WordPress.org

Update on Gutenberg

Posted July 6, 2018 by Tammie Lister. Filed under Focus.

Progress on the Gutenberg project, the new content creating experience coming to WordPress, has come a long way. Since the start of the project, there have been 30 releases and 12 of those happened after WordCamp US 2017. In total since then, there have been 1,764 issues opened and 1,115 closed as of WordCamp Europe. As the work on phase one moves into its final stretch, here is what you can expect.

In Progress

  • Freeze new features in Gutenberg (the feature list can be found here).
  • Hosts, agencies, teachers invited to opt-in sites they have influence over.
  • WordPress.com has opt-in for wp-admin users. The number of sites and posts will be tracked.
  • Mobile app support for Gutenberg will be across iOS and Android.

July

  • 4.9.x release with an invitation to install either Gutenberg or Classic Editor plugin.
  • WordPress.com will move to opt-out. There will be tracking to see who opts out and why.
  • Triage increases and bug gardening escalates to get blockers in Gutenberg down to zero.
  • Gutenberg phase two, Customization exploration begins by moving beyond the post.

August and beyond

  • All critical issues within Gutenberg are resolved.
  • There is full integration with Calypso and there is opt-in for users there.
  • A goal will be 100k+ sites having made 250k+ posts using Gutenberg.
  • Core merge of Gutenberg begins the 5.0 release cycle.
  • 5.0 moves into beta releases and translations are completed.
  • There will be a mobile version of Gutenberg by the end of the year.

WordPress 5.0 could be as soon as August with hundreds of thousands of sites using Gutenberg before release. Learn more about Gutenberg here, take it for a test drive, install on your site, follow along on GitHub and give your feedback.

WordPress 4.9.7 Security and Maintenance Release

Posted July 5, 2018 by Aaron D. Campbell. Filed under Releases.

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.

Thank you to Slavco for reporting the original issue and Matt Barry for reporting related issues.

Seventeen other bugs were fixed in WordPress 4.9.7. Particularly of note were:

  • Taxonomy: Improve cache handling for term queries.
  • Posts, Post Types: Clear post password cookie when logging out.
  • Widgets: Allow basic HTML tags in sidebar descriptions on Widgets admin screen.
  • Community Events Dashboard: Always show the nearest WordCamp if one is coming up, even if there are multiple Meetups happening first.
  • Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.

Download WordPress 4.9.7 or venture over to Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

The previously scheduled 4.9.7 is now referred to as 4.9.8, and will follow the release schedule posted yesterday.

Thank you to everyone who contributed to WordPress 4.9.7:

1naveengiri, Aaron Jorbin, abdullahramzan, alejandroxlopez, Andrew Ozz, Arun, Birgir Erlendsson (birgire), BjornW, Boone Gorges, Brandon Kraft, Chetan Prajapati, David Herrera, Felix Arntz, Gareth, Ian Dunn, ibelanger, John Blackbourn, Jonathan Desrosiers, Joy, khaihong, lbenicio, Leander Iversen, mermel, metalandcoffee, Migrated to @jeffpaul, palmiak, Sergey Biryukov, skoldin, Subrata Sarkar, Towhidul Islam, warmlaundry, and YuriV.

The Month in WordPress: June 2018

Posted July 2, 2018 by Hugh Lashbrooke. Filed under Month in WordPress.

With one of the two flagship WordCamp events taking place this month, as well as some important WordPress project announcements, there’s no shortage of news. Learn more about what happened in the WordPress community in June.


Another Successful WordCamp Europe

On June 14th, WordCamp Europe kicked off three days of learning and contributions in Belgrade. Over 2,000 people attended in person, with hundreds more watching live streams of the sessions.

The WordCamp was a great success with plenty of first-time attendees and new WordPress contributors getting involved in the project and community. Recorded sessions from the 65 speakers at the event will be available on WordPress.tv in the coming weeks. In the meantime, check out the photos from the event.

The next WordCamp Europe takes place on June 20-22 2019 in Berlin, Germany. If you’re based in Europe and would like to serve on the organizing team, fill in the application form.

Updated Roadmap for the New WordPress Content Editor

During his keynote session at WordCamp Europe, Matt Mullenweg presented an updated roadmap for Gutenberg, the new content editor coming in WordPress 5.0.

