WordPress.org

Ready to get started?Download WordPress

Annual WordPress Survey & WCSF

Posted July 9, 2013 by Matt Mullenweg. Filed under Community, Events.

It’s time for our third annual user and developer survey! If you’re a WordPress user, developer, or business, we want your feedback. Just like previous years, we’ll share the data at the upcoming WordCamp San Francisco (WCSF). Results will also be sent to each survey respondent.

It only takes a few minutes to fill out the survey, which will provide an overview of how people use WordPress.

If you missed past State of the Word keynotes, be sure to check out them out for survey results from 2011 and 2012.

Speaking of WCSF, if you didn’t get a ticket or are too far away to attend, you can still get a ticket for the live stream! Watch the live video stream from the comfort of your home on July 26 and 27; WCSF t-shirt, or any shirt, optional.

I hope to see you there.

WordPress 3.5.2 Maintenance and Security Release

Posted June 21, 2013 by Andrew Nacin. Filed under Releases, Security.

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugsThis is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.

The security fixes included:

  • Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
  • Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s authorship, reported by Luke Bryan.
  • An update to the SWFUpload external library to fix cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki. (Developers: More on SWFUpload here.)
  • Prevention of a denial of service attack, affecting sites using password-protected posts.
  • An update to an external TinyMCE library to fix a cross-site scripting vulnerability. Reported by Wan Ikram.
  • Multiple fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
  • Avoid disclosing a full file path when a upload fails. Reported by Jakub Galczyk.

We appreciated responsible disclosure of these issues directly to our security team. For more information on the changes, see the release notes or consult the list of changes.

Download WordPress 3.5.2 or update now from the Dashboard → Updates menu in your site’s admin area.

Also: WordPress 3.6 Beta 4: If you are testing WordPress 3.6, please note that WordPress 3.6 Beta 4 (zip) includes fixes for these security issues.

Ten Good Years

Posted May 31, 2013 by Matt Mullenweg. Filed under Meta.

It’s been ten years since we started this thing, and what a long way we’ve come. From a discussion between myself and Mike Little about forking our favorite blogging software, to powering 18% of the web. It’s been a crazy, exciting, journey, and one that won’t stop any time soon.

At ten years, it’s fun to reflect on our beginnings. We launched WordPress on 27th May 2003, but that wasn’t inception. Go back far enough, and you can read a post by Michel Valdrighi who, frustrated by the self-hosted blogging platforms available, decided to write his own software; “b2, a PHP+MySQL alternative to Blogger and GreyMatter.” b2 was easy to install, easy to configure, and easy for developers to extend. Of all the blogging platforms out there, b2 was the right one for me: I could write my content and get it on the web quickly and painlessly.

Sometimes, however, life gets in the way. In 2002, Michel stopped maintaining b2. Over time, security flaws became apparent and updates were needed and, while the b2 community could write patches and fixes, no one was driving the software forward. We were lucky that Michel decided to release b2 under the GPL; the software may have been abandoned, but we weren’t without options. A fork was always a possibility. That was where it stood in January 2003, when I posted about forking b2 and Mike responded. The rest, as they say, is history.

From the very beginning to the present day, I’ve been impressed by the thought, care, and dedication that WordPress’ developers have demonstrated. Each one has brought his or her unique perspective, each individual has strengthened the whole. It would be impossible to thank each of them here individually, but their achievements speak for themselves. In WordPress 1.2 the new Plugin API made it easy for developers to extend WordPress. In the same release gettext() internationalization opened WordPress up to every language (hat tip: Ryan Boren for spending hours wrapping strings with gettext). In WordPress 1.5 our Theme system made it possible for WordPress users to quickly change their site’s design: there was huge resistance to the theme system from the wider community at the time, but can you imagine WordPress without it? Versions 2.7, 2.8, and 2.9 saw improvements that let users install and update their plugins and themes with one click. WordPress has seen a redesign by happycog (2.3) and gone under extensive user testing and redesign (Crazyhorse, Liz Danzico and Jen Mylo, WordPress 2.5). In WordPress 3.0 we merged WordPress MU with WordPress — a huge job but 100% worth it. And in WordPress 3.5 we revamped the media uploader to make it easier for people to get their images, video, and media online.

