The `theme.json` file `$schema` URL is relative in the `gutenberg` repository upstream. The URL is not currently being replaced with an aboslute one pointing to w.org due to a missing `transform: true` configuration.
Follow up to [61438], [61439], [61458], [61492], [61677].
See #64393.
Built from https://develop.svn.wordpress.org/trunk@61867
git-svn-id: http://core.svn.wordpress.org/trunk@61154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Though `add_action()` and `add_filter()` are functionally equivalent internally, for proper semantics the former should be used on actions and the latter on filters.
Follow-up to [37920], [38046], [53266].
Props apermo.
Fixes#64828.
Built from https://develop.svn.wordpress.org/trunk@61866
git-svn-id: http://core.svn.wordpress.org/trunk@61153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The option to enable real-time collaboration was first added in [61689] as `enable_real_time_collaboration` with a value of `1` and the `$db_version` was bumped in [61696].
The option then went through a series of changes. This included: the default value changing to `0` in [61702], being renamed to `wp_enable_real_time_collaboration` in [61722], removed entirely in [61828], and finally being re-added as `wp_enable_real_time_collaboration` in [61862].
Because the `$db_version` was not bumped after these changes, it’s possible that the `wp_enable_real_time_collaboration` option is not present on any site that ran the nightly build generated between [61696] and [61702], or a nightly build/beta release published after [61828]. Since `populate_options()` runs when a new site is installed, this issue only affects pre-existing sites that had upgradd their database when `wp_enable_real_time_collaboration` was not specified as a default option within `$defaults`.
This bumps the database version to `61833`, which is the most recent changeset to have modified the `$defaults` array in `populate_options()`.
Props dlh, maxschmeling, smithjw1, kbat82.
See #64824, #64622.
Built from https://develop.svn.wordpress.org/trunk@61864
git-svn-id: http://core.svn.wordpress.org/trunk@61151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Set the generated content in the gallery selection strip to `content: none;` to remove the generated overlay. Follow up to [61757].
Props wildworks, hbhalodia, divyeshpatel01, huzaifaalmesbah, apermo, joedolson.
Fixes#64820.
Built from https://develop.svn.wordpress.org/trunk@61862
git-svn-id: http://core.svn.wordpress.org/trunk@61149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_normalize_path()` is called thousands of times on a given request. This patch adds memoization via a function-local static variable. This reduces the call count to the underlying `wp_is_stream()` function, and measured in testing around a 66% cache hit rate.
In testing, for a site making 4000 calls to `wp_normalize_path()`, this patch led to a reduction in runtime from 1.4 ms to 0.4 ms on the test computer. While small, this time occurs early in the hotpath of the loading WordPress.
Developed in: https://github.com/WordPress/wordpress-develop/pull/10770
Discussed in: https://core.trac.wordpress.org/ticket/64538
Props dmsnell, josephscott, mreishus, westonruter.
Fixes#64538.
Built from https://develop.svn.wordpress.org/trunk@61857
git-svn-id: http://core.svn.wordpress.org/trunk@61144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset clarifies the error message displayed when the current user tries to change their role to one that does not allow managing other users.
Props dpknauss, audrasjb, huzaifaalmesbah, noruzzaman, r1k0.
Fixes#64690.
Built from https://develop.svn.wordpress.org/trunk@61854
git-svn-id: http://core.svn.wordpress.org/trunk@61141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace COEP/COOP headers with Document-Isolation-Policy (DIP) for cross-origin isolation in the block editor. DIP enables sharedBufferArray while avoiding the breakage COEP/COOP caused for third-party plugins whose iframes lost credentials and DOM access. Non supporting browsers have the client-side media feature disabled by default - falling back to the existing server side processing - to avoid a degraded editor experience.
Developed in https://github.com/WordPress/wordpress-develop/pull/11098
Props adamsilverstein, westonruter, manhar, swissspidy, mukesh27.
Fixes#64766.
Built from https://develop.svn.wordpress.org/trunk@61844
git-svn-id: http://core.svn.wordpress.org/trunk@61131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduce a new `wp_get_image_alttext()` function that extracts Image Alt text metadata from image IPTC metadata.
Props jhmonroe, rishabhwpn, adamsilverstein, sajjad67, ozgursar, joedolson, audrasjb, huzaifaalmesbah, sabernhardt, valentingrenier, louischan, penelopeadrian, mathiaspeguet.
Fixes#63895.
Built from https://develop.svn.wordpress.org/trunk@61841
git-svn-id: http://core.svn.wordpress.org/trunk@61128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a user sends a stale compaction update to WP_HTTP_Polling_Sync_Server, it falls through the switch statement and results in a rest_invalid_update_type error (bad request).
