Wordpress News

WordPress.org blog: People of WordPress: Abdullah Ramzan

Wordpress Planet - Fri, 09/06/2019 - 18:21

You’ve probably heard that WordPress is open-source software, and may know that it’s created and run by volunteers. WordPress enthusiasts share many examples of how WordPress changed people’s lives for the better. This monthly series shares some of those lesser-known, amazing stories.

Meet Abdullah Ramzan, from Lahore, Punjab, Pakistan.

Abdullah Ramzan was born and brought up in the under-developed city of ​Layyah​, which is situated in Southern Punjab, Pakistan and surrounded by desert and the river ​Sindh​.

He graduated from college in his home town and started using a computer in ​2010​ when he joined ​Government College University Faisalabad​. Abdullah’s introduction to WordPress happened while he was finishing the last semester of his degree. His final project was based in WordPress.

Ramzan’s late mother was the real hero in his life, helping him with his Kindergarten homework and seeing him off to school every day. 

Before her heart surgery, Ramzan visited her in the hospital ICU, where she hugged him and said: ​“Don’t worry, everything will be good.” Sadly, his mother died during her surgery. However, her influence on Ramzan’s life continues.

Start of Ramzan’s Career:

After graduation, Ramzan struggled to get his first job. He first joined PressTigers as a Software Engineer and met Khawaja Fahad Shakeel, his first mentor. Shakeel provided Ramzan with endless support. Something had always felt missing in his life, but he felt like he was on the right track for the first time in his life when he joined the WordPress community. 

Community – WordCamps and Meetups:

Although Ramzan had used WordPress since ​2015​, attending WordPress meetups and open source contributions turned out to be a game-changer for him. He learned a lot from the WordPress community and platform, and developed strong relationships with several individuals. One of them is Nidhi Jain​ from Udaipur India who he works with on WordPress development. The second is Jonathan Desrosiers​ who he continues to learn a lot from.

In addition, Usman Khalid, the lead organizer of WC Karachi, mentored Ramzan, helping him to develop his community skills. 

With the mentorship of these contributors, Ramzan is confident supporting local WordPress groups and helped to organize ​WordCamp Karachi​, where he spoke for the first time at an international level event. He believes that WordPress has contributed much to his personal identity. 

Abdullah Ramzan at WordCamp Karachi 2018 WordPress and the Future:

As a ​co-organizer of WordPress Meetup Lahore,​ he would love to involve more people in the community leadership team, to provide a platform for people to gather under one roof, to learn and share something with each other.

But he has loftier ambitions. Impressed by Walk to WordCamp Europe, Abdullah is seriously considering walking to WordCamp Asia. He also one day hopes for the opportunity to serve his country as a senator of Pakistan and intends to enter the next senate election.

Words of Encouragement

Abdullah Ramzan knows there is no shortcut to success. “You have to work hard to achieve your goals,” explained Ramzan. He still has much he wishes to accomplish and hopes to be remembered for his impact on the project.

Abdullah believes WordPress can never die as long as people don’t stop innovating to meet new demands. The beauty of WordPress is that it is made for everyone.

Ramzan encouraged, “If you seriously want to do something for yourself, do something for others first. Go for open source, you’ll surely learn how to code. You’ll learn how to work in a team. Join local meetups, meet with the folks: help them, learn from them, and share ideas.”

This post is based on an article originally published on HeroPress.com, a community initiative created by Topher DeRosia. HeroPress highlights people in the WordPress community who have overcome barriers and whose stories would otherwise go unheard.

Meet more WordPress community members over at HeroPress.com!

People of WordPress: Abdullah Ramzan

Wordpress News - Fri, 09/06/2019 - 18:21

You’ve probably heard that WordPress is open-source software, and may know that it’s created and run by volunteers. WordPress enthusiasts share many examples of how WordPress changed people’s lives for the better. This monthly series shares some of those lesser-known, amazing stories.

Meet Abdullah Ramzan, from Lahore, Punjab, Pakistan.

Abdullah Ramzan was born and brought up in the under-developed city of ​Layyah​, which is situated in Southern Punjab, Pakistan and surrounded by desert and the river ​Sindh​.

He graduated from college in his home town and started using a computer in ​2010​ when he joined ​Government College University Faisalabad​. Abdullah’s introduction to WordPress happened while he was finishing the last semester of his degree. His final project was based in WordPress.

Ramzan’s late mother was the real hero in his life, helping him with his Kindergarten homework and seeing him off to school every day. 

Before her heart surgery, Ramzan visited her in the hospital ICU, where she hugged him and said: ​“Don’t worry, everything will be good.” Sadly, his mother died during her surgery. However, her influence on Ramzan’s life continues.

Start of Ramzan’s Career:

After graduation, Ramzan struggled to get his first job. He first joined PressTigers as a Software Engineer and met Khawaja Fahad Shakeel, his first mentor. Shakeel provided Ramzan with endless support. Something had always felt missing in his life, but he felt like he was on the right track for the first time in his life when he joined the WordPress community. 

Community – WordCamps and Meetups:

Although Ramzan had used WordPress since ​2015​, attending WordPress meetups and open source contributions turned out to be a game-changer for him. He learned a lot from the WordPress community and platform, and developed strong relationships with several individuals. One of them is Nidhi Jain​ from Udaipur India who he works with on WordPress development. The second is Jonathan Desrosiers​ who he continues to learn a lot from.

In addition, Usman Khalid, the lead organizer of WC Karachi, mentored Ramzan, helping him to develop his community skills. 

With the mentorship of these contributors, Ramzan is confident supporting local WordPress groups and helped to organize ​WordCamp Karachi​, where he spoke for the first time at an international level event. He believes that WordPress has contributed much to his personal identity. 

Abdullah Ramzan at WordCamp Karachi 2018 WordPress and the Future:

As a ​co-organizer of WordPress Meetup Lahore,​ he would love to involve more people in the community leadership team, to provide a platform for people to gather under one roof, to learn and share something with each other.

But he has loftier ambitions. Impressed by Walk to WordCamp Europe, Abdullah is seriously considering walking to WordCamp Asia. He also one day hopes for the opportunity to serve his country as a senator of Pakistan and intends to enter the next senate election.

Words of Encouragement

Abdullah Ramzan knows there is no shortcut to success. “You have to work hard to achieve your goals,” explained Ramzan. He still has much he wishes to accomplish and hopes to be remembered for his impact on the project.

Abdullah believes WordPress can never die as long as people don’t stop innovating to meet new demands. The beauty of WordPress is that it is made for everyone.

Ramzan encouraged, “If you seriously want to do something for yourself, do something for others first. Go for open source, you’ll surely learn how to code. You’ll learn how to work in a team. Join local meetups, meet with the folks: help them, learn from them, and share ideas.”

This post is based on an article originally published on HeroPress.com, a community initiative created by Topher DeRosia. HeroPress highlights people in the WordPress community who have overcome barriers and whose stories would otherwise go unheard.

Meet more WordPress community members over at HeroPress.com!

Storybook

Drupal Themes - Fri, 09/06/2019 - 05:15

A starterkit theme using the Storybook style guide builder and the GraphQL Twig module to ease development and testing of components written with Twig.

WPTavern: WordSesh EMEA Schedule Published, Registration Opens September 9

Wordpress Planet - Thu, 09/05/2019 - 20:30

WordSesh EMEA, a 12-hour virtual conference designed for the WordPress community in the Middle East, Europe, and Africa, has published the full schedule for the upcoming event. The lineup includes speakers from the UK to Cape Town to Sri Lanka, and other parts of the wider world of WordPress. Approximately 8 of the 11 speakers selected are from the targeted regions for this event. The remaining three are located in the U.S.

WordSesh EMEA’s schedule features a healthy mix of topics, including multiple sessions on using Gatsby with WordPress, image optimization, webops, managing a business with mental illness, building SaaS apps with WordPress and Laravel, and Jetpack.

Muhammad Muhsin, a Sri Lanka-based React developer at rtCamp, will be presenting a session on using WordPress as a headless CMS with Gatsby. After Gatsby introduced themes, he started converting WordPress themes to Gatsby and experimenting with using WPGraphQL to get the content. He is also the lead developer for the GatsbyWPThemes.com project.

If you have ever heard the marketing term “digital experience platform” (DXP) and wondered what all the buzz is about, Karim Marucchi, CEO of Crowd Favorite, has a session titled “What’s All The Fuss About DXPs, and Why Should I Care?” He will explore a recent trend where enterprise clients are moving away from content management towards DXP’s that integrate online marketing tools.

Ahmad Bilal, a developer based in Pakistan and 2019 Google Summer of Code student, will be presenting a session on GitHub Actions and how to automatically deploy a plugin to WordPress.org when tagging a new version on GitHub.

WordSesh EMEA provides an opportunity for viewers in the Middle East, Europe, and Africa to see virtual conference sessions during regular daytime hours, but it also gives viewers in the Western hemisphere a chance to hear speakers who they may never meet at a local WordCamp. It is scheduled for Wednesday, September 25, 2019, from 7:00-19:00 UTC. A handy dropdown on the schedule allows viewers to select their own timezone for the schedule display. Sessions will be conducted in English for this first EMEA event and will also be live captioned.

WordSesh EMEA is free for all to attend online and registration for tickets will be open Monday, September 9.

WPTavern: Anders Norén to Design Twenty Twenty Default Theme, Shipping in WordPress 5.3

Wordpress Planet - Thu, 09/05/2019 - 19:24

WordPress 5.3’s release lead coordinators announced a new batch of focus leads during yesterday’s core dev chat.

Anders Norén, one of the most well-respected theme authors in the community and an early adopter of Gutenberg, will be leading the design of the upcoming Twenty Twenty default theme. He is working alongside team Theme Wrangler Ian Belanger, a developer who is currently sponsored by Bluehost as a core contributor. Carolina Nymark is also collaborating as a rep from the Theme Review team.

Reactions to the news were overwhelmingly positive. I have never seen the WordPress community more excited about a default theme. Those who have followed Norén’s work for a long time are hopeful that Twenty Twenty will be a theme they can actually use to build websites.

Will WordPress Repurpose the Chaplin Theme for Twenty Twenty or Start from Scratch?

Norén has released 20 free themes on WordPress.org with 2.85 million downloads and a cumulative rating of 4.98 out of 5 stars. Chaplin, his most recent release, is a beautiful example of the possibilities that the block editor opens up for users who want to design their own sites without having to search through dozens of panels of Customizer options. It provides the bones for an agency or business style theme but the block editor enables users to create advanced page layouts that would suit many different types of websites.

Chaplin would make a good candidate for WordPress’ next default theme, since it showcases the block editor as the main vehicle for editing the home page layout. Users can easily create unique customizations with different combinations of blocks that won’t look just like every other site using the same default theme.

Norén would not confirm whether WordPress will be re-purposing Chaplin for Twenty Twenty or if he will be starting from scratch, as the team is not ready to make the announcement yet. WordPress 5.3 is expected November 12, so the timeline may be somewhat constrained for creating an entirely new theme, but it’s not entirely outside the range of possibility.

“This is probably (yes, most definitely) the best thing that’s going to happen for WP + Gutenberg adoption since the 5.0 release,” Matt Medeiros commented on the news about Norén designing Twenty Twenty. “His Chaplin theme has been a joy to use and provoked me to embrace using Gutenberg with his theme.

“Right now, Gutenberg feels like an early version of iOS stuffed into a Blackberry Bold when you don’t get the right theme. I hope he can give us something as enjoyable as Chaplin.”

With WordPress 5.3 beta 1 expected September 23, an announcement with more details regarding Twenty Twenty’s design and scope should be available soon.

WordPress.org blog: WordPress 5.2.3 Security and Maintenance Release

Wordpress Planet - Thu, 09/05/2019 - 01:51

WordPress 5.2.3 is now available!

This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below.

These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade.

If you haven’t yet updated to 5.2, there are also updated versions of 5.0 and earlier that fix the bugs for you.

Security Updates
  • Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments. 
  • Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect. 
  • Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
  • Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.
  • Props to Ian Dunn of the Core Security Team for finding and disclosing a case where reflected cross-site scripting could be found in the dashboard.
  • Props to Soroush Dalili (@irsdl) from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.
  • In addition to the above changes, we are also updating jQuery on older versions of WordPress. This change was added in 5.2.1 and is now being brought to older versions. 

You can browse the full list of changes on Trac.

For more info, browse the full list of changes on Trac or check out the Version 5.2.3 documentation page.

WordPress 5.2.3 is a short-cycle maintenance release. The next major release will be version 5.3.

You can download WordPress 5.2.3 from the button at the top of this page, or visit your Dashboard → Updates and click Update Now.

If you have sites that support automatic background updates, they’ve already started the update process.

Thanks and props!

This release brings together contributions from more than 62 other people. Thank you to everyone who made this release possible!

Adam SilversteinAlex ConchaAlex GollerAndrea FerciaAndrew DuthieAndrew OzzAndy Fragen, Ashish ShuklaAslam Shekhbackermann1978Catalin DogaruChetan PrajapatiChris ApreaChristoph Herrdan@micamedia.comDaniel LlewellyndonmhicoElla van DurpeepiquerasFencer04flaviozavanGarrett HyderGary Pendergastgqevu6bsizHardik ThakkarIan BelangerIan DunnJake SpurlockJb AudrasJeffrey PauljikamensJohn BlackbournJonathan Desrosiers, Jorge Costa, karlgrovesKjell ReigstadlaurelfulfordMaje Media LLCMartin SpatovaliyskiMary BaumMonika RaoMukesh Panchalnayana123Ned ZimmermanNick Daugherty, Nilambar SharmanmenescardiPaul Vincent BeigangPedro MendonçaPeter WilsonSergey BiryukovSergey PredvoditelevSharaz ShahidStanimir StoyanovStefano MinoiaTammie ListertellthemachinestmatsuurVaishali PanchalvortfuWill West, and yarnboy.

WordPress 5.2.3 Security and Maintenance Release

Wordpress News - Thu, 09/05/2019 - 01:51

WordPress 5.2.3 is now available!

This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below.

These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade.

If you haven’t yet updated to 5.2, there are also updated versions of 5.0 and earlier that fix the bugs for you.

Security Updates
  • Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments. 
  • Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect. 
  • Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
  • Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.
  • Props to Ian Dunn of the Core Security Team for finding and disclosing a case where reflected cross-site scripting could be found in the dashboard.
  • Props to Soroush Dalili (@irsdl) from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.
  • In addition to the above changes, we are also updating jQuery on older versions of WordPress. This change was added in 5.2.1 and is now being brought to older versions. 

You can browse the full list of changes on Trac.

For more info, browse the full list of changes on Trac or check out the Version 5.2.3 documentation page.

WordPress 5.2.3 is a short-cycle maintenance release. The next major release will be version 5.3.

You can download WordPress 5.2.3 from the button at the top of this page, or visit your Dashboard → Updates and click Update Now.

If you have sites that support automatic background updates, they’ve already started the update process.

Thanks and props!

This release brings together contributions from more than 62 other people. Thank you to everyone who made this release possible!

Adam SilversteinAlex ConchaAlex GollerAndrea FerciaAndrew DuthieAndrew OzzAndy Fragen, Ashish ShuklaAslam Shekhbackermann1978Catalin DogaruChetan PrajapatiChris ApreaChristoph Herrdan@micamedia.comDaniel LlewellyndonmhicoElla van DurpeepiquerasFencer04flaviozavanGarrett HyderGary Pendergastgqevu6bsizHardik ThakkarIan BelangerIan DunnJake SpurlockJb AudrasJeffrey PauljikamensJohn BlackbournJonathan Desrosiers, Jorge Costa, karlgrovesKjell ReigstadlaurelfulfordMaje Media LLCMartin SpatovaliyskiMary BaumMonika RaoMukesh Panchalnayana123Ned ZimmermanNick Daugherty, Nilambar SharmanmenescardiPaul Vincent BeigangPedro MendonçaPeter WilsonSergey BiryukovSergey PredvoditelevSharaz ShahidStanimir StoyanovStefano MinoiaTammie ListertellthemachinestmatsuurVaishali PanchalvortfuWill West, and yarnboy.

WPTavern: WordPress Governance Project Looks for New Leadership

Wordpress Planet - Wed, 09/04/2019 - 22:28

The WordPress Governance project is looking for new leadership after its current leaders, Rachel Cherry and Morten Rand-Hendriksen, announced that they will be stepping down. Weekly meetings have been canceled until the organization selects new leadership.

After its introduction at WordCamp Europe 2018, the project went through what its leadership believed were the appropriate channels for launching it through the Community group but it was flagged as unsanctioned by WordPress leadership shortly before the first meeting and denied access to the Make blog and Slack workspace. Despite initial setbacks, the group has been meeting regularly throughout 2019 on its own website and Slack instance.

“I need to step down from my leadership role in this project,” Cherry said in a recent meeting. “I’m not stepping away for good, but this project is too important and I don’t have the bandwidth needed to keep it moving forward in the manner it deserves.”

She said the team is looking for two co-chairs who will help lead WordPress Governance going forward. Responsibilities include managing the overall vision and planning, as well as managing meetings and delegating assignments in support of the vision. Cherry said the duties list is intentionally “slim and vague,” as the leadership team doesn’t want the new leaders to feel they have to keep doing what has been done in the past.

“The Governance Project was always meant to be a community project meaning we want the community to take ownership of it,” Rand-Hendriksen said in his farewell announcement. “This is the first step: We’ve established the project and set some parameters. Now it’s time for the community to move beyond our intentionally vague vision and make it into what the community wants and needs. New internal governance in the form of co-chairs from the actual community is a key step in this direction.”

Governance Project Aims to Bring Clarity to WordPress’ Organizational Structure and Decision Making Process

In a recent post titled “What is governance and why does it matter,” Cherry said that the project “made a crucial error” in not clearly setting clear expectations at the beginning:

This lack of clarity, combined with a growing undercurrent of unrest in the WordPress community, led some to label the project a revolt, a revolution, even a coup.

That’s unfortunate and has done governance, and our project, a disservice. I feel it’s incumbent upon myself and Morten to set the record straight so we are able to move forward as a community.

Cherry identified two recent controversial issues within the WordPress project with debates that highlight a lack of established policy, including auto-updating old versions of WordPress and questions about conflicts of interest.

On both of these matters members of the governance project have chimed in on the Make/WordPress posts to urge decision makers to establish policies that will guide future decisions and to be more transparent about who is making the decisions.

Rand-Hendriksen asked questions about how and where the decision will be made regarding auto-updating old versions of WordPress, who holds responsibility for the final decision, and how people without decision-making power will be represented. His questions went unanswered.

“The WordPress project already has some governance, but much of it remains ad-hoc, opaque, and often inscrutable,” Cherry said. She identified three key areas where the WordPress Governance project seeks to introduce clarity and transparency: organizational structure, day-to-day processes, and how decisions are made.

The group is also actively working on researching and drafting policies around a variety of topics, including the following:

  • Community Code of Conduct
  • Diversity and Inclusion Policy
  • Code of Ethics
  • Privacy Policy
  • Conflict of Interest Policy
  • Accessibility Policy

It is not clear whether these policies would then be submitted to WordPress’ community team for consideration, as the group has not yet attempted to propose a finished document.

“Considering there’s no clear process for proposing and ratifying these types of policies, the goal of these efforts are to create a starting point for future official discussions within the WordPress project,” Cherry said.

The Challenge of Defining Governance in a BDFL-led Open Source Project

In the past, WordPress has navigated controversial issues in its own way. While the project has handbooks that offer guidelines, its leadership has never really been in the business of piling up policies to act on in anticipation of of future conflicts. The Governance project seems to have a good deal of both active and passive supporters. Regardless, when it was officially branded as unsanctioned, it was clear that WordPress’ leadership was not actively looking to amend its organizational structure or decision-making process through the Governance project’s particular approach.

Cherry’s post clearly states that the project is not aiming to overthrow Matt Mullenweg as WordPress’ Benevolent Dictator for Life (BDFL).

“Governance and Matt Mullenweg leading the WordPress project are not mutually exclusive,” Cherry said.

“The goal of the WordPress Governance Project isn’t to change how Matt is involved, but to more clearly define how the project is managed, and how he and others fit into the process.”

The BDFL governance model has traditionally operated with leaders acting more as a “community-approved arbitrator,” who often “let things work themselves out through discussion and experimentation whenever possible,” as Karl Fogel describes in Producing Open Source Software. Historically, WordPress’ particular expression of BDFL leadership has loosely followed this design.

In her February 2019 newsletter, Nadia Eghbal, a researcher who specializes in open source infrastructure, shared some informal thoughts about governance, particularly in relationship to BDFL-led projects:

A friend of mine has very good taste in music, but I couldn’t tell you what he listens to. I couldn’t name a single artist he plays, or where one song begins or ends. His view is that “the best kind of music is where nobody notices it’s playing”. In his ideal world, music shapes ambiance as a background process.

Similarly, despite all our talk about governance design, I keep coming back to the idea that the best kind of governance is where nobody can tell it’s there.

Eghbal describes the relationship between the “government” and “the governed” as fragile and symbiotic and that “having power can be just as vulnerable [as disenfranchisement], an act of cupping water in your hands, rather than closing your fist over it.” Maintaining a BDFL leadership role requires diplomacy and a broad awareness of the project’s needs. Eghbal surmises that contributors support a leader in this position because of the character the leader has demonstrated:

In open source, there’s this concept of a “benevolent dictator for life”: a developer, usually the author, who runs the project and whose authority is not challenged. This phrase is often interpreted as “You’re the dictator, but at least you’re nice about it”. But I think there’s a hidden causal relationship that gets missed. It’s not that you’re a dictator who’s decided to be benevolent. Rather: because you are benevolent, you get to be dictator for life.

This idea echoes Fogel’s summary of the qualities of a good BDF. The forkability of any open source project serves to keep BDFL powers in check:

It is common for the benevolent dictator to be a founder of the project, but this is more a correlation than a cause. The sorts of qualities that make one able to successfully start a project — technical competence, ability to persuade other people to join, and so on — are exactly the qualities any BD would need.

In reviewing the 16-year history of WordPress’ leadership structure on a Post Status podcast episode earlier this year, Matt Mullenweg described different experiments the project has explored, including a “lead developers consensus” approach and having the release lead as the final decision maker for the software. In recent years he has returned to a more overt BDFL model but said, “I don’t see that as the forever structure.”

In attempting to clarify WordPress’ organizational structure and decision making model, the independent Governance project will need to be sensitive to the possibility that this ability to improvise and evolve the project’s leadership structures may have been one of the key factors in its continued growth and long-term ability to thrive.

The new leaders who replace Cherry and Rand-Hendriksen will have a formidable challenge ahead of them in carving out a path for the organization to have a meaningful impact on WordPress, despite not being designated as an official project. As it stands, the leaders face an uphill climb in moving the project from an unofficial working group to one that can effectively draft policies that WordPress will readily adopt.

WPTavern: WordPress 5.3 to Use Robots Meta Tag to Better Discourage Search Engines from Listing Sites

Wordpress Planet - Wed, 09/04/2019 - 03:19

WordPress is changing the method it uses to prevent search engines from indexing sites. Previously, if a user checked the “Discourage search engines from indexing this site” option in a site’s Settings > Reading screen, WordPress would add Disallow: / to the robots.txt file. This would prevent crawling but did not always prevent sites from showing up in search results.

As of 5.3, WordPress will drop the robots.txt method in favor of adding an updated robots meta tag to prevent the site from being listed in search engines: <meta name='robots' content='noindex,nofollow' />. The meta tag offers a more reliable way of preventing indexing and subsequent crawling.

When checking the setting to discourage search engines from indexing a site, users are often looking for a way to hide their sites, but the setting does not always work as they expected. Jono Alderson summarized the problem and the proposed solution in a comment on the trac ticket that brought about the changes:

The Reading setting infers that it’s intended to prevent search engines from indexing the content, rather than from crawling it. However, the presence of the robots disallow rule prevents search engines from ever discovering the noindex directive, and thus they may index ‘fragments’ (where the page is indexed without content).

2) Google recently announced that they’re making efforts to prevent fragment indexing. However, until this exists (and I’m not sure it will; it’s still a necessary/correct solution sometimes), we should solve for current behaviors. Let’s remove the robots.txt disallow rule, and allow Google (and others) to crawl the site.

In the dev note announcing the change, Peter Wilson recommends that developers wanting to exclude development sites from being indexed by search engines should include the HTTP Header X-Robots-Tag: noindex, nofollow when serving all assets for the site, including images, PDFs, video, and other assets.

WPTavern: Toolbelt: A New Jetpack-Inspired Plugin with a Focus on Speed and Privacy

Wordpress Planet - Tue, 09/03/2019 - 20:13

WordPress theme and plugin developer Ben Gillbanks is building a Jetpack alternative with an emphasis on speed, simplicity, and privacy. Toolbelt is a new, lightweight plugin that offers a collection of functionality that is commonly-used on WordPress sites. Currently available modules include features like breadcrumbs, browser native lazy loading, a Portfolio custom post type, related posts with images, responsive video, static social sharing, and more.

Gillbanks runs Pro Theme Design, a commercial WordPress theme shop, and has sold themes on WordPress.com for the past seven years. He likes the idea of Jetpack and all of his commercial themes support it, but a desire to deliver more performant and sustainable sites drove him to create Toolbelt. He’s working on a new free theme called Jarvis that will be released on WordPress.org with full Toolbelt compatibility.

“With my new theme I wanted to make something that was fast, private, and accessible. Inspired by people like Jack Lenox with Susty (and his talk at WordCamp Europe), I wanted to make something more sustainable. In testing my theme on my personal site I found that Jetpack was slowing it down. So I started rebuilding the features I wanted to use as an optimized plugin.”

Toolbelt currently includes more than a dozen modules, offered in a format similar to Jetpack but with a dramatically stripped down management interface in the admin. All modules are disabled by default so users can turn on only the ones they need.

The settings page includes a column that transparently displays the page impact for several of the modules, as high performance is one of Gillbanks’ chief goals for the plugin.

“I had been testing my theme on a dev server and it was getting a score of 99 or 100 – but when I added it to my personal site the score dropped,” he said. “It took me a while to realize the problem was Jetpack, and once I had disabled Jetpack my score went up to 99 or 100 again. So now, each time I add a feature, I test the site to make sure I am maintaining the performance I am testing my site, with each feature and – hopefully – keeping the score nice and high.”

Although Toolbelt borrows a lot of code from both Jetpack and the Machete plugin, Gillbanks made some deliberate choices in favor of performance when loading the code for the modules:

  • Doesn’t use jQuery or any other javascript framework. All javascript is vanilla js, and minified.
  • Minifies all assets (JS and CSS)
  • Loads all assets inline. They are already small, and loading them directly on the page means there are no server requests.
  • Only loads things when they are needed. JS and CSS are only loaded for activated modules.
  • No options. There’s only one database option, and that’s an array that stores what modules are active.
  • Uses the minimum code possible. Minimum Javascript and PHP. Less code means more speed, and fewer bugs.
Toolbelt’s Approach to Privacy: No Phoning Out, No User Tracking

Privacy is one of the most important aspects of the plugin for Gillbanks, who is English and has to deal with GDPR and EU cookie laws. Toolbelt does not phone out for any of its features, nor does the plugin share data with third parties or use standard social sharing JavaScripts. It also does not track usage or add any comments to the site’s HTML.

“One of the downsides of Jetpack is that it relies on the wordpress.com servers, including hosting images and content on their site,” Gillbanks said. “Things like Related Posts sync the blog post data to their servers so it can be searched and filtered.”

The privacy choices built into Toolbelt may limit Gillbanks’ ability to reproduce certain features that rely on third-party servers, such as visitor stats, downtime monitoring, and image CDN.

“I’m not sure if I’ll add these features, or partner with privacy focused third party services,” Gillbanks said. “I must admit I’d really like to add the stats so I’m hoping I can find someone to work with.”

Toolbelt is heavily inspired by Jetpack but Gillbanks said he doesn’t plan to rebuild all of its features. He is starting with the easier ones and focusing on the ones he wants to use. He also doesn’t have plans to monetize it anytime soon.

“I’m open to adding premium features in the future, but if I do I won’t start charging for anything that is currently free,” he said. “For the time being I just want to keep adding more modules and making something that I find useful.”

Gillbanks is currently working on improving Toolbelt’s cookie consent bar to build a method for having it allow an ‘accept’ and ‘decline’ option, so that tracking is only enabled when users press the accept button. This assists those who want to follow GDPR guidelines more strictly. The current implementation automatically links to the site’s privacy policy page if the user has it setup in their site settings.

Toolbelt doesn’t have any settings, besides what modules are active on the site, but Gillbanks has created a collection of actions and filters that allow developers to customize things for clients/ themes. The documentation is available on GitHub, where users can also submit issues and feature requests.

WordPress.org blog: The Month in WordPress: August 2019

Wordpress Planet - Mon, 09/02/2019 - 10:00

This has been a particularly busy month, with a number of interesting and ambitious proposals for the WordPress project along with active progress across the entire community.

Core Development and Schedule

The upcoming minor release of WordPress, v5.2.3, is currently in the release candidate phase and available for testing.

Following that, the next major release is v5.3 and the Core team has laid out a schedule and scope for development. In addition, a bug scrub schedule and an accessibility-focused schedule have been set out to provide dedicated times for contributors to work on ironing out the bugs in the release.

Want to get involved in building WordPress Core? Follow the Core team blog, and join the #core channel in the Making WordPress Slack group.

Proposal for User Privacy Improvements

The Core Privacy Team has proposed a feature plugin to build a consent and logging mechanism for user privacy. This project will focus on improving the user privacy controls in WordPress Core in order to protect site owners and users alike.

The proposal includes some useful information about building effective controls for users, how other projects have worked on similar efforts, and what kind of time and resources the project will need in order to be developed.

Want to get involved in this feature project? Follow the Core team blog, and join the #core-privacy channel in the Making WordPress Slack group where there are open office hours every Wednesday at 19:00 UTC.

Core Notification System Proposal

A proposal has been made for a new feature project to build a robust notification system for WordPress Core. The aim of the project is to build a system to handle notifications for site owners that can be extended by plugin and theme developers.

This proposal comes on the back of a Trac ticket opened 18 months ago. With weekly meetings to discuss the project, the team behind WP Notify are in the planning phase while they establish exactly how to develop the feature.

Want to get involved in this feature project? Follow the Core team blog, and join the #core channel in the Making WordPress Slack group – meetings for this project happen every Monday at 14:00 and 22:00 UTC.

Local WordPress Development Environment

Members of the Core Team have put together a local development environment for WordPress that runs on Docker. This environment provides an easy way for developers to get involved with WordPress core development. 

The work on this was inspired by the environment used for local Gutenberg development, which has since been improved based on the new work that has been done here.

The announcement post explains how to use the Docker environment. If you have any feedback or bug reports, please comment on the post directly.

Updates for Older Versions of WordPress

On July 30, the Security Team shared that security updates need to undergo the same testing and release process for every major version of WordPress. This means they have to provide long-term support for over fifteen major versions of WordPress. This requires a lot of time and effort, and the team has sought feedback on potential solutions for this challenge

Following this discussion, a proposal was made to auto-update old versions of WordPress to v4.7. This proposal garnered many responses and has since been updated to incorporate feedback from comments. The current recommendation is to secure the six latest versions and to eventually auto-update all older versions of WordPress to 4.7. Since this proposal was made, it has been discussed at Hosting Team meetings and Dev Chat meetings, and the conversation is still ongoing.

Want to provide feedback on this proposal? Comment on the original post with your thoughts.

Further Reading:

Have a story that we should include in the next “Month in WordPress” post? Please submit it here.

The Month in WordPress: August 2019

Wordpress News - Mon, 09/02/2019 - 10:00

This has been a particularly busy month, with a number of interesting and ambitious proposals for the WordPress project along with active progress across the entire community.

Core Development and Schedule

The upcoming minor release of WordPress, v5.2.3, is currently in the release candidate phase and available for testing.

Following that, the next major release is v5.3 and the Core team has laid out a schedule and scope for development. In addition, a bug scrub schedule and an accessibility-focused schedule have been set out to provide dedicated times for contributors to work on ironing out the bugs in the release.

Want to get involved in building WordPress Core? Follow the Core team blog, and join the #core channel in the Making WordPress Slack group.

Proposal for User Privacy Improvements

The Core Privacy Team has proposed a feature plugin to build a consent and logging mechanism for user privacy. This project will focus on improving the user privacy controls in WordPress Core in order to protect site owners and users alike.

The proposal includes some useful information about building effective controls for users, how other projects have worked on similar efforts, and what kind of time and resources the project will need in order to be developed.

Want to get involved in this feature project? Follow the Core team blog, and join the #core-privacy channel in the Making WordPress Slack group where there are open office hours every Wednesday at 19:00 UTC.

Core Notification System Proposal

A proposal has been made for a new feature project to build a robust notification system for WordPress Core. The aim of the project is to build a system to handle notifications for site owners that can be extended by plugin and theme developers.

This proposal comes on the back of a Trac ticket opened 18 months ago. With weekly meetings to discuss the project, the team behind WP Notify are in the planning phase while they establish exactly how to develop the feature.

Want to get involved in this feature project? Follow the Core team blog, and join the #core channel in the Making WordPress Slack group – meetings for this project happen every Monday at 14:00 and 22:00 UTC.

Local WordPress Development Environment

Members of the Core Team have put together a local development environment for WordPress that runs on Docker. This environment provides an easy way for developers to get involved with WordPress core development. 

The work on this was inspired by the environment used for local Gutenberg development, which has since been improved based on the new work that has been done here.

The announcement post explains how to use the Docker environment. If you have any feedback or bug reports, please comment on the post directly.

Updates for Older Versions of WordPress

On July 30, the Security Team shared that security updates need to undergo the same testing and release process for every major version of WordPress. This means they have to provide long-term support for over fifteen major versions of WordPress. This requires a lot of time and effort, and the team has sought feedback on potential solutions for this challenge

Following this discussion, a proposal was made to auto-update old versions of WordPress to v4.7. This proposal garnered many responses and has since been updated to incorporate feedback from comments. The current recommendation is to secure the six latest versions and to eventually auto-update all older versions of WordPress to 4.7. Since this proposal was made, it has been discussed at Hosting Team meetings and Dev Chat meetings, and the conversation is still ongoing.

Want to provide feedback on this proposal? Comment on the original post with your thoughts.

Further Reading:

Have a story that we should include in the next “Month in WordPress” post? Please submit it here.

WPTavern: NetNewsWire 5.0 RSS Reader Rebuilt from Scratch, Now Free and Open Source

Wordpress Planet - Sat, 08/31/2019 - 03:10

NetNewsWire 5.0 was released this week as a completely rebuilt, free and open source Mac app. Back in its earlier days, the 17-year old RSS reader was widely regarded as the best available. Since its creation, the app has changed hands multiple times through two acquisitions, finally landing back home with its creator, Brent Simmons, in August 2018.

NetNewsWire 5.0 retains much of its original character while incorporating modern features like JSON Feed support, Dark Mode, a “Today” smart feed, syncing via Feedbin, starred articles, and more. It is a brand new app that doesn’t use any code from previous versions. Users who are updating from older commercial versions can export OPML from the old app and import it into the NetNewsWire 5.0 app.

Notably lacking from the app is the ability to sync data across devices. Right now this is only possible if users hook up Feedbin. Simmons said he is working with contributors on an iOS version of the app.

Although it may not yet have as many features as some of its contemporaries, NetNewsWire’s return was celebrated by those who are hopeful that RSS can be one of the key technologies for unshackling web users from social media silos. NetNewsWire is back in support of this mission, which is highlighted on the app’s homepage:

We support the open web. The big social networking sites are damaging society and eroding democracy — and we believe one of the ways out of this is to get our news via the open web rather than from Twitter and Facebook.

NetNewsWire is part of repairing the web we lost, and it’s part of building the web we want. That future web should not include viral hate speech, abuse, massive corporate surveillance, or successful influence operations by hostile governments and entities opposed to democracy.

NetNewsWire is no longer owned or sponsored by any corporation. In fact, the app’s GitHub repo has a support document that says: “First thing: don’t send money. This app is written for love, not money.” It outlines the project’s values:

NetNewsWire is all about three things:

The open web
High-quality open source Mac and iOS apps
The community that loves both of the above

In contrast to recent experiments and conversations around sustaining open source infrastructure, NetNewsWire’s approach gives the project the creative freedom to take risks and ship software at their own pace.

When one commenter asked on Twitter about NetNewsWire’s business model, Ruby on Rails creator David Heinemeier Hansson commented in defense of the project’s lack of a plan for making a profit.

“Not everything needs a business model,” Hansson said. “Writing open source software for fun, for the intellectual challenge, for the expression of creativity, are valid reasons. Same too goes for writing and sharing. Filtering everything through WHERE’S THE MONEY is a disease of the soul.

“An open source RSS reader that does not operate a service does not need a business model. An individual publisher paying a pittance to host a blog with RSS does not need a business model.”

If you’re looking for a new RSS reader to aggregate your news in a more calm environment than Twitter or Facebook can provide, NetNewsWire is a strong open source option with an exciting future ahead. Few apps have this kind of longevity, and it will be interesting to see how it evolves as an open source Mac app. As of version 5.0, it’s still fairly minimalist in terms of features but has a lot of momentum and a passionate community behind it, which in this case has proven more valuable towards ensuring its future.

WPTavern: StandardJS Ends Controversial Funding Experiment

Wordpress Planet - Fri, 08/30/2019 - 16:02

Feross Aboukhadijeh, maintainer of StandardJS, has formally ended the funding experiment he started lasted week, which inserted ads in the terminal whenever Standard 14 is installed.

Although the experiment met widespread aversion, it successfully captured public attention and put a spotlight on the critical need for a viable model of funding open source infrastructure. It also uncovered some intense presuppositions that developers have when it comes to protecting their workflow in the terminal.

“If nothing else, it’s nice that funding forced open source ‘consumers’ – folks who enjoy the benefits of open source software without ever contributing anything back – to reconsider their relationship with open source,” Aboukhadijeh said. “I think we successfully pushed back against the entitlement to free labor that is pervasive in the interactions that open source consumers have with maintainers.”

glob bless @feross for poking the hornet’s nest tho

— Forrest L Norvell (@othiym23) August 25, 2019

Supporting work with advertising is nothing new, but the shock of seeing ads in the terminal activated an urgency in the open source community to collectively brainstorm and consider new approaches.

“While I didn’t like the approach, I understood the goal,” ESLint creator Nicholas C. Zakas said. “There is little involved in mindlessly typing ‘npm i’ and getting something for free. This experiment at least broke people out of that mode, even if only momentarily.”

Google Chrome engineer Chris Palmer said he saw Aboukhadijeh’s experiment as “a live demonstration of the fact that it’s very very hard to get people to pay, in any way, for information goods, which are indeed scarce. It has been as delightful and as bracing as it always is.”

In his recap of the funding experiment, Aboukhadijeh contends that the phrase “open source sustainability” isn’t ideal, because maintainers are often simply subsisting, as opposed to thriving, on the few donations they receive, despite creating millions of dollars of value for the companies that use their work.

“The dirty secret of open source is that much of it is powered by maintainer guilt,” Aboukhadijeh said. “A lucky few manage to land day jobs that allow them to work on open source. But most folks have to be more creative – squeezing in time after work, secretly doing open source maintenance at work, or opting out of normal society completely.”

Aboukhadijeh is particularly concerned about finding solutions for the “invisible” maintainers of transitive open source dependencies, packages that no one installs directly:

But reliable, error-free transitive dependencies are invisible. Therefore, the maintainers are invisible, too. And, the better these maintainers do their job, the more invisible they are. No one ever visits a GitHub repository for a transitive dependency that works perfectly – there’s no reason to do so. But a developer investigating an error stack trace might visit the repository if for no other reason than to file an issue. At least then there’s a small chance they’ll see the maintainer’s plea in the README.

We need solutions that work for these folks too.

Although this particular funding experiment did not prove to be successful, Aboukhadijeh said he has more sponsors who are interested and more experiments in the works that he is excited about.

“Maybe ads aren’t the answer – fine,” he said. “But telling maintainers to bury their appeals where no one bothers to look is not the answer, either.

“Approximately 100% of the Fortune 500 use open source code. Maintainers are just starting to wake up to our own power. Expect to be surprised. This certainly won’t be the last open source funding experiment.”

WPTavern: Gutenberg 6.4 Adds New Typewriter Experience, Cover Block Resizing, and Block Inserter Help Panel

Wordpress Planet - Thu, 08/29/2019 - 20:14

Gutenberg 6.4 arrived this week with two more improvements to the Cover block. The background can now be set to a solid color (in addition to images and videos). Users can also easily resize the block, making it far more useful for those who are designing their own pages.

One notable change to Image block in this release is the addition of a circle mask variation. Gutenberg designer Joen Asmussen described how it works with various image aspect ratios:

This PR adds a variation to the Image block, “Circle Crop”. What that means is you can choose a style variation for the image, which rounds all 4 corners. When this is applied to a square image, that means a perfect circle. When it is applied to a rectangle, it means a pill-shape.

A new “Typewriter experience” landed in this release, providing a smoother writing flow that is especially beneficial when writing on mobile. It keeps the users’s place while typing, maintaining a margin at the bottom of the screen. This prevents typing from overflowing outside the viewport and allows the user’s eyes to stay in the same place.

This video demo from the release post explains how the Typewriter experience improves writing in the editor:

https://wptavern.com/wp-content/uploads/2019/08/typewriter.mp4

New Help Panel in the Block Inserter Offers More Real Estate for Contextual Help and Tips

After another round of usability testing in July 2019, Gutenberg designers found that most participants were not interacting with the new user help tips, preferring to jump right into editing. The floating tips also obscured essential UI and the placement of the tips was even worse on mobile.

As part of an ongoing effort to bring all tips inline, Gutenberg 6.4 adds a new help panel to the block inserter, designed to provide contextual help and education for users. As the user mouses over different blocks, the panel displays the icon, title, a brief explanation of what the block does, along with space for an image preview.

Contributors entertained quite a bit of discussion regarding how the block hovering interactions should behave, and this is likely to go through more iterations as users start testing it in the plugin. Some users may not like that it makes the block inserter take up more space on the screen, so there is a checkbox setting to turn it off under the vertical ellipses menu > Options:

The new help panel might be a good solution for helping users identify the source of a block, since branding in the block icon doesn’t always provide enough information. It could also be useful in providing a space where plugins authors could indicate if the block is only available with a paid upgrade. This would go a long way towards solving controversial issues related to monetizing plugins. Jetpack is currently beta testing a preview and upgrade nudge for blocks only available on paid plans. Using the help panel to indicate that the block is a non-functional preview might prevent users from getting frustrated by inserting the block only to discover the upsell in the editor.

In a related ticket, Matias Ventura has also floated the idea of implementing block collections, which would initially function in the same way block categories do now. This would allow developers to register a collection as another way to help users identify blocks coming from a single source.

Gutenberg 6.4 includes several new APIs and more than two dozen enhancements and bug fixes. Check out the release post for a full list of all the changes.

BuddyPress: BuddyPress 5.0.0-beta1

Wordpress Planet - Wed, 08/28/2019 - 22:30

BuddyPress 5.0.0-beta1 is available for testing. You can download it here or get a copy via our Subversion repository. We’d love to have your feedback and testing help.

If your version of WordPress is <= 4.6, we remind you that BuddyPress 5.0.0 will require at least WordPress 4.7.

A detailed changelog will be part of our official release notes, but, until then, here’s a tasty list of some of our favorite changes. (Check out this report on Trac for the full list.)

BP REST API

A BuddyPress developers tool to build awesome community applications or improve the performance of their existing ones. It has been developed as a feature as a plugin from GitHub and we think it’s time to include it in BuddyPress Core.

To help you discover the great powers of this new API, we’re also introducing a new user interface to manage Group members (#8045).

BP Invitations API

This API opens very promising opportunities to BuddyPress developers willing to manage their custom objects invites or membership requests. We’re primarly using it to improve how we handle invitations and requests to join Groups (#6210).

BuddyPress Site Health section

Users requesting for support will soon be able to copy the information of this section to their clipboard to share them with us. This should help our beloved support forum contributors to explain/fix issues faster.

5.0.0 is almost ready (Targeted release date is September 30, 2019), but please do not run this Beta 1 release in a production environment just yet. Let us know of any issues you find in the support forums and/or on our development tracker.

Download and test 5.0.0-beta1

Thanks everyone for all your contributions so far; please help us test and polish the 5.0.0 release so it can be as awesome as possible!

WPTavern: StandardJS Pauses Experiment with Ads in the Terminal after Linode Pulls Sponsorship

Wordpress Planet - Wed, 08/28/2019 - 20:14

Feross Aboukhadijeh, maintainer of the StandardJS library, a JavaScript style guide, linter, and automatic code fixer, launched an experiment last week that places ads in the terminal in order to fund development. The experiment has since been paused after receiving negative feedback from the developer community, causing Linode, one of the initial sponsors, to remove its advertisement.

“I think that the current model of sustaining open source is not working and we need more experimentation,” Aboukhadijeh said. “This is one such experiment.” He developed a module that inserts an ad whenever Standard 14 is installed. Sponsorship funds are designated to pay for maintainer time, which he defined as “writing new features, fixing bugs, answering user questions, and improving documentation.”

Aboukhadijeh is a prolific developer who has authored more than 100 packages on npm that are downloaded 100+ million times per month. Standard is his most popular open source project and is used by high profile projects and companies, including Node.js, npm, GitHub, Automattic, and many more.

Aboukhadijeh said his goal with the experiment is to make Standard and other open source projects healthier.

“For complex reasons, companies are generally hesitant or unwilling to fund OSS directly,” he said. “When it does happen, it’s never enough and it never reaches packages which are transitive dependencies (i.e. packages that no one installs explicitly and therefore no one knows exists). Essentially, we have a public good which is consumed by huge numbers of users, but which almost no one pays for. Fortunately, there exists a funding model that usually works for public goods like this – ads.”

Here is an example of the LogRocket ad that was part of the initial experiment:

While some developers communicated support for open source maintainers to monetize their projects in whatever way they choose, the majority of feedback on GitHub, Hacker News, Reddit, and social media strongly criticized this particular approach.

William Hilton, developer at Stoplight, speculated on the consequences of this type of advertising becoming a popular funding model:

I do worry that npm install will just become a long trail of banner ads though eventually and it won’t scale. Because if every npm package adds ads, the noticeability of each ad will diminish. (Interestingly, the most valuable “realestate” will be packages whose banner is displayed last, so if it becomes a literal “race-to-the-bottom” people might add sleep statements to their post-install scripts so they are displayed nearest the bottom. What a dystopian installation experience!)

He also noted that Yarn blocks the output of post-install scripts, which in this case would serve as built-in ad-blocking. Yarn’s maintainer chimed in on the thread with more context.

“As maintainer of Yarn, I’m strongly against this pattern, although not for the reasons you might think,” Maël Nison said. “Post-install scripts deoptimize packages and break workflows.

“Yarn already doesn’t print the build logs unless they make the installs crash, so this post-install script wouldn’t have any visible effect for our users. Still, I value the health of the ecosystem a lot, both from the point of view of maintainers and users, and I would be happy to discuss how we could satisfy this use case in a more integrated and less intrusive way.”

Since this is a newer experiment and hasn’t gone mainstream, it’s not clear whether npm may decide to block all methods of serving advertisements through the terminal in the future. A new module called No CLI Ads was created in response to Aboukhadijeh’s funding module. It blocks ads from appearing in console output. npm-adblock is an alternative that functions in a different way. The existence of simple, albeit inconvenient, ways of blocking these types of ads may be all that is necessary to dry up any potential revenue stream.

Feedback on this experiment demonstrates that there is wide support for finding a solution to the problem of open source funding, but most agree that terminal ads is not a viable option. In fact, many commenters identified this approach as the most annoying thing that a package maintainer can do, apart from removing the package. Developers do not wish to be spammed while installing a dependency. One commenter describes his terminal as “the one last stronghold” and “haven of peace” that doesn’t serve ads from corporate overlords.

“Selling ad-space is not innovative,” developer Matthias Hogerheijde said. “And it’s particularly unhelpful in my logs. For me, the issue is more that I don’t want stuff that doesn’t help me in my logs. I wholeheartedly agree with putting your ‘supported by company X’ in the readme. That helps me understand, it does resonate with me when I see certain companies donating money to OSS. I, too, want to live in a perfect world where every developer can live, pay rent and only work on projects they like. That perfect world for me does not include ads in my terminal.”

Reddit commenters took humorous jabs at the idea, penning sample ads that interrupt the build process:

Linode Pulls Sponsorship from Standard’s Terminal Ads Experiment

Standard.js users who were unhappy with the ads in their terminals complained to the sponsors and Linode decided to remove its ad from the experiment.

We hear you loud and clear. We've reconsidered and have removed the ad.

— Linode (@linode) August 25, 2019

“We reconsidered after reflecting on the developer community’s reaction,” a Linode representative said on Twitter. “We still passionately support open source software along with @feross, but we’ll be more careful about experimenting in the future while continuing to innovate.”

Prior to pausing the experiment, Aboukhadijeh reported he had raised $2,000, enough to fund five days worth of his time to release Standard 14.

“If we are able to raise additional funds, the next thing I’d like to focus on is out-of-the-box TypeScript support in StandardJS (one of the most common feature requests!) and modernizing the various text editor plugins (many of which are currently unmaintained),” Aboukhadijeh said. “If others in the community are interested in taking the lead on any of these issues, I’d like to direct some funds to you.”

The experiment isn’t entirely off the table, since it seems to have met one of Aboukhadijeh’s immediate objectives, despite annoying (and in some cases infuriating) the developer community.

Four days ago, Standard locked the GitHub thread discussing the new funding model after it became too heated. The project’s maintainers are now evaluating this iteration of the experiment, but the discussion extends beyond the simple question of whether developers like ads in their terminals. A new thread on the project’s repo, titled “What’s wrong with Open Source right now?” has diverted some of the negative feedback into a broader, more productive discussion.

The experiment has reignited important conversations about the sustainability of open source and where project maintainers want to see it go in the future. In a recent tweet, Aboukhadijeh shared a link to particular situation that one maintainer faced in supporting a free syntax highlighting library.

After receiving urgent comments and emails following a release that had errors causing dependencies to break, Ivan Sagalaev, the original author of highlight.js, aptly summarized the current state of the relationship between businesses and open source projects:

Dear fellow engineers, please take this build hiccup as an opportunity to explain to your particular business people that their entire intellectual property is a thin layer on top of a shaky foundation of open-source code lazily maintained by hobbyists or paid for by other businesses having their own goals in mind.

If they really want stability they have to invest in it by, for example, hiring engineers to deal with myriad of dependencies, maintain local stable forks, contribute patches upstream, or whatever — the key point is that it should not look like it ‘just works’ on fairy dust.

Encontrarlo

Drupal Themes - Wed, 08/28/2019 - 17:21

A sub-theme of Claro, built for the Find It Program Locator Drupal Distribution.

Issues and active development happen on GitLab - https://gitlab.com/find-it-program-locator/encontrarlo

Bare Bones

Drupal Themes - Wed, 08/28/2019 - 09:19

A skeleton theme for Drupal 8.

WPTavern: Top Fifty WP: New Website Ranks Plugins by Downloads per Day

Wordpress Planet - Tue, 08/27/2019 - 19:15

The team behind Pootlepress has launched a new website that displays the top 50 WordPress plugins by downloads per day. It uses the WordPress.org Plugin API to pull the previous day’s download stats from plugins hosted in the directory. The site also shows the average rating as a percent in the right-hand column.

As one might expect, the most popular plugins with more than a million active installs dominate the top 50 spots. There are a few surprising plugins in the mix, with 500,000 installs or less, where these daily download stats might be an indication of their potential growth: Ocean Extra, WPS Hide Login, AMP, File Manager, and WP Statistics. It’s something to monitor over time, as there may be quite a bit of turnover in the top 50.

It’s also interesting to see a few plugins among the top 50 that provide utilities frequently used when working with WordPress but not necessary to have installed all the time. It looks like users are installing plugins like WordPress Importer, Maintenance, All-in-One WP Migration, and Coming Soon Page, and then leaving them active on their sites.

Top Fifty WP Is Now Available as a Plugin with Gutenberg Blocks for Top Plugins and Themes

Pootlepress has packaged up Top 50 WP as a plugin so that other publishers can use it to display the same data on their own websites. It includes two Gutenberg blocks – one for plugins and the other for themes. They are listed under Layout Elements.

Pootlepress founder Jamie Marsland said the plugin is coming soon to WordPress.org but for now it can be downloaded from his website. It requires the Caxton plugin to be installed, which provides Pootlepress’ base framework for new blocks. Marsland’s team is working on adding more blocks with plugin and theme data, as well as customization options for each block.

Pages