updated plugin Jetpack Protect version 2.2.0
This commit is contained in:
Gitium
@ -5,6 +5,49 @@ All notable changes to this project will be documented in this file.
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
|
||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||
|
||||
## [3.2.0] - 2024-05-22
|
||||
### Deprecated
|
||||
- Jetpack: Deprecated Errors class. [#37451]
|
||||
|
||||
## [3.1.0] - 2024-05-20
|
||||
### Added
|
||||
- Add the 'is_current_request_activating_plugin_from_plugins_screen' method extracted from the Plugin Install package. [#37430]
|
||||
|
||||
## [3.0.3] - 2024-05-08
|
||||
### Fixed
|
||||
- Status: Added check for compatibility reasons [#37256]
|
||||
|
||||
## [3.0.2] - 2024-05-06
|
||||
### Added
|
||||
- Add new method used to track allowed domains for API access. [#36924]
|
||||
|
||||
## [3.0.1] - 2024-04-30
|
||||
### Changed
|
||||
- Internal updates.
|
||||
|
||||
## [3.0.0] - 2024-04-25
|
||||
### Added
|
||||
- Add is_automattician_feature_flags_only on Jetpack sites as an alternative to is_automattician present on simple sites. [#34798]
|
||||
|
||||
### Removed
|
||||
- Remove methods deprecated long ago. [#36985]
|
||||
|
||||
## [2.2.2] - 2024-04-22
|
||||
### Changed
|
||||
- Internal updates.
|
||||
|
||||
## [2.2.1] - 2024-04-08
|
||||
### Changed
|
||||
- Internal updates.
|
||||
|
||||
## [2.2.0] - 2024-03-22
|
||||
### Added
|
||||
- Add support for A8C for Agencies source parameter. [#36491]
|
||||
|
||||
## [2.1.3] - 2024-03-20
|
||||
### Changed
|
||||
- Internal updates.
|
||||
|
||||
## [2.1.2] - 2024-03-12
|
||||
### Changed
|
||||
- Internal updates.
|
||||
@ -314,6 +357,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
|
||||
- Packages: Introduce a status package
|
||||
|
||||
[3.2.0]: https://github.com/Automattic/jetpack-status/compare/v3.1.0...v3.2.0
|
||||
[3.1.0]: https://github.com/Automattic/jetpack-status/compare/v3.0.3...v3.1.0
|
||||
[3.0.3]: https://github.com/Automattic/jetpack-status/compare/v3.0.2...v3.0.3
|
||||
[3.0.2]: https://github.com/Automattic/jetpack-status/compare/v3.0.1...v3.0.2
|
||||
[3.0.1]: https://github.com/Automattic/jetpack-status/compare/v3.0.0...v3.0.1
|
||||
[3.0.0]: https://github.com/Automattic/jetpack-status/compare/v2.2.2...v3.0.0
|
||||
[2.2.2]: https://github.com/Automattic/jetpack-status/compare/v2.2.1...v2.2.2
|
||||
[2.2.1]: https://github.com/Automattic/jetpack-status/compare/v2.2.0...v2.2.1
|
||||
[2.2.0]: https://github.com/Automattic/jetpack-status/compare/v2.1.3...v2.2.0
|
||||
[2.1.3]: https://github.com/Automattic/jetpack-status/compare/v2.1.2...v2.1.3
|
||||
[2.1.2]: https://github.com/Automattic/jetpack-status/compare/v2.1.1...v2.1.2
|
||||
[2.1.1]: https://github.com/Automattic/jetpack-status/compare/v2.1.0...v2.1.1
|
||||
[2.1.0]: https://github.com/Automattic/jetpack-status/compare/v2.0.2...v2.1.0
|
||||
|
||||
@ -5,12 +5,15 @@
|
||||
"license": "GPL-2.0-or-later",
|
||||
"require": {
|
||||
"php": ">=7.0",
|
||||
"automattic/jetpack-constants": "^2.0.1"
|
||||
"automattic/jetpack-constants": "^2.0.2"
|
||||
},
|
||||
"require-dev": {
|
||||
"brain/monkey": "2.6.1",
|
||||
"yoast/phpunit-polyfills": "1.1.0",
|
||||
"automattic/jetpack-changelogger": "^4.1.1",
|
||||
"automattic/jetpack-changelogger": "^4.2.4",
|
||||
"automattic/jetpack-connection": "@dev",
|
||||
"automattic/jetpack-identity-crisis": "@dev",
|
||||
"automattic/jetpack-plans": "@dev",
|
||||
"automattic/jetpack-ip": "^0.2.2"
|
||||
},
|
||||
"suggest": {
|
||||
@ -38,7 +41,14 @@
|
||||
"link-template": "https://github.com/Automattic/jetpack-status/compare/v${old}...v${new}"
|
||||
},
|
||||
"branch-alias": {
|
||||
"dev-trunk": "2.1.x-dev"
|
||||
"dev-trunk": "3.2.x-dev"
|
||||
},
|
||||
"dependencies": {
|
||||
"test-only": [
|
||||
"packages/connection",
|
||||
"packages/identity-crisis",
|
||||
"packages/plans"
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ class Cache {
|
||||
*
|
||||
* @param string $key Key to fetch.
|
||||
* @param mixed $default Default value to return if the key is not set.
|
||||
* @returns mixed Data.
|
||||
* @return mixed Data.
|
||||
*/
|
||||
public static function get( $key, $default = null ) {
|
||||
$blog_id = get_current_blog_id();
|
||||
|
||||
@ -14,16 +14,20 @@ namespace Automattic\Jetpack;
|
||||
|
||||
/**
|
||||
* Erros class.
|
||||
*
|
||||
* @deprecated since 3.2.0
|
||||
*/
|
||||
class Errors {
|
||||
/**
|
||||
* Catches PHP errors. Must be used in conjunction with output buffering.
|
||||
*
|
||||
* @deprecated since 3.2.0
|
||||
* @param bool $catch True to start catching, False to stop.
|
||||
*
|
||||
* @static
|
||||
*/
|
||||
public function catch_errors( $catch ) {
|
||||
_deprecated_function( __METHOD__, '3.2.0' );
|
||||
static $display_errors, $error_reporting;
|
||||
|
||||
if ( $catch ) {
|
||||
|
||||
@ -34,7 +34,7 @@ class Host {
|
||||
*
|
||||
* @since 1.9.0
|
||||
*
|
||||
* @return bool;
|
||||
* @return bool
|
||||
*/
|
||||
public function is_atomic_platform() {
|
||||
return Constants::is_true( 'ATOMIC_SITE_ID' ) && Constants::is_true( 'ATOMIC_CLIENT_ID' );
|
||||
@ -127,7 +127,7 @@ class Host {
|
||||
*/
|
||||
public function get_source_query() {
|
||||
// phpcs:disable WordPress.Security.NonceVerification.Recommended
|
||||
$allowed_sources = array( 'jetpack-manage' );
|
||||
$allowed_sources = array( 'jetpack-manage', 'a8c-for-agencies' );
|
||||
if ( isset( $_GET['source'] ) && in_array( $_GET['source'], $allowed_sources, true ) ) {
|
||||
return sanitize_key( $_GET['source'] );
|
||||
}
|
||||
@ -276,4 +276,20 @@ class Host {
|
||||
Cache::set( 'host_guess', $provider );
|
||||
return $provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Add public-api.wordpress.com to the safe redirect allowed list - only added when someone allows API access.
|
||||
*
|
||||
* @since 3.0.2 Ported from Jetpack to the Status package.
|
||||
*
|
||||
* To be used with a filter of allowed domains for a redirect.
|
||||
*
|
||||
* @param array $domains Allowed WP.com Environments.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public static function allow_wpcom_public_api_domain( $domains ) {
|
||||
$domains[] = 'public-api.wordpress.com';
|
||||
return $domains;
|
||||
}
|
||||
}
|
||||
|
||||
@ -166,7 +166,7 @@ class Modules {
|
||||
}
|
||||
|
||||
$key = md5( $file_name . maybe_serialize( $headers ) );
|
||||
$refresh_cache = is_admin() && isset( $_GET['page'] ) && str_starts_with( $_GET['page'], 'jetpack' ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended, WordPress.Security.ValidatedSanitizedInput
|
||||
$refresh_cache = is_admin() && isset( $_GET['page'] ) && is_string( $_GET['page'] ) && str_starts_with( $_GET['page'], 'jetpack' ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended, WordPress.Security.ValidatedSanitizedInput
|
||||
|
||||
// If we don't need to refresh the cache, and already have the value, short-circuit!
|
||||
if ( ! $refresh_cache && isset( $file_data_option[ $key ] ) ) {
|
||||
@ -454,10 +454,8 @@ class Modules {
|
||||
}
|
||||
|
||||
// Check the file for fatal errors, a la wp-admin/plugins.php::activate.
|
||||
$errors = new Errors();
|
||||
$state->state( 'module', $module );
|
||||
$state->state( 'error', 'module_activation_failed' ); // we'll override this later if the plugin can be included without fatal error.
|
||||
$errors->catch_errors( true );
|
||||
|
||||
ob_start();
|
||||
$module_path = $this->get_path( $module );
|
||||
@ -470,7 +468,6 @@ class Modules {
|
||||
|
||||
$state->state( 'error', false ); // the override.
|
||||
ob_end_clean();
|
||||
$errors->catch_errors( false );
|
||||
} else { // Not a Jetpack plugin.
|
||||
$active[] = $module;
|
||||
$this->update_active( $active );
|
||||
@ -534,7 +531,7 @@ class Modules {
|
||||
*
|
||||
* @param array $modules Array of active modules to be saved in options.
|
||||
*
|
||||
* @return $success bool true for success, false for failure.
|
||||
* @return bool $success true for success, false for failure.
|
||||
*/
|
||||
public function update_active( $modules ) {
|
||||
$current_modules = \Jetpack_Options::get_option( 'active_modules', array() );
|
||||
|
||||
@ -25,4 +25,57 @@ class Paths {
|
||||
$url = add_query_arg( $args, admin_url( 'admin.php' ) );
|
||||
return $url;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if the current request is activating a plugin from the plugins page.
|
||||
*
|
||||
* @param string $plugin Plugin file path to check.
|
||||
* @return bool
|
||||
*/
|
||||
public function is_current_request_activating_plugin_from_plugins_screen( $plugin ) {
|
||||
// Filter out common async request contexts
|
||||
if (
|
||||
wp_doing_ajax() ||
|
||||
( defined( 'REST_REQUEST' ) && REST_REQUEST ) ||
|
||||
( defined( 'REST_API_REQUEST' ) && REST_API_REQUEST ) ||
|
||||
( defined( 'WP_CLI' ) && WP_CLI )
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( isset( $_SERVER['SCRIPT_NAME'] ) ) {
|
||||
$request_file = esc_url_raw( wp_unslash( $_SERVER['SCRIPT_NAME'] ) );
|
||||
} elseif ( isset( $_SERVER['REQUEST_URI'] ) ) {
|
||||
list( $request_file ) = explode( '?', esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Not the plugins page
|
||||
if ( strpos( $request_file, 'wp-admin/plugins.php' ) === false ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Same method to get the action as used by plugins.php
|
||||
$wp_list_table = _get_list_table( 'WP_Plugins_List_Table' );
|
||||
$action = $wp_list_table->current_action();
|
||||
|
||||
// Not a singular activation
|
||||
// This also means that if the plugin is activated as part of a group ( bulk activation ), this function will return false here.
|
||||
if ( 'activate' !== $action ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check the nonce associated with the plugin activation
|
||||
// We are not changing any data here, so this is not super necessary, it's just a best practice before using the form data from $_REQUEST.
|
||||
check_admin_referer( 'activate-plugin_' . $plugin );
|
||||
|
||||
// Not the right plugin
|
||||
$requested_plugin = isset( $_REQUEST['plugin'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['plugin'] ) ) : null;
|
||||
if ( $requested_plugin !== $plugin ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -17,18 +17,6 @@ use WPCOM_Masterbar;
|
||||
* Used to retrieve information about the current status of Jetpack and the site overall.
|
||||
*/
|
||||
class Status {
|
||||
/**
|
||||
* Is Jetpack in development (offline) mode?
|
||||
*
|
||||
* @deprecated 1.3.0 Use Status->is_offline_mode().
|
||||
*
|
||||
* @return bool Whether Jetpack's offline mode is active.
|
||||
*/
|
||||
public function is_development_mode() {
|
||||
_deprecated_function( __FUNCTION__, '1.3.0', 'Automattic\Jetpack\Status->is_offline_mode' );
|
||||
return $this->is_offline_mode();
|
||||
}
|
||||
|
||||
/**
|
||||
* Is Jetpack in offline mode?
|
||||
*
|
||||
@ -54,20 +42,6 @@ class Status {
|
||||
$offline_mode = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Filters Jetpack's offline mode.
|
||||
*
|
||||
* @see https://jetpack.com/support/development-mode/
|
||||
* @todo Update documentation ^^.
|
||||
*
|
||||
* @since 1.1.1
|
||||
* @since-jetpack 2.2.1
|
||||
* @deprecated 1.3.0
|
||||
*
|
||||
* @param bool $offline_mode Is Jetpack's offline mode active.
|
||||
*/
|
||||
$offline_mode = (bool) apply_filters_deprecated( 'jetpack_development_mode', array( $offline_mode ), '1.3.0', 'jetpack_offline_mode' );
|
||||
|
||||
/**
|
||||
* Filters Jetpack's offline mode.
|
||||
*
|
||||
@ -84,21 +58,6 @@ class Status {
|
||||
return $offline_mode;
|
||||
}
|
||||
|
||||
/**
|
||||
* Is Jetpack in "No User test mode"?
|
||||
*
|
||||
* This will make Jetpack act as if there were no connected users, but only a site connection (aka blog token)
|
||||
*
|
||||
* @since 1.6.0
|
||||
* @deprecated 1.7.5 Since this version, Jetpack connection is considered active after registration, making no_user_testing_mode obsolete.
|
||||
*
|
||||
* @return bool Whether Jetpack's No User Testing Mode is active.
|
||||
*/
|
||||
public function is_no_user_testing_mode() {
|
||||
_deprecated_function( __METHOD__, '1.7.5' );
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether this is a system with a multiple networks.
|
||||
* Implemented since there is no core is_multi_network function.
|
||||
|
||||
@ -40,4 +40,17 @@ class Visitor {
|
||||
|
||||
return ! empty( $_SERVER['REMOTE_ADDR'] ) ? filter_var( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ) : '';
|
||||
}
|
||||
|
||||
/**
|
||||
* Simple gate check for a11n feature testing purposes using AT_PROXIED_REQUEST constant.
|
||||
* IMPORTANT: Only use it for internal feature test purposes, not authorization.
|
||||
*
|
||||
* The goal of this function is to help us gate features by using a similar function name
|
||||
* we find on simple sites: is_automattician().
|
||||
*
|
||||
* @return bool True if the current request is PROXIED, false otherwise.
|
||||
*/
|
||||
public function is_automattician_feature_flags_only() {
|
||||
return ( defined( 'AT_PROXIED_REQUEST' ) && AT_PROXIED_REQUEST );
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user