BuddyPress 3.0.0 “Apollo”

BuddyPress 2.9.2 Security and Maintenance Release

BuddyPress 3.0.0 “Apollo” is now available for immediate download from the WordPress.org plugin repository, or right from your WordPress Dashboard. “Apollo” focuses on various improvement for developers, site builders and site managers.

Say hello to “Nouveau”!

A bold reimagining of our legacy templates, Nouveau is our celebration of 10 years of BuddyPress! Nouveau delivers modern markup with fresh JavaScript-powered templates, and full integration with WordPress’ Customizer, allowing more out-of-the-box control of your BuddyPress content than ever before.

Nouveau provides vertical and horizontal layout options for BuddyPress navigation, and for the component directories, you can choose between a grid layout, and a classic flat list.

Nouveau is fully compatible with WordPress. Existing BuddyPress themes have been written for our legacy template pack, and until they are updated, resolve any compatibility issues by choosing the legacy template pack option in Settings > BuddyPress.

Support for WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installs, and much more, without using a web browser. With this version of BuddyPress, you can now manage your BuddyPress content from WP-CLI.

Control site-wide notices from your dashboard

Site Notices are a feature within the Private Messaging component that allows community managers to share important messages with all members of their community. With Nouveau, the management interface for Site Notices has been removed from the front-end theme templates.

Explore the new management interface at Users > Site Notices.

New profile field type: telephone numbers

A new telephone number field type has been added to the Extended Profiles component, with support for all international number formats. With a modern web browser, your members can use this field type to touch-to-dial a number directly.

BuddyPress: leaner, faster, stronger

With every BuddyPress version, we strive to make performance improvements alongside new features and fixes; this version is no exception. Memory use has been optimised — within active components, we now only load each individual code file when it’s needed, not before.

Most notably, the Legacy Forums component has been removed after 9 years of service. If your site was using Legacy Forums, you need to migrate to the bbPress plugin.

Make mine Apollo’s

In north-east London, Stoke Newington — or Stokey, as it’s affectionately known — is an area awash with newly-opening restaurants, amidst lapping waves of encroaching gentrification. Apollo’s is an authentically Neapolitan pizza place on the High Street, serving fantastically tasty yet uncomplicated pizzas. If you ever find yourself in north London, don’t miss Apollo’s!

Read Full Article Here

WordPress 4.9.6 Privacy and Maintenance Release

WordPress 4.9 Release Candidate

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features.

Privacy

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.

It’s important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.

You can learn more about the GDPR from the European Commission’s Data Protection page.

We’re committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, we’ve added a number of new privacy features in this release.

Comments

A screenshot of a comment form, where the new "Save my name, email, and website in this browser for the next time I comment" checkbox is featured.

Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.

Privacy Policy Page

A screenshot of the new Privacy Settings page.

Site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, that’s a great place to include your privacy policy.

In addition, we’ve created a guide that includes insights from WordPress and participating plugins on how they handle personal data. These insights can be copied and pasted into your site’s privacy policy to help you get started.

If you maintain a plugin that collects data, we recommend including that information in WordPress’ privacy policy guide. Learn more in our Privacy section of the Plugin Handbook.

Data Handling

A screenshot of the new Export Personal Data tools page. Several export requests are listed on the page, to demonstrate how the new feature will work.

Data Export

Site owners can export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.

Data Erasure

Site owners can erase a user’s personal data, including data collected by participating plugins.

Howdy,

A request has been made to perform the following action on your account:

Export Personal Data

To confirm this, please click on the following link:
http://.wordpress.org/wp-login.php?action=confirmaction…

You can safely ignore and delete this email if you do not want to
take this action.

This email has been sent to [email protected].

Regards,
Your friends at WordPress
http://wordpress.org

Site owners have a new email-based method that they can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters.


Maintenance

95 updates were made in WordPress 4.9.6. In addition to the above, particularly of note were:

  • “Mine” has been added as a filter in the media library.
  • When viewing a plugin in the admin, it will now tell you the minimum PHP version required.
  • We’ve added new PHP polyfills for forwards-compatibility and proper variable validation.
  • TinyMCE was updated to the latest version (4.7.11).

This post has more information about all of the issues fixed in 4.9.6 if you’d like to learn more.

Download WordPress 4.9.6 or venture over to Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

Please note that if you’re currently on WordPress 4.9.3, you should manually update your site immediately.


Thank you to everyone who contributed to WordPress 4.9.6:
Aaron D. Campbell, Aaron Jorbin, abdullahramzan, Adam Silverstein, Alain Schlesser, allendav, Andrea Fercia, Andrea Middleton, Andrew Ozz, Ayesh Karunaratne, Birgir Erlendsson (birgire), bridgetwillard, Burlington Bytes, Chetan Prajapati, claudiu, Corey McKrill, Daniel Bachhuber, David Herrera, Dominik Schilling (ocean90), Ella Van Dorpe, Eric Daams, Fernando Claussen, Garrett Hyder, Gary Pendergast, Heather Burns, Helen Hou-Sandi, herregroen, Ian Dunn, ibelanger, imath, Jb Audras, Jeffrey Paul, Jeremy Felt, Jesper V Nielsen, JJJ, Joe McGill, John Blackbourn, Jonathan Desrosiers, Josepha, jrf, Kåre Mulvad Steffensen, Laken Hafner, laurelfulford, lbenicio, macbookandrew, Marius L. J., Mel Choyce, Michael Nelson, Mike Jolley, Pascal Casier, pbrocks, postphotos, Prashant Baldha, PressTigers, programmin, Robin Cornett, Sergey Biryukov, Stefano Lissa, Stephane Daury (stephdau), Subrata Sarkar, Tammie Lister, teddytime, thomasplevy, Timothy Jacobs, Tobias Zimpel, Tom J Nowell, Tor-Bjorn Fjellner, Towhidul Islam, voneff, William Earnhardt, and Xenos (xkon) Konstantinos.

Read Full Article Here

WordPress 4.9.6 RC1 Released

WordPress 4.9.3 Rescheduled for February 5th

WordPress 4.9.6 Release Candidate 1 is available for download and addresses some of the issues that have been reported in beta 1. Since the beta’s release, there have been 30 bugs fixed.

Many of the fixes in this release are focused on the new privacy tools that help with GDPR compliance. The verbiage has been changed in multiple areas to make explanations and actions clearer. For example, the Privacy Policy introduction text has been shortened and more user friendly.

One notable bug fix is that site administrators now receive an email when a Personal Data Export/Removal request is confirmed. In a future version of WordPress, it’s possible that the notification bubbles will be extended to display confirmed requests.

A full list of changes in this release can be found on Trac. This minor release needs more testing than usual due to the privacy tools and enhancements introduced. Please test 4.9.6 on staging site or local server and if you encounter any issues, report them on the Alpha/Beta/Release Candidate section of the forums.

Read Full Article Here

BuddyPress 3.0 Beta 1

BuddyPress 2.9.2 Security and Maintenance Release

It’s with a huge amount of pleasure and excitement that we’re announcing the Beta 2 release of BP 3.0 today ready for testing and feedback.

BuddyPress 3.0 will be a major milestone release for us and one we’re all really excited about, it’s been a long time coming but finally we are close to releasing the first template pack for BP, this is a completely new ‘theme’ or set of template files and functionality designed to replace bp-legacy which has served us so well since it’s inception way back in the major release of 1.7 where we introduced ‘Theme Compatibility’, and we’re all really eager for any feedback during these beta phases you may grab a copy of our beta1 release here to test with.

Nouveau – as our new template pack has been named – provides an all new clean set of markup files, refactored from the ground up to be semantic and accessible. Styles are re-written and provided as Sass partials for developers if wanting to build out new packs. A lot of core functionality for components has been re-written and re-located to be sourced from include files by component in the template directory which allows even easier access to modify functions by overloading to a new theme or child theme. Our major loops, members, activity etc have been re-factored to run under Backbone for a smooth Ajax experience and indeed all the Javascript functionality is re-written to be far more modular than it was before and has a far better modern feel to it’s structuring.

For the first time we have brought in the Customizer to provide user option choices and a range of layout configurations may be selected. In our initial offering we have provided various layout options for the main BP navigation elements allowing for vertical navs or horizontal, tab effect where suitable. for the component loops such as members, Groups we provide an option to display in a grid layout & at row quantity options or simply as a flat classic list layout.

While we are really excited about Nouveau 3.0 also has many other improvements to offer and you can view a list of all closed tickets for 3.0

As always your feedback and testing is an invaluable part of our releases, helping us to catch any last minute bugs.
You can download the beta release for testing at downloads.wordpress.org and install on a local copy of WordPress ( please remember this is a beta release and should not be run on an active production site). Any issues found can be reported on our Trac by creating a new ticket

If you’re a developer comfortable with SVN you might like to checkout a development copy which you can do from this link patches can be submitted to existing tickets or issues found reported on a new ticket.

Further guidance on contributing to BuddyPress is covered on our Contributor guidelines page in our Codex

Read Full Article Here

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9 Release Candidate

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.5:

  1. Don't treat localhost as same host by default.
  2. Use safe redirects when redirecting the login page if SSL is forced.
  3. Make sure the version string is correctly escaped for use in generator tags.

Thank you to the reporters of these issues for practicing coordinated security disclosurexknown of the WordPress Security Team, Nitin Venkatesh (nitstorm), and Garth Mortensen of the WordPress Security Team.

Twenty-five other bugs were fixed in WordPress 4.9.5. Particularly of note were:

  • The previous styles on caption shortcodes have been restored.
  • Cropping on touch screen devices is now supported.
  • A variety of strings such as error messages have been updated for better clarity.
  • The position of an attachment placeholder during uploads has been fixed.
  • Custom nonce functionality in the REST API JavaScript client has been made consistent throughout the code base.
  • Improved compatibility with PHP 7.2.

This post has more information about all of the issues fixed in 4.9.5 if you'd like to learn more.

Download WordPress 4.9.5 or venture over to Dashboard → Updates and click "Update Now." Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.5:

1265578519, Aaron Jorbin, Adam Silverstein, Alain Schlesser, alexgso, Andrea Fercia, andrei0x309, antipole, Anwer AR, Birgir Erlendsson (birgire), Blair jersyer, Brooke., Chetan Prajapati, codegrau, conner_bw, David A. Kennedy, designsimply, Dion Hulse, Dominik Schilling (ocean90), ElectricFeet, ericmeyer, FPCSJames, Garrett Hyder, Gary Pendergast, Gennady Kovshenin, Henry Wright, Jb Audras, Jeffrey Paul, Jip Moors, Joe McGill, Joen Asmussen, John Blackbourn, johnpgreen, Junaid Ahmed, kristastevens, Konstantin Obenland, Laken Hafner, Lance Willett, leemon, Mel Choyce, Mike Schroder, mrmadhat, nandorsky, Nidhi Jain, Pascal Birchler, qcmiao, Rachel Baker, Rachel Peter, RavanH, Samuel Wood (Otto), Sebastien SERRE, Sergey Biryukov, Shital Marakana, Stephen Edgar, Tammie Lister, Thomas Vitale, Will Kwon, and Yahil Madakiya.



Read Full Article Here

WordPress 4.9.4 Maintenance Release

WordPress 4.9 Release Candidate

WordPress 4.9.4 is now available.

This maintenance release fixes a severe bug in 4.9.3, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.

Four years ago with WordPress 3.7 “Basie”, we added the ability for WordPress to self-update, keeping your website secure and bug-free, even when you weren’t available to do it yourself. For four years it’s helped keep millions of installs updated with very few issues over that time. Unfortunately yesterdays 4.9.3 release contained a severe bug which was only discovered after release. The bug will cause WordPress to encounter an error when it attempts to update itself to WordPress 4.9.4, and will require an update to be performed through the WordPress dashboard or hosts update tools.

WordPress managed hosting companies who install updates automatically for their customers can install the update as normal, and we’ll be working with other hosts to ensure that as many customers of theirs who can be automatically updated to WordPress 4.9.4 can be.

For more technical details of the issue, we’ve posted on our Core Development blog. For a full list of changes, consult the list of tickets.

Download WordPress 4.9.4 or visit Dashboard → Updates and click “Update Now.”

Read Full Article Here

WordPress 4.9.3 Maintenance Release

WordPress 4.9 Release Candidate

WordPress 4.9.3 is now available.

This maintenance release fixes 34 bugs in 4.9, including fixes for Customizer changesets, widgets, visual editor, and PHP 7.2 compatibility. For a full list of changes, consult the list of tickets and the changelog.

Download WordPress 4.9.3 or visit Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.3:

Aaron Jorbin, abdullahramzan, Adam Silverstein, Andrea Fercia, andreiglingeanu, Andrew Ozz, Brandon Payton, Chetan Prajapati, coleh, Darko A7, David Cramer, David Herrera, Dion Hulse, Felix Arntz, Frank Klein, Gary Pendergast, Jb Audras, Jeffrey Paul, lizkarkoski, Marius L. J., mattyrob, Monika Rao, munyagu, ndavison, Nick Momrik, Peter Wilson, Rachel Baker, rishishah, Ryan Paul, Sami Ahmed Siddiqui, Sayed Taqui, Sean Hayes, Sergey Biryukov, Shawn Hooper, Stephen Edgar, Sultan Nasir Uddin, tigertech, and Weston Ruter.

Read Full Article Here

BuddyPress 2.9.3 Security and Maintenance Release

BuddyPress 2.9.2 Security and Maintenance Release

BuddyPress 2.9.3 is now available. This is a security and maintenance release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.

The 2.9.3 release addresses two security issues:

  • A dynamic template loading feature could be used in some cases for unauthorized file execution and directory traversal. Reported by James Golovich.
  • Some permissions checks and path validations in the attachment deletion process were hardened. Reported by RIPSTech and Slava Abakumov of the BuddyPress security team.

These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to all reporters for practicing coordinated disclosure.

In addition, 2.9.3 includes a change that fixes the ability to install legacy bbPress 1.x forums. Please note that legacy forum support will be removed altogether in BuddyPress 3.0; see the announcement blog post for more details.

Read Full Article Here