Describe the bug

We are getting a lot of reports of the admin showing the existing file notice where they don't actually have one. Many of these reports are also tied to AdSense error reports, but I have not yet investigated what that means or if they really are related or the users are noticing the notice because of the error.

Steps to Reproduce
I personally have only been able to reproduce this in a subsite on a subdirectory multisite installation that has the front end mapped to another domain (using the MU domain mapping plugin + sunrise.php). This was my original diagnosis in #48 which I think is still correct for some instances but doesn't explain all or possibly even most of the reports. My new suspicion is that there are custom 404 handlers and other things also interfering, but we need to do a lot of work communicating back and forth with reporters to really chase all these cases down to solve for them correctly at once.

Expected behavior
I expect the notice to only show if there is an actual ads.txt file that will show up instead of what you're entering in the admin, avoiding false positives as much as possible. It may also make sense to make it permanently dismissible, either on a per-user or per-site basis.

Screenshots
I can take a screenshot of the notice in question.

Environment information
Needs more info.

Additional context
IMO we need to pull this out for 1.3.0, get app-ads.txt out there due to increased demand, and work on a more robust and intelligent solution. So I would like to see a PR reverting #19, and then we can work on a separate PR to actually bring back the notice in a sane way (and add it for app-ads.txt as well).

This issue is for tracking changes for the 1.2.0 release. Target release date: TBD

Pre-release steps

• update release instructions in CONTRIBUTING.md
• add CREDITS.md file with previous contributors, listing current maintainers
• review #19 to see if it's viable for the release, if so ensure it's updated to develop and then merge
• review #29 to see if it's viable for the release, if so ensure it's updated to develop and then merge
• review #42 to see if it's viable for the release, , if so ensure it's updated to develop and then merge
• test develop against WordPress 5.3, assuming all goes well, update the "tested up to" value to 5.3

Release steps

• Branch: Starting from develop, cut a release branch named release/1.2.0 for your changes.
• Version bump: Bump the version number in ads-txt.php and readme.txt if it does not already reflect the version being released.
• Changelog: Add/update the changelog in both readme.txt and CHANGELOG.md.
• New files: Check to be sure any new files/paths that are unnecessary in the production version are included in .gitattributes.
• Readme updates: Make any other readme changes as necessary. CHANGELOG.md and README.md are geared toward GitHub and readme.txt contains WordPress.org-specific content. The two are slightly different.
• Merge: Make a non-fast-forward merge from develop to master (git checkout master && git merge --no-ff develop).
• Release: Create a new release, naming the tag and the release with the new version number, and targeting the master branch. Paste the changelog from CHANGELOG.md into the body of the release and include a link to the closed issues on the milestone (e.g. https://github.com/10up/ads-txt/milestone/1?closed=1).
• SVN: Wait for the GitHub Action to finish deploying to the WordPress.org repository. If all goes well, users with SVN commit access for that plugin will receive an emailed diff of changes.
• Check WordPress.org: Ensure that the changes are live on https://wordpress.org/plugins/ads-txt/. This may take a few minutes.
• Close milestone: Edit the 1.2.0 milestone with release date (in the Due date (optional) field) and link to GitHub release (in the Description field), then close the milestone.
• Punt incomplete items: If any open issues or PRs which were milestoned for 1.2.0 do not make it into the release, update their milestone to 1.3.0 or Future Release.

WordPress core file editors now use CodeMirror with real-time linting and a pre-save "are you sure" checkbox, which allows users to save things with suspected errors if they really really want or need to. Ads.txt would be a great place to also use this functionality as well as UI.

• Implement CodeMirror for the editor (#10)
• Linting - parser and errors (if this can be easily kept in sync with PHP that would be best)
• Pre-save AYS
• Use more of core's built-in code editor wrappers as sensible (JS and PHP, e.g. wp_enqueue_code_editor()).

Does syntax highlighting make any sense? Seems like overkill, probably.

Is your enhancement related to a problem? Please describe.

The current screenshot is now slightly outdated because of the addition of the revisions link.

Describe the solution you'd like

I'd like to update the current screenshot (contents can be found in CONTRIBUTING.md) and also add screenshots of the revisions screen and the new notice that shows if you have an ads.txt file on the server. These should be at HiDPI (Retina).

Designs
See current

Describe alternatives you've considered
n/a

Additional context
This can be done independently of a milestone - if other PRs are merged before this is handled, I suggest making a PR against master instead of develop, then once that PR is merged, allow the readme/asset updater Action to run before merging master back into develop.

Is your enhancement related to a problem? Please describe.
ads.txt Specification is now up to Version 1.0.3, we should look to update the plugin to any new features.

Describe the solution you'd like

• assess what's new in 1.0.3 and what needs to be added to the plugin
• add issue(s) for changes needed in the plugin
• fix/build what's needed
• 

Designs

Describe alternatives you've considered

Additional context

Is your enhancement related to a problem? Please describe.

https://iabtechlab.com/wp-content/uploads/2022/04/Ads.txt-1.1.pdf adds support for OWNERDOMAIN and MANAGERDOMAIN which are currently still throwing errors in the plugin and get reported as "Unrecognized variable"

It would be also good to add a filter to overwrite the default set if needed.

Designs

No response

Describe alternatives you've considered

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Is your enhancement related to a problem? Please describe.
Once WordPress 5.8 is released, we'll want to test Ads.txt Manager to see if any incompatibility issues arise.

Describe the solution you'd like

• test Ads.txt Manager on WordPress 5.8
• open issues for any incompatibilities noted in testing
• resolve issues identified in testing
• bump "tested up to" version
• if code changes needed due to incompatibilities, ship a plugin release, otherwise use "Plugin asset/readme update" action to update "tested up to" version on .org repo

Designs
n/a

Describe alternatives you've considered
none

Additional context
Related: #52, #65.

Is your enhancement related to a problem? Please describe.

We are currently testing ads.txt on a multisite install where we'd like each subsite to have the option of separate ads.txt files. We are using a redirect in Cloudflare from mainsite.com/ads.txt to subsite.com/wp-content/uploads/sites/91/ads.txt but this requires that we manually update the files on the server.

Describe the solution you'd like

I'd love to be able to use a filter like ads_txt_path or similar. This would load/save the content of ads.txt from the path value returned via this filter.

It doesn't solve the step of needing a redirect still, which would be great if we didn't need to do this separately, but at least our site admins can manage ads.txt themselves via the GUI.

This issue is for tracking changes for the 1.2.1 release. Target release date: TBD

Pre-release steps

• review #53 and merge or punt
• review #55 and merge or punt
• review #58 and merge or punt
• submit PR for #48, review and merge (or punt at worst case)
• submit PR for #40, review and merge (or punt at worst case)
• strip Roadmap section from CONTRIBUTING.md
• update release instructions in CONTRIBUTING.md

Release steps

• Branch: Starting from develop, cut a release branch named release/1.3.0 for your changes.
• Version bump: Bump the version number in ads-txt.php and readme.txt if it does not already reflect the version being released.
• Changelog: Add/update the changelog in both readme.txt and CHANGELOG.md.
• Props: update CREDITS.md file with any new contributors, confirm maintainers are accurate.
• New files: Check to be sure any new files/paths that are unnecessary in the production version are included in .gitattributes.
• Readme updates: Make any other readme changes as necessary. README.md is geared toward GitHub and readme.txt contains WordPress.org-specific content. The two are slightly different.
• Merge: Make a non-fast-forward merge from your release branch to develop (or merge the pull request), then do the same for develop into master (git checkout master && git merge --no-ff develop). master contains the stable development version.
• Push: Push your master branch to GitHub (e.g. git push origin master).
• Release: Create a new release, naming the tag and the release with the new version number, and targeting the master branch. Paste the changelog from CHANGELOG.md into the body of the release and include a link to the closed issues on the milestone (e.g. https://github.com/10up/ads-txt/milestone/4?closed=1).
• SVN: Wait for the GitHub Action to finish deploying to the WordPress.org repository. If all goes well, users with SVN commit access for that plugin will receive an emailed diff of changes.
• Check WordPress.org: Ensure that the changes are live on https://wordpress.org/plugins/ads-txt/. This may take a few minutes.
• Close milestone: Edit the milestone with release date (in the Due date (optional) field) and link to GitHub release (in the Description field), then close the milestone.
• Punt incomplete items: If any open issues or PRs which were milestoned for 1.3.0 do not make it into the release, update their milestone to 1.4.0 or Future Release.

Describe the bug
If an admin user who has not edited the ats.txt file in the past goes to the settings page and clicks on "browse" for revisions, they will be redirected o the dashboard because they do not have the ability to edit_others_posts

Steps to Reproduce

1. Create a new admin user or use an account that has not edited the ads.txt screen in the past.
2. Go to the settings page to edit ads.txt
3. (assuming the file has revisions) scroll down and click on "Browse"
4. You will be redirected to the dashboard.

Expected behavior
If you can access the ads.txt screen and see the revision button, you should be able to click on it and view revisions.

