4.7.4 Release Candidate

After about six weeks of development, a Release Candidate for WordPress 4.7.4 is now available. This maintenance release fixes 46 issues reported against 4.7 and is scheduled for final release on Thursday, April 20, 2017.

Thus far WordPress 4.7 has been downloaded nearly 60 million times since its release on December 6, 2016. Please help us by testing this release candidate to ensure 4.7.4 fixes the reported issues and doesn’t introduce any new ones.

Notable Bug Fixes

There are a few more notable issues being addressed in this release. The first one is about broken video/audio thumbnails when uploading media (#40075). Additionally, an incompatibility between the upcoming Chrome version and the visual editor (#40305) has been solved by updating TinyMCE. Furthermore, the REST API saw some enhancements in relation to date handling (#39854, #40136).

All Changes

Here’s a list of all closed tickets, sorted by component:

Administration

  • #39983 – Consider to don’t use the CSS class button-link for controls that don’t look like links
  • #40056 – Shift-click to select a range of checkboxes isn’t working anymore since 4.7.3 update

Bootstrap/Load

  • #39445 – Add class_exists() check before defining the PasswordHash class

Build/Test Tools

  • #38500 – Automatically cancel pending Travis builds with each commit
  • #39219 – Add assertNotFalse method to WP_UnitTestCase.
  • #39367 – Don’t no-op $user_id in test suite’s wp_set_auth_cookie()
  • #39988 – The theme used during tests should call wp_head() and wp_footer()
  • #40066 – Remove the twentysixteen git clone from the Travis config
  • #40086 – Get Travis tests working again on PHP 7

Bundled Theme

  • #40216 – Twenty Seventeen: Some parts do not escape html attributes
  • #40224 – Twenty Seventeen: navigation.js should be enqueued with jQuery as dependency
  • #40264 – Twenty Seventeen: Incorrect heading hierarchy for front page sections
  • #40461 – Twenty Seventeen: Bump version and update changelog

Customize

  • #31850 – Customizer links should use canonical admin URL
  • #37471 – Widgets: If your theme only has one widget area, we should open it automatically
  • #38953 – Customize Menus: clicking outside of the available menu items panel does not close the panel
  • #39430 – sections and panels that are open and become inactive should be closed
  • #39770 – Client-side notification error is unexpectedly cleared when no corresponding server-side validation
  • #40010 – Template for site icon control fails to check if full image size exists before using
  • #40018 – Selective refresh always falls back to full refreshes when customizing the 404 template
  • #40112 – Can’t preview starter content “Home” menu item in subdirectory installation
  • #40198 – all previewable links are blocked in the customize preview on IE11
  • #40271 – Use get_user_locale() in Customizer
  • #40277 – Adding page created with the dropdown-pages settings to menu creates Custom Link instead of Page
  • #40308 – Video header control fails to use is_header_video_active() for active_callback
  • #40405 – IE9 errors when attempting to generate changeset parameter

Login and Registration

  • #39497 – Can’t log out completely without closing my browser

Media

  • #31071 – media / post_mime_type related queries are very slow on larger sites
  • #40017 – wp_get_image_mime() returns ‘application/octet-stream’ for non-image files.
  • #40075 – Broken video/audio thumbnails because of corrupted blob meta data
  • #40085 – Audio/video uploads are broken in 4.2.13 and 4.3.9
  • #40152 – Crop Image button off-screen on mobile

Networks and Sites

  • #40036 – Re-save Network Settings ruin starter content
  • #40063 – Handle site cache invalidation more specifically for option updates

Posts, Post Types

  • #39986 – Register missing REST API properties on WP_Post_Type

Quick/Bulk Edit

  • #40242 – Bulk edit tag autocomplete layout error

REST API

  • #39854 – Add gmt_offset to base /wp-json response
  • #39881WP_REST_Posts_Controller::check_read_permission() should check if $parent exists before calling itself
  • #40027 – Tags and Categories should have a “slugs” parameter for batch fetching
  • #40136 – Issues with dates and DST
  • #40213 – Users endpoint slug parameter should allow an array of slugs

Taxonomy

  • #39987 – Register missing REST API properties on WP_Taxonomy
  • #40154 – Incorrectly formatted $taxonomies parameter passed to wp_get_object_terms filter
  • #40306 – Term cache isn’t cleared completely when setting and removing object terms

Themes

  • #38292 – Introduce exclusion for WP_Theme::scandir()

TinyMCE

  • #40305 – Image popup toolbar does not support Chrome Beta

Download the Release Candidate now and help us test!

#4-7, #4-7-4, #maintenance, #release

4.7.1 Release Candidate

A Release Candidate for WordPress 4.7.1 is now available. This security and maintenance release fixes 62 issues reported against 4.7 and is scheduled for final release on Wednesday, January 11, 2017. Note this does not address a number of other issues, which are slated for a 4.7.2 release.

Thus far WordPress 4.7 has been downloaded over 9 million times since its release on December 6, 2016. Please help us by testing this release candidate to ensure 4.7.1 fixes the reported issues and doesn’t introduce any new ones. As always, the entire WordPress project is grateful to security reporters for practicing responsible disclosure.

PHPMailer Update

Last month a security vulnerability (CVE 20016-10033) in the PHPMailer library was made public. WordPress uses this library as the basis for its email functionality. The Security Team has spent some time analysing this vulnerability, and how it applies to WordPress. This vulnerability does not appear to be directly exploitable in WordPress Core, or any major plugins in the plugin directory. The wp_mail() function, which WordPress Core and most plugins use for sending email, blocks this vulnerability from being exploited.

All Changes

Here’s a list of all closed tickets, sorted by component:

Bootstrap/Load

  • #39132 – WP 4.7, object-cache.php breaks the site if APC is not enabled in php

Build/Test Tools

  • #39327 – Database connection errors in unit tests on 4.7

Bundled Theme

  • #39138 – wordpress 4.7 default theme does not get installed when upgrading
  • #39272 – Twenty Seventeen: Incorrect $content_width
  • #39302 – Twenty Seventeen: Featured image not displayed on single template
  • #39335 – Twenty Seventeen: customize-controls.js incorrectly assumes theme_options section is always present
  • #39109 – Twenty Seventeen: starter content array needs a filter
  • #39489 – Twenty Seventeen: Bump version and update changelog

Charset

  • #37982 – 4.6.1 Breaks apostrophes in titles and utf-8 characters

Comments

  • #39280 – comment permalink wrong in WordPress 4.7
  • #39380 – wp_update_comment can cause database error with new filter

Customize

  • #39009 – Customizer: the preview UI language should be the user language
  • #39098 – Customize: Clicking on child elements of preview links fails to abort navigation to non-previewable links
  • #39100 – Customize: Edit shortcuts do not work if page hasn’t been saved and published
  • #39101 – Customize: edit shortcuts for custom menu widgets do not work
  • #39102 – Customize: Shift-click on placeholder nav menu items fails to focus on the nav menu item control
  • #39103 – Customize: menus aren’t deleted
  • #39104 – Customize: starter content home menu item needs to be a link, not a page
  • #39125 – Customize: Video Header YouTube field has issues when whitespace is inserted at beginning or end of URL
  • #39134 – Customize: custom CSS textarea is scrolled to top when pressing tab
  • #39145 – custom-background URL escaped
  • #39175 – Customizer assumes url is passed with replaceState and pushState
  • #39194 – Invalid parameters in Custom CSS and Changeset queries
  • #39198 – Customize: Apostrophes in custom CSS cause false positives for validation errors
  • #39227 – Changeset parameter not generated
  • #39259 – ‘custom_css_post_id’ theme mod of `-1` doesn’t prevent queries
  • #39270 – Use a higher priority on wp_head for inline custom CSS
  • #39349 – Customizer (mobile preview) site title extra padding
  • #39444 – Text Decoration Underline removes on hover in Customizer

Editor

  • #39276 – Link Editor bug – target=”_blank” not removed
  • #39313 – Add New button not disappearing in Distraction-free Writing mode
  • #39368 – .page-template-default body class in editor doesn’t appear in initial post/page load.

External Libraries

  • #37210 – Update PHPMailer to 5.2.21

Feeds

  • #39066 – `fetch_feed()` changes REST API response `Content-Type`
  • #39141 – RSS feeds have incorrect lastBuildDate when using alternate languages

General

  • #39148 – Correct concatenated dynamic hooks
  • #39433 – Update copyright year in license.txt

HTTP API

  • #37839 – wp_remote_get sometimes mutilates the response body
  • #37991 – fsockopen logic bug
  • #37992 – fsockopen hard codes port 443 when http scheme used
  • #38070 – RegEx to remove double slashes affects query strings as well.
  • #38226 – “cURL error 23: Failed writing body” when updating plugins or themes
  • #38232 – Setting `sslverify` to false still validates the hostname

Media

  • #39195 – Undefined index: extension in class-wp-image-editor-imagick.php on line 152
  • #39231 – Allow the pdf fallback_intermediate_image_sizes filter to process add_image_size() sizes.
  • #39250 – Undefinded Variable in Media-Modal

Posts, Post Types

  • #39211 – is_page_template could return true on terms

REST API

  • #38700 – REST API: Cannot send an empty or no-op comment update
  • #38977 – REST API: `password` is incorrectly included in arguments to get a media item
  • #39010 – REST API: Treat null and other falsy values like `false` in ‘rest_allow_anonymous_comments’
  • #39042 – REST API: Allow sanitization_callback to be set to null to bypass `rest_parse_request_arg()`
  • #39070 – WP-API JS client can’t use getCategories for models returned by collections
  • #39092 – REST API: Add support for filename search in media endpoint
  • #39150 – Empty JSON Payload Causes rest_invalid_json
  • #39293 – WordPress REST API warnings
  • #39300 – REST API Terms Controller Dynamic Filter Bug
  • #39314 – WP-API Backbone Client: buildModelGetter fails to reject deferred on fetch error

Taxonomy

  • #39215 – Support for string $args in wp_get_object_terms() broken in 4.7
  • #39328 – Adding terms without AJAX strips “taxonomy” query arg

Themes

  • #39246 – Theme deletion has a JS error that prevents multiple themes from being deleted.

Upgrade/Install

  • #39047 – Installer tries to create nonce before options table exists
  • #39057 – FTP credentials form doesn’t display the SSH2 fields on the Updates screen

 

#4-7, #4-7-1, #maintenance, #release, #security

4.5.1 Release Candidate

A Release Candidate for WordPress 4.5.1 is now available. This maintenance release fixes 11 issues reported against 4.5 and is scheduled for final release next Tuesday, April 26.

Thus far WordPress 4.5 has been downloaded nearly 5 million times since its release on April 12. Please help us by testing this release candidate to ensure 4.5.1 fixes the reported issues and doesn’t introduce any new ones.

Notable Bug Fixes

As noted in the previous post about 4.5.1, there are  two more severe bugs fixed in this release:

  • #36545 – WordPress TinyMCE toolbar/tabs unresponsive in Chrome Version 50.0.2661.75 beta-m (64-bit) and
  • #36510 – Twenty eleven page templates with widgets incorrectly styled.

All Changes

Only a few components received changes. Here’s a list of all closed tickets, sorted by component:

Build/Test Tools

  • #36498 Shrinkwrap npm dependencies for 4.5

Bundled Theme

  • #36510 Twenty eleven page templates with widgets incorrectly styled

Customize

  • #36457 Customizer Device Preview: Use px units for tablet preview size

Database

  • #36629 Database connect functions can cause un-catchable warnings

Editor

  • #36458 Fix support for Safari + VoiceOver when editing inline links

Emoji

  • #36604 Emoji skin tone support test incorrectly passing in Chrome

Feeds

  • #36620 Feeds using an rss-http content type are now served as application/octet-stream

Media

  • #36501 Fatal error: Undefined class constant 'ALPHACHANNEL_UNDEFINED'
  • #36578 wp_ajax_send_attachment_to_editor() bug
  • #36621 Don’t cache the results of wp_mkdir_p() in a persistent cache

Rewrite Rules

  • #36506 Duplicate directives in web.config after WordPress 4.5 installation on Windows

TinyMCE

  • #36545 WordPress TinyMCE toolbar/tabs unresponsive in Chrome Version 50.0.2661.75 beta-m (64-bit)

Update: We’ve released 4.5.1-RC2, which includes the fix for #36629.

#4-5-1, #maintenance, #release

4.4.2 Release Candidate

A Release Candidate for WordPress 4.4.2 is now available. This maintenance release is scheduled for tomorrow, Tuesday, February 2, but first it needs your testing. This release fixes 17 issues reported against 4.4 and 4.4.1.

WordPress 4.4 has thus far been downloaded over 20 million times since it’s release on December 8. Please test this release candidate to ensure 4.4.2 fixes the reported issues and doesn’t introduce any new ones.

Contributors

Thank you to the following 11 contributors to 4.4.2:

afercia, berengerzyla, boonebgorges, chandrapatel, chriscct7, dd32, firebird75, ivankristianto, jmdodd, ocean90, salvoaranzulla

Fixes

A total of 17 fixes are included in this RC (trac log). Notable fixes include:

  • #35344 – Strange pagination issue on front page after 4.4.1 update.This was a very visible issue for certain users with specific settings. While remnants of this issue still exist (see #35689), the bulk of it has been fixed and is ready for testing.
  • Comments – A total of 6 issues were fixed within the Comments component.
    • #35419 – Incorrect comment pagination when comment threading is turned off
    • #35402 – per_page parameter no longer works in wp_list_comments
    • #35378 – Incorrect comment ordering when comment threading is turned off
    • #35192 – Comments_clauses filter (issue)
    • #35478 – 4.4 Regression on Querying for Comments by Multiple Post Fields
    • #35356 – wp_list_comments ignores $comments parameter

Download & Test

We need your help to ensure there are no issues with the fixes in 4.4.2. Please download the RC and test!

#4-4, #4-4-2, #maintenance, #release

4.4.1 Release Candidate

A Release Candidate for WordPress 4.4.1 is now available. This maintenance release is scheduled for Wednesday, January 6, but first it needs your testing. This release fixes 52 issues reported against 4.4.

WordPress 4.4 has thus far been downloaded over 7 million times since it’s release on December 8. Please test this release candidate to ensure 4.4.1 fixes the reported issues and doesn’t introduce any new ones.

Contributors

A total of 36 contributors have contributed to 4.4.1:

Compute, DvanKooten, JPr, KrissieV, SergeyBiryukov, ShinichiN, aaroncampbell, afercia, azaozz, boonebgorges, dd32, dossy, eherman24, gblsm, hnle, igmoweb, jadpm, jeff@pyebrook.com, joemcgill, johnbillion, jorbin, meitar, nacin, netweb, obenland, ocean90, pento, peterwilsoncc, redsweater, rmccue, rogerhub, salcode, smerriman, scottbrownconsulting, stephenharris, swissspidy, tharsheblows, tyxla, voldemortensen, webaware, wonderboymusic, wp-architect

Notable Bug Fixes

Two severe bugs have been fixed. In some cases, users with an out of date version of OpenSSL being used by PHP were unable to use the HTTP API to communicate with to communicate with some https sites. Additionally, posts that reused a slug (or a part of a slug) would be redirected.
The polyfill for emoji support has been updated to support Unicode 8.0. This means that diversity emoji, and other new emoji like 🌮 and 🏒 are fully supported. 

All Changes

Most components have received at least one change. This is a list of all tickets closed, sorted by component.
Continue reading

#4-4, #4-4-1, #maintenance, #release

Weekly Bug Scrubs

During the latest dev chat we’ve decided to schedule a weekly bug scrub in IRC for the next few weeks each Friday at 11AM Eastern/16:00 UTC, for two hours. Please join us if you’d like to participate in reviewing the patches currently slated for 3.6.

#3-6, #bug-scrub, #maintenance

Ticket Scrub

We’ll have a patch clearing session in IRC on Friday, February 8 at 11AM Eastern/16:00 UTC, for two hours. Let’s aim to go through the commit candidates and resolve some of the other tickets currently slated for 3.6.

#3-6, #bug-scrub, #maintenance

WordPress 3.6: Code Maintenance and Architecture

Like with any release, much more is going on during the 3.6 cycle than just the user-facing items on our agenda. We’d like to hit the following code maintenance and architecture items as well. If your interested or have thoughts, speak up or jump on the tickets! Some of these really should happen early, and they’re pretty much all going to need unit tests.

Use PDO for MySQL queries

#21663 — The mysql_* functions in PHP are deprecated, so to get ready for future versions of PHP, we need to start routing queries alternatively for installs that support it.

Caching and Misc DB Tasks

No ticket for this? — Use magic methods to cleanup blogid and siteid in wpdb. These should fetch the canonical versions elsewhere. Also, support blog_id and site_id for consistency.

#23167 and #23173 — Make our object caching more intelligent. One query per cache key. Stored IDs instead of objects where possible.

#22174 and #20875 — Introduce and use wp_cache_get_multi(). Maybe. A bonus, if there’s time.

#21760 — get_term_by() calls are not cached.

#21401 — Load packaged object cache when advanced-cache.php and object-cache.php don’t implement wp_cache_init().

#22661 — Allow object caches to degrade gracefully.

Slashing Sanity

#21767 — Remove stripslashes from API functions.

#18322 — The Road to Magic Quotes Sanity.

#22325 — Abstract GPCS away from the superglobals (maybe not, depending on #21767).

#22023 — Remove UNIQUE for slug in wp_terms. Prep for future taxonomy architecture changes.

Misc Performance

#22301 — Performance problem with Recent Comments widget.

Earlier Discussion

IRC Logs from discussion of some of these items.

#3-6, #maintenance

WordPress org will be undergoing some maintenance starting…

WordPress.org will be undergoing some maintenance starting Wednesday, October 24, at 11AM Eastern (1500 UTC), which will result in intermittent downtime (physical servers are being moved) over the course of a few hours. (This post originally said Tuesday, October 23, because I wasn’t paying attention to what I was typing.)

Ideally, api.wordpress.org and the wordpress.org website (including this blog) will not go down, but access to all Trac installs and SVN repositories will be interrupted at some point. The goal is for error messages to be shown.

I will update this post once the migration is complete.

#maintenance