`WC_Admin_Dashboard::recent_reviews()` was calling `get_avatar()` passing `$comment->comment_author` which is not one of the list of parameters that the function accepts to get the avatar. As a result, the widget that displays the recent reviews in the admin dashboard was never displaying the avatar of the user that left the review. This commit fixes this issue by passing `$comment->comment_email` instead. I opted to use `$comment->comment_author` as it should be available for reviews left both by authenticated and anonymous users and because getting the comment object wouldn't be so simple (either we need to perform an extra query for each review or deprecate the `woocommerce_report_recent_reviews_query_from` filter).
Using the WPCS native whitelist comments is deprecated. So this PR just replaces all instances of `// WPCS: XSS ok.` found in `includes/wc-cart-functions.php` with the PHPCS native "// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped". I found this while working on another issue in the same file.
This commit improves the i18n of a string displayed during checkout showing the total amount of the order when the store is configured to display prices inclusive of taxes.
Before string concatenation was used to build the final string which is almost always a bad practice from i18n point of view (https://codex.wordpress.org/I18n_for_WordPress_Developers#Best_Practices). This commit uses sprintf() and two separate strings to make translation easier.
This commit replaces a call to the now deprecated jQuery.fn.toggle(handler, handler...) (https://api.jquery.com/toggle-event/) with a jQuery.click(). The deprecated call was used in the page where admins can edit e-mail templates (example: wp-admin/admin.php?page=wc-settings&tab=email§ion=wc_email_customer_on_hold_order) to show or hide the contents of the template and at the same time change the label of the button. We are now using jQuery.click() with a if statement inside to decide which label to use.
This commit fixes a minor error in the sed commands used to prefix
namespaces in the vendor folder. Due to an extra space sed was
considering `.bak` an extra parameter. If we use `-i.bak` instead (without the
space), sed creates a backup file which is the desired behavior.
With this change we won't be getting the errors below when running
`composer install` or `composer update`:
```
Generating autoload files
> sh ./bin/prefix-vendor-namespaces.sh
Prefixing the appropriate vendor namespaces with Automattic\WooCommerce\Vendor
sed: can't read .bak: No such file or directory
sed: can't read .bak: No such file or directory
sed: can't read .bak: No such file or directory
(...)
```
Since sed was working without creating a backup file, I wonder if we
really need to create one. I tested and `sed -i -E -e
"s/\"(League\\\\\\\Container)/\"Automattic\\\\\\\WooCommerce\\\\\\\Vendor\\\\\\\\\1/g"
vendor/league/container/composer.json` works well in Linux. If it also
works on Mac, maybe we can use it and remove the code that deletes the
.bak files?