Make WordPress Core

Updates from September, 2015 Toggle Comment Threads | Keyboard Shortcuts

  • Robert Chapin 10:10 pm on September 2, 2015 Permalink
    Tags: , ,   

    Shortcode Roadmap Draft One (Proposal – Request for Comments) 

    This is the first draft of the Shortcode API Roadmap. It describes in broad terms a new feature set and migration that might take place across versions 4.4 through 4.7. This roadmap gives notice to plugin developers that significant changes in plugin design may be needed for compatibility with future versions of the Shortcode API. This roadmap also identifies steps taken to minimize the impact on plugin developers to allow most plugins to continue working with only small changes.

    The decision to create this roadmap arose from specific needs that are not met by the old code. Our old [ and ] delimiters were easily confused with the way those characters are commonly used in English quotations and sometimes even in URLs. The proposal to use [{{ and }}] instead should allow a better balance between being able to type in the shortcodes and avoiding confusion with any other input. With these more unique delimeters, we will be able to process registered shortcodes more efficiently because we will not have to search for them by name. Unregistered shortcodes will have more consistency because we can find them more accurately.

    Old style delimeters also gave no strong indication whether or not a closing tag was required. The proposal to use }$] as the delimeter of a shortcode with a following closing tag increases the efficiency of regular expressions, because the search for a closing tag will only happen as needed.

    Adding the new style of shortcode syntax provides an opportunity to make significant API changes. One of those major changes is to ensure that shortcodes are processed before paragraphs and before curly quotes. This will lead to greatly simplified code in related functions that currently must find and avoid shortcodes every time they run. We also have an opporunity to re-think the way shortcodes are filtered, and to give plugin authors more control over those filters when registering their shortcodes.

    4.4 – Introduce New Syntax

    A new syntax and documentation of how it works will be created in the 4.4 development cycle. Support for the new syntax will be introduced, allowing plugins to register for extra features. Core shortcodes will use the new syntax in all new posts. The old syntax will not change. Old posts will not be affected. Initial work on the syntax concept follows.

    Proposed New Syntax

    Self-Closing:  [{{shortcode}}]
    Attributes:  [{{shortcode  attr1="value1"  attr2='value2'  "value3"  'value4'  value5}}]
    Enclosing:  [{{shortcode}$] HTML [${shortcode}}]
    Multiple Enclosures:  [{{shortcode}$] HTML [${encl2}$] HTML [${encl3}$] HTML [${shortcode}}]
    Escaped Code:  [!{{shortcode}}]
    Stripped Unregistered Code:  [{{randomthing}}]
    Stripped Unregistered Enclosure:  [{{randomthing}$]  Content also stripped.  [${randomthing}}]
    Stripped Empty Code:  [{{ }}]
    Ignored Orphan:  [{{shortcode}$]
    Ignored Orphan:  [${shortcode}}]
    Ignored Orphan:  [${encl2}$]
    Ignored Context:  [{{shortcode <br> }}]
    Ignored Context:  <a href="[{{shortcode}}]">

    4.5 – Deprecate Old Syntax

    Starting in 4.5, plugins that register shortcodes without declaring support for new features will raise debugging errors to alert developers that support for the old shortcode syntax is ending.

    Old posts will continue to work normally while the old syntax is deprecated.

    4.6 – Upgrade Old Posts

    Old posts will be automatically converted to the new shortcode syntax. The Shortcode API will continue to provide deprecated support for old syntax so that there is no disruption during the conversion process.

    The API should be adequately abstracted so that old plugins are not affected by this conversion. However, as the new syntax will not support HTML inside of shortcode attributes, there is no guarantee that every shortcode will work the same way in 4.6 as in earlier versions.

    4.7 – End of Support for Old Syntax

    Old shortcodes will stop working in 4.7. Plugins that still produce the old shortcode syntax will be ignored by the Shortcode API.

    The upgrade to 4.7 will include a second pass of the conversion of old posts so that any old syntax that was added to posts during 4.6 will still get converted.

    In 4.6 or 4.7, if necessary, a filter could be added to automatically convert any old syntax still being produced by old plugins when new posts are created.

    • Daniel Bachhuber 10:15 pm on September 2, 2015 Permalink | Log in to Reply

      Old posts will be automatically converted to the new shortcode syntax. The Shortcode API will continue to provide deprecated support for old syntax so that there is no disruption during the conversion process.

      What about shortcodes stored in other fields?

      • Muhammad 10:18 pm on September 2, 2015 Permalink | Log in to Reply

        Hopefully, we’ll have helper functions to convert those into new format.

      • Robert Chapin 10:38 pm on September 2, 2015 Permalink | Log in to Reply

        Unless there are alternative ideas, I think plugins that do things in non-core ways will be expected to follow the roadmap with their own upgrades. If there are certain fields that are very commonly used in plugins, we should consider doing a core conversion of those, but with much caution.

      • Robert Chapin 11:10 pm on September 2, 2015 Permalink | Log in to Reply

        One alternative would be to leave the old syntax parsers available for plugin filters, while removing them from default filters.

    • AmirHelzer 10:16 pm on September 2, 2015 Permalink | Log in to Reply

      Thanks for the advanced notice on this huge upcoming change. Aren’t you worried that this process will basically break 99% of all existing WordPress sites? Almost all sites use shortcodes in one way or another (like image captions). doing automated updates to CONTENT is certainly possible, but also prone to corner cases and errors.

      It’s great to have a new API. Is it critically important to deprecate the old one?

      Also, for authors, it’s a lot nicer to have a simple [ ] syntax rather than a more complex sequence of characters.

      • Robert Chapin 10:44 pm on September 2, 2015 Permalink | Log in to Reply

        I think the conversion process will be seamless for most sites. This will mainly depend on corner cases such as plugins embedding shortcodes inside of HTML attributes.

    • Nick Haskins 10:18 pm on September 2, 2015 Permalink | Log in to Reply

      The advanced notice is great, but IMO this is absolutely ridiculous. Are there any benchmarks on how much more efficient it is having users type in more characters for a shortcode? Any benchmarks with how much more efficient core will be from having this change made? This is a HUGE change that will affect a VERY large subset of users.

      • chriscct7 10:40 pm on September 2, 2015 Permalink | Log in to Reply

        This is partially about efficiency. This has a lot to do with security, and basically making 4.2.3 impossible as possible to re-occur

        • Nick Haskins 10:45 pm on September 2, 2015 Permalink | Log in to Reply

          I’d love to see benchmarks on the regex processing of the current implementation against the proposed implementation. Re: security; ATM I’m failing to see how [{{this}}] is more secure than [this]?

        • kevinwhoffman 1:13 am on September 4, 2015 Permalink | Log in to Reply

          If the proposal has positive effects on security, it should mention them. A brief summary or a link to the issues with 4.2.3 would help inform that discussion. As of now the only focus seems to be on theoretical improvements to efficiency while complicating the process of using shortcodes.

      • FolioVision 11:31 pm on September 2, 2015 Permalink | Log in to Reply

        This is an absolutely hideous proposal with dreadful syntax. Is the goal of this WordPress project of ours not to bring software to the people? Syntax like this will be the beginning of a new and much better simple CMS which doesn’t do things in the ugliest, most complicated way possible.

        Code better database upgrades, test them properly before releasing and please stop trying to ruin the software for the end users (those who actually use the software and pay all the bills for us to build it).

        • Travis Northcutt 3:54 pm on September 3, 2015 Permalink | Log in to Reply

          “Syntax like this will be the beginning of a new and much better simple CMS which doesn’t do things in the ugliest, most complicated way possible.”

          The sky is falling!

    • Scott Taylor 10:18 pm on September 2, 2015 Permalink | Log in to Reply

      Let’s all note the “Draft One” portion of the title, and let’s all actively give feedback and participate in any decisions on the table here.

      • Nick Haskins 10:21 pm on September 2, 2015 Permalink | Log in to Reply

        My main concern is that this isn’t easier for authors, and that this will affect a very large portion of users and active sites. If I’m understanding correctly, is this being proposed because it’s more efficient for core?

        • Scott Taylor 10:23 pm on September 2, 2015 Permalink | Log in to Reply

          I have the same concerns, and hate the syntax. I also know that the current situation with shortcodes and content-parsing is potentially unstable and unsustainable.

        • Justin Sternberg 10:33 pm on September 2, 2015 Permalink | Log in to Reply

          I’m in agreement here with the concerns. This will break a lot of things because the short code API has been around so long. There’s just no way to account for all the hacks, workarounds, etc, and doing a migration effort on a WP update sounds like a mighty scary prospect.

          • leehodson 10:37 pm on September 2, 2015 Permalink | Log in to Reply

            Should be able to use the existing shortcode parser to recognize old format shortcodes then make the necessary changes to update them. It recognizes shortcodes efficiently enough at the moment.

            Can imagine breakage but as long as the updater shows the changes site admins ought to be able to determine where hands-on intervention is required.

          • FolioVision 11:33 pm on September 2, 2015 Permalink | Log in to Reply

            It seems a make work project. Are there not some important areas where we could make some real progress like integrated multilingual and better native galleries/media management (NOT reliant on external Automattic services)?

            The upgrade process here and cross-version incompatibilities are more than scary.

          • galbaras 11:44 pm on September 2, 2015 Permalink | Log in to Reply

            Backward compatibility should take into account site-specific customizations, i.e. declaring shortcodes in functions.php of a (child) theme. Most site owners use a “build and forget” approach, or at least neglect their sites for long periods. If a new version contains no support for old-style shortcode declarations, sites will break all over the web.

        • Solinx 11:09 pm on September 2, 2015 Permalink | Log in to Reply

          Yes. How am I going to explain anyone that this syntax is an improvement?

          What specifically are the reasons for not using {{shortcode}} and {{shortcode}} {{/shortcode}}? Or [[shortcode]] and [[shortcode]] [[/shortcode]]?

          Other than that the improvements to the API sound good.

          • Robert Chapin 11:18 pm on September 2, 2015 Permalink | Log in to Reply

            Lone curly braces are easily confused with PHP and other C-style code snippets. The latter square brace example is incompatible with the old syntax and would cause migration problems.

    • Andrew Ozz 10:20 pm on September 2, 2015 Permalink | Log in to Reply

      Was just about to say that this is a proposal. Scott beat me to it (as usual) 🙂

    • Pippin Williamson 10:22 pm on September 2, 2015 Permalink | Log in to Reply

      I would assume the answer is “yes”, but have there been benchmarks done that compare the differences in various syntaxes?

      Why [{{shortcode}}] and not {{shortcode}}?

      Most of the proposed syntax seems sane (though still curious on question above), but this one concerns me:

      [{{shortcode}$] HTML [${shortcode}}]

      For most users, that will be exceptionally unintuitive and we will almost certainly see a high error rate with users not being sure where and when a $ is used.

      • Nick Haskins 10:26 pm on September 2, 2015 Permalink | Log in to Reply

        Pippin I have to agree. If we absolutely have to move, how about something as simple as [{this}] HTML [${this}] . it’s easier to digest, and easier to remember that a $ ends a closing statement.

      • webaware 11:19 pm on September 2, 2015 Permalink | Log in to Reply

        The whole proposal sounds pretty horrible to me, but this suggestion by Pippin sounds moderately less ridiculous.

        Re: {{…}}, I would assume that’s because they are already used heavily in non-WP templating, especially JS templating.

        Essentially, this “fix” is coming rather too late in the piece and I think it’ll break more things than it solves. As a plugin writer heavily dependent on shortcodes, I can only see a greater number of support requests from broken shortcodes in my future if this goes ahead.

        Only Shortcake can save us now! 🙂

        • idealien 2:33 am on September 3, 2015 Permalink | Log in to Reply

          “Only Shortcake can save us now!”

          Seriously! If Shortcake were to be brought into core along with this (draft) proposed change – it would go a LONG way to mitigating the concerns many have raised around complexity.

          Without Shortcake:
          “Look – we took this feature you love and made it harder to use….But it’s safer / faster / better”

          With Shortcake:
          “Look – we made is hella-easy to use shortcodes without having to remember syntax type things. Oh, and that syntax is also getting harder b/c it needs to be safer / faster / better.”

          Car metaphor time… With Shortcake: You’re getting automatic transmission and manual is just a little bit harder to use. Without Shortcake: Manual transmission is now harder to use.

          Shortcake FTW!

      • Robert Chapin 11:33 pm on September 2, 2015 Permalink | Log in to Reply

        If we could get this to work…

        [{{shortcode}} HTML {{shortcode}}]

        Is that better? Or still confusing?

      • Mario Peshev 4:16 pm on September 3, 2015 Permalink | Log in to Reply

        I do agree with Pippin’s example with the dollar signs. Seems incredibly easy to mess up by users. I also noticed another syntax including an exclamation sign, which adds an additional layer of complexity for each and every user.

        +1 on the benchmark question. Given the several different supported syntax proposals, I’m curious to see the regex that is parsing those in a sensible and timely manner.

    • AmirHelzer 10:23 pm on September 2, 2015 Permalink | Log in to Reply

      Also, we deal a lot with shortcodes in Toolset plugins. I can’t see any evidence of any user confusing the [ ] characters for anything else than shortcodes.

      Please, besides the code changes, please also consider the huge amount of documentation update that such a change will require.

      Run a quick Google search for “WordPress shortcodes”. A few pages come from wordpress.org, but the majority are old pages, blog posts and tutorials. Nobody is ever going to update them.

      So, after making such a change, people will see two sets of documentation – with new syntax and with old syntax. You know that Google favours ‘old’ content, so the old tutorials that are never going to update will still explain to use [ ]. I don’t think that this will work out well.

      • chriscct7 10:34 pm on September 2, 2015 Permalink | Log in to Reply

        The team working on this is committed to the documentation updates that are necessary.

        • Pippin Williamson 10:35 pm on September 2, 2015 Permalink | Log in to Reply

          Core documentation isn’t an issue. It’s every plugin / theme developer in the world that also has to update their documentation.

          I don’t disagree with updating docs, just making it clear that’s the issue @AmirHelzer is raising.

          Also have to keep in mind the thousands (millions?) of blog posts and tutorials out there.

          • AmirHelzer 10:49 pm on September 2, 2015 Permalink | Log in to Reply

            Exactly. I’m sure that the core team would be quick to update documentation on wordpress.org. I’m talking about the many pages on other people’s sites that will likely never be updated.

    • Scott Fennell 10:25 pm on September 2, 2015 Permalink | Log in to Reply

      Thanks for your work on this!

      I’m trying to understand what I would need to do in order to prevent about 1,200 live blogs from breaking when this syntax is no longer supported:

      [my_shortcode before='<div class="my_class">' after='</div>']

      Andrew offered a helpful suggestion here:


      If I understand his suggestion correctly, I’d be on the hook to do a search and replace in the database, which will be quite scary and expensive for my company. We have literally thousands of posts on thousands of blogs.

      Please, let’s find a way to move forward with this that leaves the old format unscathed.

      • Scott Fennell 10:28 pm on September 2, 2015 Permalink | Log in to Reply

        Sorry, meant to provide the following code.


        Is there a reference somewhere for the comment syntax so I can stop posting gibberish?

      • Robert Chapin 11:49 pm on September 2, 2015 Permalink | Log in to Reply

        If the situation doesn’t support

        [{{my_shortcode class="my_class"}}]

        Then the alternative proposed in the roadmap is

        [{{my_shortcode}$] Optional Content [${before}$]<div class="my_class">[${after}$]</div>[${my_shortcode}}]

        We will also likely encode any HTML in attributes during a migration, so you would have the option of decoding that in your plugin.. security implications could be significant though.

        • Scott Fennell 4:10 pm on September 3, 2015 Permalink | Log in to Reply

          “We will also likely encode any HTML in attributes during a migration”

          Can you explain what you mean by migration, exactly? My imagination is running wild a bit with what you might mean by that. Do you mean to propose that, upon this update, the new version of WordPress will automatically fix my post_content across many gigabytes of posts, without me having to do anything to the posts?

          • Aaron D. Campbell 4:29 pm on September 3, 2015 Permalink | Log in to Reply

            That’s definitely the goal. Basically using the existing parser to pull shortcodes and replace them with the new syntax.

            • Scott Fennell 7:43 pm on September 3, 2015 Permalink

              Sorry for sounding clueless here but that would be … amazing. Is there a precedent for this level of work in a similar update? I’m having trouble imagining how this would be possible given a very large database like mine. Would it run as a cron job perhaps?

    • leehodson 10:30 pm on September 2, 2015 Permalink | Log in to Reply

      The new syntax is very confusing to the eye. Users would find it complicated. I feel we could make it less confusing by using back-to-back opening and closing brackets.

      For example

      Self Closing:



      []shortcode[] Content [/]shortcode[]

      Note the forward slash between the brackets of the closing tag on the enclosing shortcode.

      Is there a reason this wouldn’t work?

    • Peter Wilson 10:51 pm on September 2, 2015 Permalink | Log in to Reply

      I’d be happier with {{selfclosing}} and {{enclosing}} {{/enclosing}} or similar. Mixing the formats seems fraught.

      Upgrading old content is a necessary evil, backward compatibility on the deprecated format defeats the purpose somewhat. Seeing some benchmarking results would be great.

      As theme and plugin developers, we have been caught out by an ill-defined API and security problems in the past, a long term roadmap makes the best of a bad situation. I’d rather a two year defined process than a repeat of 4.3.2

      • webaware 12:46 am on September 3, 2015 Permalink | Log in to Reply

        [ignoring the double-moustache issue here…] but what signifies that the self-closing shortcode is self-closing? The problem is not merely one of mixed use, it’s the calling syntax that the regex needs to accommodate.

        • Peter Wilson 1:38 am on September 3, 2015 Permalink | Log in to Reply

          Okay, understood – that makes sense.

          {{selfclosing /}} and {{enclosing}} {{/enclosing}}, perhaps. That makes sense to me as a developer, so may be bad for a user.

          Could be double moustache, square, anything. Looking for the balance between performance and teaching.

        • Curtiss Grymala 3:44 pm on September 3, 2015 Permalink | Log in to Reply

          In HTML, what signifies that a self-closing tag is self-closing? Hint: it’s not the / at the end; that’s totally optional; in fact, even the closing HTML tag is optional in a lot of cases.

          For instance:

          <img src="/my-image.png" alt="">


          (a complete HTML page that is 100% valid HTML)

          are both perfectly valid HTML code samples, even if they do make those of us accustomed to XHTML syntax cringe.

          In a perfect world, there would be some way to indicate when registering the shortcode itself whether or not it’s supposed to be self-closing, but that’s not always possible (I believe there are plenty of use-cases where a single shortcode works one way when it’s self-closing, and works a slightly different way when it’s wrapped around content).

          That said, I would definitely support the idea of at least trying to indicate that in the shortcode registration (for instance, if my shortcode is only ever written to be a self-closing shortcode, let me indicate that when I register it; if it’s only ever intended to wrap around content, let me indicate that when using add_shortcode()).

          • webaware 11:09 am on September 4, 2015 Permalink | Log in to Reply

            Yes, and a parser for HTML is a pretty complex piece of code, much more significant than a handful of regular expressions. Ultimately, a true parser might be needed if we want to keep shortcodes the way they are. But perhaps that discussion is better held on the new post

    • Scott Fennell 10:52 pm on September 2, 2015 Permalink | Log in to Reply

      Othe use case for shortcodes I’m hoping you don’t break: Shortcodes in widget titles and widget text fields. This has been a gloriously simple and helpful solution for our agency, and many others I’d suspect.

      • williampatton 12:36 am on September 3, 2015 Permalink | Log in to Reply

        Shortcodes can be parsed anywhere by passing it through `do_shortcode()` which is what I expect your themes are doing to make use of them in widget titles and content.

        Your use case should be just fine so long as the shortcodes used obey the newer syntax 🙂

    • KalenJohnson 11:10 pm on September 2, 2015 Permalink | Log in to Reply

      I’m most likely horribly biased since I’ve started the discussion about [https://core.trac.wordpress.org/ticket/33472 templating engines], but aren’t those shortcodes looking an awful lot like templating engine syntax?

      I’m mostly confused as to why users apparently would be able to remember all those different syntax’s, yet theme and plugin developers wouldn’t, or rather don’t have built in functionality to.

      Also, I also feel rather strongly that there are MANY options now that are much preferable to shortcodes. Things like ACF, Pods, etc. They are not built in to WP core like shortcodes, but really, shouldn’t we focus on getting the Fields API set up correctly rather than continuing to pursue having complicated layouts in one single WYSIWYG editor (not so much WYSIWYG when it’s littered with shortcodes).

      • Jonathandejong 5:52 am on September 3, 2015 Permalink | Log in to Reply

        I’m with this guy ^ Complicated layouts in a single WYSIWYG field just feels wrong. Altho I recognize there’s a lot more to it than just the editor (do_shortcode(), widget fields etc.).

    • Aristeides Stathopoulos 11:33 pm on September 2, 2015 Permalink | Log in to Reply

      I love it!
      It was about time we use something more unique for shortcodes…

    • nick6352683 11:51 pm on September 2, 2015 Permalink | Log in to Reply

      Priorities core developers, priorities. With so many things to still fix and add to the core, you are going to spend time and energy on this, and for the lamest excuse for doing so? Who uses square brackets for quotations? Way to break millions of web sites, for nothing!

      • webaware 12:48 am on September 3, 2015 Permalink | Log in to Reply

        [I hate to pop your bubble but] many people use brackets for essentially parenthetical in-sentence comments. 🙂

    • Jon Brown 11:53 pm on September 2, 2015 Permalink | Log in to Reply

      Shortcode API, yay! This is an exciting proposal, but I’ve got to echo others that the proposed syntax looks like a disaster. I get it, but I can’t imagine users will. I get avoiding the sane syntax of handlebars, angular, C, etc… but do we really have to be _that_ different. I really hope there is a better way.

      On core updating old shortcodes. I’m sorry but no, just no. Don’t you dare go changing _my content_ on a WP update. Worse still is only planning on updating post_content and ignoring all the other places shortcodes show up. Custom Fields for one, but also in PHP files.

      I’d humbly suggest two significant change to this proposal (beyond finding better syntax).
      1. Don’t plan on actually dropping support for the old shortcodes. Do show deprecated notices, just don’t stop supporting the old syntax until WP 6.0. Of all the deprecated cruft I’d love to see dropped, this will never be one of them.
      2. Build a separate utility/plugin a la the WordPress XML importer that can update old shortcodes in a user controlled fashion. Bonus if it actually scans PHP files and identifies shortcodes there. This could then either bulk update, or step through shortcodes one by one for the super paranoid.

      Summary: Simpler Syntax, No real deprecation, Separate plugin for converting old shortcodes.

    • Alex Mills (Viper007Bond) 11:56 pm on September 2, 2015 Permalink | Log in to Reply

      Going to be… interesting migrating SyntaxHighlighter over to this. Maybe this is the motivation I need to finally finish my rewrite from scratch.

    • Peter Chester 12:44 am on September 3, 2015 Permalink | Log in to Reply

      I love clarity. I love easily parseable content. However, this seems like it’s destined to cause WordPress sites around the world to break. I’m sure we’ll see heaps of bare old shortcodes from this change.

      I’m not sure I understand why it’s a problem to check that a shortcode is actually a shortcode before trying to convert it. Why are we doing this?

      Also, I have a hard time teaching people the existing simple shortcode. I expect the error rate will be quite high for people with a more complicated new format.

      > Our old [ and ] delimiters were easily confused with the way those characters are commonly used in English quotations and sometimes even in URLs.

      What are some examples? I haven’t run into this at all in all my years of working with WordPress.

      • webaware 12:59 am on September 3, 2015 Permalink | Log in to Reply

        Very common to have brackets in quotes, to fill in implied references, like this:

        “I won’t be rushing out to get my daughters vaccinated [for cervical cancer], maybe that’s because I’m a cruel, callow, callous, heartless bastard but, look, I won’t be.” Tony Abbott, November 9th, 2006

        Also for excerpted quotes, like this:

        […] We shall go on to the end, we shall fight in France, we shall fight on the seas and oceans, we shall fight with growing confidence and growing strength in the air, we shall defend our Island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender [… continued]

        For URLs, consider that PHP only handles query parameters as arrays when the parameter name has [] or [key], and some URLs pass such parameters.

    • Greg Ross 12:47 am on September 3, 2015 Permalink | Log in to Reply

      I agree with many of the above comments about the syntax, it’s cumbersome and confusing.

      HTML seems to get by just fine with a single character for it’s delimiters and I see no reason a shortcode can’t as well. Perhaps square brackets are too common, fine let’s change to something else (curly brackets seem reasonable).

      And don’t reinvent the wheel, HTML already has a standard for self-closing and encapsulated tags ( and ) use the same format for shortcodes ( {shortcode /} and {shortcode} {/shortcode}).

      This would also allow both shortcode API’s to run side by side as plugin authors and content creators updated to the new format. Perhaps even make the new syntax a feature plugin for the next few releases until it is merged in to core and then move the old API out to a plugin for several more releases.

      The timeline seems far to aggressive, shortcodes were added way back in WP2.5 and how you want to yank out the old format in just three point releases? The amount of code and content that will require updating is significant.

      My final thought is about the assertion in the proposal that shortcodes *should* only do certain things (like not pass in html as attributes). Keep shortcodes flexible, don’t artificially limit them to certain things. While it may take more to support that flexibility, it would seem to have paid off greatly in the past looking at all the things people have done with them.

      • Ben Huson 4:11 pm on September 3, 2015 Permalink | Log in to Reply

        Completely agree on not re-inventing the wheel for self-closing and encapsulated tags. Stick with the same convention as HTML using the trailing/leading slash within the syntax.

    • Justin Tadlock 1:00 am on September 3, 2015 Permalink | Log in to Reply

      On syntax:

      Users know shortcodes. WP wasn’t the first system to have them. Anyone remember the old BBCodes?

      Open bracket. Type short tag. Close bracket. Simple. Intuitive. Hard to break if you’re not doing anything crazy. Let’s make sure this simplicity is at the core of any discussion on the topic.

      I’d pretty much put the [{{shortcode}}] syntax into the non-starter category. I could get behind {{shortcode}} if we must change syntax, but mixing and matching brackets is destined to fail.

      On updating:

      One thing to watch out for when auto-updating old shortcode syntax in the post content is those of us who output code examples, especially those of us who write in Markdown and don’t need to convert our [ and ].

    • Maxime Jobin 1:04 am on September 3, 2015 Permalink | Log in to Reply

      My main problem is understanding what real problem does it solve ?

      The proposed syntax is really confusing. Isn’t there a way to simply “improve” the actual syntax instead of changing it like this ?

      Also, wouldn’t it a good idea to abstract the concept in the editor. That would mean displaying a visual representation of the shortcode. I would see that as Facebook highlights someone you tag in a status/comment.

      But, that would mean “forcing” developers to specify expected/accepted attributes.

      Aren’t we ready for something more powerful than writing shortcodes ? For devs, it’s perfect. But for non-tech, it’s hard to understand and use. Changing that would mean a lot of confusion.

    • Justin Busa 1:07 am on September 3, 2015 Permalink | Log in to Reply

      If custom fields aren’t going to be migrated to the new syntax, then it would be nice if there was some sort of filter that would allow plugin developers to migrate fields themselves.

      Also, in terms of sites breaking, it would be nice if there was some sort of constant that would enable the old API. Reason being, lets say a site has shortcodes defined in the theme or is using do_shortcode in theme files. Enabling the old API would instantly fix the site while allowing the developer time to update the theme’s code.

    • Ipstenu (Mika Epstein) 1:18 am on September 3, 2015 Permalink | Log in to Reply

      My major concerns have been raised already but I’ll stress if from a different angle.

      If we learned anything from the shortcode change to secure them, we cannot keep breaking users sites. I know that we’re talking about a long term plan to possibly remove shortcodes as we know them by 4.7, but even with all the notification in the world, we will break sites.

      We have 3 releases of WP a year. 4.7 is 18 months away at the outside. That’s a lot of information to get out there really fast and really clearly, AND a lot of code to fix.

      We have to consider:

      • All the plugins and themes on the planet we will break (because we will, they won’t read or test). We have to degrade them as gracefully as humanly possibly. Continuing to say “Well the developers were notified and should have updated” now that we’re as big as we are is not sustainable.
      • All the very (legitimately) angry end users who are broken because they didn’t upgrade plugins and themes (or the themes/plugins didn’t get updated). People were rightly angry last time. It’s the end users, not the developers, who will be hardest hit by this change.
      • Communicating clearly to the users that it’s now {{gallery}}. That’s going to be very hard. Incredibly hard. Updating their old posts (keeping in mind Justin’s Markdown caveat and those who use them as an aside – I know I know) is easier than making sure everyone knows what to do. At best we can keep tabs on the ones built into WP and perhaps use the logic we have in the visual editor NOW to convert them, but we have to figure out how to make sure everyone knows. This is nothing like the move of Menus to customizer. That was confusing, but the users could see what happened. This is a legit change, your old way is no longer going to work. That is huge.
      • The number of users who have premium themes and plugins that do not get update alerts. These people are simply not going to know they need to update and this is not their fault. We should never be breaking them if there’s possibly any alternative.
      • Users will be upgraded by their hosts vis-a-vis one-click installs and managed hosting so they will have up to date WP and out of date plugins/themes. So yes, many users will be on 4.7 and then a theme from 2014. It sucks, it’s the reality, we know it’s the reality, we cannot stick our heads in the sand.
      • Plugins that are already using {{template}} tags in their code. Yeah, I’ve seen it. Most of them use it for search/replace within their own code, but we’ll want to make sure we check for everyone in the repo who might be doing it on their own.
      • Gabe Shackle 1:55 am on September 3, 2015 Permalink | Log in to Reply

        This sums up my feelings perfectly: “we cannot keep breaking users sites”

        Ending support for the current style of shortcode syntax within 18 months will absolutely break sites and frustrate end-users, site owners, and developers in a huge way.

        The best way to make developers stop using a platform is to force them to repeatedly have to retrain their clients and refactor their code.

    • Jean-Francois Arseneault 1:19 am on September 3, 2015 Permalink | Log in to Reply

      Clients, you know, the small business owers, who we train to use their site, and the 3-5 shortcodes they might need, already have a hard time understanding these “square brackets”.

      The draft I read seems to me like the start of “pleasing the machine, and not the human”

    • Luke Carbis 1:20 am on September 3, 2015 Permalink | Log in to Reply

      I’m concerned about client-brain-backward-compatibility. Any changes to the shortcode syntax should still work with my clients brain.

      For example, I provide my client with a site, and teach them to use [button] to insert a button. We finish our contract, and I am no longer in touch with them.

      First the client updates WordPress to 4.4. Nothing changes. Then 4.5. They’re in a production environment, so they don’t see the warnings. Then 4.6. They don’t happen review old posts / pages, but if they do, they don’t realise that their shortcodes have changed.

      Then the client updates to WordPress 4.7, but unlike me, they don’t read the Make WordPress Core blog. They don’t know about the changes. They don’t know that what they’ve learned has become deprecated and now unsupported.

      The client publishes a new page, and they put the button in the way they’ve been taught, which has always worked. But now, it doesn’t work. It’s broken. They call me.

      The client is now angry because a WordPress update cost them money, and confused because the new syntax is much harder to understand.

      I recognise that there are always changes to WordPress, and that the nature of incremental releases is that a user must learn to deal with change. But as far as I know, these changes have always been easy enough for a reasonable user to intuitively navigate. i.e. changes to the menu design, or updates to the nav menu UI.

      I have three questions:

      1. Has there ever been a change to WordPress which could not be intuitively learned by a reasonable user?

      2. Is it okay to introduce unintuitive changes to WordPress?

      3. How can we make this change intuitive to a reasonable user?

      • Luke Carbis 1:29 am on September 3, 2015 Permalink | Log in to Reply

        Here’s a suggestion to answer my third question.

        • When the user enters a shortcode (with either the [simple] or the [{{new}}] format), check if the shortcode exists.
        • If it does, replace the text shortcode with a GUI placeholder element
        • Also, behind the scenes (i.e. in the HTML editor), replace the [simple] shortcode with the [{{new}}] format

        The user experience doesn’t get worse – it gets better. My client enters a shortcode as they always have. They see a visual indicator to show that it was recognised and accepted. Behind the scenes, the new format is saved.

        • Weston Ruter 5:52 am on September 3, 2015 Permalink | Log in to Reply

          Yeah, if this new syntax goes in then GUI placeholders (TinyMCE views) are going to have to be the answer, which also seems like Shortcake.

    • webaware 1:30 am on September 3, 2015 Permalink | Log in to Reply

      Upon some further thought, I think that really there are two problems that are presented:

      1. brackets are already commonly used elsewhere, e.g. quotations, URLs with array parameters

      I see this as being a problem only when developers register shortcodes for real words. Using a sensible prefix for shortcodes prevents this. Unfortunately, there’s been a push for shortcode portability which directly undermines that, e.g. by recommending shortcodes like [product …] for products. [and of course, that prevents combining plugins with similar intent on the same site, but whatever…]

      Has it actually been a problem thus far? I imagine that anyone writing “blah-de-blah [product name] de-blah” will quickly discover that they should use parentheses instead if they don’t want to trigger the shop plugin they’ve installed. Content editors learn. They already have stuff they need to learn, and this is a very simple one that they learn pretty damned quickly anyhow.

      Is it necessary to strip “unregistered shortcodes” when we can just assume that they are part of normal sentence structure? So some websites will display the odd shortcode when its code [e.g. plugin] isn’t active; so what?

      2. self-closing shortcodes don’t look like they are self-closing until they don’t have a closing shortcode

      … which is easily resolved by demanding that they close with /] similarly to XML and HTML.

      To me, this is THE performance problem, and it is easily resolved by not allowing self-closing shortcodes without a terminating /].

      Now, bear in mind also that cleaning up old code might require changing content in:

      • wp_posts.post_content
      • wp_posts.post_excerpt (some plugins / themes use it for rich text)
      • wp_postmeta.meta_value
      • wp_usermeta.meta_value
      • custom tables
      • code (e.g. directly calling `do_shortcode(‘[product …]’);`

      And it has to take into account all sorts of edge cases.

      There’s only so much auto-upgrading that can be achieved. The changes proposed WILL BREAK WEBSITES. Even simply requiring self-closing shortcodes to have /] WILL BREAK WEBSITES. All I can see coming from this proposal is pain. “There will be a great gnashing of teeth” etc. 🙁

    • Jean-Francois Arseneault 1:47 am on September 3, 2015 Permalink | Log in to Reply

      Pardon the pink-colored glasses for a second, but why does it seem that our only choice moving forward, to improve the state of shortcodes, is to change *how* shortcodes work, and not *if* there isn’t a better / newer way to accomplish the goal of inserting content into a page ?

      In the spirit of seing the forest from the trees, why are we still trying to desperately manage mixed-source content using text-based shortcodes ?

      Why are we still using a paradigm where the main content area (if talking about posts) is still an area where we can add content, but also perform layout decisions *within* the content? Where’s the separation of concerns in this way of doing things?

      I think Page Builders are the start of a better solution for managing all these different contents within a page, but perhaps forcing plugin authors to expose their functionality into native widgets and ‘page builder elements’, vs letting them add shortcodes anywhere to render content might be an approach that is easier to grasp, from a UI perspective, for *end-users*.

      Sure, developers, integrators… we can handle everything you throw at us, but in the end, the sites are built for end users, for real-life applications and business purposes. End users are the ones that matter.

      Simplicity always wins.

      • Peter Wilson 2:19 am on September 3, 2015 Permalink | Log in to Reply

        The Shortcake feature plugin covers providing a UI for shortcodes.

      • Chris Van Patten 2:30 am on September 3, 2015 Permalink | Log in to Reply

        Although I’m generally in favour of this proposal, I think this merits some consideration too. Is there potentially a way to eliminate shortcodes — as in a manually entered bit of pseudo-tag-like code — altogether? I think Shortcake is an interesting approach, but it still depends on the shortcode API in the backend. What if shortcodes were deprecated, and replaced with an entirely new concept for inserting dynamic “chunks” of content that doesn’t fall back on parsing through plaintext?

        Replacing shortcodes is probably a much-longer term play, but it does mean that instead of patching the old they can be replaced with something newer, more flexible, and more in tune with the direction core has been moving already.

      • John Teague 1:53 pm on September 4, 2015 Permalink | Log in to Reply

        I totally agree. We need to be thinking of an intuitive replacement for shortcodes altogether. That provides incentives for developers and users to make the change.

        I really appreciate the hard work by @Robert Chapman and others putting a lot of effort into solving the increasingly unsustainable shortcode system. Sadly, I think the proposal in its current form, will confuse already error prone users, and likely break a lot of sites.

    • Chris Van Patten 2:36 am on September 3, 2015 Permalink | Log in to Reply

      As a supplement to my other comment (which was a nested reply), I’m generally in favour of this proposal. I think there’s merit in discussing completely new alternatives to shortcodes, but that’s a semi-separate issue.

      Like many others, I’m not sold on the suggested syntax, but it’s obviously still early days.

      One other thought: why not make escaped code the default, and make unescaped the exception with its own special syntax? Are there backcompat reasons that wouldn’t work? Seems like (potentially) an easy win for security.

    • Andrew Nacin 3:03 am on September 3, 2015 Permalink | Log in to Reply

      Thanks for your feedback, everyone. Developers, truly, honestly, really: Thank you for paying attention. I often feel that requests for comments usually fall on deaf ears, and I know I am not the only committer who feels that way. This has been one of the most substantial and productive threads on make/core I’ve seen, and it’s encouraging to see.

      Here are some thoughts on the proposal:

      • This was clearly labeled a “draft”. I am glad many of you noticed that this was not a decree, but a call for feedback. (And thank you again for obliging.)
      • The vision of shortcodes should be something like “it should be easy and intuitive for non-technical authors to embed and enrich their posts” (I have cribbed this from @matt).
      • This vision does not actually mean that shortcodes are the solution. I actually have a strong dislike for shortcodes. I think they are a terrible user experience, and that even something like Shortcake is still only a marginal improvement.
      • Some changes to shortcode parsing is absolutely necessary in order to keep WordPress secure. Yes, this is about security, not just general sanity.
      • The proposed syntax significantly clashes with the proposed vision. And given all of your feedback, we’re clearly going to have to go back to the drawing board. Please note that we still need to do something, but maybe we can think further outside the box.
      • And for goodness sake, PLEASE STOP RELYING ON HTML IN SHORTCODE ATTRIBUTES. This also does not align with the outlined vision, either, and it’s what largely precipitates proposals like these.
      • Thank you @miqrogroove for your incredibly hard work on this. Honestly, folks, many of you simply cannot see how much work Robert has poured into shortcodes over the last year, as it takes place in private security discussions. He’s been a tremendous asset to the project.

      I’m looking forward to future make/core threads getting this much high quality feedback. Now if only it can also carry over to more Trac tickets. 😀

      • Solinx 9:21 am on September 3, 2015 Permalink | Log in to Reply


        “I’m looking forward to future make/core threads getting this much high quality feedback. Now if only it can also carry over to more Trac tickets.”

        I think this could be helped by making Trac more accessible and by providing a better overview of what is currently going on.

        1. Trac
        When I first heard of Trac I had to get there through google. The “Get Involved” page didn’t help at all. Why not add a link to both the tickets dashboard and the ‘next release’ tickets list at https://make.wordpress.org?

        And why not link to related tickets, github repo’s, slack groups, etc. at the bottom of these blog posts? That makes it a whole lot easier to get to the right places to get involved.

        2. Progress overview
        It is difficult to keep track of all that is going on. The blogs provide updates, but not an overview. Perhaps you could introduce something such as: http://dev.modern.ie/platform/status/adownloadattribute/

        Also here you could link to the related tickets, github, etc.

      • Nick Haskins 12:11 pm on September 3, 2015 Permalink | Log in to Reply

        “Now if only it can also carry over to more Trac tickets.”

        The problem with Trac, for me at least, is that it’s not part of my daily workflow. I’m a bit intimidated by Trac, not to mention making patches. I take part in conversations on Github all day, because that’s how we manage code and issues for my job. I suspect that if these conversations were on Github, with PR’s being allowed there would be a lot more participation. After all, I don’t know any developers outside of WordPress who use SVN in their workflow.

        • NateWr 2:08 pm on September 3, 2015 Permalink | Log in to Reply

          Thanks for outlining this response @nacin. I’d second thinking outside the box. I suspect a lot of the problematic uses of shortcodes stem from people trying to plug gaps in other kinds of functionality (layout, class assignment, conditionals). Maybe solving some of those problems would take a bit of heat off of shortcodes, and make them a smaller attack vector. Or maybe not. Can’t say I really understand the security implications of shortcodes.

        • John Teague 2:33 pm on September 3, 2015 Permalink | Log in to Reply

          Totally agree with you on this Nick. Think how moving to Git would invite solid developers to submit great fixes and features? It’s not that a lot of us can’t use Trac/SVN. It’s just who the hell wants to.

          • Helen Hou-Sandi 4:06 pm on September 3, 2015 Permalink | Log in to Reply

            I imagine that a lot of the workflow folks think of centers around GitHub and pull requests as opposed to Git itself, but just a note that there is a proper Git mirror that many people patch against, including a number of committers. https://make.wordpress.org/core/2014/01/15/git-mirrors-for-wordpress/

            • KalenJohnson 4:49 pm on September 3, 2015 Permalink

              Yes that’s very true, it is Github itself which has become such a boon for developers to be able to quickly and easily find issues, discuss them, and create pull requests. Trac seems very antiquated by comparison, and submitting patch files is not something the rest of the open source web development world does that I’ve seen.

              I can understand how large the move to Github would be for WP, but don’t underestimate that it could really remove WP from the silo it’s in and open up to better quality issues, more issue discussion (as Nacin is looking for), and possibly more patches as people are much more familiar and willing to make pull requests.

            • J.D. Grimes 6:15 pm on September 3, 2015 Permalink

              Yes, the workflow on Trac is needlessly complex. I’d +1 moving to GitHub, or something where we can have PRs instead of patches.

            • John Teague 1:58 pm on September 4, 2015 Permalink

              My bad. I meant github.

      • dlouwe 1:07 am on September 4, 2015 Permalink | Log in to Reply

        “This vision does not actually mean that shortcodes are the solution. I actually have a strong dislike for shortcodes. I think they are a terrible user experience, and that even something like Shortcake is still only a marginal improvement.”

        Very much this. Users shouldn’t have to learn syntax to make use of shortcode-like functionality. They can already use the Visual editor to insert and manipulate HTML without ever knowing what HTML is, and that should be a clear goal for whatever shortcodes end up being in the future. It doesn’t much matter what the new syntax looks like if the only people who are going to be editing it directly are people who have business doing so. As a developer, I don’t mind jumping through some extra hoops to make sure my users have an easy and intuitive experience!

      • raamdev 3:23 am on September 4, 2015 Permalink | Log in to Reply

        > The vision of shortcodes should be something like “it should be easy and intuitive for non-technical authors to embed and enrich their posts”

        I agree. That makes this a good time to redesign shortcodes from scratch, to rethink how we would create something that provides the same flexibility and power of the existing Shortcode API while also more accurately fulfilling the goal of being something that is “easy and intuitive for non-technical authors to embed and enrich their posts”.

        The ideas that came to mind while reading your comment were: Do shortcodes need to be something that is entirely configurable from within the post editor? What if they were instead something that pointed to a configuration, a configuration stored in the database that allowed a plugin or theme to determine what should be returned? (I’m thinking something like `[{{shortcode id=”plugin_slug_123″}}]`, i.e., something like a shortcode with a single attribute.)

        Then a new API could provide plugin and theme developers with a way of building a UI that would allow users to configure ‘shortcodes’ (the configuration being stored in the database, e.g., as `plugin_slug_123`), similar to the way the Plugin API allows plugins to register meta boxes for post types.

        My feeling is that creating something that is both easy and intuitive for non-technical users will require getting rid of syntax as much as possible and replacing that with a UI.

        Building a whole new feature to replace the Shortcode API would also make it easier to transition away from the current Shortcode API: Eventually WordPress Core could disable the old Shortcode API by default (allowing site owners to re-enable it, perhaps using an MU Plugin, with the knowledge that it’s no longer recommended) while plugin and theme developers could update their code to support the new feature (their motivation to do so will be that future versions of WordPress won’t have the old Shortcode API enabled).

    • markkaplun 5:48 am on September 3, 2015 Permalink | Log in to Reply

      [might not be needed after so many comments but…] I want to also voice my opinion against the proposed. I can see how software developer *might* be happy with this kind of syntax but this is very far from freely written text. The need to balance the number of braces is a no go, it is just too easy for my cat to erase one of them and making me waste an hour trying to figure out what is wrong because it will not look obvious. I actually don’t feel too strongly about the syntax of the complex variants, as they require some kind of programming state of mind, but the self closing one should be extremely simple.
      In addition, The use of the $ sign for anything in this context is ridiculous. In free written text it indicates some reference to money or value and the reason it used in regexp is because it is used in free text but rarely in programming.

      1. Whatever is the final syntax, syntax highlighting for shortcodes should be part of both the tinymce and the “text” editors. This will make it easier to identify shortcode and find broken ones.

      2. Since this will be such a big chagne, might as well fix [the lack of] permission checks. On a multi author site everyone can use all shortcodes. There is no reason why a contributor should be able to insert a contact form via a short code. Sure the editor is supposed to review and remove it, but there is no point in giving the ability in the first place.

    • umchal 6:21 am on September 3, 2015 Permalink | Log in to Reply

      The biggest problem of shortcodes from my view is that they remain in the posts even after the plugin which uses the shortcode gets uninstalled.

      I suggest using the HTML comment syntax.

      • HTML

      This way, users do not have to concern about removing them form the post. I suggested this a while back (https://wordpress.org/ideas/topic/commentcode-alternative-to-shortcode).

    • Florian Girardey 7:04 am on September 3, 2015 Permalink | Log in to Reply

      How can you possibly want to break a lot of websites with 4.7 with end of support of the current shortcode syntax and absolutely rejecting the idea of using a recent version of PHP…

      I like the idea of improvement and this roadmap is a good idea but i don’t understand the logic behind the WordPress team right now.

      • BrashRebel 12:43 pm on September 3, 2015 Permalink | Log in to Reply

        If you want to understand, read the whole discussion. In particular @nacin‘s comment https://make.wordpress.org/core/2015/09/02/shortcode-roadmap-draft-one/#comment-27484

        • Florian Girardey 5:51 pm on September 3, 2015 Permalink | Log in to Reply

          I understand why this roadmap is necessary and i absolutely agree.

          But the arguments advanced for such a changement are closely the same that a PHP version update, i don’t understand how the WordPress team can accept this roadmap but also refuse a PHP version update. That’s all

          • Ipstenu (Mika Epstein) 7:18 pm on September 3, 2015 Permalink | Log in to Reply

            While I understand the comparison, it’s a logical fallacy.

            A minimum requirement is just that. A minimum. WP’s minimum is PHP 5.2.4 and MySQL 5.0.15. We still say mod_rewrite is optional. Supporting older versions doesn’t make the codebase insecure in and of itself, and there is no external dependency update that can fix the current security issues with shortcodes.

            The point of this post is to ensure, when we do fix shortcodes, we do it in as graceful and as minimally intrusive a way as humanly possible. To not repeat the shortcode sins of the past. Your concern, while well meaning and valid, has a marked tendency to detract from that.

    • Cristian Antohe 7:10 am on September 3, 2015 Permalink | Log in to Reply

      We’re using Mustache template tags in both our plugins and I can tell you {{tag}} is in no way simpler then [tag]. Once you start adding {{!tag}} or {{^tag}} HTML {{/tag}} things start to go wrong fast. Users simply have a hard time understanding how that works.

      Start to mix up template brakes like [{{tag}}] and that’s just stupid. It’s un-intuitive and will give a lot of headaches to ALL plugin developers who also actively support their plugins.

      • Cristian Antohe 7:19 am on September 3, 2015 Permalink | Log in to Reply

        With these more unique delimeters, we will be able to process registered shortcodes more efficiently because we will not have to search for them by name. Unregistered shortcodes will have more consistency because we can find them more accurately.

        The new syntax is making it harder for users to use shortcodes for the sake of developers who have a hard time working around the constraints that come with using [tag].

    • leemon 7:25 am on September 3, 2015 Permalink | Log in to Reply

      Sorry to say this, but that new syntax is hideous. If this goes forward as it stands, I predict major breakages, lol

    • Mike Schinkel 8:08 am on September 3, 2015 Permalink | Log in to Reply

      Reviewed all the comments and did not see anyone suggest what @cfc suggested on @miqrogroove‘s blog post which just use Custom HTML Elements:


      They seem perfectly suited for this:


      What would they look like?

      Old Shortcode: [foo]bar[/foo]

      New Shortcode: <wp-foo>bar</foo>

      One I saw that idea by @cfc everything else seemed like painful overkill. Besides, shortcodes are very closely aligned with the goal of the custom HTML element proposal with shortcodes being server-side and custom HTML element being client side.

      • Benny 5:56 pm on September 3, 2015 Permalink | Log in to Reply

        I like the idea of custom HTML elements / web components replacing shortcodes. But that still means we can’t phase out the old shortcode syntax because it would break so many sites. How would you suggest to solve that problem? Maybe by adding you’re “You are doing it wrong” notices (for ever)?

      • Michael Davis 10:53 pm on September 3, 2015 Permalink | Log in to Reply

        I hope this gets more discussion. Particularly, what would be potential shortcomings of this method compared to what the new syntax would bring.

      • Knut Sparhell 1:18 am on September 4, 2015 Permalink | Log in to Reply

        I like this idea of custom HTML elements. Registered elements gets executed either server-side or client-side. An advantage is that it’s quite obvious that such elements can’t be used in attribute values, and attributes can’t contain such elements.

        What has to be solved is the slow deprecation of the old shortcode syntax, and if old shortcodes should be replaced upon upgrade, at some point.

        I also look to the more tag and page tags, that are HTML comment tags. When shortcodes was first introduced I was surprised the HTML comment tag was not considered.

        Custom HTML elements seem very future proof, outright elegant, even if the draft never becomes a recommendation or they will never be supported by browsers (for the client side types).

      • webaware 11:09 pm on September 4, 2015 Permalink | Log in to Reply

        Much love. Was thinking about how NextGEN Gallery does its galleries these days (as a decorated image tag it parses out), but this sounds even better.

      • Braad 12:57 am on September 5, 2015 Permalink | Log in to Reply

        +1 for web components. Great idea Mike!

    • chrishoward 8:24 am on September 3, 2015 Permalink | Log in to Reply

      Sorry, I see these new syntax changes as ridiculous.

      The current syntax is untidy and cumbersome enough, and now you want to throw all these braces in it? We should be making shortcodes easier to use, not harder.

      Have you forgotten the user totally?

      These are great for coders. We love “mustaches” and parameters!

      But I pity the user having to key in a multiple-enclosured shortcode.

      Personally, I believe shortcodes should be invisible to the user, just as HTML is. Show the code in text mode, sure, but not in WYSIWYG. In WYSIWYG mode shortcodes should only be entered via a button and form, and then represented in full if possible (like the gallery shortcode) or by a clickable icon.

      For day-to-day users, this new syntax is a big step backwards.

    • asarosenberg 8:45 am on September 3, 2015 Permalink | Log in to Reply

      I agree with previous comments that this suggestion is very bad for users. People can understand shortcodes if they are somewhat familiar with HTML or online forums but the suggested syntax is unreadable to anyone who is not a programmer.

      An easier way to solve the problem with wanting to use brackets for other things is to allow people to escape brackets for example by ignoring brackets prefaced by backslash, star or whatever char that makes sense. If you want WordPress to be a CMS and not just a blog tool, shortcodes are more important than brackets in text.

      As for deprecation and conversion consider that there are shortcodes in meta fields. Many themes use page templates with multiple wp_editors and shortcodes. To avoid massive sudden breakage the old format should work for at least a year or two after the changes have been implemented and announced.

    • Arunas Liuiza 9:07 am on September 3, 2015 Permalink | Log in to Reply

      While I do get the technical reasoning behind this proposal, but I am really worried changes like that will soon make WordPress only usable for people with PhD in Computer Science. Seriously, I think something like 简shortcode简 would be easier to use and understand than the proposed syntax for the average WordPress *user*.

    • andreasnrb 9:27 am on September 3, 2015 Permalink | Log in to Reply

      The first thing I think that should be done before even touching or discussing syntax is to clearly define the purpose of shortcodes and come up with appropriate use cases.
      And just to ignore my first statement. Why not go in other direction and introduce custom HTML tags instead? You register your tag, what attributes it accepts with sanitation callbacks.
      <wp-button href=””>Click me</wp-button>
      Even makes it possible to integrate with HTML5 custom tags later on.

      • andreasnrb 9:31 am on September 3, 2015 Permalink | Log in to Reply

        Yes I know it encodes when written in the HTML window. So it should be combined with a insert button in the menu.

    • HasinHayder 11:56 am on September 3, 2015 Permalink | Log in to Reply

      Now you need a Ph.D in CS to use WordPress 🙁

    • FolioVision 12:11 pm on September 3, 2015 Permalink | Log in to Reply

      I see that doing this will open new possibilities, but I think the basic shortcodes should stay without change:

      Self-Closing: [shortcode]
      Attributes: [shortcode attr1=”value1″ attr2=’value2′ “value3” ‘value4’ value5]
      Enclosing: [shortcode] HTML [/shortcode]
      Escaped Code: [[shortcode]]

      If you want to add more features (like nested shortcodes here), I think yout can do it without breaking too much stuff:

      Multiple Enclosures (this one should work if they could look for closing tag for [shortcode] – a regex won’t suffice though): [shortcode] HTML [encl2] HTML [encl3] HTML [/shortcode]

      I’m not sure about the rest though, but these special cases could probably use the new syntax:

      Stripped Unregistered Code: [{{randomthing}}]
      Stripped Unregistered Enclosure: [{{randomthing}$] Content also stripped. [${randomthing}}]
      Stripped Empty Code: [{{ }}]
      Ignored Orphan: [{{shortcode}$]
      Ignored Orphan: [${shortcode}}]
      Ignored Orphan: [${encl2}$]
      Ignored Context: [{{shortcode
      Ignored Context:

      Do you see any issue with keeping the basic shortcodes unchanged?

    • jakeparis 12:46 pm on September 3, 2015 Permalink | Log in to Reply

      I think that the new syntax is difficult and burdensome to the average user. I would suggest:

      a) Make at least the basic “Self-Closing” shortcode operate without the brackers (just as it does now).
      b) The “Enclosing” style should close with a slash, not a $. There is not precedent for using a $ as a closer in any programming language that I know of — therefore that makes this difficult to remember. The slash it a much better choice.

    • J.D. Grimes 1:26 pm on September 3, 2015 Permalink | Log in to Reply

      I do not know how serious the security implications might be, but perhaps we could avoid removing the old syntax at all, and just disable it on new sites, like we’ve done with other deprecated features.

      I think the real lesson here though, is that shortcodes don’t need to be fixed, they need to be removed. We would still have to figure out how to maintain some amount of backward compatibility for old sites, but it might be more productive to work on a broader roadmap that would actually make shortcodes obsolete. Others, including @nacin, have hinted at this. Is a syntax overhaul really necessary as an intermediate step? Is it even plausible as an intermediate step? What if instead we approached it like this:

      1. Bring Shortcake (or some other “shortcode UI”) into core. This would still use the shortcode API, but would provide a UI for it so the user never has to directly manipulate the shortcode string.
      2. Start using an alternate, secure method of indicating the insertion points of the different content bits when this UI is used.
      3. Disable the shortcode API on new sites.
      4. Let the old sites get slowly broken and hacked over time, or break them ourselves all at once with an update.

    • JakePT 2:28 pm on September 3, 2015 Permalink | Log in to Reply

      I’ve got a couple of things I want to say. Firstly, I really need clarification on what these security issues with Shortcodes are. I read the post on the 4.2.3 change and it didn’t really help. Maybe it’s because it’s happening in an area of WordPress development that I just haven’t stepped into, but I’m having trouble understanding what contexts Shortcodes are a problem in. Isn’t their output defined by the plugin? Why isn’t the security problem with the *plugin*? Aren’t authors the only ones who can use them anyway? What could they do with them that’s so bad? I’m having trouble accepting such a drastic proposal when it doesn’t come with a clear rationale.

      But my biggest problem by *far* is that this would be so so so much easier to swallow if there was *any vision at all* for the future of the content editor. A single TinyMCE field just doesn’t cut it anymore. What happened to the content blocks idea that came up around 3.8/3.9? WordPress needs to address the problem of editing and creating more complex layouts, not breaking functionality that is only being abused because of this lack of vision and progress.

      Shortcodes suck, but don’t make them suck more without something better to replace them.

    • Stefano Aglietti 3:02 pm on September 3, 2015 Permalink | Log in to Reply

      I don’t know if someone already rised the question, but apart that making shortcode delimiter like the ones propose make user in a complicated situation.

      Maybe english people don’ìt know that { and } are not present in alla keyboards directly as the [ and ] are, in Italian keyboard [ and ] are generated using ALT-GR+è or ALT-GR++ and keyboards show ALT-GR basic sign like €@## and [ ].

      To get { and } you net to type ALT-GR+SHIFT+è and ALT-GR+SHIFT++. Most people don’t know about this combination (i think only who write code does) and the parentesys are not written on any key.

      This change would be a a really complication for italian users and i supect a lot of non english keyboard suffer from the same problem. Please when you think to change something like this for end users, use ALWAYS the KISS Method, [{{ is not KISS at alli suggest adding after the square bracket somthig that is awailable on alla keyboards like ! or ? or % or & but for sure nothing is really hide in system and that 99% of people ignore that existes or how to get it leke curly braces

    • Curtiss Grymala 3:04 pm on September 3, 2015 Permalink | Log in to Reply

      First of all, let me say “Thank you” for beginning the process of thinking about this issue.

      As we begin to move forward, has anyone thought about trying to identify where & how shortcodes are currently used, then trying to come up with the best solution for each of those situations? Maybe a shortcode isn’t the best solution for all of the situations in which it’s being used; it’s just the only viable solution we’ve had up until now.

      The bottom-line is, we are still going to need placeholders of some sort within WordPress. There are perfectly reasonable uses of placeholders, regardless of the syntax they use.

      Some are within HTML tags, such as <div class=”[my-custom-class extras=’one-third first’]”> or <img src=”[some-img-url]” alt=”This is my awesome image”/> or <a href=”[my-home-page]” title=”Return to [my-site-name]”>. There are perfectly valid & viable reasons to need to use some sort of placeholder inside of HTML (even if it’s not necessarily inside of the Visual Editor). If we stop allowing these sorts of things, then we’re going to end up with more plugins implementing silly things like [custom-html tag="a" href="{{home-page}}" title="Return to {{site-name}}"]Go Home[/custom-html] which will introduce potentially even bigger security issues and more usability issues for the users.

      Some stand on their own, such as We currently have [number-of-users] users on the site.

      Some output HTML, such as .

      Some are, IMHO, poor attempts to get around security restrictions in the editor, such as [iframe] (there are many plugins that implement this, by basically allowing the editor to enter an HTML tag in normal syntax, but replacing the < and > with square brackets).

      Some need to be nested in order to work properly, such as something like:
      [accordion-title]My accordion item title[/accordion-title]
      [accordion-content]Some content to appear within the accordion item[/accordion-content]

      Some are also completely related to formatting the content, attempting to “fix” the problem of only having one content area, and trying to keep editors from needing to enter HTML on their own, such as the various implementations of column shortcodes (this is a very similar reason that implementations like the accordion shortcodes above exist, as well).

      There are many more perfectly valid & useful implementations of the current shortcode API.

      Each of these may have a completely different and much better solution than the others.

      Finally, as WordPress has evolved very, very far from a simple blogging platform, we need to stop thinking that post titles and post content are the only features that people are using.

      There are plenty of places where shortcodes might appear within the Options table, possibly even inside of serialized data. For instance, shortcodes could, potentially be used within widgets or theme options.

      Shortcodes could absolutely be used, within plain-text or serialized data, within the postmeta table (there are a ton of places that custom fields on a post could include shortcodes) or possibly even the usermeta table.

      The problem I see with the original discussion we had after 4.2.3, and the problem I see with some of the comments on this post, are that there still seem to be people saying “You shouldn’t have used shortcodes to do that; that was stupid, so it doesn’t matter if we break them.”

      The thing I appreciate about this original post, regardless of the fact that the proposed solutions are certainly more complicated than they should be, is that the core team is back to at least trying to solve the issue rather than continuing to feel like it’s okay to break sites just because they disagree with the use-case.

      Again, though, I want to thank @miqrogroove for bringing this to the table and beginning the process of trying to move forward.

    • Stanislav Khromov 5:01 pm on September 3, 2015 Permalink | Log in to Reply

      I’d like to echo the dismay most people feel with this proposed roadmap, and also stress that this can cause a fragmentation in the WP ecosystem.

      Consider that it’s easier than ever to not keep WordPress up to date with the latest version – security patches are backported all the way back to 3.7 and minor security fixes get applied automatically.

      By introducing big, “scary” changes that people feel uneasy about (which the comments prove include even seasoned developers), many will just not update. Consider the kind of fragmentation Python faced after they introduced syntax changes in version 3. Most people just didn’t want or need these changes. I feel the same way about this proposed roadmap.

    • Grant Palin 5:07 pm on September 3, 2015 Permalink | Log in to Reply

      One other gripe I have with the current shortcode syntax is that it sometimes confuses Markdown. Particularly when using within posts authored using WP-Markdown plugin. There’s a workaround, but still.

    • Jacob Santos 8:59 pm on September 3, 2015 Permalink | Log in to Reply

      Why was shortcodes added and what problem did they attempt to solve? What was their original purpose?

      The reason it is a bad idea is that it neglects the reason shortcodes were created and why they have the syntax they do. The history for the most part, I believe, was based in part on BBCode. If Handlebars existed and was more popular, then who knows.

      You will always have a security issue. Tough, but true. Introducing a wholly obtuse syntax will not change that and will make it more difficult for users and developers. Most likely you will just see an influx of plugins that put back the same behavior or those who move away from shortcodes altogether. It will also be a slap in the face once another security flaw is discovered.

      Unless you wish to remove the security issue by pushing people away from using shortcodes completely or creating their own solutions of various quality for security.

      The timeline is far too short. If you go back as far as 3.7, then you must follow that pattern. Deprecate it and update it if you can, but you must support the current until 2018 or 2 years after 4.4 is released.

      • Jacob Santos 9:06 pm on September 3, 2015 Permalink | Log in to Reply

        Lest my argument be misconstrued; I am saying that any syntax change is a bad idea. Solve the security problems with the current or work around them. The bed is made, you have to deal with it.

        Biggest problem I have is that it looks like you are creating a new template engine. There are already those that exist. It would be better if you used them as several have already been audited by security professionals or could be audited by security professionals. They also have a community and those that support it outside of WordPress.

        If you are going to introduce a template engine to WordPress posts, which in and of itself is charge to be warily, you are better off going with something developed by professionals.

        Shortcodes were supposed to be an easy replacement for plugins without a lot of features. When did it become the end all, be all to implement a feature?

        If anything, the RFC should formally suggest where shortcodes should and should not be used, deprecate those usages and at a later date, remove support for them. If advanced templating is required, move to an actual established templating engine. Oh my god, I can’t believe I’m writing this.

        I must be in shock, because the horror of this is just beyond comprehension. I can’t imagine the discussions or the problems that lead to, “hey, why don’t we create a template engine for posts?”

        I have to conclude that this is an early or late April Fool’s joke.

    • chriscct7 2:44 am on September 4, 2015 Permalink | Log in to Reply

      As an update, the team working on the Shortcodes Roadmap, has been working on a new draft proposal which will be posted to make at some point in the near future, which is significantly different than Draft 1. Also, there will be a weekly meeting that will be announced during the same post.

      • John Teague 2:10 pm on September 4, 2015 Permalink | Log in to Reply

        Thank you Chris. And to everyone working to find a solution on this. Hope people realize how much time and effort has to go into this.

    • Ustimenko Alexander 4:45 am on September 8, 2015 Permalink | Log in to Reply

      Users must not pay for developers weakness. If you want something stron-n-cool, then incorporate twig syntax here, but this all is for DEVELOPERS an dnot for users. This syntax is super-extra-bad-thing for end user.

    • renzms 11:57 am on September 17, 2015 Permalink | Log in to Reply

      I’d also like to join in to say that this is more of a step sideways rather than forward/backward with this proposed roadmap.

      Whether a seasoned developer, or just a regular user with no coding experience, these shortcodes aren’t in any way user or developer friendly.

      I understand this is a draft, and a new proposal will be made, especially after all the sentiment seen here. So thanks for the warning, and not changing anything right away as drastic as this. I know this proposed change is due to a security issue, but it causes more problems down the road that developers/users just might not use WordPress anymore to begin with. I do hope a simpler and more unified solution is found.

    • Tom Belknap 8:08 pm on December 15, 2015 Permalink | Log in to Reply

      This isn’t quite such a draft when you consider that 4.4 is already here and already, it’s messing up my shortcodes. Specifically the nested ones.

      This might be the worst proposal since the rightfully-maligned “Settings API,” an innovation the devs needed to ditch in favour of the Customizer. How error-prone is this syntax?

      `[{{shortcode}$] HTML [${encl2}$] HTML [${encl3}$] HTML [${shortcode}}]`

      I thought this double curly brace business must have meant that you were calling out the things we were supposed to change. Then I saw you were serious about it.

  • Ryan Boren 4:43 pm on September 2, 2015 Permalink
    Tags: , maintainership   

    Component Page Updates for 4.4 

    Now that 4.4 is underway, let’s update the component pages to reflect 4.4 activity. The Customize, Editor, and Press This pages serve as good templates, though they all need 4.4 updates. The component pages are targeted at beta testers. They should describe the component, list milestones (roadmap), and explain what needs testing and how to test it. Good component pages assist triage. For details, see the previous round of component page updates.

    Also, if your component has a corresponding Slack chat, link to the component page from the chat’s channel topic. This assists using Slack in beta testing flows.

    Component maintainers, here are your component pages…

    (More …)

  • Boone Gorges 4:29 pm on August 27, 2015 Permalink
    Tags: , ,   

    Taxonomy roadmap for 4.4 and beyond 

    In WordPress 4.3, we eliminated shared taxonomy terms once and for all. This means that, by the time WordPress 4.4 is released, just about every WordPress installation will have the same number of rows in the wp_terms and wp_term_taxonomy database tables.

    Why does this matter? When terms in different taxonomies could share the same term_id, terms could only be uniquely identified by a ID-taxonomy pair. This is why every nearly function in our taxonomy API has $term_id and $taxonomy as required arguments. (The decision was made long ago to keep the truly-unique term_taxonomy_id internal for most purposes.) The lack of unique IDs for terms made our API interfaces and internals complicated, and it made it cumbersome to add new features like term metadata.

    Now that term IDs are unique, we can begin the projects of unraveling the now-unneeded complications of the taxonomy API and adding new features that take advantage of the simplified data model. In this post, I’ll outline some of these tasks, and point to areas where interested folks can contribute.

    API simplification and other work on taxonomy internals

    Once each row in the wp_terms table corresponds to a single row in wp_term_taxonomy, there’s no point in having two separate tables (and all the JOINs that two tables require). In 2013, @nacin sketched how this might be done, through a combination of $wpdb tricks and a MySQL view. Here, we need someone to write a patch, and we also need to start a discussion about graceful failures for situations where there are still shared terms in the DB, as well as MySQL version compatibility (view functionality was phased in over the 5.0 series). The tracking ticket for simplification of the taxonomy database schema is #30262.

    With a single term table, we can begin to rewrite our internal SQL queries to remove costly table joins. This kind of refactoring is probably at least one version (and a hundred unit tests) away. In the meantime, we can begin the process of simplifying the API interfaces. For example, functions that accept term IDs, like get_term() no longer need to require an explicit taxonomy parameter.

    Having a unique identifiers for terms means this is also a good time to move toward WP_Term; see #14162. This class can start off being a fairly simple model that takes care of things like basic cache management and data integrity – see WP_Post – but over time, I envision moving business logic to the WP_Term, introducing convenience methods for chaining, and so on.

    Term Meta

    There’s been lots of clamoring for taxonomy term metadata #10142. Unique term IDs make it viable, since WP’s *_metadata() functions assume object IDs as identifiers.

    The technical implementation is not complex. We need wrappers for the CRUD functions, ‘meta_query’ support in get_terms(), an update routine to create the database table, metadata pre-caching (‘update_term_meta_cache’) when fetching terms, and maybe a few other small items.

    The larger challenge is to build a core solution that minimizes conflict with third-party tools. Developers have wanted termmeta for a long time, so there are many public plugins and private libraries that provide it. Many of them use unprefixed function names like update_term_meta(), and many of them use a database table called wp_termmeta. We should do a survey of publicly available plugins to get a sense of usage statistics and schema compatibility. We’ll need to organize outreach to developers of known plugins, so that they can add off-switches to their tools before termmeta appears in core. And we may decide to borrow code from one or more of the existing GPL-licensed tools, ideally with the participation of the original author.

    Let’s share this journey

    Many hands make light work. We need code, but more importantly, we need folks who are nuts about strategy and outreach and backward compatibility.

    There’ll be a meeting for all Taxonomy Heroes, on September 3 2015 20:00 UTC, in the #core channel on Slack. If you’re interested in helping out with any of these taxonomy projects, drop a comment below or come to the meeting. We’ll get a team or two together, and make a plan for 4.4 and beyond.

    • Scott Taylor 4:36 pm on August 27, 2015 Permalink | Log in to Reply

      You are an American treasure.

    • Felix Arntz 5:08 pm on August 27, 2015 Permalink | Log in to Reply

      That’s an awesome step, standardizing terms (when compared to posts) will make WordPress development a lot more intuitive. I’m looking forward to help, in any way possible! 🙂

    • imath 5:12 pm on August 27, 2015 Permalink | Log in to Reply


    • prettyboymp 5:42 pm on August 27, 2015 Permalink | Log in to Reply

      I know there are a lot of smart developers leading this and making these decisions, but I don’t think that adding meta to terms is the best path forward. I think it would be better to move towards a sunset of the terms tables altogether and add the ability to create direct relationships between post objects.

      The addition of term meta will introduce a new way for data to be represented and further reduce compatibility between different themes and plugins. The reason many developers want terms to have meta is because they need them to be more than just a word. Developers will now have to determine whether it is best to represent a data structure as a term or as a post object. The limitation right now is that you can only create a many to many relationship within the current schema by using terms. Wouldn’t it make more sense to move towards treating everything as an object and give the ability to create many to many relationships between any of them?

      • Boone Gorges 5:59 pm on August 27, 2015 Permalink | Log in to Reply

        > I think it would be better to move towards a sunset of the terms tables altogether and add the ability to create direct relationships between post objects.

        I would agree with this more if the post schema (and the “post type” API) had been more explicitly designed for general “object” use. One of the virtues of the taxonomy schema as it currently stands is that it’s fast – it doesn’t store a lot of data (like longtext), and the tables can be joined efficiently. wp_term_relationships is, in fact, a relationship table like what you’re suggesting for posts. The post schema, on the other hand, is loaded with fields that are of questionable value for general objects, fields that make queries cumbersome and resource-intensive. (A related concern, which I think is very legitimate, is that introducing term meta – and especially term meta queries – is going to slow down what is currently a fast API. This is something we should definitely discuss as a part of the initiative.)

        As for the question of whether this “further reduces compatibility between different themes and plugins”, I don’t really agree. In theory, a purely node-based system like Drupal means that all data types can work with all other data types. But how this gets fleshed out by developers and within UIs is far from a foregone conclusion.

        Moveover, by introducing greater parity between the Post and Term APIs, an argument could be made that we’re *increasing* compatibility between various WP components, at least as far as the developer experience is concerned. The API interfaces will be similar enough that it’s possible to imagine building tools that will talk to either terms or posts with a minimal layer of abstraction.

        In any case, these are helpful thoughts, and I hope you’ll think about coming and arguing them next Thursday 🙂

        • Mike Schinkel 6:54 am on August 28, 2015 Permalink | Log in to Reply

          While I am somewhat on the fence about this, I am leaning towards what @prettyboymp said. Rather than blindly adding term meta, it probably makes good sense to first ask if there is actually not a better way.

          For example, what if the post table were split in two, allowing for a lightweight version with limited fields and a heavy version using a join will full fields? It is possible that could also result in significant performance savings when working with posts in addition to making terms less of a special case.

          Note I am not saying this specific idea makes sense (or that it does not), I’m only saying that it would be good to open the floor for alternate strawmen proposals with subsequent discussion before committing to any one particular direction.

          • Boone Gorges 1:55 pm on August 28, 2015 Permalink | Log in to Reply

            I totally agree that we shouldn’t jump into term meta without discussing whether it’s the right thing to do. I meant to say that in the post, but there were so darn many things to say 🙂

            That being said, while I think it’s good to brainstorm and think big, I don’t want to be unrealistic. Massive schema and API changes take huge amounts of effort and time. I don’t want to get so sidetracked talking about a complete rearchitecture of WordPress that we lose track of the very real improvements we can make today – improvements that are often compatible with future changes.

            The one larger item I do want to flag for discussion is a general relationships API. Since Taxonomy already contains a relationship table, I want to make sure that any changes we make in that component don’t block the future development of object-object relationship functionality.

    • SanjayaBhai 6:12 pm on August 27, 2015 Permalink | Log in to Reply

      Wosome Fantastic 😀

    • leemon 6:26 pm on August 27, 2015 Permalink | Log in to Reply

      Many many thanks for championing this feature! 🙂

    • marsjaninzmarsa 6:53 pm on August 27, 2015 Permalink | Log in to Reply

      Count me in of course. 🙂

    • MatheusGimenez 10:57 pm on August 27, 2015 Permalink | Log in to Reply

      Great! Term meta is a very necessary function. 🙂

    • natebald 2:18 am on August 31, 2015 Permalink | Log in to Reply

      Hi, can someone explain what this means for sites that different post types uses the same taxonomy? I am unclear what the end result will be if the site is updated. Thank you in advance.

      • Boone Gorges 12:08 pm on August 31, 2015 Permalink | Log in to Reply

        natebald – The scenario you’ve described here is unaffected by any of these changes. The elimination of “shared terms” is about specific *terms* that are shared between multiple taxonomies.

    • texteditor 2:57 pm on August 31, 2015 Permalink | Log in to Reply

      Greetings. Please count me in with this discussion. I built a site for our university that serves e-textbooks in various download formats. I needed to group the download format types together and associate them with their respective posts. I wrote a query joining term relationships, term taxonomy, terms, and post meta among other things. It serves the purpose very well, but I am certain the upcoming 4.4 changes would affect our site. I can show you our site and the queries during the conference. Thank you in advance.

    • masonjames 10:05 pm on August 31, 2015 Permalink | Log in to Reply

      “We need code, but more importantly, we need folks who are nuts about strategy and outreach and backward compatibility.”

      Welp. You had me at “we need folks who are nuts”

    • Marin Atanasov 8:26 pm on September 3, 2015 Permalink | Log in to Reply

      Wow, this is exciting. I’ve been waiting for that since 2.8.

      It would be awesome to get that in 4.4. But too many things to consider. I’d love to help with any patches, testing or opinion here! 🙂

  • Konstantin Obenland 9:45 pm on May 20, 2015 Permalink
    Tags: ,   

    Dev Chat Summary, May 20 

    Agenda, Slack log.

    Committers Update (#)
    New guest committers: @iseulde, @westonruter, and @obenland, renewed guest committers: @jorbin, @jeremfelt, permanent committers: @pento, @boone, and @johnbillion
    Also see https://make.wordpress.org/core/2015/05/20/new-committers-for-4-3/

    Editor (#)
    No update here. Will discuss goals for this week and next week outside of dev chat.

    Admin UI (#)
    @helen is plugging away at some groundwork for the CSS roadmap, @stephdau should be taking a look at the first steps for list tables in the next day or so. Will discuss goals for next week in tomorrow’s UI meeting.

    Network Admin UI (#)
    They talked through aspects of the Edit Site and Add Site flows yesterday to help @hugobaeta with mock-ups. Hopeful to see a mock up of these soon. They have a couple flows in Make/Flow with more on the way. The 5s flow highlighted an issue with text inputs overflowing. There’s also an updated `WP_Network` patch.

    Things they want to have done by next week:

    • Android and iPad flows.
    • Conversation around updated `WP_Network` patch and a first attempt at `WP_Site`.

    Partial Refresh (#)
    Now has support for refreshing menus changed by Menu Customizer: https://github.com/xwp/wp-customize-partial-refresh/pull/12/files
    It’s much simpler than partial refresh for widgets, and @westonruter thinks that maybe it could safely be on by default, instead of requiring opt-in as is currently done for widgets. The concern with on-by-default would be if menus get some dynamic behaviors added to them with JS, so maybe it’s just something that theme authors would need to account for.
    Also waiting on feedback and testing from the Menu Customizer, merging the corresponding PR for Menu Customizer, to then merge the PR for Customize Partial Refresh and do a new plugin release.

    Goals for next week: Take what was done for Menus and then abstract a level again to facilitate plugins easily adding their own partial-refreshing.

    Menu Customizer (#)
    @voldemortensen, @celloexpressions
    Lazy loading and error handling were committed. Will discuss goals for next week outside of dev chat.

    Better Passwords (#)
    They’ve been working on a mockup of the password UI: http://codepen.io/markjaquith/pen/GJjZbJ
    Probably best to create a temporary hook in core for the password-set UI in the profile, to allow the team to work on this as a plugin. @markjaquith can take care of that core change, and start the plugin on GitHub.
    #32428 is on hold until the Password UI is usable. @voldemortensen started work on expiring reset keys #32429, but hopes to get it showcase-able by the end of the week. @rmarks made a first pass at #32430 but it needs more work.

    Goals for next week:
    1. Hook in core to enable plugin for PW change UI.
    2. Working version of PW change UI on the Profile screen (that is, you can change your password with it… show/hide… back compat for the pw confirmation field… not promising the strength hint stuff yet).
    3. #32430 ready for commit.
    4. Working patch for #32429.

    Favicons (#)
    @johnbillion made a start on the site favicon manager. As discussed during dev chat last week and in #16434 it has an API so plugins/themes can register new sizes for favicons/touch icons/etc if the need arises. I’ll be pushed to a GitHub repo by tomorrow. The main thing that will need to be discussed is whether this should just be a customizer setting or not. @johnbillion will post about the repository location and meeting times on this blog.

    @ocean90 is looking for feedback on #29783!

    Next chat will be on May 27 2015, 20:00 UTC

  • Drew Jaynes 5:44 pm on April 21, 2015 Permalink

    4.2 Scrub 

    We’ll be scrubbing report 6 in the #core channel on Slack in about 20 minutes at Tuesday 18:00 UTC 2015. Join us!

    @azaozz @dd32 @nacin @helen @sergeybiryukov @ocean90 @wonderboymusic @mark @johnbillion @jorbin @boone @jeremyfelt @pento

  • Morgan Estes 12:43 pm on April 19, 2015 Permalink
    Tags: ,   

    WordPress Core Weekly 

    Howdy! Sorry, I dropped the ball last week so this week’s Weekly Roundup is a double issue — it covers April 4, 2015 [32003] to April 18, 2015 [32140].

    This week marks the release of RC1, which is the first release that many plugin authors and beta testers will test heavily. If you don’t already, now is a good time to check out the Alpha/Beta forums for any issues that crop up during this testing cycle.

    We’re only days away from the release of 4.2; let’s finish strong! 🏃👏 Here’s the rundown of recent changes:


    • Update to 4.1.9+. Changes:
      • Fixed bug where extra empty paragraphs would get deleted in WebKit/Blink due to recent Quriks fix.
      • Fixed bug where the editor wouldn’t work properly on IE 12 due to some required browser sniffing.
      • Fixed bug where formatting shortcut keys where interfering with Mac OS X screenshot keys. [32058] #31895
    • Disable the wp-autoresize plugin in iOS. All iframes there are already expanded to the height of the content document. [32095] #31937
    • Update the “Keyboard Shortcuts” modal. [32060] #29558
    • Fix our shortcuts on Mac, use Ctrl + Opt + letter. [32059] #29558
    • Use window.twemoji directly in the wpemoji plugin. Gives a chance to the browser to lazy load twemoji.js when reloading the page. [32142] #31901
    • Remove the empty paragraph that sometimes is left over after adding an image caption. [32141] #32003


    • Remove selected views when inserting content but not when loading all content, and remove the ref. to the selected view node on resetting the views. [32140] #31998
    • Resize sandbox iframes on load. [32056] #31480
    • Empty the content in the timeout, so it doesn’t render iframes twice. [32022] #31669

    Build/Test Tools

    • During PHPUnit tests, don’t autodetect permalink structure during WP installation. [32139] #31994
    • Move the built media JS files up a directory to their previous location and naming convention. [32125] #31912 (see [31373])
    • Don’t reference underscore.js source map. [32065] #31477


    • WordPress 4.2-RC1 [32137] [32138]
    • Use HTTPS URLs for codex.wordpress.org. [32116] #27115
    • Explain all placeholders in translator comment, not just the first one. [32111] #31675
    • Ensure post title input is not shortened for non-public post types. [32071] #30968
    • Improve handling of incomplete From and Content-Type headers in wp_mail(). [32070] #30266
    • wpLink: always show the URL field at the top. [32017] #28206
    • Force default avatar for HiDPI avatars on Discussion Settings. [32129] #31972

    Translation and Strings

    • Merge strings that describe the same command. [32078] #31776
    • Update placeholder for FTP credentials. [32077] #31922
    • After [31941], use the decoupled strings from wp-admin/network/themes.php in wp-admin/network/site-themes.php as well. [32029] #28502
    • Correct grammar when referring to “a user” vs “an user” in several places. [32025] #31894


    • Fix flickering of the admin menu on over-scrolling. [32089] #30900
    • Dashboard: Ensure images other than avatars (such as emoji replacements) in recent comments are not incorrectly positioned. [32076] #31919
    • Admin menu: fix colors for focus state and in IE8. [32075] #31345
    • Dismissible notices: more precise positioning across browsers. [32068] #31233
    • Reset padding for buttons in theme details modal. [32128] #31963
    • Revert [32099] per discussion in #core. [32100] #30900
    • Remove z-index from #adminmenuback. [32099] #30900
    • Don’t print the custom-background class in body_class() when a default color is in use. [32081] #28687
    • Toolbar: Search item consistency for focus state and IE8. [32074] #31322
    • Pointers: Make the dismiss icon a consistent size. [32069] #31915
    • Update more instances of default admin blues and grays. [32051] #31234

    Emoji and Smilies

    • Tweak which smiley matches which emoji. [32105] [32107] #31709
    • Update our few remaining smilies to better align with Twemoji, and add frownie.png until Twemoji provides a build containing it. [32104] #31709
    • The emoji JS files should be run through the script_loader_src filter, as they would be if they were registered scripts. [32097] #31938
    • Tidy up the wp_encode_emoji() regex, and clarify the function comment on Unicode 8 support. [32096]
    • Remove an errant / in Twemoji URLs. [32024] #31893
    • Remove executable bit from smilies. [32109] #31709


    • Twenty Fourteen: update editor styles to better account for adaptive images in small screens. [32094] #31934
    • Twenty Fifteen: update editor styles to better account for adaptive images in small screens. [32090] #31934
    • Theme Compat: Make string translatable and add translator comments. Added in [31941]. [32084] #28502, #31921
    • Move initialization of $customizeSidebar to api.ThemesSection.initialize() to prevent cases where the result can be undefined. [32119] #31793
    • Translator comment should just reference placeholder numbers, not the actual placeholders. [32112] #31675
    • Tell developers how to correctly silence register_sidebar() notices. [32110] #31675


    Theme Switcher

    • Fix some esoteric breakage in iOS Safari. [32103] #31794
    • Don’t deactivate section on empty search results. [32083] #31889
    • Remove “Add New” reference from customize-controls.js. [32004] #31837
    • Use text input for the search field to prevent double tap issues for Preview and Customize buttons on iOS. [32127] #31794
    • Don’t re-render a theme control if it has already been rendered.
    • Lazy load theme screenshots. [32088] #31793
    • Fix tabbing order if section is open. [32087] #31289
    • Fix preview URL for subfolder installs. [32086] #31896

    Shiny Updates

    • Disable shiny updates from modal based on parent window [32082] #31739
    • Fix logic for details based shiny updates. [32080] #31739
    • Disable modal initiated shiny updates on wp-admin/update-core.php. [32067] #31739
    • Use dashes instead of dots as separator for jQuery events in shiny updates . is used for namespaces, so better to use dashes. [32063] #31819
    • Trigger events upon the completion of a shiny update. [32061] #31819
    • Remove Shiny Bulk Updates. Bulk updates don’t need to be ajaxified so let’s revert. [32053] #31770, #29820
    • Conditionally add AYS to leaving shiny updates. [32052] #31769
    • Enable users to initiate a shiny update from plugin detail modal. [32062] #31739


    • Don’t allow whitespace-only image captions from the Media modal. [32079] #21848
    • Fix focus and selected state for the selected attachments set. [32072] #31898
    • Rename get_media_embedded_in_content_allowed filter tomedia_embedded_in_content_allowed_types. [32113] #26675
    • Bring back spinners, now without bouncing select elements. [32101] #22839, #30725
    • Fix the media modal Insert into post button on narrow screens by limiting the width of .media-toolbar-primary and .media-toolbar-secondary only inside .attachments-browser (the top toolbar). [32121] #31908
    • Insert from URL: Make sure the link text is actually used. [32055] #29476
    • Make sure the spinner in the media modal is visible on narrow screens (without affecting the media grid). [32120] #30725

    Build Tools

    • Don’t override minified libraries included in core. [32066] #31477


    • Remove unnecessary inline @see tags from a variety of parameter and return descriptions in wp-includes/wp-db.php. [32050] #31888
    • Remove unnecessary inline @see tags from the wpdb::process_field_charsets()DocBlock. [32049] #31888
    • Add a missing return description for has_header_image(). [32048] #31888
    • Fix a variety of inline documentation syntactical issues in wp-includes/taxonomy.php. [32047] #31888
    • Add a missing @access tag to the DocBlock for the WP_Meta_Query->$clauses property. Also adds a missing return description for WP_Meta_Query::get_clauses(). [32044] #31888
    • Add a variety of missing descriptions and fix syntax for wp_scripts(),_wp_scripts_maybe_doing_it_wrong(), and wp_script_add_data(). [32040] #31888
    • Remove an unnecessary inline @see tag and document the $wpdb global in two WP_Comment_Query methods. [32038] #31888
    • Add missing parameter and return descriptions to WP_Customize_Widgets->filter_customize_dynamic_setting_args(). [32036] #31888
    • Add parameter and return descriptions for WP_Customize_Widgets->get_setting_type(). [32035] #31888
    • Add missing @access tags to two DocBlocks in WP_Customize_Setting. [32034] #31888
    • Document the $theme property in WP_Customize_Themes_Section. Also adds a missing@access tag to the DocBlock for WP_Customize_Themes_Section->render(). [32033] #31888
    • Cleanup DocBlock syntax, add a missing parameter description for WP_Customize_Manager->set_post_value(). [32031] #31888
    • Add inline doc syntax fixes for WP_Customize_Manager->doing_ajax(). Also adds a return description. [32030] #31888
    • Add documentation for the $type and $theme properties in WP_Customize_Theme_Control. Also add some missing @access tags to various DocBlocks. [32028] #31888
    • Fix description alignment for the category_css_class filter docs. [32026] #31888
    • Add documentation for the $type, $mime_type, and $button_labels properties in WP_Customize_Media_Control. [32023] #31888
    • Clarify the DocBlock summary and parameter description forwp_edit_attachments_query_vars(). [32019] #31888
    • Add proper descriptions for the @global and @param tags in the wp_media_attach_action() DocBlock. [32018] #31888
    • Clarify the DocBlock description for wp_print_request_filesystem_credentials_modal(). [32016] #31888
    • Clarify 4.2.0 changelog entry, add global description to the DocBlock for WP_Users_List_Table->single_row(). [32015] #31888
    • Add missing @since versions from a variety of methods in WP_Press_This. [32014] #31888
    • Add missing DocBlocks for the _limit_array(), _limit_string(), _limit_url(),_limit_img(), _limit_embed(), and _process_meta_entry() utility methods in WP_Press_This. [32013] #31888
    • Add a return description to the DocBlock for WP_Posts_List_Table->is_base_request(). [32009] #31888
    • Add an @see mention for Plugin_Upgrader, plus spacing to the wp_ajax_update_plugin()delcaration. [32006] #31888
    • Add a more descriptive function summary for options_discussion_add_js(). [32005] #31888
    • Fix Docblock syntax for the taxonomy_parent_dropdown_args filter. [32003] #31888
    • Add a missing return description for wp_styles(). [32041] #31888
    • wp_install_maybe_enable_pretty_permalinks() should have a consistent @return value. [32027] #6481, #31888


    • All strings are available for translation. [32132] [32135] [32136] #31929
    • Change the subhead strings on credits.php and freedoms.php to match about.php.
    • Link the Emoji Codex article in the emoji blurb.
    • Add a second sentence to the JavaScript Accessibility blurb.
    • Switch positions for the JavaScript Accessibility and Complex Query Ordering sections for balance. [32131] #31929
    • Update about page for 4.2. [32118] [32123] [32130] #31929


    • Move wp-plugin-update-success event to after lock is released [32133] #31978, #31819
    • Use named function instead of anonymous function, making it testable and replaceable. [32126] #31964
    • When dbDelta() is checking whether an index is defined in a CREATE TABLE statement, don’t worry if MySQL has a subpart defined on an index, but the CREATE TABLE doesn’t. [32108] #31869

    Script Loader

    Press This

    • Do not show the bookmarklet upgrade notice when accessing directly press-this.php. [32122] #31968
    • Add mb_strlen() compatibility function. Works the same way as the existing mb_substr() compatibility function. [32114] #31951
    • Check the bookmarklet version and add the update notice from PHP. [32106] #31942
    • Add ARIA attributes to the alerts container. [32102] #31942
    • Fix focusing the Standard Editor link after saving draft, if the user has not focused another element. [32098] #31923
    • Change the link text to Standard Editor. [32093] #31923
    • When saving a draft change the text of the Save Draft button to “Saving…” [32092] #31923
    • Update documentation for press_this_save_redirect filter after [31992]. [32143] #31996


    • wp_update_term() should check if get_term() returned null. [32117] #31954
    • Avoid an unexpected object error when syncing global terms. Pass the expected single value, rather than object, when recursively calling global_terms(). [32064] #31914, #31149


    Thanks to @adamsilverstein, @afercia, @awbauer, @azaozz, @boonebgorges, @DavidAnderson, @dimadin, @dlh, @DrewAPicture, @ericlewis, @hauvong, @helen, @hugobaeta, @iseulde, @jamescollins, @jeremyfelt, @joemcgill, @joen, @johnbillion, @jorbin, @kraftbj, @lancewillett, @markjaquith, @mattheu, @Michael-Arestad, @mindrun, @morganestes, @nacin, @nitkr, @obenland, @ocean90, @pavelevap, @pento, @peterwilsoncc, @samuelsidler, @SergeyBiryukov, @siobhan, @sirbrillig, @slobodanmanic, @swissspidy, @tmatsuur, @Tmeiste, @tyxla, @valendesigns, @westonruter, and @wonderboymusic for their contributions!

  • Drew Jaynes 10:00 am on March 18, 2015 Permalink
    Tags: ,   

    Dev Chat Agenda, March 18, 2015 

    Here’s the agenda for Wednesday’s Dev Chat in the #core channel on Slack.

    » Beta 1 was tagged last week as scheduled and we’re heading toward tagging Beta 2 this week.

    Time/Date: March 18 2015 21:00 UTC:

    Reminder for those on Daylight Saving Time – If you’re already on Daylight Saving Time, the core dev chat will be an hour later for you for the next few weeks, though still 21:00 UTC. The above time link should give you the correct time and date for your local timezone.


    1. Ticket Ownership
      • New Trac report, Tickets I Own, primarily for committers
      • Review milestoning best-practices in the testing stages
    2. Bug Scrub/Commit Sprint

    No Open Floor this week – Due to time constraints, we won’t be holding an open floor period during the regularly-scheduled dev chat this week. If you have a ticket on the 4.2 milestone you’d like to get dev feedback on, leave a note in the comments.

    • Justin Sternberg 1:04 pm on March 18, 2015 Permalink | Log in to Reply

      Would like to get a decision on https://core.trac.wordpress.org/ticket/31556. Thanks Drew.

    • Joe McGill 1:19 pm on March 18, 2015 Permalink | Log in to Reply

      I think https://core.trac.wordpress.org/ticket/30900 is ready to go in, just needs an owner.

      The second ticket where I’d like to get some feedback is https://core.trac.wordpress.org/ticket/31352 – making media icons retina friendly. Issue being whether it’s better to use SVGs for those icons or to modify the output of `wp_get_attachment_image_src()` to support multiple sources (e.g. icon1x.png, icon2x.png, etc.).

    • Paal Joachim Romdahl 5:58 pm on March 18, 2015 Permalink | Log in to Reply

      I believe there is a lack in people contributing to WordPress core.
      This is a topic that should be discussed.

      It would be informative to ask for feedback on how people experience contributing to WordPress.

      I see two different ways outside of slack we can handle this. Both would be helpful for the community.

      Creating a survery asking people if they have contributed to WordPress Core in some way.

      • How was your experience?
      • Do you have suggestions on how to improve the experience?
      • Anything else you would like to add?
      • How should we go about encouraging others to contribute?
      • Has your company considered donating employees time to contributing to improve WordPress? Yes/no
      • If so why or why not.
      • Etc…

      Holding a town hall meeting with the topic “Improving the contributing experience for WordPress Core”.

      Findings will then need to be strongly considered and changes implemented looking at the structure of how things are done in WordPress. All companies need to find ways to better themselves WordPress is also one of them. I am hoping that this can create a serious introspection with the result of adjusting what does not work with a new flow that does.

  • Pascal Birchler 3:37 pm on March 13, 2015 Permalink
    Tags: ,   

    WordPress Core Weekly 

    Hi everyone, and welcome to this week’s installment of WordPress Core Weekly – covering March 5 2015 [31621] through March 13, 2015 [31764].

    If you want to write the next WordPress Core Weekly summary, check out the schedule over at make/docs and get in touch in the #core-weekly-update Slack channel.

    WordPress 4.2 Beta 1

    In case you missed it, the first beta of WordPress 4.2 was released yesterday! Read the announcement post for a quick overview of all features (emojis! 🎉🎉) and be sure to test it extensively.

    Code Updates



    • Abstract the code for creating floating toolbars. Introduce editor.wp namespace to hold exported methods from our plugins. [31725] #30619
    • Hide TinyMCE help button on mobile. [31718] #31161
    • Update TinyMCE to 4.1.9. [31700] #31551
    • TinyMCE: when pasting an URL over a selection, insert a link with the URL instead of replacing the selection with it. [31691] #31571
    • In the modal state for Embed previews, only show the Title field when the preview fails. [31632] #29476


    • Shiny Updates: Disable body scrolling when filesystem request modal is open. [31753] #31607
    • Shiny Updates: Don’t translate an error code string. [31751] #31606

    Posts, Post Types

    • Allow is_page_template() to accept an array, as many other conditional tags do. [31754] #31271
    • Introduce a new algorithm for displaying a hierarchical list of post objects in the WP_Posts_List_Table. This reduces processing time, reduces database queries, and substantially reduces memory use on sites with a high number of Pages. [31730] #15459

    Press This

    • Remove obsolete help tab in Settings -> Writing. [31743] #26794
    • update _limit_url(), use esc_url_raw(). [31737] #31373
    • Filter and select the content on the PHP side. Then pass only the needed data to JS. [31693] #31373
    • Add preview functionality. Opens the preview in a new window or a tab next to the source tab. [31654] #31458


    • EXIF/IPTC captions should populate Caption (post_excerpt) on upload, not Description (post_content). [31694] #22768
    • Introduce a function, wp_attachment_is( $type, $post = 0 ), to collapse the logic for determining whether an attachment is an image, audio, or video. [31645] [31670] #25275



    External Libraries


    • Plugin details: Ensure banner image doesn’t repeat. [31719] #30773



    • Return the original value when filtering theme mods/options and the current blog has changed. [31707] #31428
    • Prevent a race condition when attempting to publish too soon after updating widget form fields with multiple edits. [31706] #31501
    • Fix previewing and applying widgets when previewing another theme. [31705] #31484
    • Introduce WP_Customize_Media_Control, a new base class for all Customizer media controls. [31698] #29215
    • Add loading indicators for the Customizer preview. [31697] #31196
    • Add audio/video previews for upload controls. [31661] #30850


    • Improved customizability for the Submit button in comment_form(). [31699] #15015
    • Comments: Show more identifying information for moderation and editing. [31641] [31695] #23988


    • Screen Options: Improve items per page option label. Add a default label “Number of items per page:” to WP_Screen->render_per_page_options() and remove all the existing one-word labels. [31696] #31349, #15576
    • Theme Details: Hide admin toolbar on smaller screens. [31702] #31381
    • Star ratings: Use a yellow color across the board. Keying these to color schemes originally turned out to be weird. [31747] #31424
    • Remove single-use URL parameters and create canonical link based on new URL. [31736] #23367
    • Allow swiping of the admin menu on touch devices. [31720] #31187
    • Restore <title> tag on Posts and Pages screens after [31696]. [31709] #31349
    • Replace flagrant instances of .html(”) with .empty(). [31690] #27034
    • Nav menus: Return to calling links “Custom Links”. [31748] #31344

    Networks and Sites

    • Introduce delete_site meta capability. [31673] #30470
    • Return HTTP status code 403 in network admin when access is forbidden. [31658] #31422
    • Return HTTP status code 500 by default in ms_not_installed() [31657] #30002



    • Improve experience when deleting users from a multisite network. [31656] #18132

    Bundled Theme

    • Twenty Fifteen: add ARIA attributes to menu toggle. [31644] #31527

    Thanks to @adamsilverstein, @afercia, @azaozz, @batmoo, @beaulebens, @bendoh, @boonebgorges, @celloexpressions, @codix, @coffee2code, @craig-ralston, @dd32, @doublesharp, @DrewAPicture, @elliottcarlson, @ericlewis, @Fab1en, @HarishChaudhari, @helen, @hugobaeta, @iandunn, @Idealien, @iseulde, @jeremyfelt, @jesin, @jipmoors, @joen, @johnbillion, @jorbin, @kraftbj, @lancewillett, @LeoPeo, @mattheu, @mattheu, @MattyRob, @Michael-Arestad, @MikeHansenMe, @miqrogroove, @morganestes, @morpheu5, @mkaz, @nacin, @netweb, @ninnypants, @nofearinc, @obenland, @ocean90, @OriginalEXE, @pavelevap, @pbearne, @pento, @peterwilsoncc @podpirate, @rachelbaker, @rodrigosprimo, @scott.gonzalez, @seanchayes, @senff, @SergeyBiryukov, @SergeyBiryukov, @stephdau, @stevenkword, @swissspidy, @thaicloud, @thomaswm, @tyxla, @valendesigns, @westonruter, @wonderboymusic, and @yo-l1982 for their contributions!

  • Morgan Estes 1:37 pm on March 6, 2015 Permalink
    Tags: ,   

    WordPress Core Weekly 

    Howdy, and welcome to this week’s installment of WordPress Core Weekly – covering February 26, 2015 [31545] through March 4, 2015 [31620].

    If you want to write the next WordPress Core Weekly summary, check out the schedule over at make/docs and get in touch in the #core-weekly-update Slack channel.

    Let’s start with a warm welcome to our new Component Maintainers, who play an important role in the development process.

    Build/Test Tools: @voldemortensen
    Comments: @rachelbaker
    Editor – Press This: @Michael-Arestad, @stephdau
    General: @SergeyBiryukov
    I18N: @SergeyBiryukov
    Options, Meta APIs: @MikeHansenMe
    Themes – Customize: @voldemortensen
    Users: @justinsainton

    These maintainers are vital to keeping WordPress development running as smoothly as possible. They triage new tickets, look after existing ones, spearhead or mentor tasks, pitch new ideas, curate roadmaps, and provide feedback to other contributors.

    Dev Chat Notes

    This week’s Dev Chat was a lively one, with updates on the Customizer and Press This (with an emphasis on accessibility, hooray!), Shiny Updates (needs helping hands, see the todo list), Emoji (not just for smiles), and Accessibility (revisiting the age-old a vs button question).

    If you missed the meeting, or need a reminder of what was discussed, take a few minutes to read the transcripts.

    A couple of reminders: we’re a week away from Beta 1, and Daylight Saving Time is coming so make sure to check the time of next week’s Dev Chat so you won’t miss it!

    Tickets needing a look:

    • #5305: permalinks broken when article name is numeric
    • #31349: Screen options posts/pages/etc. per page label
    • #17817: do_action/apply_filters/etc. recursion on same filter kills underlying call
    • #29820: Smooth installation and updating of plugins and themes

    Code Updates

    It’s been a busy week with lots of commits, so let’s get into the ticket overview:


    • Allow inline editing of width and height parameters while previewing an embed in the media modal. [31620] #31139
    • Media modules: set $ to Backbone.$, instead of jQuery, so fewer globals are imported. [31618] #28510
    • When viewing media in List mode, auto-submit the form for attachment filters when the value of a <select> changes. This makes it behave similar to Grid mode and “feels” more performant, even though it is a full page load. [31582] #30333
    • Allow attachments to be detached from their parent in media grid and list modes. [31619] #6820
    • In the Insert From URL state of the Post frame, add the necessary CSS for focus styles for images. [31585] #28820
    • Build: Let RTLCSS handle swapping the codes for right/left arrows from Dashicons. [31579] #31478
    • Support GIMP files in the Media Library. We already support Photoshop files. [31578] #31146
    • In the ->multi_resize() method of the WP_Image_Editor subclasses, when looping through potential crops, we need to make sure the crop isn’t the exact same dimensions as the original image before copying it as a new crop. [31576] #31296
    • Make a new function, wp_delete_file(). Use it. [31575] #17864
    • Improve get_media_embedded_in_content() so that it returns the media it finds in the same order that it appears in the content. [31574] #26675
    • Customize Widgets: Don’t return undefined items in getWidgetFormControls method. [31570] #31465
    • CSS: Move relevant #sidemenu rules into deprecated-media.css and remove the cruft. [31564] #27956
    • Persist search terms across grid/list modes. [31562] #30583


    • Respect comment_date and comment_date_gmt params in wp_new_comment(). [31615] #14279
    • In get_next_comments_link(), ensure proper pagination when no ‘cpage’ query var is found. [31617] #20319
    • wp_insert_comment() should be checking and setting $compacted, not the non-existent $post_data. [31553] #21212



    • decode HTML entities before trying to insert view markers. [31612] #31412
    • introduce getText() and remove() methods, improved getInstance(), better docs. [31559] #31412
    • Better structure; simpler “view” registration; better extensibility; better inline documentation; don’t show a placeholder for pasted link until we know the link is “embeddable’. [31546] #31412
    • Remove the (obsolete) get/setViewText methods. Update stopping/pausing of multiple ME media players. [31548] #31412



    • Autocomplete: Update CSS based on both jQuery UI and general visual changes. [31611] #31427
    • Add wp.a11y.speak() for audible alerts/updates in screen readers. [31594] #31368
    • Remove the once-placeholder-esque “tag hint”, which has not worked in quite some time. [31607] #31485
    • When sanitizing a URL to redirect to, UTF-8 characters can be URL encoded, instead of being removed. [31587] #31486
    • Introduce get_object_terms filter in wp_get_object_terms(). [31581] #18828
    • In get_avatar_data() and get_avatar(), allow height and width to be specified separately (both default to size). Also allow arbitrary attributes on the <img> via the extra_attr arg. [31561] #31469
    • Permalinks: In wp_get_attachment_url(), convert to HTTPS when possible. [31614] #15928

    Posts, Post Types

    • List tables: Display front and posts page indicators. [31610] #30190
    • Hide irrelevant UI and display a message when editing the page for posts. [31550] #17470

    Press This

    • Add missing access modifiers to WP_Press_This. [31552] #31456
    • Add press-this.css to the list of stylesheets that are minified and to list of RTL styles. [31547][31572] #31373
    • Make sure buttons.css is loaded before press-this.css. [31597] #31373
    • Use correct URL for update bookmarklet link. [31556] #31461
    • Go back to loading the minified bookmarklet content with file_get_contents(). Add Grunt task to minify bookmarklet.js on precommit and update it in /src. [31545] #31373
    • Improve handling of the data, both from the bookmarklet and from server-side parsing. [31609] #31373
    • Remove unneeded passing of post formats strings to JS. Set the currently selected post format name with jQuery. [31589] #31373

    [31601] #31493

    • Remove classes from suggested HTML for the editor.
    • Improve the filter, pass an associative array as param.
    • Use <em> instead of <cite>.

    [31595] #31373

    • Simplify getSuggestedContent() and helpers. No need to override the global data.
    • Replace the press_this_source_string and press_this_source_link filters with press_this_suggested_html that allows filtering of the link and the wrapper HTML tags.

    [31588] #31373

    • Backwards compatibility enhancements.
    • Add missing actions for printing styles/scripts.
    • Since $hook_suffix is null, hardcode press-this.php.
    • Restore body classes, add filter.
    • Use wp_json_encode().
    • Update docs for filters in script-loader.php.


    • TinyMCE: set ‘directionality’ and add the LTR button when in RTL. [31580] #31474
    • RTL improvements: [31577] #31478, #31474
    • Fix and update buttons styles. [31598] #31498
    • When there is a protocol mismatch (http vs. https), use server-side media detection instead of submitting a form as it triggers “Unsafe data” warning in some browsers. [31584] #31468
    • Fix selecting a post format (radio buttons) with the keyboard. [31583] #31440
    • Accessibility enhancements [31566] #31449
    • Enable scrollbars in Firefox, remove overflow-x: hidden from the html element. [31565] #31455
    • Fix notices/errors classes. [31549] #31456


    • Fix a typo in the $args parameter hash notation description for add_settings_field(). [31593] #28975
    • Nav menus: Better JS performance on initial load of edit screen. [31604] #25698
    • Themes: Avoid jumping when selecting a feature in the feature filter on Add Themes screen. [31603] #31497

    External Libraries


    • Settings API: Allow passing a class to add_settings_field() via the $args array. [31560] #30168, #28975

    Build/Test Tools

    • RTL CSS generation: Switch from CSSJanus to RTLCSS. [31573] #31332
    • Run unit tests on Travis CI with PHP nightlies. With PHP7 in active development, this will help us identify issues there. [31558] #31454
    • Update grunt-patch-wordpress to 0.3.0. [31557] #31466

    Thanks to @abhishekfdd, @afercia, @alexkingorg, @atimmer, @azaozz, @boonebgorges, @couturefreak, @doublesharp, @DrewAPicture, @floriansimeth, @GrahamArmfield, @HarishChaudhari, @helen, @ipm-frommen, @iseulde, @joemcgill, @jorbin, @kopepasah, @kraftbj, @Michael-Arestad, @MikeHansenMe, @miqrogroove, @MomDad, @morganestes, @nacin, @ocean90, @kadamwhite, @oso96_2000, @pento, @postpostmodern, @rodrigosprimo, @scribu, @SergeyBiryukov, @sevenspark, @solarissmoke, @stephdau, @swissspidy, @valendesigns, @welcher, @westonruter, and @wonderboymusic for their contributions!

  • Drew Jaynes 12:00 pm on February 25, 2015 Permalink
    Tags: ,   

    Dev Chat Agenda, February 25, 2015 

    Here’s the agenda for Wednesday’s Dev Chat in the #core channel on Slack.

    Time/Date: February 25 2015 21:00 UTC:

    1. Feature Plugins – The Customizer Theme Switcher and Press This were merged into core on Tuesday. Please test and create new tickets for any issues you find
    2. Component Updates
      1. Accessibility – @afercia
      2. Mobile – @ryan
      3. Components – All the news that is news with @nacin
    3. Enhancements Deadline Reminder – Beta 1 is 2 1/2 weeks away. Need to start wrapping up enhancements.
    4. Open Floor – Looking for dev feedback on a ticket? Use this part of the meeting to let us know
compose new post
next post/next comment
previous post/previous comment
show/hide comments
go to top
go to login
show/hide help
shift + esc
Skip to toolbar