The WordPress coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. development team builds WordPress! Follow this site forย general updates, status reports, and the occasional code debate. Thereโs lots of ways to contribute:
Found a bugbugA bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority.?Create a ticket in the bug tracker.
After discussion with several coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. committers and WordPress leads, the title and the contents of the text were changed to clarify that this is a proposal and not a decision set in stone.
Yoda conditions (or Yoda notation) is the programming style where the parts of an expression in the condition are reversed from the โtypicalโ order.
In a large part of the world, the natural reading order is left to right (LTR). This is what most programming languages adhere to. That means the variable assignments or echo/print statements are written with the variable first:
$post_type = 'post';
echo $post_type;
With the same idea in mind, conditions can also be written left to right, like:
The idea behind it is that writing the value on the left side of the condition will prevent accidentally assigning the value to the variable since assignments canโt be made to values.
While seemingly helpful at first glance, the obvious problem with them is the decreased readability of code, especially for people with reading disabilities such as dyslexia.
How we got here
When the handbook rule about Yoda conditions was introduced there was barely any static analysis tooling available in the PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher world. The only โfoolproofโ way to prevent accidental assignment in conditions was to invert the order of the value being checked and the variable.
Automated checking for assignments in conditions via PHP_CodeSniffer (PHPCSPHP Code SnifferPHP Code Sniffer, a popular tool for analyzing code quality. The WordPress Coding Standards rely on PHPCS.), the underlying tooling for WPCSWordPress Community SupportA public benefit corporation and a subsidiary of the WordPress Foundation, established in 2016., became available in 2017. Moreover, the current sniffsniffA module for PHP Code Sniffer that analyzes code for a specific problem. Multiple stiffs are combined to create a PHPCS standard. The term is named because it detects code smells, similar to how a dog would "sniff" out food. enforcing Yoda condition in the WPCS doesnโt protect against accidental assignments in conditions.
Today there is tooling in place that can help with identifying assignments in conditions, making the Yoda rules obsolete.
Keep in mind that strict comparisons (===) are already strongly encouraged and a part of the WordPress-Core ruleset (warning), making accidental assignments even less likely.
A thorough analysis was made by Lucas Bustamante in the WPCS ticketticketCreated for both bug reports and feature development on the bug tracker. on the impact this could have on the plugins in the WordPress directory. The analysis showed that Yoda conditions are used in 18.02% of the plugins, so the majority of pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party developers are using non-Yoda conditions.
What to do next?
The discussion in the WPCS ticket is long and opinionated, but comes down to these points:
Disallow Yoda condition
Drop the handbook rule that requires Yoda conditions and instead explicitly disallow using them.
Remove Yoda condition as a requirement
Discourage, but donโt disallow Yoda conditions. Just donโt report if the code is or is not using Yoda conditions. The rule would also be dropped from the handbook.
In both cases, assignments in conditions will still be checked for and forbidden.
Impact on the Core code
Disallowing Yoda conditions for WordPress Core would mean that all existing patches on open tickets for Core would need to be revisited and fixed accordingly, which could burden the contributors.
Running the same analysis as Lucas did for plugins, over the WordPress Core, there were 5427 Yoda conditions, and 312 non-Yoda conditions.
Luckily, these are violations that can be automatically fixed using phpcbf tool, but care should be taken to check if all the violations were correctly fixed.
If Yoda conditions are discouraged (option 2), and the existing Yoda conditions in the Core code remain, that would mean less work for the Core contributorsCore ContributorsCore contributors are those who have worked on a release of WordPress, by creating the functions or finding and patching bugs. These contributions are done through Trac. https://core.trac.wordpress.org., but also would add lots of inconsistencies in the Core code (mixed Yoda and non-Yoda conditions).
Next steps
The chosen way forward is to remove the Yoda condition as a requirement (remove it from the handbook) but not disallow it for the time being.
For WPCS, that would mean the removal of the Yoda conditions requirement (and sniff) in WPCS 3.0, with a notice that non-Yoda conditions will start to be required in WPCS 4.0 version.
Work is currently actively ongoing to prepare for the WPCS 3.0.0 release. There will be a minimum of six months between the 3.0.0 and the 4.0.0 release to allow time for Core and other projects to adjust.
Once WPCS 4.0.0 version is released, a one-time-only auto-fix of all the remaining Yoda conditions in Core will be made, and any patches to the Core which go in after that will have to use non-Yoda.
How to enforce the non-Yoda conditions in your code
If you are a WordPress plugin or theme developer, and youโd like to enforce non-Yoda conditions in your code, you can use the Generic.ControlStructures.DisallowYodaConditions sniff. In your phpcs.xml.dist file you should add the following sniff:
<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Example Project" xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/squizlabs/PHP_CodeSniffer/master/phpcs.xsd">
<!-- Your custom rules. -->
<!-- Disallow Yoda conditions in your codebase. -->
<rule ref="Generic.ControlStructures.DisallowYodaConditions"/>
</ruleset>
If you want to change the Yoda conditions to non-Yoda conditions, use the phpcbf tool (part of PHPCS) with the Slevomat coding standards. Specifically, the SlevomatCodingStandard.ControlStructures.DisallowYodaComparison sniff that has the fixer for the Yoda conditions.
A long-standing goal of the WordPress project is to be compatible with new versions of PHP on their release day. The next major version of PHP (version 8.0) is currently scheduled for release on November 26, 2020. WordPress Core contributorsCore ContributorsCore contributors are those who have worked on a release of WordPress, by creating the functions or finding and patching bugs. These contributions are done through Trac. https://core.trac.wordpress.org. are working to ensure PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher 8.0 is supported in the next major version of WordPress (version 5.6), which is currently scheduled to be released on December 8, 2020.
PHP 8.0 has been in the making for some time and brings a lot of exciting features. But because PHP 8.0 is a major version release, it also includes some backward incompatible changes. Because of this, a great deal of both manual and automated testing is needed in order to ensure the WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. codebase is ready for PHP 8.0.
Even though WordPress 5.6 will add support for PHP 8.0, no changes will be made to the minimum required version of PHP at this time. Any changes made to provide support for PHP 8.0 will be done in a way that maintains backward compatibility for all versions of PHP supported by WordPress (currently to PHP 5.6.20).
Your help is needed to test WordPress on PHP 8.0! While contributors are working on addressing incompatibilities that can be identified by looking at the PHP release notes and upgrade guides, some issues will need to be found through manually testing.
Timeline for testing
Since changes for PHP 8.0 compatibility may be extensive, November 17, 2020 (the current planned date for 5.6 RCrelease candidateOne of the final stages in the version release cycle, this version signals the potential to be a final release to the public. Also see alpha (beta). 1) should be seen as the cut off date for the change to be included in WordPress 5.6. To ensure that changes receive proper testing, patches and pull requests should be submitted as soon as possible.
How to test WordPress on PHP 8.0
There are a few ways that you can test WordPress on PHP 8.0. Some more experienced developers may prefer to install PHP 8.0 manually on their own. But below are instructions for what is likely the quickest and easiest way for most contributors to get set up with PHP 8.
Local WordPress Core Docker environment
The WordPress development repository includes the tools needed to easily spin up a local Docker environment for developing WordPress. Hereโs how to get started using this method.
Edit the .env file in the clone to change LOCAL_PHP=latest to LOCAL_PHP=8.0-fpm (or run export LOCAL_PHP=8.0-fpm in the command line window you are using). If you like to test locally using the build directory, also change LOCAL_DIR to build (or run export LOCAL_DIR=build).
Install NPM dependencies by running npm install.
Build WordPress using npm run build:dev (or npm run build if you prefer to test locally using the build directory)
Start the Docker environment by running npm run env:start.
Install WordPress in the Docker container by running npm run env:install.
You will then be able to access the site at localhost:8889 in your browser. As new development versions of PHP 8 are released (rc2, rc3, etc.), the containers will be updated. To ensure you are running the latest version of the PHP 8 container, you can run npm run env:pull. It is recommended that you do this before starting the container anytime you are testing WordPress on PHP 8.
More information on the local Docker setup for developing WordPress can be found in the initial Make Core blog post.
Ways to test
Use WordPress to test default Core functionality.
Write new unit tests that confirm specific PHP 8.0 features or breaking changes work (or donโt) as expected.
Write new tests for areas of the codebase that does not have sufficient test coverage.
Test your favorite plugins and themes for issues.
Reporting issues
If you discover something that you believe to be a PHP 8 compatibility issue, please create a bugbugA bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. report on the WordPress Core instance of Trac. Because this is an ongoing effort, itโs possible an issue you have found is already being tracked, is currently being worked on, or has already been fixed. To avoid duplicate reports, please look through pre-existing tickets. The best way to do this is by looking at tickets with the php8 keyword.
Please be sure to provide as many details as you can when creating a ticketticketCreated for both bug reports and feature development on the bug tracker. and provide steps that are as specific as possible so that other contributors can quickly and easily reproduce the problem.
Give feedback, write a patchpatchA special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing., or test a patch!
Inform others that help is needed to test WordPress on PHP 8.0.
To ensure changes receive the necessary testing, itโs best to fix PHP 8.0 compatibility issues as early as possible during the WordPress development schedule. The 5.6 RC1 date (November 17th, 2020) should be considered the final cut off for changes. If additional critical PHP 8.0 issues are found during the RC period, they should receive tickets and patches and will be evaluated on a case by case basis. But, they will not be guaranteed to make the 5.6 release (usually, only regressions are addressed during the RC period).ย
While most people here will probably mostly know me as a (PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher) developer, I actually have a background in business studies, so when Matt Mullenweg reached out to me to continue the conversation about WordPress dropping support for older PHP versions in an in-person call, I decided to put my business acumen to use and see if I could come up with a proposal which would make sense from a business point of view for all parties involved, be it the amazing contributors to the WordPress project, the web hosts, the pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party and theme builders, the web agencies and the users who often run their business via their WordPress website.
In short, Iโm proposing a fixed schedule in which every PHP version is supported for five years. Additionally each WordPress release will receive security updates for four years. In effect, this means that users, at a stretch, would be able to run on one specific PHP version for nine years.
A fixed schedule will make this whole process transparent and will allow all parties to plan for the version drops accordingly.
With Mattโs blessing, Iโm posting this proposal here on Make to gauge the reactions of the wider community to my idea.
Please feel very invited to leave a comment whether you agree with the proposal or not. Mentioning what your involvement is with WordPress and how this proposal will impact you in a positive or negative way, would be very valuable input for further discussions on this.
Chicken vs egg
The situation we are currently in, is basically one of โWhich came first, the chicken or the egg ?โ.
WordPress doesnโt drop support for older PHP versions until enough users have moved over to newer PHP versions and a significant enough share of the WP users donโt upgrade their PHP version until they really have to because WordPress drops support for the version.
This is circular logic, which as most developers know, never ends well as you end up in an infinite loopLoopThe Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop. where, in the end, neither moves forward.
So who are these users who donโt upgrade ?
Well, while we canโt know for sure, if we look at the figures, we can see some patterns:
Take note of the fact that the percentage of users on WP 5.1 who didnโt upgrade yet is relatively small and only part of that can be attributed to the PHP < 5.6 version drop in WP 5.2.
So letโs look at some likely personas for users who donโt upgrade:
We have the โzombieโ persona, sites which are still online, but are not actively updated anymore. These can be, for instance, sites which were linked to a specific event or other date-related topic which are still online for historical reasons, aggregate sites which automatically re-post from other sites without adminadmin(and super admin) involvement, or spam sites etc.
We have the โoverwhelmedโ persona, who blatantly ignores all admin notices. We all know why and how this happens. The multitude of notices in the admin area once a site has a few plugins and a theme installed trained this user to ignore them.
Then there is the โlaid-backโ persona, who has seen the notices, but doesnโt feel any urgency until they canโt update their site anymore.
And lastly, the โbusinessโ persona, often with a custom theme and a number of custom build plugins whoโd rather move the costs of upgrading those to the next accounting year.
As for the user who feels out of their depth โ amazing work has been done by the #site-health team to help those out. For those users, I like to use the car analogy:
A website is something users will generally use regularly and expect to โjust workโ. So letโs make the comparison with something else a lot of people use regularly and expect to โjust workโ.
Say a car. Similar to WP, when one gets themselves a car, you need to familiarize yourself a little with how it works (interface/admin), but then it just runs. You put in petrol regularly (WP updates) to keep it running. Then once in a while, it needs a proper service. Now you have a choice: either you learn how to service a car yourself (read the site health materials and follow them up) or you go to a garage (hire a specialist) to do it for you. And if you really donโt want to be bothered with all that, you lease a car instead (managed WP hosting solution).
Along the same lines: if you ignore the warning lights in a car (site health admin notices), you canโt pretend to be surprised that at some point it will break down (gets hackedhacked/canโt upgrade anymore). If was your responsibility as a user to act on them after all.
But Juliette, get to the point: how do you think we can get out of this situation ?
Ok, so here goes: I propose a fixed (rolling) schedule for dropping support for older PHP versions.
A fixed schedule means that such version bumps become predictable and with them becoming predictable, they become manageable and plannable.
These last two qualities are extremely important as all parties involved will know well in advance what they need to do and when it should be ready.
The current uncertainty over what WordPress will do leads to inaction, as we saw with two of the example personas, and we can counter that with becoming predictable and reliable with regards to the PHP version bumps.
So I propose that, as of now, we start dropping support for the PHP minor which is more than five years old each December, or if there is no release in December, in the WordPress release which is being worked on at that time.
That would currently look something like this, with the numbers at the top being the version of the WordPress release that December and the numbers at the bottom being the new minimum supported PHP version.
Keep in mind that, per the currently proposed schedule, the new minimum supported PHP version would always already be a version which is no longer actively supported by the PHP project, nor does it have security support anymore at the time it becomes the new minimum supported version for WordPress.
For example, PHP 7.1 was released in December 2016. Active support for PHP 7.1 stopped beginning of December 2018 and security support stopped on December 1, 2019. And based on the current proposal WordPress would still support it until December 2021.
But all those users on old WordPress versionsโฆ
Well, WordPress has always had a very liberal policy for backporting security fixes, so as part of this proposal, Iโd like to suggest that the WordPress project makes a hard commitment to continuing to backportbackportA port is when code from one branch (or trunk) is merged into another branch or trunk. Some changes in WordPress point releases are the result of backporting code from trunk to the release branch. security fixes for WordPress versions up to four years back.
What that would come down to in practice, is that if a user would always want to use the latest and greatest version of WordPress with the minimum of effort, they would need to ensure their PHP version is updated once every five years.
And if they donโt mind lagging behind a little in their WordPress version, they could even get away with only updating their PHP version once every nine years and still have their website running on a secure version of WordPress.
Now how does that sound ? Is that a liberal enough policy ?
Note: security fixes are currently back-ported as far back as WordPress 3.7. With this proposal, the minimum version of WordPress still receiving security fixes would not longer be a fixed version, but would change to a rolling number.
But what about the users currently on old WordPress versions ?
To solidify the commitment to making this as transparent as possible for the users, I propose we backport the PHP admin notice from the site-health project to the older, still currently security supported, WordPress versions, so that those users will be informed when they log in to their website.
Alongside of that we could ramp up the site-health notices based on this fixed schedule of version drops and committed security fix support.
Soโฆ what do you think ? I eagerly await the reactions of you all!
As part of an ongoing effort to improve compatibility across all supported versions of PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher (currently 5.6.20โ7.4), several tooling additions and improvements have been made during the 5.5 cycle.
A large handful of changes were made to address the findings from these tools. Below are some that you need to be aware of.
Automated PHP compatibility scanning
During the WordPress 5.3 cycle, a new job was added to Coreโs Travis-CI builds to scan for potential PHP compatibility issues using the PHPCompatibilityWP PHPCS ruleset (see #46152). However, because the scan was reporting a large number of potential issues, it was placed in the allowed_failures list until each issue could be inspected and addressed.
During the 5.5 cycle, each potential issue was examined individually and either fixed, or manually marked as a false-positive.
As of [48046], the job performing a PHP compatibility scan has been removed from the allowed_failures list. ๐
Now that this scan is not allowed to produce errors or warnings, potential PHP incompatibilities can be flagged and inspected immediately after being committed, ensuring they are never released to the world in WordPress.
In the future when the versions of PHP supported by WordPress change (in either direction), the configuration file can easily be adjusted to detect potential problems within the new range of supported versions.
For more information, see the related ticketticketCreated for both bug reports and feature development on the bug tracker. on TracTracAn open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. (#49922).
Deprecated: wp_unregister_GLOBALS()
The register_globals directive in PHP was deprecated in version 5.3 and removed entirely in 5.4. Because the first line of the function calls ini_get() (which returns false if the directive is not recognized), this function will always return early making it unnecessary.
The wp_unregister_GLOBALS() function is deprecated as of WordPress 5.5.
For more information, see the related ticket on Trac (#49938).
Deprecated: $HTTP_RAW_POST_DATA
The $HTTP_RAW_POST_DATA global variable was deprecated in PHP 5.6.0 and removed completely in PHP 7.0.0. Because of this, developers should not be relying the presence or accuracy of this variable. However, a search of the plugin directory for this variable still yields ~1,500 results. Although some of these matches are flagging $HTTP_RAW_POST_DATA within comments or in compatibility shims, developers should audit their code to remove this variable whenever possible.
Because PHP 5.6 is still supported and this variable is present in a large number of plugins, it will not be completely removed in WordPress 5.5. However, it will be removed from CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. when the supported versions of PHP is changed to PHP >= 7.0.
The following is the recommended replacement:
$var = file_get_contents( 'php://input' );
A few occurrences of this variable that did not affect the outcome of the code have been removed in 5.5. However, there are 2 instances that will remain because they were deemed particularly risky to remove before communicating the bad practice to the community.
For more information, refer to the related ticket on Trac (#49810).
Spread operator usage in the IXR library
In WordPress 5.3, the PHP spreadoperator was introduced throughout the code base. There are several benefits to utilizing the spread operator in addition to code modernization:
โUsing the spread operator allowed for simplifying the code and improves performance โ both in speed as well as memory use -, especially as it has been introduced in a number of functions which are used a multitude of times during everysingle pageloadโฆโ
The IXR library bundled with Core (now treated as an โadoptedโ library) powers XML-RPC related functionality in WordPress.
All func_get_args() calls within the IXR libraryโs code have now been updated to utilize the spread operator.
For more information, refer to the Trac ticket (#48267), the WP 5.3: Introducing the spread operatordev notedev noteEach important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include a description of the change, the decision that led to this change, and a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase., or the Trac ticket that originally introduced the spread operator to Core (#47678).
Composer is a tool for dependency management in PHP. When project dependencies are specified, it will manage installing and updating those dependencies for you appropriately.
As of [47881], PHPUnit is now defined as a dev requirement in WordPress Coreโs composer.json file.
Running composer install will determine the appropriate version of PHPUnit to install based on the PHP version Composer runs on.
For more information, refer to the Trac ticket (#46815).
Other Build/Test Tool improvements
Plugins and themes within src are now ignored when running Core linting locally. This will prevent coding standards violations from being flagged when developing locally using src instead of build (see #49781).
Previously, when the lint:php job ran on Travis-CI, the code was formatted using PHPCBF prior to linting. Since running composer format returns an error when changes are made, the linting part would not execute and a report would not be generated. Core will no longer run the formatting command prior to linting the code base for issues (see #49722).
The WordPress Coding StandardsWordPress Coding StandardsThe Accessibility, PHP, JavaScript, CSS, HTML, etc. coding standards as published in the WordPress Coding Standards Handbook.
May also refer to The collection of PHP_CodeSniffer rules (sniffs) used to format and validate PHP code developed for WordPress according to the PHP coding standards. ruleset has been updated from version 2.1.1 to 2.3.0. For a full list of changes included in this update, read rulesetโs release notes (see #50258).
The recommended version of PHP specified in the readme.html file has been changed from 7.3 to 7.4. This brings the recommendation in line with the recommendations found on WordPress.org (see #50480)
Until May last year, contributions to WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. were bound to PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher 5.2 syntax and most plugins and themes stuck to the PHP 5.2 minimum requirement as well.
However, with the change to PHP 5.6 as the minimum PHP version for WordPress Core, new PHP features have become available for use in WP Core and with the outlook of a minimum version of PHP 7.x in the (near) future, even more interesting language features will soon become available for use in WordPress Core, plugins and themes.
With that in mind, weโd like to define coding standards for a number of these constructs and propose to implement automated checking for these in the WordPress Coding StandardsWordPress Coding StandardsThe Accessibility, PHP, JavaScript, CSS, HTML, etc. coding standards as published in the WordPress Coding Standards Handbook.
May also refer to The collection of PHP_CodeSniffer rules (sniffs) used to format and validate PHP code developed for WordPress according to the PHP coding standards. tooling in the near future.
While it may still be a while before some of these features will actually be adopted for use in WordPress Core, defining the coding standards in advance will allow for a consistent code base when they do get adopted and will allow for plugins and themes, which are not necessarily bound to the PHP 5.6 minimum, to safeguard their code consistency when they start using more modern PHP already.
To be honest, none of these proposals are terribly exciting and some may not even seem worth mentioning. Most follow either prior art in WordPress Core or industry standards for the same, but in the spirit of openness, weโd like to verify our take on these before implementing them.
The PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher native JSONJSONJSON, or JavaScript Object Notation, is a minimal, readable format for structuring data. It is used primarily to transmit data between a server and web application, as an alternative to XML. extension has been bundled and compiled with PHP by default since 5.2.0 (2006). However, a significant number of PHP installs did not include it. In order to ensure a consistent experience for JSON related functionality in all supported versions of PHP, WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. has historically included a large number of workarounds, functions, and polyfills.
In WordPress 5.2, the minimum version of PHP supported was raised from 5.2.6 to 5.6.20. In the 8 year period since the last attempt was made to encourage use of the PHP native JSON extension, the number of distributions with this extension disabled has significantly decreased.
Because of this, the PHP native JSON extension is now required to run WordPress 5.3 and higher.
To prevent compatibility issues, a site that does not have the PHP native JSON extension enabled will see an error message when attempting to upgrade to WordPress 5.3. The update will be cancelled and the site will remain on the current version (see [46455]). This is to prevent potential compatibility issues on servers running custom PHP configurations.
Hereโs a summary of what has changed.
Deprecated
The following functions and classes will remain in the code base, but will trigger a deprecated warning when used (see [46205]):
The Services_JSON and Services_JSON_Error classes and all methods
The wp-includes/class-json.php file
The (private) _wp_json_prepare_data() function
Removed
The following functions, and classes have been removed entirely from the code base (see the [46208] changeset):
json_encode() function polyfill
json_decode() function polyfill
_json_decode_object_helper() function polyfill
json_last_error_msg() polyfill
JsonSerializable interface polyfill
$wp_json global variable
JSON_PRETTY_PRINT constant polyfill
JSON_ERROR_NONE constant polyfill
Unchanged
The wp_json_encode() function will remain with no intention to deprecate it at this time. This function includes an extra sanity check for JSON encoding data and should still be used as the preferred way to encode data into JSON.
For more information about these changes, check out #47699 on TracTracAn open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. and the relevant changesets ([46205], [46206], [46208], [46377], and [46455]).
In WordPress 5.3, the PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher 5.6 spreadoperator has been introduced to WordPress in a number of places.
Using the spread operator allowed for simplifying the code and improves performance โ both in speed as well as memory use -, especially as it has been introduced in a number of functions which are used a multitude of times during everysingle pageload, such as current_user_can() and add_query_arg().
Most plugins and themes should see no impact of these patches, other than the improved performance.
However, if your pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party/theme is one of the limited number of plugins and themes which extends one of the below listed classes and overloads any of the listed methods, you will need to take action.
What to do if your plugin/theme is affected
In nearly all cases, WP 5.3 has added anew parameter to the function signature using the spread operator. This allows for an easy transition as you can adjust the function signature of the method overloading it to do the same. You may also want to adjust the code within the overloaded method to get the same performance benefits as the parent method.
See the relevant patches linked below for the full details of the change to each method and for inspiration.
Adding the extra argument will allow your plugin/theme to be compatible with both WP 5.3 and older WP versions, though it does raise the minimum PHP requirement for your plugin/theme to PHP 5.6. Make sure you annotate this in the readme.txt!
In only one case โ wpdb::prepare() -, WP 5.3 has changed an existing parameter. In the exceptional situation that you would be overloading that method, you will need to make a choice whether you want to continue supporting older WP versions or to set the minimum WP version to WP 5.3. If you set the minimum WP version to WP 5.3, you need to change the function signature of the overloading method to match the new function signature in WP 5.3 and you may also want to simplify some code in your method too. If you want to continue to support older WP versions, you will need two versions of the class overload and an if/else toggle to load the correct one depending on the WP version being used. Note: this really only applies to overloaded wpdb::prepare() methods. There is no need to do this if you overload any of the other affected methods.
What will break if I donโt make the change to my plugin/theme
Nothing. The world will keep turning as it did before.
You may get some complaints from end-users that they are seeing PHP warnings about a mismatched function signature in their PHP error logs, but other than that, all should still work as before.
This is not to say that you shouldnโt update your plugins/themesโฆ You should. It is just that if you donโt have time to do it right away, you donโt need to worry that your plugin/theme will be bringing sites down.
While reading these changes, itโs important to keep in mind that they only apply to WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress.: you can (and should) choose practices that best suits your development style for your own plugins and themes. The coding standards are intentionally opinionated, and will always lean towards readability and accessibilityAccessibilityAccessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both โdirect accessโ (i.e. unassisted) and โindirect accessโ meaning compatibility with a personโs assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility) over being able to use every possible language feature.
Closures (Anonymous Functions)
There was quite a lot of discussion around this proposal, particularly with regards to allowing closures as hook callbacks. Thank you everyone for your input, and for keeping disagreements respectful. ๐
We do need a decision, however, and there were several key points that led to this:
Itโs currently difficult to remove closures as hook callbacks. #46635 has several interesting proposals to address this in an entirely backward compatible manner.
While WordPress Core should strive to allow any callback to be unhooked, plugins have no such restriction.
The WordPress JavaScriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userโs browser. https://www.javascript.com/. Coding Standards allow for closures to be used, we should be aiming to bring the PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher standards in line with that.
The broader PHP world has embraced closures for many years, and have found ways to use them responsibly. We shouldnโt ignore PHP usage outside of WordPress.
With these points in mind, a conservative, but practical step is to allow closures as function callbacks, but not as hook callbacks in Core. Ultimately, we should be able to allow any sort of complex callback to be attached to hooksHooksIn WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same., but the Core APIs arenโt quite ready for it yet.
Coding Standards Change
Where appropriate, closures may be used as an alternative to creating new functions to pass as callbacks.
Closures must not be passed as filterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. or action callbacks, as they cannot be removed by remove_action() / remove_filter() (see #46635 for a proposal to address this).
Short Array Syntax
A little less controversial, but still with varying opinions, was the proposal to require short array syntax ( [ 1, 2, 3 ] ) instead of long array syntax ( array( 1, 2, 3 ) ) for declaring arrays.
While Iโm personally partial to short array syntax, there were two particularly convincing arguments for using long array syntax:
Itโs easier to distinguish from other forms of braces, particularly for those with vision difficulties.
Itโs much more descriptive for beginners.
So, this change to the coding standards is the opposite of what was originally proposed, but is ultimately the more inclusive option.
Coding Standards Change
Arrays must be declared using long array syntax in WordPress Core.
Short Ternary Operator
The original proposal was to allow the short ternary operator, but this change reverses that. Thereโs a good argument that it looks too much like the null coalesce operator, especially as they perform different functions.
Itโs not possible to reduce this line with the short ternary operator, but it can be trivially reduced with the null coalesce operator:
$height = $data['height'] ?? 0;
The vast majority of other ternary operators in Core (which donโt have an isset() test) look something like this:
$class = $thumb ? ' class="has-media-icon"' : '';
This also canโt be reduced using the short ternary operator.
As the null coalesce operator is a useful addition (which weโll be able to use once the minimum PHP version bumps to 7+), whereas the short ternary operator can only be used in a handful of cases in Core, itโs better to avoid the potential confusion, and not use the short ternary operator.
Coding Standards Change
The short ternary operator must not be used.
Assignments Within Conditionals
Particularly when there are multiple conditions, it can be quite difficult to spot assignments occurring in a conditional. This arguably falls under the Clever Code guidelines, but hasnโt been formalised.
I got a little ahead of myself with this one, and have already removed all assignments in conditionals from Core. Adding this change to the standard formalises the practice.
With the minimum PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher version increasing to 5.6 as of WordPress 5.2, nowโs a good time to be reviewing the WordPress Coding StandardsWordPress Coding StandardsThe Accessibility, PHP, JavaScript, CSS, HTML, etc. coding standards as published in the WordPress Coding Standards Handbook.
May also refer to The collection of PHP_CodeSniffer rules (sniffs) used to format and validate PHP code developed for WordPress according to the PHP coding standards..
Here is a set of changes that Iโd like to propose.
Anonymous Functions (Closures)
Anonymous functions are a useful way to keep short logic blocks inline with a related function call. For example, this preg_replace_callback() call could be written like so:
This improves the readability of the codebase, as the developer doesnโt need to jump around the file to see whatโs happening.
Coding Standards Proposal
Where the developer feels is appropriate, anonymous functions may be used as an alternative to creating new functions to pass as callbacks.
Anonymous functions must not be passed as filterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. or action callbacks in WordPress CoreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress., as they cannot be removed by remove_action() / remove_filter() (see #46635 for a proposal to address this). Outside of Core, developers may pass anonymous functions as filter or action callbacks at their own discretion.
Namespaces
Namespaces are a neat way to encapsulate functionality, and are a common feature in modern PHP development practices. As weโve discovered in the past, however, introducing namespaces to the WordPress codebase is a difficult problem, which will require careful architecture and implementation.
Side note: thereโs currently no timeline for introducing namespaces to WordPress Core, expressions of interest are welcome. ๐
Coding Standards Proposal
At this time, namespaces must not be used in WordPress Core.
Short Array Syntax
Rather than declaring arrays using the array( 1, 2, 3 ) syntax, they can now be shortened to [ 1, 2, 3 ]. This matches how arrays are declared in the WordPress JavaScriptJavaScriptJavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a userโs browser. https://www.javascript.com/. Coding Standards.
To allow for plugins and themes that support older versions of WordPress, Iโd like to propose that WordPress Core switches to short array syntax immediately, but plugins and themes may choose which they use. A future iteration would make short array syntax a requirement.
Coding Standards Proposal
Arrays must be declared using short array syntax in WordPress Core. Arrays may be declared using short array syntax outside of Core.
Short Ternary Syntax
A fairly common pattern when setting a variableโs value looks something like this:
$a = $b ? $b : $c;
The short ternary syntax allows this to be shortened, like so:
$a = $b ?: $c;
Itโs important to note that this is different to the null coalesce operator, which was added in PHP 7. If $b is undefined, the short ternary syntax will emit a notice.
Coding Standards Proposal
Short ternary syntax may be used where appropriate.
Assignments within conditionals
While this isnโt directly related to the PHP version bump, Iโd like to propose disallowing assignments within conditionals. Particularly when there are multiple conditions, it can be quite difficult to spot assignments occurring in a conditional. This arguably falls under the Clever Code guidelines, but hasnโt been formalised.
Any other new features available in PHP 5.6 can be used, though we should continue to carefully consider their value and (in the case of newer PHP modules) availability on all hosts.
How do you feel about these changes? Are there other changes related to PHP 5.6 that youโd like to suggest?
This recap is a summary of our previous PHPPHPThe web scripting language in which WordPress is primarily architected. WordPress requires PHP 7.4 or higher meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.
The meeting focused on the individual pieces that are left to complete so that the most essential Servehappy parts can become part of the WordPress 5.1 release (planned schedule has first BetaBetaA pre-release of software that is given out to a large group of users to trial under real conditions. Beta versions have gone through alpha testing in-house and are generally fairly close in look, feel and function to the final product; however, design changes often occur as part of the process. set at January 10th).
For the fatal error recovery mechanism (see #44458 or GitHub PR for development) the following steps are needed:
Add support for recovering errors by the theme by pausing it. It was determined before that the adminadmin(and super admin) can work without an active theme, so implementation of this should be straightforward based on the existing code that already handles this for plugins.
In addition to displaying a note in the frontend when an error occurs (customizable via a php-error.php drop in), an email with the same message should be sent to the admin email address.
@schlessera will take care of implementing these two remaining tasks.
The multisitemultisiteUsed to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site team will furthermore have an additional look at the existing implementation of multisite support.
Instead of having the content coming from the editor, it should be hardcoded and displayed via a template so that translationtranslationThe process (or result) of changing text, words, and display formatting to support another language. Also see localization, internationalization. of the content is more streamlined and can happen via GlotPress. Furthermore it makes it a quicker process to add visual assets to the page later. @flixos90 is taking care of this.
For the actual notice in coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. itself, a few tweaks need to be added.
The version numbers need to be updated for WordPress 5.1.
The link URLURLA specific web address of a website or web page on the Internet, such as a websiteโs URL www.wordpress.org to the page needs to be updated to account for the slug change.
The link URL needs to be customizable via both an environment variable (to be set by hosting providers) and a filterFilterFilters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. (for later adjustments in the codebase).
In the Servehappy APIAPIAn API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. endpoint, the recommended PHP version should be set to 7.3, and the lowest acceptable version should be set to 5.6 to account for the future version bump. On any version below that, WordPress users will see a warning. Furthermore the information on official PHP version support needs to be updated as both PHP 5.6 and 7.0 are no longer support (or will be in very few days). This update has as of now been committed already as well.
During the work on the MetaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. changes in the aftermath of the meeting, it came up that adjusting version numbers exposed by wordpress.org should become a more straightforward process that can happen in a central location. This part is not crucial to have prior to WordPress 5.1, but is a minor tweak to make maintenance simpler in the future.
Still left is enhancing the page content with visual assets. It was agreed that these should not contain any language-dependent text. Among the suggestions were:
a diagram of how the server hardware, PHP, and WordPress relate to each other
a timeline of PHP version history
None of the attendees felt capable or had availability to work on such visual assets. If you can help with this over the next couple weeks, please let us know in the comments or the #core-php channel on SlackSlackSlack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..
Due to the holidays in many parts of the world, the meetings in the next two weeks are cancelled. Finishing the features for WordPress 5.1 is a high priority though, and communication should continue asynchronously as needed. The next official meeting will take place only a few days before the intended 5.1 Beta release, so at that point everything should preferably be good to be merged.
You must be logged in to post a comment.