Conversation
Added concurrency controls to automatically cancel redundant workflow runs when new commits are pushed to the same branch, preventing resource waste and reducing deployment queue times. Removed the manual SVN installation step as the 10up/action-wordpress-plugin-deploy action handles this dependency internally, eliminating unnecessary duplication. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move icon-128x128.png from /assets/ to /.wordpress-org/ alongside the other WordPress.org plugin listing assets (icon-256x256.png, screenshots). The .wordpress-org/ directory is already in .distignore, so these assets won't be included in the plugin ZIP but will be deployed to WordPress.org SVN /assets/ by the 10up deploy action. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The AJAX handler for user group subscriptions was falling through to wp_die() without returning a proper JSON response, causing the UI to receive an empty response when users toggled user group checkboxes in the Notifications metabox. This prevented proper feedback and meant changes wouldn't persist until the post was saved manually. The fix ensures user group AJAX saves return wp_send_json_success() with the same structure as user subscriptions (empty arrays for no_access and no_email, since user groups don't have individual warning badges). Comprehensive integration tests verify both user and user group AJAX saves return valid JSON responses, handle authentication correctly, and persist subscriptions as expected.
The nonce verification in save_post_subscriptions() was using the wrong
action string ('editpost'), which caused WordPress to reject legitimate
save requests from users with Editor role when using Classic Editor.
Classic Editor's edit form nonces use 'update-post_{$post_id}' as the
action, so the verification must match this to prevent "Cheatin' uh?"
errors on post save.
This regression was introduced in the PHPCS fixes (PR #866) and broke
existing functionality for Editor role users, as reported on the
WordPress.org support forums.
The fix ensures compatibility with Classic Editor whilst maintaining
the security benefits of nonce verification. Integration tests verify
the nonce check now correctly accepts Classic Editor nonces and rejects
those created with the wrong action.
Fixes: https://wordpress.org/support/topic/upgrading-to-0-10-0-breaks-funtionality-for-editor-role/
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
GaryJones
force-pushed
the
release/0.10.1
branch
from
949a0a9 to
519cc5d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixed