WordCamp.org “office hours” on Dec 19th, 2019

Let’s try this “office hours” format again! Next week, we’ll have an open hour for anything WordCamp.org related. If you’ve got a ticket you’re working on, or a problem you need help with, drop in during this time 🙂

This will happen on 2019-12-19 18:00 UTC in the #meta-wordcamp channel.

Comment below if there’s a specific ticket or topic you’d like to discuss.

+make.wordpress.org/community

Block Directory plugin guidelines

As mentioned in this week’s metaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. meeting, the draft guidelines for plugins submitted to the BlockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. Directory are available for discussion:

https://github.com/WordPress/wporg-plugin-guidelines/pull/68

Your feedback and suggestions are welcome.

As a general update on the Block Directory status:

  • Blocks can be submitted to the directory using the regular plugin submission form. Make it clear that it’s a block in your description and/or correspondence with the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party review team, and we’ll include it in the Block Directory.
  • The Block Directory has a small number of block plugins already available. We’d love to add more, so please submit your plugins or let us know about any existing plugins that meet the guidelines.
  • If you’re running GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ as a plugin, you can install block plugins directly from the editor by enabling the Block Directory experimental flag:

WordCamp.org “office hour” on Nov 21st, 2019

We’re trying something a little different this month– instead of a formal ticket scrub, we’ll just have an open hour for anything WordCamp.org related. If you’ve got a ticket you’re working on, or a problem you need help with, drop in during this time 🙂

This will happen on 2019-11-21 18:00 UTC in the #meta-wordcamp channel.

Comment below if there’s a specific ticket or topic you’d like to discuss.

+make.wordpress.org/community

Edit: This post was published with the title “developer office hour”, but the chat is open to everyone, so it was renamed.

X-post: Slack channel for communicating across language variant teams

X-comment from +make.wordpress.org/polyglots: Comment on Slack channel for communicating across language variant teams

X-post: Update: Contributor Orientation Tool

X-comment from +make.wordpress.org/community: Comment on Update: Contributor Orientation Tool

Security review of authentication tokens

For the Five for the Future project, I ended up writing some custom code for authentication tokens which are stateful, have (cryptographically secure) random values, and can only be used once.

Those tokens will be used by companies to manage their pledges, so if an attacker was able to obtain a token, they’d be able to change a company’s name, logo, description, etc to something inappropriate, remove contributors from the pledge, and deactivate the pledge entirely.

The reasons why authentication tokens were chosen is documented in the commit, and additional background is available in issue #34 and PR #46.

Does anyone have any thoughts on the code, think there are any missing test cases, or see any other problems? If you think there’s an active vulnerability, please pingPing The act of sending a very small amount of data to an end point. Ping is used in computer science to illicit a response from a target server to test it’s connection. Ping is also a term used by Slack users to @ someone or send them a direct message (DM). Users might say something along the lines of “Ping me when the meeting starts.” me privately or report it via HackerOne.

Next WordCamp.org ticket scrub on October 17th, 2019

This ticket scrub will happen on 2019-10-17 17:00 UTC in the #meta-wordcamp channel.

The focus is on MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. tickets with the WordCamp Site & Plugins component.

Comment below if there’s a specific ticket or topic you’d like to discuss.

+make.wordpress.org/community

X-post: Component Maintainers in 5.3

X-comment from +make.wordpress.org/core: Comment on Component Maintainers in 5.3

Feature and maintenance update for WordCamp.org: July 16 – August 23 2019 edition

Here is a list of WordCamp.org feature developments and maintenance work that has been accomplished since the last update.

  • Shipped WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. blocks for all sites!
  • Refactored our client for the Meetup.com APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. to authenticate with OAuth 2.0 and use exclusively version 3 endpoints, just ahead of the platform’s hasty deprecation of API keys and v2 endpoints.
  • Made progress on an additional WordCamp Schedule blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience..
  • Made progress on improvements to WordCamp’s PWA pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party.
  • Reviewed/committed community contribution to fix a bug in the Attendees shortcode.
  • Fixed a problem that was preventing new sites from connecting to Jetpack.
  • Improved our ability to respond quickly to plugin security updates by making upgrade notices visible on production server, and setting up Composer dependencies.

#wordcamp

+make.wordpress.org/community

Next WordCamp.org ticket scrub on August 22nd, 2019

Oops! The ticket scrub scheduled for August 15th did not occur, so we’re trying again next week. This time the ticket scrub will happen on 2019-08-22 17:00 UTC in the #meta-wordcamp channel.

The focus is on MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. tickets with the WordCamp Site & Plugins component.

Comment below if there’s a specific ticket or topic you’d like to discuss.

#wordcamp

+make.wordpress.org/community