I hope you have updated your copy of WordPress by now.
If not, please log into your WordPress site and check that your current version is 3.5.1.
It has been out for a week or two now and although it is classified a ‘minor’ update, the list of inclusions is quite interesting, covering security and functionality.
It reminds me of the days when I used to use a proprietary content management system run by a small firm in Adelaide.
The firm’s coding team was so busy on day to day tasks, working with client installations, that they rarely had time to devote to security audits and feature development.
As users, we were trapped in their world (often, use of proprietary systems means you must use the owner’s hosting setup) paying a premium or licence fee for using their system, and suffering an often-outdated experience.
Contrast this against the worldwide community of geeks working on the WordPress project, all pushing hard to make a mark on the community.
In fact, becoming one of those coders is similar to becoming a samurai, insofar as dedication and discipline are concerned.
Here are a few insights and then some details on the update.
How to become a top WordPress coder
Every day, the WordPress program we know and love, is pushed, pulled, pricked and progressed, as a worldwide team of coders contribute their latest experiments and additions to what is known as the Nightly Build.
These updated versions are then tested and attacked by other coders and users until, finally, a number of new features or enhancements are officially released to us.
What makes these coders tick?
Well, according to an article by Jonathon Wold in Smashing Magazine entitled, How to become a top WordPress developer, he says to wannabes:
If you’re going to make it to the top, then you need to spend at least one hour each workday focused on reading and learning more about WordPress — outside of any development work. There are no shortcuts, and no other ways around it. Learning and mastering WordPress is going to take time. If you watch TV, cut it out — more than 90% of it isn’t good for you anyway. If you’re a gamer, sell your games or throw them away. Reaching the top takes commitment and sacrifice and the best place to start is with the things in life that aren’t doing you any good anyway.
By the way, that is pretty sound advice for excelling at anything, your business, social media marketing, coffee making, etc.
What made it into 3.5.1
If you have ever wondered why you need to update WordPress regularly, here is what went into version 3.5.1, recently released.
Overall, there were 37 bugs fixed, including:
- Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
- Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
- Networks: Suggest proper rewrite rules when creating a new network.
- Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
There were also some security issues, including::
- Server-side request forgery (SSRF) and remote port scanning via pingbacks. Fixed by the WordPress security team.
- Cross-site scripting (XSS) via shortcodes and post content. Discovered by Jon Cave of the WordPress security team.
- Cross-site scripting (XSS) in the external library Plupload. Plupload 1.5.5 was released to address this issue.
You don’t need to understand all of these items, or any of them. My hope is that this small taste helps answer the question ‘why’, and gives you a sense of satisfaction every time you see an update waiting to be applied. They are the most valuable few minutes you can invest in your business every few weeks.
If you are really curious, you can see the full log of the changes made for 3.5.1 at http://core.trac.wordpress.org/log/branches/3.5?rev=23341&stop_rev=23167.