Welcome to WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/!
WP-CLI is the official command line tool for interacting with and managing your WordPress sites.
The v2.8.0 release of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ is scheduled to be published on Wednesday, May 3rd 2023.
Amongst others a multitude of bug fixes and some new features, weāre also expecting this release to fix all known PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. 8.2 issues within WP-CLI itself.
The release candidateRelease CandidateA beta version of software with the potential to be a final product, which is ready to release unless significant bugs emerge. for this release will already be available sometime during the week prior, to allow for early testing. We will announce the availability of that release candidate in the #hosting-community channel to allow hosters to do early smoke testing.
A new release ofĀ WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/Ā is available as of today:Ā WP-CLI v2.7.1. For this release, we hadĀ 4 contributorsĀ collaborate to getĀ 12 pull requestsĀ merged.Ā
As always, big thanks to theĀ WP-CLI sponsorsĀ that make the continued maintenance possible.Ā
This is a patch release to fix a few regressions that were introduced with release v2.7.0.
Detailed change log
To avoid too much noise in the list above, the following types of pull requests have been omitted:
PRs that only bumped dependencies to their latest version.
Fix PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. 8.1 fatal error with --orderby=size and --size_format=mb [#230]
Avoid throwing error when excluding missing pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party [#332]
A new release of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ is available as of today: WP-CLI v2.7.0. For this release, we had 48 contributors collaborate to get 195 pull requests merged. š
As always, big thanks to the WP-CLI sponsors that make the continued maintenance possible. ā¤ļø
This is a small release with the main purpose of getting some much needed bug fixes into a stable version. Nevertheless, we also have a few new features that Iāll want to highlight. As always, you can also skip directly to theĀ detailed changelogĀ if you prefer.
Support for docker-compose run
The --ssh flag and ssh configuration key (and along with them the remote execution aliases) have learned a new scheme: docker-compose-run:.
TheĀ docker:Ā andĀ docker-compose:Ā schemes for theĀ sshĀ option are useful, but they only work when the target container is already running and therefore supports running a shell command viaĀ docker[-compose]Ā exec.
With the support of the new docker-compose-run scheme in place you could put the following config into the root of any project that usesĀ wordpressdevelop/cliĀ and then simply useĀ wpĀ <cmd>Ā instead ofĀ npmĀ runĀ env:cliĀ --Ā <cmd>Ā orĀ docker-composeĀ runĀ cliĀ --Ā <cmd>.
# wp-cli.yml
ssh: docker-compose-run:cli
Customizable global parameters
It was not previously possible to extend the list of parameters without modifying the WP-CLI source files. While we are still considering different options for making the global parameters extensibleExtensibleThis is the ability to add additional functionality to the code. Plugins extend the WordPress core software. via a clean APIAPIAn API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways., we already needed a short-term solution for a specific use case.
Because of this, we now introduced a set of small changes that allow the global parameters to be adapted on a āplatform levelā. This means that, for now, you can change the global parameters, but only if you control the environment in which WP-CLI is being executed in. This functionality works through the combination of the following changes:
A new constant WP_CLI_CONFIG_SPEC_FILTER_CALLBACK is being checked to filterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. the array that the config-spec.php file has provided.
A new environment variable WP_CLI_EARLY_REQUIRE is checked to allow for the environment to provide extra PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. bootstrapping logic.
You can use both of these to let the WP_CLI_EARLY_REQUIRE load a PHP file that defines a new filter callback and then sets the WP_CLI_CONFIG_SPEC_FILTER_CALLBACK to point to that filter.
This test snippet shows an example of how these two mechanisms can be used in tandem:
Download WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. files without extracting them
Previously, you could already use the core download command not only to retrieve the set of files from the WordPress central servers. But we did not have a way to solely download a ZIP archive of WordPress Core instead.
Now you can do so via the --extract flag. This is on by default to keep with the current behavior, but you can now switch extraction off by adding the --no-extract flag.
Why would you do that, if it is a single file download you could also trigger via wget or curl? Well, for one, it uses the HTTPHTTPHTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. stack of WordPress/WP-CLI to do the download. And whatās more, it allows you to use the smart WP-CLI flags like --version to automatically retrieve the file from the right URLURLA specific web address of a website or web page on the Internet, such as a websiteās URL www.wordpress.org.
Directly install a specific locale
Previously, when you wanted to install a locale of WordPress Core other than the default en_US, you had to first run a wp core install, and then switch the locale in a second step.
Now, WP-CLI allows you to select a specific locale right away via core installās new --locale flag.
Ordering of the db size results
To quickly see what the biggest tables in your installation are, you can now make use of the new --order and --orderby flags. The most useful example would be to use --orderby=size --order=desc to get the largest tables first.
Clean duplicate metaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. values
Due to limitations of the WordPress database schema, the WordPress importer can end up inadvertently creating duplicate post meta entries if the import is run multiple times.
WP-CLI has now learned a new command to remove duplicate post meta values for a given meta key.
# Delete duplicate post meta.
wp post meta clean-duplicates 1234 enclosure
Success: Cleaned up duplicate 'enclosure' meta values.
Exclude select plugins on certain pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party commands
The plugin commands activate, deactivate, delete and uninstall now accept an additional --exclude flag if you use their --all flag.
The --exclude accepts a comma-separated list of plugin slugs, and allows you to do operations in the vein of ādeactivate all plugins except for these few onesā.
# Deactivate all plugins with exclusion
$ wp plugin deactivate --all --exclude=hello,wordpress-seo
Plugin 'contact-form-7' deactivated.
Plugin 'ninja-forms' deactivated.
Success: Deactivated 2 of 2 plugins.
Multiple changes to the i18n support
In our ongoing effort to further internationalization support within GutenbergGutenbergThe Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses āblocksā to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/, we have made yet another around of i18n changes and additions.
Most of the changes deal with changes to block.json and theme.json, in order to support all the latest fields and mechanisms.
Also, there is now a new update-po command. Up until now, if you added a new translation to one of your plugins, you could update the messages.pot file with make-pot, but youād have to update existing po files with the new translation by hand. With the new i18n update-po (which is a WP-CLI alternative to msgmerge), you get around this without requiring manual edits.
And finally, i18n now supports PHP Blade templates as an additional input format to parse for translations.
Detailed change log
To avoid too much noise in the list above, the following types of pull requests have been omitted:
PRs that only bumped dependencies to their latest version.
Fix broken tests due to DB connection failure error message change [#224]
Stop reordering most MySQLMySQLMySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/. arguments [#221]
Add support for --order, --orderby flags in db size command [#226]
Support filtering for users without a role with --role=none [#360]
Sync user-contributed example to user delete [#358]
Fix JSONJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. formatting in feature file [#368]
Add post meta clean-duplicates <id> <key> command [#366]
A new release of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ is available as of today: WP-CLI v2.6.0. For this release, we had 57 contributors collaborate to get 311 pull requests merged. š
The pandemic is still controlling our daily lives, and as a side-effect we still notice a significant reduction in contributors to WP-CLI, probably due to the lack of in-person contributor days.
As always, big thanks to the WP-CLI sponsors that make the continued maintenance possible ā even with a reduced number of contributors. ā¤ļø
Apart from the numerous bug fixes that were included in this release, we also managed to snuggle in a few new features that add to the power or convenience of your CLICLICommand Line Interface. Terminal (Bash) in Mac, Command Prompt in Windows, or WP-CLI for WordPress. experience, so I want to spend a few paragraphs going over some of the noteworthy changes. As always, you can also skip directly to theĀ detailed changelogĀ if you prefer.
PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. 8.1 Support
WP-CLI now officially supports PHP 8.1. All commands are being extensively tested against PHP 8 and the actual development is currently being done on PHP 8.1 as well.
However, keep in mind that PHP 8.1 support is not fully there for WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress., and especially for a large part of plugins and themes. Due to the nature of the changes that PHP 8.1 brings about, it is very easy to break perfectly compatible WordPress Core or WP-CLI via the actions/filters system. Keep this in mind when trying to diagnose PHP 8.1 compatibility issues and trying to deduce where the erroneous code is to be found.
Tabular data showing a timeline with supported PHP releases, with only 8.0 and 8.1 currently in active support.
For those of you who are not closely following the PHP release cycles, please be aware that only PHP 8.0 and 8.1 are currently actively supported versions. WP-CLI sticks with the WordPress Core PHP support policy (+ 1 year), which means weāre still spending huge amounts of efforts to keep everything running all the way down to PHP 5.6 at the moment.
If you want to help the maintainers in their work, please ensure that all your sites run on the latest PHP versions, and nag your hosting providers to move everything over to the latest and greatest. WordPress will only bump the minimum version when the number of active sites on PHP 5.6 has dropped to an insignificant amount.
New commands for managing application passwords
The following commands were added to allow CLI users to create and manage WordPress application passwords:
wp user application-password list
wp user application-password get
wp user application-password exists
wp user application-password update
wp user application-password record-usage
wp user application-password create
wp user application-password delete
WP-CLI examples of creating a new application password and then listing all existing application passwords for that same user.
Although you could technically already work with application passwords by directly controlling the WordPress user-metaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. table, this now provides a clean APIAPIAn API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. that abstracts away the technical implementation. See the Application Passwords: Integration Guide to find out more about how to use them.
New global flag:Ā --context
A new global flag --context=<context>Ā was added which allows users to select the WordPress context in which WP-CLI is supposed to execute its command(s).
One of the main goals is to allow WP-CLI to run updates on premium plugins and themes without requiring any special setup. From our initial testing, this allows a large range of popular premium extensions to just workā¢ļø with WP-CLI in terms of their update procedures.
Possible values for this flag with this initial release:
cli: The context which has been the default before introduction of this flag. This is something in-between a frontend and an admin request, to get around some of the quirks of WordPress when running on the console.
admin: A context that simulates running a command as if it would be executed in the administration backend. This is meant to be used to get around issues with plugins that limit functionality behind anĀ is_admin()Ā check.
auto: Switches betweenĀ cliĀ andĀ adminĀ depending on which command is being used. For this initial release, allĀ wp plugin *Ā andĀ wp theme *Ā commands will useĀ admin, while all other commands will useĀ cli.
frontend: [WIP] This does nothing yet.
Roadmap: By default, theĀ --contextĀ flag will be set toĀ cliĀ with this initial release (v2.6.0). With WP-CLI v2.7.0, the default will change toĀ auto. This gradual deployment will allow hosters and site owners to run tests on v2.6.0 by manually setting the context before the default behavior is changed.
If you want to use the future default of --context=auto right away in your present operations, you can do so by adding the necessary context: auto line to your global wp-cli.yml configuration file. Feel free to check the documentation on WP-CLI configuration files if this is new to you.
We also have a new hook to support this new global flag: before_registering_contexts.Ā This hook behaves like a filterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. with one argument:Ā array<string, Context> $contexts. When hooking into this hook, the callback should return (a potentially modified)Ā $contextsĀ value. This can be used to remove or override bundled contexts or add new ones.
To make this work, the hook functionality in WP-CLI (provided viaĀ WP_CLI::do_hook()) was modified to return the first argument if arguments were provided.
Thanks toĀ CloudwaysĀ for the special support and testing of this new flag with the goal of solving the āpremium updates problemā for everyone.
Configurable WP-CLI cache settings
The WP-CLI file cache can now be configured via the following environment variables:
WP_CLI_CACHE_DIRĀ ā Directory in which to store the cached files. Default value:Ā "$home/.wp-cli/cache".
WP_CLI_CACHE_EXPIRYĀ ā Time after which cached files are automatically purged, in seconds. Default value:Ā 15552000Ā (6 months).
WP_CLI_CACHE_MAX_SIZEĀ ā Total size of the file cache after which older files are purged, in bytes. Default value:Ā 314572800Ā (300 MB).
This not only allows you to fine-tune the WP-CLI cache behavior for the best balance between available storage and bandwidth usage, it could also be used to share cache storage between installations/users (beware the security implications, though!).
Use custom names/locations for the wp-config.php file
The different config * commands now accept a new flag --config-file=<filepath> that allow you point the different manipulations towards a custom location, that might not even fully adhere to conventions for the WordPress wp-config.php file.
This allows you for example to use the config set command for a configuration file outside of the WordPress document root (and parent folder).
Keep in mind that youāre on your own when it comes to making WordPress understand the structure and bootstrap correctly!
