Mirrors/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-20 19:56:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,046 Commits 50 Branches 750 Tags 872 MiB
eb9f70aaa5
Commit Graph

15346 Commits

Author SHA1 Message Date
audrasjb
61003f1903 WordPress 4.4.33. 
Built from https://develop.svn.wordpress.org/branches/4.4@58524


git-svn-id: http://core.svn.wordpress.org/branches/4.4@57972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2024-06-24 16:37:23 +00:00
Joe McGill
63796580c7 WordPress 4.4.32. 
Built from https://develop.svn.wordpress.org/branches/4.4@57418


git-svn-id: http://core.svn.wordpress.org/branches/4.4@56924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2024-01-30 16:10:22 +00:00
Aaron Jorbin
ec0d03d1b6 Grouped Backports to the 4.4 branch. 
- Install: When populating options, maybe_serialize instead of always serialize.
- Uploads: Check for and verify ZIP archives.

Merges [57388] and [57389] to the 4.4 branch.

Props costdev, peterwilsoncc, azaozz, tykoted, johnbillion, desrosj, afragen, jorbin, xknown.

Built from https://develop.svn.wordpress.org/branches/4.4@57411


git-svn-id: http://core.svn.wordpress.org/branches/4.4@56917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2024-01-30 15:12:23 +00:00
audrasjb
b1c4c94aa2 WordPress 4.4.31. 
Built from https://develop.svn.wordpress.org/branches/4.4@56860


git-svn-id: http://core.svn.wordpress.org/branches/4.4@56371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2023-10-12 18:11:13 +00:00
davidbaumwald
3d3eb43612 Grouped backports to the 4.4 branch. 
- Comments: Prevent users who can not see a post from seeing comments on it.
- Shortcodes: Restrict media shortcode ajax to certain type.
- REST API: Ensure no-cache headers are sent when methods are overridden.
- Prevent unintended behavior when certain objects are unserialized.

Merges [56834], [56835], [56836], and [56838] to the 4.4 branch.
Props xknown, jorbin, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, antpb, rmccue.
Built from https://develop.svn.wordpress.org/branches/4.4@56855


git-svn-id: http://core.svn.wordpress.org/branches/4.4@56366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2023-10-12 18:09:23 +00:00
Sergey Biryukov
c9f57045c7 Grouped backports to the 4.4 branch. 
- Media: Prevent CSRF setting attachment thumbnails.
- Embeds: Add protocol validation for WordPress Embed code.

Merges [55763] and [55764] to the 4.4 branch.
Props dd32, isabel_brison, martinkrcho, matveb, ocean90, paulkevan, peterwilsoncc, timothyblynjacobs, xknown, youknowriad.
Built from https://develop.svn.wordpress.org/branches/4.4@55779


git-svn-id: http://core.svn.wordpress.org/branches/4.4@55291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2023-05-16 15:38:21 +00:00
Peter Wilson
64dc4df64a I18N: Add new strings to about.php for use with end-of-life updates. 
This changeset adds two additional translation strings in the changelog file, for use when releasing the final version of WordPress on a particular branch.

Props peterwilsoncc, audrasjb, mukesh27.
Merges [55350] to the 4.4 branch.
Fixes #57216.

Built from https://develop.svn.wordpress.org/branches/4.4@55388


git-svn-id: http://core.svn.wordpress.org/branches/4.4@54921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2023-02-21 03:13:21 +00:00
Sergey Biryukov
44fca736f0 WordPress 4.4.29. 
Built from https://develop.svn.wordpress.org/branches/4.4@54587


git-svn-id: http://core.svn.wordpress.org/branches/4.4@54141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-10-17 19:50:44 +00:00
Peter Wilson
48a533b902 Security: Introduce strings to indicate support status. 
Add strings for use in future maintenance/security releases to indicate the security support status of the version of WordPress.

Two strings are introduced:

* indicating the version of WordPress is not receiving security updates, and,
* indicating the version of WordPress will shortly stop receiving security updates.

This change does not make use of the strings, the purpose is to make them available to translators prior to dropping support of selected versions of WordPress.

Props costdev, chesio, robinwpdeveloper, desrosj, rudlinkon, mukesh27, sumitbagthariya16.
Merges [54322] to the 4.4 branch.
See #56532.

Built from https://develop.svn.wordpress.org/branches/4.4@54456


git-svn-id: http://core.svn.wordpress.org/branches/4.4@54015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-10-10 22:19:21 +00:00
desrosj
c982ac4e35 WordPress 4.4.28. 
Built from https://develop.svn.wordpress.org/branches/4.4@54003


git-svn-id: http://core.svn.wordpress.org/branches/4.4@53562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-08-30 17:37:27 +00:00
Sergey Biryukov
a327b9dfbe Grouped backports to the 4.4 branch. 
- Posts, Post Types: Escape output within `the_meta()`.
- General: Ensure bookmark query limits are numeric.
- Plugins: Escape output in error messages.

Merges [53958-53960] to the 4.4 branch.
Props tykoted, martinkrcho, xknown, dd32, peterwilsoncc, paulkevan, timothyblynjacobs.

Built from https://develop.svn.wordpress.org/branches/4.4@53979


git-svn-id: http://core.svn.wordpress.org/branches/4.4@53538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-08-30 15:50:21 +00:00
davidbaumwald
bd4b7dcfe9 WordPress 4.4.27. 
Built from https://develop.svn.wordpress.org/branches/4.4@52890


git-svn-id: http://core.svn.wordpress.org/branches/4.4@52479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-03-10 22:17:02 +00:00
desrosj
c789da60a1 WordPress 4.4.26. 
Built from https://develop.svn.wordpress.org/branches/4.4@52501


git-svn-id: http://core.svn.wordpress.org/branches/4.4@52093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-01-06 18:56:04 +00:00
desrosj
dc03144cd7 Grouped backports to the 4.4 branch. 
- Query: Improve sanitization within `WP_Tax_Query`.
- Query: Improve sanitization within `WP_Meta_Query`.
- Upgrade/Install: Avoid using `unserialize()` unnecessarily.
- Formatting: Correctly encode ASCII characters in post slugs.

Merges [52454-52457] to the 4.4 branch.
Props vortfu, dd32, ehtis, zieladam, whyisjake, xknown, peterwilsoncc, desrosj, iandunn.
Built from https://develop.svn.wordpress.org/branches/4.4@52479


git-svn-id: http://core.svn.wordpress.org/branches/4.4@52071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-01-06 18:19:21 +00:00
Peter Wilson
fac990ebab WordPress 4.4.25. 
Built from https://develop.svn.wordpress.org/branches/4.4@50882


git-svn-id: http://core.svn.wordpress.org/branches/4.4@50491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2021-05-12 23:22:19 +00:00
desrosj
a64be2cd83 Build/Test Tools: Support NodeJS 14.x in the 4.4 branch. 
This updates the 4.4 branch to support the latest LTS version of NodeJS (currently 14.x), allowing the same version to be used across all WordPress branches that receive security updates as a courtesy.

Because older branches use (really) old versions of NodeJS, the local Docker environment cannot be backported since the needed dependencies will not run on these older versions (see #48301). This also blocks the ability to move automated testing over to GitHub Actions (see #50401).

This also replaces the `npm-shrinkwrap.json` with a `package-lock.json` file. Lock files were not supported in earlier versions of NPM, but can now be used.

In addition to backporting the package updates that happened after branching 4.4, dependencies that were removed in future releases have also been updated to their latest versions.

