WordPress Digest #40

This bi-weekly serves to inform and enlighten our minds on latest happenings in the sprawling countryside we call WordPress Land. Cartoon racist Jefferson Beauregard Sessions III has denied, under oath, having relations (sexual or otherwise) with the ambassador of WordPressLand.

Release News

  • WordPress 4.7.3 Security and Maintenance Release dropped yesterday. It fixes 6 security issues, so you should update, ya filthy animals.
  • The WordPress Core bootstrapping process will be getting some love in the form of better documentation and some changes to allow it to be more customizable for different contexts for better resource handling and scalability.
  • The REST API got it’s own changelog added to the documentation so it’s easy to track the changes made in each new version of WordPress.
  • There’s talk of phasing out some old browser support for the new content editor in WP. Since killing support for old browsers is very near and dear to my heart, I hope they do so with extreme prejudice.

Extending WordPress

  • I wish tables would die in a fiery hell furnace, but they just never seem to go away, and continue to be a pain in the the ol’ gluteus maximus to insert in the WP editor. This new Responsive Tables plugin promises to make that easier with shortcodes and some easily configured options.
  • NextGEN Gallery patched a critical SQL injection vulnerability that I can only assume was in place to punish people for using that bloated plugin in the first place. Over a million active installs. Mind-blowing.
  • This brand-spankin-new plugin (read: use with caution) sets up a private file uploads folder that requires WP authentication when attempting to access the files stored within. That could be very handy for sites with paid user levels.
  • Automattic announced they will be rolling out a feature on WordPress.com for importing posts from Medium. No word on timing yet, but they are also planning to roll this feature out in the Jetpack plugin for self-hosted WordPress sites as well.

Grab Bag

  • Google created an XSS game that teaches people how to find and exploit XSS vulnerabilities. WordPress core contributors collectively replied, “oh fuck off.”
  • Linux creator Linus Torvalds recently gave a talk at the Open Source Leadership Summit in which said the following, causing me to instantly fall madly in love with him:“I’m a huge believer in the 99% perspiration, 1% inspiration thing. The innovation that this industry talks about so much is bullshit. Anybody can innovate. Don’t do this big, ‘Think different’ innovation thing. Screw that; it’s meaningless. 99% of it is ‘Get the work done.’ That’s my least favorite part of the technology news cycle: the constant innovation and new ideas, ‘This will revolutionize,’ all that hype – that’s not where the real work is. The real work is in the details.” 
  • Confirming a theory I’ve long personally held, but had no data to back it up, a recent survey asking developers how often they use the WP Customizer functionality revealed that more than half of the respondents do not use it at all and overall, people just aren’t super into it.

“Those who can make you believe absurdities can make you commit atrocities.” – Voltaire