Has another month gone by already? According to the backlog of Make WordPress Core emails I have for the month of June, the answer to that question would be a definitive “yes.”
So, that means it’s time for us to delve into the latest updates and announcements from the WordPress development team.
There’s a ton to talk about, so let’s get started!
SSL in 4.0
One of the first updates for June had to do with the development of an SSL taskforce that would implement “several fixes” to SSL for version 4.0 of WordPress.
The update, written by John Blackbourn, broke down many of the bugs related to SSL and what the team can do to improve them. Some of those bugs included:
- HTTP front end and HTTPs backend issues such as a broken customizer preview, incorrect scheme attached to media in posts, and the admin scheme being used with GUIDs.
- Other front end issues related to forcing an https scheme on local content, using canonical, and “enqueued local scripts and styles.”
- Other backend issues like mixed content in the editor, theme thumbnails not loading, and XML-RPC not enforcing https.
- Other https issues like a lack of support for secure oEmbeds, a loss of https scheme when attempting to update siteurl, and more.
- A lack of security on all cookies.
With the effort to shift WordPress to 100% SSL, there’s bound to be a few bumps in the road. You should be pleased to know, however, that at the time of this writing, several of the bugs listed above have already been fixed. Yay for progress!
Database Schema Changes
One of the update posts this month had to do with database schema changes.
According to Simon Wheatley, several schema change tickets were talked about during a developer chat and as a result, a method of streamlining their resolution was created.
A few of the tickets involved things like slow queries and an inability to have “duplicate category slugs with different parents.”
One of the biggest development updates had to do with the plugins page and how it’s presented in the WordPress dashboard.
This is actually a followup from last month’s mention of the fact that the plugins page was definitely on the table for an update.
According to Mel Choyce, the new plugins page could look something like the following mockup:
This mockup is based heavily on the “Add New Theme” page and uses categories instead of filters since Choyce believe this option is more logical with plugins. The results are organized by the number of downloads a plugin has received, its popularity, and positive reviews. The only filters she foresees are those for version compatibility and language.
There’s also talk of highlighting plugin descriptions more rather than the visual approach themes take, which makes sense since plugins are often not very visual at all.
Another possibility is the addition of a landing page that points new WordPress users (who currently don’t have any plugins installed) to some of the most popular ones currently available.
Regardless of the details, the team is focused primarily on improving the “workflow” surrounding plugin installation – taking users seamlessly from wanting to add functionality to their sites to searching for a plugin to finding one and installing it.
Dev Chat: 6/11
I always like the dev chat summaries because they’re like taking a peek inside the minds of developers and their concerns. There’s no better way to learn what’s going on in WordPress land, in my opinion.
Then the subject shifted to features for 4.0. For starters, Press This is coming along but isn’t ready for prime-time yet. A 4.0 feature list includes things like oEmbed discoverability, i18n, plugin installation updates, media grid, and changes to the post editor.
Overall Core Updates: 6/15
This overview post attempts to catch people up on everything that’s been going on in the land of Core.
Mike Schroder does a good job breaking everything down into bite-sized chunks. We’ve already talked about several of the updates here but a few standouts that weren’t mentioned in previous posts include the following:
- A “Beta Testing” tab was added to the plugin installation screen to help developers keep track of “features as plugins” more readily. A good example is Press This.
- The media library got a grid view. It’s currently in the alpha stage.
- Numerous updates to embeds including support for TED talks, CollegeHumor.com and Mixcloud.
- The addition of CSS rules to keep videos responsive no matter what theme in which they’re presented.
- Greater keyboard accessibility for the media modal.
- WP_Query modifications
- The addition of wp_spaces_regexp( ) to filter whitespace characters
- wptexturize( ) updates.
- TinyMCE updated to 4.0.28.
like_escape() No Longer Used in 4.0
The function still works with existing plugins but there will be a new function from here on out to replace it. This bit of code still works, but if you have WP_DEBUG enabled, you’ll receive an error message now, says Taylor.
In his post, he cites several examples of old code snippets from 3.9 and how it should look in 4.0. In fact, like_escape() should now be written as $wpdb-.esc_like(). He also offers some examples of alternate ways to write the code. Of course, you can opt to just leave your code alone – it’ll still work, after all, especially if you require pre-3.9 compatibility.
So, why the change in the first place? Apparently, the original bit of code wasn’t the safest nor all that secure. However, it was never “intended to be used in any security sensitive context,” says Taylor. So long as it’s used correctly, there aren’t any problems. But that didn’t stop people from using it how they shouldn’t.
Dev Chat: 6/18
At this meeting, developers discussed a wide range of issues from the customizer – which has been renamed to (Customize in Trac) the editor experience, and the plugin install experience. Other issues that made the discussion rounds included the schema changes and taxonomy.
JSON REST API V1.1 Available
The month’s developments closed with rather big announcement: the release of JSON REST API version 1.1. Ryan McCue walks us through what this means and what the release includes. He’s quick to note that the release is small and hyper focused but that’s fine by me. I really like it when an update works hard to do one thing and does it so right.
The specifics of Version 1.1 include new taxonomy and term routes, the ability to customize the API resources prefix, the addition of null as a date on draft posts, various fixes to excerpt errors, password-protected post handling fixes, the ability to set a modification date on post creation and update, as well as a variety of other bug fixes.
McCue also says that Version 1.2 is already in the works and, as always, the team sure could use some help.
That’s all she wrote for another month of WordPress Core updates. I hope you find it useful, especially if you’re thinking about throwing your hat into the development ring at some point.
What bit of Core news has you the most excited?