Welcome to the seventh installment of the SMF WP Digest. This is the blog version of our internal bi-weekly email which we use to inform, enlighten, and titillate our minds on some of the latest happenings in WordPress-land.
- WordPress 4.4 Beta 1 is now available! 4.4 will include a lot of really great stuff, including REST API (phase 1), Term Metadata, Responsive Images, and Embeds. Interested in testing? Go here. Don’t install this on a production site. Duh.
- As mentioned above, 4.4 will have significant taxonomy improvements, including the introduction of term meta. Some of the functions out of the gate will include: add_term_meta(), update_term_meta(), delete_term_meta(), and get_term_meta(). This is huge and will streamline they way we handle taxonomy data in a big way. Check out more on that and more on other taxonomy improvements (including a new class WP_Term that properly models a term object).
- The Shortcodes team has posted some clarification to their shortcodes roadmap. The most important thing to takeaway: in the future shortcodes will not support html in shortcode attributes or shortcodes in html tag attributes.
- Wp_title() will be depricated in WP 4.4. The change comes with the ability to check for theme support and new filters to manipulate the title. WordPress Planet has a brief overview. More in Make WordPress Core.
- WP 4.4 may add a private plugin header to prevent collisions with update releases to public plugins in the WP plugin directory with the same name. This would be handy for small site-specific plugins.
- Product Hunt put together a list of “Great WordPress Integrations and Plugins“. Lots of stuff to look at here and while most are paid plugins, but here are a few that look promising:
- Akismet 3.1.5 is out and it’s a critical security fix. This patches an XSS vulnerability, so if you have sites using the plugin, update ASAP.
- This new Shortcode Tester plugin could be handy for building and testing custom shortcodes in themes.
The dirty side of dev.
- XML-RPC has long been a security weakness for WP. We typically disable it in our builds to close those holes. Recently, web security service Sucuri has reported that brute force attacks targeting WP sites with XML-RPC enabled are on the rise. There has been a call for XML-RPC to be removed from WordPress entirely, and if you scan the comments, you can see the conversation taking shape with the standard array of “right on”s, “no way”s, and “shut up”s. Let’s hope it remains civil. Oh and let’s also hope the XML-RPC is killed in WP core because it’s annoying to have to manually disable it every time.
- WPEngine have declared November 1-7 to be “Hug a Dev” week. I file this under “WP Drama” because I am a cranky curmudgeon and I hate fun. Let’s see if my RBF will keep me safe from hugs at WordCamp NYC.
I don’t know where to file this crap.
- WPEngine has started a pilot program for developers to give them a free personal account with unlimited transferable installs. Great business move for them. You can apply read more about it and apply here: https://wpengine.com/blog/wp-engine-developer-program/
- WPEngine has removed bot traffic from their overall calculations. This means overage charges should be less for a lot of their customers as it will only consider traffic from humans. That’s a pretty cool move.
- WPEngine loves their infographics. Here’s a new one about prepping ecommerce sites for the holidays.
- Torque has a nice write up for those interested in giving back to WordPress.
That’s all for now. Check back in two weeks for another rundown.