…l data export and erasure.

See #58833


git-svn-id: https://develop.svn.wordpress.org/trunk@56482 602fd350-edb4-49c9-b593-d223f7449a82

This is a minor maintenance release.

Note: WordPress core does not include PHPMailer's DSN class, as it is not particularly relevant for WP.

References:
* [https://github.com/PHPMailer/PHPMailer/releases/tag/v6.8.1 PHPMailer 6.8.1 release notes]
* [PHPMailer/PHPMailer@v6.8.0...v6.8.1 Full list of changes in PHPMailer 6.8.1]

Follow-up to [50628], [50799], [51169], [51634], [51635], [52252], [52749], [52811], [53500], [53535], [53917], [54427], [54937], [55557].

Props jrf, Synchro.
Fixes #59238.

git-svn-id: https://develop.svn.wordpress.org/trunk@56484 602fd350-edb4-49c9-b593-d223f7449a82

…butes.

Props maltfield, aslamdoctor.
Fixes #59206.

git-svn-id: https://develop.svn.wordpress.org/trunk@56488 602fd350-edb4-49c9-b593-d223f7449a82

Updates the calls to permission validation calls for the `directory-sizes` and `page-cache` routes to actually match the route names.

Follow-up to r54043 and r49154.

Props szepeviktor.
Fixes #59236

git-svn-id: https://develop.svn.wordpress.org/trunk@56489 602fd350-edb4-49c9-b593-d223f7449a82

This fixes an issue introduced in [55569] that broke sort ordering by `post_modified_gmt` or `modified_gmt`.

Props david.binda, azaozz, spacedmonkey, flixos90, joemcgill.
Fixes #59226.


git-svn-id: https://develop.svn.wordpress.org/trunk@56490 602fd350-edb4-49c9-b593-d223f7449a82

This avoids an additional query by passing the query args directly to the `WP_Query::query()` method, rather than to the constructor and calling get_posts(), following [55569].

Props david.binda, azaozz, spacedmonkey, mukesh27, flixos90, SergeyBiryukov, joemcgill.
Fixes #59224.


git-svn-id: https://develop.svn.wordpress.org/trunk@56491 602fd350-edb4-49c9-b593-d223f7449a82

…operties.

The single parameter signature, which was used for setting the value on a static property, is deprecated since PHP 8.3. A cross-version solution is to pass `null` as the first parameter.

This commit updates all the instances that use the deprecated signature in WordPress core.

Reference: [https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signatures#reflectionpropertysetvalue PHP RFC: Deprecate functions with overloaded signatures: ReflectionProperty::setValue()].

Follow-up to [53152], [54493], [54799].

Props jrf, costdev, Tests: Correct uses of `ReflectionProperty::setValue()` for static properties.

The single parameter signature, which was used for setting the value on a static property, is deprecated since PHP 8.3. A cross-version solution is to pass `null` as the first parameter.

This commit updates all the instances that use the deprecated signature in WordPress core.

Reference: [https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signatures#reflectionpropertysetvalue PHP RFC: Deprecate functions with overloaded signatures: ReflectionProperty::setValue()].

Follow-up to [53152], [54493], [54799].

Props jrf, costdev, sc0ttkclark.
See #59231.

git-svn-id: https://develop.svn.wordpress.org/trunk@56492 602fd350-edb4-49c9-b593-d223f7449a82

It was a design goal of the HTML Processor to abort processing its input document when encountering unsupported markup. Unfortunately there was no test for this and so-far, the HTML Processor has paused, but continued processing in these situations.

In this patch a new test ensures that the HTML Processor stops and refuses to move forward after encountering any unsupported markup. It also ensures that it doesn't report any current tag names since unsupported markup could imply that the read tag name is different than the parsed tag name.

Props dmsnell.
Fixes #59167.

git-svn-id: https://develop.svn.wordpress.org/trunk@56493 602fd350-edb4-49c9-b593-d223f7449a82

…()`.

This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

This replaces the two remaining instances of `esc_url_raw()` with `sanitize_url()` in WordPress core.

Follow-up to [53455], [53933], [54522].

Props rajinsharwar, SergeyBiryukov.
Fixes #59247.

git-svn-id: https://develop.svn.wordpress.org/trunk@56494 602fd350-edb4-49c9-b593-d223f7449a82

This changeset prevents a PHP 8.3 deprecation shown when enabling debug and calling `get_class()` without arguments.

For more info about this deprecation, see https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signatures#get_class_and_get_parent_class.

Props ipajen, rajinsharwar, SergeyBiryukov, jrf.
Fixes #58876.





git-svn-id: https://develop.svn.wordpress.org/trunk@56495 602fd350-edb4-49c9-b593-d223f7449a82

…put.

This changeset updates `wp_default_packages_inline_scripts()` to add relative time strings to the `wp-date` inline script, so the JS version of `human_time_diff` 
can output translated strings.

Props ramonopoly, oandregal, swissspidy, manzoorwanijk, adrianduffell, Presskopp.
Fixes #59219, #47373.





git-svn-id: https://develop.svn.wordpress.org/trunk@56496 602fd350-edb4-49c9-b593-d223f7449a82

This changeset adds an exception to prevent permission issues on `.docx` generated by Google Docs. This is a temporary fix for an upstream bug on the `finfo_file()` 
PHP function which returns a redundant MIME type for these documents.

Props winterstreet, jakariaistauk, mujuonly, mi5t4n, annashopina, audrasjb, azaozz, mikeschroder, oglekler.
Fixes #57898.





git-svn-id: https://develop.svn.wordpress.org/trunk@56497 602fd350-edb4-49c9-b593-d223f7449a82

PHP 8.3 is expected to be released at the end of November 2023.

Enabling the tests to run in CI on PHP 8.3 allows WordPress core to start getting ready.

