Changeset 3282609
- Timestamp:
- 04/27/2025 08:17:28 AM (2 weeks ago)
- Location:
- linkify-tags
- Files:
- 12 edited
- 1 copied
- tags/2.5 (copied) (copied from linkify-tags/trunk)
- tags/2.5/CHANGELOG.md (modified) (1 diff)
- tags/2.5/DEVELOPER-DOCS.md (modified) (1 diff)
- tags/2.5/linkify-tags.php (modified) (4 diffs)
- tags/2.5/linkify-tags.widget.php (modified) (3 diffs)
- tags/2.5/linkify-widget.php (modified) (6 diffs)
- tags/2.5/readme.txt (modified) (4 diffs)
- trunk/CHANGELOG.md (modified) (1 diff)
- trunk/DEVELOPER-DOCS.md (modified) (1 diff)
- trunk/linkify-tags.php (modified) (4 diffs)
- trunk/linkify-tags.widget.php (modified) (3 diffs)
- trunk/linkify-widget.php (modified) (6 diffs)
- trunk/readme.txt (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
linkify-tags/tags/2.5/CHANGELOG.md
r3138418 r3282609 1 1 # Changelog 2 3 ## 2.5 _(2025-04-27)_ 4 * Hardening: Prevent unsafe markup from being output 5 * Update widget base class to v006: 6 * Hardening: Prevent unsafe markup from being output 7 * Change: Include version number in class name to ensure use of expected version 8 * Change: Move PHPCS-related inline comments with their associated `phpcs:ignore` comments 9 * Change: Note compatibility through WP 6.8+ 10 * Change: Note compatibility through PHP 8.3+ 11 * Change: Update copyright date (2025) 12 * Unit tests: 13 * Change: Remove vestiges of testing for now-removed `linkify_categories()` 14 * Change: Explicitly define return type for overridden methods 2 15 3 16 ## 2.4 _(2024-08-20)_ linkify-tags/tags/2.5/DEVELOPER-DOCS.md
r2957021 r3282609 13 13 14 14 ### Arguments 15 16 _Note: Unsafe markup (such as `script`) will be omitted from any string being output._ 15 17 16 18 * `$tags` _(string|int|array)_ linkify-tags/tags/2.5/linkify-tags.php
r3138418 r3282609 2 2 /** 3 3 * Plugin Name: Linkify Tags 4 * Version: 2. 44 * Version: 2.5 5 5 * Plugin URI: https://coffee2code.com/wp-plugins/linkify-tags/ 6 6 * Author: Scott Reilly … … 11 11 * Description: Turn a string, list, or array of tag IDs and/or slugs into a list of links to those tag archives. Provides a widget and template tag. 12 12 * 13 * Compatible with WordPress 3.3 through 6. 6+.13 * Compatible with WordPress 3.3 through 6.8+, and PHP through at least 8.3+. 14 14 * 15 15 * =>> Read the accompanying readme.txt file for instructions and documentation. … … 19 19 * @package Linkify_Tags 20 20 * @author Scott Reilly 21 * @version 2. 421 * @version 2.5 22 22 */ 23 23 24 24 /* 25 Copyright (c) 2009-202 4by Scott Reilly (aka coffee2code)25 Copyright (c) 2009-2025 by Scott Reilly (aka coffee2code) 26 26 27 27 This program is free software; you can redistribute it and/or … … 112 112 } 113 113 114 // Output categories (which is permitted to include markup). 115 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 116 echo $before . $response . $after; 114 // Output categories. 115 echo wp_kses_post( $before . $response . $after ); 117 116 } 118 117 add_action( 'c2c_linkify_tags', 'c2c_linkify_tags', 10, 6 ); linkify-tags/tags/2.5/linkify-tags.widget.php
r3138418 r3282609 3 3 * Linkify Tags plugin widget code 4 4 * 5 * Copyright (c) 2011-202 4by Scott Reilly (aka coffee2code)5 * Copyright (c) 2011-2025 by Scott Reilly (aka coffee2code) 6 6 * 7 7 * @package Linkify_Tags_Widget 8 8 * @author Scott Reilly 9 * @version 00 59 * @version 006 10 10 */ 11 11 … … 16 16 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyTagsWidget' ) ) : 17 17 18 class c2c_LinkifyTagsWidget extends c2c_LinkifyWidget {18 class c2c_LinkifyTagsWidget extends c2c_LinkifyWidget_006 { 19 19 20 20 /** … … 24 24 */ 25 25 public static function version() { 26 return '00 5';26 return '006'; 27 27 } 28 28 linkify-tags/tags/2.5/linkify-widget.php
r3138418 r3282609 3 3 * Linkify plugin widget code 4 4 * 5 * Copyright (c) 2011-202 4by Scott Reilly (aka coffee2code)5 * Copyright (c) 2011-2025 by Scott Reilly (aka coffee2code) 6 6 * 7 7 * @package Linkify_Widget 8 8 * @author Scott Reilly 9 * @version 00 59 * @version 006 10 10 */ 11 11 12 12 defined( 'ABSPATH' ) or die(); 13 13 14 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyWidget ' ) ) :15 16 abstract class c2c_LinkifyWidget extends WP_Widget {14 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyWidget_006' ) ) : 15 16 abstract class c2c_LinkifyWidget_006 extends WP_Widget { 17 17 18 18 abstract function widget_content( $args, $instance ); … … 73 73 */ 74 74 public static function version() { 75 return '00 5';75 return '006'; 76 76 } 77 77 … … 121 121 } 122 122 123 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 124 echo $before_widget; 123 echo wp_kses_post( $before_widget ); 125 124 126 125 if ( $title ) { 127 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 128 echo $before_title . $title . $after_title; 126 echo wp_kses_post( $before_title . $title . $after_title ); 129 127 } 130 128 … … 133 131 $this->widget_content( $args, $instance ); 134 132 135 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 136 echo $after_widget; 133 echo wp_kses_post( $after_widget ); 137 134 } 138 135 … … 242 239 esc_attr( $input_name ), 243 240 esc_attr( $input_id ), 244 // PHPCS: The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 245 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 241 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 246 242 $this->esc_attributes( $this->config[ $opt ]['input_attributes'] ), 247 243 esc_html( $value ) … … 296 292 esc_attr( $tstyle ), 297 293 ( 'checkbox' === $input ? checked( $value, 1, false ) : '' ), 298 // PHPCS: The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 299 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 294 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 300 295 $this->esc_attributes( $this->config[ $opt ]['input_attributes'] ) 301 296 ); 302 297 } 303 298 if ( $this->config[ $opt ]['help'] ) { 304 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 305 echo "<div style='color:#888; font-size:x-small;'>({$this->config[ $opt ]['help']})</div>"; 299 echo '<div style="color:#888; font-size:x-small;">('; 300 echo wp_kses_post( $this->config[ $opt ]['help'] ); 301 echo ')</div>'; 306 302 } 307 303 echo "</p>\n"; linkify-tags/tags/2.5/readme.txt
r3138418 r3282609 6 6 License URI: https://www.gnu.org/licenses/gpl-2.0.html 7 7 Requires at least: 3.3 8 Tested up to: 6. 69 Stable tag: 2. 48 Tested up to: 6.8 9 Stable tag: 2.5 10 10 11 11 Turn a string, list, or array of tag IDs and/or slugs into a list of links to those tag archives. Provides a widget and template tag. … … 45 45 Between tags: `</li><li>` 46 46 47 = Does this plugin include unit tests? =47 = Does this plugin have unit tests? = 48 48 49 49 Yes. The tests are not packaged in the release .zip file or included in plugins.svn.wordpress.org, but can be found in the [plugin's repository](https://.com/coffee2code/linkify-tags/). … … 64 64 65 65 == Changelog == 66 67 = 2.5 (2025-04-27) = 68 * Hardening: Prevent unsafe markup from being output 69 * Update widget base class to v006: 70 * Hardening: Prevent unsafe markup from being output 71 * Change: Include version number in class name to ensure use of expected version 72 * Change: Move PHPCS-related inline comments with their associated `phpcs:ignore` comments 73 * Change: Note compatibility through WP 6.8+ 74 * Change: Note compatibility through PHP 8.3+ 75 * Change: Update copyright date (2025) 76 * Unit tests: 77 * Change: Remove vestiges of testing for now-removed `linkify_categories()` 78 * Change: Explicitly define return type for overridden methods 66 79 67 80 = 2.4 (2024-08-20) = … … 102 115 * Change: Prevent PHP warnings due to missing core-related generated files 103 116 104 = 2.3 (2021-10-20) =105 Highlights:106 107 This minor release removes support for the long-deprecated `linkify_tags()`, adds DEVELOPER-DOCS.md, notes compatibility through WP 5.8+, and minor reorganization and tweaks to unit tests.108 109 Details:110 111 * Change: Remove long-deprecated function `linkify_tags()`112 * New: Add DEVELOPER-DOCS.md and move template tag and hooks documentation into it113 * Change: Tweak installation instruction114 * Change: Note compatibility through WP 5.8+115 * Unit tests:116 * Change: Restructure unit test directories117 * Change: Move `phpunit/` into `tests/phpunit/`118 * Change: Move `phpunit/bin/` into `tests/`119 * Change: Remove 'test-' prefix from unit test file120 * Change: In bootstrap, store path to plugin file constant121 * Change: In bootstrap, add backcompat for PHPUnit pre-v6.0122 123 117 _Full changelog is available in [CHANGELOG.md](https://.com/coffee2code/linkify-tags/blob/master/CHANGELOG.md)._ 124 118 125 119 126 120 == Upgrade Notice == 121 122 = 2.5 = 123 Recommended update: prevented unsafe markup from being output, versioned widget base class to ensure use of expected version, noted compatibility through WP 6.8+ and PHP 8.3+, and updated copyright date (2025) 127 124 128 125 = 2.4 = linkify-tags/trunk/CHANGELOG.md
r3138418 r3282609 1 1 # Changelog 2 3 ## 2.5 _(2025-04-27)_ 4 * Hardening: Prevent unsafe markup from being output 5 * Update widget base class to v006: 6 * Hardening: Prevent unsafe markup from being output 7 * Change: Include version number in class name to ensure use of expected version 8 * Change: Move PHPCS-related inline comments with their associated `phpcs:ignore` comments 9 * Change: Note compatibility through WP 6.8+ 10 * Change: Note compatibility through PHP 8.3+ 11 * Change: Update copyright date (2025) 12 * Unit tests: 13 * Change: Remove vestiges of testing for now-removed `linkify_categories()` 14 * Change: Explicitly define return type for overridden methods 2 15 3 16 ## 2.4 _(2024-08-20)_ linkify-tags/trunk/DEVELOPER-DOCS.md
r2957021 r3282609 13 13 14 14 ### Arguments 15 16 _Note: Unsafe markup (such as `script`) will be omitted from any string being output._ 15 17 16 18 * `$tags` _(string|int|array)_ linkify-tags/trunk/linkify-tags.php
r3138418 r3282609 2 2 /** 3 3 * Plugin Name: Linkify Tags 4 * Version: 2. 44 * Version: 2.5 5 5 * Plugin URI: https://coffee2code.com/wp-plugins/linkify-tags/ 6 6 * Author: Scott Reilly … … 11 11 * Description: Turn a string, list, or array of tag IDs and/or slugs into a list of links to those tag archives. Provides a widget and template tag. 12 12 * 13 * Compatible with WordPress 3.3 through 6. 6+.13 * Compatible with WordPress 3.3 through 6.8+, and PHP through at least 8.3+. 14 14 * 15 15 * =>> Read the accompanying readme.txt file for instructions and documentation. … … 19 19 * @package Linkify_Tags 20 20 * @author Scott Reilly 21 * @version 2. 421 * @version 2.5 22 22 */ 23 23 24 24 /* 25 Copyright (c) 2009-202 4by Scott Reilly (aka coffee2code)25 Copyright (c) 2009-2025 by Scott Reilly (aka coffee2code) 26 26 27 27 This program is free software; you can redistribute it and/or … … 112 112 } 113 113 114 // Output categories (which is permitted to include markup). 115 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 116 echo $before . $response . $after; 114 // Output categories. 115 echo wp_kses_post( $before . $response . $after ); 117 116 } 118 117 add_action( 'c2c_linkify_tags', 'c2c_linkify_tags', 10, 6 ); linkify-tags/trunk/linkify-tags.widget.php
r3138418 r3282609 3 3 * Linkify Tags plugin widget code 4 4 * 5 * Copyright (c) 2011-202 4by Scott Reilly (aka coffee2code)5 * Copyright (c) 2011-2025 by Scott Reilly (aka coffee2code) 6 6 * 7 7 * @package Linkify_Tags_Widget 8 8 * @author Scott Reilly 9 * @version 00 59 * @version 006 10 10 */ 11 11 … … 16 16 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyTagsWidget' ) ) : 17 17 18 class c2c_LinkifyTagsWidget extends c2c_LinkifyWidget {18 class c2c_LinkifyTagsWidget extends c2c_LinkifyWidget_006 { 19 19 20 20 /** … … 24 24 */ 25 25 public static function version() { 26 return '00 5';26 return '006'; 27 27 } 28 28 linkify-tags/trunk/linkify-widget.php
r3138418 r3282609 3 3 * Linkify plugin widget code 4 4 * 5 * Copyright (c) 2011-202 4by Scott Reilly (aka coffee2code)5 * Copyright (c) 2011-2025 by Scott Reilly (aka coffee2code) 6 6 * 7 7 * @package Linkify_Widget 8 8 * @author Scott Reilly 9 * @version 00 59 * @version 006 10 10 */ 11 11 12 12 defined( 'ABSPATH' ) or die(); 13 13 14 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyWidget ' ) ) :15 16 abstract class c2c_LinkifyWidget extends WP_Widget {14 if ( class_exists( 'WP_Widget' ) && ! class_exists( 'c2c_LinkifyWidget_006' ) ) : 15 16 abstract class c2c_LinkifyWidget_006 extends WP_Widget { 17 17 18 18 abstract function widget_content( $args, $instance ); … … 73 73 */ 74 74 public static function version() { 75 return '00 5';75 return '006'; 76 76 } 77 77 … … 121 121 } 122 122 123 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 124 echo $before_widget; 123 echo wp_kses_post( $before_widget ); 125 124 126 125 if ( $title ) { 127 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 128 echo $before_title . $title . $after_title; 126 echo wp_kses_post( $before_title . $title . $after_title ); 129 127 } 130 128 … … 133 131 $this->widget_content( $args, $instance ); 134 132 135 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 136 echo $after_widget; 133 echo wp_kses_post( $after_widget ); 137 134 } 138 135 … … 242 239 esc_attr( $input_name ), 243 240 esc_attr( $input_id ), 244 // PHPCS: The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 245 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 241 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 246 242 $this->esc_attributes( $this->config[ $opt ]['input_attributes'] ), 247 243 esc_html( $value ) … … 296 292 esc_attr( $tstyle ), 297 293 ( 'checkbox' === $input ? checked( $value, 1, false ) : '' ), 298 // PHPCS: The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 299 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 294 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- The keys and values of all attributes are being escaped by esc_attributes(), so this is safe. 300 295 $this->esc_attributes( $this->config[ $opt ]['input_attributes'] ) 301 296 ); 302 297 } 303 298 if ( $this->config[ $opt ]['help'] ) { 304 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 305 echo "<div style='color:#888; font-size:x-small;'>({$this->config[ $opt ]['help']})</div>"; 299 echo '<div style="color:#888; font-size:x-small;">('; 300 echo wp_kses_post( $this->config[ $opt ]['help'] ); 301 echo ')</div>'; 306 302 } 307 303 echo "</p>\n"; linkify-tags/trunk/readme.txt
r3138418 r3282609 6 6 License URI: https://www.gnu.org/licenses/gpl-2.0.html 7 7 Requires at least: 3.3 8 Tested up to: 6. 69 Stable tag: 2. 48 Tested up to: 6.8 9 Stable tag: 2.5 10 10 11 11 Turn a string, list, or array of tag IDs and/or slugs into a list of links to those tag archives. Provides a widget and template tag. … … 45 45 Between tags: `</li><li>` 46 46 47 = Does this plugin include unit tests? =47 = Does this plugin have unit tests? = 48 48 49 49 Yes. The tests are not packaged in the release .zip file or included in plugins.svn.wordpress.org, but can be found in the [plugin's repository](https://.com/coffee2code/linkify-tags/). … … 64 64 65 65 == Changelog == 66 67 = 2.5 (2025-04-27) = 68 * Hardening: Prevent unsafe markup from being output 69 * Update widget base class to v006: 70 * Hardening: Prevent unsafe markup from being output 71 * Change: Include version number in class name to ensure use of expected version 72 * Change: Move PHPCS-related inline comments with their associated `phpcs:ignore` comments 73 * Change: Note compatibility through WP 6.8+ 74 * Change: Note compatibility through PHP 8.3+ 75 * Change: Update copyright date (2025) 76 * Unit tests: 77 * Change: Remove vestiges of testing for now-removed `linkify_categories()` 78 * Change: Explicitly define return type for overridden methods 66 79 67 80 = 2.4 (2024-08-20) = … … 102 115 * Change: Prevent PHP warnings due to missing core-related generated files 103 116 104 = 2.3 (2021-10-20) =105 Highlights:106 107 This minor release removes support for the long-deprecated `linkify_tags()`, adds DEVELOPER-DOCS.md, notes compatibility through WP 5.8+, and minor reorganization and tweaks to unit tests.108 109 Details:110 111 * Change: Remove long-deprecated function `linkify_tags()`112 * New: Add DEVELOPER-DOCS.md and move template tag and hooks documentation into it113 * Change: Tweak installation instruction114 * Change: Note compatibility through WP 5.8+115 * Unit tests:116 * Change: Restructure unit test directories117 * Change: Move `phpunit/` into `tests/phpunit/`118 * Change: Move `phpunit/bin/` into `tests/`119 * Change: Remove 'test-' prefix from unit test file120 * Change: In bootstrap, store path to plugin file constant121 * Change: In bootstrap, add backcompat for PHPUnit pre-v6.0122 123 117 _Full changelog is available in [CHANGELOG.md](https://.com/coffee2code/linkify-tags/blob/master/CHANGELOG.md)._ 124 118 125 119 126 120 == Upgrade Notice == 121 122 = 2.5 = 123 Recommended update: prevented unsafe markup from being output, versioned widget base class to ensure use of expected version, noted compatibility through WP 6.8+ and PHP 8.3+, and updated copyright date (2025) 127 124 128 125 = 2.4 =
Note: See TracChangeset for help on using the changeset viewer.