Generate a dotenv file from your existing wp-config.php file
For all the 12-factor app fans out there, WP-CLI has learnt a new format for its config list command: --format=dotenv. This will take the existing configuration key/value pairs in your wp-config.php file and render them in a format that you can use in a .env file.
WP-CLI example of list the contents of the wp-config.php file into a file in dotenv format and then showing the result.
Combine with the previously mentioned --config-file to extract the dotenv file from an arbitrary location, even without a WordPress installation present.
Allow pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party/theme enumeration without forcing an update check
Previously, when you run plugin list or theme list, WP-CLI would automatically run a check in the background to see if updates are available. This is slow and expensive to do, and might not always be what is needed, especially in scripting scenarios.
This automatic check for updates can now be disabled for these two commands with the --skip-update-check flag. This can drastically speed up some scripts and make them more reliable.
New flag --strict for adapting the filtering of taxonomies by post type
When retrieving taxonomies for a given post type, the old default behavior of WordPress (through the use of get_taxonomies()) is to only show those taxonomies that have as a sole associated post type the requested one. Taxonomies that have multiple associated post types, including the requested one, are not returned.
WordPress had added a newer mechanism via get_object_taxonomies() that would return all taxonomies that are in some way associated with the requested post type, even if other post types are associated as well.
WP-CLI now has a new --strict flag for the taxonomy list command that defines whether the strict filtering (the old default) should be used, or the more sensible inclusive approach should be used via --no-strict (or --strict=false).
Weāve opted to make this new, more sensible approach (i.e. --no-strict) the new default, so be mindful of that if youāre using taxonomy list in a script somewhere.
Another round of improvements to the i18n * commands
As with all of the recent releases, the i18n * commands have received yet another round of overall improvements to keep in sync with the localisation requirements of WordPress Core.
From new flags like --subtract-and-merge, --update-mo-files & --location and multiple improvements to the way JavascriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userās browser. https://www.javascript.com/. syntax is parsed all the way up to the support for the new theme.json format, all your localization needs should be accounted for (at least for now).
Make your to check out the detailed logs to find out more and play around with the new functionality when you get the chance!
With super admin permissions come super admin consequences!
WP-CLI now mirrors the behavior of WordPress core and triggers various hooksHooksIn WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same. when you grant or revoke the super admin status to users.
The following actions are being triggered now but the super-admin add & super-admin remove commands:
revoked_super_adminĀ (after changes, executed only on success)
Changes to the default branches
In order to make the language used in the code and documentation of WP-CLI more inclusive, work has started to change the name of default branch across all repositories. From now on, the default branch name across the WP-CLI GitHubGitHubGitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the āpull requestā where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ organization is main.
This change is currently a work in progress, as it unfortunately causes open pull requests to be automatically closed and often become unsalvageable. The current progress of this effort can be monitored here: wp-cli/wp-cli#5598.
Keep this in mind when you want to check out the latest development state of a repository or contribute by creating a PR!
Detailed change log
To avoid too much noise in the list above, the following types of pull requests have been omitted:
PRs that only bumped dependencies to their latest version.
DeployDeployLaunching code from a local development environment to the production web server, so that it's available to visitors. from main branch [#385]
Adapt feature test to use HTTPSHTTPSHTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information. with example.com [#78]
Promote a non-200 response from the cron spawn test to an error [#66]
Update example input to reflect example output [#326]
Document default post type filtering for post list command [#321]
Correct the home URLURLA specific web address of a website or web page on the Internet, such as a websiteās URL www.wordpress.org when listing sites [#312]
Fix categoryCategoryThe 'category' taxonomy lets you group posts / content together that share a common bond. Categories are pre-defined and broad ranging., tag and term names missing in export [#86]
Add the_title_export filter and cdata for item title to export [#77]
Remove now unneeded workaround in JS scanner [#256]
Extract strings for translation from theme.jsonJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. [#254]
Append new widgets to the bottom of a sidebarSidebarA sidebar in WordPress is referred to a widget-ready area used by WordPress themes to display information that is not a part of the main content. It is not always a vertical column on the side. It can be a horizontal rectangle below or above the content area, footer, header, or any where in the theme. [#52]
Here it finally is, the long-awaited WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ release v2.5.0! For this release, we had 73 contributors collaborate to get a whopping 600 pull requests merged.
It was a very tough release to get out, as so many different systems and dependencies all broke or had issues at the same time: PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php., MySQLMySQLMySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/., Travis CI, Composer, Requests, ⦠all of these produced major compatibility issues in a seemingly concerted effort! š
More importantly, though, Iām pretty certain that all of the WP-CLI contributors were additionally suffering under the ānew normalā of COVID-19 ā those contributors lucky enough to still earn regular income during the pandemic are still battling health issues (for themselves and their family), isolation and burnout.
As a maintainer, my initial plan was to devise special events and additional incentives to hopefully raise the level of contribution back up again. But I decided against doing so. Even though we all canāt wait to get a new release out and onto servers, I did not want to add to the additional pressure that the volunteer contributors are already feeling right now. The risks of burnout or other negative effects on mental health have never been so prevalent than now where everyone has to dial down their social support systems. In that perspective, I opted to knowingly go with a longer release time. I am fully aware that a lot of companies had to look into extra workarounds or similar to deal with the late release, but I had to assume that this still happens in a paid capacity. Given the global situation, this seemed more justifiable to me than moving the cost towards volunteer health instead.
Thanks to all the support I had during the extended release time, not least to the WP-CLI sponsors who have allowed me to personally invest as much time as needed into the project to make this release happen.
Now, with that being said, letās go over some of the noteworthy changes in this release. As always, you can also skip directly to theĀ detailed changelogĀ if you prefer.
Security Fixes
This release fixes one direct and one upstream security vulnerability, so it is recommended for everyone to update to this latest release.
Improper Certificate Validation in WP-CLI framework
This security vulnerability is categorized as CWE-295: Improper Certificate Validation with a CSSCSSCSS is an acronym for cascading style sheets. This is what controls the design or look and feel of a site. V3 severity rating of āhighā and was disclosed as CVE-2021-29504 (GitHubGitHubGitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the āpull requestā where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ security advisory GHSA-rwgm-f83r-v3qj).
An improper error handling in HTTPSHTTPSHTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information. requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability to impersonate update servers and push malicious updates towards WordPress instances controlled by the vulnerable WP-CLI agent, or push malicious updates toward WP-CLI itself.
The vulnerability stems from the fact that the default behavior of WP_CLI\Utils\http_request() when encountering a TLS handshake error is to disable certificate validation and retry the same request.
The default behavior has been changed with version 2.5.0 of WP-CLI and the wp-cli/wp-cli framework (via wp-cli/wp-cli#5523) so that the WP_CLI\Utils\http_request() method accepts an $insecure option that is false by default and consequently that a TLS handshake failure is a hard error by default. This new default is a breaking change and ripples through to all consumers of WP_CLI\Utils\http_request(), including those in separate WP-CLI bundled or third-party packages.
Insecure Deserialization of untrusted data in upstream Requests library
The vulnerability was found in the FilteredIterator class and was first reported to the WordPress project. The security fix applied to WordPress has been ported back into the Requests library and was distributed with release v1.8.0.
Breaking Changes
The security fix for CVE-2021-29504 detailed above led to a breaking change where the retry behavior of commands that use remote requests is disabled. Furthermore, the framework is stricter in making use of the certificates that are provided via environment settings.
This means that automated systems that previously succeeded with reliable downloads of external assets can now start to fail because there is an issue with the certificate verification. This can be due to either the environment being misconfigured for certificate verification or the server to connect to actually being insecure.
To get back to the previous behavior, the affected commands now include a new --insecure flag that re-enables the insecure retrying mechanism again. Beware: This opens up these remote requests to man-in-the-middle attacks!
The following commands were affected and were adapted to recognize this new --insecure flag:
cli update
config create
config shuffle-salts
core download
core update
core verify-checksums
package install
plugin install
plugin update
plugin verify-checksums
theme install
theme update
PHP 8 support
WP-CLI now officially supports PHP 8. All commands are being extensively tested against PHP 8 and the actual development is currently being done on PHP 8 as well.
However, keep in mind that PHP 8 support is not fully there for WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress., and especially for a large part of plugins and themes. Due to the nature of the changes that PHP 8 brings about, it is very easy to break perfectly compatible WordPress Core or WP-CLI via the actions/filters system. Keep this in mind when trying to diagnose PHP 8 compatibility issues and trying to deduce where the erroneous code is to be found.
Improved MySQL/MariaDB support
As it turns out, WordPress Core has not been compatible with a default MySQL database for a while now. What actually happens is that WordPress switches the database in a sort of ālegacyā mode at runtime. This has caused the WP-CLI code that uses WPDB to slowly diverge in results from the code that makes direct database requests via the mysql shell binary.
This has now been rectified (at least for all of the major use cases) by letting WP-CLI employ the same ālegacyā database mode via a few hacks around the mysql binary.
Package Manager is now powered by Composer v2
Composer v2 has drastically improved both the processing time as well as the memory usage of its dependency resolution mechanisms. And now the WP-CLI Package Manager that you can use via wp package * commands gets to benefit from these same improvements, at it internally uses the new Composer v2 code.
This should also make the dreaded Out-Of-Memory problems with package installation much rarer, even on shared hosting or tight Docker containers.
New commands for managing automatic updates
The following commands were added to allow you to manage the state of automatic updates for plugins and themes:
plugin auto-updates disable
plugin auto-updates enable
plugin auto-updates status
theme auto-updates disable
theme auto-updates enable
theme auto-updates status
Although you could technically already work on the state of the automatic updates by directly controlling the WordPress Options table, this now provides a clean APIAPIAn API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. that abstracts away the technical implementation.
New command for creating MO files
A new command was added to the wp-cli/i18-command package for creating MO files from existing PO files. This can be useful if you use a translation platform that can only output PO files, or tooling that modifies these files.
// Reads from a single .po file.
$ wp i18n make-mo ./wp-content/languages/slug.po
Success: Created 1 file.
// Reads from a directory for multiple .po files.
$ wp i18n make-mo ./wp-content/languages/
Success: Created 5 files.
Smarter I18N handling of JS files
The ongoing effort to improve the internationalization of client-side JavascriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userās browser. https://www.javascript.com/. code that is made necessary by the move to the blockBlockBlock is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience.-based editor has led to a number of improvements to the i18n make-pot command.
Apart from understanding more complex Javascript constructs, like webpack bundling and JS eval() statements, the i18n make-pot now also parses the new block.json file as it is defined in the Block Type Registration RFC. This can optionally be skipped via the new --skip-block-json flag.
New environment variable: WP_CLI_ALLOW_ROOT
When youāve been using WP-CLI within a Docker container, youāve probably noticed the big āYIKES!ā message you get that aborts the execution of the command if it detects that youāre running as root. Youād then have to add the --allow-root flag to every single command you run within that container.
Within a docker container, everything is done as the root user, though, and thereās no really security issue, as the container itself acts as a sandbox. Therefore, WP-CLI now allows you to let it know not to warn about the root user via the new WP_CLI_ALLOW_ROOT environment variable. Just set this variable through in your containerās ENV section, and youāre good to go ā no need for multiple --allow-root flags anymore.
New global parameter: --exec
Some scenarios require you to run a small PHP snippet before the actual WP-CLI command, to make sure the command runs under the right context or encounters the right environment. You would typically do this by creating a PHP file with the code snippet that needs to be executed and then using the --require global parameter to load that file upfront before the command gets executed.
This is very cumbersome for short snippets, though, or not even easily possible on read-only filesystems. Therefore, WP-CLI now also accepts a new global parameter --exec that you can use to execute PHP logic directly from the command-line before running the actual command.
The WP-CLI package manager now supports GitLab URLs. This means you can host your custom commands on GitLab and still easily install them right from the VCS:
Chunked queries in search-replace to avoid memory issues
When you need to run a search & replace operation on a very large database, you can easily run into memory issues. WP-CLI tried to fetch all matching query results into memory to loopLoopThe Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop. over them.
This type of operation is now processed via a chunked loop that works on 1000 query results at a time via pagination. This drastically reduces the memory requirements and decouples them from the database size.
This is just the first command that receives this treatment, but expect to see more of such scalability fixes in the future.
Hide global parameters help
If youāre a more seasoned WP-CLI, you might have been annoyed from time to time about the wasted screen real estate on the help screens that always append the list of global parameters every single time.
You can now choose to skip the display of these global parameters by setting the following environment variable:
export WP_CLI_SUPPRESS_GLOBAL_PARAMS=true
All the help screens will then only display the help for the current context.
Switch from Travis CI to GitHub Actions
For multiple different reasons, I decided to move away from Travis CI, and I ended up migrating the entire infrastructure (testing, automation, deployment, publication, ā¦) over to GitHub Actions.
You will now find a .github/workflows folder in each of the repositories that contains a set of workflows for that repository. However, we also have a new wp-cli/.github repository. This contains centralized workflows that mostly deal with keeping the workflows and configurations across all of the other repositories in sync.
This means that, when I now need to make a change in the testing workflow, for example, I donāt need to manually create a pull request in each of the packages. I modify the template workflow in the wp-cli/.github repository instead, and this one then syncs all the changes over to the individual repositories.
The added automation details, as well as the much improved parallelization of running the tests in GitHub Actions has drastically accelerated the development experience and ultimately leads to faster and cheaper maintenance of the entire project.
Documentation is automatically kept in sync
If youāve contributed to one of the commands before, I might have required you to install the wp-cli/scaffold-package-command package and run a cryptic command on your PR to get the README.md file updated based on changes in the codeās docblocks. This was an awful contributor experience and I wanted to get rid of that requirement.
When I initially experimented with a git hook to automatically add a commit on PRs when they are pushed, I realized that that approach leads down to a path of merge conflicts and confusion.
The move from Travis CI to GitHub Actions was a good opportunity to revisit this, as I have now solved this problem via an automated GitHub Actions workflow. Whenever changes are pushed to the default branch of a repository, the GitHub Actions bot will try to regenerate the documentation and if this actually produced any changes, it creates a new pull request with the needed patch.
This PR can then be reviewed and merged just like any other contribution. It happens independently of the code change a contributor submitted, so they donāt need to worry about any of this.
MigrationMigrationMoving the code, database and media files for a website site from one server to another. Most typically done when changing hosting companies. to Behat v3
WP-CLI has been stuck with Behat v2 for quite a while now, and this also had an impact on the dependencies we needed to rely on. This made the move to PHP 8 compatibility all the more difficult. Therefore wp-cli/wp-cli-tests was updated to migrate from Behat v2 to Behat v3.
Apart from multiple improvements of the syntax and its execution, this also finally makes it easy to reuse the functional testing infrastructure outside of a wp-cli package. Expect to see a guide on how to migrate your own package code to Behat v3 as well as on how to use wp-cli/wp-cli-tests within other contexts soon.
More flexible test setup
The test setup was made way more configurable to adapt to less standardized environments. Where it was previously difficult to run the tests on a non-traditional stack like a Docker network or a GitHub Actions environment, this can now be easily done via a set of new environment variables.
The database credentials can now be provided via the following environment variables:
WP_CLI_TEST_DBHOST
host to use and can include a port, i.e ā127.0.0.1:33060ā
localhost
WP_CLI_TEST_DBROOTUSER
user that has permission to administer databases and users
root
WP_CLI_TEST_DBROOTPASS
password to use for the above user
(empty password)
WP_CLI_TEST_DBUSER
user that the tests run under
wp_cli_test
WP_CLI_TEST_DBPASS
password to use for the above user
password1
Provided that these environment variables are present and that your database is online, a simple composer prepare-tests will take care of everything.
Detailed change log
To avoid too much noise in the list above, the following types of pull requests have been omitted:
PRs that dealt with Travis CI and its many issues, as Travis CI has now been replaced with GitHub Actions. Note that the PRs that switched from Travis CI to GitHub Actions are still included, as these often include fixes in the tests or even in the actual code to make the tests pass again on GHA.
PRs that only bumped a single dependency to its latest version.
Move fetcher implementations back into framework [#5527]
Add WpOrgApi abstraction to handle WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ API requests [#5526]
[BREAKING CHANGE] Disable automatic retry by default on certificate validation error [#5523]
Add missing $pipes variables when creating processes [#5522]
Harden error message on failed cache directory creation [#5520]
Update docblocks for methods that accept error objects [#5516]
[BREAKING CHANGE] Use custom certificate if provided [#5514]
[BREAKING CHANGE] Respect provided verify option in Utils\http_request [#5507]
Add $interactive arg for run_mysql_command() [#5420]
Add support for comma-separated flag values [#5419]
Fix SERVER_PORTJSONJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. encoding failure [#5417]
Create a default global config file if it does not exist [#5411]
Updated minimum required PHP version to 5.6 [#5408]
Include classmap in order to fix Composer 2 deprecation notices [#5407]
Bump PHPCS compatibility tests to new PHP 5.6+ minimum [#5406]
Throw exception when misusing error_to_string() [#5405]
Prevent array access notice when $update_info is null [#214]
Add missing --network parameter for plugin is-active [#222]
Donāt show a warning when theme delete --all skips the active theme [#218]
Deny --dry-run usage when requiring a specific version [#236]
Bump PHPCS compatibility tests to new PHP 5.6+ minimum [#235]
Allow for filtering multiple field values for the list command [#234]
Validate the --statusfilterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. passed to wp plugin list and wp theme list [#229]
Add commands to manage auto-updates for plugins and themes [#259]
Provide clear error message when pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party fails PHP requirement [#253]
Updated minimum required PHP version to 5.6 [#265]
Bump PHPCS compatibility tests to new PHP 5.6+ minimum [#264]
Scaffold block support for child themeChild themeA Child Theme is a customized theme based upon a Parent Theme. Itās considered best practice to create a child theme if you want to modify the CSS of your theme. https://developer.wordpress.org/themes/advanced-topics/child-themes/. [#242]
Keep test suite in sync with WP files when testing trunk/nightlies [#271]
The long-awaited release v2.5.0 of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ is scheduled to be published on Wednesday, May 19th, 2021.
I wonāt go into too much detail about why the release was so long in the making, but let me nevertheless add a link to an article in which Juliette Reinders Folmer eloquently talks about some of the reasons: https://24daysindecember.net/2020/12/21/a-perfect-storm/. Add to this the fact that the pandemic situation has drastically reduced the pool of contributors, as well as Travis CI deciding to effectively drop OSS support (forcing me to switch both testing and deployments to GitHubGitHubGitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the āpull requestā where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ Actions), and weāre in a situation that Iām glad will finally be resolved again soon.
Thanks to all the sponsors of the project that make it possible to work on WP-CLI with the persistence and staying power it requires.
Also big thanks to the contributors to the project that kept helping me figure out bugs and come up with solutions! I truly appreciate all your assistance.
And in case youāre one of the many people who created an issue in recent times that hasnāt been resolved yet, know that getting v2.5.0 out was an absolute priority, but Iāll slowly work off the backlog again once the pressing compatibility issues have been taken care of.
Just in time for the release of WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. 5.3.0 we have a new release of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ as well. A team of 37 contributors has collaborated to get 159 pull requests merged.
Letās go over some of the noteworthy changes in this release. Most of the work went into compatibility fixes, so thereās not many new toys to play around with, unfortunately. As always, you can also skip directly to theĀ detailed changelog if you prefer.
WordPress 5.3 support
It should be obvious that WP-CLI supports the latest upcoming WordPress Core release, of course. However, there were quite a few changes that went into 5.3 that made it not only difficult to keep WP-CLI working across 5.3 and earlier versions at the same time, but also made it necessary to release WP-CLI in parallel to have a working option available.
The push to support more of the newer PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. features that became available due to the bump to the minimum PHP version of Core introduced changes to function signatures and class interfaces, which required a few adventurous fixes in some casesā¦
PHP 7.4 support
PHP 7.4 is not yet available in a stable release, but weāre slowly coming closer to the planned release date.
There have been quite a few fixes that went into WP-CLI to make sure it works correctly with PHP 7.4 once itās available. Itās an ongoing process, still, as weāre working towards the first stable version. Tests are running for PHP 7.4 in the background as well for each package. These are still allowed to fail right now, but after this release, they will be switch to break on error.
Download a specific URLURLA specific web address of a website or web page on the Internet, such as a websiteās URL www.wordpress.org as Core
The core download command now accepts a URL to download a specific ZIP archive with a version of Core to use. This also allows you to use your own custom version easily. Just add the URL and youāre good to go: wp core download https://somesite/build.zip
Large image support
WP-CLI will properly deal with large images in the way that WP Core 5.3 was improved. It knows about the original source images as well so you can safely rebuild your thumbnails without losing quality.
On multisiteMultisiteMultisite is a WordPress feature which allows users to create a network of sites on a single WordPress installation. Available since WordPress version 3.0, Multisite is a continuation of WPMU or WordPress Multiuser project. WordPress MultiUser project was discontinued and its features were included into WordPress core.https://codex.wordpress.org/Create_A_Network.-convert, donāt assume site_id is 1 [#122]
Add second must-use pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party that is added with wp-cli-tests 2.1.6+ [#200]
Equalize theme folder naming conventions across Win/Mac/Linux [#196]
Required PHP version headerHeaderThe header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitorās opinion about your content and you/ your organizationās brand. It may also look different on different screen sizes. [#238]
Adapt tests to make the widgetWidgetA WordPress Widget is a small block that performs a specific function. You can add these widgets in sidebars also known as widget-ready areas on your web page. WordPress widgets were originally created to provide a simple and easy-to-use way of giving design and structure control of the WordPress theme to the user. expectations more flexible [#34]
This release v2.3.0 is, as already announced, rather unspectacular. The previous release was very taxing for several reasons, so we lowered the pace for a while to recover.
This version is mainly meant to finally get a few bug fixes out there that were not critical enough to warrant an immediate hotfix release but are nice to have eradicated at one point, nevertheless.
Overall, a team of 36 contributors has collaborated to get 129 pull requests merged. Iāll briefly go over some of the more noteworthy stuff, but as always, you can also skip directly to theĀ detailed changelog if you prefer.
New command to fix image orientation
Some cameras and smartphones will automatically tag pictures to denote āwhich way is upā. This means that you will have these devices show you the pictures you took during your handstand in the correct orientation no matter what, even though the actual picture file is upside down.
The media command now has a new subcommand media fix-orientation that reads these special tags and properly applies them to your images. This way, the images will also be shown with the correct orientation on devices that do not support this tag.
You can now skip tables using wildcards
The --skip-tables flag for the search-replace command has learnt a new trick ā it now lets you skip a group of tables in one go through wildcards.
You can use wildcards like 'wp_*options' or 'wp_post*' to make your life easier.
Add config settings to the end of the file
Up until now you always had to provide an anchor to attach changes to your wp-config.php to when using the config add command.
You can use this through the special anchor flag --anchor=EOF.
Optimized vagrant support
When youāre connecting to your vagrant VMs through WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ās special-case vagrant SSHSSHSecure SHell - a protocol for securely connecting to a remote system in addition to or in place of a password. connection scheme, youāll notice that the operations are way faster now, as weāre caching the configuration across calls now.
Fix issue with failing test cases due to version mismatch [#181]
Fix activation issue of installed pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party/theme [#180]
Skip broken test on PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. 7.3 [#178]
Skip test for duplicate resizes for coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. trunk because of bug in current version [#112]
Phew, itās finally here! Although there are not that many new features, we had a lot of work being done behind the scenes, to make future releases smoother. A lot of the processes have been improved, and weāve managed to squash quite a few bugs while doing so.
A team of 57 contributors has collaborated on this release to get 347 pull requests merged. Iāll briefly go over some of the more noteworthy stuff, but as always, you can also skip directly to theĀ detailed changelogĀ or examine theĀ breaking changesĀ section if youāre impatient.
New Committer
Thrijith Thankachan (@thrijith) is from Surat, India. He works for rtCamp as a WordPress Engineer and he is the developer behind the two new commands alias and maintenance-mode.
WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/ code standard
Through the initiative of @jrf, and with the outstanding help from @thrijith, @wojsmol & @williampatton, we now have a WP-CLI code standard that we can enforce.
For any package, you can just run composer phpcs to verify that your code meets the CS requirements. Basic formatting issues can be automatically corrected through vendor/bin/phpcbf (a Composer script will soon follow for that).
The goal of this big effort is to reduce the back & forth on pull requests and thus reduce the maintenance burden. For most pull requests, whitespace issues and code style issues represent the bulk of the time and effort required by the maintainers. With enforced and automated coding standards, everyone saves time and the discussion more often revolves around the actual logic that solves the problem, instead of alignment issues and spacing rules.
This is all pretty fresh, so stay tuned while more extensive documentation and updates to the tooling will follow.
New command to manage aliases
The old wp cli alias has finally grown up and has become a complete CRUD interface for managing your WP-CLI aliases. You can alias list to retrieve your current configuration, alias get to retrieve an individual alias, and alias add|update|delete to make changes.
While experimenting with these commands, please remember that you need to work around the already active global parameters. This is why we had to add a prefix (--set-<flag>) to all the flags that let you configure the aliases. So, updating the SSHSSHSecure SHell - a protocol for securely connecting to a remote system in addition to or in place of a password. connection string for an alias is done through alias update <key> --set-ssh=<ssh>. If you would use --ssh instead to configure it, youād actually immediately connect to that SSH target instead.
# List alias information.
$ wp cli alias list
---
@all: Run command against every registered alias.
@local:
user: wpcli
path: /Users/wpcli/sites/testsite
# Get alias information.
$ wp cli alias get @dev
ssh: dev@somedeve.env:12345/home/dev/
# Add alias.
$ wp cli alias add prod --set-ssh=login@host --set-path=/path/to/wordpress/install/ --set-user=wpcli
Success: Added '@prod' alias.
# Update alias.
$ wp cli alias update @prod --set-user=newuser --set-path=/new/path/to/wordpress/install/
Success: Updated 'prod' alias.
# Delete alias.
$ wp cli alias delete @prod
Success: Deleted '@prod' alias.
New command to control maintenance mode
WP-CLI now lets you enable or disable the WordPress maintenance mode with the two simple commands maintenance activate and maintenance deactivate. You can query the current status with maintenance status (for humans) or maintenance is-active (for easy shell scripting).
The eval-file had a small, innocuous tweak. When it encounters a āshebangā, a first line in a file that starts with #!, it will strip that line and try to run the rest of the file through PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php.ās eval().
For folks not used to working in Unix shells, that might sound rather useless, but this shebang is actually a construct that your shell understands, and that lets you tell the shell how to execute the file.
As an example, hereās a file that contains such a shebang and actually points to WP-CLIās eval-file command:
With that file structure, you can now rename that script file to something like blogname and make it executable. It now behaves like any other shell tool, and will use WP-CLI as a shell framework for retrieving the current blogās name.
Have fun experimenting with this new functionality, and donāt forget to share the more interesting use cases you can think of with the rest of the community!
Breaking changes
Name changes
While going through the code to make it fit for actually enforcing our new WP-CLI coding standard, we decided to rename some of the more internal functions, methods and properties to make the experience more consistent.
Although we took great care to figure out what we could safely rename and what needed to stay intact, there might be some edge cases where people are nevertheless directly coupling to some bit of internal code.
This is mostly relevant if you extend one of the WP-CLI classes to override default behavior.
Removal of framework files from test package
The test package included a few framework files that were used to make the FeatureContext logic work. However, as wp-cli/wp-cli was a hard requirement for wp-cli/wp-cli-tests anyway, we removed these framework files and had the test package pull them in through the dependency.
In case you were directly coupling your code to these files as they were found in wp-cli/wp-cli-tests (which is unlikely), then youāll have to change your code to refer to these same files in the wp-cli/wp-cli package. See the pull request for more details.
Consistent display of serialized metaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. values
Serialized data has been displayed very inconsistently, with some commands showing them as is (option list), and some commands unserializing them automatically for display (post meta list).
Weāve changed this so that they all show the values as they are stored, to avoid surprises.
This is a breaking change, however, and if you happened to rely on the automatic unserialization, youāll be glad to hear that the affected commands now provide an optional --unserialize flag to get back to the old behavior. You can even put this flag into your global config to permanently stick with the old behavior.
Affected commands are: comment meta get|list, network meta get|list, post meta get|list, user meta get|list.
Complete change log
All repositories
Implement CS checking based on theĀ WP_CLI_CSĀ ruleset
Add a GitHubGitHubGitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the āpull requestā where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ setting for label toĀ dependencies.ymlĀ [#74]
Try removing āignore-platform-reqsā from Dependencies.yml [#72]
AddĀ dependencies.ymlĀ file to define auto-updates [#70]
Introduce ability to override wp-config.php path with env var WP_CONFIG_PATH [#5119]
Support persistent MySQLMySQLMySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/. connections [#5115]
Fixed documented return type forĀ make_progress_bar()Ā [#5112]
FixĀ FileCache::export()Ā not ensuring parent directories exist forĀ $targetĀ [#5103]
SwitchĀ ext-readlineĀ to āsuggestā instead of a hard requirement [#5102]
Update docblock for add_command() to properly reflect the return value [#5099]
Change to āHappy publishing.ā per change in coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. [#5059]
Update link ofĀ backwpupĀ pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party [#315]
Update release checklist documentation to point to the issue templates [#306]
AddĀ wp cli infoĀ as first environment info [#305]
Document theĀ <scheme>Ā part of theĀ --sshĀ flag [#299]
Add documentation for theĀ --foo[=<bar>]toĀ command-cookbook.mdĀ [#293]
Set Language headerHeaderThe header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitorās opinion about your content and you/ your organizationās brand. It may also look different on different screen sizes. directly to prevent exceptions [#150]
Add script file name to JSONJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. translation files [#134]
Improve language handling when creating JSON files [#133]
Prevent creating unregisterable blocks due to invalid plugin slug [#203]
AddĀ dependencies.ymlĀ to pluginĀ .distignoreĀ [#202]
Add DeployHQĀ .deployignoreĀ to ignored files inĀ .distignoreĀ [#201]
Ignore various JavaScriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userās browser. https://www.javascript.com/. config files in pluginĀ .distignoreĀ [#200]
āTis the season to celebrate a new release of WP-CLIWP-CLIWP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/https://make.wordpress.org/cli/! š
A total of 39 contributors has collaborated on this release to have a staggering 293 pull requests merged. Weāll go over the main areas now, but you also skip directly to the detailed changelog or ponder over the breaking changes section if youāre impatient.
i18n ā round two!
The recent i18n make-pot command has replace the old make-pot tool in WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. and is now the official translation build tool for the Core. This effort has lead to numerous improvements to make it both more robust and more flexible.
Amongst the more notable changes, it can now parse JavaScriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userās browser. https://www.javascript.com/. in addition to the PHPPHPPHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. files, and together with the new i18nĀ make-json command that lets you produce separate JSONJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. files, youāre all set to make your GutenbergGutenbergThe Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses āblocksā to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ blocks translatable!
Translation pack improvements
We didnāt stop there with regards to making WordPress an āinternational successā⦠the language family of commands got several improvements and fixes. The most notable one is that language plugin|theme update now understands an --all flag, so you can update language packs for all your installed plugins/themes in one go.
# Update the language packs for all plugins.
$ wp language plugin update --all
Updating 'Japanese' translation for Akismet 3.1.11...
Downloading translation from https://downloads.wordpress.org/translation/plugin/akismet/3.1.11/ja.zip...
Translation updated successfully.
Updating 'Japanese' translation for Contact Forms 7 4.2.1...
https://downloads.wordpress.org/translation/plugin/contact-form-7/4.2.1/ja.zip...
Translation updated successfully.
Success: Updated 2/2 translation.
Partial prompting
The lesser known --prompt global parameter has now become even more useful. Instead of always prompting for all arguments, it skips those that were already provided, as you would probably already have expected.
One way this can be used is to prefill all arguments that you can remember and then use --prompt to help you with the more arcane flags.
More importantly, though, you can now prefill all the arguments that are already known inside of a script, and then add the --prompt argument to let the script query the remaining information from the user.
Manage the WP-CLI cache
We added two additional commands that let you manage the WP-CLI internal cache. cli cache clear will clear the entire cache, whereas cli cache prune will only clear the elements known to be stale. This latter will for example remove all the versions of WP core that you downloaded except for the most recent one.
# Remove all cached files.
$ wp cli cache clear
Success: Cache cleared.
# Remove all cached files except for the newest version of each one.
$ wp cli cache prune
Success: Cache pruned.
Better control over transients
You can now list the current transients on your site or network using the filterable transient list command. You can search for specific transients or exclude the ones you want to hide. You can even choose whether you want the expiration to be displayed in a human-readable or machine-parseable format.
# List all transients
$ wp transient list
+------+-------+---------------+
| name | value | expiration |
+------+-------+---------------+
| foo | bar | 39 mins |
| foo2 | bar2 | no expiration |
| foo3 | bar2 | expired |
| foo4 | bar4 | 4 hours |
+------+-------+---------------+
Furthermore, transients are now handled more consistently across multisiteMultisiteMultisite is a WordPress feature which allows users to create a network of sites on a single WordPress installation. Available since WordPress version 3.0, Multisite is a continuation of WPMU or WordPress Multiuser project. WordPress MultiUser project was discontinued and its features were included into WordPress core.https://codex.wordpress.org/Create_A_Network. networks, and allow you to properly distinguish between regular transients and site transients.
Database management improvements
Also, the db size loved the idea of a --human-readable flag like in the transient list command so much that it got its own version. This will always use the unit that is best adapted to convey the information.
# List the size of the database in a human-readable form
$ wp db size --tables --human-readable
+---------+--------+
| Name | Size |
+---------+--------+
| my_site | 117 MB |
+---------+--------+
Furthermore, the db import command now understands all the flags that the mysql binary does, so that you can get past errors in SQL exports or adapt the result you want to see in your target site.
# Import an SQL export file that contains errors, by
# passing the --force argument to mysql binary.
$ wp db import export-with-errors.sql --force
Success: Imported from 'export-with-errors.sql'.
Smarter configuration
The config commands are now smarter. They not only allow you to edit the wp-config.php even on a broken WordPress installation, but youāre also able to retrieve the individual settings in whatever format best fits your scripting needs.
Finally, adding new configuration values or updating existing ones will now only throw errors in the most ambiguous scenarios, while they just work for the majority use cases without the need to explicitly specify a --type.
Checking the existence of a post
You can now check whether a given post exists by using the new post exists command. It returns a shell exit code, so you can use it directly in shell conditionals.
if wp post exists 42; then
echo "Skipping post import for ID 42, it already exists."
else
echo "Importing post with ID 42..."
# ...
fi
Breaking changes
While we had already bumped the minimum PHP version in v2.0.0 and started using PHP 5.4+ code in some places, we now actively enforce this requirement in the bootstrapping code [wp-cli#5039](https://github.com/wp-cli/wp-cli/pull/5039).
The restructuring of the packages in v2.0.0 produced a regression which caused overrides through the package manager to not work anymore. We fixed this by completely ripping the framework out of the regular Composer autoload flow. This should now lead to less surprises when rearranging the Composer compositions, but might have side-effects in some exotic Composer setups [wp-cli#5010](https://github.com/wp-cli/wp-cli/pull/5010).
The breaking change from v2.0.1 to throw an error for non-lowercase theme slugs was reverted, as it broke far more than we anticipated. Thatās why we now break the breaking change to get back to the original behavior [extension-command#137](https://github.com/wp-cli/extension-command/pull/137). š
WP-CLI tries to speak proper English now. To achieve this, we changed the output to use the real world āinstallationā where we were using the fantasy term āinstallā before [wp-cli#4946](https://github.com/wp-cli/wp-cli/pull/4946).
Add pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party Simple History [#257]
Update running-commands-remotely.md to add ~/bin approach [#256]
Use āinstallationā instead of āinstallā [#255]
Add new db clean to README.md and configuration files [#119]
Fix combination of --format & --size_format flags [#118]
Add links to mysqlMySQLMySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/. documentation [#117]
Throw error in theme fetcher on non-lowercase slugs [#126]
Raise timeout for HTTPHTTPHTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. requests to 1 minute [#125]
Revert āThrow error in theme fetcher on non-lowercase slugsā [#137]
Set a placeholder PO-Revision-Date headerHeaderThe header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitorās opinion about your content and you/ your organizationās brand. It may also look different on different screen sizes. [#92]
Add textdomain to blockBlockBlock is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. strings and update tests accordingly [#187]
Use branch for WP_TEST_TAG for RCRelease CandidateA beta version of software with the potential to be a final product, which is ready to release unless significant bugs emerge. and betaBetaA pre-release of software that is given out to a large group of users to trial under real conditions. Beta versions have gone through alpha testing in-house and are generally fairly close in look, feel and function to the final product; however, design changes often occur as part of the process. [#186]
Missing text domain in post_type_extended.mustache [#184]
Work around Travis CI issue with _s download certificate [#182]