While the editor is in rapid development, with v3.1 being released this past month, the team is aiming to ship Gutenberg with WordPress Core in August, 2018. This is not set in stone — the release date may shift as development progresses — but this gives the first realistic idea of when we can expect the editor to be released.

If you would like to contribute to Gutenberg, read the handbook, follow the Core team blog, and join the #core-editor channel in the Making WordPress Slack group.

WordCamp Incubator Cities Announced

The WordCamp Incubator program helps spread WordPress to underserved communities by providing organizing support for their first WordCamp. The first iteration of this program ran successfully in 2016 and empowered three cities to start their own WordPress communities.

This year, the Community Team is running the Incubator program again. After receiving applications from 104 communities, they have selected Montevideo, Uruguay and Kota Kinabalu, Malaysia to participate in the program. Both cities will receive direct help from experienced WordCamp organizers to run their first-ever WordCamp as a way to help their WordPress community get started.

To find out more about the Incubator program follow the Community team blog, and join the #community-events channel in the Making WordPress Slack group.


Further Reading:

  • The WordPress community of Spain recently received an award for being the best open-source community in the country.
  • This month, WordPress reached the milestone of powering 31% of websites.
  • WP Rig is a brand new tool to help WordPress developers build better themes.
  • Block Unit Test is a new plugin to help theme developers prepare for Gutenberg.
  • Near the end of the month, Zac Gordon hosted an online conference focused on JavaScript development in WordPress – the session videos will be available on YouTube soon.

If you have a story we should consider including in the next “Month in WordPress” post, please submit it here.

The Month in WordPress: May 2018

Posted June 1, 2018 by Hugh Lashbrooke. Filed under Month in WordPress.

This month saw two significant milestones in the WordPress community — the 15th anniversary of the project, and GDPR-related privacy tools coming to WordPress Core. Read on to find out more about this and everything else that happened in the WordPress community in May.


Local Communities Celebrate the 15th Anniversary of WordPress

Last Sunday, May 27, WordPress turned 15 years old. This is a noteworthy occasion for an open-source project like WordPress and one well worth celebrating. To mark the occasion, WordPress communities across the world gathered for parties and meetups in honor of the milestone.

Altogether, there were 224 events globally, with a few more of those still scheduled to take place in some communities — attend one in your area if you can.

If your city doesn’t have a WordPress meetup group, this is a great opportunity to start one! Learn how with the Meetup Organizer Handbook, and join the #community-events channel in the Making WordPress Slack group.

Privacy Tools added to WordPress core

In light of recent changes to data privacy regulations in the EU, WordPress Core shipped important updates in the v4.9.6 release, giving site owners tools to help them comply with the new General Data Protection Regulation (GDPR). It is worth noting, however, that WordPress cannot ensure you are compliant — this is still a site owner’s responsibility.

The new privacy tools include a number of features focused on providing privacy and personal data management to all site users — asking commenters for explicit consent to store their details in a cookie, providing site owners with an easy way to publish a Privacy Policy, and providing data export and erasure tools to all site users that can be extended by plugins to allow the handling of data that they introduce.

To find out more about these features and the other updates, read the 4.9.6 update guide. You can also get involved in contributing to this part of WordPress Core by jumping into the #core-privacy channel in the Making WordPress Slack group, and following the Core team blog.

Updates to the WordPress.org Privacy Policy

In a similar vein, WordPress.org itself has received an updated Privacy Policy to make clear what is being tracked and how your data is handled. Along with that, a Cookie Policy has also been added to explain just what is collected and stored in your browser when using the site.

These policies cover all sites on the WordPress.org network — including WordPress.org, WordPress.net, WordCamp.org, BuddyPress.org, bbPress.org, and other related domains and subdomains. It’s important to note that this does not mean that anything has changed in terms of data storage; rather that these documents clarify what data is stored and how it is handled.


Further Reading:

If you have a story we should consider including in the next “Month in WordPress” post, please submit it here.

WordPress.org Privacy Policy Updates

Posted May 25, 2018 by Andrea Middleton. Filed under General.

The WordPress.org privacy policy has been updated, hurray! While we weren’t able to remove all the long sentences, we hope you find the revisions make it easier to understand:

  • how we collect and use data,
  • how long the data we collect is retained, and
  • how you can request a copy of the data you’ve shared with us.