This generally has no ill effect since the compaction request is rescinded on the next polling cycle, but it could cause confusion for users who are monitoring client-side requests or server logs.
To fix, replace the break after the $has_newer_compaction check with return true so that the stale compaction is silently discarded instead of falling through. Covered by unit test.
Developed in: https://github.com/WordPress/wordpress-develop/pull/11118.
Syncs: https://github.com/WordPress/gutenberg/pull/76060.
Fixes#64781.
Props czarate, mindctrl.
Built from https://develop.svn.wordpress.org/trunk@61839
git-svn-id: http://core.svn.wordpress.org/trunk@61126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the built-in HTTP polling sync server, awareness state is accepted and stored after the user is authorized. This state is keyed against their sync client ID, which is randomly generated.
However, nothing prevents a user from spoofing another client's client ID, which is discoverable by inspecting network responses. By replaying a sync request with a different client ID, they could temporarily overwrite another client's awareness state.
This change prevents this spoofing by storing and checking the user's WordPress user ID to ensure it matches the initial update.
Developed in: https://github.com/WordPress/wordpress-develop/pull/11120.
Syncs: https://github.com/WordPress/gutenberg/pull/76056.
Fixes#64782.
Props czarate.
Built from https://develop.svn.wordpress.org/trunk@61838
git-svn-id: http://core.svn.wordpress.org/trunk@61125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The GitHub Actions workflow responsible for running the PHPUnit test suite is frequently encountering the default `timeout-minutes` value of `20` since the changes in [61438]. The result is that the workflow is consistently unable to finish running and ends up being cancelled.
This bumps the default value to `40` until the overall speed of the build script can be improved.
See #64225, #64227, #64393.
Built from https://develop.svn.wordpress.org/trunk@61836
git-svn-id: http://core.svn.wordpress.org/trunk@61123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reverts the real time collaboration option name back to `wp_enable_real_time_collaboration` to avoid the need to turn on a checkbox in order to turn off the feature. This is to reduce the cognitive load on both users and developers of an on is off paradigm.
To ensure Real Time Collaboration is enabled prior to the upgrade routine running on multi-site installs, the option default is filtered on the `default_option_wp_enable_real_time_collaboration` hook to enable the option by default.
Developed in: https://github.com/WordPress/wordpress-develop/pull/11161
Follow up to r61828.
Props peterwilsoncc, czarate, sergeybiryukov.
Fixes#64622.
Built from https://develop.svn.wordpress.org/trunk@61833
git-svn-id: http://core.svn.wordpress.org/trunk@61120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The background behind theme actions for the active theme was still visible when no actions were available, such as with a disabled customizer. Removing the background on this container improves the design of the active theme card by simplifying the layout and prevents the appearance of an error if no actions are available.
Remove background and inset box shadow for the `.theme.active .theme-actions` container on the active theme.
Props awetz583, huzaifaalmesbah, noruzzaman, shailu25, joedolson.
Fixes#64720.
Built from https://develop.svn.wordpress.org/trunk@61831
git-svn-id: http://core.svn.wordpress.org/trunk@61118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces a new GitHub Action workflow for JavaScript type checking, mirroring the implementation for PHPStan in #61175. It also adds a `typecheck:js` Grunt task and includes it in the `precommit:js` task list. Only files related to the code editor are initially checked with TypeScript, with the expectation that additional files will be added to the `files` list in `tsconfig.json` as a part of ongoing maintenance work, for example #64238 and #64226.
Developed in https://github.com/WordPress/wordpress-develop/pull/11131
Follow up to r61699, r61800, r61539.
Props westonruter, jonsurrell.
See #61175, #64661, #48456.
Fixes#64662.
Built from https://develop.svn.wordpress.org/trunk@61830
git-svn-id: http://core.svn.wordpress.org/trunk@61117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Connector API keys were visible in plain text on `wp-admin/options.php`
because it queries the database directly, bypassing the `get_option()`
filter that normally masks these values.
This adds masking for options matching the `connectors_*_api_key` pattern
using the existing `_wp_connectors_mask_api_key()` function, and disables
editing from this screen.
Props jorgefilipecosta, gziolo, ocean90.
Fixes#64793.
Built from https://develop.svn.wordpress.org/trunk@61829
git-svn-id: http://core.svn.wordpress.org/trunk@61116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Set the `/blog` prefix to place the `/` correctly in RTL languages. Adjust the layout to prevent awkward wrapping in all languages on smaller viewports.
Props sabernhardt, rachid84, johnbillion, SergeyBiryukov, costdev, joedolson, afercia, ryokuhi, oglekler, sirlouen, audrasjb, huzaifaalmesbah.
Fixes#58722. See #47755.
