Release 3.9.2

  • wildmank

    (@wildmank)


    9 years, 8 months ago

    So, ok, I’m a bit irritated after working 30 hrs over the last two days without any notice from WordPress until I received the “email”. Granted, WordPress and Drupal have provided a tremendous service by allowing the masses to implement their open source programs. While they have been gracious in providing their development expertise (25% of all websites posted to the internet are WordPress based and over 5% are Drupal = 30%), why do they not have a representable proportion of individuals who are skulking about finding security issues? Since the WordPress initial release of WordPress 2003, there were 46 subsequent releases until 2010. Approximately 6.5 per year over a 7 year period. Since 2010, there have been 28 releases at an average of 7 per year over a FOUR year period. Almost a 50% increase? Yes? If web developers are to continue offering such services to our clients, I’m afraid that we will have to include an “upgrade clause”. This is more problematic than what it seems, since many of the plugin developers do not upgrade their plugins appropriately to the current version. I’m very disappointed. What are your suggestions?

Viewing 2 replies - 1 through 2 (of 2 total)
  • RossMitchell

    (@rossmitchell)

    9 years, 8 months ago

    Almost a 50% increase? Yes?

    NO, I am affraid not. Accepting your figures an increase from 6.5 to 7 per year, is 7%, SEVEN PERCENT.

    why do they not have a representable proportion of individuals who are skulking about finding security issues?

    My take is that there are updates because people are scanning for security vulnerabilities. And many of these updates are pre-emptive, fixes for which no exsploits have been seen.

    Yes, I share your experience of having plugins broken by updates.
    It is possible to turn off auto updates.

    Thread Starter wildmank

    (@wildmank)

    9 years, 8 months ago

    RossMitchell

    Thank you for your response. You will have to forgive my poor math skills (clearly incorrectly figured). I had worked almost 90 hrs last week and was not in a coherent frame of mind to be making such accusations. Frankly, I was exhausted and irritated…a lame excuse, I realize.

    Yes, I’m aware that it is possible to turn off auto updates. But this does nothing other than create a “don’t ask, don’t tell” scenario, which is not in the best interest of my clients’ websites or security as a whole.

    I have learned a few things over the past many years concerning plugins:

    1. I NEVER install a plugin that is not compatible with the most current WP version.

    2. I am reticent to install a plugin by a “new developer”. I typically look at a developer’s other plugins to see if they continue to be updated in a timely manner.

    3. If available, I often resort to “pro” (paid) versions of essential plugins, as there is a much higher percentage that these plugins will be maintained and upgraded.

    4. I periodically check all installations (dozens and dozens) for plugin updates and implement them as needed.

    In retrospect, my initial posting was like a “little kid throwing a fit because someone took their candy and gave it back with dirt all over it”. 🙁 The posting was unprofessional and the data unsupported (incorrect), regardless of the circumstances that produced it.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Release 3.9.2’ is closed to new replies.