Have a news tip or upcoming WordPress event you’d like to share? Write us at [email protected] News Highlights: LoopConf Videos: Couldn’t make it to last week’s LoopConf? Great news, all 21 hours of talks are freely available online! The Trojan Emoji: Speaking of LoopConf, Andrew Nacin gave a fun and in-depth talk titled “Anatomy of a Critical Security Bug” in which he discusses a vulnerability fix that was added under the “guise of Emoji support.” DOM-Based XSS Vulnerability: Sucuri recently published info on a DOM-based Cross-Site Scripting (XSS) vulnerability that could affect any theme or plugin that uses an example.html file, including the Jetpack plugin and WordPress’s TwentyFifteen […]
With WordPress 4.0 released, it’s time to once again look to the future, WordPress 4.1. Over the weekend, Andrew Nacin announced our new release lead for 4.1, Jack Blackbourn, and a couple of guest committers that are coming along for the ride. John Blackbourn has been a core committer to WordPress for the better half of a decade, and has made some pretty incredible contributions to the WordPress community — with valuable blog posts, and plugins like Query Monitor, User Switching, and WP Crontrol. Blackbourn will be joined by a new group of guest committers, with a few names you’ve […]
Show Notes Host Andrew Nacin is a core developer of WordPress. As a member of the core team, he wrangles contributions, develops new features, and tries to fix more bugs than he creates. He lives in Washington, D.C., and works as a Tech Ninja at Audrey Capital, where he works on WordPress.org and other projects. He prefers decisions over options. You can contact him on twitter @nacin, or on his website. Sippin’ On Brad-Tonic Water Dre-Diet Canada Dry Andrew-Snake Dog IPA Pressing Topics WordPress 3.9 Version 3.9 of WordPress has been released. It’s been named “Smith,” after legendary jazz musician Jimmy Smith. There are […]
WordPress has reached milestone 3.8.2. Yesterday, Andrew Nacin announced the security release—urging users to update their sites right away. The update requires urgency as it addresses substantial security concerns that have been reported to the WordPress security team over the past few months. One security concern that 3.8.2 addresses is site vulnerability to forgery of authentication cookies. The fallacy, identified and resolved Jon Cave, was that attackers could potentially obtain access to WordPress sites by forging authentication cookies. Another change 3.8.2 has provided is new privilege-setting abilities. You can now prevent “Contributors” from publishing unwanted posts. In the announcement, Nacin went […]
One of the biggest barriers of entry for new users looking to contribute to WordPress core development is Core Trac, the bug and issue tracker for WordPress. Thanks to the efforts of Andrew Nacin, that barrier of entry has been lowered a bit with some great improvements in the new year. Trac has had a bit of a facelift, both aesthetically and functionally, to make it a bit easier to navigate and use. Thought it might be good to check in and let you know what’s new. The most obvious change is the few design tweaks that were made. The […]
What a week – how was yours? I’m spending my time in Florida on a mini-vacation of sorts (still very-much working) and it’s been good so far. The team back home in Atlanta hasn’t let anything burn to the ground, so that’s good news. Hope you are finding some rest and relaxation this summer my friends!
Anyone who’s subscribe to any of core trac or wp-svn knows that there is a lot that’s getting sent around to inboxes everywhere. Most likely you have your own inbox/email rules setup so you don’t drown in some of the information and data-flow that can be quite large at times. Although there is already a decent of signal-to-noise ratio, to a certain extent this is just part of being subscribed to those hoses and there’s very little you can do about it. This is why it’s pretty important that those that manage and oversee those distros and lists keep them clean and […]
It looks like the power of Twitter has created direct value in the upcoming release of WordPress 3.6! Yesterday we shared how Andrew Nacin politely challenged Spotify to create an oEmbed option for their media for the upcoming release of 3.6. Well, it seems that Nicklas Söderlind of Spotify added it right quick: @nacin @Spotify @WordPress Here you go, https://t.co/AYz6s8NpsP — Nicklas Söderlind (@nicklas2k) May 2, 2013 Sweet! It’s accessible right here if you want to see the code.
The guys at DradCast (hosted by the awesome Dre of Sucuri and Brad of WebDevStudios) are continuing their awesome interviews and perhaps the best intro ever was created last night via Adii Pienaar, one of the founders of WooThemes: So I’m been waiting for my invite and this opportunity for bloody ages, and I had to wait up until episode 11 to finally get it. I know, I was appalled as well. I guess that’s however, it’s indicative of how an ex-rockstar is treated these days, like a fucking ghost. That said, the greater WordPress ecosystem has taken notice of a […]
Marrying @kerikaeindc later today. — Andrew Nacin (@nacin) March 16, 2013 All we have to say is CONGRATS!