It might come down to React vs. Vue.js. Important to monitor this and future discussions, since it impact WordPress core in a major way.
@omarreiss helped lead the discussion and kick-started the conversation by opening a detailed and thoughtful ticket in trac (#40834) which introduces modules, their goals and how we could go about using them in core. The discussion was around considerations specific to WordPress and a need for modularity was mentioned – @westonruter called out this need for the Customizer, see #30277. Ideas for code that could be extracted into modules included quickedit, core date utilities and wp.media.view.FocusManager.
The decision was made to move in the direction of using Webpack (and ES6 imports) as our bundler of choice, and to work first on switching out browserfy in our current build chain.
Discussion started on choosing a new framework for use in core. The main frameworks discussed so far were React and Vue. Attendees shared their hope, goals and criteria for choosing a new framework and mentioned: stability, longevity, mature, well-adopted, proven in a WordPress context, accommodating to accessibility requirements,
Although WordPress isn't mentioned in the article, we know that NASA uses WordPress across numerous of sites, including blogs.nasa.gov, so they definitely had to include WP in the planning and implementation phases.
https security Editor’s note: This is a guest post by Karim Said of NASA. Karim was instrumental in NASA’s successful HTTPS and HSTS migration, and we’re happy to help Karim share the lessons NASA learned from that process.
In 2015, the White House Office of Management and Budget released M-15-13, a “Policy to Require Secure Connections across Federal Websites and Web Services”. The memorandum emphasizes the importance of protecting the privacy and security of the public’s browsing activities on the web, and sets a goal to bring all federal websites and services to a consistent standard of enforcing HTTPS and HSTS.
HTTPS is important for a federal agency like NASA, whose presence on the web is a critical part of achieving our mission of sharing knowledge and information.
But NASA is big!
Moving to full HTTPS deployment for NASA represented a significant challenge. We host well over 3,000 public-facing websites and services across 12 geographically dispersed and managerially distinct centers. Communication across such a diverse workforce is difficult and required the concerted effort of a core team in the Office of the Chief Information Officer (OCIO),
Accessibility changes come to tag clouds, and we say Bye, Felicia to title attributes in tag clouds.
The Tag Cloud widget is still pretty popular and for a number of years, it has used title attributes to visually display the number of posts using a specific tag. WordPress 4.8 removes these title attributes and replaces them with aria-label attributes with optional counts displayed in plain text.
Why it matters
Title attributes aren’t very accessible. Depending on the specific assistive technology and on user settings, they might be completely ignored. On touch devices, title attributes are a bit pointless.
The best option is not to rely on title attributes to convey important information to users. Information that is important enough should be available to all users.
In the last few releases, WordPress has been progressively removing many title attributes used in the admin screens (see: #24766). The same principle applies to the front end. The Tag Cloud widget is another step towards the progressive removal of title attributes in the front end where they’re used inappropriately.
What plugin or theme authors should know
There are no visual changes by default, other than the removal of the title attributes. There is a new option for developers though: tag counts can be displayed
Over 50 bugs were fixed since Beta 1 - grab a download to test and see the new media widgets and the improved visual editor experience.
WordPress 4.8 Beta 2 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.8, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
For more information on what’s new in 4.8, check out the Beta 1 blog post. Since then, we’ve made over 50 changes in Beta 2.
Do you speak a language other than English? Help us translate WordPress into more than 100 languages!
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.
WordPress four point eight
One step closer to release
Please test Beta 2!
Developers: this is one you'll want to read. Josh Pollock is a recognizable name in the dev community. Why he's going w/ Laravel for his app backend.
About three years ago, I wrote a post for Torque titled “Yes, You Really Can Use WordPress To Build Apps.” In 2014, this was an emerging idea, but now it’s done quite often. The WordPress REST API, as well as a shift in how we think about WordPress, has contributed to this change. At LoopConf this year, Ryan McCue, the co-lead developer of the WordPress REST API gave a talk called “Next Generation WordPress.” He said that we’ve gone from the WordPress as a blog, to the WordPress as a CMS, to the WordPress as a platform era. It’s a great talk, you should really watch it on YouTube.
In the talk, Ryan talks about the need to prioritize developer experience. In general, WordPress core decision making is driven by a user-first approach. Decisions are made based on what will benefit users. And that’s great. WordPress is always going to be driven by platforms like WordPress.com or StudioPress.com that serve bloggers and SMB who need a website that just works and those who create similar experiences on self-hosted WordPress. This is an example of how WordPress is being used in nontraditional ways.
Here’s the thing. I’ve been one of
HackerOne is a platform for security researchers to report vulnerabilities. With the announcement also comes introduction bug bounties!
WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially on HackerOne! HackerOne is a platform for security researchers to securely and responsibly report vulnerabilities to our team. It provides tools that improve the quality and consistency of communication with reporters, and will reduce the time spent on responding to commonly reported issues. This frees our team to spend more time working on improving the security of WordPress.
The security team has been working on this project for quite some time. Nikolay Bachiyski started the team working on it just over a year ago. We ran it as a private program while we worked out our procedures and processes, and are excited to finally make it public.
With the announcement of the WordPress HackerOne program we are also introducing bug bounties. Bug bounties let us reward reporters for disclosing issues to us and helping us secure our products and infrastructure. We’ve already awarded
Strategies from Calvin on how you can leverage performance gains and layout options using "modern technologies".
I’ve once again updated my theme, but for good reasons. I wanted to explore two areas of front-end web development that I needed more experience in: WordPress performance in building themes, and the new CSS kid on the block — Grid. This post is a review of the strategies I used in the theme, and how you can leverage performance gains and layout options using modern technologies. If you like the theme, you can get it for free on GitHub.
WordPress Performance is Achievable
WordPress is actually very performant. Forcing server-side rendering used to be an issue, but with the WP-API almost all of the setbacks to performance are no longer forced and therefore invalid arguments. What’s more important, is that most performance issues come from bloated themes and plugins. They often times add either large-size assets to the page, or smaller-size assets in render-blocking methods.
Usually, it’s both.
With this theme, I wanted to reign in the excessive default resources that are usually coupled with modern themes and trim everything down to as small as possible. The result?
An average ~24kb page size on my homepage, and ~500ms load time. Pretty great results for what many
When WordPress 4.7 was released at the end of 2016 most of the response was around the new REST API endpoints. However, it was one of the smaller features that caught my eye: PDF preview images. In this post I take you through what that entails, why it’s useful, and how to get it set up on your own site.
When WordPress 4.7 was released at the end of 2016 most of the response was around the new REST API endpoints for posts, comments, terms, users, meta, and settings. However, it was one of the new smaller features that caught my eye: PDF preview images. In this post I’ll take you through what that entails, why it’s useful, and how to get it set up on your own site.
Real World Use
The new feature means WordPress now has the ability to create an image from the first page of a PDF when it is uploaded to the Media Library, as long as your server has the necessary requirements (more on that later). The release post boasts that the new feature allows you to “more easily distinguish between all your documents”, however I instantly recognized a better use for the preview image.
For the last 4 years my wife has been running an educational resources website which allows teachers and parents to download free PDF teaching resources. Naturally I was roped in to build and maintain the site! It runs on WordPress (of course) and is powered by Easy Digital Downloads. Every time she adds a new resource, the workflow includes:
Create the PDF resource
Use a program to generate an
Smaller release than i think was expected, but includes improved visual editor experience, WordPress event locator, and a few other shiny things.
We’re planning a smaller WP release early next month, bringing in three major enhancements: An improved visual editor experience, with a new TinyMCE that allows you navigate more intuitively in and out of inline elements like links. (Try it out to see, it’s hard to describe.)
A revamp of the dashboard news widget to bring in nearby and upcoming events including meetups and WordCamps.
Several new media widgets covering images, audio, and video, and an enhancement to the text widget to support visual editing.
The first beta of 4.8 is now available for testing. You can use the beta tester plugin (or just run trunk) to try the latest and greatest, and each of these areas could use a ton of testing. Our goals are to make editing posts with links more intuitive, make widgets easier for new users and more convenient for existing ones, and get many more people aware of and attending our community events.
Four point eight is here
Small changes with a big punch
Big ones come later
Interesting, though it feels incomplete. Yes, it answers the why in the title, but it leaves out the how, where, etc.
What Is Elasticsearch? Elasticsearch is an incredibly fast, open-source, distributed, and highly-scalable solution for managing your searchable content. Elasticsearch can scale up with your site, because of its distributed architecture. This means that as your site grows, Elasticsearch grows with it; and it still provides performance benefits. One of the main advantages of Elasticsearch is to offload search to a separate service, which saves valuable server resources for your site.
Why Use Elasticsearch?
WordPress’ built-in search is not optimized on sites that operate with heavy search use or complex searches. That’s because WordPress’ search works by matching full sentences in post titles, any/all search terms in post titles, and full sentence matches in post content. It relies on MySQL and does not support complex relevancy calculations or advanced filtering. More complex queries also have the risk of utilizing significant server resources.
VVV2 Vagrant box with test site
Elasticsearch Vagrant box – base setup with only one cluster
WordPress version 4.7.3 with ~24471 posts
ElasticPress version 2.4.1 to integrate WP queries with ElasticSearch
Outline of strategies and pros/cons of offloading your WordPress media library to Amazon S3. In the end, it can make spinning up new environments quicker and easier.
One of the questions we get asked fairly often about WP Offload S3 is whether or not it is OK to use in development or staging environments. When done correctly, using WP Offload S3 can greatly reduce the amount of time it takes to replicate a new environment as well as the disk space needed to do so. There are plenty of ways to skin this cat though. While there is no canonical best way to do so, we’ll go over all of the strategies and outline their pros and cons. Let’s dive in, shall we? The Problem
Let’s say we have a client with their live site at example.com. Now the client asks us to start working on a full redesign of their popular site. We need to set up a separate environment where we can safely work on this new feature in secret as well as a place for the client to review our work before they give us the thumbs up to go live.
We start by deploying the client’s WordPress site to a new server with the domain staging.example.com which contains WordPress core, the theme, and any plugins. Then we pull the database from example.com using WP Migrate DB Pro. We also need all of the images from our media library on staging as well, so we use the Media Files Addon
10up is introducing WP Docker as a simple, open source development environment based on docker-compose.
Back in 2013, 10up introduced Varying Vagrant Vagrants (VVV), a project led by then 10upper Jeremy Felt. One of the first popular WordPress development environments based on Vagrant, VVV has since been moved out of 10up’s GitHub and into its own, where it continues to thrive as a community-led project. Now, Docker and container-based server architectures have emerged as powerful tools for creating and managing development environments. Last year, we partnered with Joyent to release a scalable, production-ready Docker environment for WordPress. Today, we’re proud to release WP Docker: an open source Docker configuration optimized for local WordPress development.
Why WP Docker?
While still viable, VVV, Vagrant, and Virtual Box/Hyper-V take up extreme disk space and are slow to provision, start up, and SSH into. Because of this, engineers tend to use one “mega” VVV install for all of their development websites. This workflow poses a number of problems: system service version and configuration “normalization” across all projects (i.e. PHP 7 on everything when some projects run PHP 5.6 in production), and legacy clutter (i.e. old websites and system packages
To "tackle the problem of serving large volumes of images", Human Made has developed a scalable image service that integrates with Amazon S3.
As an enterprise web development agency, we frequently deal with high-traffic, high-bandwidth sites. We use a horizontally-scalable architecture built on Amazon’s AWS platform to ensure great performance, high availability, and low costs for our clients. This allows us to serve essentially any amount of traffic to sites without breaking a sweat. While most sites are primarily text-based, the larger size of images means that bandwidth from images can have an outsized effect on bandwidth cost and server load.
To tackle the problem of serving large volumes of images while minimising costs, we developed Tachyon, our scalable image service. Tachyon integrates with Amazon S3, and integrates with WordPress through the Tachyon plugin combined with our S3 Uploads plugin (but can also be used for non-WordPress projects).
Our First Attempts
When we initially looked at solving issues around images, we set out to solve two main issues: image regeneration, and caching. Rather than creating and storing thumbnails on upload, we wanted a dynamic system, which would allow us to easily create or change the available sizes, along with allowing complex cropping. To combine the dynamicism of this system
WordPress officially ending support for Internet Explorer versions 8, 9, and 10, starting with WordPress 4.8.
Previously, we discussed the new editor and browser support within WordPress core. Following up on those conversations, we are officially ending support for Internet Explorer versions 8, 9, and 10, starting with WordPress 4.8. Microsoft officially discontinued supporting these browsers in January 2016, and attempting to continue supporting them ourselves has gotten to the point where it’s holding back development. I realize that folks still running these browsers are probably stuck with them because of something out of their control, like being at a library or something. Depending on how you count it, those browsers combined are either around 3% or under 1% of total users, but either way they’ve fallen below the threshold where it’s helpful for WordPress to continue testing and developing against. (The numbers surprised me, as did how low IE market share overall has gone.)
Of course, wp-admin should still work in these older browsers, but with fewer capabilities, and we will no longer be testing new features and enhancements in these browsers. For example, the next versions of TinyMCE – currently targeted at WordPress 4.8 – will not support older IE browsers.
Josh Habdas talks about a plugin and his test of $5 Vultr box and Redis with Load Impact that could support up to 7000 concurrent WordPress users.
After giving a talk at WordCamp Ubud 2017 — where I showed how to use a $5 Vultr box and Redis with Load Impact to support up to 7000 concurrent WordPress users — I was asked to help turn some of the performance optimization work demoed into a WordPress plug-in. This is that plugin, currently in beta:
It’s the first of it’s kind — and like no other performance plugin to precede it. Based on initial tests it speeds up the stock Twenty Seventeen theme about 300% and I suspect time will show even greater gains for other themes. It builds on top of a performance optimization technique called Fetch Injection, enabling external scripts to download asynchronously in parallel while preserving execution order.
It will be the first “major” release of 2017 and sets the foundation for the Gutenberg, the next-generation editor. Beta 1 is next Friday, May 12th with a target launch on Thursday, June 8th.
Dev Chat Agendas | Dev Chat Summaries | Jump Starts | Dev Notes | Field Guide | All Posts Tagged 4.8 WordPress 4.8 will be the first “major” release of 2017 and generally aims to refine existing features and set the foundation for the Gutenberg, the next-generation editor. Additional specific goals include the TinyMCE inline element / link boundaries, new media widgets, WYSIWYG in text widget, and the WordCamp / meetup dashboard upgrade to the “news” section. Matt Mullenweg is the Release Lead for 4.8.
Of note, WordCamp Europe will be from June 15-17. This tends to involve travel for a number of people and reduced activity; therefore, we should proceed as if there will only be the initial Release Candidate. The feature project merge deadline listed is a final deadline; all features and larger efforts should be continuously evaluated for readiness.
December 7, 2016
Trunk is open for business. (Post-4.7)
May 3, 2017
4.8 Kickoff meeting.
May 10, 2017 (+1w)
Last chance to merge feature projects.
May 12, 2017 (+2d)
From this point on, no more commits for any new enhancements or feature requests in this release cycle, only bug fixes and inline
Page caching is difficult to implement on highly dynamic sites where the content can change every few seconds. So, what can we do in these situations? In this article, Ashley demonstrates how to configure WordPress and bbPress with microcaching in Nginx.
We’ve talked a lot about WordPress performance and hosting WordPress here at Delicious Brains. A common theme amongst those articles is the importance of page caching and how it’s arguably the best way to improve the performance of your WordPress site: …if you’ve opted to self-host or have no alternative but to use shared hosting, page caching is without a doubt the single biggest thing you can enable to make your site fly.
However, we’ve also alluded to the fact that page caching is difficult to implement on highly dynamic sites:
Performance optimization is a lot more difficult for highly dynamic sites where the content updates frequently, such as those that use bbPress or BuddyPress. In these situations, it’s often required to disable page caching on the dynamic sections of the site (the forums for example).
In these circumstances page caching still has its place but the duration of the cache has to be significantly reduced. This is known as microcaching. Microcaching is a technique where content is cached for a very short period of time, usually in the range of 1-10 seconds.
In this article, I’m going to demonstrate how to configure WordPress
Nice education on the differences between these servers, and how it impacts a WordPress install. Nginx is pushed a bit in this article for performance, rightly so.
WordPress performance requirements can vary amongst projects, but one thing certainly remains the same throughout—it must be fast. Another requirement that goes without saying—it must be economical, so we cannot have resource intensive solutions. Solutions must be lean, mean and reliable, and to fully maximise income on your site, the expenditure on hosting must be kept to a minimum.
If you are expecting to be receiving a lot of traffic, the web server configuration you're serving WordPress on has a direct effect on the performance of your site, affecting the load time and stability.
When choosing your web server, you have several choices; Apache, Nginx, IIS, Caddy, and Lighttpd are all popular projects. We will be covering Apache and Nginx in this guide.
It's estimated that out of the whole internet combined, Apache Server and Nginx together serve 50% of all web traffic.
If you are a newcomer to the topic, maybe you are confused by the two seemingly identical purposes of the software—to serve web sites. I hope to clarify more below how the two differ and how to take advantage of either's features.
Apache and Nginx are very established projects, and they both have
It only took FOURTEEN years to finally get a visual text editor widget and an image widget included in core. I can only dream of what we'll finally get in 2031!
The schedule for WordPress 4.8 is released. It will be the first major WordPress release of 2017. We have been following the development closely, and we are excited to report that the final version is expected to be released around June 8, 2017. In this article, we will show you what’s coming in WordPress 4.8 with features and screenshots. Note: You can try out the beta version on your computer or on a staging environment by using the WordPress Beta Tester plugin.
The official beta release will happen on May 12th, which means no more new features will be added until the final release of WordPress 4.8. However, some of the features in beta may not make it into the final release.
Visual Editor in The Text Widget
By default WordPress comes with a plain text widget. This widget contains a simple text box where you can add text and HTML code.
Beginners who are not familiar with HTML were unable to add links or use basic formatting in the text widget. This will change in WordPress 4.8.
The new text widget comes with a simple visual and text editor. Similar to the one you see on the post edit screen.
This will allow beginner users to easily add links, create lists, or make text bold
There have been a few new local development tools in the WordPress community. I wrote about it by revisiting the topic of local development.
Making changes to your site can be risky. You might break a functionality that would deter potential readers or customers. Every developer should take steps to make sure all changes can be tested before going live, and local development tools are an easy way to do that. Using local development tools will save you a lot of headaches down the road. Setting up a local server with the right tools is quite important and should be taken into account. Production Server vs. Local Server
If you’ve been into theme or plugin development, then I’m sure you’ll be familiar these two terms. A production server, or live server, deploys and hosts live websites. Whereas, a local server provides a development environment similar to the production server which ultimately hosts your WordPress installation.
In between these two, is the development server. It helps you to host a staging area for your website. After developing a theme on a local server, you can test and debug it on a development server. Once the things are finalized, you can move it to the live server.
Why is Local Development Important?
Configuring a local setup to develop a WordPress theme is beneficial for a variety of
WordPress 4.7.4, a maintenance release, is out. Contains 47 maintenance fixes and enhancements. Go get it or let auto-update work its magic.
After almost sixty million downloads of WordPress 4.7, we are pleased to announce the immediate availability of WordPress 4.7.4, a maintenance release. This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes and the list of changes.
Download WordPress 4.7.4 or visit Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.4.
Thanks to everyone who contributed to 4.7.4:
Aaron Jorbin, Adam Silverstein, Andrea Fercia, Andrew Ozz, aussieguy123, Blobfolio, boldwater, Boone Gorges, Boro Sitnikovski, chesio, Curdin Krummenacher, Daniel Bachhuber, Darren Ethier (nerrad), David A. Kennedy, davidbenton, David Herrera, Dion Hulse, Dominik Schilling (ocean90), eclev91, Ella Van Dorpe, Gustave F. Gerhardt, ig_communitysites, James Nylen, Joe Dolson, John Blackbourn, karinedo, lukasbesch, maguiar, MatheusGimenez, Matthew Boynes, Matt Wiebe, Mayur Keshwani, Mel Choyce,
Adam Soucie talks about what makes a site accessible and how you need to start thinking about accessibility when building your sites (WordPress or not).
Accessibility is a term you keep hearing, but may not fully understand. This is in part because the word itself can be a bit confusing. The root word, access, makes the concept seem tied to things like passwords. If users can “access” your site, accessibility is checked off. If only it were that simple. Web accessibility is really about a user’s ability to access your site’s content, regardless of any physical or mental impairments. The inventor of the internet, Sir Tim Berners-Lee, put it perfectly:
“The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.”
A truly accessible website is inclusive of every potential user. It covers differential abilities of all shapes, sizes, and permanence. Users who are blind have their own needs, as do users with a broken hand. There’s also overlap among accessibility groups. Users experiencing concussion symptoms can benefit from features designed to make a piece of content more accessible for users who experience seizures. Accessibility is a multi-faceted topic.
WCAG 2.0 Requirements
Like all great things, accessibility is easy to learn but difficult
We all know about Child Theme, here Mika sharing about Grandchildren Theme, or to be exact its actually Grandchildren Plugin. It will let you stay sync with Child Theme changes.
I’m a fan of Genesis themes. They look nice, they’re secure, and they’re well coded. A lot of things I have to reinvent in other themes are done out of the box in Genesis. But they’re not perfect.
Frameworks Beget Children Themes
The problem with Genesis themes is that if you use them, you’ll end up using a Child Theme and not Genesis. Unlike boilerplate themes like Underscores, you’re not meant to edit the theme itself but make a child theme.
For the most part, this doesn’t bother me. I don’t generally edit the child themes, except in two cases. Both of my fan sites run highly modified versions of the default themes, and one of them uses the amazing Utility Pro theme by Carrie Dils.
And that was my problem. I knew Carrie was working on a new version which would have some amazing updates. And I? I had forked her theme.
Merging my fork to her new theme had, generally, not been an issue. I’ve updated it a dozen times already and I just run a tool to find the diff between the files. I’m a Coda fan, and I use Comparator to check out the differences between files. Doing this is time consuming and annoying, however,