WordPress 4.4 Released

2016ipadWordPress 4.4 has been released! This release introduces the new default theme Twenty Sixteen, responsive images, post embeds, the basic infrastructure for the upcoming REST API, and more.

466 volunteers contributed to this release, lead by Scott Taylor. That’s a new record for WordPress, almost doubling the last release! At the time of writing this, WordPress 4.4 has been out for only 30 minutes, and has already been downloaded 58,192 times!

All users can now safely update from Dashboard -> Updates or download and update manually, though you should probably backup first just in case, unless you’re already using VaultPress, which you really should be.

If you run into any problems, stop by the known issues first, and please let us know if it’s not covered there!

The WordPress.com Desktop App

wpappThere’s a new desktop app for WordPress blogs, this time from the good folks at Automattic, the people behind WordPress.com. I know many of you have heard me say that WordPress.com and WordPress are two entirely separate entities, so let me clear this up right now. You can use this app with both WordPress.com and self-hosted WordPress(.org) blogs! Despite the app’s name, you can connect your self-hosted WordPress blog to WordPress.com with Jetpack and it’s Manage module, allowing you to work with your self-hosted WordPress blog in both WordPress.com and the app.

The new desktop app is mostly a wrapper for Calypso, the new WordPress.com interface packed full of the latest web technology. Calypso is where the real fun lies, conceived as an answer to “What if we rebuilt WordPress from scratch today?” It’s fast, responsive, and open source, with real-time notifications, the ability to work with multiple sites through the same interface, and a thoroughly re-built editor.

The desktop app brings Calypso to you in a browser-free app, free of occasionally troublesome browser extensions and poor support of the latest web technologies from certain browsers I dare not name, leveraging the processing power and local storage of your computer. It’s a whole new way to experience WordPress, packed into one convenient application.

Try the new WordPress.com Desktop App today, or even just Calypso at WordPress.com itself, you won’t be disappointed. 🙂

Gallery

Automattic Meetup 2015

This year, Automattic went back to Park City, Utah! The big difference this time? Our “almost 300” has grown to 400 employees spanning the globe, many joining us from the WooThemes acquisition earlier this year. With so many colleagues from around the world, it’s great to see everyone at least once a year, and build great things in person.

Some aforementioned great things were indeed made this year, keep your eyes on the WordPress.com Blog and the Jetpack Blog for news, but perhaps more interesting (or at least more fun) was the introduction a live band made up of some of my more talented colleagues. I don’t think the band will be producing any albums, but it sure made for a fun night! 🙂

For more photos, visit colleagues Adam Heckler and Greg Stewart, and don’t forget that we’re always hiring!

James and Greg

James and Greg

WordPress Security and Auto-Updates

autoupdatesWordPress 4.3.1 was released six days ago and included three security fixes. If you haven’t done anything silly to disable auto-updates, you would have been automatically updated within an hour of the announcement (and in some cases even before the announcement). If you have disabled auto-updates, your site was publicly at risk until you manually updated, and if you still haven’t updated, you had better do so now.

Auto-updates are not only crucial, they are almost quite literally the least you can do to protect your site. When a security update is announced, along with the vulnerabilities being made public, you could trust your site to update itself quickly and efficiently with no effort on your part, or you could disable all of that and keep your site vulnerable until you got around to doing it yourself. Sure, there is a very slim possibility that a feature of a plugin on your site may momentarily break until its developer fixes it, but such a thing is insignificant compared to recovering a hacked site, or losing an unrecoverable hacked site, just because you decided to let it live with publicly known vulnerabilities.

This doesn’t just extend to WordPress core. Plugins and themes get occasional security updates too. While WordPress doesn’t automatically update those by default, you can make it do so by modifying wp-config.php, using a plugin, or a service like Jetpack Manage. Just like with WordPress core, the updates will be applied within an hour of the release. And, if you’re worried about losing theme modifications, make sure that you’re using a child theme or a plugin like Jetpack Custom CSS so that you can modify your theme in a way that still allows you to safely update the parent theme.

When it comes to securing WordPress, there’s a lot you can do, but allowing auto-updates to function is by far the best way to keep your site secure, and almost quite literally the least you can do. Enjoy the freedom and security that auto-updates afford to you and your site.

WordPress 4.3 Released

si600WordPress 4.3 has been released! This release introduces menu and site icon controls to the customizer, formatting shortcuts to the editor, stronger password enforcement, and more.

246 volunteers contributed to this release, lead by Konstantin Obenland. At the time of writing this, WordPress 4.3 has been out for a bit over 2 hours and has already been downloaded 373,399 times!

All users can now safely update from Dashboard -> Updates or download and update manually, though you should probably backup first just in case, unless you’re already using VaultPress, which you really should be.

WordPress 4.2.4 Released

wordpress600WordPress 4.2.4 has been released. This is a critical security release, addressing 6 security vulnerabilities, as well as 4 bugs (including a few you may have run into during the last security fix).

A huge thanks to the folks who kept us all safe by responsibly disclosing the security vulnerabilities.

If you have not done anything silly to disable automatic updates, you were already updated hours ago. If you did do something silly to disable automatic updates, then your site has been vulnerable to 6 now publicly known security vulnerabilities for at least the past 10 hours, so you should really update manually right now, and then turn your automatic updates back on.

As always, if you run into any trouble, please let us know!

Small Twitter Victory

twvictoryWhile my tiny corner of the world is being loomed over by the type of room-shaking thunderstorms it rarely experiences, I did find a tiny ray of sunlight. MacManX on Twitter is finally mine, after spending the last five years trying to wrestle it from the clutches of a long-abandoned tech news account. I don’t know why it’s so important to me, but it always bothered my that it was just sitting there unused and unloved, while I had to use MacManXcom instead. Well, now it’s mine. Time to find some sort of tiny victory horn to blast, but probably no one will hear it over this thunder.

Changing usernames on Twitter is shockingly easy, it’s actually just another settings field. You type in a new username, it instantly displays if it’s available, and you save your settings. Your Tweets are transferred over, your Followers are transferred over, everything is transferred over. I was very impressed. The only negative point is that there is no way to redirect the old username. You have officially given it up for someone else to have, which I suppose is perfectly fair. One minute to change the username, one hour to find and change any links and integrations that are within my power to change, and another hour to take a black marker to my business cards (way too many business cards). A nearly five-year struggle was over in two hours.

Gallery

Doobies Inc. at House of Blues

Sarah and I, plus a few of our friends, had a great time last night catching good friend Lawrence Tamez (saxophones and percussion) with Doobies Inc., a Doobie Brothers tribute band, at House of Blues in Anaheim. I figured I might as well share a few photos here, because stage lights are cool. If there’s a Doobies Inc. show in your neighborhood, you absolutely must go!

Sequoia National Park Trip

My wife and I felt it was about time for a vacation, so we took a few days to drive up to Sequoia National Park. On the first day, we took the easy Crescent Meadow Trail and somehow wound up on the far-less-easy Trail of the Sequoias (lovingly referred to as the Trial of the Sequoias) and all the trails we then had to take to get back to where we started. On the second day, we planned to visit Moro Rock, but wound up on the much longer trail to Moro Rock instead.

We certainly made a few mistakes along the way, but those mistakes lead us to some amazing views that we would otherwise have missed. We look forward to returning next year for everything we had actually planned to see this year. 🙂

Trail of the Sequoias 9

Team Rads in Malta

Two weeks ago, Team Rads of Automattic met in Malta to focus our efforts on launching the inevitable WordAds 2.0 and to investigate unique marketing opportunities. We are an ever-growing distributed team, with three of us in California, one in Australia, one in Iceland, one in Portugal, and our newest team member in Italy, so we try to get together a few times each year to work out things that can’t be done over email, o2, and Slack.

Malta is an amazing country, and I really hope I can go back some time in the future to enjoy it as a vacation rather than just a business destination. We toured the island by bus and boat, and even visited the famous Blue Grotto. I also managed to take a few photos along the way.

Does any of this look interesting to you? Then I have some great news for you! If you want to work at Automattic, we’re hiring!

Team Rads in Malta