Version: Latest

It appears that some crawlers append query strings to ads.txt for cachebusting purposes. I'll be asking the reporter if they have any details on which crawlers, as it seems a little odd to me that a crawler wouldn't also check without the query string, but we should probably make the URL detection more robust, in any case.

.org forum topic: https://wordpress.org/support/topic/cache-bust-issue/

Is your enhancement related to a problem? Please describe.
Now that WordPress 5.3 is released, we'll want to test Ads.txt Manager to see if any incompatibility issues arise.

Describe the solution you'd like

• test Ads.txt Manager on WP 5.3
• open issues for any incompatibilities noted in testing
• resolve issues identified in testing
• bump "tested up to" version
• if code changes needed due to incompatibilities, ship a plugin release, otherwise use "Plugin asset/readme update" action to update "tested up to" version on .org repo

Designs
n/a

Describe alternatives you've considered
none

Additional context
none

Describe the bug
In save.php, the save() function is checking for the customize capability. It should be checking against the new edit_ads_txt cap.

Steps to Reproduce

1. Create a new user role based on Subscriber
2. Assign edit_ads_txt cap to that role
3. Create a user with that role
4. Log in as said user
5. Attempt to edit ads.txt
6. admin-ajax call dies, Javascript error ensues

Expected behavior
User with edit_ads_txt role should be able to edit ads.txt settings.

Environment information

• Device: Lenovo ThinkPad
• OS: Win10
• Browser and version: Firefox, 73.0.1
• WordPress version: 5.3.2
• Site Health Info:

  `

wp-core

version: 5.3.2
site_language: en_US
user_language: en_US
timezone: America/Los_Angeles
permalink: /%postname%/
https_status: false
user_registration: 0
default_comment_status: closed
multisite: false
user_count: 288
dotorg_communication: true

wp-paths-sizes

wordpress_path: /home/vagrant/dev/collider
wordpress_size: loading...
uploads_path: /home/vagrant/dev/collider/wp-content/uploads
uploads_size: loading...
themes_path: /home/vagrant/dev/collider/wp-content/themes
themes_size: loading...
plugins_path: /home/vagrant/dev/collider/wp-content/plugins
plugins_size: loading...
database_size: loading...
total_size: loading...

wp-dropins (2)

db.php: true
object-cache.php: true

wp-active-theme

name: Collider - Complex (collider-v3)
version: 3.0.0
author: Complex Media Inc.
author_website: http://complex.com
parent_theme: none
theme_features: menus, post-thumbnails, editor-style, automatic-feed-links, amp, html5, custom-background, twentyeleven_header_style, widgets
theme_path: /home/vagrant/dev/collider/wp-content/themes/collider-v3

wp-themes-inactive (3)

Collider: version: V2, author: topLingo
Twenty Nineteen: version: 1.4, author: the WordPress team
Twenty Twenty: version: 1.1, author: the WordPress team

wp-plugins-active (22)

ACF Repeater & Flexible Content Collapser: version: 1.2.3, author: Thomas Meyer
Ads.txt Manager: version: 1.2.0, author: 10up
Advanced Custom Fields PRO: version: 5.8.7, author: Elliot Condon (latest version: 5.8.8)
AMP: version: 1.4.2, author: AMP Project Contributors (latest version: 1.4.4)
AMP Query Monitor Compat: version: 0.1.0, author: Weston Ruter, Google
Classic Editor: version: 1.5, author: WordPress Contributors
Collider: version: 1.1.0, author: Sterner Stuff Design
Complex TV Embed: version: 1.3, author: Anthony Rivera
Debug Bar ElasticPress: version: 1.4, author: 10up
Disable Search: version: 1.7.2, author: Scott Reilly
ElasticPress: version: 3.3, author: 10up (latest version: 3.4)
Envira Gallery: version: 1.8.8, author: Envira Gallery Team
Fastly: author: (undefined), version: 1.2.11
Instant Articles for WP: version: 4.2.0, author: Automattic, Dekode, Facebook
Query Monitor: version: 3.5.2, author: John Blackbourn
Redis Object Cache: version: 1.5.6, author: Till Krüss
Regenerate Thumbnails: version: 3.1.2, author: Alex Mills (Viper007Bond) (latest version: 3.1.3)
WP Migrate DB Pro: version: 1.9.8, author: Delicious Brains (latest version: 1.9.9)
WP Offload Media: version: 2.3.2, author: Delicious Brains
WPtouch Pro: version: 3.0.6, author: BraveNewCode Inc.
Yoast SEO: version: 13.0, author: Team Yoast (latest version: 13.2)
Yoast SEO: News: version: 12.4.1, author: Team Yoast

wp-plugins-inactive (10)

Debug Bar Actions and Filters Addon: version: 1.5.4, author: Subharanjan
Debug Bar List Script & Style Dependencies: version: 1.1, author: Per Soderlind
Infinite Scroll: version: 2.6.2, author: Beaver6813, dirkhaim, Paul Irish, benbalter, Glenn Nelson
Remote Ads.txt: version: 1.0.0, author: Sterner Stuff
Rollbar: version: 2.6.1, author: Rollbar
Two Factor: version: 0.5.1, author: Plugin Contributors
User Switching: version: 1.5.3, author: John Blackbourn & contributors (latest version: 1.5.4)
Wordfence Security: version: 7.4.5, author: Wordfence (latest version: 7.4.6)
WP Crontrol: version: 1.7.1, author: John Blackbourn & crontributors
WP to Twitter: version: 3.4.4, author: Joseph C Dolson

wp-media

image_editor: WP_Image_Editor_Imagick
imagick_module_version: 1687
imagemagick_version: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org
imagick_limits:
imagick::RESOURCETYPE_AREA: 122 MB
imagick::RESOURCETYPE_DISK: 1073741824
imagick::RESOURCETYPE_FILE: 768
imagick::RESOURCETYPE_MAP: 512 MB
imagick::RESOURCETYPE_MEMORY: 256 MB
imagick::RESOURCETYPE_THREAD: 4
gd_version: 2.2.5
ghostscript_version: 9.26

wp-server

server_architecture: Linux 4.15.0-74-generic x86_64
httpd_software: nginx/1.15.8
php_version: 7.4.1 64bit
php_sapi: fpm-fcgi
max_input_variables: 1000
time_limit: 30
memory_limit: 512M
max_input_time: 60
upload_max_size: 100M
php_post_max_size: 100M
curl_version: 7.58.0 OpenSSL/1.1.1d
suhosin: false
imagick_availability: true
htaccess_extra_rules: true

wp-database

extension: mysqli
server_version: 10.4.12-MariaDB-1:10.4.12+maria~bionic-log
client_version: mysqlnd 7.4.1

wp-constants

WP_HOME: http://collider.test
WP_SITEURL: http://collider.test
WP_CONTENT_DIR: /home/vagrant/dev/collider/wp-content
WP_PLUGIN_DIR: /home/vagrant/dev/collider/wp-content/plugins
WP_MAX_MEMORY_LIMIT: 512M
WP_DEBUG: true
WP_DEBUG_DISPLAY: false
WP_DEBUG_LOG: true
SCRIPT_DEBUG: false
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_LOCAL_DEV: true
DB_CHARSET: utf8
DB_COLLATE: undefined

wp-filesystem

wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
mu-plugins: writable

`

Is your enhancement related to a problem? Please describe.
Once WordPress 5.7 is released, we'll want to test Ads.txt Manager to see if any incompatibility issues arise.

Describe the solution you'd like

• test Ads.txt Manager on WordPress 5.7
• open issues for any incompatibilities noted in testing
• resolve issues identified in testing
• bump "tested up to" version
• if code changes needed due to incompatibilities, ship a plugin release, otherwise use "Plugin asset/readme update" action to update "tested up to" version on .org repo

Designs
n/a

Describe alternatives you've considered
none

Additional context
5.4 testing issue --> #52

Is your enhancement related to a problem? Please describe.
Once WordPress 5.9 is released, we'll want to test Ads.txt Manager to see if any incompatibility issues arise.

Describe the solution you'd like

• test Ads.txt Manager on WordPress 5.9
• open issues for any incompatibilities noted in testing
• resolve issues identified in testing
• bump "tested up to" version
• if code changes needed due to incompatibilities, ship a plugin release, otherwise use "Plugin asset/readme update" action to update "tested up to" version on .org repo

Designs
n/a

Describe alternatives you've considered
none

Additional context
Related: #52, #65, #70.

Is your enhancement related to a problem? Please describe.

The ads.txt specification recommends sites without authorised advertising sellers use the following placeholder:

placeholder.example.com, placeholder, DIRECT, placeholder

Currently the built in linting of the ads.txt file highlights that as an error.

Describe the solution you'd like

For sites using the placeholder text above as the only text in the file, accept the content as valid but warn it indicates there are no authorized resellers.

Designs

Hacked together mock-up that would need work.

Note: color code changed to yellow as warning rather than an error.

Describe alternatives you've considered

I considered suppressing the error message altogether but decided a warning of no authorized sellers would be more appropriate given the most likely ads.txt use case.

Describe the bug
The following WPCS issues were shared with me, let's look to tackle these in our upcoming 1.2.0 release. If they're false positives, then let's make sure they're skipped.

• in ads-txt/ads-txt.php (line 26) Detected usage of a non-validated input variable: $_SERVER (WordPress.Security.ValidatedSanitizedInput.InputNotValidated)
• in ads-txt/ads-txt.php (line 26) Missing wp_unslash() before sanitization. WordPress.Security.ValidatedSanitizedInput.MissingUnslash

Expected behavior
WPCS passes with no errors.

Screenshots
n/a

Additional context
See summary, source, and full reports attached.
Ads.txt - report-full.txt
Ads.txt - report-source.txt
Ads.txt - report-summary.txt

I installed the plugin on a client site hosted on WP Engine and the plugin's core functionality of creating or managing the ads.txt file isn't working.

An ads.txt file already exists for the website. Loading up the plugin for the first time shows a blank textbox. Entering something in will save the changes on the page, but the ads.txt file won't change.

Deleting the ads.txt file on the server doesn't have any impact.

Is your enhancement related to a problem? Please describe.

The options app_adstxt_post and adstxt_post are used to refer to the post ID for the relevant file.

In the event these options are deleted, a new post of the type app-adstxt or adstxt will be created the next time an admin visits the management screen. The unreferenced post will remain as published in the database.

Once a post and the option have become detached, the post should be deleted. There are a number of options:

• delete the post if the option is deleted or updated
• upon visiting the settings page, if a new post is created remove any old posts
• recover orphaned posts -- this is problematic in that the served ads.txt file could contain unexpected data

Designs

No response

Describe alternatives you've considered

preventing the option from being deleted

This is possible by hooking in to an *_option hook.

However, the option is only likely to be altered via /wp-admin/options.php, WP CLI or by modifying the database directly. Blocking deletion of the option to sufficiently advanced users isn't practical and likely to lead to more people hitting the database directly.

Code of Conduct

• I agree to follow this project's Code of Conduct

Is your enhancement related to a problem? Please describe.

Release steps

• Branch: Starting from develop, cut a release branch named release/1.4.0 for your changes.
• Version bump: Bump the version number in ads-txt.php and readme.txt if it does not already reflect the version being released.
• Changelog: Add/update the changelog in both readme.txt and CHANGELOG.md.
• Props: update CREDITS.md file with any new contributors, confirm maintainers are accurate.
• New files: Check to be sure any new files/paths that are unnecessary in the production version are included in .gitattributes.
• Readme updates: Make any other readme changes as necessary. README.md is geared toward GitHub and readme.txt contains WordPress.org-specific content. The two are slightly different.
• Merge: Make a non-fast-forward merge from your release branch to develop (or merge the pull request), then do the same for develop into master (git checkout master && git merge --no-ff develop). master contains the stable development version.
• Push: Push your master branch to GitHub (e.g. git push origin master).
• Release: Create a new release, naming the tag and the release with the new version number, and targeting the master branch. Paste the changelog from CHANGELOG.md into the body of the release and include a link to the closed issues on the milestone (e.g. https://github.com/10up/ads-txt/milestone/4?closed=1).
• SVN: Wait for the GitHub Action to finish deploying to the WordPress.org repository. If all goes well, users with SVN commit access for that plugin will receive an emailed diff of changes.
• Check WordPress.org: Ensure that the changes are live on https://wordpress.org/plugins/ads-txt/. This may take a few minutes.
• Close milestone: Edit the milestone with release date (in the Due date (optional) field) and link to GitHub release (in the Description field), then close the milestone.
• Punt incomplete items: If any open issues or PRs which were milestoned for 1.4.0 do not make it into the release, update their milestone to 1.5.0 or Future Release.

Designs

No response

Describe alternatives you've considered

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Describe the bug

The release branch name has been renamed from master to trunk.

Update references to the legacy name:

• Documentation
• GitHub Action scripts

Steps to Reproduce

N/A

Screenshots, screen recording, code snippet

No response

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Is your enhancement related to a problem? Please describe.
Once WordPress 5.4 is released, we'll want to test Ads.txt Manager to see if any incompatibility issues arise.

Describe the solution you'd like

• test Ads.txt Manager on WP 5.4
• open issues for any incompatibilities noted in testing
• resolve issues identified in testing
• bump "tested up to" version
• if code changes needed due to incompatibilities, ship a plugin release, otherwise use "Plugin asset/readme update" action to update "tested up to" version on .org repo

Designs
n/a

Describe alternatives you've considered
none

Additional context
none

Describe the bug

As the PHP Compatibility checker uses a tokenizer to evaluate compatibility (as opposed to code execution), it can be run on a single version of PHP rather than as part of a matrix.

The test version can be listed as 7.4- to test for compatibility with all supported versions of PHP.

This will require a change to the protected branch config to remove the redundant runs as required checks.

Steps to Reproduce

N/A

Screenshots, screen recording, code snippet

Docs: https://github.com/PHPCompatibility/PHPCompatibility#testversion-in-the-ruleset-versus-command-line

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Is your enhancement related to a problem? Please describe.
As originally reported on WordPress.org, we should consider adding sellers.json support to the plugin.

Describe the solution you'd like

Review the sellers.json details from the IAB and consider if this is functionality that makes sense within the plugin, as a separate plugin, or something not worth further investigating. If its worth in this plugin, then cool let's add as a major plugin release. If its worth adding as a separate plugin, is that something we want to build/support?

Designs

TBD

Describe alternatives you've considered

n/a

Additional context

Background on sellers.json as well as more in-depth info from the IAB Tech Lab.

Describe the bug
If you use a mapped domain (i.e. your wp-admin is on a different domain from your site, like on WordPress.com), the ads.txt file detection looks for the file on the wp-admin domain, which can return a false positive. See https://wordpress.org/support/topic/existing-ads-txt-file-found/

Steps to Reproduce
I haven't actually done this yet, but my guess is:

1. Put an ads.txt in the root of a MS instance
2. Set up domain mapping for a subsite
3. Go to the ads.txt edit screen on the subsite
4. See notice that an existing ads.txt file was found

Expected behavior
I would not expect to see the notice.

Screenshots
n/a

Environment information
This is as of Ads.txt 1.2.0, seen on WordPress.com with a business plan where you can install plugins and map domains.

Additional context
Reported here: https://wordpress.org/support/topic/existing-ads-txt-file-found/

There is a new WordPress version that the plugin hasn't been tested with. Please test it and then change the "Tested up to" field in the plugin readme.

Tested up to: 6.0
Latest version: 6.1

This issue will be closed automatically when the versions match.

This is especially noticeable with the JS and CSS files, but also happens to the plugin icon from the .org repo. I'm not sure what can be done about this in the plugin itself vs. having to ask various ad blocker lists to whitelist. One would think somebody managing an ads.txt file wouldn't want to be blocking ads on their own site but who knows, and it's a silent non-blocking error so it just makes the plugin look less awesome than it actually is. Any ideas/experience with this?

Is your enhancement related to a problem? Please describe.
In the v1.0.3 version of the ads.txt spec, a new variable was added called INVENTORYPARTNERDOMAIN. Currently when trying to use this, you'll get an error saying that variable isn't valid. You can ignore that warning and still save the file but would be ideal for that warning to not show.

Describe the solution you'd like
Add INVENTORYPARTNERDOMAIN to our list of supported variables so we don't get a warning on save.

Describe the bug

When I try to use this plugin with Composer version 2.1.3, I get the following errors:

Your lock file does not contain a compatible set of packages. Please run composer update.

  Problem 1
    - dealerdirect/phpcodesniffer-composer-installer is locked to version v0.5.0 and an update of this package was not requested.
    - dealerdirect/phpcodesniffer-composer-installer v0.5.0 requires composer-plugin-api ^1.0 -> found composer-plugin-api[2.1.0] but it does not match the constraint.

And the solution is very simple since any version of the plugin prior to 0.7.0 only allowed installation on PHP 5.x and 7.x.
To fix the issue easily by running the command below:
composer require --dev dealerdirect/phpcodesniffer-composer-installer:"^0.7.1"

Steps to Reproduce

When I try to install dev dependencies by running the composer i command I get errors.

Expected behavior

Not getting errors while Install dependencies.
Screenshots

Environment information

• Device: Laptop
• OS: Fedora 35
• Browser and version: Chrome (Not related)

WordPress information

Additional context

I will provide a PR.

Describe the bug

Cypress is unable to start due to an incorrect base URL.

The base URL needs to be updated to config.baseUrl = wpEnvConfig.env.tests.config.WP_SITEURL;

Steps to Reproduce

Refer to failing actions.

Screenshots, screen recording, code snippet

No response

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Right now, the plugin does validation in the linting/formatting sense - making sure that values that are supposed to be domains or are in the format of a domain, that TAG-IDs are 16 character hashes, that sort of thing. There are some external checks that could be done, such as ensuring a given exchange domain is a valid exchange and matches the TAG-ID supplied.

I don't know that this should ever be done directly in the plugin because it could be costly both in terms of user-perceived performance (slow external checks, finicky setups) and maintenance (constant changes that aren't reasonable to ship in a plugin's code). This issue is to track conversation and document awareness of these possibilities, even if they don't work out as plugin features.

Is your enhancement related to a problem? Please describe.

Cypress 11 has been released, it has a new configuration structure, and the test suite needs to be migrated.

https://docs.cypress.io/guides/references/migration-guide

Designs

No response

Describe alternatives you've considered

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Is your enhancement related to a problem? Please describe.

At the time of writing, the contributor header in the WordPress.org readme file lists 10up, 10up, Helen Hou-Sandi, Adam Silverstein, and Jake Goldman. I'll soon be adding my username to the list in #98.

Given Helen and Adam are no longer actively maintaining the plugin, should they be removed from the list?

Pros

• it's clearer who is currently involved in the plugin
• visitors to the plugin page on wordpress.org will not @ mention legacy maintainers in support requests
• should Adam or Helen comment in the support forum, they will not have maintainer badges

Cons

• it demotes recognition of their earlier work setting up this plugin to the changelog
• the plugin is removed from their WP.org profiles

@helen, @adamsilverstein: as this change would affect you directly, I'd be interested in your thoughts.

Designs

No response

Describe alternatives you've considered

Two options for clarifying the current maintainers vs legacy maintainers

• retain Helen and Adam in contributors header and add a current maintainers section to the readme
• Remove Helen and Adam in contributors header but add maintainers section listing active and former maintainers.

Code of Conduct

• I agree to follow this project's Code of Conduct

Hi

I really like the plugin and the fact that it is approved by WordPress VIP to use it. But I was wondering why it is kept procedural. Do you have any plans to convert the code to object-oriented in near future? I believe updating to the object-oriented makes it clean, easy to maintain the code and extend the functionality if required. I’m happy to work on it and submit the patch. Please let me know.

Thanks,
Vinod

Describe the bug

Currently pull requests are unable to be merged by non-admins as two required actions are not reporting:

• Test PHP (5.6)
• Test PHP (7.3)

It appears that these are actions that have been removed from the workflow but remain as required checks in the admin settings.

Resolution Remove legacy actions from repository settings

Steps to Reproduce

1. Create a pull request
2. Request and receive an approval
3. Observe the actions above have not reported
4. Observe a non-admin is unable to merge the repo
5. Send Jeff a direct message asking him to merge.

Screenshots, screen recording, code snippet

Environment information

N/A - GitHub config issue.

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Coming out of #14, it seems like it would be helpful if the plugin detected an actual root-level ads.txt file and notified the user that the plugin can't/won't override or edit it. This probably only needs to show on the edit screen.

There are a few technical requirements for the plugin which should be handled in case a user still decides to try activating the plugin:

• PHP 5.3+, mostly for __DIR__ and namespace reasons (for now). This is handled by WordPress core's sandboxing right now, as it fatals and is subsequently deactivated. It's possible nothing else needs to be done here other than trying to advance the relevant core ticket.
• WordPress 4.9+, for the usage of CodeMirror as bundled. The editor likely still (mostly) works anyway, though there may be some JS errors, but hasn't been tested. It almost certainly requires 4.6+ for language pack reasons. Not sure what the plugin should do - I believe it would have to be installed manually rather than from the plugin repo as it is, so do we need to worry much about a warning?
• Rewrites enabled, so that WordPress can actually catch the request to /ads.txt. Perhaps a warning on the plugins page/row and on the edit screen?
• Site URL must not contain a path, as per spec this is a root-level file and the plugin only attempts to serve it there. Perhaps also a warning with explanation on the plugins page/row and on the edit screen?

Since this plugin has a bit of a smaller audience this wasn't 1.0 priority, but we should still aim for the best possible experience.

Describe the bug

The workflow E2E Tests (WP minimum, WordPress/WordPress#4.9) is currently set as a required action for merging pull requests.

As this action has been removed (replaced with E2E Tests (WP minimum, WordPress/WordPress#5.7)) the repo's settings need to be updated in order to allow merges.

Steps to Reproduce

1. Visit #107
2. Note the missing workflow is blocking merge E2E Tests (WP minimum, WordPress/WordPress#4.9)

Screenshots, screen recording, code snippet

No response

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Love this plugin and the work you're doing, it's fantastic. Thank you

One thing I often have to do is with our partners. They frequently update their ads.txt and we manage multiple websites. So each time, I need to login and update them.

