JSON REST API: Version 1.1

I’m happy to announce the availability of version 1.1 of the JSON REST API.

This release is a bit of a smaller, more focussed release as we work on increasing test coverage and squashing bugs. Here’s the juicy details:

  • Add new routes for taxonomies and terms.

    Taxonomies and terms have now been moved from the /posts/types/<type>
    namespace to global routes: /taxonomies, /taxonomies/<tax>,
    /taxonomies/<tax>/terms and /taxonomies/<tax>/terms/<term>

    Test coverage for taxonomyTaxonomy A taxonomy is a way to group things together. In WordPress, some common taxonomies are category, link, tag, or post format. https://codex.wordpress.org/Taxonomies#Default_Taxonomies. endpoints has also been increased to 100%.

    Deprecation warning: The /posts/types/<type>/taxonomies endpoint (and
    sub-endpoints with the same prefix) have been deprecated in favour of the new
    endpoints. These deprecated endpoints will now return a
    X-WP-DeprecatedFunction headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes. indicating that the endpoint should not be
    used for new development, but will continue to work in the future.

    (props @kadamwhite, @rachelbaker, @rmccue, #198, #211)

  • Allow customizing the APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. resources prefix

    The API base (typically wp-json/) can now be customized to a different
    prefix using the json_url_prefix filterFilter Filters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output.. Note that rewrites will need to be
    flushed manually after changing this.

    (props @ericandrewlewis, @rmccue, #104, #244, #278)

  • Give null as date for draft posts.

    Draft posts would previously return “0000-00-00 00:00:00” or
    “1970-01-01T00:00:00”, as draft posts are not assigned a publish date. The API
    now returns null where a date is not available.

    Compatibility warning: Clients should be prepared to accept null as a
    value for date/time fields, and treat it as if no value is set.

    (props @rmccue, #229, #230)

  • Fix errors with excerptExcerpt An excerpt is the description of the blog post or page that will by default show on the blog archive page, in search results (SERPs), and on social media. With an SEO plugin, the excerpt may also be in that plugin’s metabox..

    Posts without excerpts could previously return nonsense strings, excerpts from
    other posts, or cause internal PHPPHP The web scripting language in which WordPress is primarily architected. WordPress requires PHP 5.6.20 or higher errors. Posts without excerpts will now
    always return an excerpt, typically automatically generated from the post
    content.

    The excerpt_raw field was added to the edit context on posts. This field
    contains the raw excerpt data saved for the post, including empty
    string values.

    (props @rmccue, #222, #226)

  • Only expose email for edit context.

    User email addresses are now only exposed for context=edit, which requires
    the edit_users permission (not required for the current user).

    The email address field will now return false instead of a string if the
    field is not exposed.

    (props @pkevan, @rmccue, #290, #296)

  • Correct password-protected post handling.

    Password-protected posts could previously be exposed to all users, however
    could also have broken behaviour with excerpts. Password-protected posts are
    now hidden to unauthenticated users, while content and excerpts are shown
    correctly for the edit context.

    (Note that hiding password-protected posts is intended to be a temporary
    measure, and will likely change in the future.)

    (props @rmccue, #286, #313)

  • Add documentation on authentication methods.

    Full documentation on authentication
    is now available. This documentation explains the difference between the
    various available authentication methods, and notes which should be used.

    (props @rmccue, #242)

  • Include new client JSJS JavaScript, a web scripting language typically executed in the browser. Often used for advanced user interfaces and behaviors. from github.io

    The WP-API JavascriptJavaScript JavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a user’s browser. https://www.javascript.com/. library is now loaded dynamically from
    wp-api.github.io to ensure it is always up-to-date.

    (props @tlovett1, #179, #240)

  • Don’t allow setting the modification date on post creation/update.

    As it turns out, WP coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. doesn’t allow us to set this, so this was previously
    a no-op anyway. Discovered during test coverage phase.

    (props @rachelbaker, @rmccue, #285, #288)

  • Check post parent correctly on insertion.

    Posts could previously be added with an invalidinvalid A resolution on the bug tracker (and generally common in software development, sometimes also notabug) that indicates the ticket is not a bug, is a support request, or is generally invalid. parent ID. These IDs are now
    checked to ensure the post exists.

    (props @rmccue, #228, #231)

  • Make sure the type is actually evaluated for json_prepare_${type} filter.

    This value was previously not interpolated correctly, due to the use of the
    single-quoted string type.

    (props @danielbachhuber, #266)

  • Return WP_Error instead of array of empty objects for a revisionsRevisions The WordPress revisions system stores a record of each saved draft or published update. The revision system allows you to see what changes were made in each revision by dragging a slider (or using the Next/Previous buttons). The display indicates what has changed in each revision.
    permissions error.

    Previously, when trying to access post revisions without correct permissions,
    a JSONJSON JSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. list of internal error objects would be returned. This has been
    corrected to return a standard API error instead.

    (props @rachelbaker, @tlovett1, #251, #276)

  • Flip user parameters check for insert/update.

    Previously, you could add a user without specifying username/password/email,
    but couldn’t update a user without those parameters. The logic has been
    inverted here instead.

    (props @rmccue, #221, #289)

  • Add revision endpoints tests

    (props @danielbachhuber, @rachelbaker, @rmccue, #275, #277, #284, #279)

  • Add post endpoint testing

    Now at >54% coverage for the whole class, and >80% for the main methods. This
    figure will continue to rise over the next few releases.

    (props @rachelbaker, @rmccue, #99)

  • Separate helper functions into global namespace.

    WP_JSON_Server::get_timezone(), WP_JSON_Server::get_date_with_gmt(),
    WP_JSON_Server::get_avatar_url() and `WP_JSON_Server::parse_date() have
    all been moved into the global namespace to decouple them from the server
    class.

    Deprecation warning: These methods have been deprecated. The new
    json_get_timezone(), json_get_date_with_gmt(), json_get_avatar_url() and
    json_parse_date() methods should now be used instead.

    (props @rmccue, #185, #298)

As always, we’ve got a full list of all the changes and a longer changelog. Here’s who contributed to this release:

$ git shortlog 1.0...1.1 --summary
     8  Daniel Bachhuber
    12  DrewAPicture
     3  Eric Lewis
     2  JDGrimes
     9  K.Adam White
    54  Rachel Baker
   128  Ryan McCue
     4  Taylor Lovett
     1  jeremyfelt
     1  pkevan

Version 1.2

We’ve already started work on 1.2, and as always, we’re looking for help!

With version 1.2 and onwards, we’ll be tackling a bunch of extra testing for our endpoints, with the aim of eventually reaching >90% coverage. As always, we’ll also be adding new features and fixing bugs.

We’re also working on improving the new documentation site, and expect to see the majority of documentation migrated over there. Thanks to Sarah Gooding for helping out on the documentation side.

Core Integration

In case you missed it, the API is now slated for integration in WordPress 4.1. WP Tavern has a great writeup on the details.

As always, we look forward to seeing you at the team o2 and on GitHub. Now’s also a great time to remind you that you can get support for the plugin on WP.org, or by tweeting at me. Thanks to everyone who made this release great, and thanks to everyone using the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party!

#json-api, #rest-api