[wp-hackers] [wp-testers] WordPress 3.0.2
eric at eam.me
Thu Dec 2 19:05:40 UTC 2010
I appreciate your sentiment, but I wholeheartedly disagree.
WordPress 3.0.2 was not a feature update. It didn't add new hooks or
filters. It didn't change the (expected/documented) behavior of core
functionality. This new release fixed specific bugs and security
vulnerabilities that existed in WordPress 3.0.1.
To have a public beta period for a security fix announces to the world that
there is a problem and potential exploit for blogs living in the wild and
points out specifically that they have no way to defend themselves. It
opens every site up to a publicly-known, documented security risk.
Maintenance patches should *always be pushed as quickly as possible to the
market. They fix live bugs and help site administrators better protect the
content and frameworks for which they're responsible.*
**WordPress 3.1 (the actual feature release) is still in beta and is giving
plug-in and theme developers ample time to bring their systems up-to-spec
with the latest version. But any system built to the documented specs of
WordPress 3.0.1 should work with 3.0.2 unless you were specifically using
the broken functions in the way we were trying to fix.
On Thu, Dec 2, 2010 at 10:55 AM, Trent Martin <trentmar at gmail.com> wrote:
> Wow, it would be nice for us plugin developers if you guys would give us
> even a few days advance notice on these things, especially considering your
> record of breaking plugins and themes with your updates.
> The problem is that when people see the "Please update now" notice on their
> dashboard, and you call it a mandatory update, of course they are going to
> update. But with no advance notice, that means that no plugins or themes
> have even been tested with the update. As far as I can tell, there was also
> no public beta testing for this either, are you just hoping everything will
> work? Even your e-mail announcement to the wp-testers list came a day after
> the actual release.
> With tens of thousands of plugins and themes used by millions of people,
> really need to better consider the impact of your releases. It's hard
> keeping compatible with each update, but you make it so much harder when we
> suddenly open our e-mail to find a flood of support requests because of a
> surprise WordPress release. We had to drop everything yesterday to update
> all our test sites, scramble though our full test procedures, and respond
> all the support requests telling people our plugins are still compatible.
> Perhaps you need to put a disclaimer on releases that no plugin or theme
> developers were previously aware of it and nothing has been tested yet so
> install at your own risk.
> If there is a better way to keep on top of upcoming releases that I am just
> missing, please let me know. And yeah maybe this release was relatively
> minor but there is rarely a WordPress release that doesn't affect many
> plugins one way or another.
> Are there any other plugin and theme developers out there who agree?
> As most of you know, WordPress 3.0.2 was released Tuesday. This is a
> mandatory security release for all previous WordPress versions.
> Those wishing to continue to test the 3.1 Beta, please note that the
> currently nightly build (3.1-beta1-16642) contains the fixes that were
> included in 3.0.2.
> I'd advise you to update your plugin compatibility as appropriate. Plugins
> should be unaffected by this release.
> Here's a summary of the changes:
> wp-testers mailing list
> wp-testers at lists.automattic.com
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers