WordPress 4.2.4 Release Candidate 1

tl;dr WordPress 4.2.4 RC1 is available (download) for testing and fixes an issue with inline scripts.

A change in WordPress 4.2.3 had the unintentional side effect of breaking some inline scripts when the CDATA block is used (see #33106). For example, consider the intended content here:

<script>// <![CDATA[
_my_function('data');
// ]]>
</script>

In 4.2.2, this content is left as is and _my_function() fires as expected. In 4.2.3, the content is manipulated as such:

<script>// <![CDATA[ _my_function('data'); // ]]></script>

This results in the script being commented out by the // and it will not fire. A workaround for this is to use /* for commenting.

<script> /* <![CDATA[ */ _my_function('data'); /* ]]> */ </script>

However, this workaround should not be necessary. As a result, we intend on releasing WordPress 4.2.4 to fix this issue.

Additionally, WordPress 4.2.3 caused issues when using shortcodes within angle brackets (see #33116). For example, this shortcode usage worked in 4.2.2 but did not work in 4.2.3:

<[shortcode]>

While we do not recommend this use of shortcodes and strongly encourage plugin developers to move away from this use of shortcodes, the breakage was unintentional and we have restored the behavior in WordPress 4.2.4 RC1.

Please download and test WordPress 4.2.4 RC1 and report any issues to core trac or to this post.

#4-2, #4-2-4

Changes to the Shortcode API

Earlier today, we released WordPress 4.2.3, which includes a relatively large security fix that affects the Shortcode API. Due to the nature of the fix – as is often the case with security fixes – we were unable to alert plugin authors ahead of time, however we did make efforts to scan the plugin directory for plugins that may have been affected.

With this change, every effort has been made to preserve all of the core features of the Shortcode API. That said, there are some new limitations that affect some rare uses of shortcodes.

Reminder: Never, under any circumstances, should you hack core files. This includes downgrading specific files. Doing so could have unintended consequences on your WordPress installation, including major security implications.

Basic Shortcode Usage

A brief explanation on the original purpose of shortcodes will help to explain the change. In a basic post, like this example, shortcodes are used to insert dynamic code:

Here are my images. [gallery]

Here you can see that the shortcode stands on its own as a dynamic element within the blog post content. This is the central premise of the Shortcode API: make it easy to insert blocks of dynamic code.

Shortcodes with Filtered Styles

In today’s release of WordPress 4.2.3, however, we’ve added some new limitations that affect some existing plugins. Take, for example, the following shortcode, which is no longer recognized:

<div style="background-image: url('[shortcode]');">

The shortcode in the example above appears in a context that is no longer supported. Further, this use of a shortcode stretches the imagination for how the Shortcode API was intended to be used. Fortunately, there are some workarounds still available, so that site administrators are not overly restricted in their use of HTML.

Workaround

The following example still functions as expected and is considered more acceptable:

<div [shortcode]>

Going forward, plugins implementing shortcodes for inline styles should output the entire style attribute rather than a bare value. Keep in mind that this workaround – just as the original example above – is only available to administrators and editors (i.e. only roles with unfiltered_html). Less-privileged users are still prevented from using shortcodes to output whole attributes in this manner. If a plugin is intended to work with author and contributor roles, we recommend that the plugin output an entire <div>.

Shortcodes with Bad Quotes

The following example is also no longer allowed:

<a href="/[shortcode query="?ref="]">

In the above situation, the shortcode is now properly recognized as HTML and it is rejected by the API. Apart from the example being confusing, WordPress cannot parse that shortcode.

Workaround

Instead, either of the following examples would be appropriate:

Example 1: <a href="/[shortcode query='?ref=']">
Example 2: <a href='/[shortcode query="?ref="]'>

Administrators as well as lesser-privileged authors can continue to use shortcodes in this way, as long is it conforms to the usual HTML filtering rules. However, as explained in the first example, administrators are now somewhat limited in this situation in one case: if the content in this href attribute is generated by a shortcode that does not conform to the HTML filters, then the shortcode is rejected for all users.

We do not make this change lightly and understand that it may affect some usecases. The above examples and explanations should help plugin authors make the modifications needed to support the Shortcode API.

#4-2, #4-2-3, #dev-notes, #plugins, #shortcodes

New Customizer Media Controls in 4.3 and 4.2

Over the past several releases, the Customizer API has drastically improved its built-in media controls, empowering developers to leverage the power of the WordPress media management experience in themes and plugins with ease. WordPress 4.1 refactored the image and upload controls to leverage the media modal for the first time (see #21483). 4.2 abstracted this functionality to a new base media control class. And now in WordPress 4.3, we’ve added a control for cropped images. In this post, I’ll outline the recent changes in Customizer media controls and explain the differences between the available controls.

WP_Customize_Media_Control

Before WordPress 4.2, all Customizer media controls saved the file url to their corresponding settings. While this facilitates quick access when using the value of the setting in themes and plugins, it makes it more difficult to access other information about that attachment, such as its title/caption, mime type, or in the case of images, accessing specific image sizes.

WP_Customize_Media_Control was introduced to allow this paradigm to change while maintaining backwards compatibility for the existing WP_Customize_Upload_Control and WP_Customize_Image_Control, which now extend the media control class (see #29215). The media control will save the attachment id for the selected media file to the Customizer setting, rather than the file URL. However, note that the default value of the setting must still be a URL, since a default attachment id doesn’t really make sense.

The media control can be used for any type of media, be it an image, audio, video, PDF document, or any other file format that your server supports. To restrict a media control instance to a particular type of content, use the mime_type parameter when adding the control:

$wp_customize->add_control( new WP_Customize_Media_Control( $wp_customize, 'audio_control', array(
	'label' => __( 'Media Control (audio)' ),
	'section' => 'media',
	'mime_type' => 'audio',
) ) );

When working with a setting corresponding with a media control, the sanitize_callback should generally be absint(), since a numerical id is expected. When using get_option() and get_theme_mod(), functions such as wp_get_attachment_url(), wp_get_attachment_image(), wp_get_attachment_image_src(), and even get_post() are useful depending on your needs, with each function taking the attachment id (value of the setting) as a parameter.

The full power of WP_Customize_Media_Control is realized when the control is extended to implement additional custom functionality in a custom child control. WP_Customize_Cropped_Image_Control is a great example of this in core. The core Customizer control classes provide several working examples of this; see wp-includes/class-wp-customize-control.php and wp-admin/js/customize-controls.js.

WP_Customize_Cropped_Image_Control

New in WordPress 4.3, WP_Customize_Cropped_Image_Control extracts functionality from the header image control to allow an image to be cropped to specific dimensions (see #29211). This offers a better user experience than automatic cropping in many cases when images of a certain size or aspect ratio are required in themes and plugins. In core, the new site icon feature relies heavily on the cropped-image control, implementing a child custom control to add additional site-icon-specific functionality.

The cropped image control comes with four custom parameters in addition to those available in the media control. These are used to specify the required (or recommended) image dimensions, as well as specifying whether alternative dimensions are allowed (the flex options). Here’s a typical usage when adding a cropped-image control:

$wp_customize->add_control( new WP_Customize_Cropped_Image_Control( $wp_customize, 'cropped_image', array(
	'section'     => 'background_image',
	'label'       => __( 'Croppable Image' ),
	'flex_width'  => true, // Allow any width, making the specified value recommended. False by default.
	'flex_height' => false, // Require the resulting image to be exactly as tall as the height attribute (default).
	'width'       => 1920,
	'height'      => 1080,
) ) );

The cropped-image control creates a child attachment of the original image attachment object for the cropped image, preserving the original version. The cropped-image attachment is given a context based on the control id (with _ replaced by -). The core control doesn’t currently use this, but it could be leveraged to query for previously-cropped images for a specific control to add a library feature in the future or in child controls. Be mindful that a version of the control id is stored in the database for cropped image attachments.

As with the media control, the cropped-image control saves the attachment id instead of the image URL. This can be useful for querying specific sizes of the image, but you’ll typically want the full size image at the cropped dimension. wp_get_attachment_image_src( absint( get_option( 'cropped_image_setting' ) ) ) should do the trick if that’s the case, when outputting the value of the setting.

#4-2, #4-3, #customize, #dev-notes, #media, #media-modal

Spinners and dismissible admin notices in 4.2

There are two UI component changes in 4.2 aimed at better experiences moving forward that may affect plugin and theme authors. The first is the spinner element, which does come with a non-critical visual breaking change. The second is admin notices, which are an enhancement and do not affect current implementations.

Core’s spinner is implemented using the .spinner class. Up until now, spinners have been hidden using display: none and then toggled using jQuery’s .show()/.hide() methods. While this works, it has two fundamental problems: it ties us to jQuery-specific helpers, and more importantly, does not reserve the space for the spinner when hidden, leading to elements moving around on the screen whenever the spinner would toggle. The more appropriate solution would be to use CSS’s visibility property, which does reserve the visual space, and control that visual behavior via a class so that any future changes to CSS are inherited by anybody using that component.

To that end, to show a spinner, you should now add a class of .is-active to the spinner element, and remove that class when it’s no longer active. This state-communicating naming convention is a part of some of our longer-term goals when it comes to semantic markup, so also take note of that. The breakage here is that spinners will no longer show using jQuery’s .show() method, as all it does is set an inline CSS display property, and so you will need to account for that going forward. The best thing to do would be to update to toggling the class as noted, and if maintaining compatibility in the short term with older versions of WordPress is a concern, detect the version and inject CSS into admin_head that applies display: inline-block to .spinner.is-active. There are other methods for handling version compatibility as well, but this is likely to be the method that is most maintainable and easy to immediately understand. Work on this was handled in #22839.

The second UI component that we’ve improved in a more visible manner is admin notices. Admin notices are often a source of confusion – if you publish a post and then refresh the edit screen, you’ll still get the notice that you’ve published the post, leading you to wonder if you’ve published it twice or what exactly is going on. They’re also distracting, takes up precious space, and can cause visual fatigue, leading to users ignoring notices that really do need their attention. So, we’ve done two things: one, we’ve made the vast majority of core notices user-dismissible (#31233), and two, we’ve also made sure those notices won’t come back when you refresh the page and have JavaScript on/working (#23367).

Any notice can now be made dismissible by ensuring the it has the classes .notice and .is-dismissible (recognize that naming convention?). Core handles adding the close button and removing the notice for you. However, for the best possible user experience, you should ensure that those notices will not come back on a page refresh or when navigating to another page. There are two different paths for this. The first applies to notices that are added when a query arg is present in the URL, such as message=6. Core will now remove certain query args and use JS to replace the URL in the browser with that “cleaned up” version. By default, core handles 'message', 'settings-updated', 'saved', 'update', 'updated','activated', 'activate', 'deactivate', 'locked', 'deleted', 'trashed', 'untrashed', 'enabled', 'disabled', 'skipped', 'spammed', and 'unspammed'. To add (or remove) items to this array to accommodate your needs, use the removable_query_args filter.

The second path, for notices that persist across different page loads, is to bind to the click event on the .notice-dismiss element in your own notice and trigger whatever it is your plugin may need to do to remember that the notice has been dismissed, such as storing a site or user option using Ajax. A note of caution that in an ideal scenario, core would eventually provide a framework for persistently dismissible notices that are not tied to query args, so be prepared for future changes if you choose to use this method.

#4-2, #dev-notes

WordPress 4.2 Field Notes

WordPress 4.2 includes both new and improved features. It also includes changes under the hood.  While I’m sure you’ve been testing your themes, plugins, and sites in preparation for the release, you may have missed the announcements of all the changes. Here is a quick rundown of developer related things you should know:

Additionally, the bundled version of jQuery UI has been upgraded from 1.11.2 to 1.11.4 and jQuery to 1.11.2.  The team also fixed 231 defects reported againgst previous versions of WordPress.  Please continue testing in preparation for the imminent 4.2.0.   WordPress wouldn’t be where it is without you.

UPDATE: Add information on spinners and admin notices.

#4-2, #dev-notes, #field-guide

TinyMCE views API improvements

In WordPress 4.2 there will be changes to the experimental TinyMCE views API. We don’t recommend this for use in production unless you closely follow the development.

If you’re using it we’d love to get some feedback: bugs, suggestions, things you wish you could do with it… You’re also welcome to leave a comment with a link to your project. I’d love to know what kind of content you’re using it for and how you’re using it.

Summary of the changes:

  • Simpler registration.
  • An easier way to update the view in the edit method.
  • You can choose to leave the text instead of replacing it with a loader. This is especially useful for our oEmbed views because we don’t know if the URL can be embedded until we get a response from the server.
  • You can now update the view text with a text of a different type (e.g. audio to playlist).
  • No need to use the setIframes method directly, render and setContent will handle it for you.
  • Already rendered views will never refresh again while editing other content. They do refresh when undoing or redoing things though, because TinyMCE resets the whole content unfortunately.
  • Options set in the match method (previously toView) will be added automatically to the view instance.
  • A couple of memory leaks were fixed and there’s a better way to bind and unbind views.
  • We added documentation for all the methods.

How to use the API

Registration:

window.wp.mce.views.register( 'unique_name', {
	...
} );

If you’re converting shortcodes to views, make sure unique_name is the same. They’ll be matched automatically. If you’re interested in custom matching, take a look at the embedURL registration in core.

If the content of your view is static, you can set the content property directly, if it is dynamic, overwrite getContent. In most cases an ajax request is needed to generate the content, so use the initialize method and cache the content. Passing it through render will cache it automatically.

This example will display the most recent images.

initialize: function() {
	var self = this;

	wp.ajax.post( 'query-attachments', {
		query: {
			post_mime_type: 'image'
		}
	} )
	.done( function( response ) {
		self.render( _.map( response, function( data ) {
			return '<img src=' + data.sizes.thumbnail.url + ' alt=' + data.alt + '>';
		} ).join( '' ) );
	} );
}

To add UI for editing a view, you need to add an edit method. This example is taken from the gallery view. Use the callback to update the view with the modified text (shortcode).

edit: function( text, update ) {
	var frame = wp.media.gallery.edit( text );

	frame.state( 'gallery-edit' ).on( 'update', function( selection ) {
		update( wp.media.gallery.shortcode( selection ).string() );
	} );

	frame.on( 'close', function() {
		frame.detach();
	} );
}

It is not recommended to run JavaScript in the editor iframe. If you need to run scripts it is best to use a sandbox iframe inside the view. The API will automatically do this for you if it detects scripts in your content. For example the Google Maps API might alter the editor’s iframe body. This is not acceptable because the body content is serialised by TinyMCE on saving.

In this example the content will be put in an iframe and you can do anything you want in that document.

content: [
	'<script src="//maps.googleapis.com/maps/api/js?sensor=false"></script>',
	'<style>img { max-width: none; }</style>',
	'<div id="map" style="width: 100%;height: 500px;"></div>',
	'<script>new google.maps.Map( document.getElementById( "map" ), { zoom: 0, center: new google.maps.LatLng( 0, 0 ) } )</script>'
].join( '' )

If you do want to run scripts, use the bind and unbind methods and make sure there are no memory leaks.

#4-2, #dev-notes

4.2 Release Dry Run

In preparation for a Thursday release, I’d like to do a dry run for 4.2 on Wednesday 15:00 UTC 2015.

The goal would be to complete the dry run and freeze for about a day prior to release. We’ve pushed the scheduled release date by a day due to the 4.1.2 security release that went out on Tuesday morning.

