress.org/changeset/1640 mu:1640]. Props debarghyabanerjee, aristath, poena, afercia, SergeyBiryukov. See #62279, #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59563 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index fdbcc6fb78e83..e0ae1a0315f17 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -2304,7 +2304,7 @@ function is_user_spammy( $user = null ) { } } - return $user && isset( $user->spam ) && 1 == $user->spam; + return $user && isset( $user->spam ) && '1' === $user->spam; } /** From 4a6b12bea7761ec8f9037685aad3104285e15b21 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sat, 28 Dec 2024 22:08:19 +0000 Subject: [PATCH 27/44] Options, Meta APIs: Ensure `after_section` is printed for sections without any fields. This brings consistency with the `before_section` HTML content, which did get printed in `do_settings_sections()` regardless of whether the settings section has any fields attached. Follow-up to [8855], [21742], [54247]. Props alpipego, SergeyBiryukov. Fixes #62746. git-svn-id: https://develop.svn.wordpress.org/trunk@59564 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/template.php | 9 ++++--- .../phpunit/tests/admin/includesTemplate.php | 24 +++++++++++++++++++ 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/src/wp-admin/includes/template.php b/src/wp-admin/includes/template.php index 3bff8bc279b5f..a0d07696d3019 100644 --- a/src/wp-admin/includes/template.php +++ b/src/wp-admin/includes/template.php @@ -1784,12 +1784,11 @@ function do_settings_sections( $page ) { call_user_func( $section['callback'], $section ); } - if ( ! isset( $wp_settings_fields ) || ! isset( $wp_settings_fields[ $page ] ) || ! isset( $wp_settings_fields[ $page ][ $section['id'] ] ) ) { - continue; + if ( isset( $wp_settings_fields[ $page ][ $section['id'] ] ) ) { + echo ''; + do_settings_fields( $page, $section['id'] ); + echo ''; } - echo ''; - do_settings_fields( $page, $section['id'] ); - echo ''; if ( '' !== $section['after_section'] ) { echo wp_kses_post( $section['after_section'] ); diff --git a/tests/phpunit/tests/admin/includesTemplate.php b/tests/phpunit/tests/admin/includesTemplate.php index f24a046933922..66e3befd5f07b 100644 --- a/tests/phpunit/tests/admin/includesTemplate.php +++ b/tests/phpunit/tests/admin/includesTemplate.php @@ -240,6 +240,30 @@ public function test_add_settings_section_with_extra_args( $extra_args, $expecte $this->assertStringContainsString( $expected_after_section_html, $output, 'Test page output does not contain the custom markup to be placed after the section.' ); } + /** + * @ticket 62746 + * + * @param array $extra_args Extra arguments to pass to function `add_settings_section()`. + * @param array $expected_section_data Expected set of section data. + * @param string $expected_before_section_html Expected HTML markup to be rendered before the settings section. + * @param string $expected_after_section_html Expected HTML markup to be rendered after the settings section. + * + * @covers ::add_settings_section + * @covers ::do_settings_sections + * + * @dataProvider data_extra_args_for_add_settings_section + */ + public function test_add_settings_section_without_any_fields( $extra_args, $expected_section_data, $expected_before_section_html, $expected_after_section_html ) { + add_settings_section( 'test-section', 'Section title', '__return_false', 'test-page', $extra_args ); + + ob_start(); + do_settings_sections( 'test-page' ); + $output = ob_get_clean(); + + $this->assertStringContainsString( $expected_before_section_html, $output, 'Test page output does not contain the custom markup to be placed before the section.' ); + $this->assertStringContainsString( $expected_after_section_html, $output, 'Test page output does not contain the custom markup to be placed after the section.' ); + } + /** * Data provider for `test_add_settings_section_with_extra_args()`. * From 4e1752dee97eb3454c7a6da9176b8890d7c371a8 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sun, 29 Dec 2024 21:52:34 +0000 Subject: [PATCH 28/44] Coding Standards: Use strict comparison in `sanitize_post()`. Follow-up to [12062]. Props aristath, poena, afercia, SergeyBiryukov. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59565 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php index eb90e762f5663..cadc929457979 100644 --- a/src/wp-includes/post.php +++ b/src/wp-includes/post.php @@ -2823,7 +2823,7 @@ function is_sticky( $post_id = 0 ) { function sanitize_post( $post, $context = 'display' ) { if ( is_object( $post ) ) { // Check if post already filtered for this context. - if ( isset( $post->filter ) && $context == $post->filter ) { + if ( isset( $post->filter ) && $context === $post->filter ) { return $post; } if ( ! isset( $post->ID ) ) { @@ -2835,7 +2835,7 @@ function sanitize_post( $post, $context = 'display' ) { $post->filter = $context; } elseif ( is_array( $post ) ) { // Check if post already filtered for this context. - if ( isset( $post['filter'] ) && $context == $post['filter'] ) { + if ( isset( $post['filter'] ) && $context === $post['filter'] ) { return $post; } if ( ! isset( $post['ID'] ) ) { From 2ba84334c9d412956322544564c1a8e32fb56363 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Mon, 30 Dec 2024 09:30:14 +0000 Subject: [PATCH 29/44] Coding Standards: Use strict comparison in `get_post_ancestors()`. Follow-up to [7074], [15758], [21559], [21953]. Props aristath, poena, afercia, SergeyBiryukov. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59566 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php index cadc929457979..dfdd41ed5ef93 100644 --- a/src/wp-includes/post.php +++ b/src/wp-includes/post.php @@ -1135,7 +1135,7 @@ function get_post( $post = null, $output = OBJECT, $filter = 'raw' ) { function get_post_ancestors( $post ) { $post = get_post( $post ); - if ( ! $post || empty( $post->post_parent ) || $post->post_parent == $post->ID ) { + if ( ! $post || empty( $post->post_parent ) || $post->post_parent === $post->ID ) { return array(); } @@ -1146,7 +1146,9 @@ function get_post_ancestors( $post ) { while ( $ancestor = get_post( $id ) ) { // Loop detection: If the ancestor has been seen before, break. - if ( empty( $ancestor->post_parent ) || ( $ancestor->post_parent == $post->ID ) || in_array( $ancestor->post_parent, $ancestors, true ) ) { + if ( empty( $ancestor->post_parent ) || $ancestor->post_parent === $post->ID + || in_array( $ancestor->post_parent, $ancestors, true ) + ) { break; } From 7fedfd4dc13200edb7a1e467d78b619cd7235b92 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Tue, 31 Dec 2024 19:17:10 +0000 Subject: [PATCH 30/44] Coding Standards: Use strict comparison in `wp_count_attachments()`. Follow-up to [54255]. Props aristath, poena, afercia, SergeyBiryukov. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59567 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php index dfdd41ed5ef93..3c3a422430324 100644 --- a/src/wp-includes/post.php +++ b/src/wp-includes/post.php @@ -3390,7 +3390,8 @@ function wp_count_attachments( $mime_type = '' ) { ); $counts = wp_cache_get( $cache_key, 'counts' ); - if ( false == $counts ) { + + if ( false === $counts ) { $and = wp_post_mime_type_where( $mime_type ); $count = $wpdb->get_results( "SELECT post_mime_type, COUNT( * ) AS num_posts FROM $wpdb->posts WHERE post_type = 'attachment' AND post_status != 'trash' $and GROUP BY post_mime_type", ARRAY_A ); From de14028c7637ccfb0746311dd4da0c040f49126a Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Wed, 1 Jan 2025 00:10:57 +0000 Subject: [PATCH 31/44] =?UTF-8?q?Happy=20New=20Year!=20=F0=9F=8E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update copyright year to 2025 in `license.txt` and bundled themes. Follow-up to [18201], [23306], [28064], [36855], [36856], [39659], [40241], [42424], [46719], [46720], [47025], [47026], [49915], [52427], [55024], [57235]. git-svn-id: https://develop.svn.wordpress.org/trunk@59568 602fd350-edb4-49c9-b593-d223f7449a82 --- src/license.txt | 2 +- src/wp-content/themes/twentyeleven/readme.txt | 2 +- src/wp-content/themes/twentyfifteen/readme.txt | 2 +- src/wp-content/themes/twentyfourteen/readme.txt | 2 +- src/wp-content/themes/twentynineteen/readme.txt | 4 ++-- src/wp-content/themes/twentyseventeen/readme.txt | 2 +- src/wp-content/themes/twentysixteen/readme.txt | 2 +- src/wp-content/themes/twentyten/readme.txt | 2 +- src/wp-content/themes/twentythirteen/readme.txt | 2 +- src/wp-content/themes/twentytwelve/readme.txt | 2 +- src/wp-content/themes/twentytwenty/readme.txt | 8 ++++---- src/wp-content/themes/twentytwentyfour/readme.txt | 2 +- src/wp-content/themes/twentytwentyone/readme.txt | 12 ++++++------ src/wp-content/themes/twentytwentythree/readme.txt | 2 +- src/wp-content/themes/twentytwentytwo/readme.txt | 2 +- 15 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/license.txt b/src/license.txt index 90cf5383fe5a4..a22eda8f3bbf4 100644 --- a/src/license.txt +++ b/src/license.txt @@ -1,6 +1,6 @@ WordPress - Web publishing software -Copyright 2011-2024 by the contributors +Copyright 2011-2025 by the contributors This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/wp-content/themes/twentyeleven/readme.txt b/src/wp-content/themes/twentyeleven/readme.txt index 16d4d11e26b57..f8d794b9b8a23 100644 --- a/src/wp-content/themes/twentyeleven/readme.txt +++ b/src/wp-content/themes/twentyeleven/readme.txt @@ -23,7 +23,7 @@ For more information about Twenty Eleven please go to https://codex.wordpress.or == Copyright == -Twenty Eleven WordPress Theme, Copyright 2011-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Eleven WordPress Theme, Copyright 2011-2025 WordPress.org, Automattic Inc., and contributors. Twenty Eleven is Distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentyfifteen/readme.txt b/src/wp-content/themes/twentyfifteen/readme.txt index 358101e7a55af..2fd9ff16029ad 100644 --- a/src/wp-content/themes/twentyfifteen/readme.txt +++ b/src/wp-content/themes/twentyfifteen/readme.txt @@ -31,7 +31,7 @@ For more information about Twenty Fifteen please go to https://wordpress.org/doc == Copyright == -Twenty Fifteen WordPress Theme, Copyright 2014-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Fifteen WordPress Theme, Copyright 2014-2025 WordPress.org, Automattic Inc., and contributors. Twenty Fifteen is distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentyfourteen/readme.txt b/src/wp-content/themes/twentyfourteen/readme.txt index a54226a83f7fb..af119167596ea 100644 --- a/src/wp-content/themes/twentyfourteen/readme.txt +++ b/src/wp-content/themes/twentyfourteen/readme.txt @@ -23,7 +23,7 @@ For more information about Twenty Fourteen please go to https://codex.wordpress. == Copyright == -Twenty Fourteen WordPress Theme, Copyright 2013-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Fourteen WordPress Theme, Copyright 2013-2025 WordPress.org, Automattic Inc., and contributors. Twenty Fourteen is Distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentynineteen/readme.txt b/src/wp-content/themes/twentynineteen/readme.txt index d3ca13553e2d1..e30e9291c221d 100644 --- a/src/wp-content/themes/twentynineteen/readme.txt +++ b/src/wp-content/themes/twentynineteen/readme.txt @@ -25,7 +25,7 @@ For more information about Twenty Nineteen please go to https://wordpress.org/do == Copyright == -Twenty Nineteen WordPress Theme, Copyright 2018-2024 WordPress.org, and contributors. +Twenty Nineteen WordPress Theme, Copyright 2018-2025 WordPress.org, and contributors. Twenty Nineteen is distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify @@ -147,7 +147,7 @@ Initial release == Resources == * normalize.css, © 2012-2018 Nicolas Gallagher and Jonathan Neal, MIT -* Underscores, © 2012-2024 Automattic, Inc., GNU GPL v2 or later +* Underscores, © 2012-2025 Automattic, Inc., GNU GPL v2 or later * Bundled block pattern images: * Abstract Background by HD Wallpapers, CC0. https://stocksnap.io/photo/abstract-background-0SRRVNMKBX * Abstract Waves by HD Wallpapers, CC0. https://stocksnap.io/photo/abstract-waves-0KREGLTZQ3 diff --git a/src/wp-content/themes/twentyseventeen/readme.txt b/src/wp-content/themes/twentyseventeen/readme.txt index c78ed84d89e3a..cc3246ea4d8e3 100644 --- a/src/wp-content/themes/twentyseventeen/readme.txt +++ b/src/wp-content/themes/twentyseventeen/readme.txt @@ -24,7 +24,7 @@ For more information about Twenty Seventeen please go to https://wordpress.org/d == Copyright == -Twenty Seventeen WordPress Theme, Copyright 2016-2024 WordPress.org, and contributors. +Twenty Seventeen WordPress Theme, Copyright 2016-2025 WordPress.org, and contributors. Twenty Seventeen is distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentysixteen/readme.txt b/src/wp-content/themes/twentysixteen/readme.txt index 6891502fe3b5e..e5a5a2776773d 100644 --- a/src/wp-content/themes/twentysixteen/readme.txt +++ b/src/wp-content/themes/twentysixteen/readme.txt @@ -30,7 +30,7 @@ For more information about Twenty Sixteen please go to https://wordpress.org/doc == Copyright == -Twenty Sixteen WordPress Theme, Copyright 2014-2024 WordPress.org, and contributors. +Twenty Sixteen WordPress Theme, Copyright 2014-2025 WordPress.org, and contributors. Twenty Sixteen is distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentyten/readme.txt b/src/wp-content/themes/twentyten/readme.txt index 1127216542e5d..f0e8c057cfb64 100644 --- a/src/wp-content/themes/twentyten/readme.txt +++ b/src/wp-content/themes/twentyten/readme.txt @@ -23,7 +23,7 @@ For more information about Twenty Ten theme please go to https://codex.wordpress == Copyright == -Twenty Ten WordPress Theme, Copyright 2010-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Ten WordPress Theme, Copyright 2010-2025 WordPress.org, Automattic Inc., and contributors. Twenty Ten is Distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentythirteen/readme.txt b/src/wp-content/themes/twentythirteen/readme.txt index e02e6eae1cc07..94261e7c4c002 100644 --- a/src/wp-content/themes/twentythirteen/readme.txt +++ b/src/wp-content/themes/twentythirteen/readme.txt @@ -23,7 +23,7 @@ For more information about Twenty Thirteen please go to https://codex.wordpress. == Copyright == -Twenty Thirteen WordPress Theme, Copyright 2013-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Thirteen WordPress Theme, Copyright 2013-2025 WordPress.org, Automattic Inc., and contributors. Twenty Thirteen is Distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentytwelve/readme.txt b/src/wp-content/themes/twentytwelve/readme.txt index 3e716ee1b4ab7..f746e9add5048 100644 --- a/src/wp-content/themes/twentytwelve/readme.txt +++ b/src/wp-content/themes/twentytwelve/readme.txt @@ -23,7 +23,7 @@ For more information about Twenty Twelve please go to https://codex.wordpress.or == Copyright == -Twenty Twelve WordPress Theme, Copyright 2012-2024 WordPress.org, Automattic Inc., and contributors. +Twenty Twelve WordPress Theme, Copyright 2012-2025 WordPress.org, Automattic Inc., and contributors. Twenty Twelve is Distributed under the terms of the GNU GPL This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentytwenty/readme.txt b/src/wp-content/themes/twentytwenty/readme.txt index 293baaef7c382..cd5d4b01d62c3 100644 --- a/src/wp-content/themes/twentytwenty/readme.txt +++ b/src/wp-content/themes/twentytwenty/readme.txt @@ -121,7 +121,7 @@ Initial release == Copyright == -Twenty Twenty WordPress Theme, Copyright 2019-2024 WordPress.org and contributors. +Twenty Twenty WordPress Theme, Copyright 2019-2025 WordPress.org and contributors. Twenty Twenty is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify @@ -170,7 +170,7 @@ License URI: http://www.gnu.org/licenses/gpl-2.0.html Source: WordPress Social Link Block (See wp-includes\blocks\social-link.php) Code from Twenty Nineteen -Copyright (c) 2018-2024 WordPress.org +Copyright (c) 2018-2025 WordPress.org License: GPLv2 Source: https://wordpress.org/themes/twentynineteen/ Included as part of the following classes and functions: @@ -180,11 +180,11 @@ Included as part of the following classes and functions: - twentytwenty_nav_menu_social_icons() Code from Twenty Seventeen -Copyright (c) 2016-2024 WordPress.org +Copyright (c) 2016-2025 WordPress.org License: GPLv2 Source: https://wordpress.org/themes/twentyseventeen/ Included as part of the following classes and functions: - twentytwenty_unique_id() Underscores -https://underscores.me/, (C) 2012-2024 Automattic, Inc., [GPLv2 or later](https://www.gnu.org/licenses/gpl-2.0.html) +https://underscores.me/, (C) 2012-2025 Automattic, Inc., [GPLv2 or later](https://www.gnu.org/licenses/gpl-2.0.html) diff --git a/src/wp-content/themes/twentytwentyfour/readme.txt b/src/wp-content/themes/twentytwentyfour/readme.txt index 8008a10b2fd9b..299a63d4c997c 100644 --- a/src/wp-content/themes/twentytwentyfour/readme.txt +++ b/src/wp-content/themes/twentytwentyfour/readme.txt @@ -35,7 +35,7 @@ https://wordpress.org/documentation/article/twenty-twenty-four-changelog/#Versio == Copyright == -Twenty Twenty-Four WordPress Theme, (C) 2023-2024 WordPress.org and contributors. +Twenty Twenty-Four WordPress Theme, (C) 2023-2025 WordPress.org and contributors. Twenty Twenty-Four is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentytwentyone/readme.txt b/src/wp-content/themes/twentytwentyone/readme.txt index e0c9e6949c2d5..b955225ca6a83 100644 --- a/src/wp-content/themes/twentytwentyone/readme.txt +++ b/src/wp-content/themes/twentytwentyone/readme.txt @@ -107,7 +107,7 @@ https://wordpress.org/documentation/article/twenty-twenty-one-changelog/#Version == Copyright == -Twenty Twenty-One WordPress Theme, 2020-2024 WordPress.org and contributors. +Twenty Twenty-One WordPress Theme, 2020-2025 WordPress.org and contributors. Twenty Twenty-One is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify @@ -125,19 +125,19 @@ Twenty Twenty-One is derived from Seedlet, (C) 2020 Automattic, Inc. Twenty Twenty-One is also based on: -Twenty Nineteen. 2018-2024 WordPress.org +Twenty Nineteen. 2018-2025 WordPress.org Twenty Nineteen is distributed under the terms of the GNU GPL v2 or later. -Twenty Seventeen. Copyright (C) 2016-2024 WordPress.org +Twenty Seventeen. Copyright (C) 2016-2025 WordPress.org Twenty Seventeen is distributed under the terms of the GNU GPL v2 or later. -Twenty Sixteen. Copyright (C) 2015-2024 WordPress.org +Twenty Sixteen. Copyright (C) 2015-2025 WordPress.org Twenty Sixteen is distributed under the terms of the GNU GPL v2 or later. -Twenty Twenty. Copyright (C) 2020-2024 WordPress.org +Twenty Twenty. Copyright (C) 2020-2025 WordPress.org Twenty Twenty is distributed under the terms of the GNU GPL v2 or later. -Underscores https://underscores.me/, Copyright (C) 2012-2024 Automattic, Inc. +Underscores https://underscores.me/, Copyright (C) 2012-2025 Automattic, Inc. Underscores is distributed under the terms of the GNU GPL v2 or later. Normalizing styles have been helped along thanks to the fine work of diff --git a/src/wp-content/themes/twentytwentythree/readme.txt b/src/wp-content/themes/twentytwentythree/readme.txt index 237758249f85d..9e4653b7f4ec4 100644 --- a/src/wp-content/themes/twentytwentythree/readme.txt +++ b/src/wp-content/themes/twentytwentythree/readme.txt @@ -52,7 +52,7 @@ https://wordpress.org/documentation/article/twenty-twenty-three-changelog/#Versi == Copyright == -Twenty Twenty-Three WordPress Theme, (C) 2022-2024 WordPress.org and contributors. +Twenty Twenty-Three WordPress Theme, (C) 2022-2025 WordPress.org and contributors. Twenty Twenty-Three is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify diff --git a/src/wp-content/themes/twentytwentytwo/readme.txt b/src/wp-content/themes/twentytwentytwo/readme.txt index d2635dbfe0207..ace8251b15899 100644 --- a/src/wp-content/themes/twentytwentytwo/readme.txt +++ b/src/wp-content/themes/twentytwentytwo/readme.txt @@ -91,7 +91,7 @@ https://wordpress.org/documentation/article/twenty-twenty-two-changelog/#Version == Copyright == -Twenty Twenty-Two WordPress Theme, 2021-2024 WordPress.org and contributors. +Twenty Twenty-Two WordPress Theme, 2021-2025 WordPress.org and contributors. Twenty Twenty-Two is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify From 238f8657d7a06e5077e6177e308c464c73754a8e Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Thu, 2 Jan 2025 01:06:38 +0000 Subject: [PATCH 32/44] =?UTF-8?q?Happy=20New=20Year=20Twenty=20Twenty-Five?= =?UTF-8?q?!=20=F0=9F=8E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update copyright year to 2025 in the Twenty Twenty-Five bundled theme's `readme.txt`. Follow-up to [18201], [23306], [28064], [36855], [36856], [39659], [40241], [42424], [46719], [46720], [47025], [47026], [49915], [52427], [55024], [57235], [59568]. git-svn-id: https://develop.svn.wordpress.org/trunk@59569 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-content/themes/twentytwentyfive/readme.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-content/themes/twentytwentyfive/readme.txt b/src/wp-content/themes/twentytwentyfive/readme.txt index c04796c2e7343..b4dc89e9c9fe6 100644 --- a/src/wp-content/themes/twentytwentyfive/readme.txt +++ b/src/wp-content/themes/twentytwentyfive/readme.txt @@ -17,7 +17,7 @@ Twenty Twenty-Five emphasizes simplicity and adaptability. It offers flexible de == Copyright == -Twenty Twenty-Five WordPress Theme, (C) 2024 WordPress.org and contributors. +Twenty Twenty-Five WordPress Theme, (C) 2024-2025 WordPress.org and contributors. Twenty Twenty-Five is distributed under the terms of the GNU GPL. This program is free software: you can redistribute it and/or modify From 5948245e57bdbf18b45568b3bb9b5566a9e8d907 Mon Sep 17 00:00:00 2001 From: Felix Arntz Date: Thu, 2 Jan 2025 16:11:14 +0000 Subject: [PATCH 33/44] Build/Test Tools: Fix incorrect commit time being reported to WordPress Code Vitals Dashboard. Props mukesh27, ayeshrajans. Fixes #62766. git-svn-id: https://develop.svn.wordpress.org/trunk@59570 602fd350-edb4-49c9-b593-d223f7449a82 --- .github/workflows/reusable-performance.yml | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/.github/workflows/reusable-performance.yml b/.github/workflows/reusable-performance.yml index e5c29aa0b1849..c9dad187499ce 100644 --- a/.github/workflows/reusable-performance.yml +++ b/.github/workflows/reusable-performance.yml @@ -94,7 +94,6 @@ jobs: # - Compare results. # - Add workflow summary. # - Set the base sha. - # - Set commit details. # - Publish performance results. # - Ensure version-controlled files are not modified or deleted. performance: @@ -312,23 +311,12 @@ jobs: const baseRef = await github.rest.git.getRef({ owner: context.repo.owner, repo: context.repo.repo, ref: 'tags/${{ env.BASE_TAG }}' }); return baseRef.data.object.sha; - - name: Set commit details - # Only needed when publishing results. - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - id: commit-timestamp - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const commit_details = await github.rest.git.getCommit({ owner: context.repo.owner, repo: context.repo.repo, commit_sha: context.sha }); - return parseInt((new Date( commit_details.data.author.date ).getTime() / 1000).toFixed(0)) - - name: Publish performance results # Only publish results on pushes to trunk. if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} env: BASE_SHA: ${{ steps.base-sha.outputs.result }} - COMMITTED_AT: ${{ steps.commit-timestamp.outputs.result }} + COMMITTED_AT: $(git show -s $GITHUB_SHA --format="%cI") CODEVITALS_PROJECT_TOKEN: ${{ secrets.CODEVITALS_PROJECT_TOKEN }} HOST_NAME: "www.codevitals.run" run: | From 7bd68355aac022d3fd336b292b650088bcedde08 Mon Sep 17 00:00:00 2001 From: Felix Arntz Date: Thu, 2 Jan 2025 16:39:28 +0000 Subject: [PATCH 34/44] Build/Test Tools: Revert [59570]. The fix did not work properly and is causing performance data for commits to not be sent at all. It is therefore reverted until a proper solution has been implemented. See #62766. git-svn-id: https://develop.svn.wordpress.org/trunk@59571 602fd350-edb4-49c9-b593-d223f7449a82 --- .github/workflows/reusable-performance.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/reusable-performance.yml b/.github/workflows/reusable-performance.yml index c9dad187499ce..e5c29aa0b1849 100644 --- a/.github/workflows/reusable-performance.yml +++ b/.github/workflows/reusable-performance.yml @@ -94,6 +94,7 @@ jobs: # - Compare results. # - Add workflow summary. # - Set the base sha. + # - Set commit details. # - Publish performance results. # - Ensure version-controlled files are not modified or deleted. performance: @@ -311,12 +312,23 @@ jobs: const baseRef = await github.rest.git.getRef({ owner: context.repo.owner, repo: context.repo.repo, ref: 'tags/${{ env.BASE_TAG }}' }); return baseRef.data.object.sha; + - name: Set commit details + # Only needed when publishing results. + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + id: commit-timestamp + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const commit_details = await github.rest.git.getCommit({ owner: context.repo.owner, repo: context.repo.repo, commit_sha: context.sha }); + return parseInt((new Date( commit_details.data.author.date ).getTime() / 1000).toFixed(0)) + - name: Publish performance results # Only publish results on pushes to trunk. if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} env: BASE_SHA: ${{ steps.base-sha.outputs.result }} - COMMITTED_AT: $(git show -s $GITHUB_SHA --format="%cI") + COMMITTED_AT: ${{ steps.commit-timestamp.outputs.result }} CODEVITALS_PROJECT_TOKEN: ${{ secrets.CODEVITALS_PROJECT_TOKEN }} HOST_NAME: "www.codevitals.run" run: | From 016bbeca9bfe96b3e024441059b76a3ad7d31df9 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 2 Jan 2025 18:25:59 +0000 Subject: [PATCH 35/44] Coding Standards: Use strict comparison in `_reset_front_page_settings_for_post()`. Follow-up to [6337], [25686]. Props aristath, poena, afercia, SergeyBiryukov. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59572 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php index 3c3a422430324..a197180d9e172 100644 --- a/src/wp-includes/post.php +++ b/src/wp-includes/post.php @@ -3859,11 +3859,11 @@ function _reset_front_page_settings_for_post( $post_id ) { * If the page is defined in option page_on_front or post_for_posts, * adjust the corresponding options. */ - if ( get_option( 'page_on_front' ) == $post->ID ) { + if ( (int) get_option( 'page_on_front' ) === $post->ID ) { update_option( 'show_on_front', 'posts' ); update_option( 'page_on_front', 0 ); } - if ( get_option( 'page_for_posts' ) == $post->ID ) { + if ( (int) get_option( 'page_for_posts' ) === $post->ID ) { update_option( 'page_for_posts', 0 ); } } From 8da02a8665521cb79d21241299284f362881ed7d Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Fri, 3 Jan 2025 22:55:42 +0000 Subject: [PATCH 36/44] Coding Standards: Use strict comparison in `wpmu_validate_blog_signup()`. Follow-up to [https://mu.trac.wordpress.org/changeset/8 mu:8], [https://mu.trac.wordpress.org/changeset/543 mu:543], [https://mu.trac.wordpress.org/changeset/550 mu:550], [https://mu.trac.wordpress.org/changeset/1364 mu:1364], [https://mu.trac.wordpress.org/changeset/1958 mu:1958], [12603], [32733]. Props debarghyabanerjee, aristath, poena, afercia, SergeyBiryukov. See #62279, #62283. git-svn-id: https://develop.svn.wordpress.org/trunk@59573 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index e0ae1a0315f17..5bb3cab118bee 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -481,10 +481,12 @@ function wpmu_validate_user_signup( $user_name, $user_email ) { } $illegal_names = get_site_option( 'illegal_names' ); + if ( ! is_array( $illegal_names ) ) { $illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ); add_site_option( 'illegal_names', $illegal_names ); } + if ( in_array( $user_name, $illegal_names, true ) ) { $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) ); } @@ -516,10 +518,12 @@ function wpmu_validate_user_signup( $user_name, $user_email ) { } $limited_email_domains = get_site_option( 'limited_email_domains' ); + if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) { $limited_email_domains = array_map( 'strtolower', $limited_email_domains ); - $emaildomain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) ); - if ( ! in_array( $emaildomain, $limited_email_domains, true ) ) { + $email_domain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) ); + + if ( ! in_array( $email_domain, $limited_email_domains, true ) ) { $errors->add( 'user_email', __( 'Sorry, that email address is not allowed!' ) ); } } @@ -637,7 +641,8 @@ function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) { $errors = new WP_Error(); $illegal_names = get_site_option( 'illegal_names' ); - if ( false == $illegal_names ) { + + if ( ! is_array( $illegal_names ) ) { $illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ); add_site_option( 'illegal_names', $illegal_names ); } @@ -721,7 +726,7 @@ function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) { * unless it's the user's own username. */ if ( username_exists( $blogname ) ) { - if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login != $blogname ) ) ) { + if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login !== $blogname ) ) ) { $errors->add( 'blogname', __( 'Sorry, that site is reserved!' ) ); } } From 8f6f8098efd1ff74da806b576a33b4ba152d17b3 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sat, 4 Jan 2025 10:25:13 +0000 Subject: [PATCH 37/44] Coding Standards: Replace loose comparison in `wpmu_welcome_notification()`. Follow-up to [https://mu.trac.wordpress.org/changeset/543 mu:543]. Props debarghyabanerjee, aristath, poena, afercia, SergeyBiryukov. Fixes #62283. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59574 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 5bb3cab118bee..77603313b2a2f 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -726,7 +726,7 @@ function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) { * unless it's the user's own username. */ if ( username_exists( $blogname ) ) { - if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login !== $blogname ) ) ) { + if ( ! is_object( $user ) || ( is_object( $user ) && $user->user_login !== $blogname ) ) { $errors->add( 'blogname', __( 'Sorry, that site is reserved!' ) ); } } @@ -1632,7 +1632,8 @@ function wpmu_welcome_notification( $blog_id, $user_id, $password, $title, $meta $switched_locale = switch_to_user_locale( $user_id ); $welcome_email = get_site_option( 'welcome_email' ); - if ( false == $welcome_email ) { + + if ( ! $welcome_email ) { /* translators: Do not translate USERNAME, SITE_NAME, BLOG_URL, PASSWORD: those are placeholders. */ $welcome_email = __( 'Howdy USERNAME, From bb3f90f97423bacf31717c2095bfc78945a94222 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sun, 5 Jan 2025 22:10:39 +0000 Subject: [PATCH 38/44] Coding Standards: Use strict comparison in `get_pages()`. Follow-up to [4180], [49108]. Props aristath, poena, afercia, SergeyBiryukov. See #62279. git-svn-id: https://develop.svn.wordpress.org/trunk@59575 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/post.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/post.php b/src/wp-includes/post.php index a197180d9e172..4d85ef2fb25d7 100644 --- a/src/wp-includes/post.php +++ b/src/wp-includes/post.php @@ -6354,7 +6354,7 @@ function get_pages( $args = array() ) { $query_args['author__in'] = array(); foreach ( $post_authors as $post_author ) { // Do we have an author id or an author login? - if ( 0 == (int) $post_author ) { + if ( 0 === (int) $post_author ) { $post_author = get_user_by( 'login', $post_author ); if ( empty( $post_author ) ) { continue; From 938d27abf2362bb77f731c4ccd13a52c31a36674 Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Sun, 5 Jan 2025 22:12:25 +0000 Subject: [PATCH 39/44] Comments: Noindex pages containing unapproved comments. Adds a `noindex` directive to pages displaying a preview of an unapproved comment, ie pages with both an `approved` and `moderation-hash` parameter. This is to prevent the pages from appearing in search engines which can be the case if they ignore the canonical URL directive. Props peterwilsoncc, flixos90, joostdevalk. Fixes #62760. git-svn-id: https://develop.svn.wordpress.org/trunk@59576 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/default-filters.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php index 9eff6ecbeb67a..575e8a91758f1 100644 --- a/src/wp-includes/default-filters.php +++ b/src/wp-includes/default-filters.php @@ -366,7 +366,13 @@ add_action( 'wp_enqueue_scripts', 'wp_enqueue_emoji_styles' ); add_action( 'wp_print_styles', 'print_emoji_styles' ); // Retained for backwards-compatibility. Unhooked by wp_enqueue_emoji_styles(). -if ( isset( $_GET['replytocom'] ) ) { +if ( + // Comment reply link. + isset( $_GET['replytocom'] ) + || + // Unapproved comment preview. + ( isset( $_GET['unapproved'] ) && isset( $_GET['moderation-hash'] ) ) +) { add_filter( 'wp_robots', 'wp_robots_no_robots' ); } From d6aa0438536bb5d12ca3c8e9c2fa5a84fb083dc1 Mon Sep 17 00:00:00 2001 From: Pascal Birchler Date: Mon, 6 Jan 2025 10:29:09 +0000 Subject: [PATCH 40/44] Build/Test Tools: Expand performance tests setup. Run tests against Multisite (possible since [58097]) and on single post pages. Also improve cache flushes/resets between iterations. Props swissspidy, flixos90, desrosj, mukesh27. Fixes #62725. git-svn-id: https://develop.svn.wordpress.org/trunk@59577 602fd350-edb4-49c9-b593-d223f7449a82 --- .github/workflows/performance.yml | 4 +- .github/workflows/reusable-performance.yml | 28 +++++-- tests/performance/compare-results.js | 6 +- tests/performance/log-results.js | 14 +++- tests/performance/specs/admin.test.js | 9 ++- tests/performance/specs/home.test.js | 12 +-- tests/performance/specs/single-post.test.js | 79 +++++++++++++++++++ tests/performance/utils.js | 6 ++ .../wp-content/mu-plugins/clear-cache.php | 27 +++++++ 9 files changed, 164 insertions(+), 21 deletions(-) create mode 100644 tests/performance/specs/single-post.test.js create mode 100644 tests/performance/wp-content/mu-plugins/clear-cache.php diff --git a/.github/workflows/performance.yml b/.github/workflows/performance.yml index dba6091a5547a..dbb672a30da39 100644 --- a/.github/workflows/performance.yml +++ b/.github/workflows/performance.yml @@ -32,7 +32,7 @@ permissions: {} jobs: # Runs the performance test suite. performance: - name: Performance tests ${{ matrix.memcached && '(with memcached)' || '' }} + name: ${{ matrix.multisite && 'Multisite' || 'Single site' }} uses: WordPress/wordpress-develop/.github/workflows/reusable-performance.yml@trunk permissions: contents: read @@ -41,8 +41,10 @@ jobs: fail-fast: false matrix: memcached: [ true, false ] + multisite: [ true, false ] with: memcached: ${{ matrix.memcached }} + multisite: ${{ matrix.multisite }} secrets: CODEVITALS_PROJECT_TOKEN: ${{ secrets.CODEVITALS_PROJECT_TOKEN }} diff --git a/.github/workflows/reusable-performance.yml b/.github/workflows/reusable-performance.yml index e5c29aa0b1849..61c40b80a41db 100644 --- a/.github/workflows/reusable-performance.yml +++ b/.github/workflows/reusable-performance.yml @@ -1,7 +1,7 @@ ## # A reusable workflow that runs the performance test suite. ## -name: Performance Tests +name: Run performance Tests on: workflow_call: @@ -26,6 +26,11 @@ on: required: false type: 'boolean' default: false + multisite: + description: 'Whether to use Multisite.' + required: false + type: 'boolean' + default: false secrets: CODEVITALS_PROJECT_TOKEN: description: 'The authorization token for https://www.codevitals.run/project/wordpress.' @@ -53,6 +58,7 @@ env: LOCAL_PHP_MEMCACHED: ${{ inputs.memcached }} LOCAL_PHP: ${{ inputs.php-version }}${{ 'latest' != inputs.php-version && '-fpm' || '' }} + LOCAL_MULTISITE: ${{ inputs.multisite }} jobs: # Performs the following steps: @@ -65,9 +71,11 @@ jobs: # - Install Playwright browsers. # - Build WordPress. # - Start Docker environment. + # - Install object cache drop-in. # - Log running Docker containers. # - Docker debug information. # - Install WordPress. + # - Enable themes on Multisite. # - Install WordPress Importer plugin. # - Import mock data. # - Deactivate WordPress Importer plugin. @@ -98,7 +106,7 @@ jobs: # - Publish performance results. # - Ensure version-controlled files are not modified or deleted. performance: - name: Run tests + name: ${{ inputs.multisite && 'Multisite' || 'Single site' }} / ${{ inputs.memcached && 'Memcached' || 'Default' }} runs-on: ubuntu-latest permissions: contents: read @@ -166,6 +174,14 @@ jobs: - name: Install WordPress run: npm run env:install + - name: Enable themes on Multisite + if: ${{ inputs.multisite }} + run: | + npm run env:cli -- theme enable twentytwentyone --network --path=/var/www/${{ env.LOCAL_DIR }} + npm run env:cli -- theme enable twentytwentythree --network --path=/var/www/${{ env.LOCAL_DIR }} + npm run env:cli -- theme enable twentytwentyfour --network --path=/var/www/${{ env.LOCAL_DIR }} + npm run env:cli -- theme enable twentytwentyfive --network --path=/var/www/${{ env.LOCAL_DIR }} + - name: Install WordPress Importer plugin run: npm run env:cli -- plugin install wordpress-importer --activate --path=/var/www/${{ env.LOCAL_DIR }} @@ -290,7 +306,7 @@ jobs: uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 if: always() with: - name: performance-artifacts${{ inputs.memcached && '-memcached' || '' }}-${{ github.run_id }} + name: performance-artifacts${{ inputs.multisite && '-multisite' || '' }}${{ inputs.memcached && '-memcached' || '' }}-${{ github.run_id }} path: artifacts if-no-files-found: ignore include-hidden-files: true @@ -303,7 +319,7 @@ jobs: - name: Set the base sha # Only needed when publishing results. - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached && ! inputs.multisite }} uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 id: base-sha with: @@ -314,7 +330,7 @@ jobs: - name: Set commit details # Only needed when publishing results. - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached && ! inputs.multisite }} uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 id: commit-timestamp with: @@ -325,7 +341,7 @@ jobs: - name: Publish performance results # Only publish results on pushes to trunk. - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached }} + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached && ! inputs.multisite }} env: BASE_SHA: ${{ steps.base-sha.outputs.result }} COMMITTED_AT: ${{ steps.commit-timestamp.outputs.result }} diff --git a/tests/performance/compare-results.js b/tests/performance/compare-results.js index c9d51e1a11117..c47de270f0727 100644 --- a/tests/performance/compare-results.js +++ b/tests/performance/compare-results.js @@ -96,6 +96,8 @@ if ( process.env.GITHUB_SHA ) { ); } +summaryMarkdown += `
    Results`; + for ( const { title, results } of afterStats ) { const prevStat = beforeStats.find( ( s ) => s.title === title ); @@ -143,10 +145,12 @@ for ( const { title, results } of afterStats ) { console.log( '(no results)' ); } - summaryMarkdown += `**${ title }**\n\n`; + summaryMarkdown += `${ title }\n\n`; summaryMarkdown += `${ formatAsMarkdownTable( rows ) }\n`; } +summaryMarkdown += `
    `; + writeFileSync( join( process.env.WP_ARTIFACTS_PATH, '/performance-results.md' ), summaryMarkdown diff --git a/tests/performance/log-results.js b/tests/performance/log-results.js index 581c0d39868b5..3612780bb361f 100644 --- a/tests/performance/log-results.js +++ b/tests/performance/log-results.js @@ -18,12 +18,18 @@ const { median, parseFile, accumulateValues } = require( './utils' ); const testSuiteMap = { 'Admin › Locale: en_US': 'admin', 'Admin › Locale: de_DE': 'admin-l10n', - 'Front End › Theme: twentytwentyone, Locale: en_US': 'home-classic-theme', - 'Front End › Theme: twentytwentyone, Locale: de_DE': + 'Homepage › Theme: twentytwentyone, Locale: en_US': 'home-classic-theme', + 'Homepage › Theme: twentytwentyone, Locale: de_DE': 'home-classic-theme-l10n', - 'Front End › Theme: twentytwentythree, Locale: en_US': 'home-block-theme', - 'Front End › Theme: twentytwentythree, Locale: de_DE': + 'Homepage › Theme: twentytwentythree, Locale: en_US': 'home-block-theme', + 'Homepage › Theme: twentytwentythree, Locale: de_DE': 'home-block-theme-l10n', + 'Homepage › Theme: twentytwentyfour, Locale: en_US': 'home-twentytwentyfour', + 'Homepage › Theme: twentytwentyfour, Locale: de_DE': + 'home-twentytwentyfour-l10n', + 'Homepage › Theme: twentytwentyfive, Locale: en_US': 'home-twentytwentyfive', + 'Homepage › Theme: twentytwentyfive, Locale: de_DE': + 'home-twentytwentyfive-l10n', }; /** diff --git a/tests/performance/specs/admin.test.js b/tests/performance/specs/admin.test.js index 36bdd9c628aa1..3414fdd3dbed9 100644 --- a/tests/performance/specs/admin.test.js +++ b/tests/performance/specs/admin.test.js @@ -6,14 +6,12 @@ import { test } from '@wordpress/e2e-test-utils-playwright'; /** * Internal dependencies */ -import { camelCaseDashes } from '../utils'; +import { camelCaseDashes, locales } from '../utils'; const results = { timeToFirstByte: [], }; -const locales = [ 'en_US', 'de_DE' ]; - test.describe( 'Admin', () => { for ( const locale of locales ) { test.describe( `Locale: ${ locale }`, () => { @@ -47,9 +45,14 @@ test.describe( 'Admin', () => { const iterations = Number( process.env.TEST_RUNS ); for ( let i = 1; i <= iterations; i++ ) { test( `Measure load time metrics (${ i } of ${ iterations })`, async ( { + page, admin, metrics, } ) => { + // Clear caches using the clear-cache.php mu-plugin. Not actually loading the page. + await page.goto( '/?clear_cache' ); + + // This is the actual page to test. await admin.visitAdminPage( '/' ); const serverTiming = await metrics.getServerTiming(); diff --git a/tests/performance/specs/home.test.js b/tests/performance/specs/home.test.js index 004c8f03debd4..cd3de40518fe3 100644 --- a/tests/performance/specs/home.test.js +++ b/tests/performance/specs/home.test.js @@ -6,7 +6,7 @@ import { test } from '@wordpress/e2e-test-utils-playwright'; /** * Internal dependencies */ -import { camelCaseDashes } from '../utils'; +import { camelCaseDashes, themes, locales } from '../utils'; const results = { timeToFirstByte: [], @@ -14,11 +14,7 @@ const results = { lcpMinusTtfb: [], }; -const themes = [ 'twentytwentyone', 'twentytwentythree', 'twentytwentyfour', 'twentytwentyfive' ]; - -const locales = [ 'en_US', 'de_DE' ]; - -test.describe( 'Front End', () => { +test.describe( 'Homepage', () => { test.use( { storageState: {}, // User will be logged out. } ); @@ -54,6 +50,10 @@ test.describe( 'Front End', () => { page, metrics, } ) => { + // Clear caches using the clear-cache.php mu-plugin. Not actually loading the page. + await page.goto( '/?clear_cache' ); + + // This is the actual page to test. await page.goto( '/' ); const serverTiming = await metrics.getServerTiming(); diff --git a/tests/performance/specs/single-post.test.js b/tests/performance/specs/single-post.test.js new file mode 100644 index 0000000000000..dbdf6916ef2fd --- /dev/null +++ b/tests/performance/specs/single-post.test.js @@ -0,0 +1,79 @@ +/** + * WordPress dependencies + */ +import { test } from '@wordpress/e2e-test-utils-playwright'; + +/** + * Internal dependencies + */ +import { camelCaseDashes, themes, locales } from '../utils'; + +const results = { + timeToFirstByte: [], + largestContentfulPaint: [], + lcpMinusTtfb: [], +}; + +test.describe( 'Single Post', () => { + test.use( { + storageState: {}, // User will be logged out. + } ); + + for ( const theme of themes ) { + for ( const locale of locales ) { + test.describe( `Theme: ${ theme }, Locale: ${ locale }`, () => { + test.beforeAll( async ( { requestUtils } ) => { + await requestUtils.activateTheme( theme ); + await requestUtils.updateSiteSettings( { + language: 'en_US' === locale ? '' : locale, + } ); + } ); + + test.afterAll( async ( { requestUtils }, testInfo ) => { + await testInfo.attach( 'results', { + body: JSON.stringify( results, null, 2 ), + contentType: 'application/json', + } ); + + await requestUtils.updateSiteSettings( { + language: '', + } ); + + results.largestContentfulPaint = []; + results.timeToFirstByte = []; + results.lcpMinusTtfb = []; + } ); + + const iterations = Number( process.env.TEST_RUNS ); + for ( let i = 1; i <= iterations; i++ ) { + test( `Measure load time metrics (${ i } of ${ iterations })`, async ( { + page, + metrics, + } ) => { + // Clear caches using the clear-cache.php mu-plugin. Not actually loading the page. + await page.goto( '/?clear_cache' ); + + // This is the actual page to test. + await page.goto( '/2018/11/03/block-image/' ); + + const serverTiming = await metrics.getServerTiming(); + + for ( const [ key, value ] of Object.entries( + serverTiming + ) ) { + results[ camelCaseDashes( key ) ] ??= []; + results[ camelCaseDashes( key ) ].push( value ); + } + + const ttfb = await metrics.getTimeToFirstByte(); + const lcp = await metrics.getLargestContentfulPaint(); + + results.largestContentfulPaint.push( lcp ); + results.timeToFirstByte.push( ttfb ); + results.lcpMinusTtfb.push( lcp - ttfb ); + } ); + } + } ); + } + } +} ); diff --git a/tests/performance/utils.js b/tests/performance/utils.js index 4d023be586048..b7481dfd67605 100644 --- a/tests/performance/utils.js +++ b/tests/performance/utils.js @@ -6,6 +6,10 @@ const { join } = require( 'node:path' ); process.env.WP_ARTIFACTS_PATH ??= join( process.cwd(), 'artifacts' ); +const locales = [ 'en_US', 'de_DE' ]; + +const themes = [ 'twentytwentyone', 'twentytwentythree', 'twentytwentyfour', 'twentytwentyfive' ]; + /** * Parse test files into JSON objects. * @@ -189,4 +193,6 @@ module.exports = { standardDeviation, medianAbsoluteDeviation, accumulateValues, + themes, + locales, }; diff --git a/tests/performance/wp-content/mu-plugins/clear-cache.php b/tests/performance/wp-content/mu-plugins/clear-cache.php new file mode 100644 index 0000000000000..4d6ff4ea2c586 --- /dev/null +++ b/tests/performance/wp-content/mu-plugins/clear-cache.php @@ -0,0 +1,27 @@ + Date: Mon, 6 Jan 2025 15:21:26 +0000 Subject: [PATCH 41/44] Security: Enhance the `wp_hash()` function to support custom hashing algorithms. The default algorithm remains as md5, but this change allows any algorithm that's supported by `hash_hmac()` to be used instead. Props pushpenderindia, ayeshrajans, debarghyabanerjee, johnbillion Fixes #62005 git-svn-id: https://develop.svn.wordpress.org/trunk@59578 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/pluggable.php | 26 +++++++++++-- tests/phpunit/tests/functions/wpHash.php | 39 ++++++++++++++++++++ tests/phpunit/tests/pluggable/signatures.php | 1 + 3 files changed, 63 insertions(+), 3 deletions(-) create mode 100644 tests/phpunit/tests/functions/wpHash.php diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php index 3dd629fa1990c..d0b2d3602a980 100644 --- a/src/wp-includes/pluggable.php +++ b/src/wp-includes/pluggable.php @@ -2581,18 +2581,38 @@ function wp_salt( $scheme = 'auth' ) { if ( ! function_exists( 'wp_hash' ) ) : /** - * Gets hash of given string. + * Gets the hash of the given string. + * + * The default algorithm is md5 but can be changed to any algorithm supported by + * `hash_hmac()`. Use the `hash_hmac_algos()` function to check the supported + * algorithms. * * @since 2.0.3 + * @since 6.8.0 The `$algo` parameter was added. + * + * @throws InvalidArgumentException if the hashing algorithm is not supported. * * @param string $data Plain text to hash. * @param string $scheme Authentication scheme (auth, secure_auth, logged_in, nonce). + * @param string $algo Hashing algorithm to use. Default: 'md5'. * @return string Hash of $data. */ - function wp_hash( $data, $scheme = 'auth' ) { + function wp_hash( $data, $scheme = 'auth', $algo = 'md5' ) { $salt = wp_salt( $scheme ); - return hash_hmac( 'md5', $data, $salt ); + // Ensure the algorithm is supported by the hash_hmac function. + if ( ! in_array( $algo, hash_hmac_algos(), true ) ) { + throw new InvalidArgumentException( + sprintf( + /** translators: 1: Name of a cryptographic hash algorithm. 2: List of supported algorithms. */ + __( 'Unsupported hashing algorithm: %1$s. Supported algorithms are: %2$s' ), + $algo, + implode( ', ', hash_hmac_algos() ) + ) + ); + } + + return hash_hmac( $algo, $data, $salt ); } endif; diff --git a/tests/phpunit/tests/functions/wpHash.php b/tests/phpunit/tests/functions/wpHash.php new file mode 100644 index 0000000000000..63744b188dace --- /dev/null +++ b/tests/phpunit/tests/functions/wpHash.php @@ -0,0 +1,39 @@ +assertSame( $expected_length, strlen( $hash ) ); + } + + public function data_wp_hash_uses_specified_algorithm() { + return array( + array( 'md5', 32 ), + array( 'sha1', 40 ), + array( 'sha256', 64 ), + ); + } + + /** + * @ticket 62005 + */ + public function test_wp_hash_throws_exception_on_invalid_algorithm() { + $this->expectException( 'InvalidArgumentException' ); + + wp_hash( 'data', 'auth', 'invalid' ); + } +} diff --git a/tests/phpunit/tests/pluggable/signatures.php b/tests/phpunit/tests/pluggable/signatures.php index 81fd079621916..8ac1dfb6966b6 100644 --- a/tests/phpunit/tests/pluggable/signatures.php +++ b/tests/phpunit/tests/pluggable/signatures.php @@ -209,6 +209,7 @@ public function get_pluggable_function_signatures() { 'wp_hash' => array( 'data', 'scheme' => 'auth', + 'algo' => 'md5', ), 'wp_hash_password' => array( 'password' ), 'wp_check_password' => array( From 375af8c6c6fe222fc4dacad6eed16f31a68061d7 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Mon, 6 Jan 2025 15:58:50 +0000 Subject: [PATCH 42/44] Tests: Improve the test for the copyright year in bundled themes' `readme.txt`. This aims to catch entries like `(C) 2024 WordPress.org` in addition to `Copyright 2024 WordPress.org`. Includes converting the test to use a data provider, so that messages could be displayed for each individual theme. Follow-up to [46719], [59569]. See #62280. git-svn-id: https://develop.svn.wordpress.org/trunk@59579 602fd350-edb4-49c9-b593-d223f7449a82 --- tests/phpunit/tests/theme.php | 40 ++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/tests/phpunit/tests/theme.php b/tests/phpunit/tests/theme.php index 248aaa833a02f..c18c4d434f44b 100644 --- a/tests/phpunit/tests/theme.php +++ b/tests/phpunit/tests/theme.php @@ -302,36 +302,38 @@ public function test_default_themes_have_textdomain() { /** * @ticket 48566 + * + * @dataProvider data_year_in_readme */ - public function test_year_in_readme() { + public function test_year_in_readme( $theme ) { // This test is designed to only run on trunk. $this->skipOnAutomatedBranches(); - foreach ( $this->default_themes as $theme ) { - $wp_theme = wp_get_theme( $theme ); - - $path_to_readme_txt = $wp_theme->get_theme_root() . '/' . $wp_theme->get_stylesheet() . '/readme.txt'; - $this->assertFileExists( $path_to_readme_txt ); + $wp_theme = wp_get_theme( $theme ); - $readme = file_get_contents( $path_to_readme_txt ); - $this_year = gmdate( 'Y' ); + $path_to_readme_txt = $wp_theme->get_theme_root() . '/' . $wp_theme->get_stylesheet() . '/readme.txt'; + $this->assertFileExists( $path_to_readme_txt ); - preg_match( '#Copyright (\d+) WordPress.org#', $readme, $matches ); - if ( $matches ) { - $readme_year = trim( $matches[1] ); + $readme = file_get_contents( $path_to_readme_txt ); + $this_year = gmdate( 'Y' ); - $this->assertSame( $this_year, $readme_year, "Bundled themes readme.txt's year needs to be updated to $this_year." ); - } - - preg_match( '#Copyright 20\d\d-(\d+) WordPress.org#', $readme, $matches ); - if ( $matches ) { - $readme_year = trim( $matches[1] ); + preg_match( '#(Copyright|\(C\)) (20\d\d-)?(\d+) WordPress.org#i', $readme, $matches ); + if ( $matches ) { + $readme_year = trim( $matches[3] ); - $this->assertSame( $this_year, $readme_year, "Bundled themes readme.txt's year needs to be updated to $this_year." ); - } + $this->assertSame( $this_year, $readme_year, "$theme readme.txt's year needs to be updated to $this_year." ); } } + public function data_year_in_readme() { + return array_map( + static function ( $theme ) { + return array( $theme ); + }, + $this->default_themes + ); + } + /** * @ticket 20897 * @expectedDeprecated get_theme_data From d49258b6f77d2dbeba9846a71bc474c2ec9a7690 Mon Sep 17 00:00:00 2001 From: Kelly Choyce-Dwan Date: Mon, 6 Jan 2025 16:18:25 +0000 Subject: [PATCH 43/44] Help/About: Allow "See everything new" button to wrap On some screen sizes and languages, the "See everything new" button expands out of the content area. This change allows the button to wrap at all screen sizes, and updates the style of this button for wrapped text. Props franciscabusas22, sabernhardt, yogeshbhutka, sainathpoojary, im3dabasia1, audrasjb. Fixes #62380. git-svn-id: https://develop.svn.wordpress.org/trunk@59580 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/css/about.css | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/wp-admin/css/about.css b/src/wp-admin/css/about.css index 79f0254ad33b8..70af0337307ab 100644 --- a/src/wp-admin/css/about.css +++ b/src/wp-admin/css/about.css @@ -454,7 +454,12 @@ } .about__section a.button.button-hero { + padding-top: 1.1875rem; + padding-bottom: 1.1875rem; font-size: 1.5rem; + line-height: 1.4; + white-space: normal; + text-wrap: pretty; } .about__container ul { From 4a9a928dbcd1c91d3633c8de51614dd90d8ea0ac Mon Sep 17 00:00:00 2001 From: Felix Arntz Date: Mon, 6 Jan 2025 21:19:51 +0000 Subject: [PATCH 44/44] Build/Test Tools: Fix incorrect commit time being reported to WordPress Code Vitals Dashboard. 2nd attempt of [59570]. Props mukesh27, ayeshrajans, swissspidy, desrosj. Fixes #62766. git-svn-id: https://develop.svn.wordpress.org/trunk@59582 602fd350-edb4-49c9-b593-d223f7449a82 --- .github/workflows/reusable-performance.yml | 10 ++-------- tests/performance/log-results.js | 4 ++-- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/reusable-performance.yml b/.github/workflows/reusable-performance.yml index 61c40b80a41db..f75cb6b3e4969 100644 --- a/.github/workflows/reusable-performance.yml +++ b/.github/workflows/reusable-performance.yml @@ -331,20 +331,14 @@ jobs: - name: Set commit details # Only needed when publishing results. if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached && ! inputs.multisite }} - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - id: commit-timestamp - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const commit_details = await github.rest.git.getCommit({ owner: context.repo.owner, repo: context.repo.repo, commit_sha: context.sha }); - return parseInt((new Date( commit_details.data.author.date ).getTime() / 1000).toFixed(0)) + # Write to an environment variable to have the output available in later steps of the job. + run: echo "COMMITTED_AT=$(git show -s $GITHUB_SHA --format='%cI')" >> $GITHUB_ENV - name: Publish performance results # Only publish results on pushes to trunk. if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && ! inputs.memcached && ! inputs.multisite }} env: BASE_SHA: ${{ steps.base-sha.outputs.result }} - COMMITTED_AT: ${{ steps.commit-timestamp.outputs.result }} CODEVITALS_PROJECT_TOKEN: ${{ secrets.CODEVITALS_PROJECT_TOKEN }} HOST_NAME: "www.codevitals.run" run: | diff --git a/tests/performance/log-results.js b/tests/performance/log-results.js index 3612780bb361f..f8214b68d4eb3 100644 --- a/tests/performance/log-results.js +++ b/tests/performance/log-results.js @@ -11,7 +11,7 @@ * External dependencies. */ const https = require( 'https' ); -const [ token, branch, hash, baseHash, timestamp, host ] = +const [ token, branch, hash, baseHash, date, host ] = process.argv.slice( 2 ); const { median, parseFile, accumulateValues } = require( './utils' ); @@ -87,7 +87,7 @@ const data = new TextEncoder().encode( branch, hash, baseHash, - timestamp: parseInt( timestamp, 10 ), + timestamp: date, metrics: metrics, baseMetrics: baseMetrics, } )