TimThumb EOL

If you’re using (or thinking of using) TimThumb in the repository, please read.

TimThumb has reached it’s end of life. As such, we strongly recommend you stop using it in your plugins as soon as possible. It’s not supported, it’s not maintained, and that means the 130ish of you who have it are going to have a bad day if another exploit is found because we will close your plugins.

Please note, we’re not retroactively banning it from the repository at this time, though that may change. Right now, we’re asking everyone to take the first step and find an alternative. All new plugins are being required to use something else.

In general, please keep an eye on your third party libraries. If they’re no longer supported, look for a replacement. If they’re out of date, update your plugins. This is the best way to keep your code secure and avoid those awful emails about how we closed your pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party.

#3rd-party, #libraries

Font Awesome is permitted in the Plugin Repository

This took longer than we would have liked to say, but there were communication issues on multiple fronts.

You can use the Font Awesome font files and CSSCSS CSS is an acronym for cascading style sheets. This is what controls the design or look and feel of a site. in your code, per the current Font Awesome License:

  • The Font Awesome font is licensed under the SIL Open Font License – http://scripts.sil.org/OFL.
  • Font Awesome CSS, LESS, and SASS files are licensed under the MIT License – http://opensource.org/licenses/mit-license.html.
  • The Font Awesome pictograms are licensed under the CC BY 3.0 License – http://creativecommons.org/licenses/by/3.0/
  • Attribution is no longer required in Font Awesome 3.0, but much appreciated: Font Awesome by Dave Gandy – http://fortawesome.github.com/Font-Awesome.

As far as crediting is concerned, we feel attribution is always good. You should always put that in your source code, but your readme is optional. Credit links must be opt-in if they show on the front facing part of your site (this includes the login page), but that’s nothing new.

So with that said, we’re going through the plugins that had been closed for Font Awesome usage and opening them. If we missed yours, please email us at plugins at wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/, with a link to the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party (like https://wordpress.org/extend/plugins/font-awesome/ which is open) and we’ll check right away.

#3rd-party, #licensing

Google Maps JavaScript v2 API To Be Removed

If you’re using the Google Maps JavaScriptJavaScript JavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a user’s browser. https://www.javascript.com/. APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. v2 (and 78 of you are), your plugins will break on May 19th. This means we’ll not be accepting any plugins that use the old code (and probably will close your plugins that do if you don’t fix ’em).

From Google, Google Maps JavaScript v2 (Deprecated)

The Google Maps JavaScript API Version 2 has been officially deprecated as of May 19, 2010. The V2 API will continue to work until May 19, 2013. We encourage you to migrate your code to version 3 of the Maps JavaScript API.

The Google Maps API lets you embed Google Maps in your own web pages with JavaScript. The API provides a number of utilities for manipulating maps (just like on the http://maps.google.com web page) and adding content to the map through a variety of services, allowing you to create robust maps applications on your website.

The Maps API is a free service, available for any web site that is free to consumers. Please see the terms of use for more information.

To use the Maps API on an intranet or in a non-publicly accessible application, please check out Google Maps API for Business.

So please update your plugins.

(Props to Kailey Lampert for this post)

#3rd-party, #api