There hasn’t been any change to the data that WordPress.org collects or how that data is used; the privacy policy just provides more detail now. Happy reading, and thanks for using WordPress!

 

WordPress 4.9.6 Privacy and Maintenance Release

Posted May 17, 2018 by Allen Snook. Filed under Releases.

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features.

A decorative header featuring the text "GDPR" and a lock inside of a blue shield, on multicolor green background.

Privacy

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.

It’s important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.

You can learn more about the GDPR from the European Commission’s Data Protection page.

We’re committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, we’ve added a number of new privacy features in this release.

Comments

A screenshot of a comment form, where the new "Save my name, email, and website in this browser for the next time I comment" checkbox is featured.

Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.

Privacy Policy Page

A screenshot of the new Privacy Settings page.

Site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, that’s a great place to include your privacy policy.

In addition, we’ve created a guide that includes insights from WordPress and participating plugins on how they handle personal data. These insights can be copied and pasted into your site’s privacy policy to help you get started.

If you maintain a plugin that collects data, we recommend including that information in WordPress’ privacy policy guide. Learn more in our Privacy section of the Plugin Handbook.

Data Handling

A screenshot of the new Export Personal Data tools page. Several export requests are listed on the page, to demonstrate how the new feature will work.

Data Export

Site owners can export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.

Data Erasure

Site owners can erase a user’s personal data, including data collected by participating plugins.

Howdy,

A request has been made to perform the following action on your account:

Export Personal Data

To confirm this, please click on the following link:
http://.wordpress.org/wp-login.php?action=confirmaction…

You can safely ignore and delete this email if you do not want to
take this action.

This email has been sent to you@example.com.

Regards,
Your friends at WordPress
http://wordpress.org

Site owners have a new email-based method that they can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters.


Maintenance

95 updates were made in WordPress 4.9.6. In addition to the above, particularly of note were:

  • “Mine” has been added as a filter in the media library.
  • When viewing a plugin in the admin, it will now tell you the minimum PHP version required.
  • We’ve added new PHP polyfills for forwards-compatibility and proper variable validation.
  • TinyMCE was updated to the latest version (4.7.11).

This post has more information about all of the issues fixed in 4.9.6 if you’d like to learn more.

Download WordPress 4.9.6 or venture over to Dashboard → Updates and click “Update Now.” Sites that support automatic background updates will start updating soon.

Please note that if you’re currently on WordPress 4.9.3, you should manually update your site immediately.


Thank you to everyone who contributed to WordPress 4.9.6:
Aaron D. Campbell, Aaron Jorbin, abdullahramzan, Adam Silverstein, Alain Schlesser, allendav, Andrea Fercia, Andrea Middleton, Andrew Ozz, Ayesh Karunaratne, Birgir Erlendsson (birgire), bridgetwillard, Burlington Bytes, Chetan Prajapati, claudiu, Corey McKrill, Daniel Bachhuber, David Herrera, Dominik Schilling (ocean90), Ella Van Dorpe, Eric Daams, Fernando Claussen, Garrett Hyder, Gary Pendergast, Heather Burns, Helen Hou-Sandi, herregroen, Ian Dunn, ibelanger, imath, Jb Audras, Jeffrey Paul, Jeremy Felt, Jesper V Nielsen, JJJ, Joe McGill, John Blackbourn, Jonathan Desrosiers, Josepha, jrf, Kåre Mulvad Steffensen, Laken Hafner, laurelfulford, lbenicio, macbookandrew, Marius L. J., Mel Choyce, Michael Nelson, Mike Jolley, Pascal Casier, pbrocks, postphotos, Prashant Baldha, PressTigers, programmin, Robin Cornett, Sergey Biryukov, Stefano Lissa, Stephane Daury (stephdau), Subrata Sarkar, Tammie Lister, teddytime, thomasplevy, Timothy Jacobs, Tobias Zimpel, Tom J Nowell, Tor-Bjorn Fjellner, Towhidul Islam, voneff, William Earnhardt, and Xenos (xkon) Konstantinos.

The Month in WordPress: April 2018

Posted May 2, 2018 by Hugh Lashbrooke. Filed under Month in WordPress.

This past month saw a lot of preparation for upcoming events and releases across the WordPress project. Read on to find out more about these plans, and everything else that happened around the community in April.