In sticking to our commitment to user experience, we’ve done a few things that have made us unpopular. The WYSIWYG editor was hated by many, especially those who felt that if you have a blog you should know HTML. Some developers hated that we stuck with our code, refusing to rewrite, but it’s always been the users that matter: better a developer lose sleep than a site break for a user. Our code isn’t always beautiful, after all, when WordPress was created most of us were still learning PHP, but we try to make a flawless experience for users.

It’s not all about developers. WordPress’ strength lies in the diversity of its community. From the start, we wanted a low barrier to entry and we came up with our “famous 5 minute install”. This brought on board users from varied technical background: people who didn’t write code wanted to help make WordPress better. If you couldn’t write code, it didn’t matter: you could answer a question in the support forums, write documentation, translate WordPress, or build your friends and family a WordPress website. There is space in the community for anyone with a passion for WordPress.

It’s been wonderful to see all of the people who have used WordPress to build their home on the internet. Early on we got excited by switchers. From a community of tinkerers we grew, as writers such as Om Malik, Mark Pilgrim, and Molly Holzschlag made the switch to WordPress. Our commitment to effortless publishing quickly paid off and has continued to do so: the WordPress 1.2 release saw 822 downloads per day, our latest release, WordPress 3.5, has seen 145,692 per day.

I’m continually amazed by what people have built with WordPress. I’ve seen musicians and photographers, magazines such as Life, BoingBoing, and the New York Observer, government websites, a filesystem, mobile applications, and even seen WordPress guide missiles.

As the web evolves, WordPress evolves. Factors outside of our control will always influence WordPress’ development: today it’s mobile devices and retina display, tomorrow it could be Google Glass or technology not yet conceived. A lot can happen in ten years! As technology changes and advances, WordPress has to change with it while remaining true to its core values: making publishing online easy for everyone. How we rise to these challenges will be what defines WordPress over the coming ten years.

To celebrate ten years of WordPress, we’re working on a book about our history. We’re carrying out interviews with people who have involved with the community from the very beginning, those who are still around, and those who have left. It’s a huge project, but we wanted to have something to share with you on the 10th anniversary. To learn about the very early days of WordPress, just after Mike and I forked b2 you can download Chapter 3 right here. We’ll be releasing the rest of the book serially, so watch out as the story of the last ten years emerges.

In the meantime, I penned my own letter to WordPress and other community members have been sharing their thoughts:

You can see how WordPress’ 10th Anniversary was celebrated all over the world by visiting the wp10 website, according to Meetup we had 4,999 celebrators.

To finish, I just want to say thank you to everyone: to the developers who write the code, to the designers who make WordPress sing, to the worldwide community translating WordPress into so many languages, to volunteers who answer support questions, to those who make WordPress accessible, to the systems team and the plugin and theme reviewers, to documentation writers, event organisers, evangelists, detractors, supporters and friends. Thanks to the jazzers whose music inspired us and whose names are at the heart of WordPress. Thanks to everyone who uses WordPress to power their blog or website, and to everyone who will in the future. Thanks to WordPress and its community that I’m proud to be part of.

Thank you. I can’t wait to see what the next ten years bring.

Final thanks to Siobhan McKeown for help with this post.

The Next 10 Starts Now

Posted May 27, 2013 by Jen Mylo. Filed under Community.

All around the globe today, people are celebrating the 10th anniversary of the first WordPress release, affectionately known as #wp10. Watching the feed of photos, tweets, and posts from Auckland to Zambia is incredible; from first-time bloggers to successful WordPress-based business owners, people are coming out in droves to raise a glass and share the “holiday” with their local communities. With hundreds of parties going on today, it’s more visible than ever just how popular WordPress has become.

Thank you to everyone who has ever contributed to this project: your labors of love made this day possible.

But today isn’t just about reflecting on how we got this far (though I thought Matt’s reflection on the first ten years was lovely). We are constantly moving forward. As each release cycle begins and ends (3.6 will be here soon, promise!), we always see an ebb and flow in the contributor pool. Part of ensuring the longevity of WordPress means mentoring new contributors, continually bringing new talent and fresh points of view to our family table.

I am beyond pleased to announce that this summer we will be mentoring 8 interns, most of them new contributors, through Google Summer of Code and the Gnome Outreach Program for Women. Current contributors, who already volunteer their time working on WordPress, will provide the guidance and oversight for a variety of exciting projects  this summer. Here are the people/projects involved in the summer internships:

  • Ryan McCue, from Australia, working on a JSON-based REST API. Mentors will be Bryan Petty and Eric Mann, with a reviewer assist from Andrew Norcross.
  • Kat Hagan, from the United States, working on a Post by Email plugin to replace the core function. Mentors will be Justin Shreve and George Stephanis, with an assist from Peter Westwood.
  • Siobhan Bamber, from Wales, working on a support (forums, training, documentation) internship. Mentors will be Mika Epstein and Hanni Ross.
  • Frederick Ding, from the United States, working on improving portability. Mentors will be Andrew Nacin and Mike Schroder.
  • Sayak Sakar, from India, working on porting WordPress for WebOS to Firefox OS. Mentor will be Eric Johnson.
  • Alex Höreth, from Germany, working on  adding WordPress native revisions to the theme and plugin code editors. Mentors will be Dominik Schilling and Aaron Campbell, with a reviewer assist from Daniel Bachhuber.
  • Mert Yazicioglu, from Turkey, working on ways to improve our community profiles at profiles.wordpress.org. Mentors will be Scott Reilly and Boone Gorges.
  • Daniele Maio, from Italy, working on a native WordPress app for Blackberry 10. Mentor will be Danilo Ercoli.

Did you notice that our summer cohort is as international as the #wp10 parties going on today? I can only think that this is a good sign.

It’s always a difficult process to decide which projects to mentor through these programs. There are always more applicants with interesting ideas with whom we’d like to work than there are opportunities. Luckily, WordPress is a free/libre open source software project, and anyone can begin contributing at any time. Is this the year for you? We’d love for you to join us as we work toward #wp20. ;)

WordPress 3.6 Beta 3

Posted May 11, 2013 by Mark Jaquith. Filed under Development.

WordPress 3.6 Beta 3 is now available!

This is software still in development and we really don’t recommend that you run it on a production site — set up a test site just to play with the new version. To test WordPress 3.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

Beta 3 contains about a hundred changes, including improvements to the image Post Format flow (yay, drag-and-drop image upload!), a more polished revision comparison screen, and a more quote-like quote format for Twenty Thirteen.

As a bonus, we now have oEmbed support for the popular music-streaming services Rdio and Spotify (the latter of which kindly created an oEmbed endpoint a mere 24 hours after we lamented their lack of one). Here’s an album that’s been getting a lot of play as I’ve been working on WordPress 3.6:

Plugin developers, theme developers, and WordPress hosts should be testing beta 3 extensively. The more you test the beta, the more stable our release candidates and our final release will be.

As always, if you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed so far.

We’re looking forward to your feedback. If you find a bug, please report it, and if you’re a developer, try to help us fix it. We’ve already had more than 150 contributors to version 3.6 — it’s not too late to join in!

WordPress 3.6 Beta 2

Posted April 29, 2013 by Mark Jaquith. Filed under Development.

WordPress 3.6 Beta 2 is now available!

This is software still in development and we really don’t recommend that you run it on a production site — set up a test site just to play with the new version. To test WordPress 3.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

The longer-than-usual delay between beta 1 and beta 2 was due to poor user testing results with the Post Formats UI. Beta 2 contains a modified approach for format choosing and switching, which has done well in user testing. We’ve also made the Post Formats UI hide-able via Screen Options, and set a reasonable default based on what your theme supports.

There were a lot of bug fixes and polishing tweaks done for beta 2 as well, so definitely check it out if you had an issues with beta 1.

Plugin developers, theme developers, and WordPress hosts should be testing beta 2 extensively. The more you test the beta, the more stable our release candidates and our final release will be.

As always, if you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed so far.

We’re looking forward to your feedback. If you find a bug, please report it, and if you’re a developer, try to help us fix it. We’ve already had more than 150 contributors to version 3.6 — it’s not too late to join in!

Summer Mentorship Programs: GSoC and Gnome

Posted April 25, 2013 by Jen Mylo. Filed under Community, Development.

As an open source, free software project, WordPress depends on the contributions of hundreds of people from around the globe — contributions in areas like core code, documentation, answering questions in the support forums, translation, and all the other things it takes to make WordPress the best publishing platform it can be, with the most supportive community. This year, we’re happy to be participating as a mentoring organization with two respected summer internship programs: Google Summer of Code (GSoC) and the Gnome Outreach Program for Women.

Google Summer of Code

GSoC is a summer internship program funded by Google specifically for college/university student developers to work on open source coding projects. We have participated in the Google Summer of Code program in the past, and have enjoyed the opportunity to work with students in this way. Some of our best core developers were GSoC students once upon a time!

Our mentors, almost 30 talented developers with experience developing WordPress, will provide students with guidance and feedback over the course of the summer, culminating in the release of finished projects at the end of the program if all goes well.

Students who successfully complete the program earn $5,000 for their summer efforts. Interested, or know a college student (newly accepted to college counts, too) who should be? All the information you need about our participation in the program, projects, mentors, and the application process is available on the GSoC 2013 page in the Codex.

Gnome Outreach Program for Women

It’s not news that women form a low percentage of contributors in most open source projects, and WordPress is no different. We have great women in the contributor community, including some in fairly visible roles, but we still have a lot of work to do to get a representative gender balance on par with our user base.

The Gnome Outreach Program for Women aims to provide opportunities for women to participate in open source projects, and offers a similar stipend, but there are three key differences between GSoC and Gnome aside from the gender requirement for Gnome.

  1. The Gnome program allows intern projects in many areas of contribution, not just code. In other words, interns can propose projects like documentation, community management, design, translation, or pretty much any area in which we have people contributing (including code).
  2. The Gnome Outreach Program for Women doesn’t require interns to be college students, though students are definitely welcome to participate. This means that women in all stages of life and career can take the opportunity to try working with open source communities for the summer.
  3. We have to help raise the money to pay the interns. Google funds GSoC on its own, and we only have to provide our mentors’ time. Gnome doesn’t have the same funding, so we need to pitch in to raise the money to cover our interns. If your company is interested in helping with this, please check out the program’s sponsorship information and follow the contact instructions to get involved. You can earmark donations to support WordPress interns, or to support the program in general. (Pick us, pick us! :) )

The summer installment of the Gnome Outreach Program for Women follows the same schedule and general application format as GSoC, though there are more potential projects since it covers more areas of contribution. Women college students interested in doing a coding project are encouraged to apply for both programs to increase the odds of acceptance. All the information you need about our participation in the program, projects, mentors, and the application process is available on the Gnome Outreach Program for Women page in the Codex.

The application period just started, and it lasts another week (May 1 for Gnome, May 3 for GSoC), so if you think you qualify and are interested in getting involved, check out the information pages, get in touch, and apply… Good luck!

Google Summer of Code 2013 Information
Gnome Summer Outreach Program for Women 2013 Information

WordPress 10th Anniversary Tees

Posted April 23, 2013 by Jen Mylo. Filed under Events, Store.

WordPress 10th Anniversary logoIn honor of the upcoming 10th anniversary celebrations, we’ve put a special 10th anniversary tshirt in the swag store at cost — $10 per shirt plus shipping. They’ll be on sale at this price until the anniversary on May 27, and they’ll start shipping out the week of April 29.

Some people who are planning parties or who organize meetups are already talking about doing group orders to save on shipping costs, which is a great idea — just make sure you allow enough shipping time. If you’re not sure if the tees could make it to you in time on your side of the world, use the contact options at the bottom of the store page to ask about shipping times. If they can’t reach you in time and you want to have a local printer do some for your group, we’ll post the vector file on the wp10 site within the next week (and this post will get updated accordingly).

The shirts are available in black or silvery gray. Why silvery gray? Because of trivia: the traditional gift for 10th anniversaries is tin or aluminum. :)

Silver and Black tshirts with WordPress 10th anniversary logo on them

Save the Date: May 27

Posted April 11, 2013 by Jen Mylo. Filed under Events.

What’s on May 27, you ask?

May 27, 2013 is the 10th anniversary of the first WordPress release!

We think this is worth celebrating, and we want WordPress fans all over the world to celebrate with us by throwing their own parties. We’re using Meetup Everywhere to coordinate, and will be putting up a website just for the 10th Anniversary so that we can collect photos, videos, tweets, and posts from all the parties.

The rules are very simple:

  1. Pick a place to go where a bunch of people can be merry — a park, a bar, a backyard, whatever
  2. Spread the word to local meetups, tech groups, press, etc and get people to say they’ll come to your party
  3. If 50 or more people RSVP to your party, we’ll try to send you some WordPress stickers and buttons
  4. Have party attendees post photos, videos, and the like with the #wp10 hashtag

We’ll be using Meetup Everywhere to coordinate parties all over the world, so get your city on the map and register your party now !

We’ll follow up with registered organizers  over the next few weeks with some tips for how to publicize your party and to get addresses for swag packages. To that end, make sure you check the option that lets WordPress 10th Anniversary know your email, or we won’t be able to get in touch with you for these things or to give you access to the WP10 blog.

Whose party will be the biggest? The most fun? The most inventive? Will it be yours?

Note: If you already run a group on meetup.com, making your party an event in your group is great, but you still need to post it and have people RSVP at the special party page, because regular groups and Meetup Everywhere groups aren’t connected yet. 

WordPress 3.6 Beta 1

Posted April 4, 2013 by Mark Jaquith. Filed under Releases.

WordPress 3.6 Beta 1 is now available!

This is software still in development and we really don’t recommend that you run it on a production site — set up a test site just to play with the new version. To test WordPress 3.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

We’ve been working for nearly three months and have completed all the features that are slated for this release. This is a bit of a change from the betas of previous release cycles. I felt very strongly that we shouldn’t release a beta if we were still working on completing the main features. This beta is actually a beta, not an alpha that we’re calling a beta. If you are a WordPress plugin or theme developer, or a WordPress hosting provider, you should absolutely start testing your code against this new version now. More bugs will be fixed, and some of the features will get polished, but we’re not going to shove in some big new feature. We’re ready for you to test it, so jump in there! The more you test the beta, the more stable our release candidates and our final release will be.

As always, if you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed so far.

Here’s what’s new in 3.6:

  • Post Formats:  Post Formats now have their own UI, and theme authors have access to templating functions to access the structured data.
  • Twenty Thirteen: We’re shipping this year’s default theme in our first release of the year. Twenty Thirteen is an opinionated, color-rich, blog-centric theme that makes full use of the new Post Formats support.
  • Audio/Video: You can embed audio and video files into your posts without relying on a plugin or a third party media hosting service.
  • Autosave:  Posts are now autosaved locally. If your browser crashes, your computer dies, or the server goes offline as you’re saving, you won’t lose the your post.
  • Post Locking:  See when someone is currently editing a post, and kick them out of it if they fall asleep at the keyboard.
  • Nav Menus:  Nav menus have been simplified with an accordion-based UI, and a separate tab for bulk-assigning menus to locations.
  • Revisions: The all-new revisions UI features avatars, a slider that “scrubs” through history, and two-slider range comparisons.

Developers:  You make WordPress awesome(er). One of the things we strive to do with every release is be compatible with existing plugins and themes. But we need your help. Please test your plugins and themes against 3.6. If something isn’t quite right, please let us know. (Chances are, it wasn’t intentional.) If you’re a forward-thinking theme developer, you should be looking at implementing the new Post Format support in some of your themes (look to Twenty Thirteen for inspiration).

We’re looking forward to your feedback. If you break it (i.e. find a bug), please report it, and if you’re a developer, try to help us fix it. We’ve already had more than 150 contributors to version 3.6 — it’s not too late to join the party!

« Newer PostsOlder Posts »

See Also:

For more WordPress news, check out the WordPress Planet.

There’s also a development P2 blog.

To see how active the project is check out our Trac timeline, it often has 20–30 updates per day.

Categories

%d bloggers like this: