WordPress 5.5.2 is now available!

This security and maintenance release features 14 bug fixes in addition to 10 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.

WordPress 5.5.2 is a short-cycle security and maintenance release. The next major release will be version 5.6.

You can download WordPress 5.5.2 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.

If you have sites that support automatic background updates, they’ve already started the update process.

Security Updates

Ten security issues affect WordPress versions 5.5.1 and earlier. If you haven’t yet updated to 5.5, all WordPress versions since 3.7 have also been updated to fix the following security issues:

• Props to Alex Concha of the WordPress Security Team for their work in hardening deserialization requests.
• Props to David Binovec on a fix to disable spam embeds from disabled sites on a multisite network.
• Thanks to Marc Montas from Sucuri for reporting an issue that could lead to XSS from global variables.
• Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC.
• Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE.
• Thanks to Karim El Ouerghemmi from RIPS who disclosed a method to store XSS in post slugs.
• Thanks to Slavco for reporting, and confirmation from Karim El Ouerghemmi, a method to bypass protected meta that could lead to arbitrary file deletion.
• Thanks to Erwan LR from WPScan who responsibly disclosed a method that could lead to CSRF.
• And a special thanks to @zieladam who was integral in many of the releases and patches during this release.

Thank you to all of the reporters for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked.

For more information, browse the full list of changes on Trac, or check out the version 5.5.2 HelpHub documentation page.

Thanks and props!

The 5.5.2 release was led by @whyisjake and the following release squad:  @audrasjb, @davidbaumwald, @desrosj, @johnbillion, @metalandcoffee, @noisysocks @planningwrite, @sarahricker and @sergeybiryukov.

In addition to the security researchers and release squad members mentioned above, thank you to everyone who helped make WordPress 5.5.2 happen:

Aaron Jorbin, Alex Concha, Amit Dudhat, Andrey “Rarst” Savchenko, Andy Fragen, Ayesh Karunaratne, bridgetwillard, Daniel Richards, David Baumwald, Davis Shaver, dd32, Florian TIAR, Hareesh, Hugh Lashbrooke, Ian Dunn, Igor Radovanov, Jake Spurlock, Jb Audras, John Blackbourn, Jonathan Desrosiers, Jon Brown, Joy, Juliette Reinders Folmer, kellybleck, mailnew2ster, Marcus Kazmierczak, Marius L. J., Milan Dinić, Mohammad Jangda, Mukesh Panchal, Paal Joachim Romdahl, Peter Wilson, Regan Khadgi, Robert Anderson, Sergey Biryukov, Sergey Yakimov, Syed Balkhi, szaqal21, Tellyworth, Timi Wahalahti, Timothy Jacobs, Towhidul I. Chowdhury, Vinayak Anivase, and zieladam.

Last week, WP Busters released its first plugin titled Passwordless WP. It is a project from full-stack developer Ilya Zolotov that allows end-users to log into their WordPress websites via Touch ID, Face ID, or pin. The goal is to make accessing a site easier and more secure.

Zolotov built the plugin after checking his email on a public database and finding old passwords. He said he now uses a safe browser for work purposes without extensions and scripts. He also said the millions of credentials stolen or compromised every year was a motivator for building the plugin.

“I like this feature of my laptop, and I am using it every day,” he said. “As well, I am using it to avoid entering the ‘root’ password in terminal using my finger, it’s comfortable and any sniffer can’t capture my password.”

Last year, he decided to check browser support for handling passwordless logins but was disappointed that Safari on iPhone only supported external USB keys at the time. He concluded that the technology was not ready yet.

“In Apple’s summer news, I saw the update: the platform authenticator would be available in iOS 14 and BigSur on Safari, and passwordless authentication is working in Chrome now. Also, Microsoft will release Windows Hello support. 2020 is the passwordless year. Awesome!”

He then began work on developing the first version using stable cryptographic libraries and building a simple user experience. He believes the technology that allows this plugin to work will be widely supported from now on.

Zolotov assures users that it is a fast, secure, and certified protocol. The plugin does not store any personal data on the server or link to third-party services.

“Other plugins which use SMS or Email to log in, send you code or link,” he said when asked about how Passwordless WP differs from similar plugins. “They make your life harder because you need to do more clicks — open email and link, unlock phone, etc. I prefer to enter a password using my manager, which uses my Touch ID.”

Other plugins using the same technology do exist. WP-WebAuthn, for example, has a few additional features and has been around for about seven months.

How Passwordless WP Works

Logging into the site via fingerprint.

The plugin requires HTTPS, unless in use in a localhost test environment. It also has a minimum requirement of PHP 7.2. Outside of that, it will work for any WordPress installation. Passwordless logins are handled on the user level, which means that each user on a WordPress site must register a token from their profile page.

The process is simple and takes only moments. Once on the register token screen, users merely need to click a button and choose the authentication method from their operating system.

Registering a token for a user account.

From that point forward, when logging into the site, it is merely a matter of clicking on a username and using your Touch ID or Face ID to log in.

The following is a quick video of the plugin in action:

My experience is with Google Chrome on Windows. The latest release, version 1.1.6, is working well. The previous version had an issue with a missing PHP extension in testing, but the plugin author fixed it quickly and sent out an update once I notified him of the problem.

In what seems to be a never-ending onslaught of new features, Munir Kamal has released some major new features to his EditorPlus plugin in the last two updates. Version 2.0, which landed earlier today, includes a set of seven new blocks. The previous release showcased a create-a-block feature that puts more customization options in the hands of end-users.

The block editor has fueled his creativity, and he has not run out of ideas for his block-sharing website GutenbergHub or EditorPlus plugin. Upcoming releases should see an overhaul of the UI for the plugin and a possible API for third-party developers.

He said he will be making sure that EditorPlus is working alongside WordPress’s site editor when it lands in the future. Plus, eventual support of WooCommerce’s blocks is on the table. For now, the focus is on the plugin features he has launched in recent weeks.

Creating Custom Blocks

With WordPress’s core set of blocks already in the hands of users, nearly anything is already possible. These blocks essentially cover all the foundational elements of web design, such as headings, paragraphs, lists, quotes, and more. Sometimes the trick to building something unique is mixing and matching these elements to create something new. That is essentially what this new create-a-block feature is for EditorPlus.

Saving a custom block is simple. Users must first wrap their blocks into a core Group block. Then, from the “more options” menu in the block toolbar, select the “Add to Custom Blocks” option. The plugin will ask for a block title before saving.

Saving a custom block.

Not to be confused with reusable blocks, which are resources that remain the same from post to post, created blocks are like any other blocks. They are accessible via the block inserter under the “My Custom Blocks” category.

Custom blocks available from the block inserter.

A couple of minor details are missing that would be great additions for the long term. The first is the ability to select a custom icon for the block. Currently, all custom blocks share an icon. The second is the ability to add a preview in the block inserter.

Kamal built this feature so that end-users could create simple blocks for themselves. It is also a tool for developers to quickly create blocks for client websites.

“For example, almost all business websites need a Testimonial block, but there is not one in core for that exact purpose,” he said. “Of course, you can create it using the combination of core blocks, and that’s the way to do it. I’ve seen many block plugins bringing such blocks like Testimonial, Team, Pricing, etc., but those can be easily created with core blocks.”

He has already shown the community how far you can stretch the core blocks to create unique layouts with his block and template libraries. So, it is not outside the realm of possibility that users could build some of these things directly from the editor.

The block creator seems like it would be better handled as a block pattern creator. In essence, users are creating custom patterns, which are groupings of blocks. Kamal said that a pattern creator is on the to-do list too.

“As Gutenberg has both these pieces to use for creating content/layouts, I will add both features,” he said. “Save as block has been added, ‘save as pattern’ will be added too. It will be up to the user to use whatever way they want to according to their workflow.”

I lean toward sticking with the existing pattern paradigm, a single feature that handles groups of blocks. However, it will be interesting to see what users prefer. In the long run, what matters most is that they have easy access to the tools they need to build their pages.

The “Missing” Blocks

Using the Progress Bar block in the editor.

Earlier today, Kamal released what he calls the “missing” blocks for WordPress. These are a set of seven custom-built blocks that handle types of content not possible with the existing core blocks. In the past, he has been hesitant to create any blocks, preferring to extend the tools that WordPress provided out of the box.

“My original idea and still is to extend Gutenberg for what is missing and to make it more powerful for creating beautiful designs visually without code,” he said. “And, after creating hundreds of templates/designs, I’ve realized a need for some important missing blocks that are most commonly used around the website builders but missing in Gutenberg. So I am only adding those blocks in EditorPlus that are missing, must be needed to create modern designs, and can not be created using a combination of core blocks easily. For example, a tabs block, accordion block, or all other blocks added are those that fit these criteria.”

The plugin includes the following new blocks:

• Tabs
• Toggle/Accordion
• Icon
• Rating
• Progress Bar
• Stats/Counter
• Countdown Timer

Some of these require additional JavaScript, which is why they do not make good candidates for core WordPress. However, they are good options for plugin developers, and these are not uncommon blocks from other library-type plugins.

The thing that sets them apart is the integration with the plugin’s styling system, which Kamal may be opening up to other plugin developers in a future release. The current plan is to create an independent Styles API for letting users customize any block. He has already gotten some feedback from the Advanced WP Facebook group on the idea. Much of the feedback is wishing that such a system would land in WordPress itself.

One interesting feature of the plugin’s new blocks is that when clicking on a sub-element of a block, its design options are automatically triggered in the block options panel. For example, the star rating block has “title” and “rating” elements. When clicking on the title, its design options open in the sidebar, and the same happens for ratings. This is a departure from the typical organization of EditorPlus’s design options on the core blocks, which are grouped by CSS properties. The focus is put on the individual element, and it makes it much easier to find a specific option.

This experimentation is a bit of a precursor to what Kamal is working on for a future update. One of his big goals is to do some cleanup of the UI — there are a lot of options in the plugin — and let users more quickly customize their blocks.

Block patterns were one of the most exciting and transformative features introduced in WordPress. 5.5, giving users a giant head start on building pages by allowing them to insert sets of pre-designed blocks. Core now includes a handful of default patterns available in the block inserter but contributors are exploring the idea of expanding this small selection into a full-blown pattern directory.

Alex Shiels opened a discussion on make.wordpress.org to get feedback on how it might be implemented. He suggested that the pattern directory would be similar to the block directory, minus the need to install plugins in the background. Community-contributed patterns could be searched and added via one-click installation from the block inserter.

Shiels asked for feedback on several questions, such as how block patterns could be represented in search results and how previews could accurately reflect how a pattern might appear with different themes. One of the most important considerations he raised: Should the Block Pattern Directory be limited to patterns using only core blocks?

If patterns can only contain core blocks, that leaves it to third-party markets to provide patterns that include blocks from plugins. It seems more likely that block plugin developers would opt to ship their own selection of patterns inside their plugins, instead of contributing to the pattern directory. Having it open to all blocks hosted in the directory would encourage a more diverse range of patterns. Patterns requiring a non-core block might include a prompt to download it.

The WordPress community has already created many different unofficial pattern libraries, although the terminology can be confusing. Gutenberg Hub’s template library may be one of the most prominent. It provides section patterns and full page templates that users can browse and then copy the code to paste into their own sites. Jeffrey Carandang’s “Share-a-Block” site also offers a selection of patterns to download.

WordPress.com has just launched its own pattern library today with more than 100 patterns pre-designed patterns available. Automattic plans to add more patterns based on user feedback and requests. This new free library will make site building easier for millions of users and also creates a strong incentive for using the block editor.

Patterns leverage all the best things about the new editor. Inserting a pattern is easier than wrangling shortcodes or wading through theme options to try to get the right combination to reproduce the demo. Patterns are more approachable than page builders and don’t require learning a new interface.

As the momentum around block patterns increases, I think we will see more commercial theme and block plugin creators using patterns to showcase their products and provide starter packs. It is the best way to help users understand the wide range of possibilities that the block editor enables.

Having an official directory of community-contributed patterns could be an interesting way for creators to cross-promote their free blocks and designs, while opening up a whole new world of design options for self-hosted WordPress users. How many times have you been shopping around for just the right WordPress theme and found that you like certain sections and layouts offered in several different themes? Patterns give you the ability to cherry pick different sections to create your own unique layout for each page/post, without having to wrestle with the limitations of your theme.

The ability to browse and access community-contributed patterns directly within the editing interface may have a long list of technical challenges to solve, but it would undoubtedly put more design power into users’ hands.

Not everyone can take a blank canvas and artfully combine blocks to produce sophisticated designs. Putting patterns at users’ fingertips would make site building more of a delight, especially for users who are new to the block editor. It might also allow users to save their favorite patterns for future use, in the same way you can save your favorite themes and plugins.

The discussion on WordPress.org is just getting underway. A few of the original contributors on the idea have created a GitHub repository to track and explore some of the more technical considerations of launching an official block patterns directory. If you have ideas to contribute on how this could be implemented or want to share other considerations, make sure to comment on the post.

वर्डप्रेसने मुझे मेरे ज़िंदगी में कुछ अलग करने का मौक़ा दिया।

One fine day, I was checking my Twitter account and suddenly, got a message from HeroPress. I was astonished after getting a message from such a huge platform. I got to share a lot with Topher while having a long chat session with him. He then asked me to write an article for HeroPress.