Note: Xdebug-related tests will not be run on PHP 8.3 at this time as the Docker image for PHP 8.3 does not contain Xdebug yet. Once a stable release of Xdebug 3.3.0 is available, it can be added to the Docker image and the test step can then be enabled for PHP 8.3.

Follow-up to [53922], [56492], [56495].

Props jrf, costdev.
See #59231.

git-svn-id: https://develop.svn.wordpress.org/trunk@56498 602fd350-edb4-49c9-b593-d223f7449a82

…n/includes/` files.

Props upadalavipul.
Fixes #59254.





git-svn-id: https://develop.svn.wordpress.org/trunk@56499 602fd350-edb4-49c9-b593-d223f7449a82

Introducing Font Face, a server-side `@font-face` styles generator and printer. 

tl;dr:
* Introduces Font Face.
* Deprecates `_wp_theme_json_webfonts_handler()`.

**Introduce Font Face**

From an array of fonts (i.e. each font-family and its font variations to be processed), it:

1. Validates each `font-face` declaration, i.e. the CSS property and value pairing. If validation fails, processing stops with no font-face styles printed.
3. Generates the `@font-face` CSS for each font-family.
4. Prints the CSS within a `<style id="wp-fonts-local">` element.

The entry point into Font Face is through a new global function called `wp_print_font_faces()`, which is automatically called:

* when the `'wp_head'` hook runs (for the front-end).
* when the `'admin_print_styles'` hook runs (for the back-end).
* when `_wp_get_iframed_editor_assets()` runs to inject the `@font-face` styles into the iframed editor.

Once called, it gets the fonts from Theme_JSON merged data layer, which includes theme defined fonts and user activated fonts (once the Font Library #59166 is introduced into Core).

For classic sites, themes and plugins can directly call `wp_print_font_faces()` and pass their fonts array to it for processing.

**Deprecates `_wp_theme_json_webfonts_handler()`.**

As Font Face is a direct replacement, the stopgap code in `_wp_theme_json_webfonts_handler()` (introduced in 6.0.0 via [53282]) is deprecated and unused in Core.

**Props note:**
There's a long multiple year history baked into Font Face, which dates back to the early versions of a web font API (see #46370 and [WordPress/gutenberg#41479 roadmap]. The props list includes those who contributed from those early versions up to this commit.

**References:**
* #46370 original (Web)Fonts API proposal for registering and enqueuing web fonts.
* [WordPress/gutenberg#41479 Gutenberg tracking issue] which includes the evolution from Webfonts API to Fonts API to Font Face.
* [53282] / #55567 Added the stopgap code `_wp_theme_json_webfonts_handler()` in 6.0.
* [https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face @font-face on mdn web docs]
* #59166 Font Library: Font manager for WordPress

Follow-up to [53282].

Props aristath, jonoaldersonwp, hellofromTonya, andraganescu, annezazu, antonvlasenko, arena, askdesign, azaozz, bph, bradley2083, colorful-tones, costdev, davidbaumwald, desrosj, dingo_d, djcowan, domainsupport, dryanpress, elmastudio, flixos90, francina, garrett-eclipse, gigitux, grantmkin, grapplerulrich, gziolo, ironprogrammer, jb510, jeffpaul, jeremyyip, jffng, joostdevalk, jorgefilipecosta, juanmaguitar, mamaduka, matveb, mburridge, mitogh, ndiego, ntsekouras, oandregal, ocean90, oglekler, paaljoachim, pagelab, peterwilsoncc, poena, priethor, scruffian, SergeyBiryukov, shiloey, simison, skorasaurus, soean, westonruter, wildworks, zaguiini.
Fixes #59165.

git-svn-id: https://develop.svn.wordpress.org/trunk@56500 602fd350-edb4-49c9-b593-d223f7449a82

Removes the test file and `webfonts` directory for the stopgap code that was deprecated by [56500].

Follow-up to [56500], [53282].

Fixes #59165.

git-svn-id: https://develop.svn.wordpress.org/trunk@56501 602fd350-edb4-49c9-b593-d223f7449a82

Adds the ability to process block style variations to the `remove_insecure_properties` function of theme json class.

Props dsas, ramonopoly.
Fixes #59108.


git-svn-id: https://develop.svn.wordpress.org/trunk@56502 602fd350-edb4-49c9-b593-d223f7449a82

Changes fluid typography calculation to use fallback value if layout wide size is a fluid value.

Props ramonopoly, mukesh27, jastos, aurooba.
See #58754.


git-svn-id: https://develop.svn.wordpress.org/trunk@56503 602fd350-edb4-49c9-b593-d223f7449a82

…d_form()`.

Follow-up to [27316].

Props upadalavipul.
See #59254.

git-svn-id: https://develop.svn.wordpress.org/trunk@56504 602fd350-edb4-49c9-b593-d223f7449a82

Follow-up to [49638].

Props upadalavipul.
See #59254.

git-svn-id: https://develop.svn.wordpress.org/trunk@56505 602fd350-edb4-49c9-b593-d223f7449a82

This extends the performance test workflow added in [55459] to also run tests against the target branch (if running on a pull request) or the previous commit (if running on trunk).

Those results are then compared with the ones from the current commit, and the difference is displayed as a GitHub Actions workflow summary for convenience.

Props mukesh27, flixos90, desrosj, joemcgill, swissspidy.
Fixes #58358, #58359.
See #56150.

git-svn-id: https://develop.svn.wordpress.org/trunk@56506 602fd350-edb4-49c9-b593-d223f7449a82

…ck themes.

Block themes currently lack the means to trigger the main query loop for singular content, since they cannot reasonably use the `core/query` and `core/post-template` blocks which are intended only for displaying a list of posts. So far, the missing main query loop on singular block templates has been worked around by enforcing the loop in certain `core/post-*` blocks, which however causes other bugs.

This changeset ensures that the main query loop is still started for singular block theme templates, by wrapping the entire template into the loop, which will by definition only have a single cycle as it only encompasses a single post. This is currently the most reliable solution, since even if there were blocks to properly trigger the main query loop on singular content, it would be unrealistic to expect all existing block themes to update their templates accordingly. It may be revisited in the future.

Props gziolo, youknowriad, joemcgill, costdev, mukesh27, flixos90.
Fixes #58154.
See #59225, #58027.


git-svn-id: https://develop.svn.wordpress.org/trunk@56507 602fd350-edb4-49c9-b593-d223f7449a82

This function accepts an associative array of option names and their autoload values to set, and it will update those values in the database in bulk, only for those options where the autoload field is not already set to the given value.

Two wrapper functions for ease of use accompany the new main function:
* `wp_set_options_autoload( $options, $autoload )` can be used to set multiple options to the same autoload value.
* `wp_set_option_autoload( $option, $autoload )` can be used to set the autoload value for a single option.

All of these functions allow changing the autoload value of an option, which previously has only been possible in combination with updating the value. This limitation prevented some relevant use-cases: For example, a plugin deactivation hook could set all of its options to not autoload, as a cleanup routine, while not actually deleting any data. The plugin's activation hook could then implement the reverse, resetting those options' autoload values to the originally intended ones for when using the plugin.

Props boonebgorges, joemcgill, costdev, mukesh27, SergeyBiryukov, tabrisrp, flixos90.
Fixes #58964.


git-svn-id: https://develop.svn.wordpress.org/trunk@56508 602fd350-edb4-49c9-b593-d223f7449a82

Follow-up to [48535].

Props Michi91, Presskopp.
Fixes #58737.

git-svn-id: https://develop.svn.wordpress.org/trunk@56509 602fd350-edb4-49c9-b593-d223f7449a82

…ogle Docs.

This expands the code block previously added for `.docx` files to include `.xlsx` files as well, which are known to have the same issue with `finfo_file()`.

Includes a unit test case for `wp_check_filetype_and_ext()`.

Reference: [https://bugs.php.net/bug.php?id=77784 PHP Bug #77784: mime_content_type() result gets doubled for .xlsx].

Follow-up to [56497].

See #57898.

git-svn-id: https://develop.svn.wordpress.org/trunk@56510 602fd350-edb4-49c9-b593-d223f7449a82

….php`.

Follow-up to [4955], [38571].

Props aristath, poena, afercia, SergeyBiryukov.
See #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56511 602fd350-edb4-49c9-b593-d223f7449a82

…_Gallery class.

In the method `WP_Widget_Media_Gallery::has_content` call `_prime_post_caches` before the foreach loop. This ensures that the post objects are primed in memory before trying to access the post object in `get_post_type`.

Props niravsherasiya7707, spacedmonkey, mukesh27.
Fixes #58757.

git-svn-id: https://develop.svn.wordpress.org/trunk@56512 602fd350-edb4-49c9-b593-d223f7449a82

…enabled.

Prior to this commit, the `WP_Query` class split the query for posts into two database queries. First, it initiated an ID-based query to retrieve post IDs, followed by a call to _prime_post_caches to fetch post objects if they weren't already in memory. This splitting of queries was limited to cases where fewer than 500 posts were being requested, to prevent a potentially large database query within the IN statement in _prime_post_caches.

However, this limitation becomes unnecessary when a persistent object cache is enabled, as the post objects can be efficiently retrieved from the fast object cache. This commit transfers the responsibility of fetching posts to the object cache, which not only speeds up the process but also reduces the strain on the database server.

Props peterwilsoncc, spacedmonkey, SergeyBiryukov.
Fixes #57296.

git-svn-id: https://develop.svn.wordpress.org/trunk@56513 602fd350-edb4-49c9-b593-d223f7449a82

…wp-includes/functions.php`.

While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit renames the `$class` parameter to `$class_name` in `_deprecated_class()`.

Follow-up to [54929], [56467].

Props jrf.
See #59161.

git-svn-id: https://develop.svn.wordpress.org/trunk@56514 602fd350-edb4-49c9-b593-d223f7449a82

Consistently expand `Add New` links to include the type of content to add. Improve consistency of text casing to use initial caps throughout.

Props afercia, gonzomir, alexstine, swissspidy, joedolson.
Fixes #47125.

git-svn-id: https://develop.svn.wordpress.org/trunk@56515 602fd350-edb4-49c9-b593-d223f7449a82

Use `wp_get_admin_notice` and `wp_admin_notice` to handle settings notices on the nav menu admin screens.

Props joedolson.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56518 602fd350-edb4-49c9-b593-d223f7449a82

…pe_labels()`.

Includes removing an obsolete recommendation to use a gettext context matching the post type for disambiguation, which would be redundant with the new labels, as they already include the type of content.

Follow-up [14571], [56515].

See #47125.

git-svn-id: https://develop.svn.wordpress.org/trunk@56519 602fd350-edb4-49c9-b593-d223f7449a82

Updates editor npm packages to latest patch versions for the 6.3.x branch.

Props ramonopoly.
See #59293.


git-svn-id: https://develop.svn.wordpress.org/trunk@56520 602fd350-edb4-49c9-b593-d223f7449a82

This resolves a few WPCS warnings:
{{{
Equals sign not aligned with surrounding statements
}}}
so that the output of `composer format` is clean.

Follow-up to [56276], [56302].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56521 602fd350-edb4-49c9-b593-d223f7449a82

…performance.

The transient `dirsize_cache` stores an array of directory sizes. This transient can grow very large, if the plugin directory has lots of sub directories in it. For example, a site with 30 plugins, the transient was around 2MB. For sites without a persistent object cache, transients without an expiration, are stored in autoloaded options. This means this option would load on every page request. Loading this option on every page request when it is not used it wasteful. Adding a expiration to this transient means it will not autoload. To ensure there is no degradation in performance, the expiration was set to a generous 10-year timeframe, making it highly unlikely to expire before it's refreshed.

Props nicomollet, spacedmonkey, flixos90, wpgurudev.
Fixes #54221.

git-svn-id: https://develop.svn.wordpress.org/trunk@56522 602fd350-edb4-49c9-b593-d223f7449a82

Previously, several functions and methods in themes api were designed to check for the existence of files in a child theme before falling back to the parent theme. However, these checks did not consider whether the current theme was a child theme or not, resulting in unnecessary file existence checks for non-child themes. Check to see if stylesheet directory matches the template directory before doing the file exists. This optimization helps reduce unnecessary file system access, as file existence checks can be resource-intensive in PHP. 

The following functions and methods have been updated as part of this enhancement: 
- `WP_Theme::get_file_path`
- `get_theme_file_path`
- `get_theme_file_uri`

Props spacedmonkey, flixos90, sabernhardt, 10upsimon, mukesh27.
Fixes #59279.

git-svn-id: https://develop.svn.wordpress.org/trunk@56523 602fd350-edb4-49c9-b593-d223f7449a82

This fixes an issue introduced in [56044] in which the path to core block styles are cached to avoid expensive file operations on every page load. The original caching strategy is now modified so that only the path relative to the blocks location are stored, rather than the full path, since the path to the `wp-includes` folder can change after the value is generated. The new cached value also includes the current WordPress version value to ensure it is rebuilt when the version changes.

Props lhe2012, coreyw, colorful tones, petitphp, mukesh27, spacedmonkey, joemcgill, flixos90, kimannwall, desmith.
Fixes #59111.



git-svn-id: https://develop.svn.wordpress.org/trunk@56524 602fd350-edb4-49c9-b593-d223f7449a82

Previously, bulk upgrades did not verify that a plugin package was compatible with the site's WordPress version or the server's PHP version. This could lead to incompatible updates being installed, causing various compatibility issues and errors.

This change implements the following checks:
- If available, the API response's `requires` and `requires_php` values are checked for compatibility. This saves time, diskspace, memory and file operations by failing the upgrade before the package is downloaded and unpacked.
- If the API check passes, the downloaded and unpacked package is verified using `Plugin_Upgrader::check_package()` to ensure a plugin file is present, and the plugin's "RequiresWP" and "RequiresPHP" headers are compatible, if present. This ensures that a mismatch between the API response and the plugin file's headers does not cause an incompatible plugin to be installed.

Props salcode, afragen, mukesh27, iammehedi1, zunaid321, johnbillion, SergeyBiryukov, costdev.
Fixes #59198.

git-svn-id: https://develop.svn.wordpress.org/trunk@56525 602fd350-edb4-49c9-b593-d223f7449a82

…ture.

In WordPress 6.3, the last parameter of `wp_register_script()` and `wp_enqueue_script()` was changed to an array rather than a boolean. While a boolean is still supported for backward compatibility, it makes sense to update the codebase to use the new signature.

The updates are fully backward compatible:
* In places where `true` was provided, `array( 'in_footer' => true )` will still be interpreted as a boolean true in WordPress versions prior to 6.3.
* In places where `false` was provided, the parameter is omitted which will work correctly throughout all WordPress versions given that is and has been the default value anyway.

Props mrinal013, huzaifaalmesbah, niravsherasiya7707, joemcgill.
Fixes #59302.
See #58634.


git-svn-id: https://develop.svn.wordpress.org/trunk@56526 602fd350-edb4-49c9-b593-d223f7449a82

…ectory name starts with the parent theme's directory name. Example: `twentyseventeen` and `twentyseventeen-child`.

Props: lgladdy, masteradhoc, audrasjb, rajinsharwar, azaozz.
Fixes: #59018.



git-svn-id: https://develop.svn.wordpress.org/trunk@56527 602fd350-edb4-49c9-b593-d223f7449a82

…emes.

Ensures that preview callbacks attached to the `stylesheet` and `template` filters do not run before `pluggable.php` has been included. These callbacks need functionality from `pluggable.php`.

Props: scruffian, johnbillion, SergeyBiryukov, okat, okat.
Fixes: #59000.

git-svn-id: https://develop.svn.wordpress.org/trunk@56529 602fd350-edb4-49c9-b593-d223f7449a82

Introduces `wp_trigger_error()` as a wrapper around PHP's native `trigger_error()`. As a wrapper, it's lean and not opinionated about the message. It accepts an E_USER family error level, meaning it is not limited to only notices.

Where `_doing_it_wrong()` intends to loudly alert developers "Hey you're doing it wrong - fix it", `wp_trigger_error()` is not opinionated and does not add wording. Rather, it passes the given message to `trigger_error()`.

`wp_trigger_error()` is meant for every `trigger_error()` instance. It can be used:
* in `_doing_it_wrong()` and each `_deprecated_*()` function.
* for PHP 8.x deprecations.
* for PHP error parity.
* for less severe "doing it wrong" instance that do not require bailing out.
* when a component or extension is not available on the server
* for instances where it's not clear if a plugin's or theme's code is the root cause.
* and more.

Technical details:

* Does not trigger the error if `WP_DEBUG` is not `true`.

* Includes `wp_trigger_error_run` action to allow hooking in for backtracing and deeper debug.

* Accepts an E_USER error level, but defaults to `E_USER_NOTICE`.

* Requires a function name, though can be an empty string. As the output message generated by `trigger_error()` references the file and line number where it was invoked, passing the function's name provides more information where the error/warning/notice/deprecation happened. It's intended to help with debug.

* A WordPress version number is not included.

* As messages can appear in the browser, the message is escaped using `esc_html()`. As noted in [https://www.php.net/manual/en/function.trigger-error.php the PHP manual]: "HTML entities in message are not escaped. Use htmlentities() on the message if the error is to be displayed in a browser."

References:
* [https://www.php.net/manual/en/function.trigger-error.php PHP manual for `trigger_error()`].
* [https://www.php.net/manual/en/errorfunc.constants.php E_USER constants (error level) in the PHP manual].

Props azaozz, hellofromTonya, flixos90, costdev, peterwilsoncc, oglekler, mukesh27.
See #57686.

git-svn-id: https://develop.svn.wordpress.org/trunk@56530 602fd350-edb4-49c9-b593-d223f7449a82

This results in a new `package-lock.json` file being generated that uses `lockfileVersion` 2.x.

There are no changes to built files as a result of this update.

Follow up to [56378], [56387], [56442].

Props mikestraw, whyisjake, jivygraphics.
Fixes #59187. See #56658.

git-svn-id: https://develop.svn.wordpress.org/trunk@56531 602fd350-edb4-49c9-b593-d223f7449a82

While `npm install` was working without issue after [56531], `npm ci` was not. The latter expects dependencies in the `package-lock.json` to match those in `package.json` exactly.

Follow up to [56378], [56387], [56442], [56531[.

Fixes #59187. See #56658.

git-svn-id: https://develop.svn.wordpress.org/trunk@56532 602fd350-edb4-49c9-b593-d223f7449a82

…y Twenty.

This updates the npm dependencies for Twenty Nineteen and Twenty Twenty to their latest versions. This also includes the results of running `npm audit fix`.

There are no changes in any built files as a result.

See #58863.

git-svn-id: https://develop.svn.wordpress.org/trunk@56533 602fd350-edb4-49c9-b593-d223f7449a82

Adds the ability to disable layout controls on a per-block level from theme.json.

Props mukesh27.
Fixes #59294.


git-svn-id: https://develop.svn.wordpress.org/trunk@56534 602fd350-edb4-49c9-b593-d223f7449a82

Adds options to configure min and max viewport sizes for fluid typography in theme.json settings.

Props ramonopoly.
Fixes #59048.


git-svn-id: https://develop.svn.wordpress.org/trunk@56535 602fd350-edb4-49c9-b593-d223f7449a82

…s files.

Note: This is enforced by WPCS 3.0.0.

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56536 602fd350-edb4-49c9-b593-d223f7449a82

This updates all 3rd-party GitHub actions to their latest versions. The following actions were updated:
- `actions/cache`
- `actions/checkout`
- `actions/setup-node`
- `codecov/codecov-action`
- `shivammathur/setup-php`
- `slackapi/slack-github-action`

In the latest version of `actions/checkout` (`4.0.0`), a new input was introduced to control the output of command progress. This change uses this new `show-progress` input to turn off displaying progress by default. Progress will be shown when a workflow is run with debug mode enabled, just in case it contains helpful information.

Props johnbillion, desrosj.
See #58867.

git-svn-id: https://develop.svn.wordpress.org/trunk@56537 602fd350-edb4-49c9-b593-d223f7449a82

Follow up to [56537].

See #58867.

git-svn-id: https://develop.svn.wordpress.org/trunk@56538 602fd350-edb4-49c9-b593-d223f7449a82

The static instance of `WP_Font_Face` is not needed. It was an unnecessary carryover from the experimental Fonts API (which was not introduced into Core).

Whereas the Fonts API needed to persist its data (i.e. to maintain the registered and enqueued fonts throughout the web request), Font Face does not have data to persist.

Font Face processes the fonts it receives when `WP_Font_Face::generate_and_print( $fonts )` is invoked. Thus, a singleton is not needed.

Removing the static reduces the amount of the code in the function and eliminates running its tests in separate processes to ensure a different instance is always used.

References:
* [WordPress/gutenberg#54228 Gutenberg PR 54228].

Follow-up to [56500].

Props hellofromTonya, costdev.
Fixes #59165.

git-svn-id: https://develop.svn.wordpress.org/trunk@56540 602fd350-edb4-49c9-b593-d223f7449a82

Pause animated plugin thumbnails when a user has reduced motion preferences configured in their device or operating system.

Props Travel_girl, audrasjb, bordoni, stevejonesdev, joedolson.
Fixes #55723.

git-svn-id: https://develop.svn.wordpress.org/trunk@56541 602fd350-edb4-49c9-b593-d223f7449a82

…hods.

Replaces `trigger_error()` with `wp_trigger_error()` in each of the `WP_List_Table` magic methods.

[56349] added the dynamic properties deprecation messages to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods. Since that commit, `wp_trigger_error()` was introduced (see [56530]) as a wrapper for `trigger_error()`.

Follow-up to [56349], [56356], [56530].

See #58896, #57686.

git-svn-id: https://develop.svn.wordpress.org/trunk@56542 602fd350-edb4-49c9-b593-d223f7449a82

…hods.

Replaces `trigger_error()` with `wp_trigger_error()` in each of the `WP_User_Query` magic methods.

[56353] added the dynamic properties deprecation messages to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods. Since that commit, `wp_trigger_error()` was introduced (see [56530]) as a wrapper for `trigger_error()`.

Follow-up to [56353], [56530].

See #58897, #57686.

git-svn-id: https://develop.svn.wordpress.org/trunk@56543 602fd350-edb4-49c9-b593-d223f7449a82

…able magic methods.

Replaces `trigger_error()` with `wp_trigger_error()` in each of the `WP_Text_Diff_Renderer_Table` magic methods.

[56354] added the dynamic properties deprecation messages to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods. Since that commit, `wp_trigger_error()` was introduced (see [56530]) as a wrapper for `trigger_error()`.

Follow-up to [56354], [56530].

See #58898, #57686.

git-svn-id: https://develop.svn.wordpress.org/trunk@56544 602fd350-edb4-49c9-b593-d223f7449a82

Removes unnecessary sanitisation of hardcoded strings and avoids looping over style presets without classes or variables.

Props flixos90.
Fixes #59304.


git-svn-id: https://develop.svn.wordpress.org/trunk@56545 602fd350-edb4-49c9-b593-d223f7449a82

Removes root padding from children of flex and grid layout blocks when root padding aware alignments are set.

