WordPress.org

Make WordPress Core

Welcome to the official blog of the core development team for the WordPress open source project.

Here, we make WordPress core. Follow our progress with general updates, status reports, and the occasional code debate.

We’d love for you to help out.

Looking to file a bug?

It’s easy to create a ticket on our bug tracker.

Want to contribute?

Get started quickly. We have some tickets marked as good first bugs for new contributors. There’s more on our reports page, like patches needing testing.

We also have a detailed handbook for contributors, complete with tutorials.

Weekly meetings

We use Slack for real-time communication. As contributors live all over the world, there are discussions happening at all hours of the day.

We have a project meeting every Wednesday at 20:00 UTC in the #core channel on Slack. (Find out more about Slack.)

You can find meeting agendas on this blog. You’re welcome to join us or listen in.

Recent Updates Toggle Comment Threads | Keyboard Shortcuts

  • Jeremy Felt 3:33 am on May 27, 2015 Permalink |
    Tags:   

    Multisite Office Hours Recap (May 26, 2015) 

    Multisite office hours are held every Tuesday at 20:00 UTC in #core-multisite.

    Today’s chat log

    Overall 4.3 Release Objectives

    Last week’s objectives for dev chat:

    • Continued work on mock-ups, discussion around edit site and add site flows.
    • Android and iPad flows posted to Make/Flow.
    • Conversation around and updated `WP_Network` patch and a first attempt at `WP_Site`.

    Today’s meeting agenda:

    • Arbitrary domain/path combinations. #22383 (and now #32434)
    • `WP_Network` #31985 and `WP_Site` #32450
    • Thoughts on how to track scheme for a site. #14172
    • More flows (and tickets) needed. :)

    Topic Details:

    Arbitrary domain/path combinations in edit site:

    • Tickets: #22383, #32434, #32503
    • chat log
    • @hugubaeta explored things some more and left some good feedback on #22383. We agreed to push ahead with the single entry for scheme, domain, and path in #22383.
    • During that discussion, we started to address the question of the checkbox for updating home and siturl. This resulted in #32503. After some further discussion there, we’re going to try removing that checkbox entirely and using some logic to determine when to update home and siturl. @earnjam is working on the patch for this.
    • @ocean90 is working on updating a patch for #32434 after discussion there and in #22383.

    Progress on `WP_Network` and `WP_Site`:

    • Tickets: #31985, #32450
    • chat log
    • second chat log
    • Initial brief conversation. @earnjam is going to take a closer look at the existing patches. We need to start brainstorming where `WP_Network_Query` starts.
    • Continued this conversation with @johnjamesjacoby later in the day. He’ll be working on the patches a bit more this weekend as well.
    • #25293 was brought up to consider so that the correct network ID is available after `switch_to_blog`. Also #14867 to ensure the correct scheme is attached to the site object.

    Thoughts on how to track scheme for a site:

    • Tickets: #14172
    • chat log
    • @johnbillion agreed that `wp_blogs` seemed like the right place to track scheme. We’ll need to worry some about the upgrade process, though larger networks should be able to handle something like this.
    • Some more discussion on the ticket would be great. We should get a patch going sooner than later. This is up for grabs, claim it in the comments! :)

    More flows for Make/Flow:

    • chat log
    • @ubernaut is almost done with iPhone 5s videos.
    • @johnbillion mentioned trying some recordings with Android.
    • @jeremyfelt is still claiming that he’ll do an iPad capture one night.
    • We need to get more of these up on Make/Flow to capture a good visual record. As they go up, please create tickets for things that look off. Even if you haven’t posted a flow of your own, please browse through the existing ones and look for issues.

    Thanks to everyone in office hours today! Chime in with any comments, tickets, etc… or join us in #core-multisite. :)

     
  • Nick Halsey 3:53 pm on May 25, 2015 Permalink |
    Tags: , ,   

    Customize Component Update – 5/25/15 

    The Customizer team has been busy working on some major user-facing and behind-the-scenes changes targeting WordPress 4.3. This update will provide an overview of our goals, current status, and pathways for contributors to get involved.

    We’re planning on holding an extra meeting in #core-customize at 5pm PDT today, 5/25, (May 26, 00:00 UTC) to discuss progress and assignments/plans for the coming week-plus before the feature-plugin merge window opens. This time won’t work for our European contributors but hopefully more of us can make it than can make the old Friday time. (cc @westonruter, @valendesigns, @voldemortensen, @ocean90, @folletto).

    Redesigned Customizer Flow/UX

    Customizer mobile flow redesign walkthrough gif

    New Customizer flow introduced in #31336, on a mobile viewport with a recent (not latest) patch.

    #31336 introduces a re-imagined Customizer experience that clarifies the flow, distinguishes navigation from control UI, and improves design through careful adjustments to colors, contrast, and spacing. The primary changes are centered around removing the accordion UI in favor of panel-like horizontal sliding for sections, allowing us to introduce consistent headers across panels and sections to build on the work that was started in 4.2 with the new themes section. Design work for this change was started at the end of 4.0 last August, and @folletto has continued refining the flows since then while I’ve done most of the patching work.

    At this stage, we’re trying to get a first-pass patch committed as soon as possible as it’s holding up some of our other priorities including #30737 and Menu Customizer work. We need help testing the patch on different browsers & devices, as well as for any further usability feedback. Once the initial patch is committed, it will be easier to contribute via additional smaller patches.

    In addition to this broad UI/UX change, we have several other proposed UI changes being considered for 4.3. Icons for Customizer sections and panels are ready to go pending feedback ( #28504). If time allows and there is enough interest, we could also potentially introduce an improved collapsed mode ( #29949) and device-size preview for the Customizer preview ( #31195) in 4.3. We may also do a full accessibility audit and make fixes accordingly later in the release, per recent discussion on #31336.

    Menu Customizer

    I just pushed version 0.4, which includes:

    • In-Customizer previewing of “original” menu item links
    • A redesign of the screen options popup
    • The addition of theme location checkboxes within menu sections (which fully cross-sync with the menu locations section)
    • Theme locations listed within menu section names
    • Menus can only be deleted when they aren’t assigned to any locations
    • Available menu item searching, and a first-pass redesign of the available menu items panel to match the new look for core in #31336 (more to come here)
    • Integration of the existing theme location controls into the plugin
    • Also notable, I compiled a list of ~10 (and counting) core tickets that Menu Customizer fixes; most notably, #14134

    Big thanks to @valendesigns, @folletto, and @voldemortensen for helping out with these changes. We have several major issues to fix still, so please jump in on GitHub if you’re interested in helping out.

    Now is also the time for an extensive review process to begin on all fronts, so that we can address any issues in time to make core merge in just a few short weeks. We need several kinds of feedback:

    • General usability feedback
    • Usability testing
    • Accessibility review/feedback
    • Design/UI/UX feedback (test with #31336)
    • Inline documentation review (should be mostly there, but needs a thorough review and cleanup)
    • Code review/cleanup
    • Lead dev/committer review for additional issues

    Note that testing should be done with the Menu Customizer plugin and WordPress 4.3 alpha, and that the patch on #31336 is currently a dependency for everything design-related. The plugin can be tested on 4.2 right now, but some pieces of the UI may be a bit off, and we’ll be breaking 4.2-compat in the near future as critical dependencies are merged into core. The most urgent dependencies are #31336 and #30737 (both of which require updates in the plugin and prevent key functionality from working). #30738 and #30741 would be really nice to have, but we can more comfortably hack around those issues at the time of core merge if we have to.

    Partial Refresh

    @westonruter has finished integrating partial refresh into Menu Customizer (it already worked for widgets), and is now abstracting it one layer further to be available for general use via the API. Partial refresh is an in-between option for setting previewing between doing a full refresh of the preview and fully implementing setting changes in JS via postMessage; settings are previewed by refreshing only part of the preview window.

    Other Updates

    We’ve made some changes to our component page. Customize is no longer a sub-component of Themes (note the URL change). I also added a summary of our major projects over the past several releases, as well as a brief roadmap/wishlist for future-release projects, and a few routes for getting involved in contributing. @valendesigns and I also triaged the roughly-20 tickets needed a response yesterday, as well as triaging a good chunk of the enhancement tickets in the component that haven’t had activity in more then 4 months. @valendesigns has also stepped up as another component maintainer, joining @westonruter, @voldemortensen, and myself.

     
    • Emil Uzelac 4:26 pm on May 25, 2015 Permalink | Log in to Reply

      Great job all! I am personally super excited about the update 👍

    • Matthew 4:28 pm on May 25, 2015 Permalink | Log in to Reply

      Looks great!

    • Omaar Osmaan 4:47 pm on May 25, 2015 Permalink | Log in to Reply

      Awesome! Thanks for the hard works-

    • Ryan Boren 5:55 pm on May 25, 2015 Permalink | Log in to Reply

      Nice. I’m looking forward to using it.

      If you’re interested in testing, check out the core handbook. If applying and testing patches is too inconvenient, there is still plenty of testing to do once patches land. Once #31336 is committed, any site using the beta tester plugin to automatically update to the latest nightly build will get the new customizer ui. Between these daily core updates and the regularly updated customizer plugins mentioned in the post above, the latest 4.3 has to offer will be delivered to you daily. The customizer is an important interface. Many flows traverse it. We need to test it continuously on every device we have.

      Aside: Auto-update of feature plugins would make beta testing even easier. Auto-updates for core have been a valuable testing convenience.

    • jameskoster 6:47 pm on May 25, 2015 Permalink | Log in to Reply

      This looks great. One of the biggest complaints I see regarding the Customizer is the amount of scrolling required when there are lots of sections. It’s easy to become disoriented, this solves that quite elegantly!

      The other complaint I see a lot of the time is about the width. I wonder if it would be useful to allow the user to drag the Customizer edge to a width of their preference.

    • Shaped Pixels 8:45 pm on May 25, 2015 Permalink | Log in to Reply

      I’d like to try this out because there’s always room for improvements, and it sounds like there are some added here. I’ve just set it up and will check it out.

      As a side note, I’d like to see the Theme Changer, Widgets, Navigation, Header, Background, Site Title and Tagline, and the Static Front Page options removed and put back under “Appearance” and “Settings” because in my opinion, these really are not related to a theme’s “customizer options” setup. The customizer should be in place of using a third party theme options panel or one that is coded into a theme. Right now it seems like core WP settings are being thrown into the customizer on top of what a theme provides.

      Actually, what would be nice is to have add_theme_support(‘customizer’) if a theme needs it for it’s own options, otherwise leave it out.

      • Nick Halsey 9:03 pm on May 25, 2015 Permalink | Log in to Reply

        The purpose of the Customizer is to customize all aspects of a site, not just theme options. If you’d like your theme’s options to be consolidated to one place within it, I’d suggest using a panel and calling it “Theme Options” or something along those lines.

        In the future you’ll see menus (soon) as well as potentially a front-end-editing integration among other projects in the Customizer, with more of core moving there from the admin. The broader idea is than anything on the front-end should be able to be changed with the Customizer, with live-previewing functionality before publishing.

  • Konstantin Obenland 8:18 am on May 25, 2015 Permalink |
    Tags: ,   

    This week in 4.3: May 25 – 31 

    This is the jump-start post for the fourth week of the WordPress 4.3 release cycle.

    Core Meetings this week:

    4.3 Feature Chats this week:

    Feature goals until Dev Chat:

    • Network Admin UI:
      • Android and iPad flows.
      • Conversation around updated `WP_Network` patch and a first attempt at `WP_Site`.
    • Customizer Partial Refresh: Take what was done for Menus and then abstract a level again to facilitate plugins easily adding their own partial-refreshing.
    • Menu Customizer: Focus on the last few known issues and also start ramping up testing for usability, accessibility, design/UI/UX, code review/cleanup.
    • Passwords:
      1. Hook in core to enable plugin for PW change UI.
      2. Working version of PW change UI on the Profile screen (that is, you can change your password with it… show/hide… back compat for the pw confirmation field… not promising the strength hint stuff yet).
      3. #32430 ready for commit.
      4. Working patch for #32429.

    Tickets seeking feedback:

    • #29783: User Admin Language
    • #32396: Settings Reduction for 4.3
    • #31336: Customizer: separate navigation from options UI for better UX by removing accordion behavior
    • #30737: JS templates for Customizer Panels and Sections
    • #30738: JS content templates for base WP_Customize_Control
    • #30741: Build-out API for adding Customizer Panels, Sections, and Controls entirely with JS

    Notable updates from last week:

     
  • Helen Hou-Sandi 4:20 pm on May 21, 2015 Permalink |
    Tags: , ,   

    UI Chat Agenda, May 21 

    Quick check ins on:

    Specific assignments for:

    • Screen-by-screen sweep
    • Trac gardening

    We’ll finish off with open floor / impromptu Trac scrub and see what, if anything, can get committed now.

     
  • Konstantin Obenland 9:45 pm on May 20, 2015 Permalink |
    Tags: ,   

    Dev Chat Summary, May 20 

    Agenda, Slack log.

    Committers Update (#)
    @nacin
    New guest committers: @iseulde, @westonruter, and @obenland, renewed guest committers: @jorbin, @jeremfelt, permanent committers: @pento, @boone, and @johnbillion
    Also see https://make.wordpress.org/core/2015/05/20/new-committers-for-4-3/

    Editor (#)
    @azaozz@iseulde
    No update here. Will discuss goals for this week and next week outside of dev chat.

    Admin UI (#)
    @helen
    @helen is plugging away at some groundwork for the CSS roadmap, @stephdau should be taking a look at the first steps for list tables in the next day or so. Will discuss goals for next week in tomorrow’s UI meeting.

    Network Admin UI (#)
    @jeremyfelt
    They talked through aspects of the Edit Site and Add Site flows yesterday to help @hugobaeta with mock-ups. Hopeful to see a mock up of these soon. They have a couple flows in Make/Flow with more on the way. The 5s flow highlighted an issue with text inputs overflowing. There’s also an updated `WP_Network` patch.

    Things they want to have done by next week:

    • Android and iPad flows.
    • Conversation around updated `WP_Network` patch and a first attempt at `WP_Site`.

    Partial Refresh (#)
    @westonruter
    Now has support for refreshing menus changed by Menu Customizer: https://github.com/xwp/wp-customize-partial-refresh/pull/12/files
    It’s much simpler than partial refresh for widgets, and @westonruter thinks that maybe it could safely be on by default, instead of requiring opt-in as is currently done for widgets. The concern with on-by-default would be if menus get some dynamic behaviors added to them with JS, so maybe it’s just something that theme authors would need to account for.
    Also waiting on feedback and testing from the Menu Customizer, merging the corresponding PR for Menu Customizer, to then merge the PR for Customize Partial Refresh and do a new plugin release.

    Goals for next week: Take what was done for Menus and then abstract a level again to facilitate plugins easily adding their own partial-refreshing.

    Menu Customizer (#)
    @voldemortensen, @celloexpressions
    Lazy loading and error handling were committed. Will discuss goals for next week outside of dev chat.

    Better Passwords (#)
    @markjaquith
    They’ve been working on a mockup of the password UI: http://codepen.io/markjaquith/pen/GJjZbJ
    Probably best to create a temporary hook in core for the password-set UI in the profile, to allow the team to work on this as a plugin. @markjaquith can take care of that core change, and start the plugin on GitHub.
    #32428 is on hold until the Password UI is usable. @voldemortensen started work on expiring reset keys #32429, but hopes to get it showcase-able by the end of the week. @rmarks made a first pass at #32430 but it needs more work.

    Goals for next week:
    1. Hook in core to enable plugin for PW change UI.
    2. Working version of PW change UI on the Profile screen (that is, you can change your password with it… show/hide… back compat for the pw confirmation field… not promising the strength hint stuff yet).
    3. #32430 ready for commit.
    4. Working patch for #32429.

    Favicons (#)
    @johnbillion
    @johnbillion made a start on the site favicon manager. As discussed during dev chat last week and in #16434 it has an API so plugins/themes can register new sizes for favicons/touch icons/etc if the need arises. I’ll be pushed to a GitHub repo by tomorrow. The main thing that will need to be discussed is whether this should just be a customizer setting or not. @johnbillion will post about the repository location and meeting times on this blog.

    Other:
    @ocean90 is looking for feedback on #29783!

    Next chat will be on May 27 2015, 20:00 UTC

     
  • Andrew Nacin 8:02 pm on May 20, 2015 Permalink |
    Tags: ,   

    New committers for 4.3! 

    Please join me in welcoming three new guest committers for WordPress 4.3 — Ella Van Dorpe (@iseulde), Konstantin Obenland (@obenland), and Weston Ruter (@westonruter)!

    Ella has been one of our very top contributors of late. She started with a front-end editor plugin, which parlayed into substantial core editor contributions, including inline image editing in 3.9, inline oEmbed previews and improved editor scrolling (“focus”) in 4.0, distraction-free writing (“focus v2″) in 4.1, and a few dozen other things I am sure I am missing (like this). She’s a powerhouse.

    Obenland, well, is also wearing the release lead hat for 4.3. I said plenty of nice things about him there. 😄 While there’s no requirement for a release lead to be a committer, a) it does help with housekeeping, and b) Konstantin has unquestionably earned this in his own right, regardless of his other role.

    Weston has been essentially leading the customizer component since his work last year on bringing widgets into the customizer. His body of work there is nothing short of incredible and we’re lucky to have had him spearheading this important work.

    The lead developers review and appoint new committers to serve each release cycle, often to work on a particular component or feature. This guest commit access comes up for review after each release and can be renewed — Aaron Jorbin and Jeremy Felt have both been renewed for 4.3.

    We (well, I) neglected to announce that John Blackbourn (@johnbillion), Boone B. Gorges (@boonebgorges) and Gary Pendergast (@pento) were made full, permanent committers at the start of 4.2. John, Boone, and Gary all destroyed it in 4.1 (which is perhaps more obvious now that some of Gary’s work has been trickling out into the open).

    Congrats all! 🎉

     
  • Konstantin Obenland 3:52 pm on May 20, 2015 Permalink |
    Tags: ,   

    Dev Chat Agenda for May 20 

    Here’s the agenda for today’s Dev Chat in the #core channel on Slack.

    Time/Date: May 20 2015 20:00 UTC:

    1. Feature Updates
      1. Editor – @azaozz / @iseulde
      2. Admin UI – @helen
      3. Multisite Admin UI – @jeremyfelt
      4. Partial Refresh – @westonruter
      5. Menu Customizer – @celloexpressions / @westonruter / @voldemortensen
      6. Passwords – @markjaquith
      7. Site Icon – @johnbillion
    2. Component Updates

    Feature Leads: Let’s review last weeks goals and set new ones for next week.

    Recommended reading:

     
  • Jeremy Felt 9:28 pm on May 19, 2015 Permalink |
    Tags:   

    Multisite Office Hours Recap (May 19, 2015) 

    Multisite office hours are held every Tuesday at 20:00 UTC in #core-multisite.

    Overall 4.3 Release Objectives

    Last week’s objectives:

    • Mockups for the Edit Site / Add New Site improvements. [log] @hugobaeta has started working with this and we had a good conversation today to help fill in some of the blanks and give more to chew on. See the summary below of the issue.
    • Have more flows posted to Make Flow for the network admin. [log]
    • Get some decent progress on `WP_Site` and `WP_Network` #31985. [log] – I poked at @johnjamesjacoby‘s patch for `WP_Network()` and reduced it down to the bare essentials. We can start building this up and figuring out what pieces belong in `WP_Network_Query()`. Hoping to start work on `WP_Site()` shortly as well.

    Summing up the Edit Site / Add Site UI/UX issue:

    We’ve always had two configurations for a network in multisite: subdomain or subdirectory.

    Subdirectory is the easiest to handle as the domain will always be the same, inherited from the network. Only the path can change from site to site. Not only is this a UI decision in the Edit Site and Add Site screens, it is how ms-settings.php parses the requested URL when a subdirectory configuration is used.

    In the changes we make to the Edit Site #22383 and Add Site #31240 screens, we’ll still want to account for subdirectory configurations and make it as easy as possible for somebody to choose a path without worrying about scheme or domain.

    Subdomain seems similar, but ends up being very different. At first glance, only the domain can change from site to site, with the path always set to “/”. This is the case in the current Add Site screen. In the current Edit Site screen, you can change the full domain and the path to anything you’d like. Super admins have been able to use this to get around the strict UI requirements for subdomain configuration in Add Site. In ms-settings.php, the code cares less. We search the database for a matching domain and path, which effectively allows for arbitrary domains and paths—a good replacement for domain mapping.

    In the changes we make to the Edit Site and Add Site screens, we should make this as flexible as possible. The name of the configuration “Subdomain” will be weird, but it should be possible to enter any combination. Ideally we can confirm that this combination works before completing a save.

    Thanks to everyone in office hours today! Chime in with any comments, tickets, etc… or join us in #core-multisite. :)

     
  • Rachel Baker 11:11 pm on May 18, 2015 Permalink |
    Tags:   

    WP REST API: Version 1.2.2 (Security Release) 

    WP REST API versions 1.2.2 and 2.0 Beta 1.1 are now available. These are critical security releases affecting versions 1.2.1 and 2.0 Beta 1.

    On Saturday, the WP REST API team was made aware of an issue where authenticated users were able to escalate their privileges bypassing the expected capabilities check. Thanks to Kacper Szurek (@kacperszurek) for reporting this issue to the team responsibly.

    This release was coordinated by the REST API team and the WordPress core security team. The security team is pushing automatic updates for version 1.2.2, but do not wait or rely on the automatic update process. We recommend sites or plugins that are using either v1.2.x or 2.0 Beta 1 update the plugin immediately.

    Update with one click from Dashboard → Updates, get it from the plugin directory (zip), or pull it from GitHub.

    If you believe you have discovered a potential security vulnerability with the WP REST API, please disclose it to us privately by sending an email to security@wordpress.org. Security issues can also be reported via HackerOne.

    If you have a question about the release, you can find the team in #core-restapi on WordPress.org Slack, or you can privately message @rachelbaker, @rmccue, @danielbachhuber, or @joehoyle.

     
  • Konstantin Obenland 3:48 pm on May 18, 2015 Permalink |
    Tags: ,   

    This week in 4.3: May 18 – 24 

    This is the jump-start post for the third week of the WordPress 4.3 release cycle.

    Core Meetings this week:

    4.3 Feature Chats this week:

    Feature goals until Dev Chat:

    • Editor: Have the mobile toolbar working (except in iOS), as well as #31655, #30949, and maybe #31441 in.
    • Network Admin UI:
      • Mockups for the Edit Site / Add New Site improvements.
      • Having more flows posted to Make Flow for the network admin.
      • Get some decent progress on `WP_Site` and `WP_Network`.
    • Customizer Partial Refresh: Have it be abstracted enough for the Menu Customizer to work with.
    • Menu Customizer: Getting lazy-loading of both all menu item controls and the add-menu-item panel done, as well as better error handling for duplicate menu names and the like.
    • Passwords A HTML, CSS, JS working demo of the password setting UI, and tickets for that and all other items on their hit list.

    Notable updates from last week:

     
c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
shift + esc
cancel
Skip to toolbar