Decouple the block editor sidebar from the metabox hidden fields

admin/formatter/class-metabox-formatter.php

@@ -48,7 +48,8 @@ public function get_values() {
 	 * @return array<string, string|array<string|int|bool>|bool|int> Default settings for the metabox.
 	 */
 	private function get_defaults() {
-		$schema_types = new Schema_Types();
+		$schema_types       = new Schema_Types();
+		$schema_fields_defs = WPSEO_Meta::get_meta_field_defs( 'schema' );
 
 		$defaults = [
 			'author_name'                        => get_the_author_meta( 'display_name' ),
@@ -59,6 +60,9 @@ private function get_defaults() {
 				'displayFooter'      => WPSEO_Capability_Utils::current_user_can( 'wpseo_manage_options' ),
 				'pageTypeOptions'    => $schema_types->get_page_type_options(),
 				'articleTypeOptions' => $schema_types->get_article_type_options(),
+				'defaultPageType'    => isset( $schema_fields_defs['schema_page_type'] ) ? $schema_fields_defs['schema_page_type']['default'] : '',
+				'defaultArticleType' => isset( $schema_fields_defs['schema_article_type'] ) ? $schema_fields_defs['schema_article_type']['default'] : '',
+				'showArticleInput'   => isset( $schema_fields_defs['schema_article_type'] ),
 			],
 			'twitterCardType'                    => 'summary_large_image',
 			/**

admin/metabox/class-metabox.php

@@ -232,6 +232,10 @@ public function display_metabox( $identifier = null, $type = 'post_type' ) {
 	 * @return void
 	 */
 	public function add_meta_box() {
+		if ( $this->is_metabox_disabled_in_block_editor() ) {
+			return;
+		}
+
 		$post_types = WPSEO_Post_Type::get_accessible_post_types();
 		$post_types = array_filter( $post_types, [ $this, 'display_metabox' ] );
 
@@ -330,10 +334,38 @@ private function determine_scope() {
 	 * @return void
 	 */
 	public function meta_box() {
-		$this->render_hidden_fields();
+		if ( ! $this->is_metabox_disabled_in_block_editor() ) {
+			$this->render_hidden_fields();
+		}
 		$this->render_tabs();
 	}
 
+	/**
+	 * Returns whether the metabox hidden fields and $_POST-based save are disabled for the block editor.
+	 *
+	 * When this returns true the block editor uses the REST API meta path instead: all WPSEO post meta
+	 * fields are registered with show_in_rest, so core/editor carries and saves them automatically.
+	 *
+	 * Filter: 'wpseo_disable_metabox_in_block_editor'
+	 *
+	 * @return bool
+	 */
+	protected function is_metabox_disabled_in_block_editor() {
+		$screen = WP_Screen::get();
+		if ( ! $screen || ! $screen->is_block_editor() ) {
+			return false;
+		}
+
+		/**
+		 * Filter: 'wpseo_disable_metabox_in_block_editor' - Disables the Yoast metabox hidden fields
+		 * and the $_POST-based save hook in the block editor, so that post meta is saved via the
+		 * WordPress REST API instead (requires all relevant fields to have show_in_rest enabled).
+		 *
+		 * @param bool $disable Whether to disable the metabox. Default false.
+		 */
+		return (bool) apply_filters( 'wpseo_disable_metabox_in_block_editor', false );
+	}
+
 	/**
 	 * Renders the metabox hidden fields.
 	 *
@@ -700,6 +732,18 @@ public function save_postdata( $post_id ) {
 			return false;
 		}
 
+		// Bail when the REST meta path is active and there is no metabox form submission.
+		// core/editor persists meta via the REST API, so $_POST will not contain the Yoast
+		// nonce or hidden-field values. Checking for the nonce absence ensures we only skip
+		// when there is genuinely no $_POST-based save to process.
+		// Note: is_metabox_disabled_in_block_editor() cannot be used here because WP_Screen
+		// is not initialised during REST requests, so the filter is called directly instead.
+		if ( apply_filters( 'wpseo_disable_metabox_in_block_editor', false )
+			&& ( defined( 'REST_REQUEST' ) && REST_REQUEST )
+			&& ! isset( $_POST['yoast_free_metabox_nonce'] ) ) {
+			return false;
+		}
+
 		if ( $post_id === null ) {
 			return false;
 		}
@@ -904,19 +948,20 @@ public function enqueue() {
 		$is_front_page    = $homepage_is_page && $page_on_front === (int) $post_id;
 
 		$script_data = [
-			'metabox'                    => $this->get_metabox_script_data(),
-			'isPost'                     => true,
-			'isBlockEditor'              => $is_block_editor,
-			'postId'                     => $post_id,
-			'postStatus'                 => get_post_status( $post_id ),
-			'postType'                   => get_post_type( $post_id ),
-			'isPage'                     => get_post_type( $post_id ) === 'page',
-			'usedKeywordsNonce'          => wp_create_nonce( 'wpseo-keyword-usage-and-post-types' ),
-			'analysis'                   => [
+			'metabox'                     => $this->get_metabox_script_data(),
+			'isPost'                      => true,
+			'isBlockEditor'               => $is_block_editor,
+			'disableMetaboxInBlockEditor' => $is_block_editor && (bool) apply_filters( 'wpseo_disable_metabox_in_block_editor', false ),
+			'postId'                      => $post_id,
+			'postStatus'                  => get_post_status( $post_id ),
+			'postType'                    => get_post_type( $post_id ),
+			'isPage'                      => get_post_type( $post_id ) === 'page',
+			'usedKeywordsNonce'           => wp_create_nonce( 'wpseo-keyword-usage-and-post-types' ),
+			'analysis'                    => [
 				'plugins' => $plugins_script_data,
 				'worker'  => $worker_script_data,
 			],
-			'isFrontPage'                => $is_front_page,
+			'isFrontPage'                 => $is_front_page,
 		];
 
 		/**

composer.json

@@ -111,7 +111,7 @@
 			"Yoast\\WP\\SEO\\Composer\\Actions::check_coding_standards"
 		],
 		"check-cs-thresholds": [
-			"@putenv YOASTCS_THRESHOLD_ERRORS=2391",
+			"@putenv YOASTCS_THRESHOLD_ERRORS=2388",
 			"@putenv YOASTCS_THRESHOLD_WARNINGS=257",
 			"Yoast\\WP\\SEO\\Composer\\Actions::check_cs_thresholds"
 		],

inc/class-wpseo-meta.php

@@ -103,22 +103,16 @@ class WPSEO_Meta {
 			'focuskw' => [
 				'type'         => 'hidden',
 				'title'        => '',
-				'show_in_rest' => true,
-				'single'       => true,
 			],
 			'title' => [
 				'type'          => 'hidden',
 				'default_value' => '',
-				'show_in_rest'  => true,
-				'single'        => true,
 			],
 			'metadesc' => [
 				'type'          => 'hidden',
 				'default_value' => '',
 				'class'         => 'metadesc',
 				'rows'          => 2,
-				'show_in_rest'  => true,
-				'single'        => true,
 			],
 			'linkdex' => [
 				'type'          => 'hidden',
@@ -189,13 +183,6 @@ class WPSEO_Meta {
 				'options'       => Schema_Types::ARTICLE_TYPES,
 			],
 		],
-		/* Fields we should validate & save, but not show on any form. */
-		'non_form'        => [
-			'linkdex' => [
-				'type'          => null,
-				'default_value' => '0',
-			],
-		],
 		'content_planner' => [
 			'is_content_planner_banner_rendered'  => [
 				'type'          => 'hidden',
@@ -287,24 +274,6 @@ public static function init() {
 					[ 'sanitize_callback' => [ self::class, 'sanitize_post_meta' ] ],
 				);
 
-				// Re-register for the 'post' subtype with REST exposure and auth callback when show_in_rest is enabled.
-				if ( ! empty( $field_def['show_in_rest'] ) ) {
-					register_meta(
-						'post',
-						self::$meta_prefix . $key,
-						[
-							'show_in_rest'      => true,
-							'single'            => ( $field_def['single'] ?? false ),
-							'type'              => 'string',
-							'object_subtype'    => 'post',
-							'sanitize_callback' => [ self::class, 'sanitize_post_meta' ],
-							'auth_callback'     => static function ( $allowed, $meta_key, $object_id ) {
-								return current_user_can( 'edit_post', $object_id );
-							},
-						],
-					);
-				}
-
 				// Set the $fields_index property for efficiency.
 				self::$fields_index[ self::$meta_prefix . $key ] = [
 					'subset' => $subset,
@@ -323,12 +292,6 @@ public static function init() {
 		}
 		unset( $subset, $field_group, $key, $field_def );
 
-		// Strip meta fields that have show_in_rest enabled from REST responses for users
-		// without edit_post capability. register_meta's auth_callback only covers writes,
-		// so read access must be restricted separately via this filter.
-		// Register only for 'post' post type. Other post types don't expose these fields.
-		add_filter( 'rest_prepare_post', [ self::class, 'hide_meta_from_unauthorized_rest_response' ], 10, 2 );
-
 		self::filter_schema_article_types();
 
 		add_filter( 'update_post_metadata', [ self::class, 'remove_meta_if_default' ], 10, 5 );
@@ -1074,30 +1037,6 @@ public static function post_types_for_ids( $post_ids ) {
 		return $post_types;
 	}
 
-	/**
-	 * Strips REST-exposed Yoast meta fields from the response for users without edit_post capability on the post.
-	 *
-	 * @param WP_REST_Response $response The REST response.
-	 * @param WP_Post          $post     The post object.
-	 *
-	 * @return WP_REST_Response The (possibly modified) response.
-	 */
-	public static function hide_meta_from_unauthorized_rest_response( $response, $post ) {
-		if ( current_user_can( 'edit_post', $post->ID ) ) {
-			return $response;
-		}
-		$data = $response->get_data();
-		foreach ( self::$meta_fields as $field_group ) {
-			foreach ( $field_group as $key => $field_def ) {
-				if ( ! empty( $field_def['show_in_rest'] ) ) {
-					unset( $data['meta'][ self::$meta_prefix . $key ] );
-				}
-			}
-		}
-		$response->set_data( $data );
-		return $response;
-	}
-
 	/**
 	 * Filter the schema article types.
 	 *

inc/class-wpseo-primary-term.php

@@ -65,7 +65,7 @@ public function get_primary_term() {
 	 * @return void
 	 */
 	public function set_primary_term( $new_primary_term ) {
-		update_post_meta( $this->post_ID, WPSEO_Meta::$meta_prefix . 'primary_' . $this->taxonomy_name, $new_primary_term );
+		update_post_meta( $this->post_ID, WPSEO_Meta::$meta_prefix . 'primary_' . $this->taxonomy_name, (string) $new_primary_term );
 	}
 
 	/**

packages/js/package.json

@@ -6,7 +6,7 @@
   "scripts": {
     "build": "cd ../.. && wp-scripts build --config config/webpack/webpack.config.js",
     "test": "jest",
-    "lint": "eslint . --max-warnings=40"
+    "lint": "eslint . --max-warnings=34"
   },
   "dependencies": {
     "@draft-js-plugins/mention": "^5.0.0",

packages/js/src/ai-content-planner/hooks/use-apply-outline.js

@@ -1,5 +1,6 @@
 import { useCallback } from "@wordpress/element";
 import { useDispatch, select } from "@wordpress/data";
+import { metaKeyTitle, metaKeyMetaDesc, metaKeyFocusKw } from "../../shared-admin/constants";
 import { buildBlocksFromOutline } from "../helpers/build-blocks-from-outline";
 import { CONTENT_PLANNER_STORE } from "../constants";
 
@@ -48,12 +49,9 @@ export const useApplyOutline = ( { editedOutlineRef } ) => {
 			title: metaOutline.title,
 			blocks: buildBlocksFromOutline( structure ),
 			meta: {
-				// eslint-disable-next-line camelcase
-				_yoast_wpseo_title: metaOutline.title,
-				// eslint-disable-next-line camelcase
-				_yoast_wpseo_metadesc: metaOutline.metaDescription,
-				// eslint-disable-next-line camelcase
-				_yoast_wpseo_focuskw: metaOutline.focusKeyphrase,
+				[ metaKeyTitle ]: metaOutline.title,
+				[ metaKeyMetaDesc ]: metaOutline.metaDescription,
+				[ metaKeyFocusKw ]: metaOutline.focusKeyphrase,
 			},
 		};
 		if ( metaOutline.category?.id && metaOutline.category.id !== -1 ) {

packages/js/src/ai-content-planner/hooks/use-yoast-meta-sync.js

@@ -1,5 +1,6 @@
 import { useDispatch, useSelect } from "@wordpress/data";
 import { useEffect } from "@wordpress/element";
+import { metaKeyTitle, metaKeyMetaDesc, metaKeyFocusKw } from "../../shared-admin/constants";
 
 /**
  * Mirrors core/editor meta changes into yoast-seo/editor. Fires on every meta change,
@@ -15,9 +16,9 @@ export function useYoastMetaSync() {
 		const meta = editor.getEditedPostAttribute( "meta" );
 		const { title, description } = select( "yoast-seo/editor" ).getSnippetEditorTemplates();
 		return {
-			yoastTitle: meta?._yoast_wpseo_title,
-			yoastMetaDesc: meta?._yoast_wpseo_metadesc,
-			yoastFocusKw: meta?._yoast_wpseo_focuskw,
+			yoastTitle: meta?.[ metaKeyTitle ],
+			yoastMetaDesc: meta?.[ metaKeyMetaDesc ],
+			yoastFocusKw: meta?.[ metaKeyFocusKw ],
 			isPost: editor.getCurrentPostType() === "post",
 			titleTemplate: title,
 			descTemplate: description,
@@ -31,9 +32,9 @@ export function useYoastMetaSync() {
 		if ( ! isPost ) {
 			return;
 		}
-		// Only sync non-empty values. An empty string means no custom value has been saved, in
-		// which case the snippet editor should keep showing the SEO title template instead of
-		// being overwritten with an empty string.
+		// Only sync non-empty values. An empty string means no custom value has been saved,
+		// in which case the snippet editor should keep showing the SEO title
+		// template instead of being overwritten with an empty string.
 		const dataToSync = {
 			title: titleTemplate,
 			description: descTemplate,