I received an email this morning from the WordFence plugin that Twenty Twelve files on my site had been modified, despite having only installed it in the last week (as part of the core update to v3.5).
Wordfence reported the following as being the difference between the repository and in-site versions ...
in - /themes/twentytwelve/languages/twentytwelve.pot
repository version -
5 "Project-Id-Version: Twenty Twelve 1.1\n" 6 "Report-Msgid-Bugs-To: http://wordpress.org/tags/twentytwelve\n" 7 "POT-Creation-Date: 2012-12-07 21:19:18+00:00\n" 143 #. #-#-#-#-# twentytwelve.pot (Twenty Twelve 1.1) #-#-#-#-#
on-site version -
`5 "Project-Id-Version: Twenty Twelve 1.0\n"
6 "Report-Msgid-Bugs-To: http://wordpress.org/tags/twentytwelve\n"
7 "POT-Creation-Date: 2012-12-07 21:19:18+00:00\n"
143 #. #-#-#-#-# twentytwelve.pot (Twenty Twelve 1.0) #-#-#-#-# '
As these are the only changes in the file (there are no content changes - only version changes), it would seem that someone has jumped the gun on updating the file in the repository. A bit more discipline is needed there.
As there is no published update to Twenty Twelve, and all but the .pot file still having the same version as the installed one, I'll instruct WordFence to ignore the discrepancy until further changes take place ... but I should not have to be doing this!
I bring this to your attention as over the last couple of years I've had several domains hacked with malware injected to .pot files, therefore I'm a tad sensitive about unauthorised changes to those files.
Please take a little more care when upgrading file versions without pushing a version upgrade for the theme/plugin as a whole - the warning emails are not good for my coronary condition.