Wordpress News

WordPress.org blog: WordPress 5.2 Release Candidate

Wordpress Planet - Fri, 04/26/2019 - 01:28

The first release candidate for WordPress 5.2 is now available!

This is an important milestone as we progress toward the WordPress 5.2 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.2 is scheduled to be released on Tuesday, May 7, but we need your help to get there—if you haven’t tried 5.2 yet, now is the time!

There are two ways to test the WordPress 5.2 release candidate: try the WordPress Beta Tester plugin (you’ll want to select the “bleeding edge nightlies” option), or you can download the release candidate here (zip).

What’s in WordPress 5.2?

Continuing with the theme from the last release, WordPress 5.2 gives you even more robust tools for identifying and fixing configuration issues and fatal errors. Whether you are a developer helping clients or you manage your site solo, these tools can help get you the right information when you need it.

The Site Health Check and PHP Error Protection tools have brand new features, giving you peace of mind if you discover any issues with plugins or themes on your site. There are also updates to the icons available in your dashboard, fresh accessibility considerations for anyone using assistive technologies and more.

Plugin and Theme Developers

Please test your plugins and themes against WordPress 5.2 and update the Tested up to version in the readme to 5.2. If you find compatibility problems, please be sure to post to the support forums so we can figure those out before the final release.

The WordPress 5.2 Field Guide has also been published, which goes into the details of the major changes.

How to Help

Do you speak a language other than English? Help us translate WordPress into more than 100 languages! This release also marks the hard string freeze point of the 5.2 release schedule.

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.

Howdy, RC 1!
With tools this interesting,
I can hardly wait.

BuddyPress: BuddyPress 4.3.0 Security and Maintenance Release

Wordpress Planet - Thu, 04/25/2019 - 16:40

BuddyPress 4.3.0 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible.

The 4.3.0 release addresses nine security issues:

  • A privilege escalation vulnerability was fixed that could allow users to “favorite” activity items to which they do not have read access. Discovered by Yuvraj Dighe.
  • A privilege escalation vulnerability was fixed that could allow users to join non-public groups while using the Nouveau template pack. Discovered and reported independently by Yuvraj Dighe and Nam.Dinh.
  • A privilege escalation vulnerability was fixed that could allow users to reply to activity items to which they do not have read access. Discovered by Yuvraj Dighe.
  • A privilege escalation vulnerability was fixed that could allow users to view private message threads to which they do not have access while using the Nouveau template pack. Discovered by Yuvraj Dighe.
  • An XSS vulnerability was fixed in the save routine for group names. Discovered by wxy7174.
  • An XSS vulnerability was fixed in the content of activity items. Discovered by Yonatan Offek.
  • A privilege escalation vulnerability was fixed that could allow unauthorized users to update certain group settings. Discovered by wxy7174.
  • A privilege escalation vulnerability was fixed that could allow unauthorized users to view pending group invites. Discovered by Yuvraj Dighe.
  • A privilege escalation vulnerability was fixed that could allow unauthorized users to delete pending group invitations. Discovered by Yuvraj Dighe.

These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporters for practicing coordinated disclosure.

BuddyPress 4.3.0 also fixes 3 bugs. For complete details, visit the 4.3.0 changelog.

WPTavern: Clean Blocks: A Free Multipurpose WordPress Theme Compatible with Gutenberg

Wordpress Planet - Wed, 04/24/2019 - 22:46

Clean Blocks is a new free theme from Catch Themes that was released last week on WordPress.org. The design is suitable for businesses, agencies, freelancers, and other service professionals who require featured content, a portfolio, testimonials, a blog, and a services section.

Clean Blocks includes basic Gutenberg compatibility in that it supports all core blocks and is has a few enhanced block styles.

It may seem unnecessary to specify that it is Gutenberg-compatible, since the editor has been part of WordPress core since early December 2018. However, more than half of all WordPress users (~55%) are not running version 5.0+. Nearly 30% are hanging back at 4.9 and 25% are on even older versions.

Theme authors who create products that have Gutenberg-only features are not yet building for the majority of WordPress users. These authors are carving a path for the future of theme development. The Clean Blocks theme doesn’t really fall into this category, as its essentially enables users on WordPress 5.0+ to continue using the new editor without any styling issues. It is also compatible with earlier versions of WordPress (4.8+).

Clean Blocks recommends a collection of Catch Themes’ functionality plugins upon theme activation. These plugins handle things like galleries, infinite scroll, Instagram feeds, widgets, and additional content types. The theme includes dozens of options in the Customizer for controlling nearly every aspect of how content is displayed – from excerpt length to categories displayed on the home page to header text color. This sort of overloaded Customizer options panel is common for multipurpose style themes, and many users have come to expect it.

Check out a demo of the free version to see all the features in action.

The name “Clean Blocks” implies that the theme goes beyond the basics to customize the Gutenberg experience, but that doesn’t seem to be the case. The vast majority of the features seen in the demo are controlled by the Customizer. For example, features like Testimonials and Services are not available as blocks. While some theme authors opt to integrate features like this by pairing their themes with block collection plugins, Catch Themes has put everything into the Customizer.

Even with Gutenberg compatibility, many themes still have a disconnect between the back and frontend where certain features can only be configured in the Customizer. This fractured customization experience is one of the necessary evils for this transition time before the block editor is fully capable of handling more complex aspects of site customization.

Clean Blocks is an example of a multipurpose theme that is essentially keeping it old school in terms of content customization, while providing basic Gutenberg compatibility for users who are running WordPress 5.0+. The theme is available on WordPress.org and has already been downloaded several hundred times during its first week in the directory.

WPTavern: Laraberg, a Gutenberg Implementation for Laravel, is Now in Beta

Wordpress Planet - Wed, 04/24/2019 - 17:24

The family of Gutenberg derivatives is expanding with the beta release of Laraberg, an implementation for Laravel. Maurice Wijnia, a developer at Van Ons, an agency based in Amsterdam, created Laraberg as an easy way for developers building applications with Laravel to integrate the Gutenberg editor. It includes a simple API and support for the Laravel File Manager for uploading files.

“The goal for Laraberg is to give developers the ability to add the Gutenberg editor to any page they like in a way that is as easy as possible, but at the same time it has to prove enough options to tailor the editor so it can fit into any Laravel project out there,” Wijnia said.

Van Ons has a preference for using Laravel in their projects, due to its increasing popularity and active community. Laraberg makes it possible for the agency to tap into the convenience of the Gutenberg editor without giving up the performance and features they enjoy in the Laravel framework. The beta release is now available on GitHub and Packagist. Van Ons plans to actively implement Laraberg in their own projects and will also be collecting feedback from beta testers.

Wijnia said he was inspired by the Drupal Gutenberg project, whose creators also authored Gutenberg.js, a package that makes it easier to bring Gutenberg into other applications. Providing a foundation for using Gutenberg on any CMS or framework is part of Frontkom’s long term vision for improving the open web and enabling communities to collaborate on mutually beneficial extensions.

As the editor continues to expand to more platforms and frameworks, a CMS-agnostic block library would offer a central place for Gutenberg’s increasingly diverse user base to discover new blocks. WordPress.org has the opportunity to provide that in its own block library, with the support of the Gutenberg Cloud team that pioneered the idea in 2018.

“If Gutenberg Cloud can serve as a proof of concept that WP.org can later adopt as their own, we are happy,” Frontkom CTO Per Andre Rønsen said. He also further commented on the WordPress.org Block Library proposal, advocating for the team to grow their vision beyond the WordPress community only. No official decision has been announced yet. If WordPress decides to forgo the opportunity of providing a block library inclusive of other frameworks and platforms, then the Gutenberg Cloud will continue to be the place for discovering blocks that can be used across multiple platforms.

HeroPress: How the WordPress community helped me find my way

Wordpress Planet - Wed, 04/24/2019 - 12:00

Este ensaio também está disponível em português.

As I make a checklist of all the things I’ll have to pack to travel from São Paulo to Berlin, to attend WordCamp Europe 2019, I can’t stop thinking how hard the path to this point has been.

For some of people, a travel like this may seem ordinary, but for me, this will be the farthest I’ve ever been until now, in many ways. Especially because the last time I was planning to attend an international WordCamp, things didn’t work out at all.

So let me tell you about the path.

The first steps

I was born and raised in São Paulo. Allow me to give you some context about my city. São Paulo is the richest and biggest city of Brazil. With more than 14 million people, it’s also the biggest city of the south hemisphere. It’s even bigger than New York.

Like every big city, São Paulo is a place of opportunities, but also a place of contrasts.

Growing up, although we were poor, my family cared a lot about the education of me and my little brother. My father who always liked technology, managed to get a computer for us in 1996. At that time, I was 6 years old, and we were the only family in my neighborhood to have a computer for a long time, and that was sad. That early exposure to technology made a big difference in my life.

At age 13, I was very interested in graphic design and coding.

We had a very limited and expensive dial-up internet, that was only free after midnight and at weekends.

So to learn these skills, my best options were the CD-ROM magazines that my father would bring home. I also learned about HTML with a book about Microsoft Front Page. At age 14 I sold my first website, entirely created on Front Page, with lots of GIFs and <marquee> tags, for a neighbour who needed it for a college project. She loved it!

I decided I wanted to work with design. So I started a Graphic Design course during the high school. With my love for web design, all I wanted was to have a site that was actually online. I couldn’t afford a host, but fortunately at this time, blogs became very popular here in Brazil.

I looked for a platform to create a portfolio. I played a little with one called WordPress (you may have heard of it) and ended up using Blogger instead, because there was the possibility to customize the theme’s CSS online. I made a very dark grungy theme for my blog that’s still online.

A bumpy road

I got a scholarship for Graphic Design at a good College in São Paulo, but I still would have to pay for half of the monthly tuition. The problem was that my family definitely had no means to afford it. My parents said they would cut some expenses and help me, but I knew that there wasn’t anything they could cut. So I told them to not worry, I would find a job.

At this point I had made a freelance gig creating a HTML website (in Dreamweaver this time). With exactly 1 month left for the College application, this client proposed that I started working there to maintain the website I just made. So I was able to (barely) pay for the college. After six months, I applied for a full scholarship and it was granted. Things got a little better financially, but the path was still rocky.

It took me 3 hours by bus from my house to the college every single day, just inside the city of São Paulo (remember when I said this city is huge?).

I had the cheapest hot dog for lunch every day, because I couldn’t afford a real meal.

Then I would go to work (another 1h30 of bus from the college), and at night I would head back home (another bus, another 1h30). That was my routine for one and a half year throughout the college. As you can imagine, I was exhausted, and eventually getting ill.

A fork in the path

That’s when I decided that I would quit my job and start a business with my boyfriend Allyson Souza, that I met during my Graphic Design course in High School. We started the company officially in july, 2009. We named it Haste (the portuguese word for “stem”).

We were 19 years old, not much experience, zero network and money, a lot of energy, and some extra self-confidence (I could have summarized simply as “millennials”, right?). Allyson’s father gave us a computer and a part of his office, for which I am very grateful, and we created all the graphic materiais for his courses company in exchange.

We started working with graphic design only, and it took us some time to realize that web development was our future.

I remembered WordPress and tried it again. I liked how the platform had evolved. We made a second version of our website in WordPress, using a simple free theme, which I edited the CSS directly (oh god). We tried to create websites for clients modifying existing themes (at least we learned about child themes later), but we definitely didn’t feel in control of what we were doing.

When you hit your lowest point

In January 2011, my mother had a stroke. She had a brain surgery, and after a month, she was back home with a 6 inches scar in the head. That was the lowest point on my path.

The next years I had to take care of her, because of some consequences of the stroke, both physical and psychological. As the only family member who hadn’t a “formal” job, with a boss and a defined schedule, I was the one who had to take her to appointments, or the ER, or stay home when she wasn’t ok. It was very hard to reconcile the final year of college, the work and my mom’s health care.

The only way is up

At Haste, we felt that things were not evolving. In 2013, after some partnerships that took us to some confusing paths, we decided to have a complete makeover. We defined a new focus: web design and development with WordPress. We created a new website, with a theme fully developed by us. We wanted to overcome the fear of coding, and wanted to know exactly what we were doing. So we started studying a lot by ourselves.

Allyson was responsible for the PHP and JavaScript and I was supposed to make the design, the HTML and CSS. He started to ask a lot of questions in the group of WordPress Brasil community at Facebook. We finished the website, and people loved it, specially the illustration with parallax effect that made the girl move her eyes.

We were proud WordPress developers now.

We started attending the meetups, and then the WordCamp. I was amazed how the open-source culture was all about sharing knowledge with strangers, with no fear of competition, just the spirit of collaboration. We felt no longer isolated. We made real friends (shout out to all my WordPress friends).

Soon we were both involved in the community, and became WordCamp São Paulo organizers in 2014.

The new website and our participation in the WordPress community were really what we needed to give us some perspective and stability. So we didn’t stop there.

Bring others to walk with you

In the 2014 edition of WordCamp São Paulo, I was the only female speaker. That made me realize a few things.

First that the proportion of men in the community events was not only the majority but, we almost didn’t had any women at all, which was very weird.

Second, we know that lots of girls feel intimidated in an environment with too much men. I always had a majority of male friends since I was a kid, and even so, I probably wouldn’t get involved with the community if it wasn’t by the fact that my boyfriend / partner was with me.

A few sexists incidents had happened with me too. I reacted, and the men involved seemed to understand that I wasn’t ok, and changed their behavior as far as I know.

We don’t have as many meetups and WordCamps here in Brazil as in US. Although Brazil is becoming a technology hub, the WordPress community has still a lot of room to grow, compared to other communities. So, I think we have the opportunity to make things different while everything is not settled yet.

So I decided to act now.

I started a poll asking the women involved with WordPress the reasons why they wouldn’t attend the events. The results proved it wasn’t just me complaining about small things.

Some jokes kept women away. Some condescending actions made them feel diminished. And even the lack of information from our part, that the WordCamps are inclusive events, made the women not to come. The lack of time, was an important factor too.

Based on this data, the next year we managed to increase the proportion of female speakers from 5% to 32% at WordCamp São Paulo 2015. More women became organizers too. In 2019 we have 4 women out of 10 active organizers. The last WordCamp we had blind people attending, and their feedback was great. We still need to improve racial diversity though.

Barriers and frontiers

In 2015, Allyson had told me about this new scholarship program from the WordPress Foundation for women who work for equality in the community around the world. So I applied for the very first Kim Parsell Memorial Scholarship. Kim Parsell left a beautiful legacy of inclusion and love, having worked to bring more women, older people, and other minorities to the WordPress community. She was known as the #WPMom.

The result came few months later. I received an email, and had no reaction for a few minutes. I had won the scholarship, and it granted me a travel to WordCamp US 2015, in Philadelphia Pennsylvania, with flights and hotel covered.

You see: I had never left my country. I had just took flight for the first time that same year. I was not even close to dream to go to US, because it was impossible for me at the moment. Sometimes your mindset in the only thing putting limitations in your dreams.

I was so happy, you have no idea. Alx Block and Cami Kaos reached to me to give me instructions and they were very kind.

But then… my visa application was denied. They considered my sudden passport and visa solicitation, with no money to travel (that’s exactly the point of a scholarship!), and lack “ties” in Brazil very suspicious. I told them that the WordPress Foundation would pay for everything. The flights and the hotel were already booked. The officer even told me that the WordPress Foundation letter could be easily forged. I tried again, with no success.

I couldn’t go to WordCamp US 2015.

I couldn’t go to WordCamp US 2016 too, when they asked if I wanted to try again, and my visa was denied… again. This time I think at least the officer searched online for me, saw it was true, but couldn’t do anything, since my situation hadn’t change.

I was so disappointed. This still hurts me, I must confess. Sometimes, there are real barriers and gates that a simple mindset change cannot open.

Crossed paths

The next years, I focused on my company and the work at the community. My mom’s health improved, she’s in great shape now. My family supports my work.

We became specialists in WordPress at Haste. We developed themes, plugins and sites for companies in Brazil and America. I now have a stable income and I live exclusively from my work with WordPress. We are celebrating 10 years in 2019.

I traveled through Brazil because of WordPress, to speak at WordCamps and Meetups. I see more and more women working with WordPress, attending meetups and WordCamps, and talking to each other, finding something familiar in every other woman’s face.

Last year we decided we would go to WordCamp Europe 2019 in Berlin, since we don’t need a visa to most countries there, including Germany.

This time I can afford it (with a lot of planning and expenses cut, but I’ll be ok). I have to confess that I’m a little anxious about the immigration process.

My goal at WordCamp Europe is to know the most people I can. It’s not a matter of quantity, but if the WordPress community taught me something was that every person has something to teach and to learn. So If you are attending WordCamp Europe, let’s meet!

Opening trails

So now I hope you can see what this travel really means to me, and why every small conquest means a lot. It’s not just because it was hard. But because I’m not the only one who deserve it, but unfortunately I’m a exception between other people who have the same background as I.

There are so many young girls and boys that don’t dare to dream about visiting other countries, or even getting in the college. Lots of kids that don’t have a computer, or even access to internet. The only difference is that I was given opportunities, people believed in me. Doors were opened. And just then I could prove my value.

Now my next dream is to be able to make the journey a little easier than it was for me, specially for women and young Brazilians. Because I think that’s our responsibility in the community. Teach others, share information, donate some of your time, create new tools, plugins and resources, mentor people. As my brother’s tattoo says, be the person you needed when you were younger.

Como a comunidade WordPress me ajudou a encontrar o meu caminho

Enquanto faço uma lista de todas as coisas que preciso para viajar de São Paulo para Berlim, para participar do WordCamp Europe 2019, não posso deixar de pensar no quão difícil foi o caminho até esse ponto.

Para algumas pessoas, uma viagem como essa pode parecer comum, mas, para mim, esse será o mais longe que já fui até agora, de muitas maneiras. Especialmente porque, da última vez que eu planejava participar de um WordCamp internacional, as coisas não deram certo.

Então deixe-me contar sobre esse caminho.

Os primeiros passos

Eu nasci e cresci em São Paulo. Permita-me dar um pouco de contexto sobre minha cidade. São Paulo é a mais rica e maior cidade do Brasil. Com mais de 14 milhões de pessoas, é também a maior cidade do hemisfério sul. É maior que Nova York.

Como toda grande cidade, São Paulo é um lugar de oportunidades, mas também de contrastes.

Crescendo, apesar de sermos pobres, minha família se importava muito com a minha educação e do meu irmão mais novo. Meu pai, que sempre gostou de tecnologia, conseguiu um computador para nós em 1996. Naquela época, eu tinha 6 anos, e éramos a única família das redondezas a ter um computador por um longo tempo, e isso era triste. Essa exposição precoce à tecnologia fez uma grande diferença na minha vida.

Aos 13 anos, eu já estava interessada em design gráfico e programação. Nós tínhamos aquela internet discada muito limitada e cara, que só era gratuita depois da meia-noite e nos fins de semana. Então, para aprender essas habilidades, minhas melhores opções eram as revistas em CD-ROM que meu pai trazia para casa. Eu também aprendi sobre HTML com um livro sobre o Microsoft Front Page. Aos 14 anos, vendi meu primeiro site, inteiramente criado no Front Page, com muitos GIFs e tags <marquee>, para uma vizinha que precisava para um projeto da faculdade. Ela adorou!

Eu decidi que queria trabalhar com design. Então fiz o curso técnico em design gráfico durante o ensino médio. Com o meu interesse pelo web design, tudo o que eu queria era ter um site que estivesse online. Eu não podia pagar um servidor, mas felizmente, neste momento, os blogs se tornaram muito populares aqui no Brasil.

Procurei uma plataforma para criar um portfólio. Eu brinquei um pouco com uma plataforma chamada WordPress (você pode ter ouvido falar dela) mas acabei usando o Blogger, porque havia a possibilidade de personalizar o CSS do tema online. Eu fiz um tema escuro e grunge para o meu blog que ainda está online.

Uma estrada esburacada

Consegui uma bolsa de Design Gráfico em uma boa faculdade em São Paulo, mas ainda teria que pagar metade da mensalidade. O problema era que minha família definitivamente não tinha como arcar com isso. Meus pais disseram que cortariam algumas despesas e me ajudariam, mas eu sabia que não havia nada que pudessem cortar. Então eu disse a eles para não se preocuparem, eu encontraria um emprego.

Neste momento, eu havia feito um trabalho freelancer criando um site HTML (no Dreamweaver desta vez). Com exatamente 1 mês para o aplicativo da faculdade, esta cliente propôs que eu começasse a trabalhar lá para manter o site que tinha acabado de criar. Então eu pude pagar pela faculdade (bem mal). Depois de seis meses, solicitei uma bolsa de estudos integral e ela foi concedida. As coisas melhoraram um pouco financeiramente, mas o caminho ainda era rochoso.

Levava 3 horas de ônibus da minha casa para a faculdade todos os dias, apenas dentro da cidade de São Paulo (lembra quando eu disse que essa cidade é enorme?). Eu comia um cachorro-quente mais barato para o almoço todos os dias, porque eu não podia pagar uma refeição de verdade. Então eu ia trabalhar (outra 1h30 de ônibus da faculdade), e à noite eu voltava para casa (outro ônibus, outro 1h30). Essa foi a minha rotina por um ano e meio durante a faculdade. Como você pode imaginar, eu estava exausta e ficando doente.

Uma bifurcação no caminho

Foi então que decidi largar meu trabalho e começar um negócio com meu namorado Allyson Souza, que conheci durante o curso de Design Gráfico no Ensino Médio. Nós começamos a empresa oficialmente em julho de 2009. Nós a nomeamos Haste.

Nós tínhamos 19 anos de idade, não muita experiência, zero networking e dinheiro, muita energia e alguma autoconfiança extra (eu poderia ter resumido simplesmente como “millennials”, certo?). O pai do Allyson nos deu um computador e uma parte de seu escritório, pelo que sou muito grata, e criamos todos os materiais gráficos para sua empresa de cursos em troca.

Começamos a trabalhar apenas com design gráfico e levamos algum tempo para perceber que o desenvolvimento web era o nosso futuro.

Lembrei-me do WordPress e tentei novamente. Eu gostei de como a plataforma evoluiu. Fizemos uma segunda versão do nosso site no WordPress, usando um simples tema gratuito, que eu editei diretamente o CSS (não façam isso!). Tentamos criar websites para clientes que modificando temas existentes (pelo menos aprendemos sobre temas filhos mais tarde), mas definitivamente não nos sentíamos no controle do que estávamos fazendo.

Quando você atinge seu ponto mais baixo

Em janeiro de 2011, minha mãe teve um AVC. Ela fez uma cirurgia no cérebro, e depois de um mês, ela estava em casa com uma cicatriz na cabeça. Esse foi o ponto mais baixo do meu caminho.

Nos anos seguintes eu tive que cuidar dela, por causa de algumas consequências do AVC, tanto físicas quanto psicológicas. Como a única pessoa da família que não tinha um emprego “formal”, com um chefe e um horário de trabalho definido, fui eu quem teve que levá-la às consultas, ao pronto-socorro ou ficar em casa quando ela não estava bem. Foi bem difícil conciliar o último ano da faculdade, o trabalho e cuidar da saúde da minha mãe.

O único caminho é para cima

Na Haste, sentimos que as coisas não estavam evoluindo. Em 2013, após algumas parcerias que nos levaram a caminhos confusos, decidimos fazer uma reformulação completa. Definimos um novo foco: web design e desenvolvimento com WordPress. Criamos um novo site, com um tema totalmente desenvolvido por nós. Queríamos superar o medo de programar e queríamos saber exatamente o que estávamos fazendo. Então começamos a estudar muito por conta própria.

Allyson ficou responsável pelo PHP e JavaScript e eu deveria fazer o design, o HTML e CSS. Ele começou a postar muitas perguntas no grupo da comunidade WordPress Brasil no Facebook. Nós terminamos o site, e as pessoas adoraram, especialmente a ilustração com efeito de paralaxe que fez a garota mover seus olhos. Nós éramos orgulhosos desenvolvedores do WordPress agora.

Nós começamos a frequentar os meetups, e depois o WordCamp da comunidade WordPress. Fiquei espantada com a forma como a cultura de código aberto era toda sobre compartilhar conhecimento com estranhos, sem medo de competir, apenas o espírito de colaboração. Não nos sentíamos mais isolados. Nós fizemos amigos de verdade (alô amigos do WordPress).

Logo nos envolvemos na comunidade e nos tornamos organizadores do WordCamp São Paulo em 2014.

O novo site e nossa participação na comunidade WordPress foram realmente o que precisávamos para nos dar alguma perspectiva e estabilidade. Então nós não paramos por aí.

Traga os outros para caminhar com você

Na edição de 2014 do WordCamp São Paulo, eu era a única palestrante mulher. Isso me fez perceber algumas coisas.

Primeiro, a proporção de homens nos eventos da comunidade não era apenas a maioria, mas quase não tínhamos nenhuma mulher. O que era muito estranho.

Em segundo lugar, sabemos que muitas mulheres se sentem intimidadas em um ambiente com muitos homens. Eu sempre tive a maioria de amigos homens desde criança, e mesmo assim, eu provavelmente não me envolveria com a comunidade se não fosse pelo fato de meu namorado / sócio estar comigo.

Alguns incidentes sexistas também aconteceram comigo. Eu reagi, e os homens envolvidos parecem ter entendido o problema, e mudaram seus comportamentos até onde eu sei.

Não temos tantos meetups e WordCamps aqui no Brasil como nos EUA. Embora o Brasil esteja lentamente se tornando um polo de tecnologia, a comunidade WordPress ainda tem muito espaço para crescer, em comparação com outras comunidades. Então, acho que temos a oportunidade de fazer as coisas diferentes enquanto tudo ainda não está definido.

Então eu decidi mudar isso.

Eu comecei uma pesquisa perguntando às mulheres envolvidas com WordPress quais eram as razões pelas quais elas não compareciam aos eventos. Os resultados provaram que não era só eu reclamando de pequenas coisas.

Algumas piadas mantinham as mulheres afastadas. Algumas ações condescendentes fizeram com que se sentissem diminuídas. E mesmo a falta de informação de nossa parte, de que os WordCamps são eventos inclusivos, fez com que as mulheres não viessem. A falta de tempo também foi um fator importante.

Com base nesses dados, no ano seguinte conseguimos aumentar a proporção de mulheres palestrantes de 5% para 32% no WordCamp São Paulo 2015. Mais mulheres se tornaram organizadoras também. Em 2019, temos 4 mulheres de 10 organizadores ativos. No último WordCamp, tivemos deficientes visuais comparecendo e o feedback deles foi ótimo. Ainda precisamos melhorar a diversidade racial.

Barreiras e fronteiras

Em 2015, Allyson me contou sobre o novo programa de bolsas de estudos da Fundação WordPress para mulheres que trabalham pela igualdade na comunidade em todo o mundo. Então me inscrevi para a primeira bolsa Kim Parsell Memorial. Kim Parsell deixou um lindo legado de inclusão e amor, tendo trabalhado para trazer mais mulheres, pessoas mais velhas e outras minorias para a comunidade WordPress. Ela era conhecida como a #WPMom.

O resultado veio alguns meses depois. Recebi um email e não tive reação por alguns minutos. Eu tinha ganhado a bolsa que me garantia uma viagem para o WordCamp US 2015, na Filadélfia, na Pensilvânia, com voos e hotel cobertos.

Veja bem: eu nunca tinha saído do meu país. Eu tinha acabado de voar de avião pela primeira vez naquele mesmo ano. Eu não estava nem perto de sonhar em ir para os EUA, porque era impossível para mim no momento. Às vezes sua mentalidade na única coisa colocando limitações em seus sonhos.

Eu estava tão feliz, você não faz ideia. Alx Block e Cami Kaos entraram em contato para me dar instruções e foram muito gentis.

Mas então… meu pedido de visto foi negado. Eles consideraram minha solicitação repentina de passaporte e visto, sem dinheiro para viajar (esse é exatamente o ponto de uma bolsa de estudos!),  e a falta de “laços” no Brasil muito suspeitos. Eu disse a eles que a Fundação WordPress pagaria por tudo. Os voos e o hotel já estavam reservados. O oficial até me disse que a carta da Fundação WordPress poderia ser facilmente falsificada. Eu tentei de novo, sem sucesso.

Eu não pude ir para o WordCamp US 2015.

Eu também não pude ir ao WordCamp US 2016, quando eles perguntaram se eu queria tentar novamente, e meu visto foi negado… de novo. Desta vez, acho que pelo menos o oficial pesquisou on-line por mim, viu que era verdade, mas não conseguiu fazer nada, pois minha situação não mudara.

Eu estava tão desapontada. Ainda fico triste de lembrar, devo confessar. Às vezes, existem barreiras e portões reais que uma simples mudança de mentalidade não pode abrir.

Caminhos cruzados

Nos anos seguintes, concentrei-me em minha empresa e no trabalho na comunidade. A saúde da minha mãe melhorou, ela está em ótima agora. Minha família apóia meu trabalho.

Nós nos tornamos especialistas em WordPress na Haste. Desenvolvemos temas, plugins e sites para empresas no Brasil e na América. Agora tenho uma renda estável e vivo exclusivamente do meu trabalho com o WordPress. Estamos comemorando 10 anos em 2019.

Eu viajei pelo Brasil por causa do WordPress, para falar em WordCamps e Meetups. Fui para Fortaleza, Belo Horizonte, Curitiba, Porto Alegre. Eu vejo mais e mais mulheres trabalhando com o WordPress, participando de meetups e WordCamps, e conversando, encontrando algo familiar no rosto das outras mulheres.

No ano passado, decidimos que iríamos para o WordCamp Europa 2019 em Berlim, já que não precisamos de visto para a maioria dos países, incluindo a Alemanha.

Desta vez, posso pagar (com muito planejamento e redução de despesas). Tenho que confessar que estou um pouco ansiosa com o processo de imigração.

Meu objetivo no WordCamp Europa é conhecer o máximo de pessoas que posso. Não é uma questão de quantidade, mas se a comunidade do WordPress me ensinou algo foi que cada pessoa tem algo para ensinar e aprender. Então, se você estiver participando do WordCamp Europa, vamos nos conhecer!

Abrindo trilhas

Então agora eu espero que você possa ver o que essa viagem realmente significa para mim, e porque cada pequena conquista significa muito. Não é só porque foi difícil. Mas porque eu não sou a única que merece isso, mas infelizmente sou uma exceção entre outras pessoas que têm o mesmo histórico que eu.

Há tantas meninas e meninos que não se atrevem a sonhar em visitar outros países ou até mesmo entrar na faculdade. E quando se atrevem, tem seus sonhos podados. Muitas crianças que não têm computador nem acesso à internet. A única diferença é que me foram dadas oportunidades, as pessoas acreditaram em mim. Portas foram abertas. E só então eu pude provar o meu valor.

Agora meu próximo sonho é poder tornar a jornada um pouco mais fácil do que foi para mim, especialmente para mulheres e jovens brasileiros. Porque acho que é nossa responsabilidade na comunidade. Ensine outras pessoas, compartilhe informações, doe um pouco do seu tempo, crie novas ferramentas, plugins e recursos, oriente as pessoas. Como diz a tatuagem do meu irmão, seja a pessoa de que você precisava quando era mais jovem.

The post How the WordPress community helped me find my way appeared first on HeroPress.

Bank Zymphonies Theme

Drupal Themes - Tue, 04/23/2019 - 17:59

Bank Zymphonies Theme is a financial multipurpose theme for banking, finance business companies, like loan providers, credit card companies and personal insurance. We have extended Bootstrap UI and Drupal basic layout to provide you with more user friendly theme to create a awesome responsive banking website.

Live Demo Advanced Themes

Features
  • Drupal 8 core
  • Bootstrap v4
  • Mobile-first theme
  • Top bar information
    • Top menu
    • Email
    • Social media links
  • Top highlight blocks
  • Included Sass & Compass source file
  • Well organized Sass code
  • Custom slider - Unlimited image upload
  • Home page layouts
    • 4 column top layout
    • 4 column middle layout
    • 4 column bottom layout
    • 4 column footer layout

WPTavern: Henry Zhu Launches New Maintainers Anonymous Podcast

Wordpress Planet - Tue, 04/23/2019 - 17:53

Maintainers Anonymous is a new podcast created by Henry Zhu, who has been the primary maintainer of Babel for the past two years. Babel is a JavaScript compiler used by Facebook, Netflix, Spotify, and millions of others. It is downloaded over 18 million times per month and used by more than 1.8 million repositories on GitHub. Zhu recently left his job at Adobe to work on Babel and open source full-time.

In his new podcast, Zhu is talking with other maintainers to unearth their valuable perspectives and share similar struggles. By presenting them as regular people, rather than faceless code projects, Zhu is aiming to encourage empathy for maintainers.

Maintainers Anonymous is centered around the “how” of maintenance and Zhu is open to having guests from a variety of fields and disciplines, such as a librarian, gardener, or moderator. In an episode titled “Speedrunning with Omnigamer,” Zhu and his first guest, Eric Koziel, discuss the intricacies of “speedrunning,” playing a video game with the goal of beating it as fast as possible. Koziel describes it as a medium for doing an optimization challenge. Since the games are just software, he and Zhu explored how speedrunning intersects with coding and talked about some of the parallels with maintaining open source software.

The next two episodes are a series with guest Stephanie Hurlburt, a graphics engineer and owner of the company that makes Basis, an image/texture compression product. They delve deeper into how business development is relevant to open source, setting healthy boundaries, inherent vs. perceived value, marketing, and more.

If you’re looking for a new podcast to add to your subscriptions, Zhu’s Maintainers Anonymous offers a wide variety of topics and perspectives that touch on open source, maintainership, and other aspects of life and business in the world of technology. New episodes are available on the podcast’s website, and listeners can also subscribe via RSS, Apple Podcasts, Google Podcasts, or Spotify. Follow @MaintainersAnono on Twitter for all the latest.

WPTavern: Celebrate Earth Day by Learning about Environmentally Friendly Web Development on WordPress.tv

Wordpress Planet - Mon, 04/22/2019 - 22:11

Today is Earth Day, a worldwide annual event first celebrated in 1970 that focuses on addressing environmental concerns. Earth Day Network coordinates 192 countries with more than a billion people participating in today’s event. The organization uses WordPress to build the world’s largest environmental movement through education, public policy, and consumer campaigns.

Over the past few years, environmentally-friendly web development has become an increasingly popular topic at WordCamps. Several presentations are available on WordPress.tv that highlight how web developers have the ability to make a positive impact on reducing the internet’s carbon footprint.

Jenn Schlick, a project manager at the MIT Energy Initiative, was one of the first WordCamp speakers to bring greater awareness to this topic with her presentation on Low-Carbon Web Design at WordCamp Finland in 2016. She explained a few ways that developers can minimize a website’s carbon footprint by choosing online services that are powered by renewable energy and optimizing for performance.

In 2017, Tom Greenwood gave a presentation titled Zero Carbon WordPress that challenged the community to help tackle climate change. With WordPress powering such a large percentage of the web, the community has the opportunity to lead the way in developing sites that use less energy, powered by hosts that run on renewable energy sources.

More recently, Jack Lenox spoke at WordCamp Bordeaux 2019 on “How better performing websites can help save the planet.” His presentation had a stronger emphasis on performance with practical steps for simplifying the interface, reducing code, using the right image file types, caching, accessibility, and more.

Lenox has also created a tiny WordPress theme called Susty that he said is “an experiment in minimalism.” It loads WordPress with just 6KB of data transfer.

At WordCamp Nordic 2019, Jaakko Alajoki gave a presentation titled Environmentally friendly WordPress development, with experiments that used a Raspberry Pi web server and power meter to demonstrate power consumption. The session should be available on WordPress.tv soon.

Cosmic

Drupal Themes - Sat, 04/20/2019 - 10:24

WPTavern: AMP Plugin for WordPress 1.1 Adds Experimental PWA Plugin Integration, Pre-release of AMP Stories Editor Available in 1.2-alpha

Wordpress Planet - Sat, 04/20/2019 - 02:16

Version 1.1 of the AMP Plugin for WordPress was released this week after four months in development and 125 merged pull requests from contributors. It includes CSS tree shaking improvements that restore AMP compatibility for WordPress’ default Twenty Nineteen theme, reducing the size of its stylesheet by 53%.

In an effort to get more users opting for the Native mode option, the plugin’s development team has rebranded the template modes:

In this release the Paired mode has been rebranded as Transitional mode. One reason for this is that the classic mode was also a paired mode (where there are separate parallel URLs for the AMP version). But more importantly, the goal for this mode is to help facilitate a transition a site to being AMP-first, where there is no separate AMP-specific URLs. So the goal of the Transitional mode is to be a path to Native mode.

The team has also decided to rebrand Classic mode to “Reader” mode, instead of deprecating it. It provides a basic AMP template for getting started that doesn’t necessarily match the site’s theme. Users can can add an “Exit Reader Mode” to the header of their sites with a setting in the Customizer.

Version 1.1 introduces compatibility with the PWA feature plugin, bringing support for the service worker to AMP pages. It extends the service worker to cache AMP CDN assets, images, and Google Fonts. Since the PWA feature plugin is still under active development, the service worker integration is still considered experimental.

Support for creating AMP Stories in WordPress is the next major feature coming to the plugin. A pre-release of the AMP Stories editor is available in 1.2 alpha 1, which also requires the latest version of the Gutenberg plugin. It uses the Gutenberg editor to allow users to build AMP stories with rich media capabilities.

A preview of the AMP Stories editor was unveiled at AMP Conf 2019 in Tokyo, Japan. Check out the video below to see Alberto Medina give a quick demonstration of how it will work in the upcoming version 1.2 of the AMP for WordPress plugin.

Post Status: “Become the best version of yourself.” An Interview with Rich Tabor

Wordpress Planet - Fri, 04/19/2019 - 21:15

Rich Tabor is transitioning to a new role now as Senior Product Manager of WordPress Experience with GoDaddy. In the past three years, Rich founded a digital agency, launched a popular PhotoShop resource site, and started ThemeBeans, a successful WordPress theme shop.

ThemeBeans and CoBlocks, Rich’s suite of page builder blocks in a plugin, have gone with him to Godaddy. (CoBlocks remains free, and now all the ThemeBeans products are too.) Rich took some time to reflect with us on his path so far and where he sees the WordPress ecosystem going in the future.

Q: What led you to dive into the new post-Gutenberg reality of WordPress and create CoBlocks and Block Gallery?

I’ve been fascinated by the block editor ever since Matias’s Gutenberg demo during WordCamp US 2017. I was instantly convinced that Gutenberg would lead us into the next era of creation in WordPress. I saw an opportunity, was in a position to execute and had enough expertise to take it on.

Q: Did sales for these products meet your expectations?

I actually did not release paid versions for either CoBlocks or Block Gallery. There were plans to monetize both plugins, but at the time we were focused on delivering innovative solutions to Gutenberg and pushing the editor to its extremes. Adoption-wise, both plugins grew particularly fast, and are continuing to do so. In that sense, they most certainly exceeded my expectations.

Q: What do you see as the near and long term future of the WordPress ecosystem? As solo developers and small firms are increasingly hired by bigger fish, especially hosting companies, will there still be a place for small entrepreneurs?

I believe that the WordPress ecosystem will continue to be an innovative field for both entrepreneurs and larger companies. It’s all about innovation and being able to execute — regardless of the size of the team behind the product or idea.

And over the last few years, the WordPress economy and its entrepreneurial leaders, have evolved into quite a mature ecosystem. I’d say the fact that companies such as GoDaddy are investing in the future of WordPress is a huge sign of that maturity and growth in our industry. Hosts, in particular, are uniquely equipped to make a huge difference in how so many folks use WordPress. Investing in products and talent that level-up the overall WordPress experience is good for us all.

Q: What about GoDaddy made it seem like a good fit or you? Did you consider any other types of companies outside the hosting space?

I flew out to Phoenix to meet the WordPress leadership team at GoDaddy and it became quite clear that they were all-in on this new future of WordPress + Gutenberg.

GoDaddy has assembled a passionate and highly qualified team of folks who are hyper-focused on improving the WordPress experience and leading the next wave of innovation in this space. Joining this team and leading the efforts as the Senior Product Manager of WordPress Experience is a good and logical fit to fulfilling my personal mission to help make WordPress beautifully simpler. I knew that what we’d build would touch millions of sites and empower people all over the world to succeed online.

Q: Before GoDaddy came along, what was your plan in terms of growth and long-term sustainability?

Having run a successful theme shop for a number of years, I understood the importance of having a solid plan for growth and sustainability.

My plan for both CoBlocks and Block Gallery was to release top-tiered paid versions of each, with innovative tools, blocks and design systems. Those would have likely arrived in Q3 of 2019, as our focus for the first half of the year was to innovate and grow our user base. Now I hope to continue on that same development trajectory, adding many of those same features to the current plugins.

Q: What is your best advice for someone who is currently independent and wants to build a small business in the WordPress space today? What are the best lessons or advice you can provide?

First off, don’t let an opportunity get away from you. Learn to identify opportunities that you are perfectly suited to execute on, then dive right in. Don’t hesitate to ask for help and don’t be afraid to try something new. Learning how to learn and then taking that a step further by continuing to learn every single day, is a catalyst for enormous personal and professional growth. It’s not all about making cool stuff, it’s about challenging yourself to become the best version of yourself; the rest will fall into place.  

Exsen

Drupal Themes - Fri, 04/19/2019 - 05:45

A base commerce admin theme for extension.

WPTavern: WordPress 5.2 Will Add 13 New Icons to the Dashicon Library

Wordpress Planet - Fri, 04/19/2019 - 02:05

Dashicons, the WordPress admin icon font, will be getting its first update in three years when WordPress 5.2 ships. The library will be updated to use WOFF2 (Web Open Font Format 2), replacing the previous WOFF 1.0 format for improved compression. WOFF 1.0 will still be included in core to maintain backwards compatibility.

In addition to the new font file format, Dashicons is adding 13 new icons to the library and CSS declarations for 18 icons that were previously unavailable. The additions span a range of categories, including Buddicons, Core Teams, sites, menus, social, and miscellaneous.

Nate Allen, a Senior Web Engineer at 10up, is a new contributor to the Dashicons library, even though he is not a designer.

“WordPress has had a ‘businessman’ dashicon for as long as I can remember, but didn’t have a female or gender neutral version – until now!” Allen said.

“Previously I worked for Firefly Partners, an agency that builds WordPress sites for nonprofits. I was working on a project for a woman’s rights organization that needed a ‘staff’ post type. It was a little awkward explaining to them that there was a ‘businessman’ icon we could use for free, or they could pay extra to have a custom ‘businesswoman’ icon designed. Not a great look for WordPress.”

Allen submitted a GitHub issue, to see if someone would be willing to create a “businesswoman” and “businessperson” icon, but nobody had the time. Dashicons is maintained by a volunteer team and it can take a long time to get new icons designed.

“About 5-6 months later I learned how to use Illustrator to create vector icons and submitted the icons myself,” Allen said. He submitted the PR and the new icons he created will be included in the next release of WordPress.

These business people icons are useful for projects that include creating things like custom post types for bios, testimonials, team members, and job postings. WordPress 5.2’s updates to Dashicons make the library more inclusive and useful for more diverse projects.

WPTavern: WooCommerce 3.6 Released with New Product Blocks and Major Performance Improvements

Wordpress Planet - Thu, 04/18/2019 - 19:31

WooCommerce 3.6 was released this week after six months in development. Store owners with sites running on WordPress 5.0+ will now have access to eight new product blocks, including hand picked products, featured products, products by category/attribute, sale products, new products, top rated, products, and best selling products.

These blocks were previously available as a feature plugin but have now been rolled into WooCommerce core. The plugin now requires WooCommerce 3.6 and will continue to be used for iterating and exploring future WooCommerce block editor features.

Performance improvements were one of the major focuses for this version, which introduces product data lookup tables. WooCommerce core developers’ long term plan is to move post meta to custom tables and a feature plugin is currently in development towards this goal. In the meantime, lookup tables provide a structured index for product data that speeds up querying. This version also brings improvements to transient invalidation, changes to REST API initialization, caching improvements, and more.

WooCommerce developer Timmy Crawford highlighted a few frontend performance improvements in the 3.6 release post:

  • A 62% improvement in the load time when ordering and filtering products
  • Reduced overall load time by bypassing inactive webhooks
  • Reduced the load time for pages with category or product attribute lists
  • Reduced load time of product pages with attributes

This release also includes the controversial new marketplace suggestions that advertise official extensions inside the WooCommerce admin. The setting for turning them off can be found under the “Accounts & Privacy” section of the admin.

For the full list of additional enhancements in 3.6, check out the release post or view the plugin’s changelog. The release should be backwards compatible with sites running WooCommerce 3.0+, but testing how the update affects themes and extensions is highly recommended before updating. Version 3.6.1 was released today to fix some issues 3.6.0 had with certain hosting environments.

WPTavern: Gutenberg 5.5 Adds New Group Block for Nesting Child Blocks

Wordpress Planet - Thu, 04/18/2019 - 03:00

Gutenberg 5.5 was released with the long-awaited Group block, previously known as the Section block. It was renamed to avoid confusion with the HTML5 section element and prevent potential overlap with future site/theme type sections, such as headers, sidebars, and footers. The first iteration of the Group block supports the ability to nest other blocks inside it and the ability to align the block and any of its child blocks that include alignment settings.

“It’s a minimal version at the moment and improvements about the flows to add inner blocks, group/ungroup blocks are expected in follow-up releases,” Gutenberg phase 2 technical lead Riad Benguella said. In testing the feature I found that it is indeed a rocky start and far from intuitive to use but a more refined grouping experience will be developed after further testing and feedback.

The Group block lays the foundation for a future where WordPress themes may evolve to become block templates. In response to a comment about how the Group block could essentially replace the widget management interface, Benguella offered a glimpse of how Gutenberg will eventually transform the theme industry:

In a world where themes are made of block templates instead of php templates, there’s no need for widget areas.

That said, Gutenberg is a huge change for WordPress and its community. With the new blocks concept, Phase 2 is about helping the WordPress community adopt this new concept without completely changing what a theme means in WordPress. We shouldn’t just abandon existing themes and switch into full-site editing without an iterative plan.

We’ll eventually get there where everything is made of block templates and blocks but we need to make smaller steps first and the first one is the ability to use blocks instead of widgets in existing themes.

Gutenberg 5.5 also adds the image fill option and vertical alignment support to the Media and Text blocks.

This release also includes a few minor but useful improvements, such as automatically populating the link field when the selected text is an email.

The Gutenberg team is also making progress on the new widgets screen with a barebones testing version in place that will allow them to start investigating and tackling technical issues related to this screen. It’s not functional yet but provides a place to further explore the block editor in this context.

The bug fixes included in Gutenberg 5.5 will be in the upcoming WordPress 5.2 release, which was previously targeted for April 30. There is currently a proposal open for pushing it back to May 7, due to the number of open tickets.

WPTavern: PluginVulnerabilities.com is Protesting WordPress.org Support Forum Moderators by Publishing Zero-Day Vulnerabilities

Wordpress Planet - Wed, 04/17/2019 - 03:37
image credit: Jason Blackeye

A security service called Plugin Vulnerabilities, founded by John Grillot, is taking a vigilante approach to addressing grievances against WordPress.org support forum moderators. The company is protesting the moderators’ actions by publishing zero-day vulnerabilities (those for which no patch has been issued) and then attempting to contact the plugin author via the WordPress.org support forums:

Due to the moderators of the WordPress Support Forum’s continued inappropriate behavior we are full disclosing vulnerabilities in protest until WordPress gets that situation cleaned up, so we are releasing this post and then only trying to notify the developer through the WordPress Support Forum. You can notify the developer of this issue on the forum as well. Hopefully the moderators will finally see the light and clean up their act soon, so these full disclosures will no longer be needed (we hope they end soon).

In the linked incidents cited above, Grillot claims that moderators have deleted his comments, covered up security issues instead of trying to fix them, and promoted certain security companies for fixing hacked sites, among other complaints.

In response, Plugin Vulnerabilities has published a string of vulnerabilities with full disclosure since initiating the protest in September 2018. These posts detail the exact location of the vulnerabilities in the code, along with a proof of concept. The posts are followed up with an attempt to notify the developer through the WordPress.org support forum.

Grillot said he hopes to return to Plugin Vulnerabilities’ previous policy of responsible disclosure but will not end the protest until WordPress.org support forum moderators comply with the list of what he outlined as “appropriate behavior.”

WordPress’ security leadership is currently going through a transitional period after Aaron Campbell, head of WordPress Ecosystem at GoDaddy, stepped down from his position as head of security in December 2018. Automattic Technical Account Engineer Jake Spurlock is coordinating releases while the next person to wrangle the team is selected. This announcement was made in the #security channel, but Josepha Haden said there are plans for a more public post soon. Campbell did wish to publish the details of why he stepped down but said that he thinks it is important to rotate that role and that “the added influx of fresh energy in that position is really healthy.”

When asked about the Plugin Vulnerabilities’ protest against WordPress.org, Spurlock referenced the Responsible Disclosure guidelines on WordPress’ Hackerone profile. It includes the following recommendation regarding publishing vulnerabilities:

Give us a reasonable time to correct the issue before making any information public. We care deeply about security, but as an open-source project, our team is mostly comprised of volunteers.

Spurlock said that since those guidelines are more pertinent to core, dealing with third-party plugins is a trickier scenario. Ideally, the plugin author would be notified first, so they can work with the plugins team to push updates and remove old versions that may contain those vulnerabilities.

“The WordPress open-source project is always looking for responsible disclosure of security vulnerabilities,” Spurlock said. “We have a process for disclosing for plugins and for core. Neither of theses processes include posting 0-day exploits.”

Grillot did not respond to our request for comment, but the company’s recent blog posts contend that following responsible disclosure in the past would sometimes lead to vulnerabilities being “covered up,” and even at times cause them to go unfixed.

WordPress.org support forum moderators do not permit people to report vulnerabilities on the support forums or to engage in discussion regarding vulnerabilities that remain unfixed. The preferred avenue for reporting is to email plugins@wordpress.org so the plugins team can work with authors to patch plugins in a timely way.

However, in the wild west world of plugins, which includes more than 55,000 hosted on WordPress.org, there are times when responsible disclosure falls apart and occasionally fails users. Responsible disclosure is not a perfect policy, but overall it tends to work better than the alternative. The Plugin Vulnerabilities service even states that they intend to return to responsible disclosure after the protest, essentially recognizing that this policy is the best way to coexist with others in the plugin ecosystem.

In the meantime, publishing zero-day vulnerabilities exposes sites to potential attacks if the plugin author is not immediately available to write a patch. The only thing WordPress.org can do is remove the plugin temporarily until a fix can be released. This measure protects new users from downloading vulnerable software but does nothing for users who already have the plugin active. If site owners are going to protect themselves by disabling it until there is a fix, they need to know that the plugin is vulnerable.

Plugin Vulnerabilities’ controversial protest, which some might even call unethical, may not be the most inspired catalyst for improving WordPress.org’s approach to security. It is a symptom of a larger issue. WordPress needs strong, visible security leadership and a team with dedicated resources for improving the plugin ecosystem. Plugin authors need a better notification system for advising users of important security updates inside the WordPress admin. Most users are not subscribed to industry blogs and security services – they depend on WordPress to let them know when an update is important. Refining the infrastructure available to plugin developers and creating a more streamlined security flow is critical for repairing the plugin ecosystem’s reputation.

WPTavern: WordCamp for Publishers is Coming to Columbus, OH, August 7-9, Call for Speakers Now Open

Wordpress Planet - Mon, 04/15/2019 - 22:50

The third edition of WordCamp for Publishers will be held in Columbus, OH, August 7-9, 2019, at the Vue Columbus. This unique event is a niche-specific WordCamp for professionals working in the publishing industry. Previous locations include Denver and Chicago. In looking for a host city for 2019, organizers had a preference for cities that are “underrepresented media markets” where attendees may not see as many of these types of events. Columbus certainly fits the bill.

The call for speakers and workshop facilitators is now open. Organizers are looking for presentations from all types of professionals across the publishing industry, including writers, journalists, editors, designers, developers, data journalists, project managers, product managers, and program managers. The event will feature three types of sessions:

  • 45 minute presentations (inclusive of Q&A)
  • 90 minute workshops
  • 5 minute lightning talks

Applicants may submit up to three proposals until the deadline on Monday, May 6th at 11:59 EDT.

Last year’s event brought controversial and thought-provoking presentations, such as “Why we ditched AMP, and other UX choices we made for launching membership” and “Reader revenue and the less open web,” an interesting exploration of the implications of paywalls on the open web. All 2018 presentations are available on WordPress.tv, if speaker applicants need any ideas about the types of presentations that are relevant to the event. Last year’s theme was “Taking Back the Open Web,” but organizers have not yet announced a theme for 2019.

The first batch of tickets is already on sale. Previous years have sold out fairly fast, so make sure to follow @wcpublishers on Twitter for all the latest information.

Matt: Happy Tools, for the Future of Work

Wordpress Planet - Mon, 04/15/2019 - 19:54

Distributed work is becoming a reality for more companies. Automattic has been operating in a distributed-first fashion for more than 13 years now — we’re now up to more than 850 employees in 68 countries. But even in companies with physical offices, more employees are distributed around the globe and working together. Google just shared some fascinating stats about its work culture, with 100,000 employees working across 150 cities. Two out of five work groups have employees working from more than one location:

We’re a more connected world, so it makes sense that global business wouldn’t be confined to just one physical space. I often use Google as an example because I’ve been in meetings there where people were one building away from each other but still using video chat because of the time required to walk between meetings on their campus.

With that in mind, the team at Automattic has decided to start sharing our expertise and the technology that makes it all work. Introducing Happy Tools:

Our first product is Happy Schedule, which helps teams manage flexible schedules across time zones. Right now we’re rolling it out in a consultative way with just a few early customers to make sure the team can be totally responsive to their needs. We’re excited about this and other upcoming tools, because we believe that this is the future of work. We’re excited to have other companies give it a try.

Keep an eye on this space: There’s an entire suite of tools that make up the operating system of what has helped Automattic scale so effectively over the years. I’ve always believed it’s important to invest in your internal tools, and I’m excited to release more of them. If there’s something better in the market, we won’t release a tool for it—I’d rather use something external than have to build things ourselves—but where the industry still has a gap after such a long time, we’ll throw our hat into the ring.

WPTavern: WordCamp Europe Publishes 2019 Speaker Lineup, Contributor Day Registration is Now Open

Wordpress Planet - Mon, 04/15/2019 - 16:33

WordCamp Europe 2019 is 66 days away. The event will be held in Berlin on June 20-22, occupying 13,000m² of the Estrel Congress Center. More than 2,266 tickets have been sold so far, roughly 100 tickets short of what the event sold last year.

All 59 speakers have now been announced and the schedule is published on the website. Organizers added a third track this year to accommodate the various lightning and traditional talks, workshops, and panels.

WordCamp Europe received a record-breaking number of submissions and applicants this year after making a stronger effort to improve representation of the diversity of the WordPress’ community. Organizers received 453 submissions from 267 applicants, a 20 percent increase over 2018 submissions. Approximately 1% (4 applicants) identified outside of the gender binary, 34% were female, and 65% male. The breakdown for 2019 selected speakers is 43.4% female and 56.6% male.

Contributor Day registration opened today and will close May 31, 2019. The event will take place on June 20, one the day before the main conference in the same venue. Organizers have build a new Contributor Orientation Tool to help new contributors identify one or more of the Make WordPress teams where they can apply their skills. Tickets are free for WCEU attendees but spots are limited. There were only 157 Contributor Day tickets remaining this morning and those places are going quickly.

Mili

Drupal Themes - Sun, 04/14/2019 - 16:15

Mili is a clean, elegant and multipurpose Drupal 8 Theme.
Theme is a clean, modern and very easy to customize according to your needs. It is quick and easy to setup.

Mili is built for ALL types of Business, corporate and consulting agency business.
Read more about mili theme

Dependencies

None
Its also not dependent on any third party modules. All it uses is Drupal core modules and features.
All its features like Slider, Drop down menu etc are inbuilt. However, you may install and use any drupal supported module with this theme.

Main Features
  • Drupal 8.x compatible
  • Fully responsive
  • Inbuilt slider
  • Support one / two / three column page layout
  • Social media icons: Facebook, Twitter, Google+ integration etc.
  • Drop Down menu
  • Use of Google Font.
  • Many collapsible blocks region.
  • Compatible on IE9, IE10, Opera, Firefox, Chrome browsers.
  • Custom Homepage
  • Custom Maintenance page
  • Easy Theme settings for customization
  • Google material font icons
  • Custom shortcodes to create content like services, projects etc.
Live Demo

Live Demo of Mili Theme

Theme Documentation

A complete documentation with screenshots on how to install and use this theme is available.
Mili theme documentation

Mili theme is designed and developed by Drupar.com

Theme Support

Me and other members of Drupar.com team will be happy to help you with any issue related to this theme. You can ask for support on our dedicated support forum.
Get Support for Tara theme

What We Can’t Help You With
  • New features implementation and extending themes functionality
  • Themes modifications and customization
  • Server-side issues
  • Third-party modules
Contact Drupar

If you have any query like custom modification of theme or theme installation on your hosting server, please do not hesitate to contact us.
Contact Drupar

More Drupal Theme

Not happy with tara theme. Browse other themes developed by us
More Drupal Themes

Connect with us

Connect with us on facebook and twitter to get latest updates about our Drupal projects.
Follow Us on twitter
Like Us on Facebook

Pages