The WordPress 15th Anniversary is Coming

On May 27 2018, WordPress will turn 15 years old — this is a huge milestone for the project, or, indeed, for any open-source platform. The Community Team has been hard at work helping communities around the world plan local anniversary parties.

Check the central anniversary website to see if there’s already a party being planned near you. These parties are all organized by local communities — if there’s no local community in your area, you can start one today and host a party yourself.

Work has Started on a Gutenberg Migration Guide

With Gutenberg, the upcoming WordPress content editor, in rapid development, a lot of people have been wondering how they will convert their existing plugins to work with the new features. To mitigate the issues here and help people overcome any migration hurdles, a Gutenberg Migration Guide is underway to assist developers with making their code Gutenberg-compatible.

If you’d like to contribute to this guide, you can review the existing documentation on GitHub and open a new issue if you find something to add.

Theme Review Team Launches Trusted Authors Program

Reviews of themes submitted to the Theme Directory can take quite a while to complete. In order to combat this issue and to make the theme submission process smoother for everyone, the Theme Review Team is introducing a Trusted Authors Program.

This program will allow frequent and reliable theme authors to apply for trusted status, allowing them to upload themes more frequently and to have their themes automatically approved. This will allow more high-quality themes to be added to the directory, as well as recognize the hard work that authors put in to build their themes.

If you would like to get involved with reviewing themes, you can read their getting started guide, follow the team blog and join the #themereview channel in the Making WordPress Slack group.


Further Reading:

If you have a story we should consider including in the next “Month in WordPress” post, please submit it here.

Celebrate the WordPress 15th Anniversary on May 27

Posted April 20, 2018 by Andrea Middleton. Filed under Events, Store.

May 27, 2018 is the 15th anniversary of the first WordPress release — and we can’t wait to celebrate!

Party time!

Join WordPress fans all over the world in celebrating the 15th Anniversary of WordPress by throwing your own party! Here’s how you can join in the fun:

  1. Check the WordPress 15th Anniversary website to see if there’s a party already planned for your town. If there is, RSVP for the party and invite your friends!
  2. If there isn’t, then pick a place to go where a bunch of people can be merry — a park, a pub, a backyard; any family-friendly venue will do!
  3. List your party with your local WordPress meetup group (Don’t have a group? Start one!)  and then spread the word to other local meetups, tech groups, press, etc and get people to say they’ll come to your party.
  4. Request some special 15th anniversary WordPress swag (no later than April 27, please, so we have time to ship it to you).
  5. Have party attendees post photos, videos, and the like with the #WP15 hashtag, and check out the social media stream to see how the rest of the world is sharing and celebrating.

Don’t miss this chance to participate in a global celebration of WordPress!

Special Swag

In honor of the 15th anniversary, we’ve added some special 15th anniversary items in the swag store — you can use the offer code CELEBRATEWP15 to take 15% off this (and any other WordPress swag you buy), all the way through the end of 2018!

Keep checking the swag store, because we’ll be adding more swag over the next few weeks!

Share the fun

However you celebrate the WordPress 15th anniversary — with a party, with commemorative swag, by telling the world what WordPress means to you — remember to use the #WP15 hashtag to share it! And don’t forget to check the stream of WordPress 15th anniversary posts.

When 30% of the internet has a reason to celebrate, you know it’s going to be great!

GDPR Compliance Tools in WordPress

Posted April 12, 2018 by Andrew Ozz. Filed under Features.

GDPR compliance is an important consideration for all WordPress websites. The GDPR Compliance team is looking for help to test the privacy tools that are currently being developed in core.

What is GDPR?

GDPR stands for General Data Protection Regulation and is intended to strengthen and unify data protection for all individuals within the European Union. Its primary aim is to give control back to the EU residents over their personal data.

Why the urgency? Although the GDPR was introduced two years ago, it becomes  enforceable starting May 25, 2018.

Make WordPress GDPR Compliance Team

Currently, the GDPR Compliance Team understands that helping WordPress-based sites become compliant is a large and ongoing task. The team is focusing on creating a comprehensive core policy, plugin guidelines, privacy tools and documentation. All of this requires your help.

The GDPR Compliance Team is focusing on four main areas:

  • Add functionality to assist site owners in creating comprehensive privacy policies for their websites.
  • Create guidelines for plugins to become GDPR ready.
  • Add administration tools to facilitate compliance and encourage user privacy in general.
  • Add documentation to educate site owners on privacy, the main GDPR compliance requirements, and on how to use the new privacy tools.

Don’t we already have a privacy policy?

Yes and no. That said, The GDPR puts tighter guidelines and restrictions. Though we have many plugins that create privacy pages, we need means to generate a unified, comprehensive privacy policy. We will need tools for users to easily come into compliance.

Site owners will be able to create GDPR compliant privacy policy in three steps:

  1. Adding a dedicated page for the policy.
  2. Adding privacy information from plugins.
  3. Reviewing and publishing the policy.

A new “postbox” will be added to the Edit Page screen when editing the policy. All plugins that collect or store user data will be able to add privacy information there. In addition it will alert the site owners when any privacy information changes after a plugin is activated, deactivated, or updated.

There is a new functionality to confirm user requests by email address. It is intended for site owners to be able to verify requests from users for displaying, downloading, or anonymizing of personal data.

A new “Privacy” page is added under the “Tools” menu. It will display new, confirmed requests from users, as well as already fulfilled requests. It will also contain the tools for exporting and anonymizing of personal data and for requesting email confirmation to avoid abuse attempts.

New section on privacy will be added to the Plugin Handbook. It will contain some general information on user privacy, what a plugin should do to be compliant, and also tips and examples on how to use the new privacy related functionality in WordPress.

The new privacy tools are scheduled for release at the end of April or beginning of May 2018.

How can you get involved?

We would love to have your help. The first step is awareness and education. For more information about the upcoming privacy tools see the roadmap.

If you would like to get involved in building WordPress Core and testing the new privacy tools, please join the #gdpr-compliance channel in the Make WordPress Slack group.

WordPress 4.9.5 Security and Maintenance Release

Posted April 3, 2018 by Aaron D. Campbell. Filed under Releases.

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.5:

  1. Don't treat localhost as same host by default.
  2. Use safe redirects when redirecting the login page if SSL is forced.
  3. Make sure the version string is correctly escaped for use in generator tags.

Thank you to the reporters of these issues for practicing coordinated security disclosurexknown of the WordPress Security Team, Nitin Venkatesh (nitstorm), and Garth Mortensen of the WordPress Security Team.

Twenty-five other bugs were fixed in WordPress 4.9.5. Particularly of note were:

  • The previous styles on caption shortcodes have been restored.
  • Cropping on touch screen devices is now supported.
  • A variety of strings such as error messages have been updated for better clarity.
  • The position of an attachment placeholder during uploads has been fixed.
  • Custom nonce functionality in the REST API JavaScript client has been made consistent throughout the code base.
  • Improved compatibility with PHP 7.2.

This post has more information about all of the issues fixed in 4.9.5 if you'd like to learn more.

Download WordPress 4.9.5 or venture over to Dashboard → Updates and click "Update Now." Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.5:

1265578519, Aaron Jorbin, Adam Silverstein, Alain Schlesser, alexgso, Andrea Fercia, andrei0x309, antipole, Anwer AR, Birgir Erlendsson (birgire), Blair jersyer, Brooke., Chetan Prajapati, codegrau, conner_bw, David A. Kennedy, designsimply, Dion Hulse, Dominik Schilling (ocean90), ElectricFeet, ericmeyer, FPCSJames, Garrett Hyder, Gary Pendergast, Gennady Kovshenin, Henry Wright, Jb Audras, Jeffrey Paul, Jip Moors, Joe McGill, Joen Asmussen, John Blackbourn, johnpgreen, Junaid Ahmed, kristastevens, Konstantin Obenland, Laken Hafner, Lance Willett, leemon, Mel Choyce, Mike Schroder, mrmadhat, nandorsky, Nidhi Jain, Pascal Birchler, qcmiao, Rachel Baker, Rachel Peter, RavanH, Samuel Wood (Otto), Sebastien SERRE, Sergey Biryukov, Shital Marakana, Stephen Edgar, Tammie Lister, Thomas Vitale, Will Kwon, and Yahil Madakiya.

Older Posts »

See Also:

For more WordPress news, check out the WordPress Planet.
There’s also a development P2 blog.
To see how active the project is check out our Trac timeline, it often has 20–30 updates per day.

Categories

Subscribe to WordPress News

Join 1,801,460 other subscribers

%d bloggers like this: