Normal view

There are new articles available, click to refresh the page.
Before yesterdayWordPress

WordPress 6.7 Release Candidate 3

6 November 2024 at 00:02

The third release candidate (RC3) for WordPress 6.7 is ready for download and testing!

This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC3 on a test server and site.

Reaching this phase of the release cycle is an important milestone. While release candidates are considered ready for release, testing remains crucial to ensure that everything in WordPress 6.7 is the best it can be.

You can test WordPress 6.7 RC3 in four ways:

PluginInstall and activate the WordPress Beta Tester plugin on a WordPress install. (Select the “Bleeding edge” channel and “Beta/RC Only” stream).
Direct DownloadDownload the RC3 version (zip) and install it on a WordPress website.
Command LineUse the following WP-CLI command:
wp core update --version=6.7-RC3
WordPress PlaygroundUse the 6.7 RC3 WordPress Playground instance (available within 35 minutes after the release is ready) to test the software directly in your browser without the need for a separate site or setup.
You can test the RC3 version in four ways.

The current target for the WordPress 6.7 release is November 12, 2024. Get an overview of the 6.7 release cycle, and check the Make WordPress Core blog for 6.7-related posts in the coming weeks for further details.

What’s in WordPress 6.7 RC3?

Get a recap of WordPress 6.7’s highlighted features in the Beta 1 announcement. For more technical information related to issues addressed since RC2, you can browse the following links:

How you can contribute

WordPress is open source software made possible by a passionate community of people collaborating on and contributing to its development. The resources below outline various ways you can help the world’s most popular open source web platform, regardless of your technical expertise.

Get involved in testing

Testing for issues is critical to ensuring WordPress is performant and stable. It’s also a meaningful way for anyone to contribute. This detailed guide will walk you through testing features in WordPress 6.7. For those new to testing, follow this general testing guide for more details on getting set up.

If you encounter an issue, please report it to the Alpha/Beta area of the support forums or directly to WordPress Trac if you are comfortable writing a reproducible bug report. You can also check your issue against a list of known bugs.

Curious about testing releases in general? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

Search for vulnerabilities

From now until the final release of WordPress 6.7 (scheduled for November 12, 2024), the monetary reward for reporting new, unreleased security vulnerabilities is doubled. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Update your theme or plugin

For plugin and theme authors, your products play an integral role in extending the functionality and value of WordPress for all users. 

Thanks for continuing to test your themes and plugins with the WordPress 6.7 beta releases. With RC3, you’ll want to conclude your testing and update the “Tested up to” version in your plugin’s readme file to 6.7.

If you find compatibility issues, please post detailed information to the support forum.

Help translate WordPress

Do you speak a language other than English? ¿Español? Français? Русский? 日本? हिन्दी? বাংলা? You can help translate WordPress into more than 100 languages.

Release the haiku

RC3 arrives,
Final polish, last bugs fall,
Six point seven calls.

Thank you to the following contributors for collaborating on this post: @peterwilsoncc, @joedolson, @sabernhardt.

WordPress 6.7 Release Candidate 2

30 October 2024 at 00:08

The second release candidate (RC2) for WordPress 6.7 is ready for download and testing!

This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC2 on a test server and site.

Reaching this phase of the release cycle is an important milestone. While release candidates are considered ready for release, testing remains crucial to ensure that everything in WordPress 6.7 is the best it can be.

You can test WordPress 6.7 RC2 in four ways:

PluginInstall and activate the WordPress Beta Tester plugin on a WordPress install. (Select the “Bleeding edge” channel and “Beta/RC Only” stream).
Direct DownloadDownload the RC2 version (zip) and install it on a WordPress website.
Command LineUse the following WP-CLI command:
wp core update --version=6.7-RC2
WordPress PlaygroundUse the 6.7 RC2 WordPress Playground instance (available within 35 minutes after the release is ready) to test the software directly in your browser without the need for a separate site or setup.
You can test the RC2 version in four ways.

The current target for the WordPress 6.7 release is November 12, 2024. Get an overview of the 6.7 release cycle, and check the Make WordPress Core blog for 6.7-related posts in the coming weeks for further details.

What’s in WordPress 6.7 RC2?

Get a recap of WordPress 6.7’s highlighted features in the Beta 1 announcement. For more technical information related to issues addressed since RC1, you can browse the following links:

How you can contribute

WordPress is open source software made possible by a passionate community of people collaborating on and contributing to its development. The resources below outline various ways you can help the world’s most popular open source web platform, regardless of your technical expertise.

Get involved in testing

Testing for issues is critical to ensuring WordPress is performant and stable. It’s also a meaningful way for anyone to contribute. This detailed guide will walk you through testing features in WordPress 6.7. For those new to testing, follow this general testing guide for more details on getting set up.

If you encounter an issue, please report it to the Alpha/Beta area of the support forums or directly to WordPress Trac if you are comfortable writing a reproducible bug report. You can also check your issue against a list of known bugs.

Curious about testing releases in general? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

Search for vulnerabilities

From now until the final release of WordPress 6.7 (scheduled for November 12, 2024), the monetary reward for reporting new, unreleased security vulnerabilities is doubled. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Update your theme or plugin

For plugin and theme authors, your products play an integral role in extending the functionality and value of WordPress for all users. 

Thanks for continuing to test your themes and plugins with the WordPress 6.7 beta releases. With RC2, you’ll want to conclude your testing and update the “Tested up to” version in your plugin’s readme file to 6.7.

If you find compatibility issues, please post detailed information to the support forum.

Help translate WordPress

Do you speak a language other than English? ¿Español? Français? Русский? 日本? हिन्दी? বাংলা? You can help translate WordPress into more than 100 languages.

Release the haiku

Six point seven’s dawn,
RC2 sweeps bugs away,
Sites stand firm and strong.

Thank you to the following contributors for collaborating on this post: @jorbin.

WordPress Community Creates 1,000 Block Themes in 1,000 Days

By: annezazu
24 October 2024 at 00:01
Layout of numerous colorful images of block themes laid out in a grid.

In nearly 1,000 days, the WordPress community has created 1,000 Block themes—coming together to use the full potential of the Site Editor and unleash new creative possibilities for everyone.

First introduced in WordPress 5.9, Block themes have steadily evolved, improving flexibility and functionality for themers, users, and agencies alike. Now, design tools allow customizing almost every detail. With style variations, users can change the overall look of their site in a few clicks. You can even use curation options to customize the editing process itself. But we’re not done! We can’t wait to keep pushing Block themes even further. Thank you to every early adopter who, by embracing early features with passion, helped shape the Block themes we love today with feedback and testing.

If you haven’t yet explored Block themes, check out some of the resources below to get inspired:

Let’s celebrate and share our contributions! Please comment on the Theme Team’s post dedicated to highlighting this milestone to share your favorite Block theme and thank those who have contributed along the way. 

Thank you to @kristastevens for editorial help, @beafialho for the featured image, and @kafleg for reviewing.

WordPress 6.7 Release Candidate 1

22 October 2024 at 23:42

The first release candidate (RC1) for WordPress 6.7 is ready for download and testing!

This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC1 on a test server and site.

Reaching this phase of the release cycle is an important milestone. While release candidates are considered ready for release, testing remains crucial to ensure that everything in WordPress 6.7 is the best it can be.

You can test WordPress 6.7 RC1 in four ways:

PluginInstall and activate the WordPress Beta Tester plugin on a WordPress install. (Select the “Bleeding edge” channel and “Beta/RC Only” stream).
Direct DownloadDownload the RC1 version (zip) and install it on a WordPress website.
Command LineUse the following WP-CLI command:
wp core update --version=6.7-RC1
WordPress PlaygroundUse the 6.7 RC1 WordPress Playground instance (available within 35 minutes after the release is ready) to test the software directly in your browser without the need for a separate site or setup.
You can test the RC1 version in four ways.

The current target for the WordPress 6.7 release is November 12, 2024. Get an overview of the 6.7 release cycle, and check the Make WordPress Core blog for 6.7-related posts in the coming weeks for further details.

What’s in WordPress 6.7 RC1?

Get a recap of WordPress 6.7’s highlighted features in the Beta 1 announcement. For more technical information related to issues addressed since Beta 3, you can browse the following links:

Want to look deeper into the details and technical notes for this release? These recent posts cover some of the latest updates:

How you can contribute

WordPress is open source software made possible by a passionate community of people collaborating on and contributing to its development. The resources below outline various ways you can help the world’s most popular open source web platform, regardless of your technical expertise.

Get involved in testing

Testing for issues is critical to ensuring WordPress is performant and stable. It’s also a meaningful way for anyone to contribute. This detailed guide will walk you through testing features in WordPress 6.7. For those new to testing, follow this general testing guide for more details on getting set up.

If you encounter an issue, please report it to the Alpha/Beta area of the support forums or directly to WordPress Trac if you are comfortable writing a reproducible bug report. You can also check your issue against a list of known bugs.

Curious about testing releases in general? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

Search for vulnerabilities

From now until the final release of WordPress 6.7 (scheduled for November 12, 2024), the monetary reward for reporting new, unreleased security vulnerabilities is doubled. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Update your theme or plugin

For plugin and theme authors, your products play an integral role in extending the functionality and value of WordPress for all users. 

Thanks for continuing to test your themes and plugins with the WordPress 6.7 beta releases. With RC1, you’ll want to conclude your testing and update the “Tested up to” version in your plugin’s readme file to 6.7.

If you find compatibility issues, please post detailed information to the support forum.

Help translate WordPress

Do you speak a language other than English? ¿Español? Français? Русский? 日本? हिन्दी? বাংলা? You can help translate WordPress into more than 100 languages. This release milestone (RC1) also marks the hard string freeze point of the 6.7 release cycle.

Release the haiku

I See An R.C.
You See A Chance For Testing
Six Seven For The Win!

Thank you to the following contributors for collaborating on this post: @atachibana, @jorbin.

Expanding Our Code of Conduct to Protect Private Conversations

19 October 2024 at 07:51

At the heart of our community is our shared pledge to create a space that is harassment-free, welcoming, and inclusive for all. Our Community Code of Conduct already outlines a clear set of expectations, while also providing examples of unacceptable actions. Today, we are reinforcing our values by adding another element to our list of unacceptable behaviors: Publishing private messages without consent.

Why This Addition Matters

The relationships we build within our community often involve private discussions. These conversations may involve sensitive matters, personal experiences, or simply casual exchanges. Regardless of the content, every individual should feel confident that their private communications will remain private unless they grant explicit permission to share them.

Sharing private messages without consent is a breach of trust that can also lead to unintended harm, including emotional distress or misrepresentation. When members of our community feel they cannot trust others in their personal conversations, it undermines the collaborative spirit that is crucial to our collective success.

How This Change Protects the Community

By explicitly addressing the publication of private messages without consent, we are reinforcing an existing unacceptable behavior in our Community Code of Conduct: Other conduct which could reasonably be considered inappropriate in a professional setting. Sharing private communications without permission is a clear violation of professional integrity.

This new addition ensures that private messages receive the same level of protection as personal information and that sensitive communications shared in confidence will not be disclosed without prior consent. An important exception to this is when sharing private messages is necessary for reporting incidents or concerns to the Incident Response Team, as part of our commitment to maintaining a safe and respectful environment.

Ultimately, this change encourages honest, constructive engagement across all levels of participation.

Moving Forward Together

The strength of our community lies in the trust we place in one another. By clarifying and reinforcing our expectations, we are taking another step toward maintaining an inclusive, respectful, and safe environment for everyone.This new addition will take effect immediately, and violations will be handled in accordance with our existing enforcement guidelines. Together, we can ensure our community remains a place of collaboration, trust, and mutual respect.

WordPress Thanks Salesforce

19 October 2024 at 03:17

In the midst of our legal battles with Silver Lake and WP Engine, I wanted to take a moment to highlight something positive.

Because of my friendships with the co-founders of Slack, Stewart Butterfield and Cal Henderson, WordPress.org has had a free version of the Pro version of Slack since they started in 2009. We switched from IRC to Slack, and it was like superpowers were unlocked for our team.

Over the past 10 years, Slack has been our secret weapon of productivity compared to many other open source projects. Its amazing collaboration features have allowed us to scale WordPress from running just a few blogs to now powering around 43% of all websites in the world, almost 10 times the runner-up in the market.

As we have scaled from very small to very large, Slack has scaled right alongside us, seemingly effortlessly. WordPress.org currently has 49,286 users on its Slack Business+ instance, which would cost at least $8.8M/yr if we were paying. (And we may need to go to their enterprise grid, to support e-discovery in the lawsuit attacks from WP Engine, which would cost even more.)

This incredible generosity was continued by the enlightened leadership of Marc Benioff at Salesforce when they bought Slack in 2020. However, it has not been widely known or recognized on our Five for the Future page, which only highlights self-reported contributor hours and doesn’t mention Salesforce at all.

This is a grave error, and we are correcting it today. Going forward:

  • I would like every business in the world to see the amazing collaboration and productivity gains Slack has enabled for our community of tens of thousands of volunteers worldwide and consider adopting it for their own business.
  • Salesforce will have a complimentary top sponsor slot at our flagship WordCamp events in the United States, Europe, and Asia, which attract thousands of people each.
  • We will update our Five for the Future program to reflect contributions such as Salesforce’s going forward.

We just want to repeat: Thank you. We hope to deepen our partnership with Salesforce in the future.

WP Engine Promotions & Coupons

17 October 2024 at 22:19

Given the egregious legal attacks by WP Engine against WordPress co-founder Matt Mullenweg, a number of their customers have been looking for alternative hosting, and in return a number of hosts have created specials and promotions for WP Engine customers looking to migrate to a host that has great relations with WordPress.org. Here they are, in alphabetical order.

We’ll update this post if any new offers come online, get in touch and we’ll link it.

WordPress 6.7 Beta 3

15 October 2024 at 07:30

WordPress 6.7 Beta 3 is now ready for testing!

This beta version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended you evaluate Beta 3 on a test server and site.

You can test WordPress 6.7 Beta 3 in four ways:

PluginInstall and activate the WordPress Beta Tester plugin on a WordPress install. (Select the “Bleeding edge” channel and “Beta/RC Only” stream).
Direct DownloadDownload the Beta 3 version (zip) and install it on a WordPress website.
Command LineUse the following WP-CLI command:
wp core update --version=6.7-beta3
WordPress PlaygroundUse the 6.7 Beta 3 WordPress Playground instance to test the software directly in your browser without the need for a separate site or setup. 

The current target date for the final release of WordPress 6.7 is November 12, 2024. Get an overview of the 6.7 release cycle, and check the Make WordPress Core blog for 6.7-related posts in the coming weeks for more information.

Catch up on what’s new in WordPress 6.7: Read the Beta 1 and Beta 2 announcements for details and highlights.

How to test this release

Your help testing the WordPress 6.7 Beta 3 version is key to ensuring everything in the release is the best it can be. While testing the upgrade process is essential, trying out new features is equally important. This detailed guide will walk you through testing features in WordPress 6.7.

If you encounter an issue, please report it to the Alpha/Beta area of the support forums or directly to WordPress Trac if you are comfortable writing a reproducible bug report. You can also check your issue against a list of known bugs.

Curious about testing releases in general? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

Vulnerability bounty doubles during Beta/RC

Between Beta 1, released on October 1, 2024, and the final Release Candidate (RC) scheduled for November 5, 2024, the monetary reward for reporting new, unreleased security vulnerabilities is doubled. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Beta 3 updates and highlights

WordPress 6.7 Beta 3 contains more than 26 Editor updates and fixes since the Beta 2 release, including 18 tickets for WordPress core.

Each beta cycle focuses on bug fixes; more are on the way with your help through testing. You can browse the technical details for all issues addressed since Beta 3 using these links:

A Beta 3 haiku

Code in motion hums,
New features bloom, bugs retreat,
6.7 calls.

Props to @joedolson and @jeffpaul for proofreading and review, and haiku from @colorful-tones.

Secure Custom Fields

13 October 2024 at 01:26

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem.

On October 3rd, the ACF team announced ACF plugin updates will come directly from their website. Sites that followed the ACF team’s instructions on “How to update ACF” will continue to get updates directly from WP Engine. On October 1st, 2024, WP Engine also deployed its own solution for updates and installations for plugins and themes across their customers’ sites in place of WordPress.org’s update service.

Sites that continue to use WordPress.org’s update service and have not chosen to switch to ACF updates from WP Engine can click to update to switch to Secure Custom Fields. Where sites have chosen to have plugin auto-updates from WordPress.org enabled, this update process will auto-switch them from Advanced Custom Fields to Secure Custom Fields.

This update is as minimal as possible to fix the security issue. Going forward, Secure Custom Fields is now a non-commercial plugin, and if any developers want to get involved in maintaining and improving it, please get in touch.

Similar situations have happened before, but not at this scale. This is a rare and unusual situation brought on by WP Engine’s legal attacks, we do not anticipate this happening for other plugins.

WP Engine has posted instructions for how to use their version of Advanced Custom Fields that uses their own update server, so you have that option, though the WordPress Security Team does not recommend it until they fix the security issues. You can uninstall Advanced Custom Fields and activate Secure Custom Fields from the plugin directory and be just fine.

There is separate, but not directly related news that Jason Bahl has left WP Engine to work for Automattic and will be making WPGraphQL a canonical community plugin. We expect others will follow as well.

Forking is Beautiful

11 October 2024 at 04:00

The right to fork the software is at the heart of open source. WordPress itself started as a fork of the b2/cafelog project. WordPress was one of several forks from b2, which included b2++ (which eventually became WordPress Multisite) and some like b2evolution which still continue today.

The last decent fork attempt for WordPress was ClassicPress in 2018, over disagreements about Gutenberg being integrated into core.

We’re very proud to announce that Vinny Green, a former WordPress community member, has started his fork, FreeWP. We strongly encourage anyone who disagrees with the direction WordPress is headed in to join up with Vinny and create an amazing fork of WordPress. Viva FreeWP!

If there are other forks of WordPress we should highlight, let us know.

Updates with complete fork list:

  • AspirePress “AspirePress exits [sic] to be a community of individuals focused on helping WordPress become the platform we all aspire for it to be.”
  • b2evolution, which forked b2/cafélog at the same time WordPress did, so contains some of the same root source code.
  • FreeWP, by Vinny Green.
  • OpenPress is not a fork, but their name implies they want people to consider it as an alternative to WordPress. They are building on Laravel, using the CC-0 license, and claim to be optimized for AI. Their plugin to export from WordPress is here.
  • WP Engine is the most confusing fork of WordPress because it claims it’s actually WordPress despite disabling core features like revisions, hiding the news and meetups widget, and running its own plugin, theme, and core update system (which is slower than core’s). This is the one fork we recommend not touching with a ten-foot pole.

Please Welcome Mary Hubbard

9 October 2024 at 02:26

We’re proud to announce that Mary Hubbard (@4thhubbard) has resigned as the Head of TikTok Americas, Governance and Experience, and will be starting as the next Executive Director of WordPress.org on October 21st!

Mary previously worked at Automattic from 2020 to 2023, and was the Chief Product Officer for WordPress.com, so she has deep knowledge of WordPress and expertise across business, product, marketplaces, program management, and governance.

WordPress 6.7 Beta 2

8 October 2024 at 07:44

WordPress 6.7 Beta 2 is now ready for testing!

This beta version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended you evaluate Beta 2 on a test server and site.

You can test WordPress 6.7 Beta 2 in four ways:

PluginInstall and activate the WordPress Beta Tester plugin on a WordPress install. (Select the “Bleeding edge” channel and “Beta/RC Only” stream).
Direct DownloadDownload the Beta 2 version (zip) and install it on a WordPress website.
Command LineUse the following WP-CLI command:
wp core update --version=6.7-beta2
WordPress PlaygroundUse the 6.7 Beta 2 WordPress Playground instance to test the software directly in your browser without the need for a separate site or setup. 

The current target date for the final release of WordPress 6.7 is November 12, 2024. Get an overview of the 6.7 release cycle, and check the Make WordPress Core blog for 6.7-related posts in the coming weeks for more information.

Catch up on what’s new in WordPress 6.7: Read the Beta 1 announcement for details and highlights.

How to test this release

Your help testing the WordPress 6.7 Beta 2 version is key to ensuring everything in the release is the best it can be. While testing the upgrade process is essential, trying out new features is equally important. This detailed guide will walk you through testing features in WordPress 6.7.

If you encounter an issue, please report it to the Alpha/Beta area of the support forums or directly to WordPress Trac if you are comfortable writing a reproducible bug report. You can also check your issue against a list of known bugs.

Curious about testing releases in general? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

Vulnerability bounty doubles during Beta/RC

Between Beta 1, released on October 1, 2024, and the final Release Candidate (RC) scheduled for November 5, 2024, the monetary reward for reporting new, unreleased security vulnerabilities is doubled. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Beta 2 updates and highlights

WordPress 6.7 Beta 2 contains more than 18 Editor updates and fixes since the Beta 1 release, including 28 tickets for WordPress core.

Each beta cycle focuses on bug fixes; more are on the way with your help through testing. You can browse the technical details for all issues addressed since Beta 1 using these links:

A Beta 2 haiku

Beta 2 arrives,
October’s code settles in,
Change rustles like leaves.

Props to @jeffpaul for proofreading and review.

WP Briefing: Episode 87: Enterprise Clients and the Business of WordPress

7 October 2024 at 19:00

Back by popular demand! We’re taking a look at one of our most insightful episodes: Enterprise Clients and the Business of WordPress. Whether you missed it the first time or just want a refresher, we rewind and look back at the importance of WordPress with Enterprise businesses. Join WordPress Executive Director Josepha Haden Chomphosy as she discusses the role WordPress Enterprise plays along with the WordPress community.

Credits

Host: Josepha Haden Chomphosy
Editor: Dustin Hartzler
Logo: Javier Arce
Production: Brett McSherry
Song: Fearless First by Kevin MacLeod

Show Notes

Transcript

[00:00:00] Josepha: Hello, everyone, and welcome to the WordPress Briefing, the podcast where you can catch quick explanations of the ideas behind the WordPress open source project, some insight into the community that supports it, and get a small list of big things coming up in the next two weeks. I’m your host, Josepha Haden Chomphosy. Here we go.

[00:00:28] (Music intro)

[00:00:39] Josepha: In a previous episode, we talked about the Community Summit and some trends that I was seeing. I’ve spent a lot of time since then summarizing the notes from each session, and I was processing notes from the session about aligning WordPress Enterprise and WordPress Community, which is a session that explored the various strengths and weaknesses of WordPress from an enterprise perspective, but especially when it comes to contributing to or communicating about WordPress.

Now, my vantage point on analyses like these is generally pretty different. Since I work mainly in an operations space for the project, I’m almost always looking at the health and safety of our ecosystem, product excellence, funding, things like that. So, I especially like to attend sessions that are from the vantage point of people who are much closer to the work than I am.

[00:01:24] Josepha: When I looked at the brainstormed list of things from the session, my first inclination was to catalog the relationships between what we saw as a positive or a negative and the things that we saw as intrinsic to us versus part of the environment. But the more I look at it, the more I see that there’s confirmation of what I have always known to be true. That WordPress is a valuable starting point for web-based solutions of all sizes and any purpose. Let’s take a look at some of the biggest themes that shine through from that session. I was able to distill them down to about nine primary themes, but I especially want to focus on some that come up year after year in talking with our community.

[00:02:07] Josepha: The first, of course, is the community and ecosystem. If you’ve listened to this podcast 62 times, then you’ve heard me say at least like 60 times that the community is what sets us apart from other open source projects. But, I would encourage you to expand that understanding to include the ecosystem that the community provides.

The community not only helps to plan and create WordPress, our primary software, but it also makes it distributable through the Polyglots team and Accessibility and Docs and Training. It also makes it extendable through plugins and themes, and all of the work that goes into reviewing plugins and themes, and the support that’s provided to people who come to the WordPress.org site, trying to figure out how to make this thing work for them.

And we also, this community, make it knowable, not only through the community part with our event series but also in marketing and the videos that we provide on WordPress TV and all of the training and learning cohorts that we provide on learn.WordPress.org, all of those teams make WordPress learnable and knowable and easy to use and usable to more people and available across the world, regardless of whether you speak English or not. And so yeah, the community and the ecosystem is one of the things that makes WordPress valuable for enterprise, but also WordPress valuable in general. 

[00:03:33] Josepha: The second is the software’s usability and flexibility. We exist for as long as people want to use our software, and that’s a funny little two-sided coin for us. WordPress remains very usable for folks who come to it in the same way that I came to it, which is as a user who is trying to accomplish a goal unrelated to WordPress. I didn’t start using WordPress because I wanted to figure out how WordPress worked or because I wanted to figure out how to contribute to WordPress. I came to WordPress because I was trying to market something, and WordPress was the best choice for that. But it’s also flexible for our brilliant developers out there who are doing things like building a suite of sites for NASA or creating bespoke social networks. So, our usability and flexibility, both of those things working together, are certainly one of the things that make me know that WordPress is incredibly valuable for anyone who needs to use it.

[00:04:30] Josepha: But the final thing is WordPress’s longevity or our resilience. So, I used to work at a marketing agency that served enterprise-level clients. And any time we pitched a new site build to a client, one of the main elements of discussion during decision-making was how long the decision would last. Do you want a page that you can launch in a day, run a six-week campaign through, and then abandon it forever? Or do you want a site that can take up to six weeks to build but can be yours to refine and hone for years after that? I know this seems like a silly example, but when you’re looking at the potential for a long-term bet, what you’re worried about, what you’re asking is, is this a software trusted in my industry? Is it time-tested by those companies I aspire to be? Is the available workforce composed of seasoned professionals or flash-in-the-pan peddlers of the latest craze? And of that workforce, how many will still be doing this in five years?

[00:05:32] Josepha: The question of how long we’ve been doing this and why it matters that WordPress has been here for 20 years and has no intention of going anywhere should be so much higher on everyone’s list of reasons to use this software. Yes, the WordPress software is powerful enough to be everything you might want it to be someday, but the WordPress ecosystem brought to us by this community has shown resilience through major breaking changes in 2008, 2016, 2018, 2020, and probably a lot of things between there that we have forgotten. So, if I were hoping to hedge my bets on a long-term solution, I would absolutely place those bets on this community, this ecosystem, and this software. 

(Music interlude) 

[00:06:25] Josepha: That brings us now to our small list of big things.

There are some upcoming WordPress meetings. You can find those on make.WordPress.org/meetings, I think. So really, really easy URL to remember. You can join your fellow community members and contribute to the WordPress project there.

[00:06:43] Josepha: And I also wanted to just call your attention to a few really big projects that still need a little bit of help around the project. So, on the one hand, we have Data Liberation. That is still a really big project, but specifically, we are nearly ready to start working on some user-facing elements of that. It is being powered by Playground, and because the data liberation, the migration of one site to another, is so complex, once we get those elements built into Playground, I think it also stands to fix a bunch of the problems that we have across our user flow, our user experience for the project. Things like having better theme previews and being able to get a sense for what a plugin functionally will do for you versus what it says it’s going to do for you. And getting a sense for what the admin looks like, all of those things. And so, anyone who wants to learn more about contributing to Playground or to Data Liberation, I absolutely encourage you to go check out those meetings, see what’s happening, and get your hands a bit dirty with that.

[00:07:50] Josepha: We also have a bunch of stuff happening in our community space. If you had received this podcast from somebody because they were like, hey, I know someone who might like WordPress or who has just learned WordPress and has never been to an event or any other reason that you are listening to this but don’t yet know the community, there is an easier option than just jumping straight into a WordCamp like I did. You can go to a meetup. You can see there’s a widget in your dashboard that’ll tell you what your nearest event is, but if you put your location into that widget, and nothing comes up. Technically, that means that you have an opportunity to bring a bunch of people together to teach you stuff you wish you knew about your site right now. So you can wander over into your dashboard and see those, or you can also head over to the community area on make.WordPress.org and anybody over there is happy to help you get started. And let me tell you, it is a very low-effort sort of thing to do. Here again, perfection’s not the point. And so that, my friends, is your small list of big things.

[00:08:52] Josepha: Don’t forget to follow us on your favorite podcast app or subscribe directly on WordPress.org/news. You’ll get a friendly reminder whenever there is a new episode. If you liked what you heard today, share it with a fellow WordPresser. Or, if you had questions about what you heard, you can share those with me at WPBriefing@WordPress.org. I am your host, Josepha Haden Chomphosy. Thank you for tuning in today for the WordPress Briefing, and I’ll see you again in a couple of weeks.

[00:09:18] (Music outro)

💾

WordPress 6.7 Beta 1

1 October 2024 at 11:41

WordPress 6.7 Beta 1 is ready for download and testing!

This beta version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, set up a test environment or a local site to explore the new features.

How to Test WordPress 6.7 Beta 1

You can test Beta 1 in any of the following ways: 

WordPress Beta Tester Plugin Install and activate the WordPress Beta Tester plugin on a WordPress install. Select the “Bleeding edge” channel and “Beta/RC Only” stream.
Direct DownloadDownload the Beta 1 version (zip) and install it on a WordPress website.
Command Line (WP-CLI) Use this WP-CLI command: wp core update --version=6.7-beta1
WordPress PlaygroundUse a 6.7 Beta 1 WordPress Playground instance to test the software directly in your browser. No setup required–-just click and go!

The scheduled final release date for WordPress 6.7 is November 12, 2024. Your help testing Beta and RC versions over the next six weeks is vital to ensuring the final release is everything it should be: stable, powerful, and intuitive.

How important is your testing?

Testing for issues is a critical part of developing any software, and it’s a meaningful way for anyone to contribute—whether or not you have experience.

If you encounter an issue, please share it in the Alpha/Beta area of the support forums. If you are comfortable submitting a reproducible bug report, you can do so via WordPress Trac. You can also check your issue against a list of known bugs.

Curious about testing releases in general and how to get started? Follow along with the testing initiatives in Make Core and join the #core-test channel on Making WordPress Slack.

WordPress 6.7 will include many new features that were previously only available in the Gutenberg plugin. Learn more about Gutenberg updates since WordPress 6.7 in the What’s New in Gutenberg posts for versions 18.5, 18.6, 18.7, 18.8, 18.9, 19.0, 19.1, 19.2, and 19.3.

What’s New in WordPress 6.7 Beta 1

WordPress 6.7 Beta 1 contains over 500 enhancements and over 500 bug fixes for the editor, including more than 200 tickets for WordPress 6.7 Core. Here’s a glimpse of what’s coming:

Meet the Twenty Twenty-Five theme

Launching with WordPress 6.7, the new default theme, Twenty Twenty-Five, embodies ultimate flexibility and adaptability, showcasing how WordPress empowers you to tell your story with a rich selection of patterns and styles. Inspired by glimpses of natural beauty and ancestry heritage, it evokes ideas of impermanence, the passage of time, and continuous evolution–mirroring life’s journey. Experience effortless site creation with Twenty Twenty-Five and follow its progress or report issues on this GitHub repo.

Zoom Out to Compose with Patterns

The Zoom Out view simplifies your editing experience by allowing you to create and edit at the pattern level rather than focusing on individual blocks. Easily toggle this view from the toolbar to streamline your site-building process, making it faster and more intuitive to design pages using patterns.

Media improvements 

Now supporting HEIC image uploads–automatically converted to JPEG for maximum compatibility–you can add high-quality images without worrying about browser support. Plus, enjoy auto-sizing for lazy-loaded images and expanded background image options at both individual and global levels, giving you greater control over your site’s visuals and performance. 

Expanding Block Supports

Several blocks now come with expanded support options, enabling even more design possibilities. Notably, the long-requested shadow support for Group blocks has been added, a big win for designers and theme developers!

Preview Options API 

The latest WordPress release enhances the Preview Options in the block editor, empowering developers to customize content previews. A new API allows plugins and themes to add custom items to the preview dropdown menu, enabling users to see content in different formats or environments. This flexibility enriches the editing experience while maintaining the existing familiar Preview dropdown structure.

Refined Data Views

The Data Views introduced in 6.5 continue to be improved. This release is focused on refining the experience with a few new features aimed at making these views more flexible for customization and more functional to use. 

Manage Block Bindings Directly

Updates to this API in 6.7 polish and open most of the underlying APIs, improving the overall user experience, and add a user interface (UI) that allows you to connect attributes with custom fields to their binding sources. This new UI makes it possible to create bindings directly in a block instead of needing to use the Code Editor. By default admin and editor users can create and modify bindings, but this can be overridden with `block_editor_settings_all or map_meta_cap` filters.

Simplified and Smarter Query Loop Block

The Query Loop block is improved, as it now automatically inherits the query from the template by default, eliminating the need for manual configuration. This means your posts display immediately in both the editor and on the front end, streamlining the process so users can focus on content without extra configuration needed.

Edit and Control Font Size Presets

An enhanced Styles interface allows for greater flexibility when creating, editing, removing, and applying font size presets. You can now easily modify the presets provided by a theme or create your own custom options. A key feature is the ability to toggle fluid typography, which enables responsive font scaling with additional options for finer control over responsiveness.

View Meta Boxes in the iframed Post Editor

A new split view option has been introduced that allows you to access both the editor canvas and metaboxes while editing. This change will provide a consistent WYSIWYG experience between the editor and front end views.

Template Registration API

With this release, developers can now more easily register custom block templates without complex filters. Streamline your development process and create custom templates with ease. 

The features included in this first beta may change before the final release of WordPress 6.7, based on what testers like you find.

Get an overview of the 6.7 release cycle and check the Make WordPress Core blog for 6.7-related posts in the next few weeks for further details.

Vulnerability bounty doubles during Beta & Release Candidate

The WordPress community sponsors a monetary reward for reporting new, unreleased security vulnerabilities. This reward doubles during the period between Beta 1 on October 1, 2024 and the final Release Candidate (RC) scheduled for November 5, 2024. Please follow responsible disclosure practices as detailed in the project’s security practices and policies outlined on the HackerOne page and in the security white paper.

Just for you: a Beta 1 haiku

Lines of code arise, 
Testing shapes the future path,  
WordPress grows once more.

Props to @annezazu, @cbringmann, @colorful-tones, @courane01, @desrosj, @marybaum, and @priethor or reviewing and collaborating on this post!

WP Engine Reprieve

28 September 2024 at 04:03

I’ve heard from WP Engine customers that they are frustrated that WP Engine hasn’t been able to make updates, plugin directory, theme directory, and Openverse work on their sites. It saddens me that they’ve been negatively impacted by Silver Lake‘s commercial decisions.

On WP Engine’s homepage, they promise “Unmatched performance, automated updates, and bulletproof security ensure your sites thrive.”

WP Engine was well aware that we could remove access when they chose to ignore our efforts to resolve our differences and enter into a commercial licensing agreement. Heather Brunner, Lee Wittlinger, and their Board chose to take this risk. WPE was also aware that they were placing this risk directly on WPE customers. You could assume that WPE has a workaround ready, or they were simply reckless in supporting their customers. Silver Lake and WP Engine put their customers at risk, not me.

We have lifted the blocks of their servers from accessing ours, until October 1, UTC 00:00. Hopefully this helps them spin up their mirrors of all of WordPress.org’s resources that they were using for free while not paying, and making legal threats against us.

WP Engine is banned from WordPress.org

26 September 2024 at 05:50

Any WP Engine customers having trouble with their sites should contact WP Engine support and ask them to fix it.

WP Engine needs a trademark license, they don’t have one. I won’t bore you with the story of how WP Engine broke thousands of customer sites yesterday in their haphazard attempt to block our attempts to inform the wider WordPress community regarding their disabling and locking down a WordPress core feature in order to extract profit.

What I will tell you is that, pending their legal claims and litigation against WordPress.org, WP Engine no longer has free access to WordPress.org’s resources.

WP Engine wants to control your WordPress experience, they need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase. Their servers can no longer access our servers for free.

The reason WordPress sites don’t get hacked as much anymore is we work with hosts to block vulnerabilities at the network layer, WP Engine will need to replicate that security research on their own.

Why should WordPress.org provide these services to WP Engine for free, given their attacks on us?

WP Engine is free to offer their hacked up, bastardized simulacra of WordPress’s GPL code to their customers, and they can experience WordPress as WP Engine envisions it, with them getting all of the profits and providing all of the services.

If you want to experience WordPress, use any other host in the world besides WP Engine. WP Engine is not WordPress.

WP Engine is not WordPress

22 September 2024 at 06:57

It has to be said and repeated: WP Engine is not WordPress. My own mother was confused and thought WP Engine was an official thing. Their branding, marketing, advertising, and entire promise to customers is that they’re giving you WordPress, but they’re not. And they’re profiting off of the confusion. WP Engine needs a trademark license to continue their business.

I spoke yesterday at WordCamp about how Lee Wittlinger at Silver Lake, a private equity firm with $102B assets under management, can hollow out an open source community. (To summarize, they do about half a billion in revenue on top of WordPress and contribute back 40 hours a week, Automattic is a similar size and contributes back 3,915 hours a week.) Today, I would like to offer a specific, technical example of how they break the trust and sanctity of our software’s promise to users to save themselves money so they can extract more profits from you.

WordPress is a content management system, and the content is sacred. Every change you make to every page, every post, is tracked in a revision system, just like the Wikipedia. This means if you make a mistake, you can always undo it. It also means if you’re trying to figure out why something is on a page, you can see precisely the history and edits that led to it. These revisions are stored in our database.

This is very important, it’s at the core of the user promise of protecting your data, and it’s why WordPress is architected and designed to never lose anything.

WP Engine turns this off. They disable revisions because it costs them more money to store the history of the changes in the database, and they don’t want to spend that to protect your content. It strikes to the very heart of what WordPress does, and they shatter it, the integrity of your content. If you make a mistake, you have no way to get your content back, breaking the core promise of what WordPress does, which is manage and protect your content.

Here is a screenshot of their support page saying they disable this across their 1.5 million WordPress installs.

They say it’s slowing down your site, but what they mean is they want to avoid paying to store that data. We tested revisions on all of the recommended hosts on WordPress.org, and none disabled revisions by default. Why is WP Engine the only one that does? They are strip-mining the WordPress ecosystem, giving our users a crappier experience so they can make more money.

What WP Engine gives you is not WordPress, it’s something that they’ve chopped up, hacked, butchered to look like WordPress, but actually they’re giving you a cheap knock-off and charging you more for it.

This is one of the many reasons they are a cancer to WordPress, and it’s important to remember that unchecked, cancer will spread. WP Engine is setting a poor standard that others may look at and think is ok to replicate. We must set a higher standard to ensure WordPress is here for the next 100 years.

If you are a customer of “WordPress Engine,” you should contact their support immediately to at least get the 3 revisions they allow turned on so you don’t accidentally lose something important. Ideally, they should go to unlimited. Remember that you, the customer, hold the power; they are nothing without the money you give them. And as you vote with your dollars, consider literally any other WordPress host as WP Engine is the only one we’ve found that completely disables revisions by default.

PDX + WCUS 2024: A Recap

21 September 2024 at 14:10
I love Oregon sculpture at The Oregon Convention Center in Portland, Oregon USA

WordCamp US (WCUS), North America’s largest WordPress event, hosted over 1,500 attendees from around the world at the Oregon Convention Center in Portland, from September 17 to 20.

Over four days, WordPress professionals and enthusiasts came together to explore the latest advancements and use cases, collaborate on open source projects, and strengthen community connections.

A dedicated team of more than 40 volunteers, led by Aaron D. Campbell, Julia Golomb, Katie Richards, and Sandy Edwards, made the event possible.

Building WordPress

Contributor Day brought together over 400 contributors across 25 teams to support the WordPress project. As with any Contributor Day, participants learned and collaborated while tackling key projects, including triaging issues, exploring performance improvements, advancing the Twenty Twenty-Five theme, and preparing for the upcoming WordPress 6.7 release.

Contributor Day 2024 at WordCamp US
WordPress contributors discussing all things design at WCUS 2024’s Contributor Day.

Celebrating WordPress

At WCUS 2024, the inaugural Showcase Day highlighted how enterprises like Disney Experiences, The New York Post, CNN, Vox Media, and Amnesty International are leveraging WordPress across a variety of industries. With 19 sessions, attendees gained diverse insights into WordPress’s wide-ranging capabilities and features.

Disney at WCUS 2024
Showcase day presentation by Alexandra Guffey and Katrina Yates of Disney on Gutenberg’s use in a complex ecosystem of sites.

Sustaining WordPress

Joseph Jacks at WCUS 2024
Keynote presenter Joseph Jacks shares thoughts on the future of OSS.

Joseph “JJ” Jacks, founder of OSS Capital, kicked off the first day of programming with a keynote about how open source will dominate the next wave of software. In looking at emerging trends in tech, he expressed how closed core, or closed source, software is hitting a plateau. Commercial open source companies are able to disrupt and forge the path for a shift in the space. 

Sharing his optimism for the future, JJ highlighted emerging projects OSS Capital is excited about and emphasized that the most successful open source companies thrive by generating more value than they capture.

Learn WordPress

The second half of the conference featured more than 20 sessions and workshops across three tracks. Topics ranged from leveraging AI in WordPress to getting the most out of wp-admin.

Thursday’s dedicated networking session brought attendees to the sponsor hall to explore and connect with the vast ecosystem of hosts, plugins, agencies, and service providers. The WordCamp US Lounge, located within the exhibit hall, held focused discussions on hosting, neurodiversity, inclusivity, and content marketing.

Friday began with a fireside chat between TIME’s CTO Burhan Hamid and WordPress VIP’s CMO Tim Hossain. The duo discussed how TIME’s implementation of reusable components allowed them to scale and support major traffic-generating topics such as Taylor Swift’s Person of the Year, House of the Dragon, and political events.

Troubador Typewriter at the Code is Poetry Lounge, WCUS 2024
WordCamp attendees stopped by the Code is Poetry lounge to try their hands at the vintage Smith Corona and have a poem written by the Typewriter Troubadour.
Campfire Lounge at WCUS 2024
Attendees take a break in the center of the exhibit hall at the “campfire” where various discussions were held throughout the event.

Q&A with Cofounder Mullenweg

In a dynamic keynote, WordPress Cofounder Matt Mullenweg delivered one of his “spiciest” WordCamp presentations, combining insights on WordPress’s open source future with a creative twist. He opened by reading his recent post that explores open source philosophy, touching on themes of freedom, collaboration, and the ongoing influence of open source projects like WordPress. Mullenweg also critiqued companies for misleadingly labeling proprietary models as open source, stressing the importance of true open source licenses for the future of software freedom.

Matt further emphasized WordPress’s ecosystem-driven development and highlighted the Five for the Future initiative, an effort to avoid the tragedy of the commons and ensure that WordPress thrives for everyone. His speech addressed community concerns about companies profiting off WordPress without giving back and urged attendees to support companies that contribute to the platform’s growth.

Before diving into the Q&A segment of the presentation, Matt expressed the importance of recognizing:

“What we create together is bigger than any one person.”

Matt Mullenweg speaking at WCUS 2024 in Portland, Oregon USA
WordPress Cofounder Matt Mullenweg on the main stage at WCUS 2024.
Matt Mullengweg and Brian Richards taking the stage at WCUS 2024.
Matt Mullenweg and Brian Richards on stage at WCUS 2024.

Save the Dates

In his closing remarks, emcee Brian Richards expressed gratitude for the fantastic work the event organizers and volunteers contributed to produce WCUS 2024.

Brian reminded attendees to save the date for WordCamp US 2025, which will once again take place in Portland, Oregon, from August 26 to 29, 2025. 

WCUS 2024 Attendees gather for a group photo.
Attendees gather at WCUS in Portland, Oregon.

No WordCamp is complete without an after-party, with this year’s taking place at the Oregon Museum of Science and Industry (OMSI). Attendees concluded a week of WordPress with refreshments while visiting the exhibits—including a submarine and planetarium—and posing in the photo booth.

Stay connected

WordPress events enable technologists, open source enthusiasts, and community members around the globe to meet, share ideas, and collaborate to drive WordPress and the open web forward.

Mark your calendars for State of the Word (Tokyo) on December 16, 2024, 2025’s WordCamp Asia in Manila, WordCamp Europe in Basel, Switzerland, and WordCamp US in Portland, Oregon!


This post is a collaboration between the contributors who produce content for wordpress.org/news and the WordCamp US Communications Team.

Props to the following contributors for the work reviewing/contributing to this post: @rmartinezduque, @juliarosia, @brettface, @eidolonnight, and @cbringmann. Thank you to the Photos Team for supplying images for this post and the official WordPress social media accounts throughout the event: @gwallace87, @m_butcher, @correliebre, and @zstepek.

❌
❌