WordPress.org

Join Us Again for Global WordPress Translation Day

Posted October 14, 2016 by Petya Raykovska. Filed under Community.

The WordPress Polyglots team is organizing the second Global WordPress Translation Day on November 12th. Everyone is invited to join – from anywhere in the world!

Translating is one of the easiest ways to get involved with WordPress and contribute to the project. Global WordPress Translation Day is your chance to learn more about translating WordPress, meet people from all over the world, and translate WordPress into one of more than 160 languages.

Join us on November 12th from anywhere in the world

The translation day starts on Saturday, November 12th, 2016, at 0:00 UTC and ends 24 hours later. See what time that is for you! You can join right from the start, or any time it’s convenient for you throughout the day.

What are we doing?

Local contributor days are happening all over the world, and are a great way to get involved. Check out this map to see if there’s already a local event happening near you. Can’t find one? Organize a local event!

At the same time, join the community for 24 hours of live-streamed, remote sessions in numerous languages. Sessions will cover localization, internationalization, and contributing in your language.

Who’s it for?

Whether you’re new to translating and want to learn how to translate, or an experienced translation editor building a strong team, the translation day is for you. Developers will also enjoy topics from experienced contributors, whether you’re learning about internationalization and or want to find more translators for your themes and plugins. There’s a session for everyone!

Get Involved

Joining is easy! On November 12th, in your own timezone, translate WordPress or your favorite plugins and themes into your language, while watching live sessions over the course of the day.

Want to get more involved? Sign up to organize a local event and invite your local community to translate together on November 12th. Events can be formal or completely informal – grab your laptop and a couple of friends, and head to a local coffee shop to translate for an hour or two.

Can you get involved if you only speak English?

Absolutely! Even if you only speak English, there are great sessions about internationalization that can benefit every developer. There’s also lots of English variants that need your help! For example, English is spoken and written differently in Australia, Canada, New Zealand, South Africa, and the United Kingdom. You can learn about these differences and why these variants are important during the sessions.

And if you’re feeling fun, try translating WordPress into emoji! Yep, we have a translation of WordPress in emoji! 🌎🌍🌏

Questions?

If you have any questions, the polyglots team and the event organizers hang out in #polyglots in Slack and are happy to help! (Get an invite to Slack at chat.wordpress.org.)

Sign up to take part in the event on the official website.

WordPress 4.6.1 Security and Maintenance Release

Posted September 7, 2016 by Jeremy Felt. Filed under Releases, Security.

WordPress 4.6.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.

Thank you to the reporters for practicing responsible disclosure.

In addition to the security issues above, WordPress 4.6.1 fixes 15 bugs from 4.6. For more information, see the release notes or consult the list of changes.

Download WordPress 4.6.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.6.1.

Thanks to everyone who contributed to 4.6.1:

Andrew OzzbongerBoone GorgesChaos EngineDaniel Kanchev, Dion Hulse, Drew Jaynes, Felix ArntzFredrik ForsmoGary PendergastgeminorumIan Dunn, Ionut Stanciu, Jeremy Felt, Joe McGillMarius L. J. (Clorith)Pascal BirchlerRobert D PayneSergey Biryukov, and Triet Minh.

WordPress 4.6 “Pepper”

Posted August 16, 2016 by Dominik Schilling (ocean90). Filed under Releases.

Version 4.6 of WordPress, named “Pepper” in honor of jazz baritone saxophonist Park Frederick “Pepper” Adams III, is available for download or update in your WordPress dashboard. New features in 4.6 help you to focus on the important things while feeling more at home.


Streamlined Updates

Don’t lose your place: stay on the same page while you update, install, and delete your plugins and themes.


Native Fonts

The WordPress dashboard now takes advantage of the fonts you already have, making it load faster and letting you feel more at home on whatever device you use.


Editor Improvements

Inline Link Checker

Ever accidentally made a link to https://wordpress.org/example.org? Now WordPress automatically checks to make sure you didn’t.

Content Recovery

As you type, WordPress saves your content to the browser. Recovering saved content is even easier with WordPress 4.6.


Under The Hood

Resource Hints

Resource hints help browsers decide which resources to fetch and preprocess. WordPress 4.6 adds them automatically for your styles and scripts making your site even faster.

Robust Requests

The HTTP API now leverages the Requests library, improving HTTP standard support and adding case-insensitive headers, parallel HTTP requests, and support for Internationalized Domain Names.

WP_Term_Query and WP_Post_Type

A new WP_Term_Query class adds flexibility to query term information while a new WP_Post_Type object makes interacting with post types more predictable.

Meta Registration API

The Meta Registration API has been expanded to support types, descriptions, and REST API visibility.

Translations On Demand

WordPress will install and use the newest language packs for your plugins and themes as soon as they’re available from WordPress.org’s community of translators.

JavaScript Library Updates

Masonry 3.3.2, imagesLoaded 3.2.0, MediaElement.js 2.22.0, TinyMCE 4.4.1, and Backbone.js 1.3.3 are bundled.

Customizer APIs for Setting Validation and Notifications

Settings now have an API for enforcing validation constraints. Likewise, customizer controls now support notifications, which are used to display validation errors instead of failing silently.

Multisite, now faster than ever

Cached and comprehensive site queries improve your network admin experience. The addition of WP_Site_Query and WP_Network_Query help craft advanced queries with less effort.


The Crew

This release was led by Dominik Schilling, backed up by Garth Mortensen as Release Deputy, and with the help of these fine individuals. There are 272 contributors with props in this release. Pull up some Pepper Adams on your music service of choice, and check out some of their profiles:

A5hleyRich, Aaron Jorbin, achbed, Adam Silverstein, Adam Soucie, Adriano Ferreira, afineman, Ahmad Awais, aidvu, Aki Björklund, Alain Schlesser, Alex Concha, Alex Dimitrov, Alex King, Alex Mills (Viper007Bond), alexvandervegt, Alice Brosey, Ana Aires, Andrea Fercia, Andrea Gandino, Andrew Nacin, Andrew Ozz, Andrew Rockwell, Andy Fragen, Andy Meerwaldt, Andy Skelton, Anil Basnet, Ankit K Gupta, anneschmidt, Antti Kuosmanen, Arunas Liuiza, Barry, Barry Ceelen, Bernhard Kau, Birgir Erlendsson (birgire), bobbingwide, bonger, Boone B. Gorges, Brad Touesnard, Brandon Kraft, brianvan, Bruno Borges, Bryan Petty, Bryan Purcell, Chandra Patel, Chaos Engine, Chouby, Chris Mok, Chris Olbekson, chriscct7, Christoph Herr, Christopher Finke, Cliff Seal, clubduece, cmillerdev, Craig Ralston, crstauf, dabnpits, Daniel Bachhuber, Daniel Hüsken, Daniel Kanchev, Daniele Scasciafratte, dashaluna, davewarfel, David A. Kennedy, David Anderson, David Brumbaugh, David Cavins, David Herrera, David Mosterd, David Shanske, Dennis Ploetner, Derek Herman, Devin Price, Dion Hulse, Doug Wollison, Drew Jaynes, Ella Iseulde Van Dorpe, elrae, Eric Andrew Lewis, Erick Hitter, Fabien Quatravaux, Faison, Felix Arntz, flyingdr, FolioVision, francescobagnoli, Frank Bueltge, Frank Klein, Frank Martin, Fredrik Forsmo, Gabriel Koen, Gabriel Maldonado, Gary Pendergast, gblsm, Geeky Software, geminorum, George Stephanis, Hardeep Asrani, Helen Hou-Sandí, Henry Wright, Hugo Baeta, Iain Poulson, Ian Dunn, Ignacio Cruz Moreno, imath, Inderpreet Singh, Ionut Stanciu, Ipstenu (Mika Epstein), J.D. Grimes, James Huff, James Nylen, Janne Ala-Aijala, Jasper de Groot, javorszky, Jean-Paul Davoutian, Jeff Farthing, Jeffrey de Wit, Jeremy Felt, Jeremy Green, Jeremy Herve, Jeremy Ward, Jerry Bates (jerrysarcastic), Jesin A, Jip Moors, Joe Dolson, Joe Hoyle, Joe McGill, Joel Williams, Johan Falk, John, John Blackbourn, John James Jacoby, John_Schlick, johnpgreen, Jon (Kenshino), Jonathan Brinley, Jonny Harris, Joost de Valk, Joseph Scott, Josh Pollock, Joshua Goodwin, jrf, jsternberg, Juanfra Aldasoro, Juhi Saxena, julesaus, Justin Sainton, Kelly Dwan, Kevin Hagerty, Kite, kjbenk, Konstantin Kovshenin, Konstantin Obenland, Kurt Payne, Laurens Offereins, Luke Cavanagh, Lutz Schröer, Marcel Pol, Marius L. J., Mark Jaquith, Mark Uraine, martin.krcho, Matt Miklic, Matt Mullenweg, Matthew Batchelder, mattyrob, Mayeenul Islam, mdwheele, medariox, Mehul Kaklotar, Meitar, Mel Choyce, Michael Arestad, Michael Arestad, Michael Beil, Michael Moore, Michael Wiginton, Miina Sikk, Mike Bijon, Mike Hansen, Mike Schroder, Milan Dinić, Morgan Estes, moto hachi ( mt8.biz ), Mustafa Uysal, Nícholas André, Nextendweb, Niall Kennedy, Nick Halsey, Nikhil Chavan, Nilambar Sharma, Ninos, Noah, noahsilverstein, odyssey, ojrask, Olar Marius, ovann86, pansotdev, Pascal Birchler, Paul Bearne, Paul Vincent Beigang, Paul Wilde, pavelevap, pcarvalho, Peter Westwood, Peter Wilson, PeterRKnight, Petter Walbø Johnsgård, Petya Raykovska, Pieter Daalder, Pollett, postpostmodern, Presskopp, prettyboymp, r-a-y, Rachel Baker, rafaelangeline, raffaella isidori, Rahul Prajapati, Rami Yushuvaev, Rian Rietveld , Richard Tape, Robert D Payne, Robin Cornett, Rodrigo Primo, Ronald Huereca, Ruud Laan, Ryan McCue, Ryan Welcher, Samantha Miller, Samir Shah, Sara Rosso, Scott Basgaard, Scott Kingsley Clark, Scott Reilly, Scott Taylor, screamingdev, Sebastian Pisula, semil, Sergey Biryukov, shahpranaf, Sidati, Silvan Hagen, Simon, sirjonathan, smerriman, Soren Wrede, southp, Stanko Metodiev, Stephane Daury (stephdau), Stephen Edgar, Stephen Harris, Steven Word, Sudar Muthu, Swapnil V. Patil, Taco Verdonschot, Takashi Irie, Tammie Lister, Taylor Lovett, theMikeD, Thiago Loureiro, thomaswm, Thorsten Frommen, Timothy Jacobs, Travis Northcutt, Triet Minh, Ulrich, Unyson, Viktor Szépe, Vishal Kakadiya, vortfu, Vova Feldman, websupporter, Weston Ruter, wp_smith, wpfo, Xavi Ivars, Yoav Farhi, Zack Tollman, and zakb8.