The dry run will include:

  • Testing various features, including Press This and the Customizer Theme Switcher
  • Generally testing the admin and common features using a multitude of devices and browsers, most notably mobile Safari on IOS and IE8
  • Running our usual unit tests including the specialty groups like multisite and AJAX
  • Doing scratch installs and upgrades from a variety of older versions

If we’re satisfied with the results of the dry run, then we’ll freeze. If not, we’ll discuss our options and make a contingency plan going forward.

If you’d like to help out and participate, we’d love to have you. Please come prepared to test!

#4-2, #dry-run

4.2 Scrub

We’ll be scrubbing report 6 in the #core channel on Slack in about 20 minutes at Tuesday 18:00 UTC 2015. Join us!

@azaozz @dd32 @nacin @helen @sergeybiryukov @ocean90 @wonderboymusic @mark @johnbillion @jorbin @boone @jeremyfelt @pento

#4-2

This Week in 4.2: April 20 – 26

This is the jump-start post for the fourteenth (and final!) week of the WordPress 4.2 release cycle.

Last week, we tagged RC1 and “hard froze” strings. We’ll likely tag RC2 today as well. We’re still on track for releasing 4.2 this week.

Core Meetings this week:

Priorities this week:

All commits in RC stages must be approved by at least one lead developer, preferably two.

Please, if you’re patching open tickets, ensure you’ve provided enough context on tickets for your fixes to help out those leads who may be coming along to review them.

As of Monday, there are 14 open tickets on report 6:

  • #31651 – Change Twemoji CDN to W.org – @pento
  • #31988 – TinyMCE: pasting an embeddable URL in Firefox doesn’t show preview – @azaozz
  • #24054 – (get_)comment_class() should include a is_user_member_of_blog() class – @jeremyfelt
  • #31669 – views improvements continued – @azaozz
  • #31890 – Link to existing content added in Text Editor disappear after switch to Visual editor and back – @azaozz
  • #31929 – 4.2 About Page
  • #31984 – Shiny Updates – some glitches – @jorbin
  • #31987 – Theme Customizer: Widget search field hidden in Safari – @helen
  • #32002 – Theme Switcher: Missing back button and marking active theme – @helen
  • #32004 – Audio/video list and gallery – date dropdown and message – @helen
  • #32006 – Problem with setting width and height of embedded media – @azaozz
  • #32007 – Twenty Fifteen: Image captions are shifted down in TinyMCE – @azaozz
  • #32022 – Press This: Margin is too big forcing wrapping on mobile – @azaozz
  • #32000 – Some translators comments – @SergeyBiryukov

Recent notable updates:

#4-2, #jump-starts

WordPress Core Weekly

Howdy! Sorry, I dropped the ball last week so this week’s Weekly Roundup is a double issue — it covers April 4, 2015 [32003] to April 18, 2015 [32140].

This week marks the release of RC1, which is the first release that many plugin authors and beta testers will test heavily. If you don’t already, now is a good time to check out the Alpha/Beta forums for any issues that crop up during this testing cycle.

We’re only days away from the release of 4.2; let’s finish strong! 🏃👏 Here’s the rundown of recent changes:

TinyMCE

  • Update to 4.1.9+. Changes:
    • Fixed bug where extra empty paragraphs would get deleted in WebKit/Blink due to recent Quriks fix.
    • Fixed bug where the editor wouldn’t work properly on IE 12 due to some required browser sniffing.
    • Fixed bug where formatting shortcut keys where interfering with Mac OS X screenshot keys. [32058] #31895
  • Disable the wp-autoresize plugin in iOS. All iframes there are already expanded to the height of the content document. [32095] #31937
  • Update the “Keyboard Shortcuts” modal. [32060] #29558
  • Fix our shortcuts on Mac, use Ctrl + Opt + letter. [32059] #29558
  • Use window.twemoji directly in the wpemoji plugin. Gives a chance to the browser to lazy load twemoji.js when reloading the page. [32142] #31901
  • Remove the empty paragraph that sometimes is left over after adding an image caption. [32141] #32003

wpView

  • Remove selected views when inserting content but not when loading all content, and remove the ref. to the selected view node on resetting the views. [32140] #31998
  • Resize sandbox iframes on load. [32056] #31480
  • Empty the content in the timeout, so it doesn’t render iframes twice. [32022] #31669

Build/Test Tools

  • During PHPUnit tests, don’t autodetect permalink structure during WP installation. [32139] #31994
  • Move the built media JS files up a directory to their previous location and naming convention. [32125] #31912 (see [31373])
  • Don’t reference underscore.js source map. [32065] #31477

General/Misc.

  • WordPress 4.2-RC1 [32137] [32138]
  • Use HTTPS URLs for codex.wordpress.org. [32116] #27115
  • Explain all placeholders in translator comment, not just the first one. [32111] #31675
  • Ensure post title input is not shortened for non-public post types. [32071] #30968
  • Improve handling of incomplete From and Content-Type headers in wp_mail(). [32070] #30266
  • wpLink: always show the URL field at the top. [32017] #28206
  • Force default avatar for HiDPI avatars on Discussion Settings. [32129] #31972

Translation and Strings

  • Merge strings that describe the same command. [32078] #31776
  • Update placeholder for FTP credentials. [32077] #31922
  • After [31941], use the decoupled strings from wp-admin/network/themes.php in wp-admin/network/site-themes.php as well. [32029] #28502
  • Correct grammar when referring to “a user” vs “an user” in several places. [32025] #31894

Administration

  • Fix flickering of the admin menu on over-scrolling. [32089] #30900
  • Dashboard: Ensure images other than avatars (such as emoji replacements) in recent comments are not incorrectly positioned. [32076] #31919
  • Admin menu: fix colors for focus state and in IE8. [32075] #31345
  • Dismissible notices: more precise positioning across browsers. [32068] #31233
  • Reset padding for buttons in theme details modal. [32128] #31963
  • Revert [32099] per discussion in #core. [32100] #30900
  • Remove z-index from #adminmenuback. [32099] #30900
  • Don’t print the custom-background class in body_class() when a default color is in use. [32081] #28687
  • Toolbar: Search item consistency for focus state and IE8. [32074] #31322
  • Pointers: Make the dismiss icon a consistent size. [32069] #31915
  • Update more instances of default admin blues and grays. [32051] #31234

Emoji and Smilies

  • Tweak which smiley matches which emoji. [32105] [32107] #31709
  • Update our few remaining smilies to better align with Twemoji, and add frownie.png until Twemoji provides a build containing it. [32104] #31709
  • The emoji JS files should be run through the script_loader_src filter, as they would be if they were registered scripts. [32097] #31938
  • Tidy up the wp_encode_emoji() regex, and clarify the function comment on Unicode 8 support. [32096]
  • Remove an errant / in Twemoji URLs. [32024] #31893
  • Remove executable bit from smilies. [32109] #31709

Themes

  • Twenty Fourteen: update editor styles to better account for adaptive images in small screens. [32094] #31934
  • Twenty Fifteen: update editor styles to better account for adaptive images in small screens. [32090] #31934
  • Theme Compat: Make string translatable and add translator comments. Added in [31941]. [32084] #28502, #31921
  • Move initialization of $customizeSidebar to api.ThemesSection.initialize() to prevent cases where the result can be undefined. [32119] #31793
  • Translator comment should just reference placeholder numbers, not the actual placeholders. [32112] #31675
  • Tell developers how to correctly silence register_sidebar() notices. [32110] #31675

Customizer

Theme Switcher

  • Fix some esoteric breakage in iOS Safari. [32103] #31794
  • Don’t deactivate section on empty search results. [32083] #31889
  • Remove “Add New” reference from customize-controls.js. [32004] #31837
  • Use text input for the search field to prevent double tap issues for Preview and Customize buttons on iOS. [32127] #31794
  • Don’t re-render a theme control if it has already been rendered.
  • Lazy load theme screenshots. [32088] #31793
  • Fix tabbing order if section is open. [32087] #31289
  • Fix preview URL for subfolder installs. [32086] #31896

Shiny Updates

  • Disable shiny updates from modal based on parent window [32082] #31739
  • Fix logic for details based shiny updates. [32080] #31739
  • Disable modal initiated shiny updates on wp-admin/update-core.php. [32067] #31739
  • Use dashes instead of dots as separator for jQuery events in shiny updates . is used for namespaces, so better to use dashes. [32063] #31819
  • Trigger events upon the completion of a shiny update. [32061] #31819
  • Remove Shiny Bulk Updates. Bulk updates don’t need to be ajaxified so let’s revert. [32053] #31770, #29820
  • Conditionally add AYS to leaving shiny updates. [32052] #31769
  • Enable users to initiate a shiny update from plugin detail modal. [32062] #31739

Media

  • Don’t allow whitespace-only image captions from the Media modal. [32079] #21848
  • Fix focus and selected state for the selected attachments set. [32072] #31898
  • Rename get_media_embedded_in_content_allowed filter tomedia_embedded_in_content_allowed_types. [32113] #26675
  • Bring back spinners, now without bouncing select elements. [32101] #22839, #30725
  • Fix the media modal Insert into post button on narrow screens by limiting the width of .media-toolbar-primary and .media-toolbar-secondary only inside .attachments-browser (the top toolbar). [32121] #31908
  • Insert from URL: Make sure the link text is actually used. [32055] #29476
  • Make sure the spinner in the media modal is visible on narrow screens (without affecting the media grid). [32120] #30725

Build Tools

  • Don’t override minified libraries included in core. [32066] #31477

Docs

  • Remove unnecessary inline @see tags from a variety of parameter and return descriptions in wp-includes/wp-db.php. [32050] #31888
  • Remove unnecessary inline @see tags from the wpdb::process_field_charsets()DocBlock. [32049] #31888
  • Add a missing return description for has_header_image(). [32048] #31888
  • Fix a variety of inline documentation syntactical issues in wp-includes/taxonomy.php. [32047] #31888
  • Add a missing @access tag to the DocBlock for the WP_Meta_Query->$clauses property. Also adds a missing return description for WP_Meta_Query::get_clauses(). [32044] #31888
  • Add a variety of missing descriptions and fix syntax for wp_scripts(),_wp_scripts_maybe_doing_it_wrong(), and wp_script_add_data(). [32040] #31888
  • Remove an unnecessary inline @see tag and document the $wpdb global in two WP_Comment_Query methods. [32038] #31888
  • Add missing parameter and return descriptions to WP_Customize_Widgets->filter_customize_dynamic_setting_args(). [32036] #31888
  • Add parameter and return descriptions for WP_Customize_Widgets->get_setting_type(). [32035] #31888
  • Add missing @access tags to two DocBlocks in WP_Customize_Setting. [32034] #31888
  • Document the $theme property in WP_Customize_Themes_Section. Also adds a missing@access tag to the DocBlock for WP_Customize_Themes_Section->render(). [32033] #31888
  • Cleanup DocBlock syntax, add a missing parameter description for WP_Customize_Manager->set_post_value(). [32031] #31888
  • Add inline doc syntax fixes for WP_Customize_Manager->doing_ajax(). Also adds a return description. [32030] #31888
  • Add documentation for the $type and $theme properties in WP_Customize_Theme_Control. Also add some missing @access tags to various DocBlocks. [32028] #31888
  • Fix description alignment for the category_css_class filter docs. [32026] #31888
  • Add documentation for the $type, $mime_type, and $button_labels properties in WP_Customize_Media_Control. [32023] #31888
  • Clarify the DocBlock summary and parameter description forwp_edit_attachments_query_vars(). [32019] #31888
  • Add proper descriptions for the @global and @param tags in the wp_media_attach_action() DocBlock. [32018] #31888
  • Clarify the DocBlock description for wp_print_request_filesystem_credentials_modal(). [32016] #31888
  • Clarify 4.2.0 changelog entry, add global description to the DocBlock for WP_Users_List_Table->single_row(). [32015] #31888
  • Add missing @since versions from a variety of methods in WP_Press_This. [32014] #31888
  • Add missing DocBlocks for the _limit_array(), _limit_string(), _limit_url(),_limit_img(), _limit_embed(), and _process_meta_entry() utility methods in WP_Press_This. [32013] #31888
  • Add a return description to the DocBlock for WP_Posts_List_Table->is_base_request(). [32009] #31888
  • Add an @see mention for Plugin_Upgrader, plus spacing to the wp_ajax_update_plugin()delcaration. [32006] #31888
  • Add a more descriptive function summary for options_discussion_add_js(). [32005] #31888
  • Fix Docblock syntax for the taxonomy_parent_dropdown_args filter. [32003] #31888
  • Add a missing return description for wp_styles(). [32041] #31888
  • wp_install_maybe_enable_pretty_permalinks() should have a consistent @return value. [32027] #6481, #31888

Help/About

  • All strings are available for translation. [32132] [32135] [32136] #31929
  • Change the subhead strings on credits.php and freedoms.php to match about.php.
  • Link the Emoji Codex article in the emoji blurb.
  • Add a second sentence to the JavaScript Accessibility blurb.
  • Switch positions for the JavaScript Accessibility and Complex Query Ordering sections for balance. [32131] #31929
  • Update about page for 4.2. [32118] [32123] [32130] #31929

Upgrade/Install

  • Move wp-plugin-update-success event to after lock is released [32133] #31978, #31819
  • Use named function instead of anonymous function, making it testable and replaceable. [32126] #31964
  • When dbDelta() is checking whether an index is defined in a CREATE TABLE statement, don’t worry if MySQL has a subpart defined on an index, but the CREATE TABLE doesn’t. [32108] #31869

Script Loader

Press This

  • Do not show the bookmarklet upgrade notice when accessing directly press-this.php. [32122] #31968
  • Add mb_strlen() compatibility function. Works the same way as the existing mb_substr() compatibility function. [32114] #31951
  • Check the bookmarklet version and add the update notice from PHP. [32106] #31942
  • Add ARIA attributes to the alerts container. [32102] #31942
  • Fix focusing the Standard Editor link after saving draft, if the user has not focused another element. [32098] #31923
  • Change the link text to Standard Editor. [32093] #31923
  • When saving a draft change the text of the Save Draft button to “Saving…” [32092] #31923
  • Update documentation for press_this_save_redirect filter after [31992]. [32143] #31996

Taxonomy

  • wp_update_term() should check if get_term() returned null. [32117] #31954
  • Avoid an unexpected object error when syncing global terms. Pass the expected single value, rather than object, when recursively calling global_terms(). [32064] #31914, #31149

Editor

Thanks to @adamsilverstein, @afercia, @awbauer, @azaozz, @boonebgorges, @DavidAnderson, @dimadin, @dlh, @DrewAPicture, @ericlewis, @hauvong, @helen, @hugobaeta, @iseulde, @jamescollins, @jeremyfelt, @joemcgill, @joen, @johnbillion, @jorbin, @kraftbj, @lancewillett, @markjaquith, @mattheu, @Michael-Arestad, @mindrun, @morganestes, @nacin, @nitkr, @obenland, @ocean90, @pavelevap, @pento, @peterwilsoncc, @samuelsidler, @SergeyBiryukov, @siobhan, @sirbrillig, @slobodanmanic, @swissspidy, @tmatsuur, @Tmeiste, @tyxla, @valendesigns, @westonruter, and @wonderboymusic for their contributions!

#4-2, #week-in-core