Paginate attachment query, harden SEO meta cache flush, fix grant test precision, expand grant test coverage, tighten test permissions#44
Conversation
…x SEO meta cache flush on write failure, tighten test permissions
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3a5e03ee90
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if ( isset( $params['title'] ) ) { | ||
| update_post_meta( $post_id, $fields['title'], sanitize_text_field( (string) $params['title'] ) ); | ||
| $updated[] = 'title'; | ||
| if ( false !== update_post_meta( $post_id, $fields['title'], sanitize_text_field( (string) $params['title'] ) ) ) { |
There was a problem hiding this comment.
Treat idempotent SEO updates as successful
When the requested SEO value is already present, WordPress update_post_meta() returns false for “unchanged”, not only for write failures. With this guard, an idempotent call such as setting the same title reports “Nothing to update” and skips clean_post_cache()/Yoast indexable invalidation, so a site whose postmeta is correct but SEO cache is stale cannot be repaired by rerunning the tool. Consider distinguishing unchanged existing meta from an actual write failure before deciding nothing was updated.
Useful? React with 👍 / 👎.
| 'act' => 'wp.update.plugin', | ||
| 'args' => array( 'plugin' => 'akismet/akismet.php' ), | ||
| 'iat' => time() - 60, | ||
| 'exp' => time() - 1, | ||
| 'jti' => 'expired-grant-jti', | ||
| 'sh' => $this->site_hash, |
There was a problem hiding this comment.
Build the expired-grant fixture with real claim names
This new test signs claims named act, args, jti, and sh, but Aura_Worker_Grant::verify() only recognizes tool, params_sha256, nonce, and site. As a result the denial happens at tool/site/params validation before the expiry branch is reached, so a regression that accepted expired otherwise-valid grants would not fail this test. Reuse the existing mint() format with only exp in the past to cover the intended path.
Useful? React with 👍 / 👎.
- set-seo-meta: update_post_meta() returns false on UNCHANGED as well as on failure, so an idempotent re-run reported "nothing written" and skipped the cache flush — a site with correct postmeta but stale SEO cache couldn't be repaired. Now a field counts as written when the value already equals the desired one; only a genuine failure (value differs, write didn't take) is skipped. + regression test test_cache_flush_on_idempotent_rewrite. - RestWriteGrantTest::test_expired_grant_is_denied built claims with the wrong schema (act/args/jti/sh), so denial hit tool/site validation before the expiry branch — expiry was never actually exercised. Rebuilt via mint() with iat/exp in the past (exp 300s back, beyond the 60s CLOCK_SKEW, lifetime ≤ MAX_TTL) so it truly tests expiry. mint() gained optional iat/exp params. All 486 unit tests pass. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
@codex review |
|
Codex Review: Didn't find any major issues. Already looking forward to the next diff. Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Seven targeted fixes across production code and tests: memory safety for large media libraries, a cache-flush correctness bug in the SEO meta tool, and several gaps/inaccuracies in grant test coverage.
Production
class-tool-cleanup-assets.php—get_all_attachments()was fetching all IDs in a single unbounded query (posts_per_page => -1). Replaced with a paginated loop (500/page,no_found_rows => true):class-tool-set-seo-meta.php—clean_post_cache()was unconditionally called afterupdate_post_meta()regardless of whether the write succeeded. Now only fields whereupdate_post_meta()returns non-false are tracked as updated, and the cache flush is skipped when nothing was actually written.Tests
GrantTest.php—test_tampered_payload_rejectedwas constructing a fresh payload (new nonce, new timestamps) rather than decoding and mutating the original, meaning the test could pass due to nonce/params mismatch instead of signature failure. Fixed to decode the original claims and mutate onlytool. Addedb64urldec()helper. Addedtest_empty_params_grant_rejected_with_non_empty_paramsfor the empty→{}normalization boundary case.RestWriteGrantTest.php— Addedtest_update_translations_binds_empty_params(parallel to the existing core update test) andtest_expired_grant_is_denied.SetSeoMetaTest.php+tests/bootstrap.php— Addedtest_no_cache_flush_when_write_fails. Extended theupdate_post_metamock to honour$GLOBALS['_sa_state']['update_post_meta_return'][$post_id][$key]overrides; added_sa_statereset tosa_reset_state().SnapshotsTest.php—mkdirpermissions narrowed from0777to0755.Original prompt