__group__,ticket,summary,reporter,component,_version,priority,severity,milestone,type,_status,workflow,_created,modified,_description,_reporter
Old Tickets,60398,"WordPress 6.4.3 MacOS/Linux Compressed Zip plugin archives ""Incompatible Archive"" on upload",Endymion00,Upload,6.4.3,normal,normal,6.4.4,defect (bug),reopened,commit,2024-01-31T11:42:20Z,2024-03-06T08:44:43Z,"If I zip a plugin folder using MacOS right-click Compress command in the contextual menu, those archives are no longer accepted when using upload plugin. It returns ""Incompatible Archive"". This has worked up until now. Probably related to recent security updates for the plugin and theme uploader.
If I create a zip on the command line of the same folder that works correctly.",Endymion00
Last Week,60754,Block Hooks: Incorrect context passed when setting ignored hooked blocks metadata,Bernhard Reiter,General,trunk,normal,normal,6.5,defect (bug),new,has-patch,2024-03-12T11:17:36Z,2024-03-18T14:21:50Z,"Since [57790], the `rest_pre_insert_wp_template` and `rest_pre_insert_wp_template_part` hooks in the Templates Controller are used to call `inject_ignored_hooked_blocks_metadata_attributes()`, which in turn sets the `ignoredHookedBlocks` metadata attribute on anchor blocks upon writing to the DB.
The latter function applies the `hooked_block_types`, `hooked_block`, and `hooked_block_{$hooked_block_type}` filters, in order to inform which blocks should be hooked to a given anchor block. Each of these filters is given a `$context` argument, which in the case of templates (and template parts, respectively) is the containing `WP_Block_Template` object.
Since the `rest_pre_insert_`-prefixed filters only pass a `stdClass` object for the relevant `$changes` that need to be made to the relevant template (or template part), `$context` is constructed by fetching the existing template (or part) via `get_block_template()` (using the template/part ID present in the network `$request`).
This isn't quite how things should be: `hooked_block_types`, `hooked_block`, and `hooked_block_{$hooked_block_type}` should be given a `$context` object that reflects the template (part) that is about to be persisted to the database, ''not'' the one that's currently stored there. A filter might e.g. look for the presence of a certain block in the template's content; that block might not have been present in the previous version of a template (stored in the DB) but might've been added by the user in the editor (and will be part of the payload that's used to update the DB).",Bernhard Reiter
Last Week,60751,Add fallback for the default font folder path,mmaattiiaass,Editor,trunk,high,normal,6.5,task (blessed),new,has-patch,2024-03-11T20:34:57Z,2024-03-19T01:16:26Z,"Implement this design decision:
> For installations that don’t support modification of the wp-content directory, the Font Library will use wp-content/uploads/fonts as a fallback location, ensuring we stay true to our project philosophy of designing for the majority while still making the feature available to anyone out of the box without extra steps from the user.
Reference: https://make.wordpress.org/core/2024/03/07/unblocking-wp6-5-font-library-and-synced-pattern-overrides/",mmaattiiaass
Old Tickets,60652,font_dir filter enters an infinite loop if wp_get_upload_dir() is used in the filter callback,mmaattiiaass,General,trunk,normal,normal,6.5,defect (bug),reopened,has-patch,2024-02-28T13:20:40Z,2024-03-19T01:58:08Z,"Calling wp_get_upload_dir() inside a font_dir filter callback produces an infinite loop.
Use this snippet and try to install a font using the font library to reproduce the issue:
{{{#!php
'secupress',
'fields' => []
)
);
}}}
Since the doc says ''""@type bool $contributors Whether to return the list of contributors. **Default false**.""'' I should not receive this field.
Let see the response:
{{{#!php
string(37) ""SecuPress Free — WordPress Security""
[""slug""]=>
string(9) ""secupress""
[""version""]=>
string(7) ""2.2.5.1""
[""author""]=>
string(44) ""SecuPress""
[""author_profile""]=>
string(41) ""https://profiles.wordpress.org/secupress/""
[""contributors""]=>
array(4) {
...
}}}
There is. Same for those params that are ""false"" by default but still included: ""sections"", ""versions"", ""reviews"", ""banners"", ""active_installs"" (I don't know for ""group"", can't get the thing).
Also there is one param that is not affected by the arguments passed and always returned: ""num_ratings"".
Finally there is some fields that are always returned where the doc can't help, I tried to use they array keys to cancel them, no chance, this is : ""author', ""author_profile"" (those 2 may be forced, that's ok), ""support_threads"", ""support_threads_resolved"", ""upgrade_notice"", and ""requires_plugin"" (I know it's new, but don't forget it)
The patch may have to be done on w.org since this is the site that add too much data and to not respect the passed parameters.
Thanks for your time",juliobox
4-7 Days Ago,60774,Make the user_login field readonly instead of disabled on the profile screen,roytanck,Users,,normal,normal,6.6,enhancement,accepted,commit,2024-03-14T11:34:38Z,2024-03-14T14:18:12Z,"This came up in an accessibility audit of one of the sites I work on. On the profile edit screen in wp-admin, the username is displayed using an input field with the `disabled` attribute. This field is skipped by screen readers, which leads to a ""loss of information"" for visually impaired users.
It's better to use `readonly` here. This is exactly what the field is used for, and readonly fields are read by screen readers.",roytanck
4-7 Days Ago,60765,Typography Presets,ramonopoly,Editor,trunk,normal,normal,6.6,defect (bug),new,has-patch,2024-03-13T04:54:33Z,2024-03-13T05:36:36Z,"
We should pass theme.json settings to global preset or style value-generating callbacks.
Currently `value_func` callable properties in `PRESETS_METADATA` do not have access to the current theme JSON settings.
An example:
`wp_get_typography_font_size_value()` needs to know other theme.json settings in order to correctly output values.
Styles generated by `WP_Theme_JSON::get_stylesheet` outside a WordPress instance, using custom settings will therefore have no effect.
See bug issue for further details: https://github.com/WordPress/gutenberg/issues/58135
This ticket is to sync the following Gutenberg PR: https://github.com/WordPress/gutenberg/pull/58362
",ramonopoly
Last Week,60759,Block Hooks: Harmonize ignoredHookedBlocks metadata injection logic,Bernhard Reiter,General,,normal,normal,6.6,enhancement,new,,2024-03-12T15:15:43Z,2024-03-12T16:59:33Z,"As of [57790] and https://github.com/WordPress/gutenberg/pull/59561, both the Templates and the Navigation endpoints use the [https://developer.wordpress.org/reference/hooks/rest_pre_insert_this-post_type/ `rest_pre_insert_*`] filter to inject the `ignoredHookedBlocks` metadata attribute into anchor blocks, prior to persisting a template, template part, or navigation menu to the database.
[https://wordpress.slack.com/archives/C02RQBWTW/p1709650462126059?thread_ts=1709649022.232249&cid=C02RQBWTW It has been requested] that these methods be harmonized, i.e. to use the `inject_ignored_hooked_blocks_metadata_attributes` filter for both templates/parts and navigation menus. In particular, this would allow removing some of the filters that are currently present in the Navigation block in favor of more ""generic"" functions.
Conceptually, the relevant filters are indeed quite similar; the major difference is that the one for the Navigation block (`block_core_navigation_update_ignore_hooked_blocks_meta`) injects a `_wp_ignored_hooked_blocks` post meta into the `wp_navigation` post object, in order to allow hooked blocks to be inserted as a Navigation block's first or last child (see #59743).
To harmonize the filters, we would thus have to add a conditional in `inject_ignored_hooked_blocks_metadata_attributes` to set the post meta if the post type is `wp_navigation`. (Later on, we might consider extending this to include template parts, where it might also be desirable to insert hooked blocks as a Template Part block's first or last child; however, this should be tackled separately, in order not to conflate refactoring and adding new functionality.)
----
Eventually, it might also be possible to harmonize injection of hooked blocks (which happens upon reading from the database, unlike the injection of the `ignoredHookedBlocks` attribute discussed above, which happens upon writing to it.)",Bernhard Reiter
Last Week,60733,GitHub Actions updates and improvements for 6.6,desrosj,Build/Test Tools,,normal,normal,6.6,task (blessed),new,,2024-03-09T01:05:07Z,2024-03-09T01:07:53Z,"
This ticket is for various updates and improvements for Core's GitHub Actions workflows.
Previously:
- 6.5 (#59805)
- 6.4 (#58867)
- 6.3 (#57865)
- 6.2 (#57572)
",desrosj
Last Week,60732,Update old document URLs to new ones,mkismy,General,,normal,minor,6.6,enhancement,accepted,commit,2024-03-08T15:53:24Z,2024-03-12T06:51:33Z,"Some articles that was in https://wordpress.org/documentation/ was moved under https://developer.wordpress.org/advanced-administration/ and the old URLs has a redirect.
However URLs in php files still refer to the old ones so I thought the URLs should be updated to avoid unnecessary redirects.",mkismy
Last Week,60726,The WordPress core password reset needs to pre-populate the username to meet WCAG 2.2,estelaris,Login and Registration,,normal,normal,6.6,defect (bug),accepted,,2024-03-07T17:09:25Z,2024-03-07T19:33:35Z,"According to new WCAG 2.2 success criterion for [https://www.w3.org/TR/WCAG22/#dfn-processes 3.3.7 redundant entry].
The criterion establishes that information previously entered by or provided to the user that is required to be entered again the same process is either:
* auto-populated, or
* available for the user to select
There are 3 exceptions:
* re-entering the information is essential,
* the information is required to ensure the security of the content, or
* previously entered information is no longer valid.
Once the user has performed the process of requesting a new password, the redirected form should have the username filled-in to pass. As of now, this is the form that the user is redirected to:
",estelaris
Last Week,60724,TT2: Wrap Navigation block in Row within the header.html template part,tomjcafferkey,Bundled Theme,trunk,normal,normal,6.6,defect (bug),new,has-patch,2024-03-07T12:20:57Z,2024-03-13T09:31:10Z,"Now that the Block Hooks API has been released as part of WordPress 6.4 3PDs may want to insert their own blocks into the header of the TT2 theme, specifically after the Navigation block. This currently causes problems because the Navigation block and it's siblings are treated as flex items due to its parent being a Row block.",tomjcafferkey
Last Week,60723,TT3: Wrap Navigation block in Row within the header.html template part,tomjcafferkey,Bundled Theme,trunk,normal,normal,6.6,enhancement,assigned,has-patch,2024-03-07T12:11:25Z,2024-03-13T09:31:37Z,"Now that the Block Hooks API has been released as part of WordPress 6.4 3PDs may want to insert their own blocks into the header of the TT3 theme, specifically after the Navigation block. This currently causes problems because the Navigation block and it's siblings are treated as flex items due to its parent being a Row block.",tomjcafferkey
Last Week,60719,Add fonts upload location to Site Health report,swissspidy,Site Health,,normal,normal,6.6,enhancement,new,has-patch,2024-03-07T06:05:53Z,2024-03-12T16:54:27Z,"Just like Site Health lists the paths to the plugins/themes/uploads directories, we should list the path to the fonts directory (and its size) there as well.",swissspidy
Last Week,60706,Tests: Reduce usage of assertEquals for 6.6,SergeyBiryukov,Build/Test Tools,,normal,normal,6.6,task (blessed),new,has-patch,2024-03-06T06:55:52Z,2024-03-06T06:56:39Z,"Follow-up to:
* #59655 (6.5)
* #58956 (6.4)
* #57855 (6.3)
* #56800 (6.2)
* #55654 (6.1)
* #54726 (6.0)
* #53364 (5.9)
* #52482 (5.8)
* #38266 (5.7)
The `assertEquals()` test method does not check that the types of the expected and actual values match. This can hide subtle bugs especially when the values are falsey.
Tasks:
* Switch to using `assertSame()` when the type of the value in the assertion is important
* Replace overall usage of `assertEquals()` with type-strict assertion methods, with the aim of potentially removing its usage altogether
To help ease the effort of merging tests, changes should also be made upstream in the Gutenberg repository.",SergeyBiryukov
Last Week,60705,Test tool and unit test improvements for 6.6,SergeyBiryukov,Build/Test Tools,,normal,normal,6.6,task (blessed),new,has-patch,2024-03-06T06:53:46Z,2024-03-06T06:58:16Z,"Previously:
* #59647 (6.5)
* #58955 (6.4)
* #57841 (6.3)
* #56793 (6.2)
* #55652 (6.1)
* #54725 (6.0)
* #53363 (5.9)
* #52625 (5.8)
* #51802 (5.7)
* #51344 (5.6)
This ticket is for various fixes and improvements in PHPUnit tests that don't have a more specific ticket, as well as general improvements to the GitHub Actions workflows that run automated testing.",SergeyBiryukov
Last Week,60701,Bump default theme versions for WordPress 6.6,mukesh27,Bundled Theme,,normal,normal,6.6,task (blessed),new,,2024-03-06T05:03:35Z,2024-03-06T05:03:35Z,"All bundled themes from 2010 to 2024 will need a version bump for the 6.6 release.
Previously:
#59816 - 6.5
#58832 - 6.4
#57857 - 6.3
#57689 - 6.2
#56450 - 6.1
#55754 - 6.0
#54783 - 5.9
#53277 - 5.8
#52704 - 5.7
#51919 - 5.6
#50889 - 5.5
#49743 - 5.4",mukesh27
Last Week,60700,Coding Standards fixes for WP 6.6,mukesh27,General,,normal,normal,6.6,task (blessed),new,has-patch,2024-03-06T05:03:13Z,2024-03-18T15:44:26Z,"Previously:
- #59650 (6.5)
- #58831 (6.4)
- #57839 (6.3)
- #56791 (6.2)
- #55647 (6.1)
- #54728 (6.0)
- #53359 (5.9)
- #52627 (5.8)
- #51799 (5.7)
- #50767 (5.6)
- #49542 (5.5)
- #49222 (5.4)
- #47632 (5.3)
- #45934 (5.1)",mukesh27
Last Week,60699,Docblock improvements for 6.6,SergeyBiryukov,General,,normal,normal,6.6,task (blessed),new,,2024-03-06T04:57:35Z,2024-03-11T14:06:52Z,"Previously:
- #59651 (6.5)
- #58833 (6.4)
- #57840 (6.3)
- #56792 (6.2)
- #55646 (6.1)
- #54729 (6.0)
- #53399 (5.9)
- #52628 (5.8)
- #51800 (5.7)
- #50768 (5.6)
- #49572 (5.5)
- #48303 (5.4)
- #47110 (5.3)
- #46543 (5.2)
- #42505 (5.1)
- #41017 (4.9)
- #39130 (4.8)
- #37770 (4.7)
- #32246 (4.6)",SergeyBiryukov
Old Tickets,60692,Plugin dependencies: Allow a mu-plugin to fulfil a dependency,johnbillion,Upgrade/Install,trunk,normal,normal,6.6,enhancement,new,dev-feedback,2024-03-05T10:59:05Z,2024-03-05T12:00:04Z,"See discussion on #60504 for background.
An inactive plugin that has a dependency that is fulfilled by a mu-plugin is prevented from being activated as its dependency is considered unfulfilled. It should be possible for a mu-plugin to fulfil a plugin dependency.
It may be that a new filter or a default mu-plugin loader needs to be introduced so facilitate this.",johnbillion
Old Tickets,60685,Keyboard focus order mismatch in adminbar in front-end,joedolson,Toolbar,3.3,normal,normal,6.6,defect (bug),assigned,,2024-03-04T21:10:29Z,2024-03-05T15:38:45Z,"When viewing the Admin bar on the front-end, the search tool is added visually in the far right corner, after the profile menu. In the DOM, however, the search bar is located before the profile menu.
These should be reversed in the DOM so that keyboard order matches visual order.
See r19518.",joedolson
Old Tickets,60681,Elements: Fix application of element class name when attributes are filtered,aaronrobertshaw,Editor,trunk,normal,normal,6.6,defect (bug),new,has-patch,2024-03-04T07:25:07Z,2024-03-13T19:12:19Z,"This ticket tracks the backporting of PHP files for the following Gutenberg changes:
- https://github.com/WordPress/gutenberg/pull/59535
These changes fix a bug where if the block data was filtered via `render_block_data` the elements CSS class wouldn't be consistently applied breaking the feature.
The initial solution that was merged in Gutenberg via https://github.com/WordPress/gutenberg/pull/59533 caused a conflict in CSS classes that https://github.com/WordPress/gutenberg/pull/59535 addresses.",aaronrobertshaw
Old Tickets,60673,Indicate submenu item level in admin nav menu editor and customizer nav menu editor,joedolson,Menus,,normal,normal,6.6,enhancement,assigned,,2024-03-02T03:31:57Z,2024-03-05T15:23:23Z,"Follow up to #32728
Following the closure of #32728, both navigation menu interfaces indicate whether an item is in a submenu. It would improve the experience for screen reader users to indicate what level an item is at.",joedolson
Old Tickets,60672,Improve menu toggle accessible name in admin menus,joedolson,Menus,,normal,normal,6.6,defect (bug),assigned,has-patch,2024-03-02T03:29:57Z,2024-03-12T15:08:54Z,"Follow up from #32728
The Customizer accessible name format is ""Edit menu item: {item title} ({item type})"".
The admin accessible name format is ""{item title} Menu item n of n"".
It doesn't include the purpose of the control or the type, so the Customizer is providing better information; the admin menu needs to be updated.
",joedolson
Old Tickets,60668,Missing translation in login_header() first parameter,juliobox,Login and Registration,2.1,normal,minor,6.6,enhancement,accepted,has-patch,2024-03-01T10:22:14Z,2024-03-02T09:19:02Z,"Hey there
Actuel code from WP (wp-login.php):
{{{#!php
Add New Plugin`.
2. Click ""Install Now"".
3. Once installed, click ""Activate"".
4. 🐞 Once activated, click on the disabled ""Active"" button.
=== Expected Results
When testing a patch to validate it works as expected:
- ✅ The link does not work.
When reproducing a bug:
- ❌ The link still works despite the `.button-disabled` class being present.",costdev
Old Tickets,60654,Install several formats of the same font one by one is not possible,jdy68,Editor,trunk,normal,normal,6.6,enhancement,new,,2024-02-28T17:12:31Z,2024-03-18T11:52:17Z,"== Bug Report
=== Description
It's not possible to install multiple formats of the same font by installing one format at a time, but it works if you select different formats for the same upload.
=== Environment
- WordPress: 6.5-beta3
- PHP: 8.1.15
- Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1q mod_fcgid/2.3.10-dev
- Database: mysqli (Server: 8.0.30 / Client: mysqlnd 8.1.15)
- Browser: Chrome 122.0.0.0 (Windows 10/11)
- Theme: Twenty Twenty-Four 1.0
- MU-Plugins: None activated
- Plugins:
* WordPress Beta Tester 3.5.5
* Debug Log Manager 2.3.1
=== Steps to Reproduce
1. Go to Apparence > Editor > Styles.
2. Click on Edit styles button then Typography (in settings sidebar).
3. Click on Manage fonts button then Upload.
4. Click on Upload font and select the font on your computer. Choose a font for which several formats are available (ttf, woff, woff2) and select only one format, e.g. ttf.
5. The font is uploaded and installed.
6. Then click again on Upload font and select another format for the same font, e.g. woff.
7. 🐞 The following error message is displayed: ""No font faces were installed. Fetch error: A font face matching those settings already exists."" But if you upload several formats (ttf, woff and woff2) of the same font at once, then all 3 files are imported and the font is installed 3 times.
=== Expected Results
1. ✅ It should be possible to install different formats of the same font, at once or in several times.
=== Actual Results
1. ❌ When uploading different formats of the same font at once, all files are uploaded and installed, with no error message. But if you've already uploaded a format for a font (e.g. ttf), you can't upload the font in another format (such as woff or woff2), and an error message is displayed.",jdy68
Old Tickets,60647,Script Modules: Allow modules to depend on existing WordPress scripts,jonsurrell,Script Loader,trunk,normal,normal,6.6,feature request,assigned,,2024-02-27T15:40:59Z,2024-03-07T11:09:26Z,"Script modules cannot depend on existing scripts such as `wp-url`, `wp-i18n`, or `wp-api-fetch`.
Script modules should be able to leverage the functionality available in existing scripts.",jonsurrell
Old Tickets,60625,Update user interface for Site icon selection,kebbet,Administration,trunk,normal,normal,6.6,enhancement,new,,2024-02-23T15:39:53Z,2024-03-05T15:37:15Z,"Currently a user can set a site icon in two places outside the site editor: the general settings screen (added in 6.5) and the Customizer. Both these places have currently a design with some years to it. This ticket is aimed to discuss the design of these two places, and possible come up with a new one, and implement it.
Note that a preview also is displayed in the media modal when cropping the site icon.
This ticket has it's roots in ticket #54370",kebbet
Old Tickets,60610,Consider fixing user mistakes and/or adding unit tests for $preferred_ext in wp_mime_type_icon(),sabernhardt,Media,trunk,normal,normal,6.6,enhancement,accepted,,2024-02-22T19:39:29Z,2024-03-06T16:48:20Z,"Follow-up to ticket:31352#comment:54
The `$preferred_ext` value for `wp_mime_type_icon()` begins with a period, and developers might miss that. The function could check the first character and add the dot if it does not exist there. The function also could ensure that the letters are lowercase.
For unit tests, the `test_wp_mime_type_icon_video` test in `post/attachments.php` checks the default `$preferred_ext` parameter value. Adding at least one more test with a specific `$preferred_ext` could help.",sabernhardt
Old Tickets,60597,Script Modules API: Allow list of enqueued module data to be exposed,johnbillion,Script Loader,trunk,normal,normal,6.6,enhancement,new,,2024-02-21T23:24:22Z,2024-03-01T12:30:33Z,"There's no means for a plugin to fetch a list of registered or enqueued script modules for debugging purposes from the Script Modules API as there is from the existing Scripts Dependencies API.
Most likely the `get_import_map()`, `get_marked_for_enqueue()`, `get_dependencies()`, and `get_versioned_src()` methods of the `WP_Script_Modules` should be made public to facilitate this.",johnbillion
Old Tickets,60581,Redundant variable type check,david.binda,Shortcodes,trunk,normal,minor,6.6,enhancement,new,has-patch,2024-02-20T14:07:32Z,2024-02-20T14:13:38Z,"After the r57597, which is ensuring that the return type of the `shortcode_parse_atts` function is always an array, the `is_array` check in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/media.php?rev=57597#L5068 get_post_galleries] function is, IMHO, no longer needed.",david.binda
Old Tickets,60565,download_url() returns inaccurate error message on missing URL argument,hinnerk,HTTP API,6.4.3,normal,trivial,6.6,enhancement,reviewing,has-patch,2024-02-16T20:53:37Z,2024-02-19T19:48:29Z,"Expected:
{{{#!php
(%s)';
break;
}
}}}
Now please test in WP 6.3.x, using this:
{{{#!php
`. This is something that was apparently first [https://www.deviantart.com/team/journal/UPDATE-All-Deviations-Are-Opted-Out-of-AI-Datasets-934500371 implemented by DeviantArt].
- I do not know if this is actually respected by AI services. It is not an HTML standard today. In fact, discussions for a new HTML standard are still in progress, and suggest a different tag ([https://github.com/whatwg/html/issues/9334 reference]).
- If a standard like that were to be accepted, and if AI Services agreed to use it, it may be the best implementation in the future since we would not have to define a list of AI services.
4. You can completely block specific User Agents from accessing the site.
- I believe we may not want to implement something that drastic and potentially blocking real visitors in WordPress Core. This is something that is better left to plugins.
----
Some plugins already exist that implement some of the approaches above. It shows that there may be interest to include such a feature in Core.
- [https://wordpress.org/plugins/cellarweb-chatbot-blocker/ ChatBot Blocker]
- [https://wordpress.org/plugins/simple-noai-and-noimageai/ Simple NoAI and NoImageAI]
- [https://wordpress.org/plugins/block-ai-crawlers/ Block AI Crawlers]
- [https://wordpress.org/plugins/block-chat-gpt-via-robots-txt/ Block Chat GPT via robots.txt]
- [https://wordpress.org/plugins/block-common-crawl-via-robots-txt/ Block Common Crawl via robots.txt]
- [https://github.com/thefrosty/wp-block-ai-scrapers WordPress Block AI Scrapers]
----
If we were to go with the first option, here are some examples of the User Agents we would have to support:
- `Amazonbot` -- https://developer.amazon.com/support/amazonbot
- `anthropic-ai` -- https://www.anthropic.com/
- `Bytespider` -- https://www.bytedance.com/
- `CCBot` -- https://commoncrawl.org/ccbot
- `ClaudeBot` -- https://claude.ai/
- `cohere-ai` -- https://cohere.com/
- `FacebookBot` -- https://developers.facebook.com/docs/sharing/bot
- `Google-Extended` -- https://blog.google/technology/ai/an-update-on-web-publisher-controls/
- `GPTBot` -- https://platform.openai.com/docs/gptbot
- `omgili` -- https://webz.io/blog/web-data/what-is-the-omgili-bot-and-why-is-it-crawling-your-website/
- `omgilibot` -- https://webz.io/blog/web-data/what-is-the-omgili-bot-and-why-is-it-crawling-your-website/
- `SentiBot` -- https://sentione.com/
- `sentibot` -- https://sentione.com/
This list could be made filterable so folks can extend or modify that list as they see fit.",jeherve
Yesterday,60804,wp-admin shows as plain text or shows 403 forbidden,driftaa,Administration,6.4.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2024-03-19T08:33:59Z,2024-03-19T11:26:58Z,"Hello! Im new in WP and im trying to make a website for my business. I made the website and had a little work on it. On the next day some how the admin panel shows up like a plain text. When i try to click on an menu it shows up 403 forbidden. Im hosting it on my own server (xampp). I reinstalled WP and started over again. Last night I worked on the site and everything was fine. This morning I went to school and tried to open the admin. It shows up like plain text and when im trying to access for an example plugins menu it ends up with 403 forbidden. I have a screenshots . In the first time I installed it it was loading super slow, now after the installation it also loads slow but its a little bit better. My joomla site has no such a problems so please fix it. Joomla loads faster and it has no bugs or problems like that.",driftaa
Yesterday,60803,Include fonts directory in `get_space_used()` calculation,peterwilsoncc,Editor,,normal,normal,Awaiting Review,defect (bug),new,,2024-03-19T02:46:16Z,2024-03-19T11:37:00Z,"As font files can be uploaded by users other than the network administrators on multisite installs, the `get_space_used()` function may need to be modified to include the new folder.
This will ensure that all files are considered when calculating the amount of upload space available for individual sites on a multi-site install.
This isn't super urgent in the early days of the font library so can wait until a 6.5 point release.",peterwilsoncc
Yesterday,60802,Enable debug mode / debug options in site health,amykamala,Site Health,,normal,minor,Awaiting Review,feature request,new,close,2024-03-18T19:34:03Z,2024-03-19T10:27:07Z,"Debugging is a necessity for any developer and for WordPress users in general. As it stands now debug mode and the related debug options can only be enabled through manually editing the wp-config file to add or adjust wp-config constants. This makes debugging harder to access for everyone, and even more difficult to access for users that are either not familiar with ftp/ssh or who only have wp-admin access and not access to the filesystem.
Adding toggle options for debugging mode in the Site Health tools wp-admin page would make troubleshooting errors and issues easier and more accessible for all users with administrator access. As a bonus, this would also decrease the demand on web host technical support because users would be more equipt to identify plugin conflicts, php errors and other issues independently.
Proposed Site Health Options:
- 'Enable debugging on/off' -- WP_DEBUG true/false with false as default and subtext about only setting to true/on for troubleshooting bc of adverse performance effects.
- 'Enable debug log on/off' -- WP_DEBUG_LOG true/false - set to true/on as default and
- Site Health could and should have a tab to view contents of debug logs within wp-admin (maybe -tail 30 or the last 30-50 results, potentially could improve on this to hide duplicate entries, to hide warnings and notices and to grep/search for keywords)
- 'Show errors on front end on/off' - WP_DEBUG_DISPLAY true/false with a default to false so as not to expose debugging to end users and this could also have a toggle option to display errors only in wp-admin pages and not on the front end
- Debugging should be set to never display on the front end in the first place as a default (ever), that could probably be it's own ticket
- This could be expanded on to include toggle settings for SCRIPT_DEBUG and SAVEQUERIES constants
",amykamala
Yesterday,60801,New sessions are created when user authenticates but there already are active sessions,robert681,Login and Registration,6.4.3,normal,normal,Awaiting Review,defect (bug),new,,2024-03-18T18:28:41Z,2024-03-19T11:49:09Z,"**The problem:** When a user logs in to WordPress a new session is created. If the user opens a new browser tab and navigates to website/wp-admin, the user does not need to authenticate because of the session cookies are saved in the browser, which is the expected behaviour. The same happens even when the user closes the browser completely and reopens it within the duration of that session.
However, if the user navigates to the URL *website/wp-login.php* on the website they are already logged in, the user is presented with a login page, and upon authenticating WordPress creates a new session and new cookies etc, instead of ""retrieving"" the existing logged-in session.
**How to reproduce:**
1. Log in to a WordPress website
2. Open a new browser tab on the same browser (you can close the previous one)
3. Navigate to the login page of the same website you are already logged in to: *website/wp-login.php*
4. Log in
At this point there are two different sessions for the same user in the database and in the browser the user has multiple sets of cookies for the different sessions.
**The issues this causes:**
1. Excessive amount of unnecessary session data in the database. We've seen some large websites with tens of thousands of session entries in the database.
2. Site admins who try to control / limit / manage the number of simultaneous user sessions with third party plugins end up having a lot of problems, such as locking out legit users etc
**Possible solution?:** There are a few possible solutions, however, the easiest one we can think of is to check for session cookies in the users' browsers whenever they access the *wp-login.php*, and if there are, retrieve that session.",robert681
Yesterday,60799,Change the Header Tag in Link Modal from
to
for Better Accessibility,lyonmuller,TinyMCE,6.4.3,normal,normal,Awaiting Review,defect (bug),new,,2024-03-18T15:38:57Z,2024-03-19T11:50:59Z,"=== Problem:
Currently, the WordPress link insertion modal in the text editor uses an
tag for its title (""Insert/edit link""). This can create accessibility issues, as multiple
tags on a single page can confuse screen readers and undermine the semantic structure of the content, potentially leading to a poor user experience for people with disabilities.
=== Proposed Solution:
I suggest changing the
tag in the link insertion modal to a
tag, or alternatively to a tag if the heading level is not appropriate in the context of the modal's use. This change would improve the semantic HTML structure and enhance accessibility by maintaining a proper heading hierarchy.
=== Justification:
According to the HTML5 specification and accessibility guidelines, a page should have a clear and logical heading hierarchy. The main content should start with an
tag, followed by
,
, and so on. The current use of an
tag in the link modal disrupts this hierarchy, especially since this modal can appear on any page regardless of the existing heading structure.
Implementing this change will make WordPress more accessible and compliant with WCAG (Web Content Accessibility Guidelines) standards, which is crucial for users relying on screen readers and for SEO best practices.
=== Steps to Reproduce:
1. Go to the WordPress text editor.
2. Click on the 'Add link' button to open the link insertion modal.
3. Inspect the modal's title element, which is currently marked up as an
.
=== Possible Implementation:
The change can be implemented by modifying the HTML structure in the core WordPress files where the link modal is defined. Additionally, testing should be conducted to ensure that this change does not affect the modal's functionality and that it enhances the accessibility as intended.
I am looking forward to the community's input on this proposal and am happy to contribute to the implementation and testing phases.
",lyonmuller
Yesterday,60798,Investigate potentially failing Imagick PDF alpha channel test,swissspidy,Media,,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2024-03-18T11:30:17Z,2024-03-18T11:31:33Z,"The test `\Tests_Image_Editor_Imagick::test_remove_pdf_alpha_channel_should_remove_the_alpha_channel_in_preview()` was introduced in #39216 / [56271].
On some hosting providers, this test appears to be failing with errors such as this:
{{{
Tests_Image_Editor_Imagick::test_remove_pdf_alpha_channel_should_remove_the_alpha_channel_in_preview
The intermediate size could not be retrieved.
Failed asserting that false is of type ""array"".
/tmp/wp-test-runner/tests/phpunit/tests/image/editorImagick.php:680
}}}
Examples:
https://make.wordpress.org/hosting/test-results/r57849/wpsabot-r57849/
https://make.wordpress.org/hosting/test-results/r57848/wetopibot-r57848/
We should investigate this failure to see whether it's an issue in core or with the hosting provider.
The test mentions ""Ghostscript version >= 9.14"", so maybe it's just a matter of skipping the test if the installed Ghostscript version (`gs --version` I think) is older than that.",swissspidy
Yesterday,60796,An error for page and post without revisions support,danielpietrasik,"Posts, Post Types",6.4,normal,normal,Awaiting Review,defect (bug),new,,2024-03-18T10:03:04Z,2024-03-18T10:03:04Z,"Since **6.4.0** the `$revisions_enabled` argument was added to the arguments array of `register_meta()` function (https://developer.wordpress.org/reference/functions/register_meta/#changelog).
For post and page with disabled revisions support there is an error:
Error: Function register_meta was called incorrectly. Meta keys cannot enable revisions support unless the object subtype supports revisions. Please see Debugging in WordPress for more information. (This message was added in version 6.4.0.).
In register_block_core_footnotes() function `revisions_enabled` argument is permanently set to true and it's makes this error.",danielpietrasik
Yesterday,60794,Central Payment Gateway API for WordPress and All Plugins,beycanpress,Plugins,,normal,major,Awaiting Review,enhancement,new,,2024-03-18T03:02:49Z,2024-03-18T18:13:30Z,"I think it's time to add a built-in payment gateway API to WordPress. Each plugin develops its own API and we develop custom plugins for each plugin. This is ridiculous.
Imagine if there was a centralized API and PayPal, Stripe or any payment gateway was integrated for that API. All other plugins will use that API.",beycanpress
Yesterday,60793,wp_trigger error has a wrong wp_kses $allowed_html arguement.,nico23,Formatting,6.4,normal,normal,Awaiting Review,defect (bug),new,has-patch,2024-03-18T02:04:16Z,2024-03-18T02:15:45Z,"Elements and attributes need to be array keys, not values.
Came with: https://core.trac.wordpress.org/changeset/56707
Fix: https://github.com/WordPress/wordpress-develop/pull/6285",nico23
2 Days Ago,60791,Pre-populate slug using URL parameters on new post edit screen.,gerardreches,"Posts, Post Types",,normal,normal,Awaiting Review,enhancement,new,has-patch,2024-03-17T06:29:23Z,2024-03-17T15:28:10Z,"get_default_post_to_edit() allows to pre-populate `post_title`, `content`, and `excerpt` from `$_REQUEST`.
This URL will pre-populate the title and the content:
/wp-admin/post-new.php?post_type=post&post_title=My+Title&content=aaaa
I have an use case where I need to do the same for the `post_name`:
https://wordpress.org/support/topic/set-title-and-slug-of-new-post-using-url-parameters/
I have a shortcode that allows me to load content from a custom post type, and it searches by slug (it needs to be this way for UX reasons).
If the post with the provided slug doesn't exist, I register an admin notice alerting that the shortcode is trying to load an unexisting post, and offer a link to create the missing post with the specified slug. I need the slug to be pre-populated with the URL parameter, just as it is possible to do for title, content, and excerpt.",gerardreches
3 Days Ago,60790,Editor has encountered an unexpected error,shilpamanoj,Editor,trunk,normal,normal,Awaiting Review,defect (bug),new,,2024-03-16T10:02:59Z,2024-03-16T10:02:59Z,"During the customization of the Blog template, an unexpected error was encountered by the editor when changing the line height after uploading a custom font.
",shilpamanoj
3 Days Ago,60789,Administration Email Address: Allow method to deactivate,andrewhoyer,Administration,,normal,normal,Awaiting Review,feature request,new,close,2024-03-16T01:23:43Z,2024-03-18T21:12:43Z,"As a manager of many client sites, my email address is used on a lot of sites in the ""Administration Email Address"" in Settings > General.
Over time, clients move to other vendors, and sometimes this happens without the opportunity to change the Administration Email Address before it is moved. In many cases, this email address remains unchanged for years, and I continue to receive software update, user account, and other emails for accounts I have no contact with, and no way to access to change the setting.
This has been mentioned by other WordPress developers as well, and I believe it is a widespread problem, although one easy to dismiss on a day-to-day basis. I did a search through Trac tickets and didn't see anything like it, so I am posting this ticket in hopes that a solution can be reached.
Ideally, I'd like to see a solution that includes a time-sensitive link (similar to new account registrations) that would allow the owner of the admin to click through to the link, and agree to have the email address removed as the ""Administration Email Address"".",andrewhoyer
3 Days Ago,60788,Content-Disposition support in download_url() seems broken,siliconforks,HTTP API,6.4.3,normal,normal,Awaiting Review,defect (bug),new,,2024-03-16T01:12:30Z,2024-03-16T01:12:30Z,"
In https://core.trac.wordpress.org/changeset/51939 a change was made to resolve ticket https://core.trac.wordpress.org/ticket/38231 to make `download_url()` use the `Content-Disposition` header to specify the name of the downloaded file. I realize I'm a bit late to the party here since the ticket was opened more than 7 years ago and the change was made more than 2 years ago, but I think that this change was flawed and needs to be reconsidered (and possibly reverted entirely). The way it was implemented seems fundamentally broken and has the effect of making `download_url()` basically impossible to use reliably.
Consider the following simple PHP script named `echo.php`:
{{{#!php
""Add New
Post"".
I would love to have this new usability feature added in the core.",klevismiho
4-7 Days Ago,60770,TimeZone select box compatibility with RTL directions,farhad0,Administration,trunk,normal,normal,Awaiting Review,enhancement,new,has-patch,2024-03-13T15:35:10Z,2024-03-13T16:55:59Z,"This patch fixes the time zone select box compatibility with RTL directions It sets auto direction which makes the options value compatible with both RTL and LTR directions
",farhad0
4-7 Days Ago,60769,Block Hooks: Consolidate approach to get the list of hooked blocks.,tomjcafferkey,General,,normal,normal,Awaiting Review,enhancement,new,,2024-03-13T14:28:40Z,2024-03-13T14:28:40Z,"Our current approach to getting hooked blocks has two parts to it:
1. We use `get_hooked_blocks()` to get all of the hooked blocks which are hooked from the `block.json` file.
2. In function `insert_hooked_blocks` we apply the filter callbacks (passing a derived value from step 1 as the default value) to get hooked blocks that are applied by the `hooked_block_types` filter.
Currently it's a bit confusing and without knowledge you'd assume `get_hooked_blocks()` would retrieve ''all'' of the hooked blocks. Additionally it feels like you have to run a few different pieces of code separately and combine their resulting values to get a complete picture which could result in some bugs or unnecessary complexities.
I feel there's room for improvement to provide a better API for getting all of the hooked blocks by consolidating these two approaches into a single function somehow.
How this to work we would also need to know the current context so we can pass that data to the filter callbacks.",tomjcafferkey
4-7 Days Ago,60766,i have faching this error how can i fix this,rajgt1,General,6.4.3,normal,major,Awaiting Review,defect (bug),new,close,2024-03-13T07:32:45Z,2024-03-13T16:08:17Z,"
`Warning: require(C:\xampp\htdocs\Nieuprawny/wp-includes/sodium_compat/autoload.php): Failed to open stream: No such file or directory in C:\xampp\htdocs\Nieuprawny\wp-includes\compat.php on line 338`
`Fatal error: Uncaught Error: Failed opening required 'C:\xampp\htdocs\Nieuprawny/wp-includes/sodium_compat/autoload.php' (include_path='C:\xampp\php\PEAR') in C:\xampp\htdocs\Nieuprawny\wp-includes\compat.php:338 Stack trace: #0 C:\xampp\htdocs\Nieuprawny\wp-settings.php(34): require() #1 C:\xampp\htdocs\Nieuprawny\wp-config.php(96): require_once('C:\\xampp\\htdocs...') #2 C:\xampp\htdocs\Nieuprawny\wp-load.php(50): require_once('C:\\xampp\\htdocs...') #3 C:\xampp\htdocs\Nieuprawny\wp-blog-header.php(13): require_once('C:\\xampp\\htdocs...') #4 C:\xampp\htdocs\Nieuprawny\index.php(17): require('C:\\xampp\\htdocs...') #5 {main} thrown in C:\xampp\htdocs\Nieuprawny\wp-includes\compat.php on line 338`",rajgt1
Last Week,60763,Allow resizing the indivigual content areas in Appearance / Menus,namith.jawahar,Menus,trunk,normal,normal,Awaiting Review,enhancement,new,has-patch,2024-03-12T20:54:27Z,2024-03-12T20:57:22Z,"The space to select posts, pages and custom posts for dropping into the menu is restricted to 200px height which makes it really difficult to select posts/pages when creating/editing menus.
The user experience will be greatly improved if the section can be resized.",namith.jawahar
Last Week,60756,Block Hooks: Toggle (re-)inserts hooked block in wrong position (if added by filter),Bernhard Reiter,General,,normal,normal,Awaiting Review,defect (bug),new,,2024-03-12T13:59:51Z,2024-03-12T14:48:27Z,"As of [https://github.com/WordPress/gutenberg/pull/59396 this change], Block Hook toggles are displayed for hooked blocks that were added by a filter (rather than during block registration), ''if the containing template or template part has had user modifications''. (Displaying the toggle also for ''un''modified templates/parts is the subject of #59574, see especially https://core.trac.wordpress.org/ticket/59574#comment:13.)
There is still one more problem with these toggles: If the user disables the toggle to remove the hooked block, and then re-enables it to re-insert the latter, it's not possible for the client to infer ''where'' to insert it. Instead, it simply defaults to (re-)inserting it ''after'' the anchor block.
The reason is that once the hooked block is removed, no information about its position relative to its anchor block is available. The only available information is the `ignoredHookedBlocks` metadata attribute on the anchor block, which is an array of hooked block type names (e.g. `[""core/loginout"",""mycommerce/shopping-cart""]`). They do however not include the relative position of these hooked blocks. (This was considered in the original ticket #59646 for enabling Block Hooks in modified templates/parts, but ultimately dismissed.)",Bernhard Reiter
Last Week,60753,"Fatal error: Uncaught Error: Class ""wpdb"" not found in load.php",danlelbachhuber,General,,normal,normal,Awaiting Review,defect (bug),new,,2024-03-12T07:29:07Z,2024-03-12T19:47:02Z,"Hello, after updated php version in WordPress, i can't show admin login and errors are:
Fatal error: Uncaught Error: Class ""wpdb"" not found in
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-includes/load.php:428 Stack trace: #0
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-settings.php(120): require_wp_db() #1
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-config.php(98): require_once('...') #2
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-load.php(37): require_once('...') #3
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-admin/admin.php(34): require_once('...') #4
/home/mhd-01/www.xxxxxxxx.it/htdocs/wp-admin/index.php(10): require_once('...') #5
{main} thrown in /home/mhd-01/www.xxxxxxxx.it/htdocs/wp-includes/load.php on line 428
Is there any ideas about can i resolve this? Thanks.
I would login and not show any errors in my site on WordPress.",danlelbachhuber
Last Week,60752,Fatal error: Uncaught Error: Class 'WpOrg\Requests\Hooks' not found,moustifi,General,,normal,normal,Awaiting Review,defect (bug),new,,2024-03-12T07:15:27Z,2024-03-12T19:36:57Z,"I've been getting the same error message the last few days...makes me think it has something to do with the update?
I've tried: disabling plugins, and downloading/removing themes and reinstalling twenty twenty-one.
I'm new to WordPress, therefore have no backup, and at a complete loss here. Any guidance is much appreciated!
Fatal error: Uncaught Error: Class 'WpOrg\Requests\Hooks' not found in /home/sites/17a/3/36b2a5154b/practicalpathways/wp-includes/class-wp-http-requests-hooks.php:18 Stack trace: #0 /home/sites/17a/3/36b2a5154b/practicalpathways/wp-settings.php(249): require() #1 /home/sites/17a/3/36b2a5154b/practicalpathways/wp-config.php(92): require_once('/home/sites/17a...') #2 /home/sites/17a/3/36b2a5154b/practicalpathways/wp-load.php(50): require_once('/home/sites/17a...') #3 /home/sites/17a/3/36b2a5154b/practicalpathways/wp-admin/admin.php(34): require_once('/home/sites/17a...') #4 /home/sites/17a/3/36b2a5154b/practicalpathways/wp-admin/index.php(10): require_once('/home/sites/17a...') #5 {main} thrown in /home/sites/17a/3/36b2a5154b/practicalpathways/wp-includes/class-wp-http-requests-hooks.php on line 18
Notice: Function is_embed was called incorrectly. Conditional query tags do not work before the query is run. Before then, they always return false. Please see Debugging in WordPress for more information. (This message was added in version 3.1.0.) in /home/sites/17a/3/36b2a5154b/practicalpathways/wp-includes/functions.php on line 5865
Notice: Function is_search was called incorrectly. Conditional query tags do not work before the query is run. Before then, they always return false. Please see Debugging in WordPress for more information. (This message was added in version 3.1.0.) in /home/sites/17a/3/36b2a5154b/practicalpathways/wp-includes/functions.php on line 5865",moustifi
Last Week,60750,Warning: these pages should not be the same as your Privacy Policy page!,OctoTooT,General,6.4.3,normal,normal,Awaiting Review,defect (bug),new,,2024-03-11T20:20:54Z,2024-03-11T20:20:54Z,On Settings > Reading this message appears. The Privacy Page is NOT SELECTED. The homepage is another page and that is what is selected. There is nothing else in there.,OctoTooT
Last Week,60748,auth_redirect() login check doesn't exist or doesn't work,kratosgemini,Login and Registration,,normal,normal,Awaiting Review,defect (bug),new,,2024-03-11T13:11:38Z,2024-03-11T13:33:04Z,"The `auth_redirect()` documentation states:
""Checks if a user is logged in, if not it redirects them to the login page.""
[https://developer.wordpress.org/reference/functions/auth_redirect/]
However, unless a call to `auth_redirect()` is wrapped inside a `is_user_logged_in()` check, then it always sends people to the login page (even if a user is already logged in).
I don't know if the documentation is incorrect or if there is a bug in the code.
To reproduce, all you need to do is something like this:
{{{#!php
'string',
'author__not_in' => 'string',
'category__and' => 'string',
'category__in' => 'string',
'category__not_in' => 'string',
'post__in' => 'string',
'post__not_in' => 'string',
'post_name__in' => 'string',
'post_parent__in' => 'string',
'post_parent__not_in' => 'string',
'tag__and' => 'string',
'tag__in' => 'string',
'tag__not_in' => 'string',
'tag_slug__and' => 'string',
'tag_slug__in' => 'string',
}}}
Using most of the above query args in a `WP_Query::get_posts()` call result in a PHP fatal.
Things that expect scalars:
{{{
'attachment' => array(),
'author_name' => array(),
'feed' => array(),
}}}
Using any of the above query args result in a PHP fatal on a default WP installation:
{{{
alex@wayra core % cat .wp-env.json
{
""core"": null
}
}}}
http://localhost:8888/?attachment[]=admin
{{{
Fatal error: Uncaught TypeError: urlencode(): Argument #1 ($string) must be of type string, array given in /var/www/html/wp-includes/formatting.php:5683 Stack trace: #0 /var/www/html/wp-includes/formatting.php(5683): urlencode(Array) #1 /var/www/html/wp-includes/class-wp-query.php(2183): wp_basename(Array) #2 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #3 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #4 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #5 /var/www/html/wp-includes/functions.php(1336): WP->main('') #6 /var/www/html/wp-blog-header.php(16): wp() #7 /var/www/html/index.php(17): require('/var/www/html/w...') #8 {main} thrown in /var/www/html/wp-includes/formatting.php on line 5683
}}}
http://localhost:8888/?author_name[]=admin
{{{
Fatal error: Uncaught TypeError: str_contains(): Argument #1 ($haystack) must be of type string, array given in /var/www/html/wp-includes/class-wp-query.php:2358 Stack trace: #0 /var/www/html/wp-includes/class-wp-query.php(2358): str_contains(Array, '/') #1 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #2 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #3 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #4 /var/www/html/wp-includes/functions.php(1336): WP->main('') #5 /var/www/html/wp-blog-header.php(16): wp() #6 /var/www/html/index.php(17): require('/var/www/html/w...') #7 {main} thrown in /var/www/html/wp-includes/class-wp-query.php on line 2358
}}}
http://localhost:8888/?feed[]=admin
{{{
Fatal error: Uncaught TypeError: str_contains(): Argument #1 ($haystack) must be of type string, array given in /var/www/html/wp-includes/class-wp-query.php:1018 Stack trace: #0 /var/www/html/wp-includes/class-wp-query.php(1018): str_contains(Array, 'comments-') #1 /var/www/html/wp-includes/class-wp-query.php(1868): WP_Query->parse_query() #2 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #3 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #4 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #5 /var/www/html/wp-includes/functions.php(1336): WP->main('') #6 /var/www/html/wp-blog-header.php(16): wp() #7 /var/www/html/index.php(17): require('/var/www/html/w...') #8 {main} thrown in /var/www/html/wp-includes/class-wp-query.php on line 1018
}}}",xknown
Last Week,60737,invalid_email or user_email ?,juliobox,Login and Registration,trunk,normal,minor,Awaiting Review,enhancement,new,dev-feedback,2024-03-10T21:40:10Z,2024-03-10T21:40:10Z,"Hey there,
I'm talking about login error keys.
Here are the 3 things we can find in the WP Core:
{{{#!php
add( 'invalid_email', __( 'Error: There is no account with that username or email address.' ) );
$errors->add( 'invalid_email', __( 'Error: The email address is not correct.' ) );
$errors->add( 'user_email', __( 'Error: The email address is not correct.' ), array('form-field' => 'email', ) );
}}}
The 1st is an error message when you try to login using an email address that is not used as a user in this site, the key is ""invalid_email""
The 2nd is an error message when you try to register a new user with an email address that is not correctly formatted, the key is ""invalid_email""
The 3rd is an error message when you try to update your personal profile with an email address that is not correctly formatted, the key is ""user_email""
So we have 2 keys and 2 messages (like ""A1 A2 B2"", should be ""A1 B2 B2"") but the message 2 is sharing both, we should clearly decide is ""invalid_email"" is when the email does not exists in our site OR when the email is not correctly formatted.
I suggest that the 2nd message should share the ""user_email"" and let the ""invalid_*"" for the login stuff, like we already have ""invalidcombo"" or ""invalid_username"" that shares the same kind of issue.
thanks for your reading time",juliobox
Last Week,60735,Problem: Updating failed. The response is not a valid JSON response,r3ndy,General,6.4.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2024-03-09T02:50:17Z,2024-03-09T12:20:40Z,"I encountered an error message when publishing or updating. Due to a mistake in a wrong sentence, the error message appears. You will get the error message ""Updating failed. The response is not a valid JSON response"". Why did it happen?
- WordPress 6.4.3 running theme GeneratePress.
- .htaccess file according to wp settings
- Permalinks postname settings
- Already started with HTTPS
- REST API no 404 error message",r3ndy
Last Week,60734,Deregistering Open Sans,ecv80,Script Loader,6.4.3,normal,normal,Awaiting Review,enhancement,new,,2024-03-09T02:15:43Z,2024-03-09T10:31:21Z,"I have wasted an entire day trying to figure out why my Open Sans styles were not applying. This is counterproductive/suboptimal.
As it turns out, Open Sans was packed in WP back in 2014, which is fine by me. More info: #28478
However it is **not** immediately **obvious** one needs to `wp_deregister_style('open-sans');` before he can register his own style.
Please, consider making an exception and make `wp_register_style()` automatically `wp_deregister_style(X)` if X equals 'open-sans'. Otherwise consider other courses of action that may prevent others from incurring in the same problem I did.
Thanks.
",ecv80
Last Week,60729,YouTube embed start=,chrdre,Embeds,6.4.3,normal,minor,Awaiting Review,defect (bug),new,,2024-03-08T07:24:54Z,2024-03-08T07:24:54Z,"Hi. I am experiencing an issue where I am seeing the video start time being either randomized or shifted for each load.
Expected behavior: YouTube video embedded with a timestamp like {youtube_url}start=5064, video starts at 1:24:24 each time video is loaded on a blog post.
Issue 1: if ""resize for smaller devices"" is active the start point is randomized before posting. E.g. at 5064 it start approximately 30 seconds before it should (say 5034). I shift the start time to 5094 to try and compensate, resulting in it starting earlier than previously (say 5004). I leave it at 5064 and publish the blog post, with the result of it starting at 0 seconds (incognito mode, fresh browser, logged in).
Issue 2: Resize for smaller devices is turned off. Now the first time the video is loaded it starts where it is supposed to start at 5064 seconds (steps: start video -> refresh page -> start video -> refresh -> ...). But, for each time the blog post is loaded and the viewers presses play, the start time shifts back approximately 30 seconds. This does not happen in incognito mode, here it loads at the correct timestamp each time the page is reloaded and video started.",chrdre
Last Week,60727,Allow fine-grained control of when to use oEmbed for providers outside the explicit list,MadtownLems,Embeds,,normal,normal,Awaiting Review,enhancement,new,,2024-03-07T18:30:45Z,2024-03-07T18:30:45Z,"WordPress maintains a list of appvoed oEmbed providers. Developers are able to add or remove providers from this list.
WordPress also attempts to see if URLs, outside the provider list, support oEmbed - and if they do, it uses oEmbed for them. Unfortunately, this is currently an ""all or nothing"" appraoch. You can either agree to use all these random sites oEmbed, or none. I'd love to see a filter added to control whether or not a specific URL, outside the provider list, should use oEmbed.
For reference, our specific use case is we want to continue supporting oEmbed for the vast majority of sites that support it - but we've identified some specific domains that do a poor job of oEmbed, and we'd like to only turn it off for those domains.",MadtownLems
Last Week,60722,incorrect display of mail due to outdated version of PHP mailer,studiodv,Mail,6.4.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2024-03-07T10:47:34Z,2024-03-19T10:21:13Z,"Good morning,
I am experiencing problems when displaying order confirmation emails and contact forms from multiple WordPress websites.
This code is displayed first in the emails:
Content-Type: text/html; charset=UTF-8
I've already been looking into what could be causing it. There it was indicated that it was due to the PHP Mailer version of WordPress. Could it be that the PHP Mailer update is not current with the new version (6.4.3) of WordPress?
Yours sincerely,
Diana",studiodv
Last Week,60721,redirect_canonical suddenly causes issues with paramter values and CDN,retrovertigo,Canonical,6.4.3,normal,minor,Awaiting Review,defect (bug),new,,2024-03-07T07:31:07Z,2024-03-07T07:31:07Z,"Hi there,
I was just wondering if anything has changed regarding https://developer.wordpress.org/reference/functions/redirect_canonical/?
`https://some-domain.tld/?my_param=a+a`
triggers a 301 redirect to
`https://some-domain.tld/?my_param=a a`
Now our CDN is set to pass URLs with `my_param` straight on to WordPress. Since that response with a 301, that's what gets cached by the CDN and causes a redirect loop.
Is that something new? I hadn't had that issue before, but also not 100% sure if I sent a value like ""a+a"" before. Trying to figure out why this redirect loop happens now after years.
I'll leave that ticket to be a bug, but if nothing has changed in redirect_canonical() then I guess it can just be closed.
Thanks for your help.",retrovertigo
Last Week,60718,"Awareness of permission after updating cores, themes and plugins",Girishpanchal,Upgrade/Install,trunk,normal,normal,Awaiting Review,enhancement,new,,2024-03-07T04:41:04Z,2024-03-07T05:46:41Z,"This is the major security concern now a day when people install/update plugins or themes on DEV/STAG/PROD after changing respective directory permission from **755** (7=rwx 5=r-x 5=r-x) to **777** (7=rwx 7=rwx 7=rwx)
Once installation/updation is complete, people forget to restore directory permission, and due to this, hackers might inject scripts into those directories.
To prevent this, we have to check directories and file permissions for it and give the notice on top of the admin section.
It will help to reduce security threats. ",Girishpanchal
Last Week,60717,Font Library: Add an ability to replace font,oglekler,General,trunk,normal,normal,Awaiting Review,enhancement,new,,2024-03-07T03:31:40Z,2024-03-17T18:54:01Z,"Instead of the error or notice that the font already exists, the font library should allow replacing the font. Sometimes a font can be corrupted for some reason, and you need to update it. So, the better flow should be to ask the users if they want to replace the font(s).",oglekler
Last Week,60716,"Font Library: Replace error message ""A font face matching those settings already exists"" with notice",oglekler,General,trunk,normal,normal,Awaiting Review,defect (bug),new,,2024-03-07T03:25:56Z,2024-03-17T18:53:45Z,"If the font already exists, it is not an error, and should not scare the user.",oglekler
Last Week,60713,remove 'array_merge(...)' is used in a loop and is a resources greedy construction. from generate_rewrite_rules,pbearne,Rewrite Rules,,normal,normal,Awaiting Review,defect (bug),assigned,has-patch,2024-03-07T00:06:18Z,2024-03-12T18:03:03Z,,pbearne
Last Week,60710,save_post_{$post->post_type} hook returns inconsistent $_POST['tax_input'] format,jenUnderscore_,Taxonomy,6.4.3,normal,normal,Awaiting Review,defect (bug),new,,2024-03-06T19:55:52Z,2024-03-06T19:55:52Z,"In the save_post_{$post->post_type} hook:
**Case 1**: If we do not make any changes to the taxonomy `$_POST['tax_input'][$term]` returns a comma delimited string WITH a space.
Output Example: ''Maple, Spring, Summer, Winter''
**Case 2**: If we modify the taxonomy (adding or removing), it eliminates the space:
Output Example: ''Spring,Summer,Winter''
Proposed solution, eliminate the space in the first case for consistency. ",jenUnderscore_
Last Week,60708,REST page 2 item 0 === page 1 item 99 when requesting 100 posts from a post type,vialars,REST API,6.4.3,normal,major,Awaiting Review,defect (bug),new,,2024-03-06T16:39:22Z,2024-03-11T06:51:24Z,"in our case of a custom WP post type default REST API call
page 2 item 0 === page 1 item 99
when requesting 100 items per page.
(as of writing this.)
Demo:
https://deananddavid.com/wp-json/wp/v2/catering_article?lang=de&orderby=menu_order&order=asc&_fields=acf,catering_category,featured_media,id,title&per_page=100&page=1
https://deananddavid.com/wp-json/wp/v2/catering_article?lang=de&orderby=menu_order&order=asc&_fields=acf,catering_category,featured_media,id,title&per_page=100&page=2
This is no issue when requesting 99 items per page.",vialars
Last Week,60698,Add optimized set lookup class.,dmsnell,General,trunk,normal,normal,Awaiting Review,feature request,new,,2024-03-06T01:18:34Z,2024-03-06T01:18:34Z,"In the course of exploratory development in the HTML API there have been a few times where I wanted to test if a given string is in a set of statically-known strings, and a few times where I wanted to check if the next span of text represents an item in the set.
For the first case, `in_array()` is a suitable method, but isn't always ideal when the test set is large.
{{{#!php
contains( '¬in' ) ) {
…
}
while ( true ) {
$was_at = $at;
$at = strpos( $text, '&', $at );
if ( false === $at ) {
$output .= substr( $text, $was_at )
break;
}
$name = $named_character_reference->read_token( $text, $at );
if ( false !== $name ) {
$output .= substr( $text, $was_at, $at - $was_at );
$output .= $named_character_replacements[ $name ];
$at += strlen( $name );
continue;
}
// No named character reference was found, continue searching.
++$at;
}
}}}
----
Further, because WordPress largely deals with large and relatively static token sets (named character references, allowable URL schemes, file types, loaded templates, etc…), it would be nice to be able to precompute the lookup tables if they are at all costly, as doing so on every PHP load is unnecessarily burdensome.
A bonus feature would be a method to add and a method to remove terms.
----
In [https://github.com/WordPress/wordpress-develop/pull/5373 #5373] I have proposed such a `WP_Token_Set` and used it in [https://github.com/WordPress/wordpress-develop/pull/5337 #5337] to create a spec-compliant, low-memory-overhead, and efficient replacement for `esc_attr()`.
The replacement `esc_attr()` is able to more reliably parse attribute values than the existing code and it does so more efficiently, avoiding numerous memory allocations and lookups.",dmsnell
Old Tickets,60696,Block hooks: Allow insertion of a hooked block with attributes,joshuaflow,Editor,,normal,normal,Awaiting Review,enhancement,new,has-patch,2024-03-05T21:07:33Z,2024-03-05T21:16:21Z,"Previously, the `hooked_block_types` and `hooked_block_{$hooked_block_type}` filters were introduced to allow templates to be extended with blocks by third parties.
While those two filters work well with unique blocks, they prove challenging when working with generic blocks that can be customized via attributes. Attempting to hook a block into an area that has already inserted the same block type, but with different attributes won't work with the existing filters.
[This PR](https://github.com/woocommerce/woocommerce/pull/44860) demonstrates how attempting to set attributes via the `hooked_block_{$hooked_block_type}` filter will overwrite all of the same block types that have been hooked in.
It may be possible that block hooks aren't the appropriate venue for this API, but a way to insert blocks with attributes into templates is quite useful, even in the context of the core editor.
**Requirements:
**
* [ ] Allow insertion of blocks with block attributes in a single filter
* [ ] Allow checking anchor block properties before inserting hooked blocks
* [ ] (optional, but preferred) Allow nesting hooked blocks onto previous hooked blocks",joshuaflow
Old Tickets,60695,Links in the admin-menu are generated incorrectly for mu-plugins,partiellkorrekt,Administration,,normal,normal,Awaiting Review,defect (bug),new,has-patch,2024-03-05T15:27:57Z,2024-03-05T16:05:37Z,"The function _wp_menu_output in wp-admin/menu-header.php checks if a file exists in the WordPress plugin directory. But it never checks if the file exists in the mu-plugins directory.
The result of this is that some plugins behave in an unexpected way when moved to mu-plugins. Especially their admin-menus stop working. One example of such a plugin is WPML.
E.g. lines 165-175:
{{{#!php
$arrow
"";
}
}}}
Not how the code in the 5th line only checks for WP_PLUGIN_DIR and not for WPMU_PLUGIN_DIR. This happens a few more times in this function.
",partiellkorrekt
Old Tickets,60694,INDEX command denied to user 'wordpress'@'localhost' for table 'wp_trp_dictionary_bg_bg_en_us',4x4ever,Upgrade/Install,6.4.3,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2024-03-05T15:14:32Z,2024-03-05T15:14:32Z,"Fresh install of Version 6.4.3. The only active plugin is TranslatePress - Multilingual Version 2.7.2 (Akismet and Hello Dolly are installed but not active).
Loggin in as admin, the following error is displayed:
INDEX command denied to user 'wordpress'@'localhost' for table 'wp_trp_dictionary_bg_bg_en_us'.
phpMyAdmin shows that the wordpress user does not have the 'INDEX' privilege.
Is there a reason why the INDEX privilege not be enabled for the wordpress database user?",4x4ever
Old Tickets,60693,"""Previously approved comment"" for logged out users bug",jmorti,Comments,6.4.3,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2024-03-05T14:30:41Z,2024-03-07T17:00:03Z,"When ""Comment author must have a previously approved comment"" is checked in the discussion settings, comments made by registered users who are logged out, go to moderation every time. The check comment function looks for previous comments under their user id but if they have only commented while logged out, no id is recorded. This bug has caused our users and our team major frustration. Can someone please address? Thanks!",jmorti
Old Tickets,60690,Consistency in Theme Update Warnings in Menu,Marc4,Menus,,normal,normal,Awaiting Review,enhancement,new,,2024-03-05T10:29:33Z,2024-03-05T10:29:33Z,"When plugins are plugins pending update, a warning appears under ""Plugins"". However, even if are pending theme updates, the same warning does not appear under ""Appearance"".
Considering that the security issues of an outdated theme can be the same as those of an outdated plugin, I think we should display the same warning in both cases.
In the following image you can see a site with an outdated theme and plugin. At a glance you can only see a warning about ""Plugins"", but no warning about ""Apparence"", only inside ""Apparence > Themes"".
Although ""Apparence"" has no updates, it would be nice to have the same warning as in ""Plugins"".
I am attaching pictures to illustrate this.",Marc4
Old Tickets,60689,Concerning use of external libraries,warui1738,External Libraries,,normal,normal,Awaiting Review,feature request,new,dev-feedback,2024-03-05T08:20:16Z,2024-03-05T10:17:53Z,"As you get more advanced in using wordpress the need arises to use external libraries like bootstrap,font library,icon libraries,tailwind etc,off course this can be added using insert code plugins.the biggest disadvantage of this is that
1.you cannot maintain libraries version
2.You cannot delete the libraries.
This problem can be solved through a feature request to create an interface to manage external libraries.In this feature:
1.User adds external libraries through a url
2.user can edit the libraries url
3.user can delete the libraries,libraries ceases to exist in the wordpress environment
4.Ability of the interface to distinguish/or give user opportunity to distinguish between and