Built from https://develop.svn.wordpress.org/trunk@61826
git-svn-id: http://core.svn.wordpress.org/trunk@61113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Changes the Connectors screen URL from a query parameter page to a direct file, following the Settings menu naming convention used by other settings pages (`options-general.php`, `options-writing.php`, etc.).
* Adds `src/wp-admin/options-connectors.php` as a direct admin screen file.
* Adds a static submenu entry in `menu.php` at position 12 (after General).
* Removes `_wp_connectors_add_settings_menu_item()` and its `admin_menu` hook from `connectors.php`.
* Updates the `script_module_data` filter from `connectors-wp-admin` to `options-connectors-wp-admin`.
Synced from https://github.com/WordPress/gutenberg/pull/76142.
Developed in https://github.com/WordPress/wordpress-develop/pull/11157.
Follow-up to [61749], [61824].
See #64730.
Props jorgefilipecosta, gziolo.
Fixes#64790.
Built from https://develop.svn.wordpress.org/trunk@61825
git-svn-id: http://core.svn.wordpress.org/trunk@61112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces `_wp_connectors_get_provider_settings()` with
`_wp_connectors_get_connector_settings()` that returns a richer structure keyed
by connector ID, including name, description, type, plugin slug, and an
authentication sub-object (method, credentials_url, setting_name).
The new function merges hardcoded defaults for featured providers (Anthropic,
Google, OpenAI) with metadata from the WP AI Client registry, allowing
dynamically registered providers to appear alongside built-in ones. Providers
are sorted alphabetically with `ksort()`.
Additionally:
* Renames `_wp_connectors_is_api_key_valid()` to
`_wp_connectors_is_ai_api_key_valid()`.
* Adds `_wp_connectors_get_connector_script_module_data()` to expose connector
settings to the `connectors-wp-admin` script module.
* Includes plugin slug data for featured connectors to support install/activate UI.
* Removes redundant `class_exists` checks for `AiClient`.
* Runs `init` hooks at priority 20 so provider plugins registered at default
priority are available.
* Unhooks connector registration during tests to prevent duplicate registrations.
Synced from https://github.com/WordPress/gutenberg/pull/76014.
Developed in https://github.com/WordPress/wordpress-develop/pull/11080.
Follow-up to [61749].
Props gziolo, jorgefilipecosta, justlevine, flixos90, ellatrix.
Fixes#64730.
Built from https://develop.svn.wordpress.org/trunk@61824
git-svn-id: http://core.svn.wordpress.org/trunk@61111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where sideloaded images with a ‘-scaled’ suffix would respond with an error. When users upload a very large image in the editor, the client-side media processing sideloads a scaled version of that image with a ‘-scaled’ suffix.
Props adamsilverstein, huzaifaalmesbah, westonruter.
Fixes#64737.
Built from https://develop.svn.wordpress.org/trunk@61809
git-svn-id: http://core.svn.wordpress.org/trunk@61109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Refactor how CodeMirror is initialized so that the full settings are provided up-front. This avoids the linting from being applied twice at initialization, the first time with an incorrect configuration.
* Add initial TypeScript configuration for core with `npm run typecheck:js`.
* Add comprehensive types for code editor files: `code-editor.js`, `javascript-lint.js`, and `htmlhint-kses.js`.
* Move code editor scripts from `src/js/_enqueues/vendor/codemirror/` to `src/js/_enqueues/lib/codemirror/`. The CodeMirror library is sourced from the npm package as of r61539.
* Remove (deprecated) `esprima.js` from being committed to SVN since in r61539 it was switched to using the npm package as its source.
* Move `fakejshint.js` to `src/js/_enqueues/deprecated`.
Developed in https://github.com/WordPress/wordpress-develop/pull/10900
Follow up to r61611, r61539.
Props westonruter, jonsurrell, justlevine.
See #64662, #48456.
Fixes#64661.
Built from https://develop.svn.wordpress.org/trunk@61800
git-svn-id: http://core.svn.wordpress.org/trunk@61106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following [61555], the post type icons were missing from the At a Glance dashboard widget. Restore the post type class omitted from the previous commit.
Props ocean90, krokodok, karinchristen, hubersen, stefanvelthuys, ozgursar, sabernhardt, joedolson.
Fixes#43084.
Built from https://develop.svn.wordpress.org/trunk@61799
git-svn-id: http://core.svn.wordpress.org/trunk@61105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure that the black background covers the entire width of the header on large screens, ensure that the dismiss button appears on small screens.
Props peterwilsoncc, ramonopoly, huzaifaalmesbah, marc4, shailu25, ocean90, krokodok, karinchristen, hubersen, stefanvelthuys, joedolson.
Fixes#64741.
Built from https://develop.svn.wordpress.org/trunk@61798
git-svn-id: http://core.svn.wordpress.org/trunk@61104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