 

Special thanks go to Jerry Bates for producing the release video and Hugo Baeta for providing marketing graphics.

Finally, thanks to all the community translators who worked on WordPress 4.6. Their efforts make it possible to use WordPress 4.6 in 52 languages. The WordPress 4.6 release video has been captioned into 43 languages.

If you want to follow along or help out, check out Make WordPress and our core development blog. Thanks for choosing WordPress. See you soon for version 4.7!

WordPress 4.6 RC2

Posted August 11, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

The second release candidate for WordPress 4.6 is now available.

We’ve made over 30 changes since the first release candidate. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.6 on Tuesday, August 16, but we need your help to get there.

If you haven’t tested 4.6 yet, now is the time!

Think you’ve found a bug? Please post to the Alpha/Beta support forum. If any known issues come up, you’ll be able to find them here.

To test WordPress 4.6, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).

For more information about what’s new in version 4.6, check out the Beta 1, Beta 2, Beta 3, Beta 4, and RC 1 blog posts.

A few changes of note since the first release candidate:

  • Support for custom HTTP methods and proxy authentication has been restored.
  • Various fixes for the streamlined updates, including better failure messages and error handling, basic back-compat styling for custom update notifications, and additional and standardized JavaScript events.
  • Unnecessary reference parameters have been removed from new multisite functions.
  • A compatibility issue with PHP 7.0.9 (and PHP 7.1) has been fixed.

Developers, please test your plugins and themes against WordPress 4.6 and update your plugin’s Tested up to version in the readme to 4.6. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release – we never want to break things.

Be sure to read the in-depth field guide, a post with all the developer-focused changes that take place under the hood.

Translators, strings are now frozen, including the About Page, so you are clear to translate! Help us translate WordPress into more than 100 languages!

Happy testing!

The verdict is in,
Can I haz all the features,
Your best WordPress yet.

🏳️‍🌈

WordPress 4.6 Release Candidate

Posted July 27, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

The release candidate for WordPress 4.6 is now available.

We’ve made a few refinements since releasing Beta 4 a week ago. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.6 on Tuesday, August 16, but we need your help to get there.

If you haven’t tested 4.6 yet, now is the time!

Think you’ve found a bug? Please post to the Alpha/Beta support forum. If any known issues come up, you’ll be able to find them here.

To test WordPress 4.6, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).

For more information about what’s new in version 4.6, check out the Beta 1Beta 2, Beta 3, and Beta 4 blog posts.

Developers, please test your plugins and themes against WordPress 4.6 and update your plugin’s Tested up to version in the readme to 4.6. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release – we never want to break things.

Be sure to read the in-depth field guide, a post with all the developer-focused changes that take place under the hood.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

Happy testing!

Der Sommer ist da,
Zeit für ein neues Release.
Bald ist es soweit.

WordPress 4.6 Beta 4

Posted July 20, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

WordPress 4.6 Beta 4 is now available!

This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

For more information on what’s new in 4.6, check out the Beta 1, Beta 2, and Beta 3 blog posts, along with in-depth field guides. This is the final planned beta of WordPress 4.6, with a release candidate scheduled for next week.

Some of the fixes in Beta 4 include:

  • Media: alt attributes are now always added to images inserted from URLs (#36735).
  • Object subtype handling has been removed from register_meta(). Details about this change are explained in a post for developers.
  • Resource hints are now limited to enqueued assets (#37385).
  • A regression with query alterations introduced by the new WP_Term_Query has been fixed (#37378).
  • The Ajax searches for installed and new plugins have been enhanced to fix several accessibility issues and to improve compatibility with older browsers. (#37233, #37373)
  • The media player MediaElement.js has been updated to 2.22.0 to fix YouTube video embeds (#37363).
  • The Import screen was overhauled, improving accessibility and making it much easier to install and run an importer (#35191).
  • Emoji support has been updated to include all of the latest Unicode 9 emoji characters (#37361). 🤠🥕🥓🕺🏽🤝🏿
  • Various bug fixes. We’ve made more than 60 changes during the last week.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed.

Happy testing!

This is Beta 4,
The last before RC 1.
Please test all the things.

WordPress 4.6 Beta 3

Posted July 13, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

WordPress 4.6 Beta 3 is now available!

This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

For more information on what’s new in 4.6, check out the Beta 1 and Beta 2 blog posts, along with in-depth field guides on make/core. Some of the fixes in Beta 3 include:

  • Revisions: Autosaves can now be restored when revisions are disabled (#36262).
  • An improved handling of PHP’s memory limit which doesn’t lower the limit anymore (#32075).
  • TinyMCE has been updated to 4.4.0 (#37327).
  • HTTP API: Proxy settings weren’t honored by the new HTTP library. This has been fixed (#37107).
  • Improved handling of UTF-8 address headers for emails (#21659).
  • Various bug fixes. We’ve made more than 65 changes during the last week.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed.

Happy testing!

Beta 3 is here,
The more testing, the better.
Gotta catch ‘em all!

WordPress 4.6 Beta 2

Posted July 6, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

WordPress 4.6 Beta 2 is now available!

This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

Notable changes since WordPress 4.6 Beta 1:

  • Meta: The fallback authentication for the previous registration method has been restored. Also, retrieving registered metadata now works and non-core object types are no longer forcibly blocked. See #35658.
  • REST API: The order of setting sanitization and validation has been reversed; validation now occurs prior to sanitization. Previously, the sanitization callback ran before the validation callback. See #37192.
  • Customize: The order of setting sanitization and validation has been reversed; validation now occurs prior to sanitization. See #37247.
  • HTTP API: WP_Http::request() returns an array again. See #37097.
  • Various bug fixes. We’ve made just over 50 changes in the last week.

For more of what’s new in version 4.6, check out the Beta 1 blog post.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed.

Happy testing!

Teenage Beta 2
Thirteen years of pressing words
Rejoice with testing!

WordPress 4.6 Beta 1

Posted June 30, 2016 by Dominik Schilling (ocean90). Filed under Development, Releases.

WordPress 4.6 Beta 1 is now available!

This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

WordPress 4.6 is slated for release on August 16, but to get there, we need your help testing what we have been working on, including:

  • Shiny Updates v2 ([37714]) – Shiny Updates replaces progress updates with a simpler and more straight forward experience when installing, updating, and deleting plugins and themes.
  • Native Fonts in the Admin (#36753) – Experience faster load times, especially when working offline, a removal of a third-party dependency, and a more native-feeling experience as the lines between the mobile web and native applications continue to blur.
  • Editor Improvements – A more reliable recovery mode (#37025) and detection of broken URLs while you type them (#36638).

There have been changes for developers to explore as well:

  • Resource Hints (#34292) – Allow browsers to prefetch specific pages, render them in the background, perform DNS lookups, or to begin the connection handshake (DNS, TCP, TLS) in the background.
  • New WP_Site_Query (#35791) and WP_Network_Query (#32504) classes to query sites and networks with lazy loading for details.
  • Requests (#33055) – A new PHP library for HTTP requests that supports parallel requests and more.
  • WP_Term_Query (#35381) is modeled on existing query classes and provides a more consistent structure for generating term queries.
  • Language Packs (#34114#34213) – Translations managed through translate.wordpress.org now have a higher priority and are loaded just-in-time.
  • WP_Post_Type (#36217) provides easier access to post type objects and their underlying properties.
  • The Widgets API (#28216) was enhanced to support registering pre-instantiated widgets.
  • Index definitions are now normalized by dbDelta() ([37583]).
  • Comments can now be stored in a persistent object cache (#36906).
  • External Libraries were updated to the latest versions – Masonry to 3.3.2 and imagesLoaded to 3.2.0 (#32802), MediaElement.js to 2.21.2 (#36759), and TinyMCE to 4.3.13 (#37225).
  • REST API responses now include an auto-discovery header (#35580) and a refreshed nonce when responding to an authenticated response (#35662).
  • Expanded Meta Registration API via register_meta() (#35658).
  • Customizer – Improved API for setting validation (#34893#36944).

If you want a more in-depth view of what major changes have made it into 4.6, check out posts tagged with 4.6 on the main development blog, or look at a list of everything that’s changed.

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs.

Happy testing!

More Shiny Updates
In 4.6 Beta 1.
And Font Natively.

WordPress 4.5.3 Maintenance and Security Release

Posted June 18, 2016 by Adam Silverstein. Filed under Releases, Security.

WordPress 4.5.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, reported by Yassine Aboukir; two different XSS problems via attachment names, reported by Jouko Pynnönen and Divyesh Prajapati; revision history information disclosure, reported independently by John Blackbourn from the WordPress security team and by Dan Moen from the Wordfence Research Team; oEmbed denial of service reported by Jennifer Dodd from Automattic; unauthorized category removal from a post, reported by David Herrera from Alley Interactive; password change via stolen cookie, reported by Michael Adams from the WordPress security team; and some less secure sanitize_file_name edge cases reported by Peter Westwood of  the WordPress security team.

Thank you to the reporters for practicing responsible disclosure.

In addition to the security issues above, WordPress 4.5.3 fixes 17 bugs from 4.5, 4.5.1 and 4.5.2. For more information, see the release notes or consult the list of changes.

Download WordPress 4.5.3 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.5.3.

Thanks to everyone who contributed to 4.5.3:

Boone Gorges, Silvan Hagenvortfu, Eric Andrew LewisNikolay Bachiyski,  Michael Adams, Jeremy FeltDominik SchillingWeston RuterDion HulseRachel BakerAlex ConchaJennifer M. DoddBrandon Kraft, Gary Pendergast, Ella Iseulde Van Dorpe, Joe McGill, Pascal Birchler, Sergey BiryukovDavid Herrera and Adam Silverstein.

« Newer PostsOlder Posts »

See Also:

For more WordPress news, check out the WordPress Planet.

There’s also a development P2 blog.

To see how active the project is check out our Trac timeline, it often has 20–30 updates per day.

Categories

%d bloggers like this: