From e3d0d53bac229422d641410cbd8ac1feb17d71ab Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Wed, 18 Jun 2025 18:41:18 +0100 Subject: [PATCH 1/4] Cease support for 4.1-4.6. --- .../workflows/reusable-phpunit-tests-v1.yml | 2 +- .github/workflows/test-old-branches.yml | 2 +- .github/workflows/upgrade-testing.yml | 61 +------------------ .version-support-mysql.json | 42 ------------- .version-support-php.json | 45 -------------- SECURITY.md | 8 +-- 6 files changed, 4 insertions(+), 156 deletions(-) diff --git a/.github/workflows/reusable-phpunit-tests-v1.yml b/.github/workflows/reusable-phpunit-tests-v1.yml index 5fd7d54d84891..abfb1ee5b4cbb 100644 --- a/.github/workflows/reusable-phpunit-tests-v1.yml +++ b/.github/workflows/reusable-phpunit-tests-v1.yml @@ -3,7 +3,7 @@ # # A reusable workflow that runs the PHPUnit test suite with the specified configuration. # -# This workflow is used by branches 4.1 through 5.1. +# This workflow is used by branches 4.7 through 5.1. ## name: Run PHPUnit tests diff --git a/.github/workflows/test-old-branches.yml b/.github/workflows/test-old-branches.yml index fb058697dad8c..14c4785dc1f6d 100644 --- a/.github/workflows/test-old-branches.yml +++ b/.github/workflows/test-old-branches.yml @@ -47,7 +47,7 @@ jobs: branch: [ '6.8', '6.7', '6.6', '6.5', '6.4', '6.3', '6.2', '6.1','6.0', '5.9', '5.8', '5.7', '5.6', '5.5', '5.4', '5.3', '5.2', '5.1', '5.0', - '4.9', '4.8', '4.7', '4.6', '4.5', '4.4', '4.3', '4.2', '4.1' + '4.9', '4.8', '4.7' ] include: # PHP Compatibility testing was introduced in 5.5. diff --git a/.github/workflows/upgrade-testing.yml b/.github/workflows/upgrade-testing.yml index 39846ce6b0000..7fa85f6c28208 100644 --- a/.github/workflows/upgrade-testing.yml +++ b/.github/workflows/upgrade-testing.yml @@ -172,65 +172,6 @@ jobs: new-version: ${{ inputs.new-version && inputs.new-version || 'latest' }} multisite: ${{ matrix.multisite }} - # Tests 4.x releases where the WordPress database version changed on the oldest and newest supported versions of PHP 7. - # - # The oldest version of WordPress receiving security updates should always be tested. - upgrade-tests-wp-4x-php-7x-mysql: - name: ${{ matrix.wp }} to ${{ inputs.new-version && inputs.new-version || 'latest' }} - uses: ./.github/workflows/reusable-upgrade-testing.yml - if: ${{ github.repository == 'WordPress/wordpress-develop' || ( github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' ) }} - strategy: - fail-fast: false - matrix: - os: [ 'ubuntu-24.04' ] - php: [ '7.2', '7.4' ] - db-type: [ 'mysql' ] - db-version: [ '5.7', '8.4' ] - wp: [ '4.1', '4.2', '4.3', '4.4', '4.5', '4.6', '4.7' ] - multisite: [ false, true ] - - exclude: - # The PHP <= 7.3/MySQL 8.4 jobs currently fail due to mysql_native_password being disabled by default. See https://core.trac.wordpress.org/ticket/61218. - - php: '7.2' - db-version: '8.4' - with: - os: ${{ matrix.os }} - php: ${{ matrix.php }} - db-type: ${{ matrix.db-type }} - db-version: ${{ matrix.db-version }} - wp: ${{ matrix.wp }} - new-version: ${{ inputs.new-version && inputs.new-version || 'latest' }} - multisite: ${{ matrix.multisite }} - - # Tests 4.x releases where the WordPress database version changed on the oldest and newest supported versions of PHP 8. - # - # The oldest version of WordPress receiving security updates should always be tested. - # - # WordPress 4.6-4.9 are excluded from PHP 8+ testing because of the following fatal errors: - # - Use of __autoload(). - # - array/string offset with curly braces. - upgrade-tests-wp-4x-php-8x-mysql: - name: ${{ matrix.wp }} to ${{ inputs.new-version && inputs.new-version || 'latest' }} - uses: ./.github/workflows/reusable-upgrade-testing.yml - if: ${{ github.repository == 'WordPress/wordpress-develop' || ( github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' ) }} - strategy: - fail-fast: false - matrix: - os: [ 'ubuntu-24.04' ] - php: [ '8.0', '8.4' ] - db-type: [ 'mysql' ] - db-version: [ '5.7', '8.4' ] - wp: [ '4.1', '4.2', '4.3', '4.4', '4.5' ] - multisite: [ false, true ] - with: - os: ${{ matrix.os }} - php: ${{ matrix.php }} - db-type: ${{ matrix.db-type }} - db-version: ${{ matrix.db-version }} - wp: ${{ matrix.wp }} - new-version: ${{ inputs.new-version && inputs.new-version || 'latest' }} - multisite: ${{ matrix.multisite }} - # The oldest version of WordPress receiving security updates should always be tested against # the full list of PHP/MySQL combinations. upgrade-tests-oldest-wp-mysql: @@ -244,7 +185,7 @@ jobs: php: [ '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4' ] db-type: [ 'mysql' ] db-version: [ '5.7', '8.0', '8.4', '9.3' ] - wp: [ '4.1' ] + wp: [ '4.7' ] multisite: [ false, true ] exclude: diff --git a/.version-support-mysql.json b/.version-support-mysql.json index e92216e4164dc..09731cfef2777 100644 --- a/.version-support-mysql.json +++ b/.version-support-mysql.json @@ -182,47 +182,5 @@ "5.5", "5.1", "5.0" - ], - "4-6": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" - ], - "4-5": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" - ], - "4-4": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" - ], - "4-3": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" - ], - "4-2": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" - ], - "4-1": [ - "5.7", - "5.6", - "5.5", - "5.1", - "5.0" ] } diff --git a/.version-support-php.json b/.version-support-php.json index 8d74dfd8deb1d..b2298e7177fff 100644 --- a/.version-support-php.json +++ b/.version-support-php.json @@ -219,50 +219,5 @@ "5.6", "7.0", "7.1" - ], - "4-6": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6", - "7.0" - ], - "4-5": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6", - "7.0" - ], - "4-4": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6", - "7.0" - ], - "4-3": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6" - ], - "4-2": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6" - ], - "4-1": [ - "5.2", - "5.3", - "5.4", - "5.5", - "5.6" ] } diff --git a/SECURITY.md b/SECURITY.md index 3bf3bfe3ed793..da1c8b444c90b 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -32,13 +32,7 @@ Full details of the WordPress Security Policy and the list of covered projects a | 4.9.x | Yes | | 4.8.x | Yes | | 4.7.x | Yes | -| 4.6.x | Yes | -| 4.5.x | Yes | -| 4.4.x | Yes | -| 4.3.x | Yes | -| 4.2.x | Yes | -| 4.1.x | Yes | -| < 4.1.0 | No | +| < 4.7.0 | No | ## Reporting a Vulnerability From 7727b44daabe9e7046d217cc5fb5a8f070e20286 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Wed, 18 Jun 2025 18:45:54 +0100 Subject: [PATCH 2/4] Update this matrix. --- .github/workflows/upgrade-testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade-testing.yml b/.github/workflows/upgrade-testing.yml index 7fa85f6c28208..1cb3af5e35e94 100644 --- a/.github/workflows/upgrade-testing.yml +++ b/.github/workflows/upgrade-testing.yml @@ -214,7 +214,7 @@ jobs: permissions: actions: read contents: read - needs: [ upgrade-tests-last-two-releases, upgrade-tests-wp-6x-mysql, upgrade-tests-wp-5x-php-7x-mysql, upgrade-tests-wp-5x-php-8x-mysql, upgrade-tests-wp-4x-php-7x-mysql, upgrade-tests-wp-4x-php-8x-mysql, upgrade-tests-oldest-wp-mysql ] + needs: [ upgrade-tests-last-two-releases, upgrade-tests-wp-6x-mysql, upgrade-tests-wp-5x-php-7x-mysql, upgrade-tests-wp-5x-php-8x-mysql, upgrade-tests-oldest-wp-mysql ] if: ${{ github.repository == 'WordPress/wordpress-develop' && github.event_name != 'pull_request' && always() }} with: calling_status: ${{ contains( needs.*.result, 'cancelled' ) && 'cancelled' || contains( needs.*.result, 'failure' ) && 'failure' || 'success' }} From f105d66282a9fa65a020b0d7c888676847d1e651 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Thu, 19 Jun 2025 23:01:50 +0100 Subject: [PATCH 3/4] WordPress 4.6, 4.7, and 4.8 cannot run on PHP 8 due to the use of __autoload(). --- .github/workflows/upgrade-testing.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade-testing.yml b/.github/workflows/upgrade-testing.yml index 76fca25d9a094..b089dc642978f 100644 --- a/.github/workflows/upgrade-testing.yml +++ b/.github/workflows/upgrade-testing.yml @@ -173,7 +173,10 @@ jobs: multisite: ${{ matrix.multisite }} # The oldest version of WordPress receiving security updates should always be tested against - # the full list of PHP/MySQL combinations. + # the widest possible list of PHP/MySQL combinations. + # + # WordPress 4.6, 4.7, and 4.8 cannot run on PHP 8 due to the use of __autoload(). + # See https://core.trac.wordpress.org/ticket/36926 and https://core.trac.wordpress.org/ticket/40109. upgrade-tests-oldest-wp-mysql: name: ${{ matrix.wp }} to ${{ inputs.new-version && inputs.new-version || 'latest' }} uses: ./.github/workflows/reusable-upgrade-testing.yml @@ -182,7 +185,7 @@ jobs: fail-fast: false matrix: os: [ 'ubuntu-24.04' ] - php: [ '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4' ] + php: [ '7.2', '7.3', '7.4' ] db-type: [ 'mysql' ] db-version: [ '5.7', '8.0', '8.4', '9.3' ] wp: [ '4.7' ] From e6179b9fb5e86eeccd817cfae1ff81cce3887dd2 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Mon, 23 Jun 2025 16:29:38 +0100 Subject: [PATCH 4/4] Docs tweaks. --- .github/workflows/upgrade-testing.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade-testing.yml b/.github/workflows/upgrade-testing.yml index b089dc642978f..70f9a4ebb229e 100644 --- a/.github/workflows/upgrade-testing.yml +++ b/.github/workflows/upgrade-testing.yml @@ -175,8 +175,9 @@ jobs: # The oldest version of WordPress receiving security updates should always be tested against # the widest possible list of PHP/MySQL combinations. # - # WordPress 4.6, 4.7, and 4.8 cannot run on PHP 8 due to the use of __autoload(). - # See https://core.trac.wordpress.org/ticket/36926 and https://core.trac.wordpress.org/ticket/40109. + # WordPress 4.7 is excluded from PHP 8+ testing because of the following fatal errors: + # - Use of __autoload(). + # - array/string offset with curly braces. upgrade-tests-oldest-wp-mysql: name: ${{ matrix.wp }} to ${{ inputs.new-version && inputs.new-version || 'latest' }} uses: ./.github/workflows/reusable-upgrade-testing.yml