Release 0.10.3 #887
Merged
Release 0.10.3 #887
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Jest unit tests don't need wp-env, so separating them provides faster feedback for pure JS changes. E2E tests still require the full WordPress environment with Playwright. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The notifications module was incorrectly checking the generic `_wpnonce` field against Edit Flow's expected action when posts were saved. This caused contact forms and other plugins that triggered post status transitions to fail, as Edit Flow would call `wp_die()` when their unrelated nonces didn't verify against Edit Flow's action. The fix ensures Edit Flow only processes its own form submissions by checking for the presence of `ef-save_followers` before performing any nonce verification. When Edit Flow's form is submitted, it now verifies against its own dedicated `ef_notifications_nonce` field with the `save_user_usergroups` action, rather than checking the generic `_wpnonce` that other forms might use. Additionally, the AJAX handler `handle_user_post_subscription()` had a security vulnerability where requests without any nonce would pass through due to faulty logic (`!empty && !verify` instead of `empty || !verify`). This has been corrected to properly require a valid nonce. The changes also improve error handling by returning early instead of calling `wp_die()` in the `save_post_subscriptions()` hook. This prevents Edit Flow from terminating requests during the `transition_post_status` action, which fires for all post changes regardless of context. Fixes #882 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Extended Post Status dropdown was not appearing in the block editor because SelectControl and PluginPostStatusInfo were used but never imported, causing the registerPlugin call to fail silently. Also refactored webpack.config.js to use separate configurations for each entry point: custom-status-block now uses default wp-scripts externalization since it runs in the block editor where @WordPress packages are available as globals, while calendar-react continues to bundle them for use outside the editor context. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Enable the WordPress.org "Live Preview" feature by adding a Playground blueprint configuration. This allows potential users to explore Edit Flow's features interactively before installation. The blueprint demonstrates the plugin's editorial workflow capabilities by creating a realistic scenario with multiple users (editor and writer), sample posts across different custom statuses (pitch, assigned, in-progress, pending, draft, scheduled), and editorial comments showing team collaboration. Users land directly on the Calendar view to immediately showcase the editorial calendar feature. Inspired by Co-Authors Plus PR #1184. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…elated-requests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Release 0.10.3 with bug fixes and improvements.
Added
Fixed
Documentation
Maintenance