It would be ideal if I could have, in addition to what's already available, a way to add multiple external files to also be included.

For example, one of our partners hosts their ads.txt for all publishers on the same URL, so I have to refresh from that file every week or two.

Cheers!

Is your enhancement related to a problem? Please describe.
The plugin doesn't support app-ads.txt but sometime people want to create that too

Describe the solution you'd like
Support app-ads.txt

Designs

Describe alternatives you've considered
Manually creating a file in htdocs :(

Additional context

Currently this page is available to those who with the manage_options capability. I ran into a situation where I want to create a role that only allows a user to edit this setting (the client's ad company). They have no business editing other settings on the site, and I don't really care to serve as middleman.

So I propose adding a specific capability. PR incoming.

• add version badge
• add support level section & badge
• add license badge
• add clarifying links where helpful (e.g., IAB)
• move changelog to its own file

Bump WP & PHP Minimums to the following

• WordPress to 5.7
• PHP to 7.4
• Remove any no-longer-needed conditional code for older version support.
• Take a look at adjusting our testing matrices, if applicable.
• Bump the minimums in plugin documentation and header fields.

Is your enhancement related to a problem? Please describe.
Inside the fight against 404bot, the ad fraud scheme exploiting ads.txt
https://www.thedrum.com/news/2020/02/25/inside-the-fight-against-404bot-the-ad-fraud-scheme-exploiting-adstxt

Here’s some background research by the great Dr. Augustine Fou:

How Ads.txt is Being Exploited by "Baddies"​ for Fun and Profit
https://www.linkedin.com/pulse/adstxt-zero-day-exploit-wild-brief-history-fraud-ad-fraud-historian/

Not much 10up’s plugin could do to help at this point, except maybe even sites that don’t advertise should consider a (non-empty) ads.txt file to prevent domain spoofing:
https://api.adstxt.com/blog/adstxt-without-authorized-advertising-systems

So your plugin could start users with a default ads.txt containing this valid “placeholder” record:
placeholder.example.com, placeholder, DIRECT, placeholder

Describe the solution you'd like
Opening this issue to discuss how best to handle this within Ads.txt Manager.

Designs

TBD, but n/a currently

Describe alternatives you've considered

n/a

Additional context

Props to @hearvox for the issue reporting and background info, we'll want to credit him in an PR/release/CREDITS.md updates that come from this issue.

CodeMirror is a keyboard trap without special handling, which is built into core's wrappers which we are not yet using. We should likely resolve this by using said wrappers (also noted in #2), but wanted to log this issue separately in case we don't for some reason.

Is your enhancement related to a problem? Please describe.
See overall concept in the OSBP guide and example setups on Simple Podcasting, Restricted Site Access, and ElasticPress.

Describe the solution you'd like

• add base GitHub Action
• add .wp-env.json
• add base docker files
• update package.json / package lock files
• add cypress tests

Designs
n/a

Describe alternatives you've considered
n/a

Additional context
n/a

The contents of ads.txt is stored in a custom post type, which gives us revisions for free. The revisions interface (manually accessible at /wp-admin/revision.php?revision=X) mostly "just works", but needs a few accommodations to make it work properly.

• A link from the settings screen
• "Return to editor" and title links on revisions screen should link to settings screen
• "Restore This Revision" should send you back to the settings screen and have that revision's contents loaded in the editor
• The title shouldn't be shown in the diff viewer, as it shouldn't change and isn't relevant

Is your enhancement related to a problem? Please describe.
Version 1.0.3 of the specification added the inventorypartnerdomain directive to aid with CTV and similar use cases. If we try to add inventorypartnerdomain, the plugin shows the warning "Unrecognized variable".

It would be great if the plugin support this new directive.

Describe the solution you'd like

Designs

Describe alternatives you've considered

Additional context

Is your enhancement related to a problem? Please describe.
We have a third-party ad company that updates their own ads.txt content fairly frequently. We'd like to be able to consume this in an automated fashion and add it to our own ads.txt managed via WP rather than manually update their records when needed.

Describe the solution you'd like
Add a filter to the returned content for ads.txt. Probably a dedicated filter.

The result would allow a user to do something like this:

add_filter( 'adstxt_content', function( $adstxt ) {
    return $adstxt . third_party_adstxt_via_api();
});

Is your enhancement related to a problem? Please describe.

WordPress 6.0 is currently in beta.

Test ads-txt is compatible:

• Ads.txt updates
• New Ads.txt file
• App-ads.txt updates
• New App-ads.txt file

Designs

No response

Describe alternatives you've considered

No response

Code of Conduct

• I agree to follow this project's Code of Conduct