Props desrosj, dd32, netweb, jorbin.
Merges [35859,35862,36860-36865,36935,36978-36979,37017,37019-37020,37212,37612,38111,38688,39110,39113-39119,39478,42460-42461,42463,42887,43320,43323,43977,44219,44233,44728,45321,45765,46404,46408-46409,47404,47867-47869,47872-47873,48705,49636,49933,49937,49939,50017,50126,50176,50185,50192] to the 4.4 branch.
See #52341.
Built from https://develop.svn.wordpress.org/branches/4.4@50210


git-svn-id: http://core.svn.wordpress.org/branches/4.4@49881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2021-02-05 04:23:43 +00:00
desrosj
13400ce28c WordPress 4.4.24. 
Built from https://develop.svn.wordpress.org/branches/4.4@49420


git-svn-id: http://core.svn.wordpress.org/branches/4.4@49179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 19:41:43 +00:00
whyisjake
e6644734de General: WordPress updates 
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.4 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.4@49402


git-svn-id: http://core.svn.wordpress.org/branches/4.4@49161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 19:04:23 +00:00
Sergey Biryukov
adc2fc2f4a Administration: Pass the result of set-screen-option filter to the new set_screen_option_{$option} filter to ensure backward compatibility. 
Rename the `$keep` parameter of both filters to `$screen_option` for clarity, update the documentation to better reflect its purpose.

Follow-up to [47951].

Props Chouby, sswells, SergeyBiryukov.
Merges [48241] to the 4.4 branch.
Fixes #50392.
Built from https://develop.svn.wordpress.org/branches/4.4@48254


git-svn-id: http://core.svn.wordpress.org/branches/4.4@48023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-07-01 09:52:16 +00:00
desrosj
9c8eee595c WordPress 4.4.23. 
Built from https://develop.svn.wordpress.org/branches/4.4@47999


git-svn-id: http://core.svn.wordpress.org/branches/4.4@47767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 21:38:55 +00:00
whyisjake
9894097207 General: Backport several commits for release. 
- Embeds: Ensure that the title attribute is set correctly on embeds.
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.
Merges [47947-47951] to the 4.4 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Built from https://develop.svn.wordpress.org/branches/4.4@47972


git-svn-id: http://core.svn.wordpress.org/branches/4.4@47742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 18:54:30 +00:00
desrosj
7ec71f51b1 Update the About page for WordPress 4.4.22 
Built from https://develop.svn.wordpress.org/branches/4.4@47694


git-svn-id: http://core.svn.wordpress.org/branches/4.4@47471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-04-29 18:31:20 +00:00
Sergey Biryukov
0983cf671d WordPress 4.4.21 
Built from https://develop.svn.wordpress.org/branches/4.4@46929


git-svn-id: http://core.svn.wordpress.org/branches/4.4@46729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-12-12 20:31:20 +00:00
desrosj
25a94707d9 WordPress 4.4.20. 
Built from https://develop.svn.wordpress.org/branches/4.4@46516


git-svn-id: http://core.svn.wordpress.org/branches/4.4@46313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-10-14 20:12:20 +00:00
desrosj
d1cc3f64da WordPress 4.4.19. 
Built from https://develop.svn.wordpress.org/branches/4.4@46038


git-svn-id: http://core.svn.wordpress.org/branches/4.4@45850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 22:04:00 +00:00
Sergey Biryukov
51be1d635c Escape the output in wp_ajax_upload_attachment(). 
Merges [45936] to the 4.4 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.4@45951


git-svn-id: http://core.svn.wordpress.org/branches/4.4@45762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 16:38:22 +00:00
Gary Pendergast
b82d7057c6 WordPress 4.4.18 
Built from https://develop.svn.wordpress.org/branches/4.4@44878


git-svn-id: http://core.svn.wordpress.org/branches/4.4@44709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-13 01:31:20 +00:00
Sergey Biryukov
f797452514 Comments: Improve comment content filtering. 
Merges [44842] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@44850


git-svn-id: http://core.svn.wordpress.org/branches/4.4@44682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-12 22:40:20 +00:00
Jeremy Felt
d79c34ca3a Bump 4.4 branch to version 4.4.17. 
Built from https://develop.svn.wordpress.org/branches/4.4@44083


git-svn-id: http://core.svn.wordpress.org/branches/4.4@43913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 02:14:45 +00:00
Gary Pendergast
b9154e3211 Editor: Remove unwanted fields before saving posts. 
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.4 branch.


Built from https://develop.svn.wordpress.org/branches/4.4@44062


git-svn-id: http://core.svn.wordpress.org/branches/4.4@43892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:49:19 +00:00
Peter Wilson
7da4f3910f Multisite: Validate activation links. 
Merges [44048] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@44061


git-svn-id: http://core.svn.wordpress.org/branches/4.4@43891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:47:21 +00:00
Aaron Campbell
40f9e10d03 Bump 4.4 branch to version 4.4.16 
Built from https://develop.svn.wordpress.org/branches/4.4@43412


git-svn-id: http://core.svn.wordpress.org/branches/4.4@43240 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-05 16:12:48 +00:00
Aaron Campbell
77061065b4 Bump 4.4 branch to version 4.4.15 
Built from https://develop.svn.wordpress.org/branches/4.4@42938


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-03 20:30:01 +00:00
Dion Hulse
fbefbce5ea Bump the 4.4 branch to 4.4.14. 
Built from https://develop.svn.wordpress.org/branches/4.4@42499


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 21:42:38 +00:00
Dion Hulse
e462191652 External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.4 branch.
Fixes #42720 for 4.4.

Built from https://develop.svn.wordpress.org/branches/4.4@42482


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 08:09:32 +00:00
Dion Hulse
3b20d41071 Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. 
Props joemcgill, dd32.
Merges [42434] to the 4.4 branch.
Fixes #42963 for 4.4.

Built from https://develop.svn.wordpress.org/branches/4.4@42470


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42299 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 06:56:35 +00:00
John Blackbourn
448ccd4397 Bump 4.4 branch to version 4.4.13. 
Built from https://develop.svn.wordpress.org/branches/4.4@42321


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 19:01:31 +00:00
John Blackbourn
9352de38ba Hardening: Use a properly generated hash for the newbloguser key instead of a determinate substring. 
Merges [42258] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@42284


git-svn-id: http://core.svn.wordpress.org/branches/4.4@42113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 16:28:31 +00:00
Gary Pendergast
2f96a03e6c Bump 4.4 branch to version 4.4.12. 
Built from https://develop.svn.wordpress.org/branches/4.4@42073


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:26:30 +00:00
Dominik Schilling
905b95c1e7 Taxonomy/Users: Use correct escaping function for URLs. 
Merge of [41522] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@41527


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 21:33:30 +00:00
Dominik Schilling
a80bb4a686 Bump 4.4 branch to version 4.4.11. 
Built from https://develop.svn.wordpress.org/branches/4.4@41514


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 20:02:00 +00:00
John Blackbourn
5e87d63b30 Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@41462


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:42:01 +00:00
John Blackbourn
07d70c3944 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41415] and [41416] into the 4.4 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/4.4@41434


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 12:13:31 +00:00
Dominik Schilling
9d802e8a45 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@41421


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:13:42 +00:00
Aaron Campbell
13db27bb7b Bump 4.7 branch to version 4.4.10. 
Built from https://develop.svn.wordpress.org/branches/4.4@40751


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:51:30 +00:00
Aaron Campbell
3ef577baad Add nonce for updating file system credentials. 
Merges [40723] to 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40727


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:55:30 +00:00
Dominik Schilling
db7b82e90a Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@40708


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:17:32 +00:00
Pascal Birchler
96a0557865 Bump 4.4 branch to version 4.4.9. 
Built from https://develop.svn.wordpress.org/branches/4.4@40490


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:24:32 +00:00
Pascal Birchler
63d7638596 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40463


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:17:31 +00:00
James Nylen
b96b3f4d38 Bump 4.4 branch to version 4.4.8. 
Built from https://develop.svn.wordpress.org/branches/4.4@40205


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:23:31 +00:00