Extended version of the Blueshoes PHP cheat sheet for variable type juggling


PHP Compatibility check for PHP_CodeSniffer


A suite of utility functions for use with PHP_CodeSniffer


A collection of code standards for use with PHP_CodeSniffer


Demo code for the "Don't work for PHPCS, make PHPCS work for you" talk


PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions



jrfnl delete branch trac-53635/php-8.1-null-handling-xmlrpc
Created at 2 hours ago
PHP 8.1: wp_xmlrpc_server::mw_newPost(): fix null to non-nullable deprecation (Trac 53635)

I believe this was superseded by #3187.

Correct. Thanks for getting the improved version merged!

Created at 2 hours ago
jrfnl delete branch trac-55656/php-8.1-wp_xmlrpc_server-fix-passing-null-to-non-nullable-x2
Created at 2 hours ago
PHP 8.1 | wp_xmlrpc_server::(mw_newPost|_insert_post)(): fix passing null to non-nullable and more

Thanks @SergeyBiryukov !

Created at 2 hours ago

Code Modernization: Fix null to non-nullable deprecations in wp_xmlrpc_server::mw_newPost().

The wp_xmlrpc_server::mw_newPost() method creates a new post via wp_insert_post(), but the default/fallback values used in the function were not in line with the default/fallback values used in the wp_insert_post() function.

The wp_insert_post() function does a wp_parse_args() (array merge) of the received arguments with the defaults. If any of the received arguments are null, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.

This commit:

  • Ensures that all arguments are defined before they are compact()'ed together to the arguments array.
  • Verifies that the default/fallback value of the arguments as set within the wp_xmlrpc_server::mw_newPost() method are the same as the default/fallback values used in the wp_insert_post() function.
  • Verifies that arguments which do not have a default/fallback value defined in the wp_insert_post() function are handled correctly.
  • This was not the case for $post_name, which would previously already get an empty string default value in the wp_xmlrpc_server::mw_newPost() function, but then in the wp_insert_post() function, this would prevent the slug generation from being activated. Fixed now by setting the default in the wp_xmlrpc_server::mw_newPost() function to null.
  • The page_template argument was handled, but not documented in the wp_insert_post() function. The argument is now documented in the wp_insert_post() function DocBlock. Note: There are more than likely several other potential arguments missing from that list, but verifying the whole list is outside the scope of this particular commit.

Includes minor simplifications, such as:

  • Setting a default ahead of an if, instead of in an else clause (as long as no function call is needed to set the default).
  • Removing the unnecessary logic duplication in the $post_status switch.
  • Using a combined concatenation + assignment operator for adding $post_more.

Fixes various errors along the lines of: {{{

  1. Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated

/var/www/src/wp-includes/formatting.php:2497 /var/www/src/wp-includes/class-wp-hook.php:308 /var/www/src/wp-includes/plugin.php:205 /var/www/src/wp-includes/post.php:2835 /var/www/src/wp-includes/post.php:2720 /var/www/src/wp-includes/post.php:4066 /var/www/src/wp-includes/class-wp-xmlrpc-server.php:5616 /var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315


  1. Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published json_decode(): Passing null to parameter #1 ($json) of type string is deprecated

/var/www/src/wp-includes/kses.php:2074 /var/www/src/wp-includes/class-wp-hook.php:307 /var/www/src/wp-includes/plugin.php:205 /var/www/src/wp-includes/post.php:2835 /var/www/src/wp-includes/post.php:2720 /var/www/src/wp-includes/post.php:4066 /var/www/src/wp-includes/class-wp-xmlrpc-server.php:5615 /var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315 /var/www/vendor/bin/phpunit:123 }}}

Follow-up to [1563], [4793], [7900], [16824], [19848], [40677], [51968].

Props jrf. See #55656.

git-svn-id: https://develop.svn.wordpress.org/trunk@54320 602fd350-edb4-49c9-b593-d223f7449a82

Code Modernization: Fix null to non-nullable deprecations in wp_xmlrpc_server::_insert_post().

The wp_xmlrpc_server::_insert_post() method creates a new post via wp_insert_post() or updates an existing one via wp_update_post(), which subsequently calls wp_insert_post(). However, the default/fallback values used in the function were not in line with the default/fallback values used in the wp_insert_post() function.

The wp_insert_post() function does a wp_parse_args() (array merge) of the received arguments with the defaults. If any of the received arguments are null, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.

Unfortunately, the conditional logic within the wp_xmlrpc_server::_insert_post() function itself often uses an isset() to trigger certain code blocks, so syncing the defaults with those used in the wp_insert_post() function was not an option.

This commit:

  • Updates the default/fallback values in the $defaults array only for those values where this would not lead to a change in the behavior of the function.
  • Adds a safeguard function, filtering out all remaining null values from the $post_data array before it is passed on to the wp_insert_post() or wp_update_post() functions. Removing those values is safe as this means that these array keys will now:
  • either be set to the default/fallback value as defined in wp_insert_post().
  • or not be set and for those values which don't have a default/fallback value in wp_insert_post(), the function does an ! empty() or isset() check anyway and those array keys not being defined means that the result of those checks will remain the same.


  • Removing a couple of conditions which are now redundant.
  • Removing an expectDeprecation() in the Tests_Date_XMLRPC test class, which is now no longer needed.

Fixes various errors along the lines of: {{{ 36) Tests_XMLRPC_wp_newPost::test_no_content json_decode(): Passing null to parameter #1 ($json) of type string is deprecated

/var/www/src/wp-includes/kses.php:2074 /var/www/src/wp-includes/class-wp-hook.php:307 /var/www/src/wp-includes/plugin.php:205 /var/www/src/wp-includes/post.php:2835 /var/www/src/wp-includes/post.php:2720 /var/www/src/wp-includes/post.php:4066 /var/www/src/wp-includes/class-wp-xmlrpc-server.php:1683 /var/www/src/wp-includes/class-wp-xmlrpc-server.php:1347 /var/www/tests/phpunit/tests/xmlrpc/wp/newPost.php:25 /var/www/vendor/bin/phpunit:123 }}}

Follow-up to [1563], [4793], [7900], [16824], [19848], [19873], [20632], [40677], [51968], [54320].

Props jrf. See #55656.

git-svn-id: https://develop.svn.wordpress.org/trunk@54321 602fd350-edb4-49c9-b593-d223f7449a82

PHP 8.1 | load_script_textdomain(): fix passing null to non-nullable

The $path parameter has a default value of null, but would be passed onto the untrailingslashit() function without any input validation, even though the untrailingslashit() function explicitly only expects/supports a string input.

Note: I'm explicitly not changing the untrailingslashit() function, but fixing this at the point where the invalid input is incorrectly (not) validated.

Includes adding a dedicated unit test for this issue.

This fix also allows to remove a couple of calls to expectDeprecation() in unrelated tests.


4) Tests_Dependencies_Scripts::test_wp_external_wp_i18n_print_order
rtrim(): Passing null to parameter #1 ($string) of type string is deprecated


Check parse_url() result in url_to_postid()

Fix url_to_postid() fix

WP_REST_Users_Controller::update_item(): bug fix

While looking at the code of the WP_REST_Users_Controller::update_item() method, I also noticed another bug.

At the start of the function, the user is retrieved and it is verified that this doesn't result in a WP_Error. Next, the WP_User $user variable is used to retrieve the user id.

Then in the next condition, it is checked if the $user is falsey. This condition would never match as WP_REST_Users_Controller::get_user() returns either a WP_User object or WP_Error and we already know it's not a WP_Error and an instantiated WP_User object will never evaluate to falsey.

As the WP_Error being thrown within the condition refers to an "invalid user id", I believe the intention of the code was to check that $id is not falsey, which would make more sense, as even though it would be unlikely that a WP_User object would not have a valid ID, that condition could potential match and trigger the WP_Error.

There are already tests in place which (try to) cover this code, but as the WP_REST_Users_Controller::get_user() method throws the same error, it went unnoticed that this condition is incorrect.

In all honesty, IMO, this whole condition can be removed as it is already handled by the call to WP_REST_Users_Controller::get_user()....

Created at 2 hours ago
Added auto escaped function `get_block_wrapper_attributes()` to list of escaped functions.

It looks like the function only supports a fixed set of attributes, see source code reference.

@peterwilsoncc Except it doesn't - arbitrary attributes passed via the parameter which are not in that list are added without any validation: https://github.com/WordPress/wordpress-develop/blob/2bb5679d666474d024352fa53f07344affef7e69/src/wp-includes/class-wp-block-supports.php#L198-L202

I'll pass you a code sample in private (wouldn't want to give anyone any ideas).

However, I think it would be good to modify WordPress to use esc_attr( $key ) for hardening purposes prior to adding the function to the safe list. Doing so will prevent issues in the event a bug is introduced at a latter date.

I'd highly improving the security. The security bug already exists, this is not a hypothetical future situation.

I wonder if this shouldn't use sanitize_key() instead of esc_attr() ?

Created at 4 hours ago

Administration: Allow to wrap Settings sections with custom HTML content.

This changeset improves the add_settings_section() function to allow developers to pass extra HTML mark-up to be rendered before and after the settings section. Extra argument $args can now be passed to the function, and is an array that can contain the following items:

  • before_section: HTML content to prepend to the section's HTML output. Receives the section's class name provided with the section_class argument via an optional %s placeholder. Default empty.
  • after_section: HTML content to append to the section's HTML output. Default empty.
  • section_class: The class name to use for the section. Used by before_section if a %s placeholder is present. Default empty.

The HTML passed using these extra arguments is escaped using wp_kses_post() just before rendering. This changeset also provides a set of unit tests for this new feature.

Props griffinjt, nacin, scribu, ross_ritchey, ryan, chriscct7, palmiak, rehanali, costdev, martinkrcho, chaion07, audrasjb, hellofromtonya. Fixes #17851.

git-svn-id: https://develop.svn.wordpress.org/trunk@54247 602fd350-edb4-49c9-b593-d223f7449a82

Shortcodes: Reverse wrapping of apply_shortcodes() and do_shortcode().

This changeset reverses the wrapping of apply_shortcodes() and do_shortcode() such that apply_shortcodes() is now the recommended function. In addition:

  • Calls to do_shortcode() have been changed to apply_shortcodes().
  • Some default filter callbacks have been changed from 'do_shortcode' to 'apply_shortcodes'.
  • Applicable documentation has been updated to refer to apply_shortcodes() instead.

Follow-up to [47004].

Props SergeyBiryukov, rafiahmedd, namithjawahar, peterwilsoncc, costdev. Fixes #55883.

git-svn-id: https://develop.svn.wordpress.org/trunk@54248 602fd350-edb4-49c9-b593-d223f7449a82

Security: Salting functions: translate the phrase "put your unique phrase here".

In wp_salt() WordPress pre-populates the check for duplicate salt values with the default put your unique phrase here. As the wp-config.php file for non-en_US can be translated in downloaded packages, a translated version of this phrase ought to be in the pre-populated duplicate values array too.

Props peterwilsoncc, SergeyBiryukov, whaze, costdev, audrasjb. Fixes #55937.

git-svn-id: https://develop.svn.wordpress.org/trunk@54249 602fd350-edb4-49c9-b593-d223f7449a82

Bootstrap/Load: Send HTTP headers after querying posts in WP::main().

By running WP::send_headers() after posts have been queried, we can ensure that conditional tags like is_front_page(), is_home(), etc. work as expected.

This provides better context and more flexibility when adjusting HTTP headers via the wp_headers filter or send_headers action.

Previously, the earliest action where conditional tags worked correctly was wp.

Includes moving the X-Pingback header, previously sent in WP::handle_404()​ after posts have been queried, to a more appropriate place in WP::send_headers().

Follow-up to [2627], [34442].

Props jonoaldersonwp, joostdevalk, peterwilsoncc, adamsilverstein, SergeyBiryukov. Fixes #56068.

git-svn-id: https://develop.svn.wordpress.org/trunk@54250 602fd350-edb4-49c9-b593-d223f7449a82

Editor: Backport hooks to filter theme.json data from Gutenberg to 6.1.

This changeset ports the work done in Gutenberg (released in 14.1) to add hooks to filter the theme.json data. Specifically, it adds the following filters: theme_json_default, theme_json_blocks, theme_json_theme, and theme_json_user.

For more details, see the following Gutenberg pull requests:

  • [https://github.com/WordPress/gutenberg/pull/44015 gutenberg#44015]: Make global styles data filterable
  • [https://github.com/WordPress/gutenberg/pull/44109 gutenberg#44109]: Prepare WP_Theme_JSON_Data class for backporting
  • [https://github.com/WordPress/gutenberg/pull/44159 gutenberg#44159]: Update hook's names from global_styles_* to theme_json_*

Props oandregal, czapla, gziolo, bernhard-reiter. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54251 602fd350-edb4-49c9-b593-d223f7449a82

Help/About: Add a help tab in Theme Install screen for the new "Block Themes" search filter.

Follow-up to [53906].

Props audrasjb, poena, robinwpdeveloper, webcommsat. Fixes #56405.

git-svn-id: https://develop.svn.wordpress.org/trunk@54252 602fd350-edb4-49c9-b593-d223f7449a82

Editor: Add box-shadow support for blocks through theme.json files.

This makes it possible to add box-shadow to specific blocks (such as buttons or groups), allowing this to be configured in block themes without custom CSS.

Props andrewserong, cbravobernal, madhudollu, scruffian, onemaggie. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54253 602fd350-edb4-49c9-b593-d223f7449a82

Coding Standards: Rename WordPress Dependencies API class files.

The current coding standards note that the name of the class files should be based on the class name with class- prepended, and the underscores replaced by hyphens (see the [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#naming-conventions Naming Conventions] section in the handbook), except for the three legacy files: class.wp-dependencies.php, class.wp-scripts.php, class.wp-styles.php.

To bring more consistency to the codebase and make it easier to implement autoloading in the future, this commit renames those three legacy files to conform to the coding standards:

  • wp-includes/class.wp-dependencies.phpwp-includes/class-wp-dependencies.php
  • wp-includes/class.wp-scripts.phpwp-includes/class-wp-scripts.php
  • wp-includes/class.wp-styles.phpwp-includes/class-wp-styles.php


  • Loading the new files from the old ones, for anyone that may have been including the files directly.
  • Replacing references to the old filenames with the new filenames.

Follow-up to [7970], [45654], [45662], [45663], [45678], [47197], [52026], [53749].

Props afragen, schlessera, swissspidy, dingo_d, hellofromTonya, SergeyBiryukov. Fixes #37861. See #55647.

git-svn-id: https://develop.svn.wordpress.org/trunk@54254 602fd350-edb4-49c9-b593-d223f7449a82

Media: Add caching to wp_count_attachments().

This changeset adds caching to wp_count_attachments(), for better consistency with wp_count_posts().

Props jeherve, antpb, mukesh27, robinwpdeveloper, costdev. Fixes #55227.

git-svn-id: https://develop.svn.wordpress.org/trunk@54255 602fd350-edb4-49c9-b593-d223f7449a82

Networks and Sites: Store main site id of a network in network options.

Instead of caching main site id an object cache, store main site id on a network options. This results in less database queries on sites without persistent object caching.

Props spacedmonkey, johnjamesjacoby, peterwilsoncc, desrosj. Fixes #55802.

git-svn-id: https://develop.svn.wordpress.org/trunk@54256 602fd350-edb4-49c9-b593-d223f7449a82

Editor: Sync changes from the Gutenberg plugin 14.1 release

Updated WordPress packages necessary for releasing WordPress 6.1 Beta 1:

  • @wordpress/a11y@3.17.1
  • @wordpress/annotations@2.17.2
  • @wordpress/api-fetch@6.14.1
  • @wordpress/autop@3.17.1
  • @wordpress/babel-plugin-import-jsx-pragma@4.0.1
  • @wordpress/babel-plugin-makepot@5.1.1
  • @wordpress/babel-preset-default@7.1.1
  • @wordpress/base-styles@4.8.1
  • @wordpress/blob@3.17.1
  • @wordpress/block-directory@3.15.2
  • @wordpress/block-editor@10.0.2
  • @wordpress/block-library@7.14.2
  • @wordpress/block-serialization-default-parser@4.17.1
  • @wordpress/block-serialization-spec-parser@4.17.1
  • @wordpress/blocks@11.16.2
  • @wordpress/browserslist-config@5.0.1
  • @wordpress/components@21.0.2
  • @wordpress/compose@5.15.2
  • @wordpress/core-data@5.0.2
  • @wordpress/create-block-tutorial-template@2.5.1
  • @wordpress/create-block@4.1.1
  • @wordpress/custom-templated-path-webpack-plugin@2.1.3
  • @wordpress/customize-widgets@3.14.2
  • @wordpress/data-controls@2.17.2
  • @wordpress/data@7.1.2
  • @wordpress/date@4.17.1
  • @wordpress/dependency-extraction-webpack-plugin@4.0.2
  • @wordpress/deprecated@3.17.1
  • @wordpress/docgen@1.26.1
  • @wordpress/dom-ready@3.17.1
  • @wordpress/dom@3.17.2
  • @wordpress/e2e-test-utils@8.1.1
  • @wordpress/e2e-tests@5.1.2
  • @wordpress/edit-post@6.14.2
  • @wordpress/edit-site@4.14.2
  • @wordpress/edit-widgets@4.14.2
  • @wordpress/editor@12.16.2
  • @wordpress/element@4.15.1
  • @wordpress/env@5.2.1
  • @wordpress/escape-html@2.17.1
  • @wordpress/eslint-plugin@13.1.1
  • @wordpress/format-library@3.15.2
  • @wordpress/hooks@3.17.1
  • @wordpress/html-entities@3.17.1
  • @wordpress/i18n@4.17.1
  • @wordpress/icons@9.8.1
  • @wordpress/interface@4.16.2
  • @wordpress/is-shallow-equal@4.17.1
  • @wordpress/jest-console@6.0.1
  • @wordpress/jest-preset-default@9.0.1
  • @wordpress/jest-puppeteer-axe@5.0.1
  • @wordpress/keyboard-shortcuts@3.15.2
  • @wordpress/keycodes@3.17.1
  • @wordpress/lazy-import@1.4.3
  • @wordpress/library-export-default-webpack-plugin@2.3.3
  • @wordpress/list-reusable-blocks@3.15.2
  • @wordpress/media-utils@4.8.1
  • @wordpress/notices@3.17.2
  • @wordpress/npm-package-json-lint-config@4.2.1
  • @wordpress/nux@5.15.2
  • @wordpress/plugins@4.15.2
  • @wordpress/postcss-plugins-preset@4.1.1
  • @wordpress/postcss-themes@5.0.1
  • @wordpress/preferences-persistence@1.9.1
  • @wordpress/preferences@2.9.2
  • @wordpress/prettier-config@2.0.1
  • @wordpress/primitives@3.15.1
  • @wordpress/priority-queue@2.17.2
  • @wordpress/project-management-automation@1.16.1
  • @wordpress/react-i18n@3.15.1
  • @wordpress/readable-js-assets-webpack-plugin@2.0.1
  • @wordpress/redux-routine@4.17.1
  • @wordpress/reusable-blocks@3.15.2
  • @wordpress/rich-text@5.15.2
  • @wordpress/scripts@24.1.2
  • @wordpress/server-side-render@3.15.2
  • @wordpress/shortcode@3.17.1
  • @wordpress/style-engine@1.0.1
  • @wordpress/stylelint-config@21.0.1
  • @wordpress/token-list@2.17.1
  • @wordpress/url@3.18.1
  • @wordpress/viewport@4.15.2
  • @wordpress/warning@2.17.1
  • @wordpress/widgets@2.15.2
  • @wordpress/wordcount@3.17.1

Props bernhard-reiter, cbravobernal, czapla, oandregal, isabel_brison, andrewserong, mciampini. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54257 602fd350-edb4-49c9-b593-d223f7449a82

Cron API: Add error logging and hooks to wp-cron.php.

This changeset adds error logging on wp_reschedule_event() and wp_unschedule_event in wp-cron.php. This allows proper error logging when random errors appear. It also introduces cron_reschedule_event_error and cron_unschedule_event_error hooks which can be used to trigger additional behaviors when an error occurs.

Props Enchiridion, johnbillion, costdev. Fixes #56048.

git-svn-id: https://develop.svn.wordpress.org/trunk@54258 602fd350-edb4-49c9-b593-d223f7449a82

Bootstrap/Load: Introduce is_*_admin_screen() aliases for is_*_admin() function family.

Following the introduction of is_login_screen() in [53884], it is time to reconsider the is_*_admin() functions:

  • is_admin(): Determines whether the current request is for an administrative interface page.
  • is_blog_admin(): Whether the current request is for a site's administrative interface, e.g. /wp-admin/.
  • is_network_admin(): Whether the current request is for the network administrative interface, e.g. /wp-admin/network/.
  • is_user_admin(): Whether the current request is for a user admin screen, e.g. /wp-admin/user/.

For someone new to WordPress, these names can be quite confusing, especially the last one. When using these functions, one always needs to remember that they don't actually check if the current user is a site administrator.

To complicate things further, there is one more similarly named function that does exactly the latter:

  • is_super_admin(): Determines whether user is a site admin.

With the above in mind, this commit introduces aliases that better match the functionality and allow for more descriptive code:

  • is_admin()is_admin_screen()
  • is_blog_admin()is_site_admin_screen()
  • is_network_admin()is_network_admin_screen()
  • is_user_admin()is_user_admin_screen()

Additionally, is_super_admin_user() is introduced as an alias for is_super_admin():

  • is_super_admin()is_super_admin_user()

Plugins and themes are encouraged to start using the newer function names to make code self-descriptive and bring more clarity. The older names are not deprecated at this time, though it may be up for discussion in the future.

Follow-up to [2481], [6412], [12393], [12732], [15558], [15481], [15746], [53884].

Props jrf, tobifjellner, SergeyBiryukov. See #56400.

git-svn-id: https://develop.svn.wordpress.org/trunk@54259 602fd350-edb4-49c9-b593-d223f7449a82

Editor: Introduces fluid typography and uses Style Engine.

This commit introduces fluid typography block supports and switches to use the Style Engine for typography and colors.

The motivation for fluid typography block supports:

"Fluid typography" describes how a site's font sizes adapt to every change in screen size, for example, growing larger as the viewport width increases, or smaller as it decreases.

Font sizes can smoothly scale between minimum and maximum viewport widths.

Typography changes introduced from Gutenberg:

  • Uses the Style Engine to generate the CSS and classnames in wp_apply_typography_support().
  • Introduces wp_typography_get_preset_inline_style_value() for backwards-compatibility.
  • Introduces a private internal function called wp_get_typography_value_and_unit(), for checking and getting typography unit and value.
  • Introduces a private internal function called wp_get_computed_fluid_typography_value(), for an internal implementation of CSS clamp().
  • Deprecates wp_typography_get_css_variable_inline_style().


  • [https://github.com/WordPress/gutenberg/pull/40332 WordPress/gutenberg PR 40332] Style Engine: add typography and color to backend
  • [https://github.com/WordPress/gutenberg/pull/39529 WordPress/gutenberg PR 39529] Block supports: add fluid typography

Follow-up to [53076], [52302], [52069], [51089], [50761], [49226].

Props ramonopoly, youknowriad, aristath, oandregal, aaronrobertshaw, cbirdsong, jorgefilipecosta, ironprogrammer, hellofromTonya. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54260 602fd350-edb4-49c9-b593-d223f7449a82

Chore: Run browserslits update

Follow-up [54257]. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54261 602fd350-edb4-49c9-b593-d223f7449a82

Users: Make wp_list_authors() and wp_list_users() filterable.

This commit adds three filters to customize the wp_list_authors() and wp_list_users() output:

  • wp_list_authors_args: Filters the query arguments for the list of all authors of the site.
  • pre_wp_list_authors_post_counts_query: Filters whether to short-circuit performing the query for author post counts. This may be useful to account for custom post types or post statuses.
  • wp_list_users_args: Filters the query arguments for the list of all users of the site.

Follow-up to [979], [3848], [5135], [5727], [31653], [52064], [53486], [53501].

Props kevinB, wonderboymusic, DrewAPicture, Mte90, audrasjb, rafiahmedd, costdev, nacin, afercia, chetan200891, hellofromTonya, TimothyBlynJacobs, chaion07, SergeyBiryukov. Fixes #17025.

git-svn-id: https://develop.svn.wordpress.org/trunk@54262 602fd350-edb4-49c9-b593-d223f7449a82

Editor: Add post types property to wp-rest-block-patterns-controller.php.

Backports PHP changes in WordPress/gutenberg#41791 to the core. Adds the post types property to the rest API patterns endpoint.

Props mcsf, ntsekouras, matveb. See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54263 602fd350-edb4-49c9-b593-d223f7449a82

Build/Test Tools: Enable debugging when rerunning a failed workflow.

Follow up to [53947], [54039].

Fixes #56407.

git-svn-id: https://develop.svn.wordpress.org/trunk@54264 602fd350-edb4-49c9-b593-d223f7449a82

Media: Respect EXIF Rotations.

Previously, the logic to determine EXIF rotation information was not providing the correct rotation. This patch respects the information properly by swapping some of the flip() logic on certain rotations.

Props tbember, SergeyBiryukov, costdev, mikeschroder, adamsilverstein. Fixes #54937.

git-svn-id: https://develop.svn.wordpress.org/trunk@54265 602fd350-edb4-49c9-b593-d223f7449a82

Taxonomy: Standardise the format used to describe arguments passed to actions and filters inside wp_insert_term() and wp_update_term().

Props SergeyBiryukov, mboynes

Fixes #55441

git-svn-id: https://develop.svn.wordpress.org/trunk@54266 602fd350-edb4-49c9-b593-d223f7449a82

Created at 5 hours ago
Added auto escaped function `get_block_wrapper_attributes()` to list of escaped functions.

P.S.: thanks for persisting in trying to get the CI to pass ;-)

Created at 6 hours ago
Added auto escaped function `get_block_wrapper_attributes()` to list of escaped functions.

@lewis-elborn No worries, but now (aside from the PR needing a test) the question remains whether the function should be added, so my remark about this above.

Created at 6 hours ago
Error on Php8.1

Note: I do see some weird stuff going on in that repo, but not sure if it is related and you should probably report all that to the maintainers of that package:

  • The ruleset.xml file contains a <config name="installed_paths" ... directive. This should generally not be used in an installable external standard and may be the cause of the problem.
  • That <config name="installed_paths"... directive "registers" paths to at least two other external standards which aren't being installed.
  • The composer.json file includes at least one external standard which includes the dealerdirect/phpcodesniffer-composer-installer Composer plugin, which will actually register the installed external standards correctly.

Based on this, I have a feeling this is an issue with the external standard you are using doing things wrong and not something which needs to be solved in PHPCS.

Created at 7 hours ago
Error on Php8.1

Tried to reproduce and failed.

  1. I created a new project.
  2. Ran composer require --dev geolid/phpcs
  3. Created a simple dummy file to run tests on.
  4. Copied the phpcs.xml.dist file to the project root and adjusted the file directive.
  5. Ran vendor/bin/phpcs -ps . and saw the expected CS errors and no errors related to the LocalFile class.

Ran with PHPCS develop and PHP 8.1.10.

In other words, please post an exact reproduction scenario as, as things are, the issue is not reproducible.

Not sure what you mean by external standards

The geolid/phpcs package is an external standard which provides a ruleset.

Created at 7 hours ago
Error on Php8.1

I'll have a look see, but may still need more information.

php vendor/bin/phpcs
php vendor/bin/php-cs-fixer fix --dry-run --diff

Just FYI: php-cs-fixer is a completely different tool. The fixer which is included with PHPCS can be called using phpcbf.

Created at 7 hours ago
issue comment
Object instantiation

@dingo-d Actually, I realized that for the whitespace issue in "Incorrect" a param could also be used.

As for the code change, yes, something like that, though maybe keep the param name more "generalized" ? i.e. $param, $bar, $input or something.

Created at 7 hours ago
Added auto escaped function `get_block_wrapper_attributes()` to list of escaped functions.

@jrfnl Sorry, I'm finding my way around pull requests for the first time. I only wanted to edit one line, but the Basic QA checks failed.

That's fine. You can run composer check-cs on the command line to see what is being flagged and composer fix-cs should be able to auto-fix most issues.

For additional guidelines - like adding tests to cover your change - please have a look at the CONTRIBUTING docs.

Created at 7 hours ago
Rename the namespace

Alos, I keep reading "PHP CSS Tandards". 😅

You mean "PHP CSS Tandarts" ? 😁 (For anyone watching, Dutch joke, just ignore)

Created at 7 hours ago
issue comment
Non-Emulative Lexer defines tokenizer constants of future PHP versions

I have tried to check with develop version too(versions : * 10.x-dev, * dev-develop), but was still seeing it. So, i have created a new issue PHPCompatibility/PHPCompatibility#1351

I'll have a look over the next few days.

Created at 7 hours ago
Added auto escaped function `get_block_wrapper_attributes()` to list of escaped functions.

Please undo all the (incorrect) CS changes and only make the change you are actually proposing.

Also, I've had a quick look at the get_block_wrapper_attributes() function and the $key used is not escaped and as it is not a hard-coded value, this leaves the code wide-open to all sorts of injection, so until that function is actually made safe, I would not recommend adding it to the "safe" functions list. This should probably be flagged up for the @WordPress/security-team ...


Created at 8 hours ago
jrfnl delete branch feature/ghactions-composer-no-interaction
Created at 8 hours ago
issue comment
Non-Emulative Lexer defines tokenizer constants of future PHP versions

@harikagujjula I'm fairly certain that was fixed already in PHPCompatibility, but will double-check.

Created at 8 hours ago
Error on Php8.1

@Kleinast Could you please elaborate how you got this deprecation notice and how it can be reproduced ?

  • What type of setup are you using ? (Composer, PHAR, etc)
  • How are you running PHPCS ? (CLI, via IDE, etc)
  • What command are you using ?
  • Are you using a custom ruleset or one of the build-in rulesets ? And if so, which ?
  • Are you using any external standards ?
Created at 13 hours ago
Fix php 8.1 error for trim() function

Hang on - just now seeing issue #3677. Will continue there.

Created at 13 hours ago
Fix php 8.1 error for trim() function

@Kleinast Could you please elaborate how you got this error ? If PHPCS is used as intended, that error shouldn't be possible...

Created at 13 hours ago
Proposal: drop support for PHPCS < 3.7.0/3.7.1

@MarkMaldaba I'm glad to hear the additional explanations clarified sufficiently why this decision is needed.

With that, I will start the process of dropping support for PHPCS < 3.7.1 in the coming days.

Re: the composer issue, whether or not this is an issue depends on what the dependencies look like. I will play with this a bit more and raise a separate ticket if I think there's anything further to discuss.

Please do play with it and let us know how you get on. As I said before, we won't be providing support anymore for non-Composer based installs, but I can imagine adding a wiki article explaining how to do it if needs be.

Created at 15 hours ago