Samuel Wood

> Right, but in the case of Open Graph and Twitter Cards, the content is always hosted on the source's domain, and they have control over removing it. FYI, Facebook...

Same thing for screenshots and such. This seems to be a decent fix. ``` .c-message_kit__file__meta { color: #e6e6e6 } ```

Including TOTP is an absolute minimum for 2FA. It's simple, the code is public and open, and generating QR codes isn't that hard if we need to include it.

The theme checker should be modified to add support for ways of checking for these things, certainly, but if these "FSE" themes are missing basic requirements, then they should not...

Blacklisting specific services means never-ending updates to that list. Something more generic to display the info to the author and reviewer makes somewhat more sense, to me.

Note that this is historically a problem. One we solved by doing the child-theme/parent-theme checks like this in the plugin, but then completely ignoring for the uploader. The system on...

The check itself is not perfect. It's seeing the string in $download['downloads_remaining'] and counting that as a possible argument which it is not expecting. There's nothing wrong with your code....

Note that this needs to be smart. The url of wordpress.org is lowercase.

With the proposed change, inserting ) followed by ; into a string causes a fail. I realize there is no perfect answer while using regexp. Perhaps a different approach? Thinking...

Also, note that $wp_customize is just a convention. Themes can, in theory, name this variable they're being passed something else entirely. So even with tokenization, there's no perfect check here.