This allows third-party themes to avoid accidentally being overwritten with an update of a theme of a similar name from the WordPress.org Theme Directory.
Additionally, introduce the `update_themes_{$hostname}` filter, which third-party themes can use to offer updates for a given hostname.
If set, the `Update URI` header field should be a URI and have a unique hostname.
Some examples include:
* `https://wordpress.org/themes/example-theme/`
* `https://example.com/my-theme/`
* `my-custom-theme-name`
`Update URI: false` also works, and unless there is code handling the `false` hostname, the theme will never get an update notification.
If the header is present, the WordPress.org API will currently only return updates for the theme if it matches the following format:
* `https://wordpress.org/themes/{$slug}/`
* `w.org/theme/{$slug}`
If the header has any other value, the API will not return a result and will ignore the theme for update purposes.
Follow-up to [50921].
Props dd32, meloniq, costdev, audrasjb, DavidAnderson, markjaquith, DrewAPicture, mweichert, design_dolphin, filosofo, sean212, nhuja, JeroenReumkens, infolu, dingdang, joyously, earnjam, williampatton, grapplerulrich, markparnell, apedog, afragen, miqrogroove, rmccue, crazycoders, jdgrimes, damonganto, joostdevalk, jorbin, georgestephanis, khromov, GeekStreetWP, jb510, Rarst, juliobox, Ipstenu, mikejolley, Otto42, gMagicScott, TJNowell, GaryJ, knutsp, mordauk, nvartolomei, aspexi, chriscct7, benoitchantre, ryno267, lev0, gregorlove, dougwollison, leemon, SergeyBiryukov.
See #14179, #23318, #32101.
git-svn-id: https://develop.svn.wordpress.org/trunk@53933 602fd350-edb4-49c9-b593-d223f7449a82
Add the loaded php extensions as well as whether the server's image libraries support WebP and AVIF image formats to the data payload sent during upgrade checks. Collecting this data with the WordPress.org API will help the project make more data driven decisions about feature support. Note that all data can still be filtered with the `core_version_check_query_args` filter for privacy reasons.
Props dd32, SergeyBiryukov, mikeschroder, pbiron.
Fixes#48116.
git-svn-id: https://develop.svn.wordpress.org/trunk@53753 602fd350-edb4-49c9-b593-d223f7449a82
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
`phpversion()` return value and `PHP_VERSION` constant value are identical, but the latter is several times faster because it is a direct constant value lookup compared to a function call.
Props ayeshrajans, jrf, mukesh27, costdev, hellofromTonya, SergeyBiryukov.
Fixes#55680.
git-svn-id: https://develop.svn.wordpress.org/trunk@53426 602fd350-edb4-49c9-b593-d223f7449a82
Currently in WordPress multisite there is a concept of large networks. The function `wp_is_large_network` is used to determine if a network has a large number of sites or users. If a network is marked as large, then
expensive queries to calculate user counts are not run on page load but deferred to scheduled events. However there are a number of places in a single site installation where this functionality would also be useful, as
expensive calls to count users and roles can make screens in the admin extremely slow.
In this change, the `get_user_count` function and related functionality around it is ported to be available in a single site context. This means that expensive calls to the `count_users` function are replaced with
calls to `get_user_count`. This change also includes a new function called `wp_is_large_user_count` and a filter of the same name, to mark if a site is large.
Props johnbillion, Spacedmonkey, Mista-Flo, lumpysimon, tharsheblows, obenland, miss_jwo, jrchamp, flixos90, macbookandrew, pento, desrosj, johnjamesjacoby, jb510, davidbaumwald, costdev.
Fixes#38741.
git-svn-id: https://develop.svn.wordpress.org/trunk@53011 602fd350-edb4-49c9-b593-d223f7449a82
This change replaces "Current theme" with "Active theme" in various DocBlocks for better consistency with user-facing strings.
Follow-up to [52580].
Props Presskopp, audrasjb, costdev.
Fixes#54831.
See #54770.
git-svn-id: https://develop.svn.wordpress.org/trunk@52610 602fd350-edb4-49c9-b593-d223f7449a82
Revert the rollback features introduced for theme and plugin upgrades during the WordPress 5.9 cycle. A bug (suspected to be in third party virtualisation software) causes the upgrades to fail consistently on some set ups. The revert is to allow contributors further time to investigate mitigation options.
Reverts [52337], [52289], [52284], [51951], [52192], [51902], [51899], [51898], [51815].
Props pbiron, dlh, peterwilsoncc, galbaras, SergeyBiryukov, afragen, costdev, bronsonquick, aristath, noisysocks, desrosj, TobiasBg, hellofromTonya, francina, Boniu91.
See #54543, #54166, #51857.
git-svn-id: https://develop.svn.wordpress.org/trunk@52351 602fd350-edb4-49c9-b593-d223f7449a82
* Make sure the `wp_delete_temp_updater_backups` event has an action associated with it when it runs.
* Check if the cron event already exists before scheduling it, to avoid scheduling duplicate events.
* Move the code for clearing the `temp-backup` directory to a standalone function.
Follow-up to [51815], [51898], [51899].
Props pbiron, johnbillion.
See #51857.
git-svn-id: https://develop.svn.wordpress.org/trunk@52192 602fd350-edb4-49c9-b593-d223f7449a82
The `get_core_checksums()` and `wp_version_check()` functions call the PHP native `http_build_query()` function, the second parameter of which is the ''optional'' `$numeric_prefix` parameter which expects a non-nullable `string`.
A parameter being optional, however, does not automatically make it nullable.
As of PHP 8.1, passing `null` to a non-nullable PHP native function will generate a deprecation notice.
In this case, this function call yielded a `http_build_query(): Passing null to parameter #2 ($numeric_prefix) of type string is deprecated` notice.
Changing the `null` to an empty string fixes this without a backward compatibility break.
References:
* [https://www.php.net/manual/en/function.http-build-query.php PHP Manual: http_build_query()]
* [https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg PHP RFC: Deprecate passing null to non-nullable arguments of internal functions]
Follow-up to [18697], [25540].
Props bjorsch, kraftbj, hellofromTonya, jrf.
See #54229.
git-svn-id: https://develop.svn.wordpress.org/trunk@52019 602fd350-edb4-49c9-b593-d223f7449a82
When a closure does not use `$this`, it can be made `static` for improved performance.
Static closures are supported in PHP since PHP 5.4.
Props jrf, hellofromTonya, swissspidy, SergeyBiryukov.
See #53359.
git-svn-id: https://develop.svn.wordpress.org/trunk@51657 602fd350-edb4-49c9-b593-d223f7449a82
This allows third-party plugins to avoid accidentally being overwritten with an update of a plugin of a similar name from the WordPress.org Plugin Directory.
Additionally, introduce the `update_plugins_{$hostname}` filter, which third-party plugins can use to offer updates for a given hostname.
If set, the `Update URI` header field should be a URI and have a unique hostname.
Some examples include:
* `https://wordpress.org/plugins/example-plugin/`
* `https://example.com/my-plugin/`
* `my-custom-plugin-name`
`Update URI: false` also works, and unless there is code handling the `false` hostname, the plugin will never get an update notification.
If the header is present, the WordPress.org API will currently only return updates for the plugin if it matches the following format:
* `https://wordpress.org/plugins/{$slug}/`
* `w.org/plugin/{$slug}`
If the header has any other value, the API will not return a result and will ignore the plugin for update purposes.
Props dd32, DavidAnderson, meloniq, markjaquith, DrewAPicture, mweichert, design_dolphin, filosofo, sean212, nhuja, JeroenReumkens, infolu, dingdang, joyously, earnjam, williampatton, grapplerulrich, markparnell, apedog, afragen, miqrogroove, rmccue, crazycoders, jdgrimes, damonganto, joostdevalk, jorbin, georgestephanis, khromov, GeekStreetWP, jb510, Rarst, juliobox, Ipstenu, mikejolley, Otto42, gMagicScott, TJNowell, GaryJ, knutsp, mordauk, nvartolomei, aspexi, chriscct7, benoitchantre, ryno267, lev0, gregorlove, dougwollison, SergeyBiryukov.
See #14179, #23318, #32101.
git-svn-id: https://develop.svn.wordpress.org/trunk@50921 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_AUTO_UPDATE_CORE` constant now supports `development` and `branch-development` values.
This makes it possible for sites to opt-in to updating to nightly builds without having to install a plugin.
Follow-up to [49245], [49292].
Props xkon, knutsp, afragen, audrasjb, dd32.
Fixes#51978.
git-svn-id: https://develop.svn.wordpress.org/trunk@50082 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.
This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.
Props dd32, knutsp.
Fixes#51319.
git-svn-id: https://develop.svn.wordpress.org/trunk@49245 602fd350-edb4-49c9-b593-d223f7449a82
Similar to the changes for plugins in [48669], let's only show the UI for themes when updates are supported for that theme.
See #50280.
Props dd32.
git-svn-id: https://develop.svn.wordpress.org/trunk@48688 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47550 602fd350-edb4-49c9-b593-d223f7449a82
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.
This commit also includes:
* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
* `wp-admin/admin-header.php`
* `wp-admin/admin-footer.php`
* `wp-includes/version.php`
Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes#48082.
git-svn-id: https://develop.svn.wordpress.org/trunk@47198 602fd350-edb4-49c9-b593-d223f7449a82
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
git-svn-id: https://develop.svn.wordpress.org/trunk@43571 602fd350-edb4-49c9-b593-d223f7449a82
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.
Fixes#43523.
git-svn-id: https://develop.svn.wordpress.org/trunk@42827 602fd350-edb4-49c9-b593-d223f7449a82
This code branch is responsible for running all autoupdates, including plugins and themes - which should run regardless of if there's a core autoupdate available.
This revert does not revert the `$timeout` changes, as these should still use cached data if it's available.
Ideally this should be decoupled from the core update check to allow background updates to operate even when the core update check is disabled or running more often than twice daily.
See #43103.
git-svn-id: https://develop.svn.wordpress.org/trunk@42653 602fd350-edb4-49c9-b593-d223f7449a82
This change reduces the number of API calls which WordPress makes to api.wordpress.org during release windows.
Previously the background updates would run upon every core update transient refresh, however now they'll only run if there's an update available.
The change also increases the cache period for plugin & theme checks when running via the cron, from never-cache to 2 hours, which should hopefully reduce the number of needless API calls.
Fixes#43103 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42584 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
This filter allows the data being sent for core update checks to be controlled for privacy concerns.
Props toscho, MattyRob, swissspidy, pento.
Fixes#16778.
git-svn-id: https://develop.svn.wordpress.org/trunk@41962 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
This also standardises the `User-Agent` used when communicating with WordPress.org, allowing for more consistent version detection.
Fixes#42004.
git-svn-id: https://develop.svn.wordpress.org/trunk@41605 602fd350-edb4-49c9-b593-d223f7449a82
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38411 602fd350-edb4-49c9-b593-d223f7449a82
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.
See #36335
git-svn-id: https://develop.svn.wordpress.org/trunk@38402 602fd350-edb4-49c9-b593-d223f7449a82
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38399 602fd350-edb4-49c9-b593-d223f7449a82
