Thu, 23 Mar 2017 01:39:19 +0000
On this episode, Marcus Couch and I are joined by Alex Denning, Fred Meyer, and David Hayes of WPShout to discuss their WordPress Development course, Up and Running Second Edition. We learn why the trio created the course and who it’s geared towards.
Later in the show, we have a great conversation surrounding the REST API and its potential impacts on WordPress. Near the end of the interview, we get their thoughts on the state of WordPress education.
WP Multisite User Sync lets you Sync/unsync users from one site (blog) to other sites (blogs) in a WordPress Multisite network.
WooCommerce Live Checkout Field Capture plugin saves all activity in the WooCommerce checkout form before it is submitted. This enables you to see who has abandoned their shopping carts with the ability to contact them and remind about the abandoned cart.
After Comment Redirector lets you redirect to a custom page after commenting for all or new commentators. This is a handy way to say thank you to your most engaging readers. You can also give out a coupon, special e-book, or secret content when someone leaves a comment.
Next Episode: Wednesday, March 29th 3:00 P.M. Eastern
Subscribe To WPWeekly Via Itunes: Click here to subscribe
Subscribe To WPWeekly Via RSS: Click here to subscribe
Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe
Listen To Episode #268:
Thu, 23 Mar 2017 00:53:46 +0000GoDaddy has announced that it has entered into an agreement to acquire Sucuri Security. Sucuri, founded by Daniel Cid and co-founded by Tony Perez in 2010, is a website security platform that helps clean and protect websites. Details of the deal were not disclosed. Like ManageWP, Sucuri will operate as a separate entity under the GoDaddy umbrella. Sucuri employees will transfer to GoDaddy while remaining under the leadership of Perez and Cid. Out of all the companies that Sucuri could have chosen to be acquired by, why GoDaddy? “Over the years we’ve seen them live up to their words to be a customer and product centric company,” Perez said. “As a product company it give us an opportunity to scale our product from a few hundred thousand domains, to millions. It’s something that we only ever dreamed of.” The acquisition comes a few weeks after SiteGround announced its partnership with Sucuri and renamed its site scanner SG Site Scanner. It’s too soon to determine how this acquisition will affect Sucuri’s partnerships with hosting companies. “I can’t speak for our partners, but I truly hope they will trust in us, Sucuri, and in me personally,” Perez said. “If we can work to deploy our technology for GoDaddy, at their scale, then I have nothing but confidence we can do this for every other partner out there. “GoDaddy made this investment because they believe in what we have built as a team at Sucuri, the product solves problems, that doesn’t go away and I hope all our customers and partners will give us time to prove this in our actions.” Both companies acknowledged that nothing changes for existing Sucuri customers and that they can expect to see numerous improvements in the near future. Perez and Cid see the acquisition as version 2.0 of the company. Aaron Campbell, WordPress Security Team Lead who is sponsored by GoDaddy to work on WordPress full-time, says the move should help make more sites secure. “GoDaddy is committed to offering great services to its clients,” Campbell said. “You know as well as I do that Sucuri is exactly that; we’ve seen them be quite an asset to the WordPress community over the years. “They’re going to remain a standalone product, but I’m excited to see them become part of the GoDaddy team to make some great stuff together. Keeping as many WordPress users secure as possible is obviously my goal and I really think this will help accomplish that.” Reactions to the news on Twitter have mostly been positive with many congratulating Sucuri and its founders. On the Advanced WordPress Facebook group, reactions to the news are a mix between congratulatory and fears of Sucuri’s service declining. These are among the same grievances and fears expressed by ManageWP customers when GoDaddy acquired it. ManageWP Customers Report No Noticeable Decline in Service Since being acquired, ManageWP has maintained and improved service levels while continuing to add features. Its most recent feature gives customers the opportunity to create backups, restore, and clone multisite websites. Bob Dunn, of BobWP, says the service has been stellar before and after the transition. “To be honest, their services were great before and still are,” Dunn said. “I don’t manage a ton of sites, but for my needs, it has been rock solid since I first became a customer.” Scott Buscemi, co-founder of Lumen Foundry, has had a similar experience. “In all honesty, I haven’t noticed much of anything since they were acquired – and that’s a ‘win’ in my opinion,” Buscemi said. “I’ve seen them push out a pleasant list of bug fixes and features that don’t affect me, so it’s great to still see active development on the primary system. GoDaddy has been working hard to get on the good side of developers and agency owners like me, so I can’t imagine they would go through the effort of the[...]
Wed, 22 Mar 2017 21:26:31 +0000
Contributor Day is a big part of WordCamp London. This year it was held on Friday 17th March at London Metropolitan University. 100 contributors descended on the venue each aiming to make WordPress better in some wonderful way.(image) Contributors at WordCamp London 2017. Photo by Pradeep Singh.
Attendees were asked to choose an area of interest. The options were Accessibility, BuddyPress, Community, Core, Design & Flow, Documentation, Polyglots, Support and Themes. 5 of the 100 contributors chose BuddyPress. 2 of the 5 were new to contributing in general but all had used, or had at least heard of, BuddyPress at some point.
After a quick refill of coffee the team convened and began discussing how to get the most from the next 8 hours. Due to a diverse range of skills available within the group, we were able to focus on documentation, coding and localisation.(image) BuddyPress contributors. Photo by Pradeep Singh.
As a team we managed to identify an issue related to colour contrast in the Twenty Seventeen theme. #7471 was opened and a patch was submitted. We were also able to translate all remaining strings into Italian.
The day was a huge success and all team members indicated they will contribute again going forward.
Wed, 22 Mar 2017 19:21:50 +0000
Foxhound made its debut on WordPress.org yesterday. The React-based theme is the first in the directory to use the REST API endpoints included in WordPress 4.7. Foxhound sports a tasteful blog design with single-page app functionality that loads posts instantly. Check out the live demo to see how fast the content loads.
The theme was designed and developed by Kelly Dwan and Mel Choyce, who have collaborated on several free themes hosted on WordPress.org. They recommend installing the WP-API Menus plugin, as the REST API does not yet support menus. After installing Foxhound, there are only two things required to make it look like the demo: Set the front page to display the latest posts and set up a menu. There are no additional customization settings.
Kelly Dwan notes on Foxhound’s GitHub repository that the theme should be considered “experimental” and users can expect a few restrictions:
Because Foxhound is so different from traditional WordPress themes, it could not go through the usual theme review process. Themes that require the WP REST API are currently reviewed outside of WordPress.org when a theme author pings the Theme Review team. They apply a “Special Case” tag that allows the theme to bypass Theme Check. (The tag is also used for other themes that break the rules in innovative ways.)
“We don’t have a lot to go on yet with those types of themes,” Key Reviewer Justin Tadlock said. “Foxhound was the first. We’re supposed to be looking over another soon. As more of these types of themes come in, we’ll be able to figure out ways of making it easier to submit them.”
Wed, 22 Mar 2017 12:00:33 +0000As a college guy, I believed in being different and outperforming the best of my lot. Coming from a modest family background, the realization of achievement dawned over me. I never favored being a 9 to 5 corporate professional and a having a ‘boss’ was simply not my cup of coffee. I was never interested in the classes held in the college because I was being more productive at the ‘reality’ front of the life. I envisioned getting involved in tasks that were strongest at the core. Where It All Started Computer technology was in its nascent state in India the time I started my tryst with web pages. I began with designing my own college’s alumni website while pursuing MCA at Banaras Hindu University, Varanasi. Eventually, I was assigned the task of the event websites too. I was happy because all this brought about a sense of power to me. Though not initially refine, my work still appealed to many and it also made me realize the power technology had. The Seed of Seriousness The very first seed of the idea of taking this up as a serious profession was sown by a friend who told me about how creating web pages and blogging could be a source of monetization. Google pages was my first shot as a techie, wherein I started with contributing content through blogs to several clients. Saw and Attempted I can still recollect the time I received my first pay cheque. Initially, I had tested all Content management systems and had started with Joomla and Drupal. With absolutely no knowledge about coding, I went forward to scale the web designing mountain. WordPress came and was well recognized as a blogging platform; suitable to what I worked on. I bumped into WordPress in 2009 and like many other users, utilized it for my blogging endeavors. Little did I know that someday it would be the answer to my ‘coding gap’. I remember working on a 6-month project for my MCA final where I took up WordPress as the core subject and in there I talked about custom plugins and themes. The teacher was happy to receive the unique project and awarded me good grades for my sense of initiation with new approach. That Leap of Faith Now, I knew how I had to take this WordPress awesomeness forward. With a little exposure to learning new technology, I was baffled for a while but had the will to scale this one too. 6 months, and I thoroughly decoded the WordPress codex for me. This was a giant step forward where my future lay in my own hands. Personally, I feel that WordPress does not constrict you to a certain limit or a line of functionalities. If you have a core foundation, you can toy with it and make awesome end results. WordPress was now my pillar of strength. WordPress successfully justified my choice of not joining the job placement drive at the college. The Break-Out Now was the time to materialize my skills and have a material turnaround for the work I was capable of doing. After a 4-month hunt for some serious web designing projects with not a single task at hand, disappointment gripped me. The lack of proper work infrastructure due to poor Internet connectivity and local electricity supply were some of the other reasons I had to plan withdrawing my resources from Varanasi. I could have fallen or would have made a leap; it was about to be my choice for the rest of my life. Hello to New Beginnings It was frustrating because Varanasi had been my abode for 7 good years and leaving the place was a huge decision to make. I mustered up my wits to start afresh by withdrawing my base from Varanasi and shifted to Lucknow, India in order to try out seeking new opportunities yet again. The work stars favored me and with the help of elance-oDesk (now, Upwork) and other freelancing platforms, I received many life-changing projects of my life. Things moved forward and with many clients in a row, another year went by. I collaborated with more people who were willing to join me on the platform – people who wanted to leave a mark; never to look b[...]
Wed, 22 Mar 2017 10:35:52 +0000
Jesse Petersen, a longtime member of the WordPress community and founder of Genesis The.me, needs our help. Petersen is battling Cystic Fibrosis and earlier this year after visiting a clinic, discovered that his lung function was at 22%.
Due to decrease lung function, Petersen missed five weeks of work, required home IVs, and visited many doctors. He is currently on a double-lung transplant list with a lung allocation score of 38.859.
According to the United Network for Organ Sharing, the LAS is a score used to prioritize waiting list candidates based on a combination of wait list urgency and post-transplant survival.
In order to maintain his health for a transplant, doctors have recommended that he work a maximum of two hours per day with quality rest.
His family has a small emergency fund available that they thought would allow Petersen to work up until his transplant surgery. However, there’s no estimated time frame for when a transplant will be available.
Outside of his product based business, Petersen is a work-from-home freelancer with contract work that needs to be completed. He and his wife have two adopted children. His wife volunteered to get another job to supplement their income but relatives rejected the idea as she is his primary support person.
Petersen has two products for sale on GenesisThe.me with two more ready for launch by the end of March.
His family is asking for $20K to help pay for expenses and allow Petersen to take an extended medical leave to focus on his health. So far, the campaign has raised $5,075 or about a quarter of the amount needed.
You can donate as much as you’re able to or choose from one of five predetermined amounts ranging from $25 to $1K. You can also choose to donate monthly in six month increments.
Petersen is no stranger to the WordPress community’s generosity. In 2016, it helped him raise nearly $20K to help pay for costs associated with adopting his second son. If you are able, please consider donating to Petersen’s medical leave fund.
Wed, 22 Mar 2017 01:18:28 +0000Adding images to sidebars in WordPress is a cumbersome task that requires users to upload an image to the Media Library, find the URL, copy it, and paste it into a Text widget along with additional HTML. Nearly two years ago, Mel Choyce opened a ticket on WordPress Trac proposing that a media widget be added to core. This widget would allow users to easily add images to sidebars. Throughout the discussion, the idea of creating a catch-all media widget was brought up that would allow users to add images, audio, or video to a sidebar. After developers spoke to Matt Mullenweg about the direction of the project, the team decided to create three separate widgets to handle each media type. Choyce outlined the benefits this approach provides: We can focus on creating more tailored experiences for each widget. We’ll be able to launch new widgets without having to worry about constantly updating one central widget, or potentially breaking anything. It’ll be easier for people to discover new media types since they won’t be buried within one widget. This will more closely mimic the approach we’re taking to content blocks in the future, which should provide an easier transition. Out of the three core widgets in development, the Image one is nearly complete ready for user testing. To test, first download and activate the Core Media Widgets plugin. Once activated, navigate to Appearance > Widgets in the WordPress backend and in the available widgets section, locate the Image widget. Core Image Widget UI Clicking the Select Image button displays the media library modal where you can either select or upload an image. Once an image is selected, click the Add to Widget button in the bottom-right corner. This is what the widget looks like after an image is added. Core Image Widget With an Image Here is what the widget looks like on a page using the Twenty Seventeen default theme. Core Image Widget in Action The core image widget is incredibly easy to set up and is a significant improvement over the Text widget approach. The user interface is much simpler compared to the image widget supplied by Jetpack. Jetpack’s image widget UI doesn’t take advantage of the media library modal and instead, requires the user to know the image’s URL. Jetpack Image Widget UI Many of the fields are the same as what’s provided by the media library modal. Not surprisingly, WordPress.com uses the same interface and requires the user to know the image URL. Core Image Widget May Be Ready in Time for WordPress 4.7.4 The team is specifically seeking feedback from those who use image widgets provided by plugins on WordPress.org. Once the image widget is merged into core, the video and audio widgets will be added to the Core Media Widgets plugin. Users can leave the plugin enabled until all three widgets are added to core. “Once a widget has been thoroughly tested by users, we can then copy it into core for a release while then also disabling the widget in the plugin,” Ruter said. If you encounter a bug or discover an incompatibility with a plugin or theme, please create an issue on the project’s GitHub page. According to Ruter, the team is working hard to get the widget to a point where it can be merged into core. Depending on how testing goes, it could be merged into core as early as WordPress 4.7.4. [...]
Tue, 21 Mar 2017 21:53:04 +0000photo credit: Oli Dale The WordPress Theme Review team (TRT) has turned a corner and is approaching a major milestone of getting the review queue under 100 themes. As of today, 189 themes are lined up in what was previously a 1,000+ backlog. Key reviewers are confident that number will be closer to zero in the near future. Emil Uzelac, one of the key reviewers, shared the ticketgraph for the backlog on Twitter today, demonstrating that the team is in a better place where new theme submission isn’t causing overload issues as it did before. Themes continue to flow in but are not significantly affecting the queue. In 2015 the TRT hit a wall with an influx of themes flooding into a legacy review system that wasn’t working. The team couldn’t keep up and was forced to spend much of 2016 changing the review process to better handle the large number of themes coming in. The TRT is working hard to make 2017 the year they get back on track. Uzelac identified a few of the measures that have helped in taming the queue: One theme submission per author More reviewers A new guideline where reviewers close the ticket if the review surfaces more than 5 distinct issues “Around Christmas was when many on the team started seeing a tiny sliver of light at the end of a long tunnel,” Key Reviewer Justin Tadlock said. “In the past few days, seeing the queue get below 200 themes has been a high point. Folks on the team are excited because our ideas are paying off.” Tadlock can’t say when exactly the team turned a corner but describes it as more of an iterative process that started with small ideas they could implement themselves. This has significantly reduced the wait time from 7 or 8 months a year ago to two months today. Themes also go through an admin queue that adds a bit to the review time but Tadlock said they hope to tackle that in the next Review Shindig, which happens on the first weekend of every month. “That number is shrinking,” Tadlock said. “By the end of April, we could be looking at 3-4 weeks. I’m a bit optimistic, so don’t hold me to that. It could be May or June in reality.” Tadlock said once the team gets to the 50-100 range they will be at the place where they’re really only handling new themes that are coming in, instead of working the backlog. Once they reach that milestone, they will be able to more accurately track how long it takes for a theme to make it through the review process. “That’s where we’ll need to really start refining the process so that it works even better in the future,” Tadlock said. “A well-coded theme could potentially make it through the process in 2 months right now. Another theme might be 4-5 months. There are a lot of factors to consider. It’s my hope that we eliminate many of those factors that are holding up the process.” The new rule that limited authors to submitting one theme at a time has had a significant impact on cutting down the queue. The rule was meant to be temporary and will be up for reevaluation when the queue is under 100 themes. Tadlock said the team will likely pull the rule, but it has been instrumental in rooting out copies that contained only minor changes to the original. “For most authors, this [rule] is not a huge problem,” Tadlock said. “It definitely hurts a few of the more prolific authors in the short term. However, it helps stop the flow of theme companies who are just copying/pasting the same theme with minor changes. We’ve had theme companies with as many as 17 themes in the queue that were just copies. This new rule has helped us find those and put a stop to the practice.” The team was able to track down an entire ring of theme authors with multiple accounts with dozens and dozens of themes. Tadlock said most of [...]
Tue, 21 Mar 2017 19:56:57 +0000Yoast SEO 4.5 was released today with a handful of improvements and, most notably, a big push for users to upgrade to PHP 7. “In Yoast SEO 4.5, we are urging site owners whose sites run on servers with an outdated version of PHP to update to a more recent version,” Joost de Valk said. “To move the web forward, we need to take a stand against old, slow, and unsafe software.” WordPress’ minimum PHP requirement is still at 5.2.4, six years after PHP 5.2 reached end of life in 2011. This version is now vulnerable to many security issues. Current usage stats show 5.4% of WordPress sites are running on PHP 5.2. As this likely represents millions of users, WordPress’ core leadership is reluctant to bump the minimum requirements. Only 8% of sites are on PHP 7+, as hosting companies are slowly adding support. “Because web hosts are not upgrading PHP, we have decided to start pushing this from within plugins,” de Valk said. He contends that the WordPress ecosystem is losing good developers because the project is moving too slowly. He also makes the case for security and speed. “WordPress is sometimes said to be slow, but it actually doesn’t have to be slow at all,” de Valk said. “If it’s running on old versions of PHP, however, it is, most certainly, slow. PHP 5.2 is more than 100% slower than PHP 5.6, and a whopping 400% slower than PHP 7.” De Valk decided to throw the weight of Yoast SEO, which he estimates to be 6.5 million active installs, behind the movement to push hosts to upgrade their customers to PHP 7. The latest release of the plugin displays a notice to WordPress administrators running sites on PHP 5.2, urging them to upgrade to PHP 7. The notice is “big, ugly, and non-dismissible,” de Valk said. It is generated by an error that auto-resolves when the user fixes their outdated PHP version. “The notice will also encourage people to contact their host if they don’t know how to upgrade their PHP,” de Valk said. “Yes, this could be painful for some hosts. This notice is deliberately intended to make them work.” De Valk said the plugin will start displaying the notices for PHP 5.2 and will add 5.6 as soon as it is no longer supported. Through experience with his customers, de Valk has found that outdated, slower versions of PHP are damaging Yoast SEO and WordPress’ reputations, as neither are optimized for PHP 5.2. Although older versions are not holding the plugin back from new features, it makes it difficult for the team to clean up the code. “There aren’t many features I cannot build right now, but code quality is suffering because we can’t use namespaces, short array notation, etc,” de Valk said. The Yoast SEO team has created WHIP, a WordPress package to nudge users to upgrade their software versions and made it open source for plugin and theme developers to implement in their own extensions. The project includes a filter for linking to the WordPress.org hosting page, which includes a selection of hosts that offer PHP 7. Most of the large hosting companies already have documentation for upgrading PHP versions. Ultimately, it’s the end users who will have the power to get more hosting companies on board. De Valk said he doesn’t know how big the impact will be but encourages users to vote with their pocketbooks by leaving hosts that are unwilling to assist in upgrading PHP. “It might be entirely possible that your host is not willing to work with you,” de Valk said. “If so, think about moving web hosts. A web host provides the engine your site runs on and that better be a damn good engine.” [...]
Mon, 20 Mar 2017 21:21:19 +0000Last week Steve Burge and the team at PressShack released PublishPress, a fork of Automattic’s Edit Flow plugin. PressShack is operated by the same team behind OSTraining with a focus on creating publishing plugins for larger organizations. Edit Flow has more than 10,000 active installs but is updated sporadically and is not very well supported. The PressShack creators saw an opportunity to fork the plugin and sell commercial support and add-ons. PublishPress is now available on WordPress.org with a seamless migration for Edit Flow users. The first release offers the same features as Edit Flow along with a complete face lift, making interaction with the plugin’s settings more user-friendly. The new tabbed interface puts all the settings on one screen. PressShack has also tweaked the language of the plugin, changing Story Budget” to “Overview”, and simplifying other terms. PublishPress introduces a few changes to the calendar, allowing users to click anywhere on a date to add content. It exposes the iCal or Google Calendar feed and uses icons to show post statuses, saving space for other information. Burge said that PublishPress will be making a fresh start and will not be following and incorporating updates from Edit Flow. The team plans to add a host of new features that improve the publishing workflow to handle multiple users: Multisite and multiple site support: Content creators log into one site but can publish to multiple sites Pre-publishing checklists: For example, featured image, word count, Yoast SEO green light More use cases beyond media sites: In addition to magazine-style user groups for reporting, PublishPress plans to add more use cases, such as WooCommerce products, EDD downloads, bbPress topics, and The Events Calendar listings Multiple authors: Assign multiple author bylines to a story Most of these feature are slated for release in mid-2017 and will be offered as commercial add-ons. The team is currently still focused on writing unit tests for the core plugin and adding improvements to it on WordPress.org. PressShack Takes Inspiration from Drupal for Expanding Content Workflows PressShack’s creators also work closely with other open source publishing platforms. Burge said the team took some inspiration from the Drupal ecosystem, which offers more advanced features for modifying editorial workflows. “In Drupal, the workflow features are being demanded and developed by large organizations that use the platform,” Burge said. “As a result, Drupal does have a very big head start in this area. “In Drupal 7, the main workflow module was called Workbench. It was built to meet the needs of large customers such as universities, media outlets, and government agencies who have many different content managers.” Prior to having editorial workflow tools available, Burge said that Drupal agencies kept losing projects to rivals such as Adobe and OpenText, because they had publishing workflows built for multiple users. Building better publishing tools became a necessity for Drupal agencies that wanted to win projects from large organizations. Drupal 8 moves many of these editorial workflow improvements into core. Drupal 8.3, which is slated for April 2017, will introduce the ability to create multiple types of content workflows. “What’s really interesting about the Drupal 8 implementation is that they are thinking beyond just content publishing,” Burge said. “It will soon be possible to put whole sections of your site into a workflow. The demand for these features is still coming from enterprise customers: much of the work is being done by a team of Drupal developers inside Pfizer.” Burge cited a few examples of typical users requiring more elaborate publishing workflows: A university with 50+ [...]
Sat, 18 Mar 2017 16:50:49 +0000
If you post to a WordPress blog on a regular basis like I do on In Photos dot Org you’ll no doubt recognise the fatigue that comes from adjusting the publish date every single time on a new post so it appears a day later. If you have multiple posts like on a daily photoblog you have to remember what day the last post was made and adjust the date accordingly.
A few years ago I wrote a small plugin that I never released to help schedule posts. In the media uploader you could select multiple photos and click a few buttons to be brought to a new page where you could enter title, content and tags for each image. Based on this experience, I suggested it as an idea to one of the teams at Automattic who built Post Bot. I used that for a long time and it has its strengths. If you’re posting content that has the same or similar tags you can copy and paste the tags from one post to another. I posted lots of black and white street images from my home town this way and it was super useful!
I got tired of manually typing out tags, and unfortunately the site broke a few times, with posts not scheduling or one time they scheduled all in one go. Luckily the problems were quickly fixed. However, I started using the WordPress post editor again and scheduling a bunch of photos that way.
Manually editing the publish date quickly became a chore. Lazarus, the form saver Chrome extension, would sometimes popup if I didn’t click exactly on the date, or as I said before I had to remember when the last post was made. They say there’s a plugin for everything, and there is for this too. Check out Publish to Schedule.
You tell “Publish to Schedule” which days and how many posts should be published and when you go into the post editor the next available date is picked for you! The date doesn’t change until you hit Publish but I already used it to schedule a number of posts and it works really well.
Sat, 18 Mar 2017 03:03:24 +0000
GitHub took another step towards beefing up its support for open source projects this week with a new feature that makes it easier to understand a project’s license. If the project is using a popular open source license, GitHub will automatically add a short, plain-English description of the license and its permissions, conditions, and limitations. This allows GitHub users to see the implications of a project’s license at a glance.
GitHub pulls this data from ChooseALicense.com, the site it created in 2013 to help developers understand and select an open source license. The license descriptions and metadata are also open source and developers can incorporate them into their own projects using GitHub’s License API.
This new feature follows GitHub’s release of Open Source Guides in February. The guides are a collection of 10 resources to help people get involved in open source, start their own open source projects, and manage large communities. The documents include helpful stories and tips from maintainers of successful open source projects.
It was around this time last year that GitHub was confronted by open source project maintainers with an open letter of complaints regarding issue management. Nearly 2,000 maintainers signed the letter, requesting that GitHub prioritize features that open source project maintainers need. The company dragged its feet before eventually responding, while competing code hosting service GitLab capitalized on the situation with a new initiative focused on “making GitLab the best place for big open source projects.” Over the past year, GitHub has consistently released new features and improved existing ones in affirmation of its continued support for open source projects.
Fri, 17 Mar 2017 21:52:21 +0000photo credit: Night Moves – (license) There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. Apple Pay for WooCommerce WooCommerce announced that Apple Pay is now available for stores accepting payments using Stripe. According to Marina Pape, WooCommerce is the first open source platform to integrate with Apple Pay. We’re also proud to be the first open source platform to integrate with Apple Pay. Open source is the default for us, but it’s exciting to continue that level of openness with such an important payment solution. Human Made Makes Two Big Hires Human Made, a web development agency based in the UK recently announced two big hires. The first is Mike Little, co-creator of the WordPress open source project, as a WordPress Specialist. The second is Jenny Beaumont, who will take on the role of Senior Project Manager. Editor User Experience Survey The WordPress core development team has published a survey seeking feedback and data on how people use the editor. The editor is likely the most commonly used feature in WordPress. This is an opportunity for those who use it to provide feedback. Editor Experience Survey Behind the Scenes of how Search works on the New WordPress Plugin Directory Greg Brown published details on Data.blog on how he improved the search relevancy for the new WordPress plugin directory using Elasticsearch. The post is technical in nature but provides great background information into how it works. In improving the fidelity of search results, it’s not just a question of how we satisfy a single user’s search query, but how we satisfy thousands of users for each unique search term: which plugins will support that volume of users and their requests for support? Which are most likely to give all of these users a great WordPress experience? NextGEN Gallery Surpasses 17 Million Downloads NextGEN Gallery just reached over 17 million downloads. #WordPress — Imagely (@imagely) March 17, 2017 MainWP Reaches 1K Five-star Reviews After three years of being on the WordPress plugin directory, the MainWP plugin has received 1,000 five-star reviews. Heather Burns HeroPress Essay Heather Burns, founder of WebDevLaw, published an incredible essay on HeroPress this week. Burns describes the hardships encountered with her first job and how it and other circumstances led her down the path of discovering WordPress. By this point I’d started playing around with WordPress, and I learned about a local meetup group. I tiptoed in one night and awkwardly introduced myself and was welcomed right in. I realized over time that this was a very different sort of group. Everyone was grassroots volunteers, putting in the effort because they wanted to learn, not because they wanted social status. There was no tiresome hierarchy, no obsession with ‘prestige’, no kowtowing to the person with the sexiest car (in fact, we all took the bus.) If you had a question, you could ask it without being laughed out the room. No one was obliged to give anything more than they were able to give. HeroPress Wapuu! In what is a traditional part of this series, I end each issue by featuring a Wapuu design. For those who don’t know, Wapuu is the unofficial mascot of the WordPress project. HeroPress Wapuu I present HeroPress Wapuu in celebration of HeroPress recently publishing its 100th essay. If you’re a fan of HeroPress and want to see it flourish, please consider being a sponsor. That’s it for issue nineteen. If you recently discovered a cool resource or post related to WordPress, please share [...]
Fri, 17 Mar 2017 21:01:58 +0000(image) photo credit: Joanna Kosinska
WordPress core contributors have published a survey to collect feedback on how people are using the editor. The results of the short 15-question survey will assist the team in redesigning the editing experience in the WordPress admin.
Participants are asked to identify how they use WordPress and if they use certain features like formatting buttons and distraction-free writing. The survey also asks how easy-to-use they consider the current editor to be and how organized it is. Users are also asked if they have ever installed a plugin that adds features to the editor, presumably to determine if there are features missing that should be considered for core.
One question asks participants if they use any assistive technologies along with a screen reader. WordPress Accessibility team member Amanda Rush published some tips for screen reader users who want to take the survey. It includes several questions with radio buttons and screenshots that are not so friendly to screen readers. Rush provides a general walk-through with more explanation for those who are using screen readers to participate.
So far, this survey has been more widely shared than the design team’s recent customizer survey, which was published after receiving just 50 results. WordPress contributors rely heavily on these surveys to make decisions about projects they are working on, as they do not have any telemetry data about what features people are using or not using. This is one example where data could quickly demonstrate how widely the distraction-free writing mode has been adopted and show what editor formatting buttons people are using.
If you have a few minutes over the weekend and want to contribute to the future of WordPress, take the Editor Experience Survey.
Fri, 17 Mar 2017 20:09:37 +0000
Over the course of a year, WordCamps take place nearly every weekend. Although you can view upcoming events on WordCamp Central, a relatively new plugin exist that enables you to see upcoming WordCamps on the WordPress Dashboard.
It’s called WordCamp Dashboard Widget developed by Ajit Bohra. Once activated, a new widget appears on the dashboard that lists upcoming WordCamps. Data is retrieved by using the public JSON API available on WordCamp Central, is stored in a transient, and refreshed every day to reflect new data.(image) Upcoming WordCamps Widget
Users can adjust the number of camps shown per page, sort events by location, date, or Twitter information. You can also display this information on any post or page using the [wordcamps] shortcode. The locations are linked to the event’s official WordCamp page. The @ symbol links to the official Twitter account associated with the event and the # symbol links to the official hashtag.
During testing I noticed that the Twitter account for some events was either missing or incorrect. For example, WordCamp London links to @wcldn when it should link to @WordCampLondon. I’m not a fan of the way dates are presented in a Day/Month/Year format as I prefer Month/Day/Year.
Bohra is continuing to improve the plugin with an option to refresh data, improve data fetching, and more filtering options for 1.0. I tested the plugin on a site running WordPress 4.8 alpha and didn’t encounter any issues. If you encounter a bug or have feedback, you can submit a new issue on the project’s GitHub page.
Fri, 17 Mar 2017 00:08:20 +0000Today Jetpack announced that its users now have access to a collection of 165 free themes from WordPress.com. Jetpack users can browse, preview, and activate themes by visiting the WordPress.com Theme Showcase. WordPress.com has also added the ability for Jetpack users to upload a theme from its interface as well, a feature that targets those who are heavily using Jetpack Manage instead of the WordPress admin. Many of the free themes are already available from Automattic’s account on the WordPress.org Themes Directory, but the limitations of the preview functionality doesn’t present themes in their best light. The Theme Review Team added a new rule last year that theme authors can only upload one theme at a time and will have to wait for it to pass through the queue before submitting another. This severely restricts individuals and companies that are prolific theme authors, requiring them to wait months in the queue. Authors can realistically expect to only publish one or two themes per year on WordPress.org. After Zerif Lite, one of the most popular themes on WordPress.org, was suspended for five months for violations of content portability requirements, Matt Mullenweg was one of the most vocal opponents of what he called “draconian requirements.” In 2015, Mullenweg went so far to say that he is “completely okay with having something in the directory that breaks every guideline, as long as it’s interesting.” The Theme Review Team has not made significant changes that would give authors more freedom. Instead, much of the Team’s time seems to be spent looking for ways to reduce the queue. It’s no wonder that a company like Automattic, with the infrastructure of Jetpack Manage and WordPress.com, would choose to distribute themes via a more efficient route. However, this move has left some WordPress.org theme authors wondering if WordPress.org improvements will be less of a priority in the future. Can you blame him? No. They (he?) needs to wrangle in the experience, avoid fragmentation, compete with other consumer hosted platforms. — Matt Medeiros (@mattmedeiros) March 16, 2017 But what does it all mean for us surviving off of the .org distribution? Tough cookies, that's what. — Matt Medeiros (@mattmedeiros) March 16, 2017 “Today’s announcement is the glue that holds together Matt’s vision for the future .org experience, delivered via Jetpack,” WordPress.org theme author Matt Medeiros said. “Solving the dark cloud above the repo seems a lot less critical when we can throw Jetpack in front of users as an alternative. It’s a calculated measure to control the on-boarding experience of new users, which WP desperately needs for continued growth amidst a field of competitors like Wix and Squarespace.” According to Jetpack team member Richard Muscat, WordPress.com has “no immediate plans to sell themes at this time.” Jetpack users have access to free themes but will not, in the foreseeable future, be invited to purchase WordPress.com’s commercial themes. The team also plans to continue its presence on WordPress.org. “We have no plans to stop releasing themes into the .org directory,” Muscat said. “We just believe this makes an even nicer, more integrated experience for accessing the themes we offer on the WordPress.com side of things.” Jetpack’s announcement has also reignited fears of what the plugin’s commercialization might do to the WordPress ecosystem. In the past, Mullenweg has identified both Jetpack and WooCommerce as “multi-billion dollar opportunities[...]
Thu, 16 Mar 2017 04:50:43 +0000A U.S. Air Force F-15E Strike Eagle aircraft flies over northern Iraq Sept. 23, 2014, after conducting airstrikes in Syria. – photo credit: U.S. Department of Defense The U.S. Department of Defense (DoD) is experimenting with open sourcing more of its code on GitHub. Code.mil invites developers from around the world to collaborate with federal employees on unclassified code. The Defense Digital Service (DDS), which brings in experts from top technology companies like Google, Amazon, and Netflix for short assignments, is organizing the initiative to open source more government code. “Open source and free software (which refers to software freedom, not free of cost) are industry best practices and integral parts of modern software development,” the department said in a statement announcing the initiative. “They, however, are concepts yet to be widely adopted within the department. With Code.mil, DoD can access a depth and breadth of technical skill previously underutilized while offering software tools created by the government for free public use.” The FAQ document for the initiative states that “modern software is open sourced software” and that the department is aiming to more actively participate in the open source and free software communities. Licensing is one of the unique challenges of making government code open source, as code written by federal employees is not protected by copyright under U.S. laws. After consulting the Open Source Initiative and Free Software Foundation, the DoD devised an open source licensing strategy where code written by federal employees will fall under the public domain with no restrictions. DDS developed a GitHub webhook to ensure commits from government employees follow the Developer Certificate of Origin process. Private sector contributions will be protected by standard OSS licenses. This is outlined in the INTENT.md document on the Code.mil repository. Code.mil’s First Open Source Project Released Under AGPL to “Test GPL as an Approach” In addressing one person’s feedback advocating for all Code.mil projects to be MIT-licensed, DDS engineer Tom Bereknyei confirmed that the team will leave this decision to each project’s leadership. “We’ve had these same discussions internally,” Bereknyei said. “We did not want to endorse a particular license and we intend each project to decide which license is appropriate for them. Some may choose MIT, BSD, Apache, or eventually GPL. We did not want to take that choice away from them.” eMCM, a web-based viewer for the Manual for Courts-Martial (MCM), is the first open source project to be released on Code.mil. It provides a canonical “live” edition of the manual that is easier to access and maintain than previous versions. eMCM was released this week under the AGPL license. “We chose to use the Affero General Public License (AGPL) for the eMCM because every military member has the right to know how the raw legal code (i.e., MCM) will be transformed or manipulated by the eMCM,” the Defense Digital Service stated in the announcement. “Applying the AGPL is a small but important way to help ensure the public has that freedom and transparency to the process.” In the pull-request for updating the license on the project, Bereknyei explained why he proposed the AGPL: It’s a user-facing project, not a library. Ultimately it would be good to preserve the rights of the public to inspect how the raw MCM is transformed by the viewer. Among the projects we have, this seems to be the best cand[...]
Wed, 15 Mar 2017 22:36:53 +0000
In this episode, Marcus Couch and I are joined by Aaron D. Campbell, WordPress Security Team Lead. Campbell provides insight into who’s on the team and what they do behind the scenes to coordinate security releases. We discuss the complex nature of disclosures, when to publish them, and how much information they should have.
In light of WordPress 4.7.2, Campbell shares the lessons he learned and how they’ll be applied to future releases. If you’ve ever wondered about the security aspects of WordPress, this is the episode for you.
Facebook Live Chat for WordPress makes it easier for customers to connect with businesses via Facebook Messenger.
Contact Form 7 Database saves submissions from Contact Form 7 to the database for future reference. You can also view them in the WordPress backend.
Total Spent by Customer for WooCommerce adds a sortable column to the users list to show how much the user spent on your WooCommerce Store. This is useful to figure out who your top customers are.
Next Episode: Wednesday, March 22nd 3:00 P.M. Eastern
Subscribe To WPWeekly Via Itunes: Click here to subscribe
Subscribe To WPWeekly Via RSS: Click here to subscribe
Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe
Listen To Episode #267:
Wed, 15 Mar 2017 12:00:22 +0000“Get out there and look at that f****n car. Look at that f****n car!” And all of the good little office girls jumped up and ran outside to ogle and coo over the chairman’s latest “prestige motor.” Me being me – someone who couldn’t care less about cars, or massaging the needy egos of the men who feel a need to show them off – I stayed sat at my desk and carried on with my work. My absence outside would be noted, and would not do me any favours. I had taken a job at a local business support organisation because I needed the work. I’d been told that my experience and abilities could benefit the organisation and, by extension, the local business community. The joke was on me. In truth, the organisation was a back-slapping boys’ club which didn’t even have a business plan. Its main income source was, and remains to this day, the revenue from a vanity awards dinner, where members nominate themselves for meaningless awards and then pay thousands of pounds to find out if they won. Beyond that, its sole purpose was to provide the board and management with “prestige and status” (my manager’s words, not mine.) The office atmosphere was so toxic that the HR manager, faking every excuse in the book, hadn’t bothered to show up in months, which meant that I never saw a job description, had a performance review, or was signed up for the company pension; in fact, the only way I got a contract was by going in on a Saturday to type it up myself. It was all pretty ironic for an organisation which officially exists to support other businesses. But bills need to be paid, so I kept my head down and did my work and breathed deeply through the increasingly dysfunctional dramas of the board and management. Believing that you can keep calm and avoid office politics in a dysfunctional workplace is a unique form of denial. By showing up for work in the morning, observing the backstabbing behavior around you, and keeping your nose above the parapet, you make yourself easy pickings. It did not help that my job required me to read certain documents, pass on certain email exchanges, see certain expense receipts, and take minutes at certain meetings. I knew everything. I knew what everyone was up to. I knew too much. The things I knew too much about erupted violently in the space of a fortnight. Sackings, retaliatory sackings, accusations, slanders, backstabs, screaming, lies, people literally being escorted out the back door, people breaking into file cabinets and document storage, the whole ugly lot. I decided life was too short to put up with that nonsense and scurried off the sinking ship. Unemployment was preferable to working in a dysfunctional war zone. A few days later I was sitting in my living room in my pajamas (as unemployed people do), staring blankly at the Christmas tree, barely aware if it was day or night, my head still spinning about what had just happened and what I was going to do next. Then there was a knock at the door. The postman, I assumed. No, it was the police. They wanted to come in. So they did. Allegations had been made. Statements had been taken. Criminal charges would be filed. Against me. Merry Christmas. Merry Christmas to you too, I replied as I saw them out. Because that’s how office politics work, folks. You don’t walk away from egomaniacs on your own terms. That implies there is something wrong with them. They have to take you down on their own terms. That implies there is something wrong with you. You may think you have left the backstabbers to get on with their petty gam[...]
Wed, 15 Mar 2017 02:10:06 +0000(image) photo credit: Lukasz Kowalewski
Bocoup, an open source technology and design consulting company, is recruiting for a new study that aims to “measure the impact of open work on developer well-being and productivity.” The company is partnering with MIT and UCLA to develop an open work email-bot that will interact with organizations that sign up to participate. The study is open to teams that use source control.
“We’re defining ‘open work’ as a project where tasks/work product are/can be shared outside the group immediately responsible for those tasks,” Bocoup Director of Research Boaz Sender said.
Participating organizations will get hooked up with Bocoup’s email-bot, which offers tools for recognizing team members or open source community members for their contributions to projects. Bocoup plans to publish the average results with the goal of educating businesses and policy makers about the value of open source work. Data from organizations participating in the study will be anonymized and untraceable.
With all the new ways of working together on the web (GitHub, Slack, GitLab, etc.) it’s good to see a company prioritizing research on how this impacts developers. The study begins in March and will end in June. If you’re interested to have your organization be a part of it, you can find out more on the signup form and get a better understanding of the time commitment on the FAQ page.
Tue, 14 Mar 2017 22:23:12 +0000Big changes are on the way for WooCommerce. Mike Jolley, lead developer of WooCommerce, announced that WooCommerce 2.7 will be versioned 3.0.0 with a scheduled release date of April 4th. During the 2.7 beta testing phase, the team discovered a significant bug in the way that timestamps are handled. “Essentially, some developers need a way to reliably get UTC timestamps as well as dates according to the site’s timezone,” Jolley said. “To resolve this we’re working on a solution which accepts either a UTC timestamp, or an ISO8601 datetime string, and returns a DateTime object so timezone information can be retrieved if needed. This approach is not compatible with the get_date_x getters found in 2.7 beta.” Beginning with WooCommerce 3.0.0, the project will use semantic versioning or SemVer. WooCommerce has incrementally versioned its releases similar to WordPress. For example, WooCommerce 2.5, 2.6, 2.7. Semantic versioning allows for three digit version numbers and should make it easier to discern major versions from maintenance and bug fix releases. The three digits stand for major, minor, and patch. According to the SemVer site, each number is incremented when: MAJOR version for incompatible API changes. MINOR version when you add functionality in a backwards-compatible manner. PATCH version when you make backwards-compatible bug fixes. Under this system, WooCommerce 3.0.0 is a major update with 3.1.0 being a minor update. The next major update will be 4.0.0. Developers should take note that in 3.0.0 RC1, the versioning and @since properties are relabeled to 3.0.0. “If you have used version_compare statements in your code, they will still work since 3.0.0 is greater than 2.7.0, however, you can change these for clarity,” Jolley said. Themes with template files versioned 2.7.0 may need to be updated to use 3.0.0 to prevent reports of outdated template files. In addition to version changes and fixing major bugs, the team is allowing up to three weeks for 3.0.0 RC1 to be tested. The amount of time to test has been extended from one week to three based on feedback from extension developers. “An RC is really the first point in time when people can look at the code and feel confident it’s probably not going to change a lot before the official release,” Brent Shepherd, founder of Prospress Inc. said. “With that in mind, having 3 months of beta testing, but only 1 week for the RC, doesn’t make a lot of sense. It makes sense to give more time in that later stage after the RC.” Josh Kohlbach, a WooCommerce extension developer, also agreed with extending the RC testing time. “Currently from our company’s perspective we’ve had to put other priorities on hold in order to put WC2.7 changes ahead,” Kohlbach said. “The 2.7 changes we were holding off on doing until RC, which is what we normally do.” “However, when it was announced that there would be only one week between, we figured that wouldn’t be enough time for proper testing and pushing updates on all of our products so we’re compatible on day one,” he said. “It just isn’t enough time so we, like many others by the sounds of it, started making our compatibility fixes around Beta 2 this time even though we knew there might be more changes coming down the pipe before RC gets here.” Extension developers are praising the team for changing to a semantic versioning system and extending the time to test Release Candid[...]
Tue, 14 Mar 2017 19:28:13 +0000Varying Vagrant Vagrants 2.0.0 was released yesterday with support for a YAML configuration file. This is a major improvement that gives VVV users more flexibility in customizing their configurations. The new vvv-config.yml file includes the defaults and users can create a vvv-custom.yml file to change the default provisioning. Utilities have been broken out into their own repository, allowing users to specify PHP 5.6, 7.0, or 7.1 for new projects. “In the past, it was often difficult as a maintainer to say no to feature requests because I knew that the customizations would either be really annoying for someone to implement on their own or would require a fork, possibly losing the benefit of future changes,” VVV Project Lead Jeremy Felt said. “At the same time, it was hard to say yes because not everyone needs the same features. Those two clash, and the easiest answer is to stall. The new changes provide a pretty straight forward way of providing these custom changes and make it easy to stay in sync upstream.” Version 2.0.0 was also released with new documentation on the VVV website. Contributors are migrating docs from the wiki on GitHub to the new website and plan to make them translatable in the future. Felt also recently documented VVV’s governance model and promoted Lorelei Aurora to the role of Lead Developer on the project. VVV has 108 contributors, by Felt’s count, and he estimates approximately 100 clones of the project per day based on GitHub’s analytics. For the past five years, Felt has cultivated VVV’s growing community of contributors by developing a friendly and welcoming culture within the project. “Very early on I read something about OSS project maintenance that inspired me to always greet new commenters, issue creators, and developers in an effort to make them feel welcome from the beginning,” Felt said. “Removing even the smallest hurdles of contributing to open source goes a long way. Being friendly encourages people to stick around. Even in small projects like VVV, it can be overwhelming to figure out if you’re doing things right.” Felt said he wished he would have written the governance document sooner, because it provides a roadmap for contributors. He found that having this information available to the community from the beginning may be just as important as having a license in place. “It starts to answer the ‘what kind of impact can I have’ question when someone is getting started,” Felt said. “The current list of committers is a little misleading in that they are all people who were very active early in the project, but not as much now. Their input continues to be trusted, but commit access probably won’t be used very much. This isn’t a bad thing, as a project goes through cycles, but something to keep track of as a maintainer. Having a process is a healthy thing. I’m hoping it attracts even more contributors!” What’s Next on the VVV Roadmap? The next focus on the VVV roadmap is building out the rest of the documentation on varyingvagrantvagrants.org. Felt said he hopes it will become a great place for basic setup, detailed guides, and frequent troubleshooting tips. Translated docs is the next item that Felt said he hopes can be a huge benefit to the project and the community. “There are a couple things that would be fun for flexibility,” Felt said. “A long-running pull request that in[...]
Tue, 14 Mar 2017 02:03:50 +0000
WordPress.com has unveiled a refreshed post editor that makes content front and center.
The most noticeable change is the user interface. The sidebar of meta boxes is now on the right-hand side instead of the left. Clicking the Post Settings link hides the sidebar, providing a cleaner interface. The preview and publish buttons are no longer in a metabox and are permanently displayed.(image) New WordPress.com Post Editor
Drafts are quickly accessible by clicking the number next to the Write button. Hovering over a draft title displays a small excerpt of the post. Unlike the distraction-free writing mode in the self-hosted version of WordPress, sidebars and other items on the screen do not disappear and reappear. This animation has been described by some as a distraction.
Joen Asmussen and Matías Ventura, two Automatticians based in Europe, helped create the new interface. In an interview conducted by John Maeda, Global Head of Computational Design and Inclusion at Automattic, Asmussen describes what he’s most excited about with the improvements.
“Everything has a right place,” Asmussen said. “In this iteration, we’ve tried to find those places for the preview and publish buttons, as well as the post settings. By making the buttons permanently visible and the sidebar optionally toggled, my hope is that the combination will provide a seamless flow for both the person who just wants to write, as well as the person who needs to configure their post settings.”
Ventura says he is happy to bring the focus back on the content by placing it in the center. “I’m also fond of the recent drafts menu next to the ‘Write’ button, as it provides a quick way to carry on with your unfinished posts,” he said. “These editor refinements have the potential to let your work on WordPress keep you deeply in the productive state of flow.”
The core team continues to work on a block based editor for the open-source WordPress project and Asmussen hints that this approach to writing could one day end up in the WordPress.com post editor.
After testing the new editor on WordPress.com, I can say that it’s more enjoyable to use than the distraction-free writing mode in WordPress. There’s less distraction, meta boxes are either on the screen or they’re not, and I enjoyed writing without interface elements disappearing and reappearing on the screen.
If you’d like to try the new editor on a self-hosted WordPress site, you can do so through Jetpack. Visit the Jetpack dashboard in the WordPress backend, click on the Apps link, then click the Try the New Editor button.
After using the new editor, let us know what you think. How does it compare to the writing experience currently in WordPress?
Mon, 13 Mar 2017 00:56:04 +0000
Welcome to the Post Status Draft podcast, which you can find on iTunes, Google Play, Stitcher, and via RSS for your favorite podcatcher. Post Status Draft is hosted by Joe Hoyle — the CTO of Human Made — and Brian Krogsgard.
Today’s show is sponsored by Delicious Brains. WP Migrate DB Pro makes moving and copying databases simple. They also have an exciting new project for merging databases, called Mergebot. Go to Mergebot.com for updates on that, and deliciousbrains.com for more information on WPMigrate DB Pro. Thanks to the team at Delicious Brains for being a Post Status partner.
Special thanks to Bocoup for allowing us to record this podcast episode in their office. Bocoup was a partner and workshop host for A Day of REST, and were incredibly hospitable. Checkout Bocoup to learn more about how they embrace open source as a consulting agency.
Sat, 11 Mar 2017 23:32:07 +0000photo credit: Leeroy By now you’ve probably seen the viral clip of a father getting interrupted by his children while giving a live interview on BBC. Working parents everywhere, especially remote workers, could identify with the humorous embarrassment of the situation. Even those who have had pets interrupt Skype calls know the feeling. You want to be thought of as a professional and taken seriously but little home office invaders have other plans. This BBC interview is amazing. Just wait until the mum rushes in… pic.twitter.com/LGw1ACR9rg — JOE.co.uk (@JOE_co_uk) March 10, 2017 Many developers who work from home with children know the daily struggle of balancing family life with work, which generally leaves very little time for improving professional skills. A popular question on Hacker News this week asks, “Developers with kids, how do you skill up?“: I recently had one of my colleagues comment on my GitHub account graph – ‘There won’t be many green boxes in your account once you have a kid’. This was in response to my suggestions on how we should all keep learning. I argued many good programmers have family with kids and still manage to keep up. They brushed me off saying it’s just not possible or they don’t look after their kids. When I look on the internet I find people doing full time jobs delivering products while having a family and some still find plenty of time to blog or write books. How is this possible? Are these people super-human? How are you all doing or managing if you have kids/family? The question received nearly 500 replies with tips and stories from those who are making it work. One of the first participants on the thread is Rachel Andrew, who shares how she learned Perl as a single mother, launching a new career in web development. She said found success by “simply working every possible moment” she could and learning to be organized and focused with her time. One common theme among the replies is that having kids is like getting a crash course in time management. When your available time is significantly reduced, you are forced to become more purposeful about how you spend it. What I learned: your time does get reduced drastically, but you spend the remaining time with more focus/direction. Also, you use your time smarter, e.g. I used to do sports (indoor climbing), but now I just cycle every day from/to work (~1 hour) to stay fit. It takes approximately the same time as going by train or car. If i have clear priorities in my head – what I want to achieve in the ‘extra time’ that I have got. The clearer the goal, the better the results. …due to lack of free time and the newfound need to use it efficiently, I’ve found that I’ve probably read more actual physics in the last four years than in the previous many years of dreaming about it. Time management, to me, is a more powerful “skill up” than anything that could keep your GitHub green. When you know you have limited hours in the day and you have hard time commitments, you have no choice but to learn and work efficiently. I’d add that kids have taught me to be a better planner, and to break my priorities down into small, well defined chunks that can be slotted into a busy life. This has been valuable in general, not just for programming. One [...]
Sat, 11 Mar 2017 02:07:14 +0000photo credit: Night Moves – (license) There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. The REST API Democratizes Reading Mika Epstein explains how the WordPress REST API democratizes reading by making content more discoverable and accessible. When you look at a website you see the design and the layout and the wonderful beauty. When an app reads your data, however, it doesn’t want or need any of that. An app needs the raw data. And the REST API does that. It outputs the data in a super basic and simple way. Furthermore, it lets you add on to this and output specific data in special ways. TechSPARK Interviews WordCamp Bristol Organizer Bristol, UK, is gearing up for its first WordCamp and local media is taking notice. TechSPARK, a digital publication that covers tech in Bristol, Bath, and the West of England published an interview with Janice Tye, one of the lead organizers of the event. In the interview, Tye explains what a WordCamp is and how people can get involved. WordCamp Bristol takes place May 13-14th, 2017 and has a limited number of tickets available. Fishing Guide’s Site Used by Hackers for eCommerce Fraud TechCrunch published an interesting story of how a Cape Cod fishing guide’s website that runs on WordPress was hacked and used to host an eCommerce store. The moral of the story is to keep WordPress and its plugins and themes updated. An additional safety measure is to enable two-factor authentication. Being a Full-time Contributor Through Sponsorships Late last year, John James Jacoby outlined his goal for his 100 initiative. “My goal is be a fully funded independent ambassador for WordPress and the surrounding initiatives, backed by many of the best companies who continue to push WordPress beyond its limits on a daily basis,” Jacoby said. Jacoby provided an update on what he’s been working on since obtaining sponsorship from Pagely and Pantheon. He plans to take a two-week break in March to attend WordCamp Miami and will be speaking at other events. If you’re interested in sponsoring Jacoby to work on WordPress full-time for a month, please get in touch with him. Mode Effect Builds Website for WordPress.com’s Affiliate Program Mode Effect, a web design agency, built the site for WordPress.com’s affiliate program. According to Jon Burke, team lead for events, marketing, and advertising at Automattic, the agency was chosen based on recommendations and its previous work with the WordPress VIP program. New Features for WordPress.com Stats WordPress.com unveiled a number of new enhancements to WordPress.com stats. More insights, summaries, and better use of wide screens are just a few of the improvements that were made. Remembering HostReviews.io Kevin Ohashi, founder of Review Signal, takes a look back at HostingReviews.io created by Steven Gliebe that was recently acquired by HostingFacts.com. “I’m truly saddened because it’s disappearing at some point ‘soon.’ The only real competitor whose data I trusted to compare myself against. So I thought I would take the opportunity to write about my favorite competitor,” Ohashi said. He compar[...]
Fri, 10 Mar 2017 20:48:00 +0000
(image) One thing I’m going to try this year is to write a review of every book I get a chance to read. It’s March already so I’m a bit behind and the next few will be out of order, but this seems like as good a place to start as any.
One new thing I’ve been doing this year is listening to audiobooks with an Audible account, so this first book review is actually an audiobook. Great Courses is actually an old school thing where you could order college lectures on tape. From the references throughout the lectures I listened to, my guess is that the recordings are from the 90s. This one is called From Plato to Post-modernism: Understanding the Essence of Literature and the Role of the Author ($25 on Audible, $9.99 on cassette tape (image) ).
I really enjoyed this series. Some of the early lectures covering Aristotle, Longinus, and Sidney’s “Apology for Poetry” were quite brilliant. Later ones from Foucault and Derrida on were weaker and harder to follow, which I think is a function of both the material, which can be dense when it starts getting into Modernism, the length, fixed at 30 minutes, and the lecturer, Louis Markos. Markos teaches at Houston Baptist University and his asides can sometimes be a little traditional, but in an adorable grandpa way. He has an infectious enthusiasm that makes even the slower chapters on Kant and Schiller bearable, but his love of and fluency in the earlier classics is really a pleasure.
It made me curious to look into more online lectures and sometime this year I’m going to check out this one on Value Theory at Khan academy. I also picked up a used copy of Critical Theory Since Plato which had the original text for many things discussed in the lecture, so was a great reference point when I was at home in Houston, where I end up listening to most audio content since it’s a driving town.
Fri, 10 Mar 2017 18:19:54 +0000photo credit: Ccarelo – Own work, CC BY-SA 3.0, Link Open Source in Brazil is a new free eBook from O’Reilly Media that offers an inside look into the growth of Brazil’s free software community despite the country’s unique barriers. Brazil has a vibrant IT and startup culture and hosts the largest open source conference in Latin America, Fórum Internacional Software Livre (FISL). The conference has been running for 17 years and had 5,200 participants in 2016. According to Andy Oram, the book’s author, open source software is ubiquitous in the country but challenges in business, education, and government have slowed its wider adoption. The book offers a fascinating account of how the free software movement won political favor in the early 2000’s, launching many governmental initiatives to use open source solutions instead of proprietary software. Unfortunately, the government was unable to deliver on these initiatives due to lack of expertise in evaluating software and working with open source communities. These factors, combined with a scarcity of local companies to help bridge the gap, and eventually corruption, caused more delays to converting government operations to open source software. These setbacks resulted in what Oram described as “inertia and corruption that leave companies and government agencies feeding huge amounts of money into proprietary software that was designed for the North American market.” Brazil has also struggled to keep highly skilled developers who can mentor the next generation due to a “brain drain” to international cities with higher wages: The education of developers that takes place in many developed countries is hampered in Brazil, as in many countries, by a brain drain. Basically, if you become an expert in your technological area, you can get a foreign job that pays more than Brazillian jobs and offers the enticements of living in a major tech center such as London or San Francisco. Thus, the people who could be attending meetups and mentoring the next generation of experts are drawn away. Despite the free software community’s temporary loss of momentum, its unique challenges have prompted Brazilian developers to rely less on government support and find new ways of promoting open source software. “Open Source in Brazil” is available for free in both English and Portuguese. [...]
Fri, 10 Mar 2017 16:04:12 +0000
BuddyPress 2.8.2 is now available. This is a security release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.
BuddyPress 2.8.1 and earlier versions were affected by the following three security issues:
Fri, 10 Mar 2017 06:23:27 +0000WeFoster, co-founded by Marion Gooding and Bowe Frankema, is a new managed hosting platform fine-tuned specifically for online communities. The duo came up with the idea for WeFoster two years ago at WordCamp London 2015. “Bowe and I sat down and thought of ideas on how we could contribute to the open source community,” Gooding said. “We eventually decided on BuddyPress and to build a business around it. We brainstormed on the basic premise of growing awareness, interest, and the user base of BuddyPress.” While BuddyPress is at the core of what WeFoster does, it isn’t limited to it. The hosting provider caters to all kinds of community building tools whether its Peepso, s2Member, or Memberpress. One of the things that sets WeFoster apart is its community creation wizard. Customers are asked a series of questions related to their community. For example, one of the questions asks if you’d like to have discussion forums. If you answer yes, bbPress will automatically be installed in the background. This process replaces the need to manually search and install a variety of plugins after installing WordPress. WeFoster Community Creation Wizard When creating a community, customers can select from a set of partner templates. Partner templates are pre-configured WordPress installations setup specifically around a product. Partner templates include a white labeled dashboard allowing partners to brand it to match their product. Partners also receive a variety of other perks. The partner program is not an affiliate program and partners are hand selected. The team is looking for partners that are in line with the company’s vision of building better communities. For more information and to apply to be a partner, check out the partner application page. WeFoster Uses Google’s Cloud Platform WeFoster is built on Google’s Cloud Platform enabling each site to be hosted in a container separate from others. The technology stack consists of PHP7, Nginx, Redis/Memcached, and MariaDB. If for whatever reason you need to downgrade to PHP 5.6, you can do so at the click of a button. Switching PHP Versions WeFoster uses a custom caching solution dubbed CommunityCaching that it claims loads sites up to six times faster than traditional shared hosts and almost twice as fast as Managed WordPress hosts. The host is also a certified CloudFlare partner taking advantage of CloudFlare’s data centers located across the world. The partnership provides access to free SSL certificates. All sites created on WeFoster have SSL enabled by default and are served over the HTTP/2 protocol. Sites are actively monitored for malware and are backed up to Amazon Secure Storage. Site owners can restore to any point in time since backups are stored indefinitely. Tools for Developers Although WeFoster has focused on eliminating technical hurdles experienced by those who manage online communities, the company didn’t forget about developers. Each site has a developer section that includes a code editor, database manager, an area for debugging, and other related tools. The code editor is a full-featured IDE that works in the browser. This eliminates the need use an FTP client to upload files to the web server[...]
Thu, 09 Mar 2017 23:16:02 +0000Stack Overflow published its analysis of 2017 hiring trends based on the targeting options employers selected when posting to Stack Overflow Jobs. The report, which compares data from 200 companies since 2015, ranks ReactJS, Docker, and Ansible at the top of the fastest growing skills in demand. When comparing the percentage change from 2015 to 2016, technologies like AJAX, Backbone, jQuery, and WordPress are less in demand. Stack Overflow also measured the demand relative to the available developers in different tech skills. The demand for backend, mobile, and database engineers is higher than the number of qualified candidates available. WordPress is last among the oversaturated fields with a surplus of developers relative to available positions. In looking at these results, it’s important to consider the inherent biases within the Stack Overflow ecosystem. In 2016, the site surveyed more than 56,000 developers but noted that the survey was “biased against devs who don’t speak English.” The average age of respondents was 29.6 years old and 92.8% of them were male. For two years running, Stack Overflow survey respondents have ranked WordPress among the most dreaded technologies that they would prefer not to use. This may be one reason why employers wouldn’t be looking to advertise positions on the site’s job board, which is the primary source of the data for this report. Many IT career forecasts focus more generally on job descriptions and highest paying positions. Stack Overflow is somewhat unique in that it identifies trends in specific tech skills, pulling this data out of how employers are tagging their listings for positions. It presents demand in terms of number of skilled developers relative to available positions, a slightly more complicated approach than measuring demand based on advertised salary. However, Stack Overflow’s data presentation could use some refining. One commenter, Bruce Van Horn, noted that jobs tagged as “Full Stack Developer” already assume many of the skills that are listed separately: I wonder how many of these skills are no longer listed because they are “table stakes”. You used to have to put CSS, jQuery, and JSON on the job description. I wouldn’t expect to have to put that on a Full Stack Developer description today – if you don’t know those then you aren’t a Full Stack Web Developer, and I’m more interested in whether you know the shiny things like React, Redux, and Angular2. It would be interesting to know what is meant by tagging “WordPress” as a skill – whether it is the general ability to work within the WordPress ecosystem of tools or if it refers to specific skills like PHP. Browsing a few jobs on Stack Overflow, WordPress positions vary in the skills they require, such as React, Angular, PHP, HTML, CSS, and other technologies. This is a reflection of the diversity of technology that can be leveraged in creating WordPress-powered sites and applications, and several of these skills are listed independently of WordPress in the data. Regardless of how much credibility you give Stack Overflow’s analysis of hiring trends, the rep[...]
Thu, 09 Mar 2017 02:49:36 +0000In this episode, Marcus Couch and I discuss the stories that are making headlines including, Clef shutting down, WordPress 4.7.3, and WordPress.com’s new add-on for Chrome. I shared two lessons I recently learned from managing a site that has open registration and uses BuddyPress. We also share details of WPCampus 2017. Stories Discussed: WordPress 4.7.3 Patches Six Security Vulnerabilities, Immediate Update Advised Clef is Shutting Down June 6th WordPress.com Releases Chrome Add-On for Google Docs Freemius Launches Insights for WordPress Themes Configuring a User Avatar in WordPress Is Not as Easy as It Should Be BuddyPress Core Contributors Working on a Way to Safely Edit a Group’s Permalink WPCampus 2017 to Take Place July 14-15 in Buffalo, NY What’s on WordPress.tv: WordPress Community Interview With Jenny Beaumont Jenny Beaumont is a multicultural, multidisciplinary maker and writer of things. She is a leader of people and of projects, who values communication above all else as a means to successful collaboration. Jenny and Paolo Belcastro, are the co-organizers of WordCamp Europe. She is the team lead of the local WordPress Community. Rob Ruiz: Admin Experience – The New UX This presentation is part of WordCamp Omaha 2016. Too often, User Experience is only considered on the front-end of a WordPress site design. Although that is very important, too many WP Designers/Developers stop there. This video goes over tricks and methods to make updating and administrating WordPress sites much more user-friendly for the admin/site-owner/client. Chris Klosowski: Democratizing Inspiration This presentation is part of WordCamp Phoenix 2016. All businesses and stories start as an idea. WordPress is a democratized platform for that inspiration, where ideas are empowered to evolve into meaningful products and stories that shape and create the world we want. Plugins Picked By Marcus: WP Clone Menu enables you to clone menus using existing menus. WordPress List Images to Optimize gives users an idea of which ones need to be optimized or re-uploaded. WP Raffle fully automates an online raffle. Simply install, start the appropriate raffle and prizes, and this plugin does the rest; picking the winners at the designated raffle draw date. WPWeekly Meta: Next Episode: Wednesday, March 15th 3:00 P.M. Eastern Subscribe To WPWeekly Via Itunes: Click here to subscribe Subscribe To WPWeekly Via RSS: Click here to subscribe Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe Listen To Episode #266: [...]
Wed, 08 Mar 2017 21:23:17 +0000
Google announced that it is retiring its official Adsense plugin, previously known as the Google Publisher plugin. For the past three years it has allowed WordPress users to easily add Adsense ads to their sites, enable mobile-specific ad layouts, and manage ads with a point-and-click interface.
“After reviewing the AdSense Plugin for WordPress, we’ve decided that in the future we can support WordPress publishers better with new innovative features like our automatic ad formats and other upcoming initiatives,” Google said. “As a result, we will be deprecating the AdSense Plugin for WordPress in May 2017.”
Google published the following timeline for sunsetting the plugin:
Although Google’s Adsense plugin was used by more than 200,000 WordPress sites, the company has not provided support for the plugin for the past two years. It has been poorly reviewed throughout its three-year listing on WordPress.org and is currently hovering at 2.7/5 stars.
This change will also affect dozens of other Google Adsense plugins, as Google is changing its ad display recommendations and does not endorse or support using any other WordPress plugins for this purpose.
Affected publishers received an email with information on how to display ads without the plugin. Google recommends deactivating and removing the plugin, followed by using the QuickStart option or creating and placing ad units by inserting the ad code into text widgets. Those who are manually placing ads using widgets will need to make sure they comply with Google’s detailed ad placement policies.
The new QuickStart method is a page-level ad format that automatically displays ads at “optimal times” when Adsense deems they will perform well and provide a good experience for visitors. These ads can be turned on by placing the QuickStart code within the tag. It’s easier to set up but not nearly as flexible as placing ads in text widgets, which can be conditionally displayed or hidden on pages, categories, tags, and post types using widget visibility rules offered in Jetpack or another plugin.
Wed, 08 Mar 2017 20:12:25 +0000
I’m really excited about the new Google Docs integration that just launched — basically it builds a beautiful bridge between what is probably the best collaborative document editor on the planet right now, Google’s, and let’s you one-click bring a document there into a WordPress draft with all the formatting, links, and everything brought over. There’s even a clever feature that if you are copying and pasting from Docs it’ll tell you about the integration.
I think this is highly complementary to the work we’re doing with the new Editor in core WordPress. Why? Google Docs represents the web pinnacle of the WordPerfect / Word legacy of editing “pages”, what I’ll call a document editor. It runs on the web, but it’s not native to the web in that its fundamental paradigm is still about the document itself. With the new WordPress Editor the blocks will be all about bringing together building blocks from all over — maps, videos, galleries, forms, images — and making them like Legos you can use to build a rich, web-native post or page.
We’re going to look into some collaborative features, but Google’s annotations, comments, and real-time co-editing are years ahead there. So if you’re drafting something that looks closer to something in the 90s you could print out, Docs will be the best place to start and collaborate (and better than Medium). If you want to built a richer experience, something that really only makes sense on an interactive screen, that’s what the new WordPress editor will be for.
One final note, the Docs web store makes it tricky to use different Google accounts to add integrations like this one. To make it easy, open up a Google Doc under the account you want to use, then go to Add-ons -> Get add-ons… -> search for “Automattic” and you’ll be all set.
Wed, 08 Mar 2017 12:00:56 +0000When I was 17, I attended the school for graphical design and printing. I remember one time a teacher yelling at me: ‘With an attitude like that, you won’t get very far in life’. I don’t know why this pops into my mind at the very moment I started to writing this piece for HeroPress. I guess I always wanted to do things my way. I have had pretty strong thoughts about how and why I wanted to do things in life, both personally and work wise. I’ve felt a great love for the DIY and making industry all my life, and was surrounded by people in small alternative ecosystems in my early twenties. Doing printing, music, squatting, cooking… those were the days. After a while, I sort of drifted apart. My career and life seemed to go a different way from what I actually loved. However, I did some small DIY internet projects on the computer that I got halfway through the nineties. I built some blogs and figured out how to do html. I was all on the side though, never professional. A New Beginning Around 2002, I really wanted to go away from what I had and dream, make plans and start a new life. So I ditched my management job, husband and newly built house. With a new love in my life, I bought a 150 year old farmhouse in a rural part of the Netherlands. We were busy doing it up and dreamt about starting our own business someday. Not to depend on a time & place based 9-5 job anymore. In 2007, we started our own webshop in organic gardening and sustainable, handmade garden tools. I experimented with code, Open Source Systems and SEO. I did graphical design, e-mail marketing, text writing, photography… we grew and grew and grew. And then we hit the ground. We got struck by the crisis and everything fell apart. It made me rethink my career and 2011 was the start for me working with WordPress. I had built websites , but never designed a website with a content management system (besides the webshop). I knew WordPress from the dot com blog I had, so after comparing a few systems and asking for advice on Twitter, I decided to have WordPress as a basis for my future work. At the time, I didn’t know what WordPress was. I mean, what WordPress really was. Basically it was the software I chose to work with, but that was that. I spent a lot of time finding out about the plugins, themes and adjusting code and css. But I never knew about the WordPress community that was there, and I wish I had. Although I’ve learned a great deal from my research and mistakes, it would have been so much easier having the supportive community around in the early days of my life as a web designer. It took me quite a while to find out about the WordPress community. I had discovered WordPress support, but never realised these were all hardworking people like me, giving back some time and knowledge to the community without getting paid for it. I guess the anonymity of the internet was part of the reason for me not knowing. At some point I heard about these web developer and design conferences in general, not WordPress specific. It never occurred to me to go there, because I thought I woul[...]
Wed, 08 Mar 2017 09:05:17 +0000Clef, a two-factor authentication service founded in 2013 has announced that it is discontinuing its product. Clef is most well known for removing the burden of remembering usernames and passwords by replacing them with a 300 character key using mobile cryptography. The service’s WordPress plugin is active on more than 1M sites and has been removed from the directory. Clef will continue operating until June 6th, 2017. After June 6th, the mobile app will stop functioning and be removed from the Google Play and Apple App stores. Users are highly encouraged to transition to a different two-factor authentication provider as soon as possible. Clef has published a transition guide to help users switch to Two-Factor, Authy, or Google Authenticator. The announcement offers few details as to why the service is shutting down. Brennen Byrne, Clef’s CEO, says the team is joining another company and that more details will be published soon. Users and customers reacted to the news by expressing disappointment and sadness in the comments, “I am very very sad for that,” Furio Detti said. “And I must admit a bit disappointed — Clef was clever, clean, quick.” “I need no more and no other. I’d like to know if the shutdown could be a sign of bad luck in business or a changing of strategy to improve the product. I tried many systems, but CLEF was the very best, the others, almost annoying crap.” Others questioned how the company reached the point of shutting down, “Has something gone wrong or incredibly right?,” John Walker asked. “How can something so useful and reassuring be canned?” “WordPress installer states over 1 million active users. That’s a lot of websites to just drop without tangible explanation.” The decision to sunset the product was not an easy one, “We’ve considered a lot of options for how we can satisfy our responsibility to the folks who have used our product for a long time, but ultimately we felt like this was the only responsible option we could take,” Byrne said. The service offered commercial business plans, including a $1,000 a month plan but couldn’t find a business model that worked, “We’ve been so happy to build a product that people loved and which had widespread adoption in the WordPress community, but we haven’t been able to find a business model which made the company sustainable,” he said. It’s evident by the comments that Clef offered something unique. Whether it was the user experience, ease of use, or working like magic, the service has a devoted fanbase that love the product. Please spread the word that Clef is shutting down as potentially thousands of users may not discover it until their keycodes stop working on June 6th. [...]
Tue, 07 Mar 2017 22:14:37 +0000WordPress.com released its new Chrome Add-on for Google Docs today. The free add-on allows users to edit documents collaboratively in Google Docs and then send the document directly to any WordPress.com site as a draft post. The add-on can also connect to Jetpack-enabled sites, offering the same functionality for self-hosted WordPress users. After installing the add-on from the Google Chrome Store, users will be asked to give permission for it to send posts to WordPress.com. Clicking on the Add-ons menu within the document will open a sidebar where you can add sites. When the document is ready to send to one of your sites, you can click on the “Save Draft” button. You’ll be given a preview link to check out how it looks on the site. Ordinarily, copying and pasting content from Google Docs into WordPress results in a messy draft that lacks the same formatting. The new add-on was created to tackle this problem. It duplicates the document’s images and formatting into WordPress, cutting out a lot of secondary formatting that used to be required. “Collaboration has been a big area of interest for us, and we want to investigate a lot of different approaches,” Automattic representative Mark Armstrong said. “Google Docs made perfect sense because it’s where a lot of people already do collaborative editing. If we could streamline that process for publishing a Google Doc on WordPress, that would help so many people. We’ve been testing it with publishers and heard a lot of great feedback.” Armstrong didn’t have any data for how often users paste content from Google docs to WordPress.com, but making content more portable between the two platforms is an often requested feature. The WordPress Plugin Directory has several plugins for embedding Google documents inside content via a shortcode embed or oEmbed, demonstrating that thousands of users are already interested in bringing content over from Google Docs to WordPress. After testing the add-on with a sample document that includes special formatting and images, I found that it is a great improvement over the clunky copy and paste experience. Sending posts to WordPress.com is fairly seamless and works as advertised. In testing with multiple Jetpack-enabled sites I received some errors when authenticating, which may be due to a security limitation of my host. We had the same issue with the Tavern and were not able to fully test it for self-hosted WordPress sites, but are continuing to investigate the issue. However, other Jetpack-enabled sites are reportedly working with the add-on as expected, according to Armstrong. Heavy users of Google Docs and WordPress are excited by the prospect of having the two platforms play nicely together. It saves users quite a bit of time and the new tool will do a lot to bridge the gap for those who rely on Google Docs for collaborative editing. It’s the next best thing to having collaborative editing built into WordPress. [...]
Tue, 07 Mar 2017 20:39:42 +0000
WordPress 4.7.3 is now available with patches for six security vulnerabilities that affect version 4.7.2 and all previous versions. WordPress.org is strongly encouraging users to update their sites immediately.
The release includes fixes for three XSS vulnerabilities that affect media file metadata, video URLs in YouTube embeds, and taxonomy term names. It also includes patches for three other security issues:
These vulnerabilities were responsibly disclosed by a variety of different sources contributing to WordPress security.
Version 4.7.3 is also a maintenance release with fixes for 39 issues. This includes a fix for an annoying bug that popped up after 4.7.1 where certain non-image files failed to upload, giving an error message that said: “Sorry, this file type is not permitted for security reasons.” Those who were negatively impacted have been waiting on this fix for two months.
WordPress sites that haven’t been updated have been subject to a rash of exploits during the last month after a WP REST API vulnerability was disclosed. Now that the patched vulnerabilities in 4.7.3 are public, it is only a matter of time before hackers begin exploiting sites that do not update. If you have auto-updates on, your site has probably already updated by now. If for some reason you have auto-updates disabled, you will want to manually update as soon as possible.
Tue, 07 Mar 2017 11:46:15 +0000
Inc. writes The Job Interview Will Soon Be Dead. Here’s What the Top Companies Are Replacing It With, and looks at how our brains mislead us in interviews and how Menlo Innovations and Automattic approach it.
Tue, 07 Mar 2017 05:15:50 +0000NRKbeta, the Norwegian Broadcasting Corporation’s media and technology site, is experimenting with a new way of keeping comments on topic. A new plugin on the WordPress-powered site aims to ensure commenters have read the article by requiring them to complete a short, three-question quiz before opening the comment form. Visitors who get the questions wrong cannot contribute to the discussion. The custom plugin was created to narrow the commenting field to those who are operating on a common basis of understanding of the article. It prevents commenters from skimming the article and then going on a rant. The NRKbeta team open sourced the plugin on GitHub today. It’s also in the review queue for the WordPress Plugin Directory and will be available for a one-click install after it passes review. Quiz is an another WordPress.org plugin that performs a similar function. Despite not having been updated for two years, the plugin is active on more than 2,000 sites. Post authors can create a question for each post in the “Comment Quiz” meta box. The plugin was also designed to help reduce spam comments. NRKbeta’s new Comment Quiz plugin takes a slightly different format, offering multiple choice in the form of radio buttons as well as the ability to add multiple questions. The comment form automatically slides into view after the visitor answers correctly. The idea of quizzing visitors before allowing them to comment gained quite a bit of interest after NRKbeta announced the experiment, but the publication is still experimenting to see how the quizzes affect commenting. Ensuring that readers have fully read the article comes at the expense of well-intentioned commenters who are now subjected to a time-wasting test. The plugin puts the burden of proof on the commenter in hopes of fewer rants and off-topic responses getting through. Some visitors may perceive the quiz as infantilizing potential commenters while others may see it as a mild annoyance. The quiz is a simple hurdle, easy to bypass by guessing until you land on the correct answer. It amounts to more of a speed bump than a true test of having read the article. It doesn’t take into account that many commenters who are prone to trolling and ranting off topic can be quite motivated and not significantly inconvenienced by a short quiz. If the questions are written to condition the commenter for a desired response, then it does little to promote free thinking. This seems like an expensive trade-off for fewer rants in the moderation queue. It all depends on how the publication implements the plugin. Hopefully NRKbeta will report back on how effective the Comment Quiz plugin was at deterring undesirable off-topic responses while retaining level-headed commenters. [...]
Mon, 06 Mar 2017 22:35:24 +0000I maintain a website with active user registration and a common support question I’m asked is, “How do I change my profile picture?” The answer is not easy as it should be. WordPress’ profile image system is powered by Gravatar, an Automattic owned service. It replaced the old method of uploading a profile picture in WordPress 2.5 “Brecker”. The longer I maintain the site, the more frustrated I get that Gravatar is the default way users create and manage their profile image. In the past, I’ve written how managing Gravatars in WordPress is a bad user experience and not much has changed. Many of the people requesting support simply want an Upload button or link that enables them to upload an image and use it as their avatar. One way to replace Gravatar is with the WP User Avatars plugin developed by John James Jacoby. WP User Avatars is part of the Stutter collection of plugins that replaces Gravatar and adds the ability for registered users to upload an image from their machine. Alternatively, users can click the Choose from Media button to choose an image from the Media Library. Existing profile images are preserved. WP User Avatar Interface I tested the plugin on WordPress 4.7.3 and didn’t encounter any issues. It’s worth noting that according to the plugin’s FAQ, it doesn’t work well with multisite. There has recently been some discussion on a six-year-old trac ticket requesting upload functionality for custom avatars. Some have even suggested that Simple Local Avatars, WP User Avatar or Add Local Avatar could be merged into core to provide the functionality. All three plugins combined are active on nearly 300K sites. The site I administer is the first I’ve managed in my WordPress career that has open registration. Interacting with registered users who are often new to WordPress has opened my eyes to how bad of an experience configuring an avatar is. Relying on a third-party service as core functionality to manage profile images doesn’t make any sense. Let us know what your experience is like configuring an avatar in WordPress. If you use a plugin that adds local avatar support, share a link to it in the comments. [...]
Mon, 06 Mar 2017 22:16:07 +0000This past weekend while managing a site that runs BuddyPress, I ran into a situation where I needed to change a group’s slug or permalink. Editing the permalink for a post or page in WordPress is easy but BuddyPress doesn’t have the same functionality. As you can see in the screenshot below, an edit button to change a group’s permalink doesn’t exist. No Way to Edit a Group’s Permalink Changing the permalink of a post in WordPress automatically creates a redirect so the previous URL doesn’t generate a 404 error. BuddyPress doesn’t offer the same convenience. According to John James Jacoby, BuddyPress lead developer, groups do not have a canonical redirection, or keep track of their slug history. In my scenario, I had two choices. I could either change the slug and break a number of links or delete the group and recreate it with the slug of my choice. Since the group already has more than 300 members and a handful of posts, I chose the first option. After a cursory search of Google on how to change a group’s slug, I came across many results that referenced the BP Edit Group Slug plugin created by Jacoby that had not been updated in seven years. As recently as two months ago, a thread on the BuddyPress support forums confirmed that the plugin was broken and generated a lot of errors. After speaking to Jacoby on Slack and linking him to the forum thread, he graciously spent two hours of his time to update the plugin. I can confirm that it works as advertised with BuddyPress 2.8.1. To change a group’s slug after activation the plugin, visit the Group’s management page on the front-end of the site. Editing a Group’s Slug Eight years ago, a ticket was created on BuddyPress trac requesting the ability to change a Group’s slug. The ticket was eventually closed and labeled wontfix by Boone Gorges, BuddyPress lead developer, “Adding it as a core feature is likely to introduce lots of problems, because changed group slugs break all existing links to the content,” Gorges said. “We don’t have a graceful fallback system for changed permalinks, like WP posts do. For now, let’s leave this to a plugin. If we ever overhaul groups to have a different storage mechanism, we can revisit.” In the BuddyPress Slack channel, David Cavins offered the following idea on how the feature could work, “We could probably add a step after the lookup fails that looks in another place, like group_meta for key = previous_slug and value = slug that missed a group,” he said. Both Gorges and Jacoby approved the idea and encouraged Cavins to work on it for BuddyPress core. Until the feature is added to core, perhaps a note could be added to the BuddyPress group creation screen for step three that emphasizes how important it is to make sure the permalink is correct. BuddyPress Group Creation St[...]
Mon, 06 Mar 2017 19:06:58 +0000In January 2017, WordPress core design contributors posted a survey titled What are you using the Customizer for? The link was published on the Make WordPress Design blog and wasn’t widely shared, so it only received 50 replies. Responses were anonymous, but most seem to have come from the WordPress developer community. Despite the small sample number, the design team deemed the initial results important enough to share with the community. Responses on the first question show that 53% never or rarely use the Customizer and 7.8% tend to only use it when setting up a site for the first time. Those who do use it (39.3%) range in frequency from monthly, weekly, and daily. More than half of respondents (53.6%) do not add plugins to extend the Customizer. Those who do are adding plugins for theme options (12.5%), colors (5.4%), layout (7.1%), and other (21.4%). The majority of respondents indicated they use themes that add new functionality to the Customizer (53.9%) and those specified include colors, layout, typography, theme options, and design features. When asked if is there anything in the Customizer they cannot live without, 53.2% of respondents said no. This isn’t surprising given that most of them seem to be developers who are likely familiar with adding custom CSS or making edits to a child theme. Only 6.4% said they could not live without live previews. When asked if there was anything in the Customizer they never use, 31.3% of respondents said “Everything,” 20.8% said “No,” and the others identified specific features. The negative comments on the questions are a general indicator of the lingering dissatisfaction with the Customizer. For those who use the feature regularly, one strong theme in their comments is that the separation between what settings are available in the Customizer versus the backend is confusing: Setting up theme styling, redesigning, setting up sites, etc. Very useful for quick changes like a new header image to change up the look. Wish you could edit everything there instead of going elsewhere to edit content too. I don’t like it and wish that I didn’t have to use it. Most often if there is a setting I had to use the customizer for, I will either forget that something was set in the customizer and end up hunting around for it for a long time before remembering that’s where it was. More often than not the “preview” functionality doesn’t work and you have to save the settings anyway. Also there doesn’t seem to be any consistent logic as to what features should be in the customizer, and theme authors just put whatever they feel like putting in there. What would be great, it is to incorporate more settings in the Customizer in order to avoid the back and forth to set up the site (date format, title, tagline, posts per page, …). Many users don’t understand the se[...]
Mon, 06 Mar 2017 17:53:30 +0000WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect URL validation. Reported by Daniel Chatfield. Unintended files can be deleted by administrators using the plugin deletion functionality. Reported by TrigInc and xuliang. Cross-site scripting (XSS) via video URL in YouTube embeds. Reported by Marc Montpas. Cross-site scripting (XSS) via taxonomy term names. Reported by Delta. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources. Reported by Sipke Mellema. Thank you to the reporters for practicing responsible disclosure. In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series. For more information, see the release notes or consult the list of changes. Download WordPress 4.7.3 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.3. Thanks to everyone who contributed to 4.7.3: Aaron D. Campbell, Adam Silverstein, Alex Concha, Andrea Fercia, Andrew Ozz, asalce, blobfolio, bonger, Boone Gorges, Boro Sitnikovski, Brady Vercher, Brandon Lavigne, Bunty, ccprog, chetansatasiya, David A. Kennedy, David Herrera, Dhanendran, Dion Hulse, Dominik Schilling (ocean90), Drivingralle, Ella Van Dorpe, Gary Pendergast, Ian Dunn, Ipstenu (Mika Epstein), James Nylen, jazbek, Jeremy Felt, Jeremy Pry, Joe Hoyle, Joe McGill, John Blackbourn, John James Jacoby, Jonathan Desrosiers, Kelly Dwan, Marko Heijnen, MatheusGimenez, Mike Nelson, Mike Schroder, Muhammet Arslan, Nick Halsey, Pascal Birchler, Paul Bearne, pavelevap, Peter Wilson, Rachel Baker, reldev, Robert O’Rourke, Ryan Welcher, Sanket Parmar, Sean Hayes, Sergey Biryukov, Stephen Edgar, triplejumper12, Weston Ruter, and wpfo.[...]
Mon, 06 Mar 2017 15:44:48 +0000Welcome to the Post Status Draft podcast, which you can find on iTunes, Google Play, Stitcher, and via RSS for your favorite podcatcher. Post Status Draft is hosted by Brian Krogsgard and this episode’s special guest, Carrie Dils. Carrie Dils has been self-employed for a long time. After years of client work, she now makes her full-time living through multiple different channels, but is not currently doing client services. In this episode, Brian and Carrie talk about various methods for generating revenue, and some helpful tools to do so. https://audio.simplecast.com/61980.mp3 Direct Download Links Why Procrastinators Procrastinate ConvertKit Mailchimp Chimp Essentials Mailchimp course Paul Jarvis on Carrie’s podcast Sunday Dispatches Nerd Marketing Amy Lynn Andrews Todoist Simplenote Getting Things Done 1Password Interview with Diane Kinney Links to Carrie’s Work Experience as an Uber driver Office Hours Carrie’s blog WordPress courses Utility Pro theme Real World Freelancing book Sponsor: Prospress Prospress makes the WooCommerce Subscriptions plugin, that enables you to turn your online business into a recurring revenue business. Whether you want to ship a box or setup digital subscriptions like I have on Post Status, Prospress has you covered. Check out Prospress.com for more, and thanks to Prospress for being a Post Status partner. Photo by Karyn Kelbaugh[...]
Sun, 05 Mar 2017 16:00:10 +0000March 8th we’ll have 100 HeroPress essays published. This seems like an auspicious time to look back at what we’ve built. Since the first one I’ve only missed maybe 2 weeks. One essay has been taken down for security reasons. Only once has anyone really stood me up, and only four times or so has anyone asked for more time at the last second. In those times someone always stepped up. A goal of mine has always been diversity, across a number of vectors. I did pretty poorly in the first few months and ended up with diversity debt. Here are some stats as of the 100th post: Men Women Americans Non-Americans 55 44 34 66 That said, if you look at the last 50, the numbers look much more diverse: Men Women Americans Non-Americans 22 26 16 34 I have the next 8 contributors planned out, and they continue to enhance the diversity of HeroPress. Sponsorship Last June XWP started sponsoring HeroPress. As I’ve mentioned many times before, I’m wary of mixing money with HeroPress, because I never want to make money from the stories of these people I admire and respect so much. That said, the sponsorship makes it easier for me to spend the time away from my family working on HeroPress. Some wise people have told me that using money appropriately won’t lose me any real friends, so there we are. If you’re interested in talking to me about sponsorship, just send me an email, topher at this domain. The Future I don’t have any plans for changing the way essays work. I have people lined up through the end of April. I’ve recently found some new ways to find WordPressers in places I couldn’t access before, and I’m excited about the new places we’re going to hear about. I’ve been talking for months about doing a podcast. It would simply be me and someone far away from me talking about how they work and live. I hesitate to talk to Americans, because I already know how they live and work, but on the other hand, people outside America might be interested. We’ll see what happens after some research. I have some ideas about scholarships and software accessibility programs, but I’m still putting those together. I’ve recently been contacted by another organization that wants to work together on a scholarship, and that sounds exciting. Again, we’ll see what happens. Thanks I’d like to thanks everyone that’s been involved in making HeroPress great. At this point there are too many to name. Those of you that have tweeted, blogged, podcasted, and generally spread the word are amazing. Thanks to those that have written essays especially. Without contributors HeroPress wouldn’t exist at all. Thanks to those that have facilitated getting me to WordCamps like Pune[...]
Fri, 03 Mar 2017 23:02:35 +0000photo credit: Green Chameleon Web annotations became a W3C standard last week but the world hardly noticed. For years, most conversations on the web have happened in the form of comments. Annotations are different in that they usually reference specific parts of a document and add context. They are often critical or explanatory in nature. One of the key differences between comments and web annotations, according to the new standard, is that annotations were designed to be decentralized, creating “a new layer of interactivity and linking on top of the Web.” Comments are published by the publisher at the same location as the original content, but web annotation content is owned by the reader. Annotations don’t have to be published on the original content. The reader has the choice to publish using an “annotation service” or their own website. Doug Schepers, former Developer Relations Lead at W3C, described the difference between annotating and commenting on an episode on The Web Ahead podcast: When a comment is at the bottom of a page, it’s so abstracted out from the rest. They get off track, they start talking about other things that have nothing to do with the original article. If it’s an even vaguely political topic, you’ve got the partisans jumping in, yelling at one another, how they’re all idiots. You lose track with the content of the article. There’s this viscerality, this immediacy, of actually commenting on something in its context. Do people want to annotate the web? Popular implementations of this concept, such as Genius Web Annotator and Medium’s annotation-style commenting, show that people enjoy interacting on the web in this way. The W3C Web Annotation Working Group’s goal in standardizing the technology behind web annotations was to produce a set of specifications for “interoperable, sharable, distributed Web Annotation architecture,” enabling healthy competition between services and discouraging publisher lock-in. Decentralization is critical to unlocking the full potential of annotations on the web. If commenters have control of their own content, they have the freedom to publish it wherever they like. Open comments sections can sometimes offer the illusion of discourse, but are ultimately under the control of the publisher. This is obvious if you’ve ever seen a controversial blog post, which should undoubtedly have comments with varying viewpoints, but the only comments published are those in agreement with the author. “This notion that whoever controls the original source also controls the dialog – that’s dangerous,” Schepers said. “This is why I like the idea of annotations. It’s inherent in [...]
Fri, 03 Mar 2017 17:24:55 +0000WPCampus Date After the inaugural WPCampus concluded in 2016, organizers put out a call for campuses across the country to host the event in 2017. The WPCampus planning committee has announced that WPCampus 2017 will be held July 14-15, at Canisius College in Buffalo, New York. In addition to announcing the date, the committee is accepting speaker submissions and looking for sponsors. Speaker submissions will be accepted until March 24th, 2017. Rachel Carden, a Senior Software Engineer for Disney Interactive, came up with the idea for WPCampus in a Tweet published in August, 2015. Since then, the community has grown to more than 500 members. Ooh. Dream with me: "#WordCampus: A WordCamp for folks using #WordPress in Higher Education." I like it. #heweb https://t.co/m1zEkpkP4B — Rachel Carden (@bamadesigner) August 3, 2015 Interview With Rachel Carden What did you learn from organizing the first WPCampus that will improve the second event? Most of the lessons learned from WPCampus 2016 involved logistics. A brand new community planning a brand new event with very minimal people ‘on the ground’ was challenging but, clearly, not impossible. Most of the changes we’ve implemented have been on how to make the time we spend planning more efficient, especially since we are an entirely volunteer-driven organization spread out all over the world. Overall, our first event was a success but there’s always little notes you take away for the next go round, like ‘make sure we take the group photo BEFORE everyone leaves’ and highlighted at the top of the list: ‘make sure we have candy again.’ Ultimately, our main priority is to ensure attendees aren’t worrying about the ‘where’, ‘what’, and ‘how’ so they can instead focus on learning, networking, and making the most out of our short time together. This means taking notice of how we can improve communication, signage, etc. ‘The secret of all victory lies in the organization of the non-obvious’ could not be more true. The biggest question we asked ourselves after WPCampus 2016 was ‘how can we create more opportunities for diverse interaction and discussion?’ Our planning team has some great ideas and we’re excited to experiment a little, to see how a conference might be able to drive development outside the usual sessions and lightning talks. We’re really excited for what’s in store for our next event. Will there be another WordPress in higher education survey? I hope so! If not, it won’t be for lack of desire. Last year’s survey offered an incredible amount of insight and data into how WordPress is being used in higher education. It would be great to [...]