It took me a while to think about what to write as writing about technical never excites me that much. Soon, I realized that what’s better than writing my own story and telling the story about how an introvert girl from a small village of India chased her dreams and gave a direction to her life.

Early Life

I was born in Banera, a small village in India. After completing my primary education there, I moved to my uncle’s place in a nearby city for higher education. There I decided to become an engineer. Being from a rural background, people in my village refuse the idea of sending their girl child to another city for further studies. Fortunately, that was not the case with me because my parents are immensely supportive and loving. They’ve always encouraged me to believe in myself and fulfil my dreams. With their support, I pursued my engineering in Electronics & Communication, and yes, that’s an entirely different field looking at my current profile.

Introduction to Web Development

Although I did my engineering in Electronics and Communication, I was not sure about having a future in this field. I was completely blank about my career and had no clue of what to do next. First, I thought about doing masters, but I was already tired of studying all those subjects. I applied for jobs, but there was no success. That was when one of my friends suggested that I should explore Web Development. The idea interested me, and then I started looking for some learning resources. Later I got an Internship as a PHP Developer. It was an unpaid internship, but still, I did it because I thought it would be an excellent opportunity to learn with real professionals.

Getting Started with WordPress

After doing the internship for three months, I got my first job. Before knowing WordPress, I got the chance to explore many CMS. I’d worked on Joomla, Magento and ExpressionEngine. Then my boss assigned me a small project on WordPress. At first glance, I found it very interesting. I found it surpassing and much better as compared to the other platforms I’ve worked on earlier. Its vast knowledge base made it easy for me to learn. I soon got comfortable managing WordPress, playing with plugins and themes, and started exploring it more in-depth.

There comes the next phase of my life. I was about to get married to Anand. He was in the same field as mine, and this helped me gain more confidence to pursue my interest. During our courtship period in 2015, he left his job and started his WordPress based Web Development Agency – WPVibes. Soon we got married, and I joined him as the first team member of WPVibes. Being part of a new startup gave me a lot of experience. I got to be involved in new processes. We started with Web Development, and soon we began exploring opportunities in plugin development. We started providing custom plugin development services as per the client’s requirement and created some free and paid plugins. We found it much more exciting and productive. Today, WPVibes is a team of 10 members.

Interaction with WordPress Community

I started following some WordPress based groups on Facebook, and there I got to know about WordCamps. Soon I got the opportunity to attend my first WordCamp – WordCamp Ahmedabad. There I learned how amazing WordPress Community is. WordCamp Ahmedabad has one of the best WordPress communities in India, and everyone, including organizers, attendees were so humble and welcoming. There I listened to speakers from India and abroad. Some of them shared how they got into WordPress and how WordPress has changed their lives. One of the most inspiring sessions was by Rahul Bansal. He talked about contributing to WordPress and giving back to the community. He also explained how contributing to WordPress can help you to enhance your knowledge. It inspired me to contribute to WordPress. At that time, I couldn’t manage to get involved with WordPress due to my busy schedule. The WordPress community of Ahmedabad immensely inspired us. Later, we started a WordPress meetup group in our city – Ajmer and found it a way to contribute to the community.

In the next WordCamp, I also attended the contribution day. Most of the contributors were inclined to contribute to Core, but I decided to choose a different path. I joined the team of WordPress TV Contributors.

WordPress TV is a platform where you can explore videos of WordCamp sessions. You can learn more about it here, https://make.wordpress.org/tv/.

Then I started contributing to WordPress Training. WordPress Training team manages the lesson plans and prepares content to educate people about building stuff for WordPress. The training team has recently launched a new platform for learning WordPress https://learn.wordpress.org/ (I am a proud contributor to this platform)

The year 2019 came with an exciting moment in my life. I got selected as a Volunteer for WordCamp Asia in Bangkok, Thailand. This was the very first edition of WordCamp Asia. After this, I got more involved with the community. I was very excited about playing this big role, attending my first WordCamp outside India, and that too, by being a part of the volunteering team. But due to the Covid pandemic, the event got cancelled. It was quite heartbreaking. Since all bookings were already made, we (me and my husband) didn’t cancel the trip and enjoyed a vacation to Thailand.

My message to WordPress Community

What I have learnt in my life is it doesn’t matter from where you come and what background you have. All that matters is your hard work and positive attitude towards life.

I have a message for all the WordPress lovers and also for those who are starting with WordPress. There is a huge community to help you with your learning, so start learning and try to give back to the community. It doesn’t matter if you are not comfortable with programming; there are many different ways in which you can contribute.

Jai WordPress!

---

जीवन में मिले रंग वर्डप्रेस के संग

उस दिन मैं अपना ट्विटर अकाउंट देख रही थी की तभी मुझे हीरो प्रेस की तरफ से एक संदेश आया| उसे देख कर अचम्भित रह गयी| मैं हीरोप्रेस पे बहुत से लेख पढ़ चुकी थी, तो ऐसे में अचानक से उसकी ओर से संदेश आने पर मेरा अचम्भित होना स्वाभाविक ही था| उसके बाद मेरी Topher (हीरो प्रेस के संस्थापक ) से लंबी बातचीत हुई और उसके बाद उन्होंने मुझे मेरा लेख लिखने के लिए कहा और साथ ही यह अनुरोध भी किया की मैं अपने लेख को अपनी मातृभाषा हिंदी में भी लिखुँ|

मुझे ये तय करने में काफी समय लगा की में इसमें क्या लिखूं| तकनीकी लेख लिखने में मेरी ख़ास रूचि नहीं थी| फिर मुझे लगा की क्यों ना इसमें खुद की कहानी ही लिखी जाए| लिखा जाए की कैसे भारत के एक छोटे से गाँव की एक अंतर्मुखी लड़की ने अपने सपनों को पूरा किया और अपने जीवन को एक दिशा दी|

प्रारंभिक जीवन

मेरा जन्म भारत के एक छोटे से गाँव बनेड़ा में हुआ था| मेरी प्रारंभिक शिक्षा वहीँ हुई| चूँकि हमारे गाँव में उच्च शिक्षा की कोई सुविधा नहीं थी अतः उसके लिए मुझे पास ही के शहर में

अपने ताऊजी के पास रहना पड़ा| उसके बाद मैने इंजीनियरिंग करने का विचार बनाया, परन्तु उसके लिए मुझे फिर किसी और शहर में जाना पड़ता| उस समय के ग्रामीण परिवेश में पढ़ाई के लिए ज्यादा दूर भेजने को सही नहीं माना जाता था, और वो भी खासकर जब बात एक लड़की की हो|

परन्तु मेरे मामले में मुझे मेरे माता पिता का पूरा सहयोग प्राप्त था| उन्होंने हमेशा ही मुझे आगे बढ़ने और अपने सपनों को पूरा करने के लिए प्रोत्साहित किया| उनके सहयोग से ही मैंने इलेक्ट्रॉनिक्स एंड कम्युनिकेशन (Electronics & Communication Engineering ) में इंजीनियरिंग करी| जी हाँ, ये मेरे वर्तमान कार्य क्षेत्र से पूर्णता भिन्न था|

वेबसाइट डवलपमेंट से मेरा परिचय

जैसा की मैंने बताया की मैंने इंजीनियरिंग बिलकुल ही अलग क्षेत्र में करी थी| मैंने कभी सपने में भी नहीं सोचा था कि सेमीकंडक्टर और सर्किट की पढ़ाई करने के बाद मैं वेबसाइट बनाउंगी| पर वक्त को शायद यही मंज़ूर था| इंजीनियरिंग पूरी करने के बाद मेरे पास २ विकल्प थे, आगे की पढ़ाई (M.Tech) करूँ या फिर नौकरी की तलाश करूँ| आगे पड़ने का मेरा मन नहीं था, तो मैंने नौकरी करना ही सही समझा| परन्तु काफी प्रयास के बाद भी मुझे कोई मनमाफिक नौकरी नहीं मिली|

ऐसे में मेरी एक सहेली ने मुझे वेबसाइट डेवलपमेंट में हाथ आजमाने की राय दी| कॉलेज के दिनों में मैंने थोड़ी PHP और HTML, CSS पढ़ी थी, तो मैंने उसी को और गहराई से समझना शुरू किया, कुछ कोर्स भी करे| मुझे जल्द ही PHP डेवलपर के तौर पर एक इंटर्नशिप मिल गयी| इसमें मुझे कोई वेतन नहीं मिलने वाला था, पर मुझे विश्वास था कि किसी कोर्स के बजाय ये एक बेहतर मौका है कुछ सीखने का|

वर्डप्रेस से मेरा जुड़ाव

३ महीने की इंटर्नशिप के बाद मुझे एक नौकरी मिल गयी| वहां वर्डप्रेस पर काम करने से पहले मैंने कई दूसरे CMS पर भी काम किया, जैसे कि Joomla, Magento, Expression Engine आदि| फिर कुछ समय बाद एक प्रोजेक्ट में वर्डप्रेस पर काम करने का मौका मिला| मुझे ये काफी ज्यादा दिलचस्प लगा| इससे पहले मैंने जिन CMS पर काम किया था, उनके मुकाबले यह बेहद सुलझा हुआ लगा| इसके बारे में जो जानकारी चाहिए वो आसानी से इंटरनेट पर उपलब्ध थी जिससे मुझे इसको सीखने में बिलकुल भी कठिनाई नहीं हुई| धीरे-धीरे वर्डप्रेस चलाने में, Plugins और Themes का उपयोग करने में मेरा आत्मविश्वास बढ़ता ही गया और मैं इन सबको और भी गहराई से सीखती गयी|

इसके बाद मेरे जीवन का एक अगला पड़ाव आया – शादी| नवम्बर २०१५ में मेरी शादी आनन्द से हुई|

वह भी वेबसाइट डेवलपमेंट के क्षेत्र में ही काम कर रहा था और इससे मुझे मेरा रुचिकर काम जारी रखने में कोई भी दिक्कत नहीं हुई| हमारी शादी के कुछ समय पहले ही आनन्द ने नौकरी छोड़कर अपनी खुद की वेब डेवलपमेंट कंपनी (WPVibes) शुरू करी| इसमें भी मुख्यतः काम वर्डप्रेस पर ही था| शादी के बाद मैँ भी पहली टीम मेंबर के तौर पर कंपनी से जुड़ गयी| एक बिलकुल ही नयी कंपनी से जुड़ना एक अलग ही अनुभव होता है| आपको कई ऐसी चीजें सीखने को मिलती है जो आप एक बड़ी स्थापित कंपनी में काम करके नहीं सीख सकते| शुरुआत में हम वेबसाइट ही बनाते थे, पर जल्द ही हमने Plugin डवलपमेंट में भी संभावनाएँ तलाशना शुरू किया| हमारी क्षमता को देखते हुए यह हमें ज्यादा रोमांचक और उत्पादक लगा|

वर्डप्रेस कम्युनिटी और मैं

मैं फेसबुक पर वर्डप्रेस से संबंधित कुछ ग्रुप से जुड़ी| यहाँ मुझे बहुत कुछ सीखने को मिला और मुझे वर्डकेम्प (WordCamp) के बारे में भी पता पड़ा| जल्द ही मुझे मेरे पहले वर्डकेम्प – वर्डकेम्प अहमदाबाद में भाग लेने का मौका मिला| यहाँ मुझे एहसास हुआ की वर्डप्रेस समुदाय (community ) कितना जबर्दस्त है| वर्डकेम्प अहमदाबाद, भारत में होने वाले श्रेष्ठ वर्डकेम्प में से एक है|

यहाँ मैंने देश विदेश से आये हुए कई लोगों के वक्तव्य सुने| इनमें से सबसे ज्यादा प्रेरणादायक राहुल बंसल का वक्तव्य लगा, जिसमे उन्होंने वर्डप्रेस समुदाय को अपनी ओर से कुछ वापिस देने के बारे में (Give Back to the Community) चर्चा करी| उन्होंने यह भी बताया की किस तरह वर्डप्रेस में योगदान करना आपके लिए ज्ञानवर्धक भी साबित हो सकता है| इससे मुझे वर्डप्रेस में अपना योगदान देने की प्रेरणा मिली| हालांकि किसी कारण वश उस समय में वर्डकेम्प के Contribution Day में भाग नहीं ले पायी थी| वहां की वर्डप्रेस समुदाय से प्रेरित होकर हमने हमारे शहर अजमेर में भी वर्डप्रेस मीटअप (Meetup) की शुरुआत करी और लोगो को वर्डप्रेस से जुड़ने और इसके बारे में जानकारी देना शुरू करा| यह भी वर्डप्रेस में अपना योगदान (contribute) देने का ही एक माध्यम है|

अगले वर्डकेम्प में मैंने Contribution Day में भी भाग लिया| ज्यादातर योगदानकर्ताओं (Contributors) का झुकाव Core की तरफ रहता है, ऐसे में मैंने कुछ हटकर करने की सोची और वर्डकेम्प टीवी (WordPress TV) में योगदान करने के बारे में सीखा| वर्डप्रेस टीवी एक वेबसाइट है जहाँ आप पूरी दुनिया के वर्डकेम्प से जुड़े वीडियो देख सकते हैं| इसके बारे में अधिक जानकारी के लिए आप यहाँ देख सकते हैं https://make.wordpress.org/tv/

इसके बाद मैंने वर्डप्रेस ट्रेनिंग (WordPress Training) में भी योगदान करना शुरू करा| वर्डप्रेस ट्रेनिंग की टीम वर्डप्रेस के बारे में जागरूक और शिक्षित करने के लिए पाठ्य सामग्री तैयार करती है|

हाल ही में शुरू करी गयी एक वेबसाइट https://learn.wordpress.org/ में भी मेरा छोटा सा योगदान हैं|

वर्ष २०१९ मेरे लिए एक बहुत ही अच्छा मौका लेकर आया| मेरा चयन पहली बार होने वाले वर्डकेम्प एशिया २०२० (WordCamp Asia 2020) में वालंटियर के तौर पर हुआ| इसका आयोजन बैंकाक (थाईलैंड) में होने वाला था| मैं इसे लेकर काफी उत्साहित थी| ये भारत के बाहर किसी वर्डकेम्प में भाग लेने का मेरा पहले मौका था और वो भी एक वालंटियर की तरह| परन्तु कोरोना महामारी के कारण ये मात्र एक सपना ही रह गया| इसके आयोजन के कुछ दिन पहले ही इसे रद्द कर दिया गया|

फिर भी मैंने मेरी यात्रा रद्द नहीं करी और आनन्द के साथ थाईलैंड में कुछ दिनों की छुट्टियों के मजे लिये|

वर्डप्रेस समुदाय के लिए मेरा संदेश

मैंने अपने अभी तक के जीवन से यही सीखा है की इससे कोई फर्क नहीं पड़ता की आप कहाँ से आये हैं और क्या आपकी पृष्ठभूमि रही है| यदि आप मेहनत कर सकते है और एक सकारात्मक सोच रखते है तो आप अपने रास्ते खुद बना सकते हैं|

सभी वर्डप्रेस के चाहने वालो और खासकर उनके लिए जो अभी वर्डप्रेस से जुड़े हैं या जुड़ना चाहते हैं उनसे मेरा यही कहना है की आगे बढ़े, आपकी मदद के लिए एक बहुत ही बड़ा समुदाय (community) है| तो भी शुरू करें और जब भी हो किसी भी तरह से अपना भी योगदान देने की कोशिश करें| जरूरी नहीं की आपको प्रोग्रामिंग आती हो, अगर आप अपने एक मित्र को वर्डप्रेस के बारे में बताते है या सिखाते हैं तो ये भी एक तरह का योगदान ही है|

जय वर्डप्रेस !

The post A Life Changing Journey With WordPress – जीवन में मिले रंग वर्डप्रेस के संग appeared first on HeroPress.

For many years, WordPress enthusiasts have filled out an annual survey to share their experiences and feelings about WordPress. Interesting results from this survey have been shared in the annual State of the Word address and/or here on WordPress News. 

This survey helps those who build WordPress understand more about how the software is used, and by whom. The survey also helps leaders in the WordPress open source project learn more about our contributors’ experience.  

To ensure that your WordPress experience is represented in the 2020 survey results,

You can also take the survey in French, German, Japanese, Russian, and Spanish! The survey will be open for at least 6 weeks, and results will be posted on this blog.

2019 Survey Results

The 2019 survey included some new questions to better understand why people continue to use WordPress as their preferred CMS, as well as a section directed toward WordPress contributors. For the first time in 2019, this survey was translated into 5 different languages: French, German, Japanese, Russian, and Spanish.

The first WordPress Contributor Survey was conducted in 2015, but unfortunately the results were never published. This report includes Contributor Survey results from both 2015 and 2019. 

Survey Segments

Major groups in the survey included: WordPress Professionals, WordPress Users, and Others. 

The WordPress Professionals group consists of those who: work for a company that designs/develops websites; use WordPress to build websites and/or blogs for others; design or develop themes, plugins, or other custom tools for WordPress sites; or are a designer, developer, or other web professional working with WordPress.

This WordPress Professionals group is further divided into WordPress Company Pros (those who work for a company that designs/develops websites) and WordPress Freelancers/Hobbyists (all other professional types) subgroups.

The WordPress User group consists of those who: own or run a blog that is built with WordPress; own or run a website that is built with WordPress; write for or contribute to a blog/website that is built with WordPress; use WordPress for school as a teacher; use WordPress for school as a student, or are learning to build websites using WordPress.

The Others group consists of those who did not self-identify with any of the options provided for the question, “Which of the following best describes how you use WordPress?”

2019 Survey Results Summary

WordPress remains the platform of choice for future projects among those surveyed. Overwhelmingly, the reasons cited for this are that WordPress is the CMS people already know, and that the community supporting it is valuable. Professionals and users report similar levels of frustration with updates and Gutenberg. Both groups also love the ease of use they find in WordPress.

The number of professionals who report providing a heavily customized experience to clients has increased substantially, while at the same time the amount of time reported on creating those sites has decreased. Regardless of frustrations felt with various features, this seems to indicate that ease of use has been on the rise.

More details on sentiment, usage, and other interesting topics are available in the report: check it out!

Before you go: take the 2020 Survey!

Knowing why and how people use WordPress helps those who build WordPress to keep your needs and preferences in mind. 

The survey will be open for at least 6 weeks, and results will be published on this blog. All data will be anonymized: no email addresses or IP addresses will be associated with published results. To learn more about WordPress.org’s privacy practices, check out the privacy policy.

Like last year, the 2020 survey will be promoted via a banner on WordPress.org, as well as by WordPress enthusiasts. Each of the translated surveys will be promoted through banners on their associated localized-language WordPress.org sites. Please encourage your WordPress pals and social media followers to take the survey too!

To ensure your WordPress experience is represented in the 2020 survey results… don’t delay!

(Also available in French, German, Japanese, Russian, and Spanish!)

WordPress 5.6 beta 2 is now available for testing!

This software is still in development, so we recommend that you run this version on a test site.

You can test the WordPress 5.6 beta in two ways:

• Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option).
• Or download the beta here (zip).

WordPress 5.6 is slated for release on December 8, 2020, and we need your help to get there!

Thank you to all of the contributors that tested the beta 1 development release and provided feedback. Testing for bugs is an important part of polishing each release and a great way to contribute to WordPress.

Some highlights

Since beta 1, 53 bugs have been fixed. Here is a summary of a few changes included in beta 2:

• 6 additional bugs have been fixed in the block editor (see #26442).
• Unified design for search forms and results across the admin (#37353).
• Exposed the embed Gutenberg block to Core (#51531).
• Updated Twemoji (#51356), React (#51505), and Akismet versions (#51610).
• Added accessibility improvements (among other things) to Application Passwords (#51580).
• Added indicator to image details for images attached to a site option (#42063).

Developer notes

WordPress 5.6 has lots of refinements to the developer experience as well. To keep up, subscribe to the Make WordPress Core blog and pay special attention to the developers’ notes for updates on those and other changes that could affect your products.

How to Help

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you!

If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.

Carrd-like theme front page template.

It is no secret that I think the future of theming with WordPress is bright, that the Gutenberg project will eventually pay off. As a former full-time theme developer, I lived through the years where there were no standards for how to build certain features. It was much like the Wild West. There were vast, unexplored territories. Each themer was setting off to find gold with the latest tricks and techniques they had learned.

One of the reasons I remain a fanboy of the Gutenberg project is because of experiments like the Two Column Landing Page theme (yes, that’s literally the theme name) that Kjell Reigstad put together in less than an hour. It is a Carrd-like layout. It is a simple one-page theme that is essentially an “about me” page. Under the hood, it required no custom framework or non-standard options. It simply utilized existing tools from WordPress and Gutenberg.

Two Column Landing Page is an unfinished product. Technically, it is a pull request that has yet to be officially merged into the WordPress theme experiments repository. Automattic Theme Wrangler Ian Stewart passed a Carrd demo link along, and Reigstad pieced together a block-based version for WordPress.

The theme was easy to customize via the site editor, which continually improves with each release of Gutenberg (9.2 had some nice improvements with its template switcher).

Customized theme front page.

For anyone who wants to give the theme a spin, they will need to grab the two-column-landing-page theme folder from the try/two-col-landing-page branch of the theme experiments repository. Enabling full-site editing within the Gutenberg plugin is also a requirement.

Why This Theme Is the Future

This Cardd-like theme is special not because it is anything extraordinary from a front-end design standpoint. It is special because it showcases how simple WordPress theming can be.

Theme authors will continue to build and experiment with old and new ideas. It will simply be much less hassle to do so. With traditional theming, developers who wanted to achieve this same Carrd-like layout for the front page of the site would have needed to build several customizer options and often provide extensive instructions on how to piece it together. When full-site editing finally lands in core, themers will be able to define a single template with predefined blocks.

No hooking into the customizer.

No need to register a database option.

No need to register a form field.

No need to sanitize user input for security.

No conditional checks before outputting front-end content.

WordPress will handle all these bits. If theme authors are not excited about this, they have not been paying attention. Now is the time to start.

This has been the problem with theme “design” over the years. More and more, it has become a business of learning relatively advanced PHP just to build out basic options. Because WordPress fell so far behind alternative solutions, far too much responsibility was placed onto the shoulders of theme developers. They were doing less and less design work and an increasing amount of programming. They were forced to build custom solutions to push past the shortcomings of WordPress.

Full-site editing is flipping the switch. It is transitioning toward a design framework that simplifies the process of building themes.

With block-based themes and the site editor, theme authors can simply define an HTML template with blocks. The user can then customize it how they like via the site editor.

To non-developers, it is hard to explain how revolutionary it is to take this step back from programming and a step toward designing. Themes are getting put into their proper place. This Carrd-like layout may be simple. However, with traditional theming, it would have been massively more complex.

The Two Column Landing Page theme supports other views, such as the posts page, single posts, and more. However, it should not have to. The future of theming should mean that the theme itself could be nothing more than a front-page.html file — the template that controls the front page output — and nothing more.

This means that the Themes Team, the gatekeepers to the official theme directory, may need to loosen the reins a bit. While the team currently allows experimental block-based themes, guidelines in the new era will need to be scaled back to the point that they are almost nonexistent if we want to see an explosion of artistry in the theme directory. Many of those rules were put into place because of the limitations of the system. When full-site editing lands in core and developers are building themes from blocks, many of the rules will become antiquated.

If you have been testing the latest development version of WordPress in the past week or so, you may have noticed that the ability to drag and drop meta boxes seemingly disappeared. This is not a bug. Nine days ago, lead developer Andrew Ozz committed a change that requires end-users to click the “screen options” tab to expose the ability to rearrange meta boxes.

Ozz opened the original ticket and has spearheaded the effort to change how users interact with meta boxes. The issue he would like to solve stems from a change in WordPress 5.5. WordPress’s last major release introduced visible “drop zones” in cases where a meta box container did not contain any meta boxes. These zones let users know that they can move meta boxes into those areas. This change was to fix a regression from a previous release. Needless to say, it was a rabbit hole of changes to chase down. Nevertheless, the problems with meta boxes were presumably fixed in WordPress 5.5.

Empty meta box holder on Dashboard screen.

Ozz opened the ticket to remove the always-visible drop zones when no meta boxes were present. The argument is that the ability to move meta boxes around the screen is technically a “screen option.” Thus, it should only be triggered when the end-user has opened the screen options tab.

Another side issue is that he wanted to address accidental dragging, which he described as more common on laptops with trackpads than other devices.

Some readers may be thinking that meta boxes are going the way of the dinosaur. For those users who have migrated to 100% usage of the block editor, there is a good chance that their only interaction with meta boxes is on the Dashboard admin screen. For users on the classic editor, meta boxes are tightly interwoven into their day-to-day workflow. Many plugins also use the meta box system on custom admin screens.

The biggest counter-argument is that, because meta boxes look and feel like draggable elements, the ability to do so should be active at all times.

The point of contention is primarily about whether dragging and dropping meta boxes is technically a screen option. One side sees the WordPress 5.5 implementation as a broken user experience. The other side sees the new method as broken.

Without user data to back it up, no one can say which method is truly the best option. However, changes to a standard user experience that is more than a decade old are likely to be problematic for a large number of users.

This seems like one of those if-it-ain’t-broke-don’t-fix-it situations. With years of muscle memory for existing users and an expectation for how meta boxes should work, relegating the ability to drag them around the interface to the little-used screen options tab is a regression. At the very least, it is a major change that needs heavy discussion and testing before going forward.

“Nothing breaks, per se,” said John James Jacoby, the lead developer for BuddyPress and bbPress. “Nothing fatal errors. Nothing visually looks different. Yet, a critical user interface function has now gone missing. In my WP User Profiles plugin, for example, there are 15 registered meta boxes. Previous to this change, users with the device and dexterity to use a mouse/pointer/cursor could rearrange those meta boxes with simple dragging and dropping. After this change, no user can rearrange them without first discovering how to unlock the interface to enable rearranging.”

The problem is illustrated by the following screenshot from the WP User Profiles plugin. Each of the highlighted boxes represents areas where end-users would typically be able to click to drag a meta box around the screen. If the current change is not reverted, many users may believe the plugin is broken when they upgrade to WordPress 5.6.

Meta boxes from the WP User Profiles plugin.

“Is there a plan for letting existing users know that moving metaboxes is now only when Screen Options is open?” asked Helen Hou-Sandì, the core tech lead for 5.6, in the ticket. “I’m not sure I would ever discover that as an existing user and would be convinced everything was broken if I updated with no context.”

The current solution is to drop a note in the “What’s New” section of the WordPress 5.6 release notes to let users know of the change, which may not be visible enough for most users to see. If it does go through, ideally, users would be welcomed with an admin pointer that describe the change directly in their WordPress admin interface.

There are also accessibility impacts to consider. Joe Dolson, a core WordPress committer and member of the accessibility team, said the user experience for keyboard users would become difficult and that the feature would be harder to discover.

“I can’t see a way in which this change, as currently implemented, improves the experience for anybody,” he said. “The proposal from the accessibility team is how we could compromise to reduce the visual impact of the movers without compromising the usability of the system at this extreme level; but just not doing this would be something I’d find entirely acceptable, as well.”

So far, most people who have chimed in on the ticket have given numerous reasons for why this is not a good idea. There is almost no public support for it at this time. However, it currently remains in the latest development/trunk version of WordPress. If not reverted in the coming weeks, it will land in WordPress 5.6.

Update: This change was reverted in WordPress core on October 27, 2020.

WordPress 5.6 is set to include a new default theme, Twenty Twenty-One, designed to give users a blank canvas for the block editor. The theme doesn’t fall under any particular category and is meant to be suitable for use across different types of websites. One new feature that has very recently come under consideration is support for a dark mode that can be toggled on or off.

Contributors have raised the possibility of including a dark mode in several issues while the theme has been in development. Mel Choyce, who is leading the design on the default theme, published a summary of the team’s recent discussions about which options the theme should make available for site owners and viewers in support of dark mode, or if the feature should simply be scrapped.

“We’ve built in a Customizer setting that lets site owners opt their sites out of supporting Dark Mode, for greater design control,” Choyce said. “Additionally, we’re considering adding a front-end toggle so site viewers can turn Dark Mode on/off, regardless of their OS/Browser preference. This setting would only show if a site allows Dark Mode support.”

Choyce outlined five different combinations of options for supporting it, including two options that allow site owners to disable it, regardless of the user’s selection in their OS/browser. Two other options require the site to support dark mode but differ in whether or not the visitor is allowed to toggle it on or off.

Does Twenty Twenty-One Need a Dark Mode?

Dark mode was a late addition to the default theme’s development. Choyce said the idea seems like a good opportunity to explore but ideally the team would have intentionally designed the feature before development started.

In the comments of the post, contributors are discussing the many intricacies of adding this feature to a theme that will be on by default for new WordPress sites. A few commenters noted there might be issues and surprises with logos and transparent images. For this reason, several made the case for shipping it as an opt-in feature and not on by default.

Others did not see the need for users to be able to toggle dark mode on/off for individual websites when they already have controls available through their system or browser preferences.

Kjell Reigstad contends that users’ expectations have not yet translated into demand for this feature.

“As much as I’m a fan of dark mode in general (I use it on all my devices and it definitely helps to reduce eye strain), I think the general public views it as ‘a thing that apps do’ — not something that websites do yet,” Reigstad said. “As mentioned above, this theme could be a step towards changing that perception, but the feature’s novelty is something to keep in mind.”

WordPress 5.6 core tech lead Helen Hou-Sandí suggested it might be better to develop the feature as a plugin, instead of pushing for it to be ready in a short time frame.

“My instinct right now is that it would be best to split dark mode for Twenty Twenty-One out into a plugin as a form of opt-in, primarily because I think that will both ease the burden for meeting the bar for core ship and also gives space for the feature to be iterated on outside of the core development cycle,” Hou-Sandí said. She also noted that users will be doing things with the theme that core contributors cannot anticipate and a plugin is an easier route for responding to those needs.

“By separating it out, I think it has a better chance of reaching a point where it encompasses enough by default to be a theme setting without too much futzing on the user’s part, or even enough of a thing to be a feature for all themes at large,” Hou-Sandí said.

Choyce and Carolina Nymark agreed with this suggestion and announced a decision in the WordPress Slack #core-themes channel this morning, based on feedback on the post.

“Carolina Nymark and I made the decision to move Dark Mode out into a plugin,” Choyce said. “This will allow us to better address all of the edge cases we’ve been encountering without slowing down the progress of bug fixing within the core theme.”

The plugin is being developed on GitHub where contributors will explore how to support the feature moving forward.

WordCamp Finland 2020 is just right around the corner and speaker announcements have started to roll out! The online event with two session tracks takes place November 12 at 12-17 UTC+2. Our organizing team is super excited about the event and upcoming content!

Tickets for WordCamp Finland Online 2020 are absolutely free! We strongly recommend registering for a ticket, as this will give you the full WordCamp experience. This will give you access to Q&A sessions, networking opportunities with speakers, sponsors and other attendees. If you would rather not register, you will still be able to watch the talks.

Register free for the WordCamp Finland Online.

First speakers have been announced and more speakers as well as the full schedule will be announced shortly! Make sure to follow us on Twitter to get the news about new announcements.

There’s also still open call for volunteers to help us during the event day. Being a volunteer is more than lending a hand, it is the secret sauce that makes a wordcamp a WordCamp! Make sure to apply if you’d like to help make the event.

 

Akismet was launched 15 years ago today, when Automattic founder Matt Mullenweg announced it on his blog in a post describing what Akismet was and what it could become. Given how much the world has changed in the last decade and a half (back then spammers were pushing cheap flip phones and counterfeit Livestrong bracelets), we thought it would be fun to see whether Akismet succeeded in meeting the hopes and dreams that Matt laid out back in October 2005.

“Akismet is a new web service that stops comment and trackback spam. (Or at least tries really hard to.)”

Fact check: true! Akismet has stopped 500,000,000,000 pieces of comment and trackback spam since October 2005. That’s an average of a thousand spam per second, every second, since before Twitter existed. Plus another thousand in the time it took you to read that sentence. And this one. (And this one.)

“The service is usable immediately as a WordPress plugin and the API could also be adapted for other systems.”

Akismet is still usable as a WordPress plugin, and there are now dozens of Akismet clients for non-WordPress systems, plus countless other implementations for custom platforms. Some people say that Akismet is the most open anti-spam API on the Web. Some people are right.

“If nothing else, I hope this makes blogging more joyful for at least one person.”

According to an informal survey we just performed, Akismet has made blogging more joyful for multiple people. If you’re one of those people, put on a party hat, grab a piece of cake, and join us in wishing Akismet a very happy 15th birthday.

Last week, Yext launched its Yext Answers plugin to the WordPress community. The goal was to bring a platform that won the Best Software Innovation category of the 2020 Global Search Awards to WordPress. However, my experience was far from satisfactory.

“For people searching on a WordPress website, the Answers Connector provides a seamless search experience,” said Alexandra Allegra, the Senior Product Marketing Manager at Yext. “For businesses and organizations that integrate it, it drives higher rates of conversion, which generates more revenue. It helps lower support costs because when businesses can deliver detailed, official answers, customers don’t have to call customer service. And finally, it unveils valuable customer insights, because businesses can see new questions coming in — in real-time.”

Yext Answers is essentially trialware. Technically, the plugin itself is free. However, Yext is currently running a 90-day free trial for access to its Answers platform. The website does not seem to provide an easy way to find what the true cost will be after that initial 90 days. To upgrade, users must contact the Yext team via email or phone.

The website does provide an estimated cost calculator. The lowest tier available via this calculator is for 20,000 searches per month at $5,000. It is unclear if there are lower pricing options. The Yext team provided no further details when asked about billing.

The plugin is marketing itself primarily toward business users. It can replace a WordPress site’s traditional search, which is customizable to suit various site owner’s needs, according to the Yext team.

Over the past week, I have discussed this plugin with a representative from the company, watched demo videos, and attempted to test the plugin. Thus far, it has been a subpar experience. I typically forgo writing about plugins that do not pan out. However, after the initial investment into what looked to be an interesting project, I wanted to share my experience, and my hope is that it helps the team build a better product in the long term.

I have yet to get the Yext Answers plugin to work. It requires an account with the Yext website. It also requires that end-users enter multiple fields on the plugin settings screen in WordPress. Unfortunately, after a frustrating amount of searching, I was never able to successfully find all of the correct information or get the information I did have to work. I gave up on the endeavor.

The demo video does show the promise of a somewhat interesting plugin:

Perhaps people who are already familiar with the Yext platform may have better luck. However, I would not recommend it to anyone new, at least in its current state.

There are far better options for connecting via third-party APIs that would be simpler for the average end-user (or even a developer of 15+ years such as myself). The one-click login process provided via the MakeStories plugin, which I covered recently, is a prime example of how to do things right.

We are at a point in the internet era in which end-users should have simple, no-fuss connections between sites. Entering IDs, keys, and other complex fields should be tucked under an “advanced” section of the options screen, not as part of the default experience. Or, they should be so easily available that no one should have trouble finding them.

Launching with Shortcodes Instead of Blocks

Two years after the integration of the block editor into WordPress, the Yext team is launching its Yext Answers plugin with shortcodes, which require manual entrance by end-users. Currently, the plugin does not have block equivalents for its shortcodes.

The team was either unwilling or unable to answer even the most fundamental questions about their decision to use shortcodes rather than launching their plugin — in the year 2020 — with at least block alternatives. At points, they even seemed confused about the subject altogether.

The closest the team came to providing feedback after a lengthy discussion was the following, attributed to Rose Grant, the Associate Product Manager:

We’re looking forward to feedback on the initial release of our plugin before iterating further on it, including introducing custom blocks. For this version of the plugin, we wanted to prioritize supporting clients who are using older versions of WordPress.

Packaging a set of shortcodes within a plugin is still a good practice, even for plugin developers who have transitioned fully to supporting the block editor. It allows them to support users who are still working with the classic editor. However, at this point, developers should be building from a block-first mindset. Blocks do not require that users remember specific shortcode names. They provide instant, visual feedback to users in the editor. And, block options (as opposed to shortcode arguments) do not rely on the oftentimes faulty input of user typing.

At this point, all plugin developers should consider shortcodes a legacy feature and useful only as a backward-compatible option for users on the classic editor.

The Communications Strategist for the company pointed out that this is Yext’s first venture into WordPress plugins and that the team may not be able to provide perspective or commentary on such questions related to blocks and shortcodes. However, this is the third Yext-related plugin associated with the plugin author account on WordPress.org.

Gutenberg 9.2 was released this week and is the last release of the plugin to be rolled into WordPress 5.6. It features the long-awaited video tracks functionality, closing a ticket that has been open for more than two years under development.

Video tracks includes things like subtitles, captions, descriptions, chapters, and metadata. This update introduces a UI for adding video tags, which can contain multiple track elements using the following four attributes:

• srclang (Valid BCP 47 language tag)
• label (Title for player UI)
• kind (Captions, Chapters, Descriptions, Metadata or Subtitles)
• src (URL of the text file)

The ability to edit tracks is exposed in the video block’s toolbar:

This update closes a major gap in video accessibility and greatly improves the user experience of videos.

Gutenberg 9.2 also introduces the ability to transform multiple selected blocks into a Columns block. For example, users can select three image blocks and instantly change them into a three-column section. Columns can be created from any kind of block, including InnerBlocks. The transform option will appear if the number of selected blocks falls between 2-6. (The maximum number is derived from the maximum number of columns allowed by the Columns block.)

Another notable feature in 9.2 is the expansion of Cover blocks to support repeated background patterns. This gives users more flexibility in their designs, opening up a new set of possibilities.

This release brings in more than a dozen improvements to the new Widgets screen, as well as updates to the Query Block and Site Editor experiments. The most notable smaller enhancements to existing features include the following:

• Add dropdown button to view templates in sidebar. (26132)
• Gallery block: Use image caption as fallback for alt text. (26082)
• Table block: Use hooks + API v2. (26065)
• Refactor document actions to handle template part titles. (26043)
• Info panel layout improvement. (26017)
• Remove non-core blocks from default editor content. (25844)
• Add very basic template information dropdown. (25757)
• Rename “Options” modal to “Preferences”. (25683)
• Add single column functionality to the Columns block. (24065)
• Add more writing flow options: Reduced UI, theme styles, spotlight. (22494)
• Add option to make Post Featured Image a link. (25714)

Since the Gutenberg 9.2 release was delayed by a week, it includes many more bug fixes and code quality improvements than most releases. Check out the full changelog for more details.

ESLint, one of the most popular JavaScript linting utilities, quickly eclipsed more established early competitors, thanks to its open source license. The clear licensing enabled the project to become widely used but did not immediately translate into funds for its ongoing development. Despite being  downloaded more than 13 million times each week, its maintainers still struggle to support the utility.

A little over a year since launching ESLint Collective to fund contributors’ efforts, the project’s leadership shared some of the successes and challenges of pursuing the sponsorship model. One effort that didn’t pan out was hiring a dedicated maintainer:

This was a difficult thing for the team to work through, and we think there’s an important lesson about open source sustainability: even though we receive donations, ESLint doesn’t bring in enough to pay maintainers full-time. When that happens, maintainers face a difficult decision: we can try to make part-time development work, but it’s hard to find other part-time work to make up the monthly income we need to make it worthwhile. In some cases, doing the part-time work makes it more difficult to find other work because you are time-constrained in a way that other freelancers are not.

One somewhat successful experiment ESLint explored is paying its five-person Technical Steering Committee (TSC), the project leadership responsible for managing releases, issues, and pull requests. Members receive $50/hour for contributions and time spent on the project, capped at a maximum of $1,000/month. The cap prevents TSC members from spending too much time on the project in addition to their day job so they don’t get burned out.

The team reports that this stipend arrangement has worked “exceedingly well” and contributions have slowly increased: “There is something to be said for paying people for valuable work: when the work is explicitly valued, people are more willing to do it.”

On larger projects like WordPress, corporate contributions are critical to its ongoing development. In recent years, the Five for the Future campaign has helped compensate many contributors as their employers pay them a salary while donating their time to work on WordPress.

Some of the major advancements in WordPress require an immense investment of time and expertise. It’s problem solving that requires working across teams for months to build complex solutions that will work for millions of users. That’s why you don’t see armies of people building Gutenberg for free. Much of the development is driven by paid employees and might not otherwise have happened without corporate donations of employee time. Automattic, Google, Yoast SEO, 10up, GoDaddy, Human Made, WebDevStudios, WP Engine, and many other companies have collectively pledged thousands of hours worth of labor per month. The diversity of companies and individuals supporting WordPress helps the project maintain stability and weather the storms of life better.

Smaller open source projects like ESLint rarely have the same resources at their disposal and have to experiment. Summarizing the one-year review of paying contributors from sponsorships, the team states: “Maintaining a project like ESLint takes a lot of work and a lot of contributions from a lot of people. The only way for that to continue is to pay people for their time.”

When even the most popular utilities struggle to gain enough sponsorships, what hope is there for smaller projects? Many utilities that have become indispensable in developers’ workflows are on a trajectory towards becoming unsustainable.

“Unfortunately, utilities like these rarely bring in any meaningful amount of money from donations, no matter how widely used or beloved they are,” OSS engineer Colin McDonnell said in his proposal for a new funding model. “Consider react-router. Even with 41.3k stars on GitHub, 3M weekly downloads from NPM, and nearly universal adoption in React-based single-page applications, it only brings in ~$17k of donations annually.”

McDonnell proposed the concept of “sponsor pools,” to fund smaller projects that are unable to benefit from existing open-source funding models. Instead of making donations on a per-project basis, open source supporters could donate a set amount into a “wallet” every month and then distribute those funds to projects they select for their sponsor pools. The key part of the implementation is that adding new projects to the pool should only take one click, reducing the psychological friction associated with supporting additional projects.

McDonnell suggested that GitHub is the only organization with the infrastructure to implement this model as an extension of GitHub Sponsors. One commenter on Hacker News proposes that Sponsors and the idea of “sponsors pool” could exist in parallel.

“I believe that there’s a meaningful difference between being the patron of a developer and feeling like you’re backing a creator with feelings and a story and a family… and wanting to be a good citizen that has an approved list of projects that I benefit from and want to support,” Pete Forde said.

“I can sponsor Matz, get his updates and feel good about knowing I am counted as a supporter AND set aside $$$ per month to contribute to all of the tools I use in my projects simply because it’s the right thing to do and I want those projects to exist for the long term. They are completely different initiatives. Patreon vs Humble Bundle, if you will.”

Tidelift is another concept that was highlighted in the HN discussion. It has a different, unique approach to funding open source work. Tidelift pools funds from the organizations using the software to support the maintainers.

“I maintain ruby grape, a mid-sized project,” Daniel Doubrovkine said. “We get $144/month from Tidelift. As more companies signup for corporate sponsorship the dollar amount increases. It’s a pool.”

Snowdrift takes a more unusual approach to pooling sponsorships where patrons “crowdmatch” each others donations to fund public goods. It runs as a non-profit co-op to fund free and open projects that serve the public interest.

Flossbank is more specifically targeted at funding open source projects and takes technical approach to ensuring equitable contributions to the the entire dependency tree of your installed open source packages. The organization claims to provide “a free and frictionless” way to give back to maintainers. Developers can opt into curated, tech-focused ads in the terminal when installing open source packages. As an alternative, they can set a monthly donation amount to be spread across the packages they install.

No single funding model is suitable for all projects but the experiments that pool sponsorships in various ways seem to be trending, especially for supporting maintainers who may not be as skilled in marketing their efforts. The conversation around supporting utilities continues on Hacker News. WordPress developers who depend on some of these utilities may want to join in and share their experiences in funding small projects.

Version 4.1.7 of the Akismet plugin for WordPress is now available. It contains the following changes:

• Stops using the deprecated wp_blacklist_check function in favor of the new wp_check_comment_disallowed_list function.
• Shows the “Set Up Akismet” banner on the comments dashboard page, where it’s appropriate to mention if Akismet has not yet been configured.
• Miscellaneous text changes.

To upgrade, visit the Updates page of your WordPress dashboard and follow the instructions. If you need to download the plugin zip file directly, links to all versions are available in the WordPress plugins directory.

Q WordPress theme screenshot.

Themes Team representative Ari Stathopoulos is now officially the first theme author to have a theme in the directory that supports full-site editing (FSE). With a slimmed-down beta release of FSE shipping in WordPress 5.6 this December, someone had to be the first to take the plunge. It made sense for someone intimately familiar with theme development and the directory guidelines to step up.

In many ways, it is a huge responsibility that Stathopoulos has taken on. Until one of the default Twenty* themes handles FSE, the Q theme will likely be one of the primary examples that other theme authors will follow as they begin learning how to build block-based themes.

Earlier this month, I used Q to test FSE and determine how much it had advanced. It is at least months away from being ready for use in production. The beta release in 5.6 is more or less just to get more people testing.

Stathopoulos has no plans to make Q much more than a bare-bones starter or experimental theme. It is almost a playground to see what is possible.

“Q was born out of necessity,” he said. “I couldn’t work on full-site editing or global styles without having a base theme for them, so for a while, I had it in a GitHub repository. I decided to release it to the WordPress.org repository because I think I might not be the only one with those issues. Downloading a theme in the dashboard is easier than cloning a repository for most people.”

Existing block-based themes are few and far between. Automattic and some of its employees have some experimental projects, but none of those are in the official directory for anyone to test. Stathopoulos wanted a base theme that was unopinionated in terms of design that would allow him to work on FSE, test pull requests, and experiment with various ideas.

“It has some ideas for things that ultimately I’d like to see implemented in FSE, and it’s a playground,” he said. “For example, the addition of a skip-link for accessibility in the theme, an implementation for responsive/adaptive typography, and conditional loading of block styles only when they are used/needed. These are things that I hope will be part of WordPress Core at some point, and the Q theme explores ideas on how to implement them.”

He began work on the theme over a year ago and continues working on it as a side project. He said Yoast, his employer, fully supports the idea of creating things that are beneficial for other theme designers and WordPress core.

Developing an FSE-Capable Theme

Editing the Q theme single post template in the site editor.

End-users must install the Gutenberg plugin and activate the experimental FSE feature to use the theme or any similar theme. Currently, FSE is missing many key features that make it viable for most real-world projects. However, theme developers who plan to work with WordPress over the next several years will need to begin testing and experimenting. Q makes for a good starting point to simply get a feel for what themes will look like.

“The biggest issue was — and still is — keeping up with Gutenberg development,” said Stathopoulos. “Many things are currently fluid, and they happen at a very high pace. The reason I created the theme was because other themes I was testing, as part of my contribution to the Themes Team, were not properly maintained or updated. I wanted to create a starter theme that can be used as a starting point for others as well.”

One of the biggest questions still hanging in the air is what the timeline will look like for publicly-available, block-based themes. Will 2021 be the year they take over? That is unlikely given the feature’s current state. However, there will be a point where developers are no longer building classic or traditional themes.

“I think we’re going to see a lot more FSE themes in 2021,” said Stathopoulos. “It might take a couple of years before they become the standard, but after the release of WordPress 5.6, I hope there will be a lot more development and focus on FSE and global styles. Whether we see more FSE themes or not depends on when some things get merged in WordPress core.”

He pointed out some critical missing features from Gutenberg at the moment. The big one is that the Query block, which is the block that displays posts on the front end, does not inherit its options from the global query. Essentially, this means that, regardless of what URL a visitor is on, it displays the latest posts.

“Once these things are addressed, and blockers for theme builders get resolved, I expect we’ll see an explosion of good FSE themes being built,” he said.

Stathopoulos is most excited about the prospect of seeing more design standards come to core. Currently, there is no consistency between themes. Theme authors can use any markup they want. Switching themes affects a site’s structure, SEO, accessibility, speed, and many other things.

“My advice to theme developers who want to start tinkering would be to start with something simple,” he said. “It’s tempting to add extremely opinionated styles, for buttons for example, but more and more things get added every day to the editor like a border-radius setting for buttons. Theme authors should avoid the trap of designing an FSE theme having in mind what the editor currently does. Instead, theme authors should strive to build something having in mind a vision of what the editor will eventually become.”

The Future of Theme Reviews

Because Stathopoulos is a representative of the Themes Team, he also has some insight into the shift in the coming years for guidelines and what steps authors might need to take. While it is too early for the team to begin making decisions, its members are already thinking about forthcoming changes.

“Change is always difficult, especially when it’s for something this big,” said Stathopoulos. “It will be a bumpy ride, and it will take time. WordPress theming is a huge industry. For a while, ‘classic’ (for lack of a better word) themes will continue to be a viable solution for theme developers who didn’t have time to catch up. But not forever.”

Some may look back at previous major shifts and worry about what the future theme directory guidelines may ask. In 2015, the team required all theme options to use the customizer. This was after a three-year wait for theme authors to organically make the switch. Given that FSE will be a much larger departure from norms and dislike of the Gutenberg project from segments of the development community, it could be a rough transition.

“At some point, FSE themes will become the industry standard and what the users want,” said Stathopoulos. “Personally, I hope no one will want to upload a classic theme in the w.org repository in 2025 when the industry has moved on. It would be like uploading today a theme that is using tables and iframes for layouts.”

He said that sufficient time would be given for the eventual transition. However, the team will likely prioritize FSE-based themes. They are cognizant of how much of a shift this will be and will plan accordingly when the time comes.

WordPress.org has pushed out a forced security update for the Loginizer plugin, which is active on more than 1 million websites. The plugin offers brute force protection in its free version, along with other security features like two-factor auth, reCAPTCHA, and PasswordLess login in its commercial upgrade.

Last week security researcher Slavco Mihajloski discovered an unauthenticated SQL injection vulnerability, and an XSS vulnerability, that he disclosed to the plugin’s authors. Loginizer version 1.6.4 was released on October 16, 2020, with patches for the two issues, summarized on the plugin’s blog:

1) [Security Fix] : A properly crafted username used to login could lead to SQL injection. This has been fixed by using the prepare function in PHP which prepares the SQL query for safe execution.

2) [Security Fix] : If the IP HTTP header was modified to have a null byte it could lead to stored XSS. This has been fixed by properly sanitizing the IP HTTP header before using the same.

Loginizer did not disclose the vulnerability until today in order to give users the time to upgrade. Given the severity of the vulnerability, the plugins team at WordPress.org pushed out the security update to all sites running Loginizer on WordPress 3.7+.

In July, 2020, Loginizer was acquired by Softaculous, so the company was also able to automatically upgrade any WordPress installations with Loginizer that had been created using Softaculous. This effort, combined with the updates from WordPress.org, covered a large portion of Loginizer’s user base.

The automatic update took some of the plugin’s users by surprise, since they had not initiated it themselves and had not activated automatic updates for plugins. After several users posted on the plugin’s support forum, plugin team member Samuel Wood said that “WordPress.org has the ability to turn on auto-updates for security issues in plugins” and has used this capability many times.

Mihajloski published a more detailed proof-of-concept on his blog earlier today. He also highlighted some concerns regarding the systems WordPress has in place that allowed this kind of of severe vulnerability to slip through the cracks. He claims the issue could have easily been prevented by the plugin review team since the plugin wasn’t using the prepare function for safe execution of SQL queries. Mihajloski also recommended recurring code audits for plugins in the official directory.

“When a plugin gets into the repository, it must be reviewed, but when is it reviewed again?” Mihajloski said. “Everyone starts with 0 active installs, but what happens on 1k, 10k, 50k, 100k, 500k, 1mil+ active installs?”

Mihajloski was at puzzled how such a glaring security issue could remain in the plugin’s code so long, given that it is a security plugin with an active install count that is more than many well known CMS’s. The plugin also recently changed hands when it was acquired by Softaculus and had been audited by multiple security organizations, including WPSec and Dewhurst Security.

Mihajloski also recommends that WordPress improve the transparency around security, as some site owners and closed communities may not be comfortable with having their assets administered by unknown people at WordPress.org.

“WordPress.org in general is transparent, but there isn’t any statement or document about who, how and when decides about and performs automatic updates,” Mihajloski said. “It is kind of [like] holding all your eggs in one basket.

“I think those are the crucial points that WP.org should focus on and everything will came into place in a short time: complete WordPress tech documentation for security warnings, a guide for disclosure of the bugs (from researchers, but also from a vendor aspect), and recurring code audits for popular plugins.”

David Bisset interviews Joe Casabona, an independent creator and teacher, and discusses what it's like to be a creator as his job, plus some news topics.

Links

• W3C drops WordPress from consideration for its redesign
• W3c selects Craft and selection report
• Disabling full screen mode
• Creator Courses
• How I Built It recording notes
• Camo

Partner: Sandhills Development

Sandhills Development crafts ingenuity, developed with care:

• Easy Digital Downloads – Sell digital products with WordPress
• AffiliateWP – A full-featured affiliate marketing solution
• Sugar Calendar – WordPress event management made simple
• WP Simple Pay – A lightweight Stripe payments plugin

Recipe slide from the MakeStories WordPress plugin.

Earlier today, MakeStories launched version 2.0 of its plugin for creating Web Stories with WordPress. In many ways, this is a new plugin launch. The previous version simply allowed users to connect their WordPress installs to the MakeStories site. With the new version, users can build and edit their stories directly from the WordPress admin.

Version 2.0 of the plugin still requires an account and a connection with the MakeStories.io website. However, it is simple to set up. Users can log in without leaving their WordPress admin interface. This API connection means that user-created Stories are stored on the MakeStories servers. If an end-user wanted to jump platforms from WordPress to something else, this would allow them to take their Stories with them.

“One of the things we would like to assure is your content is still yours, and none of the user data is being consumed or analyzed by us,” said Pratik Ghela, the founder and product manager at MakeStories. “We only take enough data to help serve you better.”

The plugin is a competing solution to the official Web Stories plugin by Google. While the two share similarities in the final output (they are built to utilize the same front-end format for creating Stories on the web), they take different paths to get there.

The two share similarities on the backend too. However, MakeStories may be more polished in some areas. For example, it allows users to zoom in on the small canvas area. Having the ability to reorder slides from the grid view also feels more intuitive.

“The main unique selling proposition of our plugin is that it comes with a guarantee of the MakeStories team,” said Ghela. “We as a team have been building this for over two years, and we are proud to be one of the tools that has stood the test of time, and competition and is still growing at a very fast pace.”

The team also wants to make the Story-creating process faster, safer, and rewarding. The goal is to cater to designers, developers, and content creators. Ghela also feels like his team’s support turnaround time of a few hours will be the key to success and is a good reason for users to give this plugin a try before settling on something else.

“We feel that our goal is to see Web Stories flourish,” he said. “And we may have different types of users looking out for various options. So, the official plugin from Google and the one from MakeStories at least opens up the options for users to choose from. And we feel that the folks at Google are also building a great editor, and, at the end of the day, it’s up to the user to select what they feel is the best.

Technically, MakeStories is a SaaS (software as a service) product. Even though it is a free plugin, there will eventually be a commercial component to it. Currently, it is free at least until the first quarter of 2021, which may be extended based on various factors. There is no word on what pricing tiers may be available after that.

“There will always be a free tier, and we have always stood for it that your data belongs to you,” said Ghela. “In case you do not like the pricing, we will personally assist you to port out from using our editor and still keep the data and everything totally intact.”

Diving Into the Plugin

Story management screen.

MakeStories is a drag-and-drop editor for building Web Stories. It works and feels much like typical design editors like Gimp or Photoshop. It shares similarities with QuarkXPress or InDesign, for those familiar with page layout programs. In some ways, it feels a lot like a light-colored version of Google’s Web Stories plugin with more features and a slightly more intuitive interface.

The end goal is simple: create a Story through designing slides/pages that site visitors will click through as the narrative unfolds.

The plugin provides a plethora of shapes, textures, and animations. These features are easy to find and implement. It also includes free access to images, GIFs, and videos. These are made possible via API integrations with Unsplash, Tenor, and Pexels.

MakeStories includes access to 10 templates at the moment. However, what makes this feature stand out is that end-users can create and save custom templates for reuse down the road.

Editing a Story from a predesigned template.

One of the more interesting, almost hidden, features is the available text patterns. The plugin allows users to insert these patterns from a couple of dozen choices. This makes it easier to visualize a design without having to build everything from scratch.

Inserting a text pattern and adjusting its size.

While the editing process is a carefully-crafted experience that makes the plugin worth a look, it is the actual publishing aspect of the workflow that is a bit painful. Traditional publishing in WordPress means hitting the “publish” button to make content live. This is not the case with the MakeStories plugin. It takes you through a four-step process of entering various publisher details, setting up metadata and SEO, validating the Story content, and analytics. It is not that these steps are necessarily bad. For example, MakeStories lets you know when images are missing alt text, which is needed information screen readers. The problem is that it feels out of place to go through all of these details when I, as a user, simply want my content published. And, many of these details, such as the publisher (author), should be automatically filled in.

Updating a Story is not as simple as hitting an “update” button either. The system needs to run through some of the same steps too.

Ghela said the publishing process might be a bit tough but will prove fruitful in the end. The plugin takes care of the technical aspects of adding title tags, meta, and other data on the front end after the user fills in the form fields.

“We will definitely work on improving the flow as the community evolves and improve it a lot to be easier, faster, and, most importantly, still very customizable,” he said.

The MakeStories team has no plans of stopping at its current point on the roadmap. Ghela sounded excited about some of the upcoming additions they are planning, including features like teams, branding, easy template customization, polls, and quizzes.

On the Web Stories Format

UN report on COVID-19 and poverty published with MakeStories.

Many will ultimately hesitate to use any plugin that implements Web Stories given Google’s history of dropping projects. There is also a feeling that the format is a bit of a fad and will not stand the test of time.

“We greatly believe in AMP and Web Stories as a content format,” said Ghela. “We, as an agency, have been involved a lot in AMP and have done a lot of experiments with it, including a totally custom WooCommerce site in fully-native, valid AMP with support for variable products, subscriptions, and other functionalities.”

The company is all-in on the format and feels like it will be around for the long term, particularly if there is a good ecosystem around monetization.

“We think that the initial reactions are because there are not enough proven results and because we never imagined the story format to come to the web,” said Ghela. “There were definitely plugins that did this. Few folks tried to build stories using good ol’ HTML, CSS, and JavaScript. But, the performance and UX were not that great. On the other hand, the engineers at the AMP Team are making sure that everything is just perfect. The UX, load time, WCV Score, just everything.”

He feels that some of the early criticisms are unwarranted and that the web development community should give the format a try and provide feedback.

“The more data we all get, actually gives the AMP team a clear idea of what’s needed, and they can design the roadmap accordingly,” he said. “So, just giving out early reactions won’t help, but constructive criticism and getting back to the AMP team with what you are doing will.”

WordPress 5.6 Beta 1 is now available for testing!

This software is still in development, so we recommend that you run this version on a test site.

You can test the WordPress 5.6 beta in two ways:

• Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option).
• Or download the beta here (zip).

The current target for final release is December 8, 2020. This is just seven weeks away, so your help is needed to ensure this release is tested properly.

Improvements in the Editor

WordPress 5.6 includes seven Gutenberg plugin releases. Here are a few highlighted enhancements:

• Improved support for video positioning in cover blocks.
• Enhancements to Block Patterns including translatable strings.
• Character counts in the information panel, improved keyboard navigation, and other adjustments to help users find their way better.
• Improved UI for drag and drop functionality, as well as block movers.

To see all of the features for each release in detail check out the release posts: 8.6, 8.7, 8.8, 8.9, 9.0, 9.1, and 9.2 (link forthcoming).

Improvements in Core

A new default theme

The default theme is making its annual return with Twenty Twenty-One. This theme features a streamlined and elegant design, which aims to be AAA ready.

Auto-update option for major releases

The much anticipated opt-in for major releases of WordPress Core will ship in this release. With this functionality, you can elect to have major releases of the WordPress software update in the background with no additional fuss for your users.

Increased support for PHP 8

The next major version release of PHP, 8.0.0, is scheduled for release just a few days prior to WordPress 5.6. The WordPress project has a long history of being compatible with new versions of PHP as soon as possible, and this release is no different.

Because PHP 8 is a major version release, changes that break backward compatibility or compatibility for various APIs are allowed. Contributors have been hard at work fixing the known incompatibilities with PHP 8 in WordPress during the 5.6 release cycle.

While all of the detectable issues in WordPress can be fixed, you will need to verify that all of your plugins and themes are also compatible with PHP 8 prior to upgrading. Keep an eye on the Making WordPress Core blog in the coming weeks for more detailed information about what to look for.

Application Passwords for REST API Authentication

Since the REST API was merged into Core, only cookie & nonce based authentication has been available (without the use of a plugin). This authentication method can be a frustrating experience for developers, often limiting how applications can interact with protected endpoints.

With the introduction of Application Password in WordPress 5.6, gone is this frustration and the need to jump through hoops to re-authenticate when cookies expire. But don’t worry, cookie and nonce authentication will remain in WordPress as-is if you’re not ready to change.

Application Passwords are user specific, making it easy to grant or revoke access to specific users or applications (individually or wholesale). Because information like “Last Used” is logged, it’s also easy to track down inactive credentials or bad actors from unexpected locations.

Better accessibility

With every release, WordPress works hard to improve accessibility. Version 5.6 is no exception and will ship with a number of accessibility fixes and enhancements. Take a look:

• Announce block selection changes manually on windows.
• Avoid focusing the block selection button on each render.
• Avoid rendering the clipboard textarea inside the button
• Fix dropdown menu focus loss when using arrow keys with Safari and Voiceover
• Fix dragging multiple blocks downwards, which resulted in blocks inserted in wrong position.
• Fix incorrect aria description in the Block List View.
• Add arrow navigation in Preview menu.
• Prevent links from being focusable inside the Disabled component.

How You Can Help

Keep your eyes on the Make WordPress Core blog for 5.6-related developer notes in the coming weeks, breaking down these and other changes in greater detail.

So far, contributors have fixed 188 tickets in WordPress 5.6, including 82 new features and enhancements, and more bug fixes are on the way.

Do some testing!

Testing for bugs is an important part of polishing the release during the beta stage and a great way to contribute.

If you think you’ve found a bug, please post to the Alpha/Beta area in the support forums. We would love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac. That’s also where you can find a list of known bugs.

Props to @webcommsat, @yvettesonneveld, @estelaris, @cguntur, @desrosj, and @marybaum for editing/proof reading this post, and @davidbaumwald for final review.

Current block-based widgets admin screen design.

I was wrong. I assured our readers that “the block-based widget system will be ready for prime time when WordPress 5.6 lands” in my previous post on the new feature’s readiness. I also said that was on the condition of not trying to make it work with the customizer — that experience was still broken. However, the 5.6 team pulled the plug on block-based widgets for the second time this year.

One week ago, WordPress 5.6 release lead Josepha Haden seemed to agree that it would be ready. However, things can change quickly in a development cycle, and tough decisions have to be made with beta release deadlines.

This is not the first feature the team has punted to a future release. Two weeks ago, they dropped block-based nav menus from the 5.6 feature list. Both features were originally planned for WordPress 5.5.

A new Widgets admin screen has been under development since January 2019, which was not long after the initial launch of the block editor in WordPress 5.0. For now, the block-based widgets feature has been punted to WordPress 5.7. It has also been given the “early” tag, which means it should go into core WordPress soon after the 5.7 release cycle begins. This will give it more time to mature and more people an opportunity to test it.

Helen Hou-Sandì, the core tech lead for 5.6, provided a historical account of the decision and why it was not ready for inclusion in the new ticket:

My question for features that affect the front-end is “can I try out this new thing without the penalty of messing up my site?” — that is, user trust. At this current moment, given that widget areas are not displayed anything like what you see on your site without themes really putting effort into it and that you have to save your changes live without revisions to get an actual contextual view, widget area blocks do not allow you to try this new feature without penalizing you for experimenting.

She went on to say that the current experience is subpar at the moment. Problems related to the customizer experience, which I covered in detail over a month ago, were also mentioned.

“So, when we come back to this again, let’s keep sight of what it means to keep users feeling secure that they can get their site looking the way they want with WordPress, and not like they are having to work around what we’ve given them,” said Hou-Sandì.

This is a hopeful outlook despite the tough decision. Sometimes, these types of calls need to be made for the good of the project in the long term. Pushing back a feature to a future version for a better user experience can be better than launching early with a subpar experience.

“The good part of this is that now widgets can continue to be ‘re-imagined’ for 5.7, and get even more enhancements,” said lead WordPress developer Andrew Ozz in the ticket. “Not sure how many people have tested this for a bit longer but having blocks in the widgets areas (a.k.a. sidebars) opens up many new possibilities and makes a lot of the old, limited widgets obsolete. The ‘widget areas’ become something like ‘specialized posts with more dynamic content,’ letting users (and designers) do a lot of stuff that was either hard or impossible with the old widgets.”

After the letdown of seeing one of my most anticipated features of 5.6 being dropped, it is encouraging to see the positive outlook from community leaders on the project.

“You know, I was really hopeful for it too, and that last-minute call was one I labored over,” said Haden. “When I last looked, it did seem close to ready, but then more focused testing was done and there were some interactions that are a little rough for users. I’m grateful for that because the time to discover painful user experiences is before launch rather than after!”

Despite dropping its second major feature, WordPress 5.6 still has some big highlights that will be shipping in less than two months. The new Twenty Twenty-One theme looks to be a breath of fresh air and will explore block-related features not seen in previous default themes. Haden also pointed out auto-updates for major releases, application passwords support for the REST API, and accessibility improvements as features to look forward to.

WordPress 5.6 Beta 1 is expected to ship today.

Adding New Features To an Old Project

At times, it feels like the Gutenberg project has bitten off more than it can chew. Many of the big feature plans continually miss projections. Between full-site editing, global styles, widgets, nav menus, and much more, it is tough to get hyper-focused on one feature and have it ready to ship. On the other hand, too much focus one way can be to the detriment to other features in the long run. All of these pieces must eventually come together to create a more cohesive whole.

WordPress is also 17 years old. Any new feature could affect legacy features or code. The goal for block-based widgets is to transition an existing feature to work within a new system without breaking millions of websites in the process. Twenty-one months of work on a single feature shows that it is not an easy problem to solve.

“You are so right about complex engineering problems!” said Haden. “We are now at a point in the history of the project where connecting all of the pieces can have us facing unforeseen complications.”

The project also needs to think about how it can address some of the issues it has faced with not quite getting major features to completion. Is the team stretched too thin to focus on all the parts? Are there areas we can improve to push features forward?

“There will be a retrospective where we can identify what parts of our process can be improved in the future, but I also feel like setting stretch goals is good for any software project,” said Haden. “Many contributors have a sense of urgency around bringing the power of blocks to more spaces in WordPress, which I share, but when it’s time to ship, we have to balance that with our deep commitment to usability.”

One problem that has become increasingly obvious is that front-end editing has become tougher over the years. Currently, widgets and nav menus can be edited in two places in WordPress with wildly different interfaces. Full-site editing stands to add an entirely new interface to the mix.

“I think one of the problems that we’re trying to solve with Gutenberg has always been a more consistent experience for editing elements across the WordPress interface,” said Haden. “No user should have to learn five different workflows to make sure their page looks the way they imagined it when it’s published.”

In the meantime, which may be numbered in years, end-users will likely have these multiple interfaces to deal with — overlap while new features are being developed. This may simply be a necessary growing pain of an aging project, one that is trying to lead the pack of hungry competitors in the CMS space.

“There’s a lot of interest in reducing the number of workflows, and I’m hopeful that we can consolidate down to just one beautiful, intuitive interface,” said Haden.

Instagram’s checkout feature, which allows users to purchase products without leaving the app, has become an even more important part of Facebook’s long-term investment in e-commerce now that the pandemic has so heavily skewed consumer behavior towards online shopping. When Instagram introduced checkout in 2019, it reported that 130 million users were tapping to reveal product tags in shopping posts every month.

image credit: Instagram

Business owners who operate an existing store can extend their audience to Instagram by funneling orders from the social network into their own stores, without shoppers having to leave Instagram. Checkout supports integration with several e-commerce platform partners, including Shopify and BigCommerce, and will soon be available for WooCommerce merchants.

WooCommerce is testing a new Instagram Shopping Checkout feature for its Facebook for WooCommerce plugin. The free extension is used on more than 900,000 websites and will provide the bridge for store owners who want to tap into Instagram’s market. The checkout capabilities are currently in closed beta. Anyone interested to test the feature can sign up for consideration. Businesses registered in the USA that meet certain other requirements may be selected to participate, and the beta is also expanding to other regions soon.

WooCommerce currently supports shoppable posts, which are essentially products sourced from a product catalog created on Facebook that are then linked to the live store through an Instagram business account. Instagram’s checkout takes it one step further to provide a native checkout experience inside the app. Merchants pay no selling fees until December 31, 2020. After that time, the fee is 5% per shipment or a flat fee of $0.40 for shipments of $8.00 or less. 

On the customer side, shoppers only have to enter their information once and thereafter it is stored for future Instagram purchases. Instagram also pushes shipment and delivery notifications inside the app. Store owners will need to weigh whether the convenience of the in-app checkout experience is worth forking over 5% to Facebook, or if they prefer funneling users over to the live store instead.

Instagram Shopping Checkout is coming to WooCommerce in the near future but the company has not yet announced a launch date, as the feature is just now entering closed beta.

Mel Choyce-Dwan, the Default Theme Design Lead for WordPress 5.6, kick-started 10 tickets around two months ago that would bring new features to the old default WordPress themes. The proposal is to add unique block patterns, a feature added to WordPress 5.5, to all of the previous 10 Twenty* themes. It is a lofty goal that could breathe some new life into old work from the previous decade.

Currently, only the last four themes are marked for an update by the time WordPress 5.6 lands. Previous themes are on the list to receive their block patterns in a future release. For developers and designers interested in getting involved, the following is a list of the Trac tickets for each theme:

• Twenty Twenty – 5.6
• Twenty Nineteen – 5.6
• Twenty Seventeen – 5.6
• Twenty Sixteen – 5.6
• Twenty Fifteen – Future release
• Twenty Fourteen – Future release
• Twenty Thirteen – Future release
• Twenty Twelve – Future release
• Twenty Eleven – Future release
• Twenty Ten – Future release

If you are wondering where Twenty Eighteen is in that list, that theme does not actually exist. It is the one missing year the WordPress community has had since the one-default-theme-per-year era began with Twenty Ten. It is easy to forget that we did not get a new theme for the 2017-2018 season. With all that has happened in the world this year, we should count ourselves fortunate to see a new default theme land for WordPress this December. WordPress updates and its upcoming default theme are at least one consistency that we have had in an otherwise chaotic time.

More than anything, it is nice to see some work going toward older themes — not just in terms of bug fixes but feature updates. The older defaults are still a part of the face of WordPress. Twenty Twenty and Twenty Seventeen each have over one million active installs. Twenty Nineteen has over half a million. The other default themes also have significant user bases in the hundreds of thousands — still some of the most-used themes in the directory. We owe it to those themes’ users to keep them fresh, at least as long as they maintain such levels of popularity.

This is where the massive theme development community could pitch in. Do some testing of the existing patches. Write some code for missing patterns or introduce new ideas. This is the sort of low-hanging fruit that almost anyone could take some time to help with.

First Look at the New Patterns

None of the proposed patterns have landed in trunk, the development version of WordPress, yet. However, several people have created mockups or added patches that could be committed soon.

One of my favorite patterns to emerge thus far is from Beatriz Fialho for the Twenty Nineteen theme. Fialho has created many of the pattern designs proposed thus far, but this one, in particular, stands out the most. It is a simple two-column, two-row pattern with a circular image, heading, and paragraph for each section. Its simplicity fits in well with the more elegant, business-friendly look of the Twenty Nineteen theme.

Services pattern for Twenty Nineteen.

It is also fitting that Twenty Nineteen get a nice refresh with new patterns because it was the default theme to launch with the block editor. Ideally, it would continually be updated to showcase block-related features.

While many people will focus on some of the more recent default themes, perhaps the most interesting one is a bit more dated. Twenty Thirteen was meant to showcase the new post formats feature in WordPress 3.6. According to Joen Asmussen, the theme’s primary designer, the original idea was for users to compose a ribbon of alternating colors as each post varied its colors.

“The alternating ribbon of colors did not really come to pass because post formats were simply not used enough to create an interesting ribbon,” he wrote in the Twenty Thirteen ticket. “However, perhaps for block patterns, we have an opportunity to revisit those alternating ribbons of colors. In other words, I’d love to see those warm bold colors used in big swathes that take up the whole pattern background.”

Patterns designed to match post formats.

This could be a fun update for end-users who are still using that feature that shall not be named post formats.

There is a lot to like about many of the pattern mockups so far. I look forward to seeing what lands along with WordPress 5.6 and in future updates.

Establishing Pattern Category Standard

With the more recent Twenty Twenty-One theme’s block patterns and the new patterns being added to some of the older default themes, it looks like a specific pattern category naming scheme is starting to become a standard. Of the patches thus far, each is creating a new pattern category named after the theme itself.

This makes sense. Allowing users to find all of their theme’s patterns in one location means that they can differentiate between them and those from core or other plugins. Third-party theme authors should follow suit and stick with this convention for the same reason.

Developers can also define multiple categories for a single pattern. This allows theme authors to create a category that houses all of their patterns in one location. However, they can also split them into more appropriate context-specific categories for discoverability.

BuddyPress 7.0.0-beta1 is now available for testing!

Please note the plugin is still in development, so we recommend running this beta release on a testing site.

You can test BuddyPress 7.0.0-beta1 in 4 ways :

• Try the BP Beta Tester plugin.
• Download the beta here (zip file).
• Check out our SVN repository: svn co https://buddypress.svn.wordpress.org/trunk/
• Clone our read-only Git repository: git clone git://buddypress.git.wordpress.org/

The 7.0.0 stable release is slated to the beginning of December, and we’d love you to give us a hand to get there!

Please note BuddyPress 7.0.0 will require at least WordPress 4.9.

Testing for bugs is an important part of polishing the release during the beta stage and a great way to contribute. Here are some of the big changes and features to pay close attention to while testing (Check out this report on Trac for the full list).

New Administration screens to manage BuddyPress types

In BuddyPress 7.0.0 site administrators will be able to add, edit or delete Member & Group types using their WordPress Administration Screens just like they would do for Post tags.

Read this development note to learn more about it.

Let’s welcome 3 new BP Blocks into our Block Editor

• The Activity Embed block let authors embed an activity into their post or page.
• Use the BP Members block to select community users you want to feature into a post or a page.
• Enjoy the BP Groups block to pick the groups you want to highlight into a post or a page.

Get to know these new blocks reading this development note.

Improved support for WP CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installs, and much more, without using a web browser. In 7.0.0, you will be able to Enjoy new BuddyPress CLI commands to manage BuddyPress Group Meta, BuddyPress Activity Meta, activate or deactivate the BuddyPress signup feature and create BuddyPress specific testing code for plugins.

Discover more about it from this development note.

And so much more such as improvements to the BP REST API, our Template pack, images and iframes lazy loading support…

How You Can Help

Do you speak a language other than English? Help us translate BuddyPress into more than 100 languages!

If you think you’ve found a bug, you can post in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on BuddyPress Trac.

Web Stories dashboard screen in WordPress.

What comes as a surprise to few, Google has updated its content guidelines for its Web Stories format. For users of its recently-released Web Stories for WordPress plugin, they will want to follow the extended rules for their Stories to appear in the “richer experiences” across Google’s services. This includes the grid view on Search, Google Images, and Google Discover’s carousel.

Google released its Web Stories plugin in late September to the WordPress community. It is a drag-and-drop editor that allows end-users to create custom Stories from a custom screen in their WordPress admin.

The plugin does not directly link to Google’s content guidelines anywhere. For users who do not do a little digging, they may be caught unaware if their stories are not surfaced in various Google services.

On top of the Discover and Webmaster guidelines, Web Stories have six additional restrictions related to the following:

• Copyrighted content
• Text-heavy Web Stories
• Low-quality assets
• Lack of narrative
• Incomplete stories
• Overly commercial

While not using copyrighted content is one of those reasonably-obvious guidelines, the others could trip up some users. Because Stories are meant to represent bite-sized bits of information on each page, they may become ineligible if most pages have more than 180 words of text. Videos should also be limited to fewer than 60 seconds on each page.

Low-quality media could be a flag for Stories too. Google’s guidelines point toward “stretched out or pixelated” media that negatively impacts the reader’s experience. They do not offer any specific resolution guidelines, but this should mostly be a non-issue today. The opposite issue is far more likely — users uploading media that is too large and not optimized for viewing on the web.

The “lack of narrative” guideline is perhaps the vaguest, and it is unclear how Google will monitor or police narrative. However, the Stories format is about storytelling.

“Stories are the key here imo,” wrote Jamie Marsland, founder of Pootlepress, in a Twitter thread. “Now we have an open format to tell Stories, and we have an open platform (WordPress) where those Stories can be told easily.”

Google specifically states that Stories need a “binding theme or narrative structure” from one page to the next. Essentially, the company is telling users to use the format for the purpose it was created for. They also do not want users to create incomplete stories where readers must click a link to finish the Story or get information.

CNN’s Web Story on Remembering John Lennon.

Overly commercial Stories are frowned upon too. While Google will allow affiliate marketing links, they should be restricted to a minor part of the experience.

Closing his Twitter thread, Marsland seemed to hit the point. “I’ve seen some initial Google Web Stories where the platform is being used as a replacement for a brochure or website,” he wrote. “In my view that’s a huge missed opportunity. If I was advising brands I would say ‘Tell Stories’ this is a platform for Story Telling.”

If users of the plugin follow this advice, their Stories should surface on Google’s rich search experiences.

The big news in the world of e-commerce today is Stripe’s acquisition of Paystack, a Nigeria-based payments system that is widely used throughout African markets. The company, which became informally known as “the Stripe of Africa” picked up $8 million in Series A funding in 2018, led by Stripe, Y Combinator, and Tencent. Paystack has grown to power more than 60,000 businesses, including FedEx, UPS, MTN, the Lagos Internal Revenue Service, and AXA Mansar.

Stripe’s acquisition of the company is rumored to be more than $200M, a small price to pay for a foothold in emerging African markets. In the company’s announcement, Stripe noted that African online commerce is growing 21% year-over-year, 75% faster than the global average. Paystack dominates among payment systems, accounting for more than half of all online transactions in Nigeria.

“In just five years, Paystack has done what many companies could not achieve in decades,” Stripe EMEA business lead Matt Henderson said. “Their tech-first approach, values, and ambition greatly align with our own. This acquisition will give Paystack resources to develop new products, support more businesses and consolidate the hyper-fragmented African payments market.”

Long term, Stripe plans to embed Paystack’s capabilities in its Global Payments and Treasury Network (GPTN), the company’s programmable infrastructure for global money movement.

“Paystack merchants and partners can look forward to more payment channels, more tools, accelerated geographic expansion, and deeper integrations with global platforms,” Paystack CEO and co-founder Shola Akinlade said. He also assured customers that there’s no need to make any changes to their technical integrations, as Paystack will continue expanding and operating independently in Africa.

Paystack is used as a payment gateway for thousands of WordPress-powered stores through plugins for WooCommerce, Easy Digital Downloads, Paid Membership Pro, Give, Contact Form 7, and an assortment of booking plugins. The company has an official WordPress plugin, Payment Forms for Paystack, which is active on more than 6,000 sites, but most users come through the Paystack WooCommerce Payment Gateway (20,000+ active installations).

Stripe’s acquisition was a bit of positive news during what is currently a turbulent time in Nigeria, as citizens are actively engaged in peaceful protests to end police brutality. Paystack’s journey is an encouraging example of the flourishing Nigerian tech ecosystem and the possibilities available for smaller e-commerce companies that are solving problems and removing barriers for businesses in emerging markets.

Created by Donna Peplinskie, a Product Wrangler at Automattic, the Book Review Block plugin is nearly three years old. However, it only came to my attention during a recent excursion to find interesting block plugins.

The plugin does pretty much what it says on the cover. It is designed to review books. It generally has all the fields users might need to add to their reviews, such as a title, author, image, rating, and more. The interesting thing is that it can automatically fill in those details with a simple ISBN value. Plus, it supports Schema markup, which may help with SEO.

Rain or shine, sick or well, I read every day. I am currently a month and a half shy of a two-year reading streak. When the mood strikes, I even venture to write a book review. As much as I want to share interesting WordPress projects with the community, I sometimes have personal motives for testing and writing about plugins like Book Review Block. Anything that might help me or other avid readers share our thoughts on the world of literature with others is of interest.

Admittedly, I was excited as I plugged in the ISBN for Rhthym of War, the upcoming fourth book of my favorite fantasy series of all time, The Stormlight Archive. I merely needed to click the “Get Book Details” button.

Success! The plugin worked its magic and pulled in the necessary information. It had my favorite author’s name, the publisher, the upcoming release date, and the page count. It even had a long description, which I could trim down in the editor.

Default output of the Book Review block.

There was a little work to make this happen before the success. To automatically pull in the book details, end-users must have an API Key from Google. It took me around a minute to set that up and enter it into the field available in the block options sidebar. The great thing about the plugin is that it saves this key so that users do not have to enter each time they want to review a book.

Book Review Block a good starting point. It is straightforward and simple to use. It is not yet at a point where I would call it a great plugin. However, it could be.

Falling Short

The plugin’s Book Review block should be taking its cues from the core Media & Text block. When you get right down to it, the two are essentially doing the same thing visually. Both are blocks with an image and some content sitting next to each other.

The following is a list of items where it should be following core’s lead:

• No way to edit alt text (book title is automatically used).
• The image is always aligned left and the content to the right with no way to flip them.
• The media and content are not stackable on mobile views.
• Cannot adjust the size of the image or content columns.
• While inline rich-text controls are supported, users cannot add Heading, List, or Paragraph blocks to the content area and use their associated block options.

That is the shortlist that could offer some quick improvements to the user experience. Ultimately, the problems with the plugin essentially come down to not offering a way to customize the output.

One of the other consistent problems is that the book image the plugin loads is always a bit small. This seems to be more of an issue from the Google Books API than the plugin. Each time I tested a book, I opted to add a larger image — the plugin does allow you to replace the default.

The color settings are limited. The block only offers a background color option with no way to adjust the text color. A better option for plugin users is to wrap it in a Group block and adjust the background and text colors there.

Book Review block wrapped inside a Group block.

It would also be nice to have wide and full-alignment options, which is an often-overlooked featured from many block plugin authors.

Using the Media & Text Block to Recreate the Book Review Block

The Book Review Block plugin has a lot of potential, and I want to see it evolve by providing more flexibility to end-users. Because the Media & Text block is the closest core block to what the plugin offers, I decided to recreate a more visually-appealing design with it.

Book review section created with the Media & Text block.

I made some adjustments on the content side of things. I used the Heading block for the book title, a List block for the book metadata, and a Paragraph block for the description.

The Media & Text block also provided me the freedom to adjust the alignment, stack the image and content on mobile views, and tinker with the size of the image. Plus, it has that all-important field for customizing the image alt attribute.

The Media & Text block gave me much more design mileage.

However, there are limitations to the core block. It does not fully capture some of the features available via the Book Review block. The most obvious are the automatic book details via an ISBN and the Schema markup. Less obvious, there is no easy way to recreate the star rating — I used emoji stars — and long description text does not wrap under the image. To recreate that, you would have to opt to use a left-aligned image followed by content.

Overall, the Media & Text block gives me the ability to better style the output, which is what I am more interested in as a user. I want to put my unique spin on things. That is where the Book Review Plugin misfires. It is also the sort of thing that the plugin author can iterate on, offering more flexibility in the future.

This is where many block plugins go wrong, particularly when there is more than one or two bits of data users should enter. Blocks represent freedom in many ways. However, when plugin developers stick to a rigid structure, users can sometimes lose that sense of freedom that they would otherwise have with building their pages.

One of the best blocks, hands down, that preserves that freedom is from the Recipe Block plugin. It has structured inputs and fields. However, it allows freeform content for end-users to make it their own.

When block authors push beyond this rigidness, users win.

WooCommerce 4.6 was released today. The minor release dropped during WooSesh, a global, virtual conference dedicated to WooCommerce and e-commerce topics. It features the new home screen as the default for all stores. Previously, the screen was only the default on new stores. Existing store owners had to turn the feature on in the settings.

The updated home screen, originally introduced in version 4.3, helps store admins see activity across the site at a glance and includes an inbox, quick access to store management links, and an overview of stats on sales, orders, and visitors. This redesigned virtual command center arrives not a moment too soon, as anything that makes order management more efficient is a welcome improvement, due to the sheer volume of sales increases that store owners have seen over the past eight months.

In stark contrast to industries like hospitality and entertainment that have proven to be more vulnerable during the pandemic, e-commerce has seen explosive growth. During the State of the Woo address at WooSesh 2020, the WooCommerce team shared that e-commerce is currently estimated to be a $4 trillion market that will grow to $4.5 trillion by 2021. WooCommerce accounts for a sizable chunk of that market with an estimated total payment volume for 2020 projected to reach $20.6 billion, a 74% increase compared to 2019.

The WooCommerce community is on the forefront of that growth and is deeply invested in the products that are driving stores’ success. The WooCommerce team shared that 75% of people who build extensions also build and maintain stores for merchants, and 70% of those who build stores for merchants also build and maintain extensions or plugins. In 2021, they plan to invest heavily in unlocking more features in more countries and will make WooCommerce Payments the native payment method for the global platform.

A new report from eMarketer shows that US e-commerce growth has jumped 32.4%, accelerating the online shopping shift by nearly two years. Experts also predict the top 10 e-commerce players will swallow up more of US retail spending to account for 63.2% of all online sales this year, up from 57.9% in 2019.

The increase in e-commerce spending may not be entirely tied to the pandemic, as some experts believe this historic time will mark permanent changes in consumer spending habits. This is where independent stores, powered by WooCommerce and other technologies, have the opportunity to establish a strong reputation for themselves by providing quality products and reliable service, as well as by being more nimble in the face of pandemic-driven increases in volume.

Image credit: picjumbo.com on Pexels.

Starter content. It was a grand idea, one of those big dreams of WordPress. It was the new kid on the block in late 2016. Like the introduction of post formats in 2011, the developer community was all in for at least that particular release version. Then, it was on to the next new thing, with the feature dropping off the radar for all but the most ardent evangelists.

Some of us were burned over the years, living and dying by the progress of features that we wanted most.

Released in WordPress 4.7, starter content has since seemed to be going the way of post formats. After four years, only 141 themes in the WordPress theme directory support the feature. There has been no movement to push it beyond its initial implementation. And, it never really covered the things that theme authors wanted in the first place. It was a start. But, themers were ultimately left to their own devices, rolling custom solutions for something that never panned out — fully-featured demo and imported content. Four years is an eternity in the web development world, and there is no sense in waiting around to see if WordPress would push forward.

Until Helen Hou-Sandí published Revisiting Starter Content last week, most would have likely assumed the feature would be relegated to legacy code used by old-school fans of the feature and those theme authors who consider themselves completionists.

“Starter content in 4.7 was always meant to be a step one, not the end goal or even the resting point it’s become,” wrote Hou-Sandí. “There are still two major things that need to be done: themes should have a unified way of showing users how best to put that theme to use in both the individual site and broader preview contexts, and sites with existing content should also be able to take advantage of these sort of ‘ideal content’ definitions.”

Step two should have been this four-year-old accompanying ticket to allow users to import starter content into existing, non-fresh sites.

Since the initial feature dropped, the theme landscape has changed. Let’s face it. WordPress might simply not be able to compete with theme companies that are pushing the limits, creating experiences that users want at much swifter speeds.

Look at where the Brainstorm Force’s Starter Templates plugin for its Astra theme is now. Users can click a button and import a full suite of content-filled pages or even individual templates. And, the Astra theme is not alone in this. It has become an increasingly-common standard to offer some sort of onboarding to users. GoDaddy’s managed WordPress service fills a similar need on the hosting end.

Astra’s starter templates and content.

As WordPress use becomes more widespread, the more it needs a way to onboard users.

This essentially boils down to the question: how can I make it look like the demo?

Ah, the age-old question that theme authors have been trying to solve. Whether it has been limitations in the software or, perhaps, antiquated theme review guidelines related to demo and imported content, this has been a hurdle that has been tough to jump. But, some have sailed over it and moved on. While WordPress has seemingly been twiddling its thumbs for years, Brainstorm Force and other theme companies have solved this and continued to innovate.

This is not necessarily a bad thing. There are plenty of ideas to steal copy and pull into the core platform.

One of the other problems facing the WordPress starter content feature is that it is tied to the customizer. With the direction of the block system, it is easy to ask what the future holds. The customizer — originally named the theme customizer — was essentially a project to allow users to make front-end adjustments and watch those customizations happen in real time. However, new features like global styles and full-site editing are happening on their own admin screens. Most theme options will ultimately be relegated to global styles, custom templates, block styles, and block patterns. There may not be much left for the customizer to do.

Right now, there are too many places in WordPress to edit the front-end bits of a WordPress site. My hope is that all of these things are ultimately merged into one less-confusing interface. But, I digress…

Starter content should be rethought. Whoever takes the reins on this needs a fresh take that adopts modern methods from leading theme companies.

The ultimate goal should be to allow theme authors to create multiple sets of templates/content that end-users can preview and import. It should not be tied to whether it is a new site. Any site owner should be able to import content and have it automagically go live. It should also be extendable to allow themes to support page builders like Elementor, Beaver Builder, and many others.

This seems to be in line with Hou-Sandí’s thoughts. “For a future release, we should start exploring what it might look like to opt into importing starter content into existing sites, whether wholesale or piecewise,” she wrote. “Many of us who work in the WordPress development/consulting space tend not to ever deal in switching between public themes on our sites, but let’s not forget that’s a significant portion of our user audience and we want to continue to enable them to not just publish but also publish in a way that matches their vision.”

Let’s do it right this go-round, keep a broad vision, and provide an avenue for theme authors to adopt a standardized core WordPress method instead of having everyone build in-house solutions.

I haven’t even touched on the recent call to use starter content for WordPress.org theme previews. It will take more than ideas to excite many theme authors about the possibility. That ticket has sat for seven years with no progress, and most have had it on their wish list for much longer. It is an interesting proposal, one that has been tossed around in various team meetings for years.

Like so many other things, theme authors have either given up hope or moved onto doing their own thing. They need to be brought into the fold, not only as third parties who are building with core WordPress tools but as developers who are contributing to those features.