Support » Theme: Tiny Framework » Security issues with child themes

  • Resolved wpjap

    (@wpjap)


    “Child Themes are used to avoid overwriting your customizations. But if you preserve a file in a child theme, then you maybe preserve a security risk. After an update from the parent theme you always should check the changes and maybe add them to your child theme. This plugin helps you keeping track of these changes in the parent theme.”
    I could use the Child Theme Check plugin to solve the problem (that where the citations are from).
    Unfortunately: “For full usage of the plugin your parent theme has to define the version of the template file in the header of the PHP file with an additional @version info. For example: @version 1.0.0″

    “Please spread the word and if you are a theme developer, please add this to your themes too!”
    So here I am spreading the word 😉
    Or are there any other possibilities with Tiny Framework concerning this issue?

    Thx
    Jan

Viewing 3 replies - 1 through 3 (of 3 total)
  • Theme Author Tomas Mackevicius

    (@tomasm)

    Thanks! I didn’t use this plugin, but it might be helpful. I assume if you would copy parent file, most likely you would make some additional changes to it, but perhaps plugin will account for this.

    Usually I list all the changes in the readme.txt file and update all child theme example files. You always can check the diffs here:

    https://themes.trac.wordpress.org/browser/tiny-framework/

    Look for the Rev column numbers for the corresponding theme versions and click the “View changes…” button bellow.

    Theme Author Tomas Mackevicius

    (@tomasm)

    In terms of putting @version 1.0.0 – I’m not sure about that, as I do not track versions for each file, to me it would be an overkill.

    Theme Author Tomas Mackevicius

    (@tomasm)

    In any case I will put it into my list of possible future updates for the consideration.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security issues with child themes’ is closed to new replies.