@automattic/newspack-blocks 1.74.0 → 1.74.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/includes/class-newspack-blocks.php +36 -7
- package/newspack-blocks.php +2 -2
- package/package.json +1 -1
- package/src/blocks/carousel/view.php +15 -24
- package/src/blocks/homepage-articles/templates/article.php +2 -16
- package/src/blocks/homepage-articles/view.php +9 -2
- package/src/blocks/video-playlist/view.php +3 -1
- package/src/templates/author-profile-card.php +1 -14
- package/vendor/autoload.php +1 -1
- package/vendor/composer/autoload_real.php +4 -4
- package/vendor/composer/autoload_static.php +2 -2
- package/vendor/composer/installed.php +2 -2
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
## [1.74.1](https://github.com/Automattic/newspack-blocks/compare/v1.74.0...v1.74.1) (2023-09-18)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* harden usage and output of attribute values ([#1530](https://github.com/Automattic/newspack-blocks/issues/1530)) ([c157395](https://github.com/Automattic/newspack-blocks/commit/c15739539d73884b36284e9d1c2eb854202269f8))
|
|
7
|
+
|
|
1
8
|
# [1.74.0](https://github.com/Automattic/newspack-blocks/compare/v1.73.0...v1.74.0) (2023-08-24)
|
|
2
9
|
|
|
3
10
|
|
|
@@ -543,13 +543,15 @@ class Newspack_Blocks {
|
|
|
543
543
|
),
|
|
544
544
|
);
|
|
545
545
|
|
|
546
|
-
|
|
547
|
-
$
|
|
548
|
-
|
|
549
|
-
|
|
550
|
-
|
|
551
|
-
|
|
552
|
-
|
|
546
|
+
if ( isset( $sizes[ $orientation ] ) ) {
|
|
547
|
+
foreach ( $sizes[ $orientation ] as $key => $dimensions ) {
|
|
548
|
+
$attachment = wp_get_attachment_image_src(
|
|
549
|
+
get_post_thumbnail_id( get_the_ID() ),
|
|
550
|
+
'newspack-article-block-' . $orientation . '-' . $key
|
|
551
|
+
);
|
|
552
|
+
if ( ! empty( $attachment ) && $dimensions[0] === $attachment[1] && $dimensions[1] === $attachment[2] ) {
|
|
553
|
+
return 'newspack-article-block-' . $orientation . '-' . $key;
|
|
554
|
+
}
|
|
553
555
|
}
|
|
554
556
|
}
|
|
555
557
|
|
|
@@ -1494,5 +1496,32 @@ class Newspack_Blocks {
|
|
|
1494
1496
|
return 'white';
|
|
1495
1497
|
}
|
|
1496
1498
|
}
|
|
1499
|
+
|
|
1500
|
+
/**
|
|
1501
|
+
* Get an array of allowed HTML attributes for sanitizing image markup.
|
|
1502
|
+
* For use with wp_kses: https://developer.wordpress.org/reference/functions/wp_kses/
|
|
1503
|
+
*
|
|
1504
|
+
* @return array
|
|
1505
|
+
*/
|
|
1506
|
+
public static function get_sanitized_image_attributes() {
|
|
1507
|
+
return [
|
|
1508
|
+
'img' => [
|
|
1509
|
+
'alt' => true,
|
|
1510
|
+
'class' => true,
|
|
1511
|
+
'data-*' => true,
|
|
1512
|
+
'decoding' => true,
|
|
1513
|
+
'height' => true,
|
|
1514
|
+
'loading' => true,
|
|
1515
|
+
'sizes' => true,
|
|
1516
|
+
'src' => true,
|
|
1517
|
+
'srcset' => true,
|
|
1518
|
+
'width' => true,
|
|
1519
|
+
],
|
|
1520
|
+
'noscript' => [],
|
|
1521
|
+
'a' => [
|
|
1522
|
+
'href' => true,
|
|
1523
|
+
],
|
|
1524
|
+
];
|
|
1525
|
+
}
|
|
1497
1526
|
}
|
|
1498
1527
|
Newspack_Blocks::init();
|
package/newspack-blocks.php
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
* Author URI: https://newspack.blog/
|
|
8
8
|
* Text Domain: newspack-blocks
|
|
9
9
|
* Domain Path: /languages
|
|
10
|
-
* Version: 1.74.
|
|
10
|
+
* Version: 1.74.1
|
|
11
11
|
*
|
|
12
12
|
* @package Newspack_Blocks
|
|
13
13
|
*/
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
define( 'NEWSPACK_BLOCKS__PLUGIN_FILE', __FILE__ );
|
|
16
16
|
define( 'NEWSPACK_BLOCKS__BLOCKS_DIRECTORY', 'dist/' );
|
|
17
17
|
define( 'NEWSPACK_BLOCKS__PLUGIN_DIR', plugin_dir_path( NEWSPACK_BLOCKS__PLUGIN_FILE ) );
|
|
18
|
-
define( 'NEWSPACK_BLOCKS__VERSION', '1.74.
|
|
18
|
+
define( 'NEWSPACK_BLOCKS__VERSION', '1.74.1' );
|
|
19
19
|
|
|
20
20
|
require_once NEWSPACK_BLOCKS__PLUGIN_DIR . 'includes/class-newspack-blocks.php';
|
|
21
21
|
require_once NEWSPACK_BLOCKS__PLUGIN_DIR . 'includes/class-newspack-blocks-api.php';
|
package/package.json
CHANGED
|
@@ -73,6 +73,10 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
73
73
|
$hide_publish_date = apply_filters( 'newspack_listings_hide_publish_date', false ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
|
|
74
74
|
$show_author = $attributes['showAuthor'] && ! $hide_author;
|
|
75
75
|
$show_date = $attributes['showDate'] && ! $hide_publish_date;
|
|
76
|
+
|
|
77
|
+
// Validate the value of the "image fit" attribute.
|
|
78
|
+
$image_fits = [ 'cover', 'contain' ];
|
|
79
|
+
$image_fit = in_array( $attributes['imageFit'], $image_fits, true ) ? $attributes['imageFit'] : $image_fits[0];
|
|
76
80
|
?>
|
|
77
81
|
|
|
78
82
|
<article data-post-id="<?php echo esc_attr( $post_id ); ?>" class="<?php echo esc_attr( implode( ' ', $article_classes ) . ' ' . $post_type ); ?>">
|
|
@@ -86,9 +90,9 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
86
90
|
the_post_thumbnail(
|
|
87
91
|
'large',
|
|
88
92
|
array(
|
|
89
|
-
'object-fit' => $
|
|
93
|
+
'object-fit' => $image_fit,
|
|
90
94
|
'layout' => 'fill',
|
|
91
|
-
'class' => 'contain' === $
|
|
95
|
+
'class' => 'contain' === $image_fit ? 'image-fit-contain' : 'image-fit-cover',
|
|
92
96
|
'alt' => trim( wp_strip_all_tags( get_the_title( $post_id ) ) ),
|
|
93
97
|
)
|
|
94
98
|
);
|
|
@@ -204,21 +208,7 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
204
208
|
if ( $attributes['showAvatar'] ) :
|
|
205
209
|
echo wp_kses(
|
|
206
210
|
newspack_blocks_format_avatars( $authors ),
|
|
207
|
-
|
|
208
|
-
'img' => array(
|
|
209
|
-
'class' => true,
|
|
210
|
-
'src' => true,
|
|
211
|
-
'alt' => true,
|
|
212
|
-
'width' => true,
|
|
213
|
-
'height' => true,
|
|
214
|
-
'data-*' => true,
|
|
215
|
-
'srcset' => true,
|
|
216
|
-
),
|
|
217
|
-
'noscript' => array(),
|
|
218
|
-
'a' => array(
|
|
219
|
-
'href' => true,
|
|
220
|
-
),
|
|
221
|
-
)
|
|
211
|
+
Newspack_Blocks::get_sanitized_image_attributes()
|
|
222
212
|
);
|
|
223
213
|
endif;
|
|
224
214
|
?>
|
|
@@ -259,8 +249,9 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
259
249
|
);
|
|
260
250
|
}
|
|
261
251
|
|
|
262
|
-
$slides_per_view = absint(
|
|
252
|
+
$slides_per_view = absint( $attributes['slidesPerView'] ?? 1 );
|
|
263
253
|
$slides_to_show = $slides_per_view <= $counter ? $slides_per_view : $counter;
|
|
254
|
+
$aspect_ratio = floatval( $attributes['aspectRatio'] ?? 0.75 );
|
|
264
255
|
|
|
265
256
|
if ( $is_amp ) {
|
|
266
257
|
$selector = sprintf(
|
|
@@ -272,14 +263,14 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
272
263
|
|
|
273
264
|
$carousel = sprintf(
|
|
274
265
|
'<amp-base-carousel class="wp-block-newspack-carousel__amp-carousel" width="%1$s" height="%2$s" heights="%3$s" layout="responsive" snap="true" data-next-button-aria-label="%4$s" data-prev-button-aria-label="%5$s" controls="auto" loop="true" %6$s id="wp-block-newspack-carousel__amp-carousel__%7$s" on="slideChange:wp-block-newspack-carousel__amp-pagination__%7$s.toggle(index=event.index, value=true)" advance-count="1" visible-count="%8$s">%9$s</amp-base-carousel>',
|
|
275
|
-
$
|
|
276
|
-
$
|
|
277
|
-
'(min-width: 1168px) ' . ( $
|
|
266
|
+
esc_attr( $slides_per_view * 1 ),
|
|
267
|
+
esc_attr( $aspect_ratio ),
|
|
268
|
+
esc_attr( '(min-width: 1168px) ' . ( $aspect_ratio / $slides_to_show * 100 ) . '% !important, (min-width: 782px) ' . ( $slides_to_show > 1 ? ( $aspect_ratio / 2 * 100 ) . '% !important' : ( $aspect_ratio * 100 ) . '% !important' ) . ', ' . ( $aspect_ratio * 100 ) . '% !important' ),
|
|
278
269
|
esc_attr__( 'Next Slide', 'newspack-blocks' ),
|
|
279
270
|
esc_attr__( 'Previous Slide', 'newspack-blocks' ),
|
|
280
271
|
$autoplay ? 'auto-advance="true" auto-advance-interval=' . esc_attr( $delay * 1000 ) : '',
|
|
281
272
|
absint( $newspack_blocks_carousel_id ),
|
|
282
|
-
'(min-width: 1168px) ' . $slides_to_show . ', (min-width: 782px) ' . ( $slides_to_show > 1 ? 2 : 1 ) . ', ' . 1,
|
|
273
|
+
esc_attr( '(min-width: 1168px) ' . $slides_to_show . ', (min-width: 782px) ' . ( $slides_to_show > 1 ? 2 : 1 ) . ', ' . 1 ),
|
|
283
274
|
$slides
|
|
284
275
|
);
|
|
285
276
|
$autoplay_ui = $autoplay ? newspack_blocks_carousel_block_autoplay_ui_amp( $newspack_blocks_carousel_id ) : '';
|
|
@@ -304,9 +295,9 @@ function newspack_blocks_render_block_carousel( $attributes ) {
|
|
|
304
295
|
}
|
|
305
296
|
$data_attributes = [
|
|
306
297
|
'data-current-post-id=' . $post_id,
|
|
307
|
-
'data-slides-per-view=' . $
|
|
298
|
+
'data-slides-per-view=' . esc_attr( $slides_per_view ),
|
|
308
299
|
'data-slide-count=' . $counter,
|
|
309
|
-
'data-aspect-ratio=' . $
|
|
300
|
+
'data-aspect-ratio=' . esc_attr( $aspect_ratio ),
|
|
310
301
|
];
|
|
311
302
|
|
|
312
303
|
if ( $autoplay && ! $is_amp ) {
|
|
@@ -29,7 +29,7 @@ call_user_func(
|
|
|
29
29
|
$post_link = Newspack_Blocks::get_post_link( $post_id );
|
|
30
30
|
|
|
31
31
|
if ( 'behind' === $attributes['mediaPosition'] && $attributes['showImage'] && has_post_thumbnail() ) {
|
|
32
|
-
$styles = 'min-height: ' . $attributes['minHeight'] . 'vh; padding-top: ' . ( $attributes['minHeight'] / 5 ) . 'vh;';
|
|
32
|
+
$styles = 'min-height: ' . absint( $attributes['minHeight'] ) . 'vh; padding-top: ' . ( absint( $attributes['minHeight'] ) / 5 ) . 'vh;';
|
|
33
33
|
}
|
|
34
34
|
$image_size = 'newspack-article-block-uncropped';
|
|
35
35
|
if ( has_post_thumbnail() && 'uncropped' !== $attributes['imageShape'] ) {
|
|
@@ -231,21 +231,7 @@ call_user_func(
|
|
|
231
231
|
if ( $attributes['showAvatar'] ) :
|
|
232
232
|
echo wp_kses(
|
|
233
233
|
newspack_blocks_format_avatars( $authors ),
|
|
234
|
-
|
|
235
|
-
'img' => array(
|
|
236
|
-
'class' => true,
|
|
237
|
-
'src' => true,
|
|
238
|
-
'alt' => true,
|
|
239
|
-
'width' => true,
|
|
240
|
-
'height' => true,
|
|
241
|
-
'data-*' => true,
|
|
242
|
-
'srcset' => true,
|
|
243
|
-
),
|
|
244
|
-
'noscript' => array(),
|
|
245
|
-
'a' => array(
|
|
246
|
-
'href' => true,
|
|
247
|
-
),
|
|
248
|
-
)
|
|
234
|
+
Newspack_Blocks::get_sanitized_image_attributes()
|
|
249
235
|
);
|
|
250
236
|
endif;
|
|
251
237
|
?>
|
|
@@ -25,7 +25,7 @@ function newspack_blocks_hpb_maximum_image_width() {
|
|
|
25
25
|
$site_content_width = 1200;
|
|
26
26
|
$is_image_half_width = in_array( $attributes['mediaPosition'], [ 'left', 'right' ], true );
|
|
27
27
|
if ( 'grid' === $attributes['postLayout'] ) {
|
|
28
|
-
$columns = $attributes['columns'];
|
|
28
|
+
$columns = absint( $attributes['columns'] );
|
|
29
29
|
if ( $is_image_half_width ) {
|
|
30
30
|
// If the media position is on left or right, the image is 50% of the column width.
|
|
31
31
|
$columns = $columns * 2;
|
|
@@ -284,7 +284,14 @@ add_action( 'init', 'newspack_blocks_register_homepage_articles' );
|
|
|
284
284
|
function newspack_blocks_format_avatars( $author_info ) {
|
|
285
285
|
$elements = array_map(
|
|
286
286
|
function ( $author ) {
|
|
287
|
-
return sprintf(
|
|
287
|
+
return sprintf(
|
|
288
|
+
'<a href="%s">%s</a>',
|
|
289
|
+
esc_url( $author->url ),
|
|
290
|
+
wp_kses(
|
|
291
|
+
$author->avatar,
|
|
292
|
+
Newspack_Blocks::get_sanitized_image_attributes()
|
|
293
|
+
)
|
|
294
|
+
);
|
|
288
295
|
},
|
|
289
296
|
$author_info
|
|
290
297
|
);
|
|
@@ -119,7 +119,9 @@ function newspack_blocks_get_video_playlist_videos( $args ) {
|
|
|
119
119
|
}
|
|
120
120
|
);
|
|
121
121
|
foreach ( $youtube_blocks as $youtube_block ) {
|
|
122
|
-
|
|
122
|
+
if ( isset( $youtube_block['attrs']['url'] ) ) {
|
|
123
|
+
$videos[] = esc_url( $youtube_block['attrs']['url'] );
|
|
124
|
+
}
|
|
123
125
|
}
|
|
124
126
|
}
|
|
125
127
|
|
|
@@ -60,20 +60,7 @@ call_user_func(
|
|
|
60
60
|
|
|
61
61
|
echo wp_kses(
|
|
62
62
|
$author['avatar'],
|
|
63
|
-
|
|
64
|
-
'img' => [
|
|
65
|
-
'alt' => true,
|
|
66
|
-
'class' => true,
|
|
67
|
-
'data-*' => true,
|
|
68
|
-
'decoding' => true,
|
|
69
|
-
'height' => true,
|
|
70
|
-
'loading' => true,
|
|
71
|
-
'sizes' => true,
|
|
72
|
-
'src' => true,
|
|
73
|
-
'srcset' => true,
|
|
74
|
-
'width' => true,
|
|
75
|
-
],
|
|
76
|
-
]
|
|
63
|
+
Newspack_Blocks::get_sanitized_image_attributes()
|
|
77
64
|
);
|
|
78
65
|
|
|
79
66
|
if ( $show_archive_link ) :
|
package/vendor/autoload.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
// autoload_real.php @generated by Composer
|
|
4
4
|
|
|
5
|
-
class
|
|
5
|
+
class ComposerAutoloaderInite2a28c518aa25e2ebdef1fee60f303a7
|
|
6
6
|
{
|
|
7
7
|
private static $loader;
|
|
8
8
|
|
|
@@ -22,12 +22,12 @@ class ComposerAutoloaderInit56b0c4adb35d6b498fa3d9fc69096520
|
|
|
22
22
|
return self::$loader;
|
|
23
23
|
}
|
|
24
24
|
|
|
25
|
-
spl_autoload_register(array('
|
|
25
|
+
spl_autoload_register(array('ComposerAutoloaderInite2a28c518aa25e2ebdef1fee60f303a7', 'loadClassLoader'), true, true);
|
|
26
26
|
self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__));
|
|
27
|
-
spl_autoload_unregister(array('
|
|
27
|
+
spl_autoload_unregister(array('ComposerAutoloaderInite2a28c518aa25e2ebdef1fee60f303a7', 'loadClassLoader'));
|
|
28
28
|
|
|
29
29
|
require __DIR__ . '/autoload_static.php';
|
|
30
|
-
call_user_func(\Composer\Autoload\
|
|
30
|
+
call_user_func(\Composer\Autoload\ComposerStaticInite2a28c518aa25e2ebdef1fee60f303a7::getInitializer($loader));
|
|
31
31
|
|
|
32
32
|
$loader->register(true);
|
|
33
33
|
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
namespace Composer\Autoload;
|
|
6
6
|
|
|
7
|
-
class
|
|
7
|
+
class ComposerStaticInite2a28c518aa25e2ebdef1fee60f303a7
|
|
8
8
|
{
|
|
9
9
|
public static $classMap = array (
|
|
10
10
|
'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
|
|
@@ -13,7 +13,7 @@ class ComposerStaticInit56b0c4adb35d6b498fa3d9fc69096520
|
|
|
13
13
|
public static function getInitializer(ClassLoader $loader)
|
|
14
14
|
{
|
|
15
15
|
return \Closure::bind(function () use ($loader) {
|
|
16
|
-
$loader->classMap =
|
|
16
|
+
$loader->classMap = ComposerStaticInite2a28c518aa25e2ebdef1fee60f303a7::$classMap;
|
|
17
17
|
|
|
18
18
|
}, null, ClassLoader::class);
|
|
19
19
|
}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
'name' => 'automattic/newspack-blocks',
|
|
4
4
|
'pretty_version' => 'dev-master',
|
|
5
5
|
'version' => 'dev-master',
|
|
6
|
-
'reference' => '
|
|
6
|
+
'reference' => 'c15739539d73884b36284e9d1c2eb854202269f8',
|
|
7
7
|
'type' => 'wordpress-plugin',
|
|
8
8
|
'install_path' => __DIR__ . '/../../',
|
|
9
9
|
'aliases' => array(),
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
'automattic/newspack-blocks' => array(
|
|
14
14
|
'pretty_version' => 'dev-master',
|
|
15
15
|
'version' => 'dev-master',
|
|
16
|
-
'reference' => '
|
|
16
|
+
'reference' => 'c15739539d73884b36284e9d1c2eb854202269f8',
|
|
17
17
|
'type' => 'wordpress-plugin',
|
|
18
18
|
'install_path' => __DIR__ . '/../../',
|
|
19
19
|
'aliases' => array(),
|