[wp-hackers] 1.5.2

[Scott Merrill]

Roy Schestowitz wrote:
> Each time it appears as if the final ("Grand") update has come around 
> and yet
> another one comes around and demands attention.

Software will never be "complete".

> The only big pro I can think of are people installing WordPress for the 
> first time.

There are a lot of niggling bugs in 1.5.1.3.  Each WordPress upgrade has 
been _painless_ for me, and I'd venture for most other folks, too.  It's 
not too hard to download, run upgrade.php, and enjoy all the new bugfixes.

> of Webmasters feel like they use a stable version that is out-of-date? Then
> there emerges the fear over security issues. Not everyone keeps track of 
> what
> the changes between releases actually are. I can't stress the latter point
> strongly enough...

I would suggest that before a 1.5.2 release, we make a concerted effort 
to audit all mechanisms that accept user input, and make sure that 
exploits are as mitigated against as possible.

As for what to put in, I say all the requested plugin hooks: they're 
easy to implement and don't significantly change current behavior.

XMLRPC and post-by-email should trigger publish_post, if they don't yet.

Future-dated posts should not generate pings.

Adding the new search plugin would be useful, to get it into people's 
lives before 1.6, when there's likely going to be a fresh rush of people 
looking for support.

I'd be tickled to see my WP-DB Backup plugin bundled with (or rolled in) 
the main download.  The new version is super sexy, thanks to Owen.  Now 
if only I could find someone to write a "Restore" routine for me... =)

Would now be a good time for the "4 spaces to tabs" conversion?
    http://trac.wordpress.org/ticket/986

What about the update service?
    http://trac.wordpress.org/ticket/1476
I really think this is a good idea.

-- 
skippy at skippy.net | http://skippy.net/

gpg --keyserver pgp.mit.edu --recv-keys 9CFA4B35
506C F8BB 17AE 8A05 0B49  3544 476A 7DEC 9CFA 4B35