Props andrewserong, ramonopoly.
Fixes #59295.


git-svn-id: https://develop.svn.wordpress.org/trunk@56546 602fd350-edb4-49c9-b593-d223f7449a82

…s classes.

Note: This is enforced by WPCS 3.0.0.

Follow-up to [56536].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56547 602fd350-edb4-49c9-b593-d223f7449a82

…s functions.

Note: This is enforced by WPCS 3.0.0.

Follow-up to [56536], [56547].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56548 602fd350-edb4-49c9-b593-d223f7449a82

…nts.

Note: This is enforced by WPCS 3.0.0:

1. There should be no space between an increment/decrement operator and the variable it applies to.
2. Pre-increment/decrement should be favoured over post-increment/decrement for stand-alone statements. “Pre” will in/decrement and then return, “post” will return and then in/decrement. Using the “pre” version is slightly more performant and can prevent future bugs when code gets moved around.

References:
* [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#increment-decrement-operators WordPress PHP Coding Standards: Increment/decrement operators]
* [WordPress/WordPress-Coding-Standards#2130 WPCS: PR WordPress#2130 Core: add sniffs to check formatting of increment/decrement operators]

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56549 602fd350-edb4-49c9-b593-d223f7449a82

In `WP_Upgrader::delete_temp_backup()`, a malformed `sprintf()` call did not pass the value, triggering a Warning in PHP 7 and a Fatal Error in PHP 8.

This fixes the malformed `sprintf()` call by correctly passing the value.

Follow-up to [55720].

Props akihiroharai, afragen.
Fixes #59320.

git-svn-id: https://develop.svn.wordpress.org/trunk@56550 602fd350-edb4-49c9-b593-d223f7449a82

No space allowed between the operator and the variable it applies to.

Note: This is enforced by WPCS 3.0.0.

Follow-up to [46133].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56551 602fd350-edb4-49c9-b593-d223f7449a82

PHP 7.0 introduced the `$levels` parameter to the `dirname()` function, which means nested calls to `dirname()` are no longer needed.

Note: This is enforced by WPCS 3.0.0.

Reference: [https://www.php.net/manual/en/function.dirname.php PHP Manual: dirname()].

Follow-up to [56141].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56552 602fd350-edb4-49c9-b593-d223f7449a82

Cast the `doing_cron` transient value to a float to prevent type errors if the transient is not set (in which case it returns `false`) or another unexpected type.

Props fzhantw, ankitmaru.
Fixes #58471.



git-svn-id: https://develop.svn.wordpress.org/trunk@56553 602fd350-edb4-49c9-b593-d223f7449a82

This is a maintenance release with minor changes:
- Only force close cURL connection when needed (cURL < 7.22).

References:
- [https://github.com/WordPress/Requests/releases/tag/v2.0.8 Requests 2.0.8 release notes]
- [WordPress/Requests@v2.0.6...v2.0.8 Full list of changes in Requests 2.0.8]

Follow-up to [54997], [55007], [55046], [55225], [55296], [55629].

Props jrf, mukesh27, spacedmonkey, costdev.
Fixes #59322.

git-svn-id: https://develop.svn.wordpress.org/trunk@56554 602fd350-edb4-49c9-b593-d223f7449a82

When utilizing the `terms_clauses` or `get_terms_fields` filters within `WP_Term_Query` and the selected fields are modified, the entire term object is now cached. This adjustment is necessary because filters can broaden the selected fields beyond just the term ID. Fields linked to the term object, such as the count or parent, may undergo modifications when queried. Caching the complete object ensures the accurate storage of these modified fields within the cache.

Props spacedmonkey, tnolte, peterwilsoncc.
Fixes #58116.

git-svn-id: https://develop.svn.wordpress.org/trunk@56555 602fd350-edb4-49c9-b593-d223f7449a82

* Add `defer` loading strategy for all frontend end-user theme scripts (excluding Customizer preview).
* Move scripts to the `head` which relate to the initial page viewport to ensure they start loading earlier and execute sooner while still not blocking rendering.
* Update Twenty Twenty's script loader (`TwentyTwenty_Script_Loader`) to support core's built-in script loading strategies (#12009), while also retaining backwards-compatibility for child themes that may set `async` and `defer` script data.
* Update the main script loading strategy in Twenty Twenty from `async` to `defer` for better performance on repeat page views, since when an `async` script is cached it will block rendering.

Props westonruter, flixos90, sabernhardt.
Fixes #59316.


git-svn-id: https://develop.svn.wordpress.org/trunk@56556 602fd350-edb4-49c9-b593-d223f7449a82

Allow passing a function callback to serialize_block(s) that is invoked on each node in the tree of parsed blocks as it is traversed for serialization.

A function argument was chosen for passing the callback function as it reflects a pattern familiar from other algorithms that apply a given callback function while traversing a data structure -- most notably PHP's own `array_map()`.

Introducing a filter was considered as an alternative but ultimately dismissed. For a fairly low-level and general-purpose function such as `serialize_block()`, using a filter to pass the callback seemed risky, as it also requires ''removing'' that filter after usage in order to prevent the callback from being accidentally applied when `serialize_block()` is called in an entirely different context.

Introducing a separate function for applying a given operation during tree traversal (i.e. independently of serialization) was also considered but dismissed, as it would unnecessarily duplicate tree traversal.

Props dlh, gziolo.
Fixes #59327. See #59313.

git-svn-id: https://develop.svn.wordpress.org/trunk@56557 602fd350-edb4-49c9-b593-d223f7449a82

The `$current_token` reference has been stored in the HTML Processor itself, but I suggested to move it into the externalized state so that it can be stored and replaced.

In this patch the reference is moved to that state variable and it should become more possible to save and load state, to resume execution after pausing.

Props dmsnell.
Fixes #59268.

git-svn-id: https://develop.svn.wordpress.org/trunk@56558 602fd350-edb4-49c9-b593-d223f7449a82

…ures.

Note: This is enforced by WPCS 3.0.0.

Reference: [WordPress/WordPress-Coding-Standards#2328 WPCS: PR WordPress#2328 Core: properly check formatting of function declaration statements].

Props jrf.
See #59161, #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56559 602fd350-edb4-49c9-b593-d223f7449a82

…im_excerpt()`.

All blocks relevant for the excerpt are already being parsed in `excerpt_remove_blocks()`. Therefore running `do_blocks()` on the post content only to create the excerpt is unnecessary and wasteful from a performance perspective.

Props thekt12, spacedmonkey, mukesh27, joemcgill.
Fixes #58682.


git-svn-id: https://develop.svn.wordpress.org/trunk@56560 602fd350-edb4-49c9-b593-d223f7449a82

Includes removing redundant `@covers` tags. There is already an existing annotation for the whole test class, following the [https://docs.phpunit.de/en/9.6/annotations.html#covers PHPUnit recommendation]:
> This annotation can be added to the docblock of the test class or the individual test methods. The recommended way is to add the annotation to the docblock of the test class, not to the docblock of the test methods.

Follow-up to [56560].

See #58682.

git-svn-id: https://develop.svn.wordpress.org/trunk@56561 602fd350-edb4-49c9-b593-d223f7449a82

While we already have unit test coverage for `_inject_theme_attribute_in_block_template_content`, those tests only verify that ''that'' function does what is supposed to do; there's however no guarantee that `_build_block_template_result_from_file` uses that function (or whatever other technique) to actually inject the theme attribute.

This patch adds test coverage to verify that the theme attribute is correctly injected by `_build_block_template_result_from_file`.

Props costdev, gziolo, mukesh27, spacedmonkey.
Fixes #59325. See #59313.

git-svn-id: https://develop.svn.wordpress.org/trunk@56562 602fd350-edb4-49c9-b593-d223f7449a82

When encountering elements that imply switching into the RAWTEXT parsing state,
the Tag Processor should skip processing until exiting the RAWTEXT state.

In this patch the Tag Processor does just that, except for the case of the
deprecated XMP element which implies further and more complicated rules.

There's an implicit assumption that the SCRIPT ENABLED flag in HTML parsing
is enabled so that the contents of NOSCRIPT can be skipped. Otherwise, it would
be required to parse the contents of that tag.

Props dmsnell.
Fixes #59292.

git-svn-id: https://develop.svn.wordpress.org/trunk@56563 602fd350-edb4-49c9-b593-d223f7449a82

…rocessor

This patch updates documentation and an internal variable name within the
HTML Processor class so that they are more helpful and complete to a reader.

There should be no functional or visual changes in this patch.

Props dmsnell, mukesh27.
Fixes #59267.

git-svn-id: https://develop.svn.wordpress.org/trunk@56565 602fd350-edb4-49c9-b593-d223f7449a82

Building upon the changes introduced in [53760], this commit refines the behavior of the REST API index. Specifically, it addresses performance concerns related to the unnecessary preparation of item links, such as site icon and logo links.

Prior to this update, the index controller was invoking the prepare_links method regardless of whether the _links or _embedded fields were requested in the response. This led to unnecessary database lookups and decreased overall performance.

In this commit, we implement a more efficient approach. Now, the prepare_links method will only be called when the _links or _embedded fields are explicitly requested in the response. This optimization ensures that we prepare links only when they are intended for inclusion in the API response, reducing unnecessary overhead.

By implementing this improvement, we enhance the overall efficiency and performance of the WordPress core REST API index controller.

Props spacedmonkey, niravsherasiya7707, dlh, mukesh27, costdev, swissspidy.
Fixes #57902.

git-svn-id: https://develop.svn.wordpress.org/trunk@56566 602fd350-edb4-49c9-b593-d223f7449a82

The quotation marks were outside when the background color was applied.

Props nidhidhandhukiya, sabernhardt, shailu25, harshgajipara, poena, huzaifaalmesbah.
Fixes #57377. 


git-svn-id: https://develop.svn.wordpress.org/trunk@56567 602fd350-edb4-49c9-b593-d223f7449a82

…ion signature.

Since most core scripts are registered using `WP_Scripts::add()`, which is not affected by the signature change, only calls to `wp_register_script()` using the old signature need to be updated. There is only a single instance left, which is updated in this changeset.

Props incursadesigns.
Fixes #58634.


git-svn-id: https://develop.svn.wordpress.org/trunk@56568 602fd350-edb4-49c9-b593-d223f7449a82

…r WP<6.3.

Amends [56556].
Props westonruter, flixos90, peterwilsoncc.
Fixes #59316.


git-svn-id: https://develop.svn.wordpress.org/trunk@56569 602fd350-edb4-49c9-b593-d223f7449a82

Add usages of `wp_admin_notice()` and `wp_get_admin_notice()` on `.notice-[type]` in the root level of `/wp-admin/`. Ongoing task to implement new function across core.

Props costdev, joedolson.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56570 602fd350-edb4-49c9-b593-d223f7449a82

Add usages of `wp_admin_notice()` and `wp_get_admin_notice()` on `.notice-[type]` in the root level of `/wp-admin/includes`. Ongoing task to implement new function across core.

Props costdev, joedolson.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56571 602fd350-edb4-49c9-b593-d223f7449a82

Add usages of `wp_admin_notice()` and `wp_get_admin_notice()` on `.notice-[type]` in the root level of `/wp-includes/`. Ongoing task to implement new function across core.

Props costdev, joedolson.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56572 602fd350-edb4-49c9-b593-d223f7449a82

Add usages of `wp_admin_notice()` and `wp_get_admin_notice()` on `.updated` in the root level of `/wp-admin/`. Ongoing task to implement new function across core.

Props costdev, joedolson.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56573 602fd350-edb4-49c9-b593-d223f7449a82

Stops style engine from combining CSS selectors by default so that rule order is preserved.

Props ramonopoly, rajinsharwar, timdix, costdev, audrasjb, SergeyBiryukov, JeffPaul, mukesh27.
Fixes #58811.


git-svn-id: https://develop.svn.wordpress.org/trunk@56574 602fd350-edb4-49c9-b593-d223f7449a82

Removes redundant local variable and changes validate_custom_css() access modifier from private to protected.

Props ramonopoly, spacedmonkey.
Fixes #59296.



git-svn-id: https://develop.svn.wordpress.org/trunk@56575 602fd350-edb4-49c9-b593-d223f7449a82

In [56573], a typo caused `wp_admin()` to be called rather than `wp_admin_notice()`.

This fixes the typo to correctly call `wp_admin_notice()`.

Follow-up to [56573].

Props takayukister.
See #57791.

git-svn-id: https://develop.svn.wordpress.org/trunk@56576 602fd350-edb4-49c9-b593-d223f7449a82

Adds `delete_posts` to capabilities for the `wp_block` post type.

Props ramonopoly, johnbillion, dhruvishah2203, audrasjb.
Fixes #59041.


git-svn-id: https://develop.svn.wordpress.org/trunk@56577 602fd350-edb4-49c9-b593-d223f7449a82

Rather than using `_inject_theme_attribute_in_block_template_content` to inject the `theme` attribute into all Template Part blocks found in a given file-based Block Template, introduce a new function called `_inject_theme_attribute_in_template_part_block`, and use that as second argument to `serialize_blocks()` (introduced in [56557]) in order to inject said attribute during tree traversal for serialization.

This allows for a more modular approach that will eventually be extended to implement automatic insertion of hooked blocks.

Note that we're guarding `_build_block_template_result_from_file()` (i.e. the callsite of `_inject_theme_attribute_in_template_part_block` and previously of `_inject_theme_attribute_in_block_template_content`) against regressions through additional unit test coverage added in [56562].

Props @gziolo.
Fixes #59338. See #59313.

git-svn-id: https://develop.svn.wordpress.org/trunk@56578 602fd350-edb4-49c9-b593-d223f7449a82

Follow-up to [56578].
Props @mukesh27.
See #59338.

git-svn-id: https://develop.svn.wordpress.org/trunk@56579 602fd350-edb4-49c9-b593-d223f7449a82

Line height was broken for button block and adding spacing.

Props nidhidhandhukiya, shailu25.
Fixes #58443.


git-svn-id: https://develop.svn.wordpress.org/trunk@56580 602fd350-edb4-49c9-b593-d223f7449a82

This revert changes to Twenty Nineteen 'style-rtl.css' file made in [56580] as it auto-generated during the build process.

Unprops karmatosed.
Props costdev.
See #58443.


git-svn-id: https://develop.svn.wordpress.org/trunk@56581 602fd350-edb4-49c9-b593-d223f7449a82

…ompatibility for older core themes.

The `the_header_image_tag` function was introduced in WordPress 4.4 as part of [35594]. It is used in all themes created post WordPress 4.4 that supported header images. The function `get_header_image_tag` continues to get updated with new image features, like lazy loading, async decoding and fetch priority. To ensure our core themes maintain compatibility and benefit from these enhancements, a backward compatibility shim has been applied, integrating the `the_header_image_tag` function into the following core themes:

- Twenty Ten
- Twenty Eleven
- Twenty Twelve
- Twenty Fourteen
- Twenty Sixteen

This change ensures future compatibility and modern image features are applied for header images to these older themes. 

Props spacedmonkey, flixos90, mukesh27.
Fixes #58675.

git-svn-id: https://develop.svn.wordpress.org/trunk@56583 602fd350-edb4-49c9-b593-d223f7449a82

Follow-up to [56578].
See #59338.



git-svn-id: https://develop.svn.wordpress.org/trunk@56584 602fd350-edb4-49c9-b593-d223f7449a82

…passing query caching.

Incorporating a new 'cache_results' parameter into the WP_Term_Query class, this commit empowers developers with the ability to bypass query caches, explicitly triggering database queries when needed.  This brings the `WP_Term_Query` class inline with `WP_Query` and `WP_User_Query` that already have a 'cache_results' parameter.

Update the `term_exists` function to use this new parameter, so the term query caches are not used while importing. 

Props dlh, spacedmonkey, peterwilsoncc.
Fixes #52710.

git-svn-id: https://develop.svn.wordpress.org/trunk@56585 602fd350-edb4-49c9-b593-d223f7449a82

…ass methods.

When various methods parameters in child classes were renamed to `$item` to match the parent class for PHP 8 named parameter support, most of the methods restored the more descriptive, specific name at the beginning for better readability, with several exceptions for methods consisting only of a few lines.

To avoid confusion about why some methods do that and some don't, this commit aims to bring more consistency to the code, specifically in list tables' `::column_default()` methods.

Follow-up to [51728], [51737], [51786].

See #58831.

git-svn-id: https://develop.svn.wordpress.org/trunk@56586 602fd350-edb4-49c9-b593-d223f7449a82

In order to implement Block Hooks, we need to add a new `block_hooks` field to the `WP_Block_Type` class, as well as to block registration related functions, the block types REST API controller, etc.

Props gziolo.
Fixes #59346. See #59313.

git-svn-id: https://develop.svn.wordpress.org/trunk@56587 602fd350-edb4-49c9-b593-d223f7449a82

Follow-up to [56587], [55673]. While working on #59346, it was noted that selectors fiels is not always included in the assertions. While looking at it is was difficult to spot the issue because the random order of how REST API fields where listed.

Reorderd the REST API fields in the test cases to follow the list from the documentation: https://github.com/WordPress/gutenberg/blob/trunk/docs/reference-guides/block-api/block-metadata.md. This way it's going to be easier to maintain the list moving forward.

Props ockham.
See #59346, #59313, #57585.



git-svn-id: https://develop.svn.wordpress.org/trunk@56588 602fd350-edb4-49c9-b593-d223f7449a82