#61781 closed defect (bug) (fixed)
Use unadulterated WP version in `is_wp_version_compatible()`
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 6.7 | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | General | Keywords: | has-patch has-unit-tests |
| Focuses: | Cc: |
Description
Follow up to #61627.
In [58813] the helper function wp_get_wp_version() was introduced as a way of getting the WordPress version without relying on the $wp_version global. This is to bypass bugs introduced by plugins modifying the value for reasons of security through obscurity.
As is_wp_version_compatible() currently uses the $wp_version global, such a plugin would affect and break the function. Now a helper function exists for getting the unmodified value it would be good to use it.
Test suite considerations: The tests for is_wp_version_compatible() currently modify the value of the WordPress version in order to test that the function works as expected with alpha, beta, RC and WordPress-Develop. The code will need to be written in such a way that this can continue to be tested.
Change History (6)
This ticket was mentioned in PR #7104 on WordPress/wordpress-develop by @costdev.
9 months ago
#1
- Keywords has-patch has-unit-tests added
#2
@
9 months ago
I recommend using get_bloginfo( 'version', 'display' ) for anything that prints the "global", and rely on wp_get_wp_version() otherwise. This way, we never have to call the "global" directly.
In addition to addressing is_wp_version_compatible(), list_core_update() might also need to change where it gets its $wp_version.
This implements the new
wp_get_wp_version()helper function to get the unmodified WordPress version for compatibility checks.A new global,
_wp_tests_wp_versionhas been introduced to allow for testing against different "current" WordPress versions.