WordPress Digest #12

Welcome to the twelfth installment of my WP Digest. This is the blog version of our internal bi-weekly email which we use to inform, enlighten, and titillate our minds on some of the latest happenings in WordPress-land.

As is usually the case with the holiday season, the last two weeks were a bit slow in the world of WordPress, so this will be a quick update.

Release News

  • The WordPress 4.4.1 security and maintenance release came out last week. This fixed an XSS vulnerability as well as some non-security bug fixes. See the release notes. It appears this release also has a new pagination bug, so maybe wait until they fix that.
  • The WordPress 4.5 schedule was posted, shooting for an April 12, 2016 release date.
  • REST API 2.0 Beta 10 “Chief Wiggum” is out and includes security updates that affect all previous versions of the plugin. So you should probably update. More here.
  • Check out the notes from the recent feature plugin chat for updates on the status of the REST API (WP 4.5 release goal), Fields API (WP 4.6 release goal), Two Factor Authentication (WP 4.5 release goal), Shiny-Updates (no specific release scheduled yet), and more.
  • WordPress for Android 4.9 came out recently and has some new features, like a fingerprint scanner and a refined media library experience. I guess someone with an Android can tell me if it’s any good.

Extending WordPress

  • Torque, in their latest attack on synchronicity, published “How to Use Asynchronous PHP in WordPress.” Or maybe I misinterpreted that.
  • Editing a lot of content and want to save some clicks? Check out the Destination After Save plugin. It won’t save you from carpal tunnel or anything, but it might save precious seconds in your day.
  • Custom Contact Forms has passed over a million downloads from the plugin library and is actively installed on over 70,000 sites, making it one of the most popular plugins to incorporate the WP REST API.
  • WP Engine completed upgrades to their version of WP-CLI, bringing full compatibility with WordPress 4.4. I guess that’s the next best thing if you can’t get real command line access.
  • John James Jacoby’s Stuttter project is now available on WordPress.org. It’s a set of 18 lean plugins (not the title of a long lost Dr. Seuss book), all focused on doing one thing well. There’s a few that help extend the taxonomy metadata that came with WordPress 4.4 by adding in some admin interfaces.
  • If I’ve learned anything about proper personal hygiene in my life, it’s that you should always sanitize your inputs. The same is true for dev. Torque’s got you covered for one of those anyway.
  • BuddyPress, the leading plugin for turning WordPress into a social media platform, is paving the way for the BuddyPress REST API, which could be very useful for applications with robust user interactivity.

WP Drama

The dirty side of dev.

  • Lately, many believe the WordPress GPL is being abused by a bunch of new “premium” WordPress sites that resell plugins and themes. It’s a grey area because the company argues that what they do falls within the license. While that may be true, profiting off of reselling someone else’s work is pretty slimy. This article has a round up of a bunch of these shady sites.
  • A bunch of open source project maintainers are pissed at GitHub and want everyone to know about it.


I don’t know where to file this crap.

  • In another sign of where things are going, WordCamp Miami 2016 has added a JavaScript track for attendees. Expect to see more WordCamps doing the same.
  • Did you know that 63% of WordPress core committers are not employed by Automattic? Well now you do. Keep that in your back pocket for trivia night.
  • More trivia that probably won’t gain you any traction on date night: WordPress.org added 910 new themes to the theme directory in 2015.
  • Applications are being accepted for host cities for WordCamp US 2017 & 2018. I’m pulling for Manitowoc, WI.

That’s all for now. Check back in two weeks for another rundown.