The WordPress core development team builds WordPress! Follow this site for general updates, status reports, and the occasional code debate. There’s lots of ways to contribute:
WordPress 4.9.7 is now available. This maintenance and security release fixes 17 bugs.
Download WordPress 4.9.7 or visit Dashboard → Updates and click “Update Now”. Sites that support automatic background updates are already beginning to update automatically.
Thank you to everyone who contributed to WordPress 4.9.7:
1naveengiri, Aaron Jorbin, abdullahramzan, alejandroxlopez, Andrew Ozz, Arun, Birgir Erlendsson (birgire), BjornW, Boone Gorges, Brandon Kraft, Chetan Prajapati, David Herrera, Felix Arntz, Gareth, Ian Dunn, ibelanger, John Blackbourn, Jonathan Desrosiers, Joy, khaihong, lbenicio, Leander Iversen, mermel, metalandcoffee, Migrated to @jeffpaul, palmiak, Sergey Biryukov, skoldin, Subrata Sarkar, Towhidul Islam, warmlaundry, and YuriV.
WordPress versions 4.9.6 and earlier are affected by a file deletion issue where a user with the capability to edit and delete media files could potentially manipulate media metadata to attempt to delete files outside the uploads directory.
Thank you to Slavco for reporting the original issue and Matt Barry for reporting related issues.
Other highlights of 4.9.7 include:
You can see the full list of changes in Trac.
The previously scheduled 4.9.7 is now referred to as 4.9.8, and will follow the release schedule posted yesterday.
As we’re now into the full throes of the 4.8 cycle, the uncertainty that comes with not releasing “until it’s ready” inevitably creates a lull in areas other than the three focuses. Areas like maintaining our inline documentation, which populates the official Code Reference.
In the past, the freshness of core’s inline documentation relied almost entirely on a regular, major release schedule. And due to a preference for keeping the number of changed files low, inclusion of docs fixes in minor releases has previously been a rare occurrence.
Until now.
I’ve spoken with @matt, and the decision has been made to go ahead and prioritize some inline docs fixes for inclusion in minor releases going forward.
As with any decision, there are certainly pros and cons. Here are some of them:
Pros:
Cons:
It’s worth noting that the reason the number of changed files has traditionally been kept low is to reduce the number of automatic update failures. The hope is that since we’ve been pushing automatic updates for 10 major versions now, reliability is less of a factor now than it has been previously.
It’s also worth noting that we shouldn’t expect a downtick in activity for core team resources focused on the three areas following this decision. As always, inline docs contributors will be focused on major release priorities before minor release ones.
This decision simply maintains the inline docs team’s ability to ensure the usefulness of core’s source documentation for the thousands of users and developers who rely on it every day.
