WordPress Planet

July 31, 2015

WPTavern: How to Avoid This Embarrassing Sharing Bug on WordPress.com

If you use the sharing feature on WordPress.com, you may have noticed an anomaly between your post title and what’s shared to social services. Since the post title is the first field to complete when writing a post, it makes sense to fill it in even if it’s a work in progress.

The sharing module on WordPress.com has a bug where the initial text in a post title is used when sharing the post to social networks. For the past several months, I’ve published many articles on WordPress.com where the text within social links does not match the text used in the post title leaving me feeling embarrassed.

WordPress.com Bug in ActionWordPress.com Bug in Action

To avoid this embarrassment, you’ll need to alter the text used in the sharing module before publishing each post. If you’re using the New Dash interface on WordPress.com, locate the Sharing metabox as seen in the screenshot above. When you’re ready to hit the publish button, change the text to match your title.

Post Title Matches the Sharing TextPost Title Matches the Sharing Text

I’ve spoken to several Automattic employees at various WordPress events and they’re aware of the bug. Until it’s fixed, you’ll need to remember to change the sharing text before you publish a post.

by Jeff Chandler at July 31, 2015 09:52 PM under wordpress.com

WPTavern: WPWeekly Episode 201 – Interview With Paul Gibbs and John James Jacoby

In this episode of WordPress Weekly, Marcus Couch and I are joined by Paul Gibbs and John James Jacoby. Jacoby shares what he learned and accomplished working on bbPress and BuddyPress full-time for six months.

Gibbs explains his motivation to organize the first ever BuddyCamp Brighton, UK, that takes place on August 8th. We also discuss a new working group dedicated to possibly bringing back BackPress. Last but not least, Gibbs and Jacoby offer their opinions on PeepSo, a new social networking plugin for WordPress.

Stories Discussed:

Philadelphia, PA to Host WordCamp US December 4th–6th

Plugins Picked By Marcus:

Instagram Gallery displays a gallery from one or more Instagram accounts.

Amazon S3 Backup and Restore enables you to create full backups to Amazon S3 and restore, duplicate, clone, or migrate your site.

ResponsiveVoice Text To Speech is a HTML5 based text-to-speech library designed to add voice features to WordPress across all smart phone, tablet, and desktop devices. It supports 51 languages through 168 voices and has no dependencies.

WPWeekly Meta:

Next Episode: Wednesday, August 5th 9:30 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #201:

by Jeff Chandler at July 31, 2015 07:45 PM under paul gibbs

July 30, 2015

Matt: Hong Kong Morning

The upside of jet lag, like Om discovering the streets of Paris, are enjoying parts of the day you might not normally be awake for, like a beautiful sun rise. Here’s a time lapse I made of the Victoria Harbor in Hong Kong taken from the incredible view I have in my room.

by Matt at July 30, 2015 11:40 PM under Asides

WPTavern: Postmatic Brings 100% Realtime Commenting to WordPress with Epoch Plugin


The team behind Postmatic is aiming to breathe new life into WordPress native comments with the 1.0 release of Epoch today. The plugin was created to provide a Disqus alternative with faster loading and submitting for comments.

Epoch’s creators set an ambitious goal for themselves on the plugin’s description page:

The goal: To provide a realtime commenting/chat experience using fully native comments while being compatible with page caching, CDNs, mobile, other comment plugins, and SEO best practices.

The plugin submits comments via AJAX, which means that comments appear instantly within the conversation without refreshing the page. The experience is designed to be so fast that it blurs the line between commenting and chatting, as comments from other readers also show up automatically with the same speed. The video below shows the plugin in action and a live demo of Epoch is available on the Postmatic website.

Epoch version 1.0 boasts compatibility with virtually any WordPress theme. The plugin will attempt to integrate with your theme via one of three ways:

  • The first tries to continue using your existing comment template while still offering all the performance gains
  • The second overrides your comment template but inherits typography and colors from your theme
  • The third totally replaces your comment template à la Disqus or Jetpack Comments


Unlike Postmatic, which has a commercial option for additional features, founder Jason Lemieux says Epoch will not be directly monetized.

“We do not have any plans to create a commercial version,” he said. “Postmatic is our primary product, Epoch exists only to make it easier for people to move back to native commenting, and in turn to use Postmatic. Epoch will be free forever.”

Compatibility with Other Comment Plugins

Epoch works seamlessly with Postmatic, i.e. it will pop up an opt-in modal allowing the commenter to subscribe to new post notifications. Using Postmatic in combination with Epoch is not required, because the plugin was created to work well on its own. It’s also compatible with many other plugins that extend comments.

“Other third party native commenting plugins have taken a heavy-handed approach and do not support the comment template hooks built into WordPress,” Lemieux said. “This creates a walled garden in which the innovation and hard work present in existing and future comment plugins is left out.

“We decided to take a different approach. We built Epoch to be compatible with other comment plugins as much as possible. Not all are, but with little tweaks here and there they work just fine.”

Version 1.0 integrates perfectly out of the box with Postmatic, WordPress Zero Spam, Akismet, WP Markdown, and WordPress Social Login.


“In our testing most anything that does not use a lot of JavaScript works just fine,” Lemieux said. “Things I haven’t tested but I assume would work would be anything that modifies or adds fields to the comment form (Subscribe to Comments, CommentLuv, various captchas).

“Fancier plugins that allow for comment editing or sorting the comment order based on voting would probably not be happy. We will have to make that functionality ourselves.”

Epoch is a Disqus Alternative with an Emphasis on Privacy

When Lemieux and his team created Epoch, the strategy was to address problems with native commenting in order to pave the way for more users to get on board with Postmatic.

“We didn’t set out with intentions of competing with Disqus,” he said. “However, a few months in it became clear that there are usually two reasons people were not using native comments, and we would need to address both if we wanted widespread adoption of Postmatic.

“The first is that the comment templates that come with a huge majority of themes just plain stink. Theme developers hate dealing with them. It’s usually an afterthought. So the commenting experience suffers. It is slow, ugly, and not at all fun.

“The second reason is that native commenting is extremely hard on the server. You can’t run native comments on a high traffic site. The server would buckle. A CDN won’t save you because the page content is constantly changing. For larger sites, native commenting is not even an option.

“Both of these problems are solved easily with solutions like Livefyre or Disqus, so they get installed. But it’s just selling your users down the river. Your data is not yours, ads start showing up on your site. Privacy is out the window. And really, the performance gains are minimal when the embedded comments still take 10 second to load because there is so much tracking JavaScript being queued up in the background.”

In contrast, Epoch loads faster than third party solutions and is completely private. Your commenters’ data is not farmed out and comments stay on your server.

“For the first time someone can say this: running native WordPress commenting will actually increase your site performance,” Lemieux said.

What’s on the roadmap for the future of Epoch?

Lemieux and his team hope to attract a larger community around the project, which is open to contribution on GitHub.

“We plan on aggressively recruiting others to join the project and we hope other developers will be inspired by what we have started,” he said.

“We are going to build out a small API to make it easier for other plugins to hook into some of the advanced functionality.

“And there are a few things that feel like they may be necessary: comment voting and a simple little like button which would be handy as a way to say, ‘I appreciate what you said, I do not have anything else to add.’ I would love to integrate that with Postmatic. I often will get a comment in my inbox and I want to recognize the thought that went into it, but don’t feel like I have anything to add. A simple little +1 would do it nicely,” Lemieux said.

The 1.0 release of Epoch is exciting news for those who have been dissatisfied with WordPress native comments but are hoping for a reason to return. The plugin is open source and available for free on WordPress.org.

by Sarah Gooding at July 30, 2015 05:45 PM under postmatic

WPTavern: Yuuta: A Free Visual Diary Theme for WordPress

Earlier this month, a new proposal landed on trac, advocating the removal of post formats from core. Many believe that this feature would be better as a plugin, since it has received little improvement over the years and is not used by the majority of WordPress users.

If the UI can be improved to be less confusing and theme support is standardized, post formats may have a chance at more widespread adoption. The feature is entirely dependent on theme support, as post formats are not enabled by default unless the theme author opts to include them. Many still do, which is why ripping them out of core in favor of a plugin would be a major undertaking.

One of the most common use cases for post formats is a diary style WordPress theme. Yuuta is a relatively popular theme on WordPress.org that revolves entirely around post formats. In the past four months, it has been downloaded more than 7,000 times. Yuuta was created to serve as a visual diary and includes support for all nine of WordPress’ post formats.


The theme was designed by Felix Dorner, owner of Studio DRNR, a Berlin-based web development company. According to its description page, Yuuta was selected as the the theme’s name based on its Japanese meaning:

Yuuta is a Japanese name and is made up of 優 (yuu) “gentleness, superiority”, 悠 (yuu) “distant, leisurely” or 勇 (yuu) “brave” combined with 太 (ta) “thick, big”.

Each post format has its own distinguishing icon and unique display. Dorner opted to use Roboto, Roboto Slab, and a sprinkling of Courier as the theme’s primary fonts. The typography choices were selected for optimal readability on all screen sizes.


Yuuta also includes specific styles for both standard and Jetpack-enabled galleries.


The theme’s design is fairly set, unless you opt to create a child theme. There are zero options in the Customizer. Much of the design customization is done on a post-by-post basis, as the featured image serves as a unique background for the post. Yuuta also includes editor styles to match the editing experience to the theme’s frontend appearance.

The primary navigation menu is hidden until toggled into view by the icon in the header, which keeps the reader focused on the content. There are no sidebars to contend with but widgets can be added to the footer.

If you’re a fan of post formats, the Yuuta theme really makes them shine. It responds to display beautifully on all devices from desktop to tablet to smartphone. Check out a live demo on Dorner’s website to see each post format in action. You can download Yuuta for free from WordPress.org or install it via your admin themes browser.

by Sarah Gooding at July 30, 2015 04:06 AM under post formats

July 29, 2015

WPTavern: Awesome Geek Podcasts: A Curated List of Tech Podcasts

photo credit: Jan Vašekphoto credit: Jan Vašek

The WordPress community produces a couple dozen high quality podcasts covering diverse topics, such as weekly news, business/entrepreneurship, education, and development. Every year the best WordPress-related podcasts are featured in roundup posts highlighting shows that are publishing new episodes regularly.

One way to venture outside the WordPress world is to expand your horizons when it comes to podcast subscriptions. Awesome Geek Podcasts is a curated list of tech podcasts that was first published in May of this year on GitHub. Since that time the repository has received 121 commits from 34 contributors.


None of the podcasts listed in the repo are directly related to WordPress, but many cover topics related to the various technologies that work in and with WordPress. The list includes approximately seven PHP-related podcasts in English (and more in other languages), along with shows focused on JavaScript, Sass, Git, and other technologies.

Other topics included in the Awesome Geek Podcasts list that might be of interest to WordPress developers include:

  • Running software companies
  • Software design, creation, and delivery
  • Front end web design, development, and UX
  • Typography, design, prototyping
  • Open source software
  • Family and life/work balance

Several of those listed follow a short format of 5 and 10-minute episodes for developers who are short on time. No matter where your interests lie in the various aspects of “geek life,” the Awesome Geek Podcast list has something for everyone.

Currently the list has separate sections for shows in English, Portuguese, Spanish, Russian, Persian, and Swedish, but it is open to contribution. Although it doesn’t seem to include many podcasts that focus on specific CMS platforms, you can try submitting a pull request for the inclusion of your WordPress-related podcast.

by Sarah Gooding at July 29, 2015 08:58 PM under podcasts

WPTavern: Behind the Scenes of WordPress 4.2.3 With Gary Pendergast

When WordPress 4.2.3 was released last week, not only did it patch a critical security vulnerability, but also adversely impacted a number of sites. Changes to the Shortcode API which were necessary as part of the patch caused some plugins that rely on the API to break. These changes were not immediately communicated to plugin developers. Nearly eight hours after its release, a post published on the Make WordPress Core blog explained the changes.

The release process of WordPress 4.2.3 left plugin authors and users scratching their heads. On one hand, point releases are not supposed to break anything. On the other, affected plugin authors were left in the dark for nearly eight hours wondering why a point release broke their plugins.

Gary Pendergast who works for Automattic, is a WordPress core contributor, and a member of the WordPress core security team, reached out to me for an interview. In the following conversation, we discuss what happened behind the scenes before 4.2.3 was released.

He clears up some confusion on when the changes to the Shortcode API were implemented. He also admits the team made some mistakes and has already implemented changes to improve the release process. One of those changes includes publishing a post on the Make WordPress Core blog as soon as the update is pushed out to sites.

I appreciate and thank Pendergast for reaching out to me to have this conversation. I look forward to similar collaborations with members of the core team in the future. A transcription of this interview is not available but if you have it transcribed and would like to make it available to the public, please contact me.

by Jeff Chandler at July 29, 2015 07:02 PM under security

WPTavern: WordPress Theme Review Team Votes to Allow Themes to Use the REST API Plugin


During this week’s WordPress Theme Review Team meeting, members considered the possibility of allowing themes hosted in the directory to make use of the WP REST API plugin. Since the API is not yet included in core, any theme or plugin author who wants to use it must have the feature plugin installed.

Ordinarily, WordPress.org themes are not allowed to require a plugin on installation (although they can suggest one). As per the Theme Review Handbook on plugins: A theme can recommend plugins but not include those plugins in the theme code.

“The core team has asked us to consider temporarily allowing the requirement of the REST API for themes that may take advantage of it,” Tammie Lister said before calling for a vote. She also noted that waiving the rule would be temporary, as the API will soon be going into core.

“This does not open up the way for others as an exception because it’s a core feature,” she said.

The team took a quick vote and all present unanimously agreed to allow themes to require the REST API plugin as a temporary measure until it is available in core. Check out the meeting logs for the full discussion.

The WP REST API is already being used in production in many different ways around the web, as revealed in the comments on project leader Ryan McCue’s recent post calling for examples. If the Theme Review Team wants to keep pace with where WordPress is headed, it must offer the flexibility to allow for more innovative themes. Temporarily waiving the guideline against plugin requirements is a smart move.

As WordPress.org accrues more examples of themes that use the REST API in a way that complies with the review team’s high standards, developers who are just getting started will have strong examples for creating their own. Jack Lenox’s presentation at WordCamp London this year highlighted a few of the benefits of theming with the REST API:

  • Provides a way to retrieve pure data (usually in JSON or XML format) over HTTP
  • No loops necessary
  • Good for mobile apps and environments where you don’t want a full webpage to render but want content from a blog or site

With the official directory now welcoming these types of themes, it won’t be long before the entire landscape of WordPress theme development changes to support more modern ways of presenting content. Check out Jack Lenox’s presentation on Building themes with the WP REST API for information on how to get started.

by Sarah Gooding at July 29, 2015 05:30 PM under wp rest api

Post Status: Don’t make enemies, invest in friendships

Editor’s note: The following is a guest post by Cory Miller, the CEO of iThemes. Cory describes his approach to making friends and avoiding making enemies. You should also check out his recent talk on mental health and entrepreneurship, which is terrific.

I’d rather wave a white flag and compromise than make an enemy. Every. Single. Day.

I’ve purposefully and intentionally, throughout my life (and business), sought to not make enemies, but rather build friendships.

  • Enemies are only trouble.
  • Enemies are distractions.
  • Enemies eat my time and energy and focus.
  • Enemies seek your destruction.
  • Enemies oppose you.
  • Enemies seek to “harm or weaken” you.

Friends do the opposite.

My best example of this is my wife, Lindsey. I think of her as my greatest ally and my best friend. She’s the opposite of an enemy.

The words I use to describe her are “caring,” “supportive,” “loving,” and “wants my best.”

So why would I spend my time seeking to create enemies, instead of friendships?

  • You can have opinions.
  • You can take stands.
  • You can and should draw boundary lines.
  • You can have your principles and never budge on them.

But, you can also, simultaneously, choose to make and focus on friendships.

Some of my best friendships have come through business, and some of them would be considered “competitors.”

But I’ve cherished those friendships.

Additionally, I sleep better at night knowing we only want each other’s best and that there is plenty of room for each other instead of someone actively, purposefully seeking my destruction.

But instead of seeking to fester anger and hate and competition, I’ve sought the opposite, asking, “Where can we find ways to help each other do better for each other?”

So what if we approached life and business like this:

Instead of using that anger, bile, jerk-ness, and negative energy in telling the world who you hate and how big of a jerk you can be, and how you don’t want to be an enemy of — why not seek to build true, lasting, deep friendships?

The old quote, “Keep your friends close, and your enemies closer,” is pure B.S.

Why not create a friend instead of nurture an enemy?

Why not tell the world that you can be the best friend they ever made? And prove it by your actions.

Friendships do take an investment. They take consistency. They take time. They take compromise sometimes. It means showing up for them when they most need it.

But those relationships have been some of the richest relationships I’ve ever had. And totally worth the investment (multiple times over and over in fact).

And yes, I have made enemies in my life. Purposefully and sometimes not. In fact, someone recently asked me jokingly on Twitter who didn’t like me. I responded with:

“I can think of 1 or 2 a-holes but I don’t like thinking about them. :) hahahahaha”

And although that’s sadly true, I’ve sought to minimize the enemies I’ve made in my life and business.

My perspective on making necessary enemies is that if you have to make an enemy — and when I say that, I don’t mean because your personality defaults to that of a jerk and you sadistically like being labeled one), but you have to make an enemy because you have to set a boundary and tell someone no, or take a legal action — make dang sure it’s either for a very good purpose, value or strategic reason.

And even then, question yourself about why.

As my attorney told me recently: “You catch more flies with honey.”

So don’t be a jerk while making enemies. You’ll make more enemies in the process.

Simple, lip-biting kindness in the face of anger and hate and bile helps deflate a situation rather than pour lighter fluid on it.

I tell people often: it doesn’t cost me anything to be nice and kind. (In fact most of the time it makes me happier.) And I seek out different avenues to vent my frustration and relieve my stress.

So I say: Don’t make enemies. Invest in friendships.

It should be common sense, but sometimes I (and maybe you) need a reminder.

by Cory Miller at July 29, 2015 05:13 AM under Business owners

WPTavern: Adler: A Unique Personal Blogging Theme for WordPress

If you’re on the hunt for a new WordPress blogging theme but the designs are all starting to look too similar, you may want to check out Adler. It is one of the more unique themes to land in the WordPress.org directory in recent months with its uncommon typography choices and bright bursts of color.

Adler was created by Romanian theme designer George Olaru of Pixelgrade. Olaru takes a unique approach to the popular fullscreen splash page style that many themes have adopted for a homepage layout, overlaying it with a serif font title paired with a hand-script style subtitle.


Styling for single posts is similar to the home page with the featured image serving as a fullscreen background for the title. Scroll further down and the post content is centered with no distracting sidebar widgets.

Adler combines two unusual Google font choices in the design: Droid Sans Mono for paragraph text and Permanent Marker for blockquotes and subtitles. Images in posts overhang the text column to create a strong visual impact.


Adler’s files include a tiny leaf icon that is tastefully applied on the home and archive templates to separate posts. The effect is minimalist without appearing to be stark. The theme also includes support for Font Awesome icons.


The necessity for large featured images can sometimes be a drawback for users when selecting a blogging theme. After testing Adler, I found that the design doesn’t break if you don’t have a large featured image assigned to a post. In fact, posts lacking a featured image look just as nice as those that include one, so you’re not tied down to hunting for one every time you publish.

Adler supports three menu locations for a primary, footer, and social menu. It includes support for one footer widget area, which spans three columns. There are just two options available in the native customizer that allow you to change the background color or add a background image.

Adler was created to be a personal blogging theme and the design instantly communicates: “I have something to say.” Check out the live demo on Pixelgrade.com to see it in action. If you like what you see, you can download Adler for free from WordPress.org.

by Sarah Gooding at July 29, 2015 01:09 AM under free wordpress themes

July 28, 2015

WPTavern: New WordPress Plugin Automates Slack Team Invitations


Generating Slack team invitations can become rather tedious when you’re managing a large group of people – particularly when the team is open to almost anyone. In the case of a company or organization, a Slack admin can use the feature that permits anyone with an email from a specified domain to be accepted on signup. However, this feature isn’t applicable to teams that are made up of people with diverse email domains and associations.

Julio Potier, a French security consultant and prolific plugin developer, created a solution for this particular scenario. As an admin on the WordPressFR.slack.com team, which is open to all French WordPress users, he needed a more convenient way to allow new signups. The team has 27 channels and 250+ members with 200 added in the first week.

Julio decided to create a plugin to make the invitation process easier in the future. The new Slack Lazy Invitation plugin automates the sending of Slack team invitations by adding a frontend signup on your WordPress site.


The user simply enters an email address and the invitation is sent. A Slackbot confirmation will appear on the page.


To configure the plugin for your Slack team all you need to do is enter the group name and the security token for your Slack invitations. As this token is not easy to find, Julio wrote a bookmarklet that will automatically capture it for you. From the plugin’s settings page you can drag and drop the bookmarklet into your browser toolbar on the invitation page found at: https://YOURGROUP.slack.com/admin/invites.


Once the plugin is configured, the invitation signup page will be available at example.com/wp-login.php?action=slack-invitation. If you’re using either the wp-reCaptcha or google-captcha plugins, Slack Lazy Invitation will automatically add protection to the form.


The plugin also includes support for the SF Move Login plugin, so that the invitation form is available at /slack-invitation instead of the much longer URL. This slug can be changed in the SF Move Login settings panel.

In the future Julio plans to add support for adding invite pages for multiple groups. I tested Slack Lazy Invitation and found that it works exactly as advertised. If you have a large Slack team with open invites, this plugin will save you quite a bit of time. Download it for free from WordPress.org.

by Sarah Gooding at July 28, 2015 10:15 PM under slack

July 27, 2015

WPTavern: Meet PeepSo: BuddyPress’ Newest Competitor in Open Source Social Networking for WordPress

When the first BuddyPress beta arrived on the scene in 2008, there was nothing like it for WordPress. Facebook was still relatively new to the public and Twitter was just a couple years old. A plugin that transformed WordPress into a social network was an exciting prospect.

After seven years of virtually unchallenged dominance among WordPress social networking plugins, BuddyPress has a new competitor. PeepSo, trademarked “Your people. Your community. Your way,” is the newest contender in WordPress’ open source social networking plugin niche.

Unlike BuddyPress, which for the most part has improved slowly through community contribution, the PeepSo project is run more like a startup and is 100% self-funded. It is currently being marketed as an alternative to BuddyPress.

The PeepSo plugin, available on WordPress.org, offers many of the same core features as BuddyPress but was launched with a collection of commercial add-on plugins for things like photos, videos, moods, tagging, locations, friends, and messages. A groups feature is noticeably absent from Peepso but planned for version 1.4. Current extensions seem to focus primarily on adding multimedia features to the activity stream.


Who is Behind PeepSo?

merav-peepsoPeepSo was founded by Merav Knafo, owner of JomSocial, Joomla’s most popular social networking solution. Knafo, a veteran in the Joomla community, brings a unique perspective on the differences between the Joomla and WordPress markets for social networking software. As Joomla captures roughly 7% to WordPress’ 60% of the CMS market share, Knafo saw an opportunity to break into a larger market.

“As a business owner, it’s my job to pay attention to trends in my industry and unfortunately, Joomla has been on a downward trend since 2009,” Knafo said.

“Many of our JomSocial customers have asked us to ‘make JomSocial for WordPress,’ because they wanted to switch to WordPress but there was nothing like JomSocial for WordPress. Finally, I could not ignore the trend nor the requests and decided to get into the WordPress market as well.”

Knafo hopes to parlay her experience with JomSocial into her new venture with PeepSo.

“We stuck with Joomla for almost 10 years now and took JomSocial to a whole new level when we took over in 2013,” she said. “I am very proud of what we’ve accomplished with JomSocial and super excited to implement all this experience and knowledge into PeepSo.”

How PeepSo Got Started

The idea for PeepSo was incubating for a few years before Knafo had the opportunity to execute it.

“Brad Bihun used to be a customer of ours at iJoomla, and then he switched to WordPress,” she said. “We happened to live very close to each other in Encinitas, California, so we met up and suggested I’d created ‘JomSocial for WordPress.’

“At that time, I didn’t even own JomSocial and I was too busy with all the iJoomla products. Then a couple of years later, I acquired JomSocial and he approached me again, but once again, I was just too busy. A year and a half into JomSocial acquisition, when things got a lot smoother, I finally said yes, he introduced me to the SpectrOM team, and we got started.”

Although the plugin appears to be marketed as a direct competitor to BuddyPress, Knafo said that it wasn’t created specifically for that purpose but rather to give WordPress users a more robust array of options for building networks.

“Obviously we felt there was a need for another product as an alternative to BuddyPress,” she said. “Leaving users with just one option is rarely a good idea, people like options.

“We don’t necessarily plan to take on BuddyPress, we just want to offer those who want an alternative, a product that is of high quality and that is being continuously developed. Ultimately, people will choose the solution that serves them best. We are just getting started, but we have big plans and an excellent track record doing this successfully with Joomla.”

The Differences Between PeepSo and BuddyPress

I asked Knafo what her team perceives to be the most notable differences between PeepSo and its more established competitor, based on what they found to be lacking in BuddyPress.

“I’d say the look and feel is a lot more modern in PeepSo right off the bat with no special themes needed,” she said. “The features are more up-to-date with the latest and greatest features of big social networks, such as Facebook – from cover photos to ‘likes’ and so on.”

BuddyPress core developers have opted to leave the aforementioned features to separate third-party plugins as opposed to packing them into core. With certain features, i.e. photos and videos, PeepSo does the same, except the add-ons are supported by PeepSo core developers.

“PeepSo is lightweight and allows you to only add features that you need, to keep it lightweight,” Knafo said. “PeepSo’s code is so beautiful it made our developers shed tears of joy when they first saw it – that said, I never looked at BuddyPress’s code, nor would I be able to tell whether it’s beautiful or not.”

In terms of code differences, PeepSo’s development team cited what they believe to be a few major differences between their codebase and BuddyPress:

  • All object oriented – from the PHP to the Javascript
  • Built with a templating engine similar to what you see in shopping cart systems. This allows use with virtually any theme.
  • The JavaScript uses an extension mechanism, allowing add-ons to extend the abilities of the postbox.
  • We made the database queries as optimized as possible to allow for greater scalability.

“We have a track record creating and supporting a very large social networking application (JomSocial),” Knafo told the Tavern. “We know the ins and out of this business. We may be new to WordPress, but we are veterans when it comes to social networking applications.”

Where is PeepSo Headed?

The PeepSo development team, guided by lead architect Dave Jesch of SpectrOM, has an aggressive roadmap for improving the plugin’s core and adding more features via commercial plugins.

“Our main goal is to add more plugins to PeepSo, you can see our road map here. We’ll start with a chat plugin, custom profile fields and then groups, events, pages and so forth,” Knafo said. The team also hopes to partner with other developers who want to create PeepSo plugins.

I asked her if the team plans to create a hosted PeepSo platform for community managers. Knafo said it isn’t totally out of the question but isn’t high on the priority list at the moment.

“We tried to do this with JomSocial but we had a hard time finding the right hosting solution for it,” she said. “That said, we are open to the idea, a bit down the road.”

PeepSo is just getting started and has not yet attracted many customers. However, Knafo’s experience of successfully running an open source project for the past 10 years has given her the determination to break into a new and unfamiliar market.

“The sales have been as can be expected this early after the initial release, not too shabby to start with but we expect whole lot more sales as the WordPress users become aware of PeepSo, download the free version and give it a try,” she said.

“We’re here for the long haul and we take no shortcuts in doing this right. We know it’s a huge undertaking; there is so much more to do. I am confident that investing in WordPress was the right move, I’ve been very pleased by the feedback and the community. My hope is that WordPress developers will join us and create awesome plugins to take PeepSo to the next level.”

by Sarah Gooding at July 27, 2015 10:50 PM under social networking

WPTavern: Only 70 Tickets Remain to Livestream Prestige for Free August 1-2, 2015

Prestige Conference LogoWith just a few days remaining before Prestige takes place, there are only 70 tickets left to watch the event for free. Courtesy of Rocketgenius, the event’s primary sponsor, more than 500 people will be watching the event for free this weekend. To watch the event for free, use the code GravityFormsLS when purchasing a streaming ticket.

Free tickets are sold out. However, entering the code PrestigeStream when purchasing a streaming ticket, will take 50% off the price

Prestige is a conference founded by Kiko Doran and Josh Broton in 2014 that focuses on the business aspects of WordPress. The first event was held in Minneapolis, MN, in October of 2014. Earlier this year, Prestige was held in Las Vegas, NV. This weekend marks the third time the conference will be held.

The Future of Prestige

The first and second conference had approximately 100 attendees and Doran expects the same amount this weekend. However, future iterations of Prestige will have lower attendance. “We are transitioning to more of an online event. We’re actually going to make the in-person events smaller moving forward.” Doran told the Tavern.

There’s also a chance the conference could morph into something completely different. “After organizing two WordCamps, I figured out some of the things I loved about them and some of the things I don’t. Prestige has given me the freedom to try new things and see what people like and what they don’t like,” Doran said.

Prestige in Las Vegas NevadaPrestige in Las Vegas, NV Image courtesy of James Dalman

Although the conference has been held twice this year and in different cities, the organizing team plans to host at least one Prestige conference in Minneapolis every year. Talks are underway for the next event but details are not locked down.

“We plan to do one in Minneapolis every year because we love the community there. We’d like to do Minneapolis in the summer time, due to weather, then we’d like to do any winter events in a warm place,” Doran said.

Organizing a conference is a challenging experience that benefits from having motivated organizers. Doran explains what motivates him to organize Prestige, sometimes twice a year.

“I have a small awesome team of organizers that love putting this event on. That and the people who come and share their knowledge. It’s a smaller event but to me, that’s the appeal of it. Everyone is far more approachable in this environment,” he said.

A First for Prestige

This weekend’s event features a hands-on workshop by Jennifer Bourn of Bourn Creative. It’s the first session in Prestige’s young history to involve hands-on exercises. The session is uncharted territory for the conference which has mostly focused on people sharing their experiences building  businesses.

How Long Will Doran Organize Prestige?

With this being his third conference, I asked Doran how long does he plan to continue organizing Prestige, “I’ll organize the conference as long as there is a demand for the content. People often say to scratch your own itch. This conference started off as a little self-serving in that I wanted to ask people all of these questions. Then I thought, couldn’t others benefit from this information as well?” he replied.

I’ll Be at Prestige Conference

I’ll be among the 100 expected attendees at this weekends conference. If you’re attending the event, please stop me and say hi. If not, make sure you grab one of the 70 tickets left to watch a livestream of the event. You can also monitor the #Prestigeconf hashtag on Twitter. If you’ve previously attended Prestige or watched the livestream, please share your experiences in the comments.

by Jeff Chandler at July 27, 2015 09:13 PM under prestige

WPTavern: WordPress Users Association Under New Ownership

The WordPress Users Association (WPUA) is breathing new life after it was acquired by Paul DeMott earlier this year on Flippa for $797. WPUA originally launched in December 2010, with the goal of providing a central place for WordPress users to swap war stories, learn how to get the most out of WordPress, and take part in getting special discounts on themes and plugins.

Redesigned Front PageRedesigned Front Page

Three years after its launch, the site appeared to be dead. In 2013, I paid to become a member to confirm my suspicions and to see if the site still accepted payments. Free themes and plugins offered to members were not impressive and there wasn’t much to choose from. All of the videos used for WordPress training were broken. Despite these setbacks, I was able to successfully complete the refund process.

Financial Details

Earlier this year, WPUA.org was listed on Flippa.com, a domain auctioning site. As part of the auction financial details of WPUA.org were made public. According to the seller, the site made $20K when it launched. The previous owners spent between $500-$1,000 on ads and answering WordPress questions through the Ask a WordPress Expert section of the site.

The following shows revenue, costs, and profit between October 2014 and March 2015. WPUA earned revenue primarily with product or service sales and affiliate income.

WPUA RevenueWPUA Revenue

At the time the site was listed for auction, it had 3,500+ total members made up of free and paid subscriptions. The site today boasts more than 5,600 members.

Previous Owner Explains Why He Sold The Site

Wesley Williams is the former owner of WPUA.org and helped launch the site in 2010. Williams transitioned away from the domain because his web development business used the majority of his time. “We felt with our limited time to invest in it that it was best to transition it to someone who shared our passion but had a little more time to invest in growing the community and serving the members. We completed this transition back in April,” Williams told the Tavern.

From my perspective, the WPUA was not a successful venture but Williams says otherwise.

“I wouldn’t say it wasn’t a success. There are thousands of members and we provided a lot of help to a lot of new and experienced WordPress users. As my main core business grew and as the time requirements of our projects increased, we couldn’t devote the time required to answer questions and give the help needed.

“Actually, WPUA was a big success in my mind. Just from a number of members point of view it was a success. From the amount and number of questions and people we helped it was a success and from a financial standpoint it was a success,” he said.

Williams explains his goal with WPUA and why some members of the community may not be aware of the growth it had. “My goal was to help the under-served, those just getting started and without the technical know how to make what is actually simple fixes or changes to their WordPress site.

“I didn’t run the WPUA in the circles of all the established WordPress technical crowd, even though a large number of them became members of the WPUA. I ran it focused on users new to the platform and so because of that, some members of the WordPress community might not be aware of the growth and success it had,” he said.

Through the course of time, Williams and his team adjusted membership levels and access points which helped increase registrations. Williams also learned that what members wanted was a direct way to ask questions and receive expert answers.

“A person new to the platform didn’t want to post their question in a forum and they weren’t really sure what the real question was. Thus, we removed the forum and went to an ‘Ask an Expert’ system where they could email their questions. This seemed to work better for everyone,” he said.

Overall, Williams is happy with how WPUA progressed and feels fortunate to have played a role in its growth and success.

Who is Paul DeMott?

In the following video, DeMott explains how to build a eCommerce site with WooCommerce and calls himself the new president of recruitment for the WPUA. According to his LinkedIn profile, he lives in Cincinnati, OH and is the owner of Paul’s SEO and Web Expertise which works with companies to develop websites that bring in internet traffic and sales.

Not much is known about DeMott and multiple requests for comment have gone unanswered. It’s unclear what his plans are for WPUA.org but so far, it’s remained as a paid subscription membership site. If you are a past or current member of the WordPress Users Association, please tell us about your experience in the comments.

by Jeff Chandler at July 27, 2015 08:39 PM under wpua

Matt: MPAA Smoking Gun

Sometimes truth is worse than what you would imagine: Smoking Gun: MPAA Emails Reveal Plan To Run Anti-Google Smear Campaign Via Today Show And WSJ.

by Matt at July 27, 2015 03:34 PM under Asides

July 25, 2015

WPTavern: Plugin Developers Demand a Better Security Release Process After WordPress 4.2.3 Breaks Thousands of Websites

photo credit: Ravages - ccphoto credit: Ravagescc

WordPress 4.2.3, a critical security release, was automatically pushed out to users yesterday to fix an XSS vulnerability. Shortly afterwards, the WordPress.org support forums were flooded with reports of websites broken by the update.

Roughly eight hours later Robert Chapin (@miqrogroove) published a post to the Make.WordPress.org/Core blog, detailing changes to the Shortcode API that were included in the release. According to Chapin, these changes were necessary as part of the security fix:

Due to the nature of the fix – as is often the case with security fixes – we were unable to alert plugin authors ahead of time, however we did make efforts to scan the plugin directory for plugins that may have been affected.

With this change, every effort has been made to preserve all of the core features of the Shortcode API. That said, there are some new limitations that affect some rare uses of shortcodes.

The security team had no reasonable way of accounting for every single edge case, but the negative impact of these changes were far more wide-reaching than they had anticipated. This particular use case likely wasn’t covered in their testing. Unfortunately, plugin developers found out about the breaking changes only after the security release had already left a slew of broken websites in its wake.

“I fully understand this is an issue, but isn’t this a weird way of updating – almost all our clients are calling / e-mailing us at the moment as their sites seem to be broken,” one developer commented on the Shortcode API post. “Normally it would be better to announce such huge impact changes to the plugin and theme developers. This means I need to fully reschedule my agenda, which already is full during holiday season.”

Comments on the WordPress.org post are full of developers scrambling to find a way to fix client websites. Many were disappointed that the total secrecy of the security team, which is necessary in situations like this, was not immediately followed up with a public post on the important changes to the Shortcode API. Meanwhile, the email inboxes of agencies and plugin developers are filling up with urgent messages from outraged clients.

Developers want better communication from the those who are managing security releases. Amir Helzer, author of Types and Views, two plugins majorly affected by the release, sums up the thoughts of many other commenters on the Make/WordPress.org/Core post:

We are updating the Views plugin today, so that we resolve all shortcodes before passing to WordPress to process content.

This is a straightforward change, which takes us one day to complete.

Would have been great to receive a heads-up about an upcoming change in WordPress, so we could do this change on time.

We received a huge amount of support requests due to this, but this isn’t the issue. We can deal with a wave a support issues. This time it wasn’t “our fault”, but sometimes it is.

What worries us, as mentioned above, is seeing our clients (folks who build WordPress sites for a living), losing their faith in the system. They feel like the system sees them as little ants and not as humans. People don’t like seeing their problems being dismissed.

Many of them run hundreds of sites. They cannot afford to stop everything and fix content on so many sites. Especially not if they are currently away for their family vacation.

What others have asked here, and I would like to ask, too, is to setup a mechanism that allows WordPress core developers to privately communicate such upcoming issues with plugins developers.

We are your partners.

Without WordPress (secure, stable and reliable), we would not exist.

Without great themes and plugins, WordPress would not power 24% of the Web.

WordPress core members already volunteer a lot of their time. I’m not asking for anyone to volunteer more time. Need help? Ask us. There is a huge community of developers who rely on WordPress. We would be happy to get involved and set up whatever is needed.

User confidence in WordPress’ automatic background updates took a dent with the 4.2.3 release. Waking up to broken websites causes users to second guess automatic updates after being assured that maintenance and security releases would not include breaking changes.

When users get burned by automatic updates, in the end it doesn’t matter which party is at fault – whether it’s the core team or a theme or plugin. They simply expect updates to work and not break anything. Even in instances where a poorly coded extension may be at fault, the average user has no way of determining whether or not their active plugins follow WordPress best practices.

The aftermath of the most recent security release is one reason why many developers and users are still wary of automatic updates. Amir Helzer represents many other plugin developers who are eager to find better ways to work together with the core team to provide a better update experience for users. This is especially important for releases like this one where the Shortcode API changes directly affected users’ content. Hezler’s comment reaffirms the fact that development agencies, plugin developers, and core developers are all partners on the same team. It’s time to find better ways of working together to provide the best update experience possible for WordPress users.

by Sarah Gooding at July 25, 2015 02:46 AM under security

July 24, 2015

WPTavern: FooPlugin’s Digital License Key Management Plugin is Now Open Source for Developers

photo credit: 16th st - (license)photo credit: 16th st(license)

Three years ago, FooPlugins built FooLicensing, a digital license key management tool that enabled them to manage customers of their EDD-powered commercial plugins store. Although EDD already offered a license creation and management extension, FooPlugins required more features than it had at that time and opted to build their own.

As of today, FooLicensing is now open source and free for anyone to use, along with the associated EDD connector plugin.

“We love the community and wanted to give back,” FooPlugins co-founder Adam Warner said.

“We know FooLicensing could be so much more but we just don’t have the time to dedicate to it alone. We are a small team and because of that we find ourselves with dozens of projects that could be so much more if only we had more time and people.”

Open sourcing a project can change its trajectory if there’s enough interest and developers willing to contribute to improve it. Warner isn’t counting on that, however, and simply hopes other developers will find it useful.

“It’s a bit of a leap of faith, but if it helps someone else get involved to help create an even more robust system, then great,” he said. “Bonus if it helps someone build additional extensions to help others.”

FooLicensing’s main features include:

  • View and manage the validated domains for your EDD license level
  • One click EDD license upgrade/add to cart
  • One click EDD license renewal (with associated discount) /add to cart

A logged-in user who has entered a license key will see all the relevant account information detailing status, activations, expirations, etc.


Administrators who are using the plugin together with its EDD Connector will see a menu with various license creation and management tools.


The EDD Connector, also now open source, enables the following:

  • Add new licenses to attach to an EDD product
  • A searchable list of all license keys that have been created and assigned, complete with attached domains
  • A list of licenses that have been renewed
  • Testing for license validation and update checks in the API Sandbox
  • A management area for various messages (domain attach, detach) and for license renewal discount amount and emails

Foo Licensing is Extensible for Other Platforms

FooLicensing was built from the beginning to be extensible for use with other platforms beyond EDD. The team at FooPlugins had plans to expand their library of connectors but didn’t have the time to execute them.

“Our goal for FooLicensing was to build additional integrations for other eCommerce plugins and digital sales platforms but it quickly took a back seat as our FooBox and other plugins like FooGallery gained popularity,” Warner said.

“Documentation is non-existent at this point, but we welcome you to step through the code and consider getting involved with the core plugin or with extensions for other eCommerce platforms.”

Warner said the team is considering a full-fledged site dedicated to FooLicensing if enough developers become interested and would consider the possibility of a marketplace to host any extension built. FooPlugins does not currently have plans to create additional extensions in house.

“We’ll see what the future holds, but for now we need to move forward with some other things rather than holding this tight to our chests,” Warner said. “Open sourcing the plugins just fits in with what we believe is the right thing to do to make the web (and the WP community) a better place.”

by Sarah Gooding at July 24, 2015 08:17 PM under fooplugins

Post Status: Thesis, Automattic, and WordPress

Chris Pearson and Matt Mullenweg have hardly communicated with one another in the last five years, but they are ideological enemies. They are both wealthy individuals (though of different magnitudes) thanks to their online endeavors, with very strong personalities and unshakable beliefs on business and software. This is a story of their dispute, their idealism, and the implications it will have on the WordPress project.

Matt Mullenweg co-founded WordPress, founded Automattic, and is one of the most successful entrepreneurs of his generation. He runs a billion dollar “unicorn” startup centered on a culture of embracing open source technology and has achieved incredible success embracing principles counterintuitive to either Silicon Valley or big corporate culture. He’s paving a new path for how to create a valuable software company while religiously defending and promoting open source software.

Chris Pearson founded DIYthemes and helped pioneer the early WordPress commercial theme industry. He has run his business successfully for over seven years, despite unique hurdles that result from a very public dispute with Mullenweg in 2010. He vehemently defends his work as his own non-derivative achievement and rejects the religiosity and cult mentality that he believes exists in the WordPress ecosystem. He views WordPress as a huge chunk of the web, available to be monetized — which he has done so to the tune of millions of dollars — but he does not believe he must adopt Matt Mullenweg’s principles in order to meet customer demand, run his own business, and protect his own inventions.

By all normal definitions, Mullenweg and Pearson have done incredibly well for themselves. However, from a pure size perspective and principles aside, Mullenweg is the big nation army and Pearson is the small revolutionary militia. Mullenweg views Pearson as a threat to everything he stands for and has worked to accomplish, and Pearson views Mullenweg as an overbearing figure with no true authority over his decisions.

Mullenweg has the motivation, resources, and ability to squash Pearson — and indeed most thought he’d done so already. While he has far fewer resources, Pearson has some tools available to protect his business or to potentially even disrupt the entire WordPress ecosystem as we know it today.

During their first conflict in 2010, and in the resurgent one going on now, Mullenweg and Pearson have both at times made mistakes, acted childishly, or been in the wrong. Both also have merit in various aspects of their positions. Neither conflict, so publicly debated, reflects well on the WordPress ecosystem as a whole — even though I believe it is right that each conflict is best observed under a public eye, as the results can affect so many other businesses and potentially even WordPress itself.

With this post, I aim to outline the entire conflict; to describe the implications past, present and future; to highlight non-WordPress comparisons for precedent and potential implications; and to share my own thoughts on who is in the right and who is in the wrong, as viewed for the good of the global WordPress community.

A history of conflict

The commercial theme movement started in 2007 and took off in 2008. Thesis was one of the pioneers of commercial WordPress themes. The theme industry was young and evolving rapidly, and many sellers hardly considered or understood licensing issues at all.

Many of the sources for this period are from Siobhan McKeown’s excellent account in the book, Milestones: The Story of WordPress (which I’ll refer to as Milestones).

Themes as derivative works of WordPress

WordPress is licensed by the GNU General Public License (GPL), version 2 or later. The GPL ensures certain freedoms that protect both WordPress and those that utilize it. The “four freedoms” that are the heart of the GPL are as follows:

  • The freedom to run the program as you wish, for any purpose (freedom 0).
  • The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
  • The freedom to redistribute copies so you can help your neighbor (freedom 2).
  • The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

As WordPress co-founder Mike Little phrased it in the Post Status Slack, “The GPL is meant to be restrictive for developers and permissive for users.” The GNU philosophy page and subsequent articles are a good resource for understanding the nature of the license.

The GPL is a Copyleft license, which creates the “stipulation that the same rights be preserved in derivative works down the line.” In an immature theme market, licensing was given relatively little notice, and many theme authors provided their themes with no license or proprietary licenses.

Matt Mullenweg, to many, would be considered BDFL, or Benevolent Dictator for Life, of WordPress. It’s a common term for folks that lead open source projects and have final say on project decisions. In his role as WordPress BDFL, he now has a reputation — at least within certain circles of folks that pay close attention — for making large, impactful decisions with little description of why he has done so.

In late 2008, more than 200 free WordPress themes were removed from the WordPress.org theme repository. While many of the themes were removed due to spammy links, some were pulled due to GPL violations within the themes or within the theme upsells that were linked from the theme listings.

The move, which was made without announcement, shocked many theme providers that felt they were unfairly included in the group of removed themes. The situation created a spark and initiated a serious debate about theme licensing.

Authors were concerned that GPL licensed themes would mean that their themes would be bought and freely distributed, removing their ability to make money from their works. A few, such as Brian Gardner with his Revolution theme, changed their licensing as a result of conversations with Mullenweg and Toni Schneider, Automattic’s CEO at the time. In Brian’s case, he made his theme free and offered paid support services.

Eventually though, most authors “selling” themes started actually selling support, access to download, and updates for their themes. This model was both GPL compatible, as well as workable for authors to get paid.

In mid-2009, Matt Mullenweg also posted on the official WordPress blog that he was introducing a new commercial theme listing page on WordPress.org, and he shared an opinion he requested from the Software Freedom Law Center (SFLC), where they determined that the two themes packaged with WordPress were derivative works.

The SFLC opinion did leave room for a “split license” where the WordPress and PHP code must inherit the GPL, and the CSS, Javascript, and images could be under a proprietary license:

In conclusion, the WordPress themes supplied contain elements that are derivative of WordPress’s copyrighted code. These themes, being collections of distinct works (images, CSS files, PHP files), need not be GPL-licensed as a whole. Rather, the PHP files are subject to the requirements of the GPL while the images and CSS are not. Third-party developers of such themes may apply restrictive copyrights to these elements if they wish.

Finally, we note that it might be possible to design a valid WordPress theme that avoids the factors that subject it to WordPress’s copyright, but such a theme would have to forgo almost all the WordPress functionality that makes the software useful.

“Split license” is the colloquial term the community has assigned to this statement, but in fact the actual splitting of which parts are GPL and which parts are not matters, so it may not do the reality of the situation justice. Perhaps it should be termed “PHPGPL” or “Non-Assets GPL”.

A number of prominent theme sellers were unhappy with Mullenweg’s insistence that their themes maintain a 100% GPL license, but they were not willing to shake the boat over it. At this point, themes were becoming big businesses and making new millionaires (or close to it) of some of these shop owners. This settled the issue for nearly all theme sellers, and most moved to either 100% GPL or a PHPGPL license, and the doomsday scenarios never came; the theme industry continues to thrive.

Thesis holds out

But not everyone agreed to go either 100% GPL or PHPGPL license. Chris Pearson kept his Thesis theme under a proprietary license.

Thesis was one of the most popular and flexible themes in the world, and Pearson boasted on Andrew Warner’s Mixergy podcast of revenues of $1.2 million+ over the 12-18 month period prior to the interview. Mullenweg and Pearson criticized one another publicly, and Warner invited them both to Mixergy where they debated the merits of GPL licensing.

By most accounts, Mullenweg had the better argument on the Mixergy episode, and also came off as a calmer and more collected personality — in contrast to Pearson’s often heated, and sometimes very strange, statements.

The debate continued between Mullenweg, Pearson, and a variety of WordPress community members and their blogs. Mullenweg was extremely aggressive, to the extent that he offered to buy alternative commercial themes for users of Thesis that agreed to switch. Mullenweg tells me that many took him up on his offer, but it was, “less than a thousand.” In my opinion, this was a step too far by Mullenweg, though for him the issue was already personal.

Pearson held his ground over the following days until an admission by one of his own team members of wholesale copying of code in Thesis from WordPress code, which violates the WordPress copyright.

At this point, Pearson finally capitulated and announced that Thesis would be a split license GPL compatible theme, and the debate died down. Pearson put his head down and started working on Thesis 2.

He released Thesis 2 in late 2012, and by this time the debate was cool — the community had moved on to other drama (yes, even more GPL drama) — and the release of Thesis 2 was largely ignored outside of DIYthemes’ audience, which was quite large but also largely isolated from the WordPress “community” that cares about stuff like licensing.

Therefore, not many people paid attention to the new Thesis or the licensing it contained. Mullenweg, however, was still paying attention.

The battle over thesis.com

If you consider the word thesis, what do you think of?

If you are a regular person walking down the street, you probably think of the general concept for stating a theory, or perhaps you think of the long papers that university students write as part of their programs.

If you are in the WordPress world, you may also consider the Thesis WordPress theme by DIYthemes.

Good, single word domain names are hard to come by. Thesis.com, if you visit it now, redirects to the ThemeShaper blog. ThemeShaper is owned and operated by Automattic, and frequently posts articles about WordPress themes.

ThemeShaper is not a dedicated commercial property, but it does link to Automattic’s primary website, and Automattic does make and sell WordPress themes.

Automattic buys thesis.com

Automattic hasn’t always owned thesis.com. Matt Mullenweg met a third party owner of the domain at a conference — a guy named Larry — and inquired about the domain by email in January of 2014. Chris Pearson had already attempted to purchase the domain from Larry, and did not agree to pay the $150,000 that Larry requested.

According to Pearson’s accounts, he and Larry had a few exchanges that stalled with Pearson unwilling to bid beyond $37,500 for the domain, and Larry sticking to $150,000. With a $100,000 offer on the table from Mullenweg, Larry gave Pearson an opportunity to buy the domain for $115,000, which he didn’t do — in part because he thought it too expensive, but also because he suspected Larry didn’t really have the offer from Mullenweg.

As we now know, Larry did have the offer and Automattic became the owner of the thesis.com domain name.

Pearson didn’t know that Mullenweg actually bought the domain until November of 2014, when he was notified by a friend that Mullenweg’s WordCamp San Francisco State of the Word Q&A session included a section where Mullenweg noted that he owned the domain (more on that later).

Pearson attempts to force domain transfer

On April 9th, 2015, Pearson and his lawyers filed a UDRP (Uniform Domain-Name Dispute Resolution Policy) complaint, which is a formal method for resolving domain disputes, recognized by ICANN. UDRP isn’t a formal government court, but serves as arbitration for domains due to the recognition by ICANN.

There are many, many examples of UDRP complaints in regard to trademark infringement. There are a number of criteria that come into play that guide the UDRP panel’s decision making process.

The three basic tenets that must be met are as follows:

(i) your domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and

(ii) you have no rights or legitimate interests in respect of the domain name; and

(iii) your domain name has been registered and is being used in bad faith.

The panel reviews the initial complaint (in this case, by Pearson) and gives the respondent (Automattic) an opportunity to respond. All correspondence is in writing and not in person. The panel has two weeks after everything has been submitted to reach a decision.

In this case, which is available publicly, the panel denied Pearson’s complaint.

Pearson’s complaint cited that he fulfilled each of the three criteria:

  • By noting his trademark of the word “thesis”.
  • By noting that Automattic was using the domain with a commercial interest (by redirecting it to ThemeShaper).
  • By noting the bad faith clause by citing that Automattic, “purchased the disputed domain name to confuse and redirect customers and potential customers to Respondent’s competing webpage.”

In the response, Automattic did not contest Pearson’s trademark on the word thesis. However, Automattic also noted that the word is very generic, and also that ThemeShaper was not a commercial part of Automattic, but a “blogging site.”

For the bad faith argument, Automattic claimed that the redirect to ThemeShaper furthers their, “purpose in providing a blogging site,” and highlights that the intention for the domain is not as a commercial entity or one to be confused with Pearson’s trademark.

Automattic wins dispute

Automattic won the dispute against Pearson. As noted, the panel had two weeks to deliver the decision, and Automattic proposed a settlement with Pearson before the decision was handed down.

Pearson was considering the settlement when the decision came a day before the two week deadline, which is apparently not a common occurrence. Had the decision not come early, Pearson may have saved himself some trouble, especially in regard to eliminating the trademark cancellation requests by Automattic on thesis and related terms.

In Pearson’s blog post, The Truth about Thesis.com, he notes the general terms of the proposed settlement:

Automattic’s attorneys drafted the original settlement, which included the following terms:

  • Automattic would keep thesis.com
  • Automattic would withdraw the federal trademark cancellation request
  • I would withdraw the UDRP
  • Both parties would mutually release one another (agree not to sue over this issue in the future)

Nothing in the original settlement addressed the trademark infringement, and since this was the reason I took action in the first place, I added a requirement that Automattic no longer infringe upon my mark (which would mean they stop forwarding the domain).

At this point in the proceedings, I agreed to the settlement.

However, since the decision came early, the settlement was never binding. It’s also worth noting that Mullenweg commented to me that Pearson’s stated terms are actually not the terms of the settlement:

In the settlement Automattic offered Chris we agreed not to infringe his trademarks (which is the law, regardless of what the settlement said). He never asked us to change the redirect of thesis.com in the settlement, and if he asked after, we would have said no. There were no restrictions on thesis.com in the settlement.

He also said, “I wish he had reached out before litigating,” and noted that it would have “definitely” changed the outcome of the entire situation. Whether it truly would have is neither here nor there.

Possibility for appeal

The UDRP doesn’t have an official appeals process. Instead, they are willing to not make the changes that a ruling states, if indeed a domain transfer or other action is ordered, if the affected party files a suit in court within ten days of the ruling.

In this case, Pearson did not file in a court within the given timeline, and since the ruling did not require a change in domain ownership, there is no further recourse with the UDRP. However, there is no time limit if Pearson wishes to file in court — but that is the only path remaining if he truly wants to go after the domain.

Legitimacy of the trademark dispute

Trademark law has a long history. Trademarks follow a categorical system, meaning words and terms must be trademarked within a particular category to be applied to.

Pearson has three trademarks for the Thesis and DIYthemes brands, all under international trademark class 42, for computer, scientific, and legal purposes:


The applications were filed in 2010 and registered in 2011. On June 16th, 2015, Automattic filed cancellation requests for all three trademarks, which were instituted June 25th. Pearson has 40 days from the date the application was instituted (which would be August 4th) to file a response to the cancellation requests. His answers, “must contain admissions or denials of the allegations in the petition for cancellation, and may include available defenses and counterclaims.” It is his burden as the defendant to establish his defense, and, “Failure to file a timely answer may result in entry of default judgment and the cancellation of the registration.”

Basically, Automattic is holding his feet to the fire to defend the trademarks, which their counsel feels should not apply for two primary reasons, as listed in their formal filing.

  • The trademarks were registered in Pearson’s own name, but are used by DIYthemes, and Automattic claims that, “The Pearson Applications were improperly filed in the name of an individual, who did not have the requisite intent-to-use the marks as of the filing date, and the underlying applications are void ab initio.” Their claim notes that US Code section 1051(b) offers this justification.
  • Furthermore, section 1052(e)(1) requires that a trademark not be “merely descriptive,” as Automattic claims his trademarks are.

If upheld, the trademarks will be deregistered by the US Patent Office, further limiting Pearson’s options to defend his claims to the thesis.com domain name in a formal court suit.

I don’t know how good of a case Automattic has, but purely on the surface it looks pretty good. I spent time reviewing the application and the US Code and the arguments appear fairly sound — especially the argument that Pearson applied for the trademarks as an individual and utilizes them as DIYthemes, despite DIYthemes already having been registered as an LLC.

Automattic’s justification for the domain

During the WordCamp San Francisco Q&A, Mullenweg noted the existence of the redirect of the domain name with a sense of pride, and a bit of a side-eyed smirk. In response to a question about relationships with commercial theme sellers and marketplaces, he states:

With the premium theme and plugin folks? … We have had some ups and downs, particularly with marketplaces that didn’t follow the GPL, for example, or violated WordPress’s license — themes that violated WordPress’s license. Um, you can go to thesis.com to learn more about that. Type it in, seriously.

I was at this Q&A in person, and don’t remember him saying this, as it was so buried in a much larger conversation, and I was simultaneously writing a wrap-up post about the State of the Word. However, once the UDRP ruling surfaced publicly, a number of WordPress community members recalled Matt’s statement and it brought a new dimension to the ruling and Mullenweg’s motivation for the domain.

While Automattic bought the domain, Matt Mullenweg was clearly the driving force behind the decision. When WP Tavern prompted Automattic for a comment on their motivation for purchasing the domain, they responded with the following:

We’re happy the panel ruled in our favor. We think Thesis.com is a cool, generic .com that could be used for a variety of things. Just because you have a small WordPress theme doesn’t mean you have a right to seize generic English word .com domains.

We can accept Automattic’s case that they had a general interest in a generic .com domain, but in reality we know better. Mullenweg was clearly presented with an opportunity by this Larry character that checked all of the right boxes for him.

He could get a domain he obviously knew Pearson would want, and deny him.

It has a side benefit that it is a high quality generic domain that will likely maintain or increase its value. And he probably thought it was funny.

I doubt Mullenweg even knew what kind of trademarks Pearson held, but despite Pearson holding the trademarks, it seems Automattic’s attorneys now have the upper hand, and it is highly unlikely Pearson will ever own the domain now.

Mullenweg commented on his refusal to give up the domain to Pearson on WP Tavern:

I’m not going to give a domain worth several hundred thousand dollars to the worst actor in the entire WP ecosystem, someone who keeps repeatedly violating the GPL and now has gone beyond that into patents. Why reward that? I wouldn’t sell it if he offered a million dollars.

There are so many people doing amazing things in the WP community, and 100% GPL! I can and have supported them almost every opportunity I can, and one of the things I’m most proud of in the world is how many fantastic open source businesses have been built on top of WordPress.

And it’s just the beginning — if you remembered in 2010 Chris said that going GPL would destroy businesses and sticking to the principles of our license would destroy investment in WordPress — we all know how that’s worked out since then.

Such a statement, combined with the WCSF video, highlights that the issue is about far more than the domain and its investment potential — a 10x return in less than a year would make for an excellent investment, in the near impossible situation Pearson would offer that.

No, the move was quite clearly a personal one — if also convenient — for Mullenweg, and that’s why terms like “bully”, “petty”, and “spiteful” have been used by many WordPress community members surprised by his actions. They expected more. They expected better, even when directed toward someone as controversial as Chris Pearson.

Pearson’s patent

While a tantalizing story, the battle over thesis.com is not the story here. It has simply been the spark to reignite old disputes with new fervor with potentially much bigger consequences than the 2010 affair ever reached.

One of two additional large components of this story is an active patent application by Pearson that was submitted in 2012 and published in 2014. Keep in mind — and Chris Pearson reiterated this to me many times — it is an application for a patent, not a published patent.

A patent on Thesis 2, or all web templates?

The main patent is titled, Systems, Servers, and Methods for Managing Websites. Chris Pearson is listed as the inventor and DIYthemes the assignee.

The patent never mentions WordPress or WordPress themes, however both in the abstract and in the text, it does have many similarities to what one may expect as a description of a general template mechanism for a website, versus a specific description of the Thesis 2 technology.

Here is the abstract in full (and here is the full patent application PDF, including art):

Systems, servers, and methods for managing websites. Some embodiments provide methods which include, according to a user selection of a website skin, activating the selected skin. The skin comprises at least one structural box further comprising structural code for the website. The method also includes receiving a request (for instance a call to a hook) to serve the website. Further, the method includes, responsive to the request, outputting (by echoing PHP code if desired) the structural code with style related code applied thereto according to a reference between the box and a style package (which comprises the stylistic code). The outputting can occur in an order associated with the boxes. In some situations, another skin can be activated. Moreover, a change (or, perhaps, an edit) can be made to another skin and displayed without affecting the website. Moreover, another skin can be selected and associated with the website.

I discussed the patent at length with Chris Pearson, and while much of that conversation is off the record, I can share what I believe his motivations are with the patent application, and what I think the potential implications for this new chapter of Pearson versus Mullenweg are.

Discovery and publicity of the patent

This patent and another that’s since been rescinded were discovered by Automattic’s lawyers during the UDRP proceedings. There is debate as to how members of the WordPress community discovered the patents’ existence — Jeff Chandler of WP Tavern and Carl Hancock of Gravity Forms were two of the first to discuss it publicly — but there is speculation from Chris Pearson and others that the community discovery of these patents was leaked by Mullenweg himself in order to deflect the attention at the time away from the domain issue and onto the patents and their potential implications.

I honestly don’t care how they came up, though Pearson’s questioning of Jeff Chandler’s journalistic integrity were uncalled for. It is anyone’s right and ability to tip someone off to legitimate news — and these patent applications are legitimate news — and I don’t believe for a second that Chandler has played puppet to his boss’s wishes. He has dutifully and to the best of his ability written about whatever news matters to the community, and I respect him for it.

Nevertheless, this patent does potentially have significantly more newsworthiness, depending on if it is approved and how it is defended by Pearson if it is approved.

Patent law and litigation

Patents often get a bad reputation, and their role in the software world is quite murky. I apologize in advance for this long sidebar on the wild world of patents.

Patent trolls

Most folks have heard of “patent trolls” that prey on companies using vague or overly generic patents, demanding big payouts.

Patent law is weird, and the lawsuits that result are infamously unpredictable and cause a scenario ripe for abuse. For example, filing patent lawsuits in one district over another can have enormous impact, like the case of Marshall, Texas, which is a hotbed for patent trolls:

Patent litigation is a growing business across the country; Marshall is just the most visible example. Among the weightier issues behind the mushrooming of its patent docket is whether the elements that have made it expand — hungry plaintiffs’ lawyers, speedy judges and plaintiff-friendly juries — are encouraging an excess of expensive litigation that is actually stifling innovation.

Some say yes. “A lot of the cases being filed in Marshall are by patent holding companies, or patent trolls, as they’re called, whose primary and only assets are patents,” Mr. Tyler said.

Companies that deal in patents but do not utilize the patented technology are called non-practicing entities (NPEs).

One of the concerns with Pearson’s patent would be if it were approved and he sold it to an NPE. It’s not uncommon for NPEs to acquire patents with the express purpose to enforce them:

Finally, of course, some entities buy patents with the express purpose of licensing them aggressively. For instance, about 25% of “parent” NPEs tracked by PatentFreedom are enforcing only patents that they had acquired. Another 60% are asserting patents originally assigned to them, and the remaining 15% are asserting a blend of originally assigned and acquired patents. However, if we add in the more than 2,100 subsidiaries and affiliates of these entities and treat them all as standalone entities, we find that 19% of them are originally assignees, and 69% are acquirers, and 12% are blends.

Regardless of the important variations in their origin and behavior, NPEs present a fundamentally different challenge than operating company patent assertions.

Software patents unpredictability and “obviousness”

The concept of software patents at all has been in dispute for a long time. Thousands have been awarded, but there are a handful of past court rulings that seem to govern the US Patent and Trademark office’s interpretations for making decisions when reviewing software patents.

Obviousness is a key term in the patent world. Patent applicants aim to create “meaningful” patents, but “at a minimum you must have claims that embody patent eligible subject matter, demonstrate a useful invention, cover a novel invention and which are non-obvious in light of the prior art. Obviousness is typically the real hurdle to patentability, and unfortunately the law of obviousness can be quite subjective and difficult to understand. At times obviousness determinations almost seems arbitrary.”

“Art” is the outlay of the invention by the applicant, and the invention’s ability to be patented depends on “prior art” not deeming the invention as obvious. Establishing non-obviousness for software has a contentious history. If it can be shown that, “any combination of prior art references that when put together would be the invention in question,” then the applicant is in trouble.

But there is a great deal of potential for subjectivity from thousands of patent examiners:

Still, ever since the Supreme Court’s decision in KSR [reference] there has been a great deal of subjectivity in the application of the law of obviousness, which is apparent if you look at the patents that issue, patents that are finally rejected and ultimately abandoned, and the patents the Federal Circuit ultimately finds to include obvious patent claims. There is little to no predictability at the edges.

The Alice case

In my research, the Alice case came up many times as a pivotal case for helping to define the legitamacy of software patents. Martin Goetz is the holder of the first ever software patent, and has an excellent write-up on the importance of the Alice case.

I have been asked for my opinion based my long history in the software industry and from my perspective as someone that has followed that controversial question “Is Software patentable”? That question first began to be publicly debated when I received the first software patent in 1968 for an invention on a new way of sorting data on a computer. Shortly thereafter a publication printed a page one headline “First Patent is Issued for Software, Full Implications Are Not Yet Known.”

Forty five years later a variation of that question was again before the Supreme Court when it agreed to hear the appeal of the Alice v. CLS Bank case.

Goetz argues that the Alice case is a victory for software patents on both sides: that it helps true inventions gain patents (he and others assign a high standard to define “invention”), and it also helps prevent abuse of overly vague or non-inventive “obvious” patents to be denied:

The Alice v CLS Bank Supreme Court decision in June 2014 was a great victory for those that believe that inventors that use a digital computer to innovate can get a patent on their invention. It is also a victory for those people and organizations that recognize how the patent System has been abused for many years by trolls and others where there was no invention. Since the Supreme Court decision in June, thousands of patents that should never have been issued are now being deemed invalid by the US Courts and by the Patent Office.

Obviousness and invention for Pearson’s patent

This long and boring description of patents is necessary because Pearson’s patent application is still just an application, and it can be challenged, both by the patent reviewer, but also by third parties.

As patent obviousness is “so unevenly applied,” there is some risk in not challenging Pearson’s patent, if a third party like Automattic (or a myriad of other web template providers) is worried about the potential implications of the patent. Although, the Alice case does seem — in my very amateur opinion — to offer better guidance to reject the patent based on a lack of true invention.

Pearson’s reasoning for a patent, and its likelihood for success

Patents are not cheap to apply for. The patent application Pearson submitted is 34 pages of art diagrams and text describing the inventiveness of Thesis 2, though Thesis 2 is not specifically named.

I asked Pearson why he applied for the patent, which he did not want to share the specifics of his position due to the open nature of the application. I’ve racked my brain to try and determine the potential causes as well.

There are only a couple of decent outcomes for Pearson with this patent application. The most likely, and not good outcome for him, is that he is denied the patent; and in this case he would have spent a great deal of money for nothing.

In the event he does get the patent — or perhaps even before it is fully reviewed for approval — he could face a challenge from Automattic or other parties that may be concerned his invention’s description could apply more broadly than Thesis 2.

If he gets the patent, and he survives a challenge, I see three ways he could theoretically use it:

  • He can do nothing.
  • He can sell it to the highest bidding NPE, which would be a dreadful outcome for any web entities that sell templates.
  • He can keep it in his back pocket, in case someone threatens his business or his software license, wherein he can initiate a lawsuit.

Honestly, the whole patent route seems odd. I don’t love the idea of this patent being approved, because the application does seem overly broad toward all web templates to me, from the title to the meat of the application’s art. However, there are loads of patents in the world for incredibly silly things that have never really impacted a lot of folks’ life; it’s just that it doesn’t mean a silly patent couldn’t become a problem. The Electronic Frontier Foundation has mountains of evidence of patent holders causing havoc.

I’m not much of a gambler, but if I had to gamble on this I’d put my money on this patent never being approved, and definitely never truly impacting the web or WordPress industry at scale.

I don’t think Pearson is a bad guy for wanting to patent his work. When I requested comment about the patents, he told me, “If I were ever to consider selling my business, things like trademarks and patents show up on the balance sheet and add to the bottom line,” but that he views them as, “one of many expensive, ridiculous options for bolstering one’s business,” versus a way to celebrate and protect his achievements as I previously characterized his intentions.


Most agree that the GPL has not been well tested in court, though a software license is a “legal instrument.” There is often confusion over whether a license is a contract or not.

License versus contract

One of my favorite things I’ve read on this is by former Adobe Associate General Counsel Robert Pierce:

A license is not a contract. This much I know.

Rather, a license is a permission granted by one party to another allowing use of a property without fear of lawsuit brought by the granting party. A license does not include a return promise (i.e., consideration) from the licensee. So, as we all learned in law school, a license cannot be a contract under law. This is not to say that a license cannot be an element of a contract under which two parties trade promises, one of such promises being a license. This is commonly known as a “license agreement.” But a bald license, a one-way promise, is enforceable outside of contract law. It is something apart. It exists and is enforceable under property law doctrine.

What makes things difficult is that the scope of a license’s grant, and the conditions and restrictions on the license (or all of them together) can make what is intended to be a one-way license look a lot like a contract. The precise wording used becomes critical.

The distinction can be significant because, “contracts are enforceable by contract law, whereas licenses are enforced under copyright law,” though even this rule depends on the jurisdiction where the matter is being discussed. His larger point is that a license is a one-way street, whereas a contract is agreed upon by both sides.

Spirit of the GPL

There is little debate that a “Split GPL” or “PHP GPL” license is perfectly GPL compatible, though Mullenweg doesn’t consider that the “spirit of the GPL,” and companies like Envato’s ThemeForest and others have felt the consequences of not adopting 100% GPL licenses.

From Milestones:

While not everyone liked the fact that the WordPress project would only support 100% GPL products, most people had accepted it. Many, however, were taken by surprise, by a sudden flare-up around not just the legalities of the GPL, but the “spirit” of the license. In a 2008 interview, Jeff Chandler asks Matt about the spirit of the GPL. Matt says that the spirit of the GPL is about user empowerment, about the four freedoms: to use, distribute, modify, and distribute modifications of the software. Software distributed with these four freedoms is in the spirit of the GPL. WordPress was created and distributed in this spirit, giving users full freedom with regard to the software.

The Software Freedom Law Center’s opinion — with regards to WordPress themes, however — gives developers a loophole, one that helps them achieve GPL compliance, but denies the same freedoms as WordPress. PHP in themes must be GPL, but the CSS, images, and JavaScript do not have to be GPL. This is how Thesis released with a split license — the PHP was GPL, while the rest of the code and files were proprietary. This split license ensures that the theme is GPL compliant yet it isn’t released under the same spirit as the GPL’s driving user-freedom ethos.

The loophole may have kept theme sellers in line with the GPL, but WordPress.org didn’t support that approach. In a 2010 interview, Matt says “in the philosophy there are no loopholes: you’re either following the principles of it or you’re not, regardless of what the specific license of the language is.” Theme sellers that sell their themes with a 100% GPL license are supported by WordPress. Those that aren’t don’t get any support or promotion on WordPress.org or on official resources. This is also one of the WordCamp guidelines, introduced in 2010; that WordCamps should promote WordPress’ philosophies. If a speaker, volunteer, or organizer is distributing a WordPress product it needs to be 100% GPL, i.e., the CSS, JavaScript, and other assets need to be GPL, just like the PHP.

Mullenweg believes that Thesis 2 is not only not in the spirit of the GPL, but flagrantly operates in total violation of it, as Thesis 2 carries a 100% proprietary license. Considering the implications for folks that make stuff compatible with the GPL, it’s little surprise that Mullenweg has taken the stance and actions he has toward Pearson.

Thesis 2 carries a proprietary license

Chris Pearson’s comment on his blog post describes that the theme has always been a proprietary license, and he describes why it is okay to be such:

In October 2012, I released an all-new version of Thesis that carried the same name as the original (which had a split-GPL license), but that’s where the similarities stopped.

The new Thesis is not a Theme—it is an operating system for templates and design. This system runs Skins and Boxes, which are similar to Themes and Plugins, but with a boatload of built-in efficiencies that Themes and Plugins cannot provide.

It is worth noting the final paragraph of the SFLC’s opinion that Mullenweg has cited numerous times as justification against proprietary licenses does have a provision for avoiding WordPress’s copyright:

Finally, we note that it might be possible to design a valid WordPress theme that avoids the factors that subject it to WordPress’s copyright, but such a theme would have to forgo almost all the WordPress functionality that makes the software useful.

That’s exactly what Pearson believes Thesis 2 is. But the GPL has rarely been tested in a proper court, and never from a WordPress perspective. The SFLC’s opinion is just that, for now, whether Mullenweg likes it or not.

The GPL in court

The Free Software Foundation maintains the copyright on the text of the GPL itself, and between the FSF and the SFLC, a small number of lawsuits have occurred, and a German court upheld the GPL as a “valid, legally binding” license, but most of these tests have occurred outside of the United States. From what I can tell, cases involving the GPL have largely settled outside of court when based in the United States, or were argued on whether the GPL was legally applied, like in the case of SCO vs IBM, rather than whether the GPL was legally binding itself.

In another case, Wallace vs FSF, Daniel Wallace compared the GPL to price fixing, as it required software to be free. The FSF won the case, as the judge cited, “The GPL encourages, rather than discourages, free competition and the distribution of computer operating systems, the benefits of which directly pass to consumers. These benefits include lower prices, better access and more innovation.”

A much newer case involving VMware again tests the GPL. The Software Freedom Conservancy, “claims VMware is using the Linux kernel without respecting the terms of its copyright license, the GPL.” This case may offer a better precedent for WordPress and its derivative works, as it is centered on “module loading” in VMware, “with an insulating layer to allow its kernel to use unmodified Linux drivers.” The case gets murkier than that, as it may not have been as isolated as it was attempted, but the result could be decent precedent for similarly loading WordPress themes and plugins, in my opinion.

Limited guidance

Few lawyers want to be the first to test something in court. It’s easier to make a case when there are many cases before you to provide guidance. With the GPL, there is what’s called “limited guidance,” meaning that it’s untested, and therefore the outcome of a GPL case in the US could be very difficult to predict.

If a lawsuit does occur, it could prove costly to all parties involved, and I think it’s clear that Pearson and Mullenweg both wish that litigation was not happening, though both of them maintain a bit of a “you started it” attitude.

Without a formal court proceeding, which could last years, it’s going to be near impossible for Matt Mullenweg to fully prevent non-GPL compatible licenses to exist for WordPress themes and plugins. His best method to prevent it is to do what he’s done so far: make an example of bad offenders and cause anyone thinking of using a non-GPL compatible license to reconsider.

Are all WordPress themes derivative works?

A key question to whether themes and plugins must be GPL compatible licensed is whether the theme or plugin is a derivative of WordPress itself. If it is derivative, then it is under the umbrella of the GPL’s Copyleft nature.

Folks disagree a good bit on how themes and plugins should be considered as derivative works, though most either agree with Mullenweg’s strict “spirit of the GPL” view, or at least have molded to avoid being an outcast.

The strongest argument I’ve seen in favor of all themes being derivative of WordPress — no matter how much or little they rely on WordPress functionality — is from WordPress lead developer Mark Jaquith:

There is a tendency to think that there are two things: WordPress, and the active theme. But they do not run separately. They run as one cohesive unit. They don’t even run in a sequential order. WordPress starts up, WordPress tells the theme to run its functions and register its hooks and filters, then WordPress runs some queries, then WordPress calls the appropriate theme PHP file, and then the theme hooks into the queried WordPress data and uses WordPress functions to display it, and then WordPress shuts down and finishes the request. On that simple view, it looks like a multi-layered sandwich. But the integration is even more amalgamated than the sandwich analogy suggests.

Here is one important takeaway: themes interact with WordPress (and WordPress with themes) the exact same way that WordPress interacts with itself. Give that a second read, and then we’ll digest.

The same core WordPress functions that themes use are used by WordPress itself. The same action/filter hook system that themes use is used by WordPress itself. Themes can thus disable core WordPress functionality, or modify WordPress core data. Not just take WordPress’ ultimate output and change it, but actually reach into the internals of WordPress and change those values before WordPress is finished working with them. If you were thinking that theme code is a separate work because it is contained in a separate file, also consider that many core WordPress files work the same way. They define functions, they use the WordPress hook system to insert themselves at various places in the code, they perform various functions on their own but also interact with the rest of WordPress, etc. No one would argue that these core files don’t have to be licensed under the GPL — but they operate in the same way that themes do!

It isn’t correct to think of WordPress and a theme as separate entities. As far as the code is concerned, they form one functional unit. The theme code doesn’t sit “on top of” WordPress. It is within it, in multiple different places, with multiple interdependencies. This forms a web of shared data structures and code all contained within a shared memory space. If you followed the code execution for Thesis as it jumped between WordPress core code and Thesis-specific code, you’d get a headache, because you’d be jumping back and forth literally hundreds of times. But that is an artificial distinction that you’d only be aware of based on which file contained a particular function. To the PHP parser, it is all one and the same. There isn’t WordPress core code and theme code. There is merely the resulting product, which parses as one code entity.

Jaquith’s argument that the theme and WordPress execute together to form a joint “modified work” is the key phrase, I believe. As he states, and I tend to agree, it does not matter that the files are separate or that they can be distributed independently; together, when executed, they are so intertwined that they become a single work.

That said, the theme is clearly dependent on WordPress itself, which is another common justification that themes are derivative. Explaining this concept is simple: WordPress can be distributed without any theme but those that ship with it by default. But a distributed theme, like Thesis, must be installed and activated using WordPress’s own schema for loading a template, and cannot operate independently of WordPress.

What about the WordPress REST API?

Thus far, we’ve discussed the derivative nature of WordPress themes and plugins, which require they operate within the WordPress install. It is a different matter if we consider applications that consume data or interact with WordPress as an outside application.

The WordPress REST API enables one to interact with or consume data from WordPress, while being wholly independent of the WordPress install. Jaquith makes a clear exception for a scenario like this (and also applies it to technologies like RSS and XML-RPC):

Something that interacts with these APIs sits entirely outside of WordPress. Google Reader doesn’t become part of WordPress by accessing your feed, and MarsEdit doesn’t become part of WordPress when you use it to publish a post on your WordPress blog. These are separate applications, running separately, on separate codebases. All they are doing is communicating. Applications that interact with WordPress this way are separate works, and the author can license them in any way they have authority to do so.

The GNU’s take

The GNU agrees with Jaquith’s take. They provide an FAQ to answer, “”What is the difference between an ‘aggregate’ and other kinds of ‘modified versions’?” The emphasis provided is my own:

An “aggregate” consists of a number of separate programs, distributed together on the same CD-ROM or other media. The GPL permits you to create and distribute an aggregate, even when the licenses of the other software are non-free or GPL-incompatible. The only condition is that you cannot release the aggregate under a license that prohibits users from exercising rights that each program’s individual license would grant them.

Where’s the line between two separate programs, and one program with two parts? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).

If the modules are included in the same executable file, they are definitely combined in one program. If modules are designed to run linked together in a shared address space, that almost surely means combining them into one program.

By contrast, pipes, sockets and command-line arguments are communication mechanisms normally used between two separate programs. So when they are used for communication, the modules normally are separate programs. But if the semantics of the communication are intimate enough, exchanging complex internal data structures, that too could be a basis to consider the two parts as combined into a larger program.

The GNU argument falls very much in line with Jaquith’s, though admits itself that judges must decide whether it’s the case, in the end.

The case against The GNU position on derivative works

The University of Washington School of Law has a section of their website devoted to the, “business, legal and technical consequences of choosing Open Source Software (OSS) or proprietary software.” They cover many of the topics I’ve outlined in this post so far, and in the case of the GPL and derivative works, they believe the GNU is overstepping with an “expansive definition” of derivative works with consequences, “counter to the goals of the proponents of Free Software.”

The most compelling of multiple derivative works examples they provide is that of subclasses. For example, imagine a class, Some_Theme_Class that extends Some_Core_WordPress_Class. The GPL FAQ is very hardline on the topic (and for what it’s worth, Thesis 2 does extend some WordPress core classes). Washington believes the GNU stance on inheritance is too over-reaching:

Example 5: Programmer X wishes to write a class D, that is a subclass of existing class B. Class B is subject to the terms of the GPL. If X distributes D, does it have to be licensed under the terms of the GPL?

The answer given in the GPL FAQ is short and to the point: “Subclassing is creating a derivative work.” In our example, this makes D a work derived from B, and thereby makes D subject to the terms of the GPL upon distribution. This approach attempts to further broaden the reach of the GPL, but it again leads to counter-intuitive results.

Typical object oriented programming languages include a standard class hierarchy. This hierarchy provides a framework within which application developers can build their programs. The standard classes typically provide useful classes that represent user interface elements (e.g. windows, buttons, etc.), collection classes (for handling collections of data), and input-output abstractions (e.g. files and networking connections). In many object oriented languages, each class must be a subclass of exactly one superclass. And for this reason, the class hierarchies are rooted by a highly generic, standard class called Object. (The question of the superclass of Object is beyond the scope of this article.) The class Object describes only the most general properties and behaviors. For instance, in Java, the class Object only performs a handful of functions. In Java, every class is a subclass (directly or indirectly) of the Object class. Under the GPL approach, then, every program written in Java is a derived work of Object, because every program written in Java by definition consists of classes that inherit from the Object class.

Whether this argument or any of the others Washington outlines would apply to WordPress themes and/or plugins would, again, need to be settled in court. But Washington does give a compelling argument.

They conclude with the following:

In some ways, the apparent weaknesses in the GPL should come as no surprise, as the GPL was born of an era in which the central artifact of software development and distribution was the monolithic executable. In such a universe, software development proceeded principally by modifying the existing source text of programs, compiling source modules, linking the corresponding object files, and distributing the resulting executable. This model of software development and distribution has become increasingly fractured in an era characterized by highly dynamic, late binding, object- and network-based systems. The GPL, consequently, strains to cover these newly arising scenarios.

To effectuate the goals of the free software movement, the drafters of the GPL urge a generally expansive definition of derivative work. The great irony is, of course, that such an expansive definition would have second order consequences that are exactly counter to the goals of the proponents of Free Software. A broad definition of derivative would give code authors less freedom to create software that they can truly call their own and do with as they please. And if naive analytic approaches such as “subclassing equals derivation” reign, then proprietary vendors such as Microsoft could arguably stake claim to every program ever written in C#, because they authored the original class hierarchy. And since it seems unlikely that courts would employ different standards depending on the goals or ideological motivations of licensors, proponents of free software might want to be careful what they wish for: what’s good for the GNU might not be good for the gander.

Aggressive license agreements

Both the GPL and DIYthemes’ proprietary license could be appropriately identified as aggressive. The Copyleft nature of the GPL annoys many open source advocates, who would prefer a less restrictive license for developers, like the MIT or BSD licenses. The GPL is absolutely an opinionated license.

Pearson’s proprietary license is also aggressive, in the other direction. I’ve never purchased a WordPress-centric product that so strongly forced me to accept a license. Usually, you have to look in the source code or a page on the website for a license; DIYthemes forces you to accept the terms of the proprietary license before you can download the product at all.

Derivative works are not a bright line

The GNU attempts to offer a “bright line” distinction for derivative works. A bright line, in much of the legal analysis I’ve read, is where thing x is so because of thing y, and can be applied across the board. You can clearly see the bright line, and when it has been crossed.

Washington proves the point quite well that the GNU’s bright line approach to derivation is quite challengeable. But I don’t think their arguments prove that WordPress themes in particular are not derivative. I believe, from a legal perspective, it’s fuzzier than a bright line approach, and if I were Mullenweg or anyone defending GPL software, I would not be excited to take the issue to court.

The “spirit of the GPL” is to offer users liberal freedoms, even while restricting developers building on a GPL licensed application. And I believe there is merit in the fact that WordPress, its co-founders, its lead developers, and the vast majority of its copyright holders (contributors) wish to defend the spirit of the license, even if it’s not been tested in court.

Pearson is not in the majority opinion by using a proprietary license, but he is also not definitively in a position of legal wrongdoing. His desire to protect his works from user freedoms with a proprietary license may well be tested all the way to the courts, and he must be prepared to deal with that, but I don’t believe there is clear wrongdoing, legally, with his license.

A tale of idealism

Matt Mullenweg and Chris Pearson are two of the most idealistic people I’ve ever observed. They are near polar opposites, from their business belief systems and even their general world views.

One of the most depressing components of my research was something Pearson told me. I asked him why he doesn’t just get out of it all and do something else. He’s not married to the culture of WordPress bestowed on it by its leaders. He called it, the “zeitgeist of western culture,” with its openness, zen attitude, and more that he feels no need to embrace if he doesn’t want to.

But he admits that WordPress, “is the most used piece of software to build a website in the world. WordPress was the beneficiary of impeccable timing.” And it’s a tool for him to make his living; it’s his job, and he doesn’t see a need to be in love with every aspect of his job. This is what made me sad, because for most of us that make our living within this space, we were able to escape the “it’s just a job” mentality and be emotionally enriched by what is possible on the open web.

Matt could probably drop his various issues with Pearson and life would go on. The vast majority of WordPress businesses could understand the status quo and live by it, and those that don’t can keep living their lives outside of the approval of Mullenweg, and for that matter, the official WordPress project and website. But he too insists to stand up for his ideals and the web he believes in. He sees himself as a defender of the user, and his defense of the GPL is an extension of his core beliefs on software.

They will never agree on licensing, that much is clear. The question of what’s next is multi-layered.

Will litigation continue?

Undoubtedly, yes, litigation will continue. But the litigation should be viewed as three distinct parts:

  • In regard to the thesis.com domain, it’s really a sideline issue that resulted from more deep-rooted differences in ideals that turned into a personal spat. Pearson may continue in court to try and get the domain back, but I doubt it. I don’t know if Automattic will relent on the trademark cancellation requests, but I wouldn’t be surprised if they dropped it in some form of settlement.
  • The patent issue is not over. I believe Automattic and potentially other organizations will challenge Pearson’s patent application using a variety of legal options available. The chances the patent gets approved or holds up long term are unlikely (but yes, it is possible), and I don’t believe there is a significant chance it will have longstanding implications on the WordPress project.
  • I believe the GPL will continue to be tested in court, and eventually we may have a proper precedent set to put current questions aside. I won’t pretend a guess how it will turn out, because I think it truly depends on many, many factors. I do think that if Matt Mullenweg pursues a case himself, he will be joined by a number of interested organizations, including the Free Software Foundation; or the GPL debate could be settled in court in a completely different dispute, unrelated to WordPress — but have a longstanding impact on products made for WordPress.

Is this debate bad for WordPress?

The way this debate has occurred is bad for WordPress. Neither Matt Mullenweg nor Chris Pearson looks like a saint right now. And parts of the whole thing don’t do a whole lot to further the conversation.

At the root of the debate is licensing, and that debate is worth having.

It is important that we separate the intent and the legal interpretation of the GPL. It is also important that we separate one’s legal ability to not license distributed WordPress products as GPL compatible, versus the business and community consequences that may result from such a decision.


This post would not be possible without the Post Status Partners and Members that fund the website, and my ability to write about WordPress full time. If you enjoyed this post, please consider becoming a Post Status member to fund more free content, plus loads of great members-only benefits, including a daily-ish newsletter that keeps you covered on the happenings of the WordPress world.

I would also like to thank Matt Mullenweg and Chris Pearson for the interviews they provided me in preparation of this post.

And I’d like to thank my lawyer, Keith Lee (a WordPress fan and blogger himself!) for helping me think through some of the legal matters discussed — though the opinions themselves are my own.

Finally, I’d like to thank the folks that helped me review the post, consider my positions, and organize my thoughts. You know who you are.

by Brian Krogsgard at July 24, 2015 01:42 AM under Everyone

July 23, 2015

WPTavern: Who’s Using the WordPress REST API?


Ryan McCue and the WP REST API team are seeking feedback on the project ahead of the API merging into core. McCue invited comments on the post to find out how and where it’s currently being used, in hopes of identifying any roadblocks developers may be facing.

“We’d love to hear feedback from everyone using this, from JS-only developers coming to WP for the first time, through WordPress plugin and theme developers, all the way through to PHP developers not involved with WordPress,” he said.

Comments on the post provide a nice overview of places where the API is already in use in production all over the WordPress development community. A few examples include:

  • Human Made uses the API with client projects, i.e. to create a Node-powered frontend and maintain the familiar WordPress admin.
  • Reactor uses the API to create mobile apps that digest the API themselves.
  • Aesop Interactive uses the API with Lasso and also to power the WP Live Search plugin.
  • A large industrial real estate firm manages its properties via an internal proprietary .NET app with a public-facing site powered by WP. It uses the API to sync property data (in real time) between the internal app and the website so the real estate listings will always be current.
  • Join In, a site organizing volunteers in the UK, used the API to create an embeddable JS widget.
  • Per Soderlind used the WP REST API as a backend for an iOS application for the Norwegian Ministry of Petroleum and Energy.
  • Modern Tribe is building sites that use the REST API to power both Handlebars and full page React templates in themes.

Those are just a small sampling of places where the API is being used to make WordPress more flexible for creating custom solutions. For many who are using the API or hoping to use it, the main hindrance is that it’s not yet in core.

“The biggest issue right now is that the REST API isn’t included in core,” a representative from Ashworth Creative commented. “If we build plugins or a theme that needs to consume data asynchronously, we’d either have to bundle the API and have to maintain it in our repositories as a dependency, or have clients install and maintain it on their own.”

WordPress developer Nate Wright echoed that opinion and is eager to be able to extend it for use in his products, without having to include it as a plugin.

“Put it in core, so that as a plugin developer I can make use of it in my products,” he said. “I built the most popular Restaurant Reservations plugin in the .org repo, and I am eager to add a robust capacity/table management component for it using the REST API and a jQuery/Underscore/Backbone stack.”

Early adopters have the unique opportunity to provide feedback on the REST API and help shape priorities for development. If you are using the API somewhere in the wild, make sure to leave your feedback on McCue’s post to help the team make any necessary changes required before it’s merged into core.

by Sarah Gooding at July 23, 2015 09:15 PM under wp rest api

WPTavern: WPWeekly Episode 200 – The Big Two Oh Oh

In this special 200th episode of WordPress Weekly, I’m joined by Marcus Couch, Brad Williams, Ronald Huereca, and Ptah Dunbar. Brad, Ronald, and Ptah were among the first to support WordPress Weekly. They helped get the show off the ground and provided momentum.

Seven years have passed since I started WordPress Weekly. In those seven years, each one of my guests have gone on to do great things with WordPress. We find out what they’re up to these days and recall memorable moments of the show. Near the beginning of the show, we held a moment of silence in Kim’s memory.

I had a great time hosting episode 200, but I’m sad that the late Kim Parsell couldn’t celebrate with us. When I started WordPress Weekly in 2008, Kim would often join me on each episode to provide a countdown before I pressed the record button.

She was occasionally a guest on the show. After the show, she would stick around for a half hour to an hour to talk about whatever was on her mind. In many ways, the show offered her an opportunity to connect and speak to WordPress people every week. It was the closest thing to a meetup she could regularly attend.

Thanks to everyone who listens to the show and provides us with valuable feedback. Join us next Wednesday, as we begin the journey to episode 300.

History of WordPress Weekly:

  • My first show on Talkshoe.com was 7 years ago on January 11th, 2008.
  • WordPress 2.3.2 was released.
  • WordPress 2.5 took the place of 2.4.
  • Episode 100 was on June 5th 2010.
  • I took a two year break after episode 117 October 28th, 2011.
  • I resumed the show on August 16th 2013 which was also my last show on Talkshoe.
  • Marcus became a co-host January 18th, 2014, on Episode 134.

Plugins Picked By Marcus:

Flow-Flow Social Streams lets you display your Facebook, Twitter, and Instagram messages in a responsive grid.

Test Payment Module for Woocommerce gives you the option to test payments in WooCommerce locally without using services such as Paypal or Authorize.net.

DropBox Backup by Supsystic allows you to backup to Dropbox and FTP with one click. You can also restore full or partial backups from DropBox.

WPWeekly Meta:

Next Episode: Wednesday, July 29th 4 P.M. Eastern

Subscribe To WPWeekly Via Itunes: Click here to subscribe

Subscribe To WPWeekly Via RSS: Click here to subscribe

Subscribe To WPWeekly Via Stitcher Radio: Click here to subscribe

Listen To Episode #200:

by Jeff Chandler at July 23, 2015 08:30 PM under Ronald Huereca

WPTavern: Philadelphia, PA to Host WordCamp US December 4th–6th

Matt Mullenweg announced that Philadelphia, PA, will host WordCamp US December 4th–6th at the Pennsylvania Convention center. Philadelphia will also host WordCamp US in 2016, although no dates have been chosen yet.

According to Mullenweg, “Having it the same place two years in a row allows us to keep logistics a set variable and really focus on the rest of the event in the second year.” The 2017 and 2018 host cities will be chosen in between the first and second event. This allows the team in the host city to volunteer and gain on-the-ground experience in Philadelphia.

Out of six cities chosen to possibly host WordCamp US and 1,390 total voters, Tavern readers voted to have it in Phoenix, AZ, citing its warm weather during winter months. Philadelphia, home of the cheesesteak, was a close second.

The event is inspired by WordCamp Europe, where organizers take an entire year to plan and coordinate the event. Some readers questioned whether the event would be held this year considering applications to be the host city weren’t accepted until June.

With only half a year to plan and organize WordCamp US, it will be interesting to see how the first one goes. Let us know if you plan on attending the event and if you’re going to bring ear muffs as Philadelphia during that time of year is cold.

by Jeff Chandler at July 23, 2015 05:31 PM under wordcamp us

Matt: WordCamp US to be in Philadelphia

WordCamp USThere were amazing applications for teams and cities to host the inaugural WordCamp US, a concept originally floated at the State of the Word last year. It was very hard to make a choice, but can now announce that the birthplace of the United States, Philadelphia, will host the first WCUS on December 4th–6th. They will also host it in 2016, but no dates have been chosen yet.

Having it the same place two years in a row allows us to keep logistics a set variable and really focus on the rest of the event in the second year. I also want to use it to facilitate experience transfer: We’ll choose the 2017 + 2018 host city in between the first and second event, so that team can volunteer on the ground the second year Philadelphia hosts it to learn from their experience. Hat tip: Cool graphic by Andrew Bergeron.

by Matt at July 23, 2015 04:38 PM under Asides

WPTavern: WordPress 4.2.3 is a Critical Security Release, Fixes an XSS Vulnerability

photo credit: Lock - (license)photo credit: Lock(license)

WordPress users in the Americas woke this morning to find update notices in their inboxes due to a critical security vulnerability. WordPress 4.2.3 was released today and automatically pushed out to sites that have auto-updates enabled.

Because this is a security release for all previous versions of WordPress, those who do not have automatic update enabled will need to manually update their sites immediately. Core contributor Gary Pendergast explained the severity of the bug in the release post:

WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team.

We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft.

Pendergast thanked all parties reporting vulnerabilities for responsibly disclosing them to the WordPress security team.

This release also contains fixes for 20 bugs from 4.2, including one that might require you to update your database before being allowed back into the admin.


Not all WordPress users who are updating will be greeted with this message, but if you see it, don’t panic. It’s related to one of the bug fixes included in the release.

“It was a bug fix in 4.2.3, not backported – some versions of PHP didn’t run the utf8mb4 update correctly,” Pendergast said when asked about the required database update.

Unfortunately, in some instances, clicking the “Update WordPress Database” button may require multiple attempts. This is unusual but Pendergast said that improving database upgrades is high on the team’s list of priorities.

A list of all the files revised is available on the 4.2.3 release page.

by Sarah Gooding at July 23, 2015 02:06 PM under xss vulnerability

WPTavern: WordPress Custom Post Type UI Plugin Passes 1 Million Downloads

photo credit: Stephanie McCabephoto credit: Stephanie McCabe

In June of 2010, WordPress 3.0 Thelonious was released with the historic merge of WordPress MU into core and the debut of the brand new Twenty Ten default theme. This pivotal release also gave developers the ability to register their own custom post types. Expanding WordPress’ custom content capabilities beyond simple posts and pages has been critical to the platform maintaining its dominance as the world’s most used CMS.

Thousands of WordPress developers make a living from products that are based on custom post types. Five years ago, when the feature was still new, you had to know how to write the code to register a new post type. That’s when the folks at WebDevStudios released Custom Post Type UI, a plugin that offers an admin interface for creating and managing post types and their associated taxonomies.


The company counts more than 30 plugins in its collection on WordPress.org, but Custom Post Type UI is by far the most successful. Last week it passed one million downloads and maintains a 4.6 out of 5-star average rating from users. The plugin is currently active on more than 200,000 WordPress sites.

Passing the 1 Million Downloads Milestone

Michael Beckwith, the current maintainer of Custom Post Type UI, published a post detailing the evolution of the plugin’s UI and codebase. His transparent account covers how the team overcame the challenges of their massive codebase overhaul and the undetected bugs that come crawling out of the woodwork with a major release.

A plugin with a user base in the hundreds of thousands that manages to maintain a nearly 5-star average rating on WordPress.org is a notable achievement, especially when it involves weathering the UI and code updates required to keep pace with WordPress.

“I believe this milestone represents the fact that making features usable and more user-friendly to the ‘average Joe’ can take you a long ways,” Beckwith said. “Custom Post Type UI made it easier for more people to tap into the power and customization ability that custom post types and taxonomies offer to a WordPress powered website. Because of that ease of use, many have added it to their toolbox for every website they have or work on, and recommend it to their friends.”

The plugin is being developed on GitHub. Although there are many enhancements under consideration, Beckwith said that no major changes are planned for the near future.

“I would love more to get more people up-to-date on the current version and let it be the stable version for awhile,” he said.

“Looking at our stats page, we still have reported active installs using as far back as version 0.6. While I can sit here scratching my head as to why, I also have to consider that that version is stable enough and still meeting the needs of 0.6% of our users.

“If it is not breaking for them, and there is no security concerns, then it is not all bad that they are still marching on. There is also the minimum version requirement to keep in mind. There are still WordPress installs active and out in the wild that are not running WordPress 3.8 or higher. Until they are, those users are not going to be notified that there is even an update available,” he said.

If you want to learn more about what it takes to maintain a popular plugin while successfully navigating the years of changes and support, check out WebDevStudios’ 1 million downloads celebration post.

by Sarah Gooding at July 23, 2015 01:35 AM under custom post types

July 22, 2015

WPTavern: WordPress 4.3 Moves Customize to Its Own Top-level Menu in the Admin Bar

When menu management was proposed to be merged into WordPress 4.3, a common complaint expressed by readers was that clicking the Widgets menu item in the admin bar loads the customizer instead of the Widgets admin screen. WordPress 4.3 separates the management interfaces by moving the Customize link to the top-level menu of the admin bar. This link opens the customizer, allowing you to manage menus, appearance, and widgets through the customizer interface.

WordPress 4.2 Admin BarWordPress 4.2 Admin Bar WP43AdminBarWordPress 4.3 Admin Bar

The Dashboard, Themes, Widgets, and Menus links take users to their corresponding admin pages in the backend of WordPress. This makes it clear which interface users are about to enter. The enhancement is a result of ticket #32678 where Helen Hou-Sandí and other WordPress core contributors discussed ways to improve the context of each link over the course of five weeks.

Within the ticket, Nick Halsey, who has spent a lot of time on the customizer, explains that the approach taken in the ticket addresses short-term problems while setting the stage for future improvements.

The Customizer gets the visibility it deserves and becomes more conceptually separated from ‘Appearance’, the admin becomes significantly more accessible from the front-end, the often-unhelpful dashboard is de-emphasized, etc. We also have the ability to easily upgrade the Customize link to do a much faster/shinier loading of the Customizer in the future without moving it.

Notably, the add-content and edit-content links remain separated from the admin menu (and we skip submenus there for simplicity), setting us up to be able to point them to a front-end-contextual content-creating/editing experience if we build that in the future, without moving links around. This minor rearrangement should be able to last several years without things moving around much if at all, even as further adjustments are made to the features they point to.

On the surface, it appears to be a simple change but a lot of time and effort went into it. It required several core contributors to discuss a variety of mockups, ideas, and flows before the team figured out a solution.

Separating how users enter each interface will be a welcome enhancement to anyone who prefers one over the other to manage themes, widgets, and menus.

by Jeff Chandler at July 22, 2015 11:28 PM under wordpress 4.3

WPTavern: How and When Mullenweg Learned Thesis Changed Back to a Proprietary License

We now know when Matt Mullenweg discovered Chris Pearson changed Thesis’ license from split GPL to a proprietary one. On April 1st 2014, Siobhan McKeown interviewed Matt Mullenweg for the WordPress history book.

In the interview, we learn about the history of WordPress themes, the GPL, how Automattic unintentionally created the commercial theme market, why 200 themes were removed from the directory for sponsored links and much more.

At the 30 minute mark, McKeown asks Mullenweg, at what point did he decide to go to the Software Freedom Law Center to receive clarification on if the default themes that ship with WordPress are derivatives? He responds:

I believe that was around our engagement with Mr. Pearson. I don’t know if it was before or after the Mixergy interview with our spirited online debate, but it was definitely around that time. I’m not a lawyer! I can read it and I can understand it from a logical point of view, but the Software Freedom Law Center is obviously the world experts in this and having them officially opine is the closest we can get to – it’s the next best thing to having a court case.

I was actually very excited that perhaps Chris would actually go to court, because as you know there isn’t a ton of case law around the GPL and normally, because no one is stubborn enough to actually go to court over it, and I thought, “Oh, we finally got one!” And I was looking forward to being able to discuss in the U.S. law system and provide the precedent for anyone who comes after us to protect the GPL.

Because companies like Cisco and LinkSys and huge companies with billions of dollars in resources have opted to not fight it, so you really do need someone who is going to be stubborn enough to fight it.

At the climax of the debate in 2010, some members of the WordPress community wanted to see the argument go to court so a ruling could set a precedent on when a work becomes derivative.

At the 33 minute mark, McKeown informs Mullenweg that Thesis switched from a split GPL license to a proprietary license. This is the first time since his debate with Pearson in 2010, that Mullenweg discovers Thesis switched back to a proprietary license. He responds:

I have not seen that. So we’d have to do a code analysis again. As you know the Software Freedom Law Center says that non-PHP, so non-linked code which can be CSS, images and JavaScript, isn’t required to be GPL. It doesn’t trigger the viral nature of WordPress’ GPL code.

The stance of the WordPress community was that a theme without images or CSS isn’t much of a theme so, even though something could be legally compliant, if the entire package isn’t providing the same freedoms for users it’s not something that we want to link to or promote. Because it doesn’t really follow the things that we hold dear and true in WordPress.

On January 15, 2014, Chris Pearson received a copy of Mullenweg’s inquiry into thesis.com from Larry of GetYourDomain.com. This is approximately four months prior to discovering Thesis was being sold under a proprietary license. However, the exact date in which Mullenweg obtained ownership of the domain is unknown.

Email shared by Pearson showing Mullenweg's interest in the domainEmail shared by Pearson showing Mullenweg’s interest in the domain

The first publicly known use of the domain that confirmed Mullenweg’s ownership was on October 26th, 2014, at WordCamp San Francisco during the Question and Answer session.

As the interview continues, McKeown asks Mullenweg if he reached out to companies like Template Monster that sells WordPress themes that are not GPL Licensed. He responds:

We got in touch with everyone that we could, and it was definitely – it was a lot of time. There are times when WordPress core stuff is more than a full-time job for me and now is definitely one of them.

I see your link to a [inaudible]. There’s always ways to word licenses around multi-site support where perhaps the code is GPL but the developer chooses to not provide support for more than one site unless you buy a special license. So sometimes people interpret those to be a GPL violation when actually they’re not.

I’m not aware of what Chris has done and I’d like to think that he is supportive – he has done so well from the WordPress community that he’d be supportive of themes continuing to be GPL, especially since his business didn’t crash like he was worried it would.

McKeown jokes that lawyers might have written Thesis’ license agreement. Mullenweg responds, “Well, maybe we’ll dive back into it.” More than 14 months later, Mullenweg has dived back into it with Pearson.

It’s unclear if in this second round of arguments, Mullenweg will take Pearson to court to settle the GPL derivative argument once and for all.

by Jeff Chandler at July 22, 2015 11:21 PM under thesis

WPTavern: Create and Manage BuddyPress Member Types with the BP Member Type Generator Plugin

photo credit: Dunechaser - ccphoto credit: Dunechasercc

BuddyPress 2.2 introduced a Member Type API, which allows developers to register their own unique member types, i.e. teacher, student, coach, etc. This was an exciting addition to BuddyPress but not very accessible to non-technical community managers, since it requires writing your own plugin to utilize it.

BP Member Type Generator is a new plugin from Brajesh Singh, prolific plugin author and owner of BuddyDev. The plugin makes it easy for site administrators to create and manage member types in the admin – without having to write any code.

A quick overview of its features includes:

  • Create/Edit/Delete Member Types from WordPress admin
  • Bulk assign member type to users from the users list screen
  • A member type can be marked active/inactive from the edit member type page
  • Compatible with multisite installations

When creating a new member type, administrators have the option to enable a directory that will list all members from that type on one page.


If you want to add the plugin and separate your members into different types, the task is not as overwhelming as it might sound. When you visit the user listing page in the admin, you can use the plugin’s bulk “change member type” dropdown to bulk assign users to a new member type. (This feature is also available in the Extended Profile section for each individual user in the admin.)


If you want to make the member types available for selection upon user registration, Singh created a free companion plugin called BP Xprofile Member Type Field that puts this on the frontend. If you want to restrict members from modifying their user type after registration, you can also add the free Non Editable Profile field plugin.


Please note that BP Member Type Generator cannot detect and manage other member types that have previously been added via code in a plugin. This might create some confusion if you already have existing member types. However, if you’re just starting with setting up and organizing member types, or are willing to reorganize member types, the BP Member Type Generator offers an easy way to do it.

This plugin is an important and much needed new tool that puts the creation of unique member types into the hands of BuddyPress community administrators, regardless of skill level. You can download BP Member Type Generator for free from WordPress.org. Singh does not officially support his plugins via the WordPress forums, but users can provide feedback via the BuddyDev blog or get professional support on the BuddyDev Premium Support Forums.

by Sarah Gooding at July 22, 2015 09:51 PM under member types API

Joseph: Recommended Consultants

My personal list of WordPress consultants has dried up ( some took full time jobs, the rest are always booked solid ). Now I’m directing people to the Recommended Consultants & Resources list from Joey Kudish.

by Joseph Scott at July 22, 2015 02:01 PM under WordPress

WPTavern: Nick Haskins Receives Cease and Desist Letter for Violating LassoSoft Trademarks

Nick Haskins, the founder and lead developer of Lasso, is rebranding the product after being served a cease and desist letter.

A few days ago, Haskins was served a cease and desist letter from LassoSoft. According to LassoSoft, “Lasso is a development platform and is the easiest, quickest and most secure method of supporting custom, data-driven web sites on the market today.”

Before launching a product, Haskins searches Google to see if similar products exist with the same name, “Apparently we didn’t look hard enough when naming Lasso,” he said.

Three Requirements That Must Be Met

Haskins shared the letter to educate others in the business of WordPress. In the letter, attorney’s for LassoSoft point out the company’s registered trademarks and says it commenced using the mark in the US in 1998 and in Canada in 1997.

LassoSoft claims to have documented at least one case of confusion between the two brands and says the continued use of Lasso will cause even more confusion.

Attorney’s for LassoSoft provided three requirements that must be met for an amicable end to the dispute:

  1. Permanently ceasing all use of the term “Lasso” and any trademark which includes or incorporates the term “Lasso”, in connection with any software or related goods and services.
  2. Removing all references to the term “Lasso” from the Website.
  3. Removing all references to the term “Lasso” from any marketing materials including flyers, catalogs, etc.

Haskins has until July 29th to satisfy the requirements and provide LassoSoft with written confirmation that he has permanently ceased all use of the term “Lasso” in association with software.

Transitioning Momentum

Rebranding a product that has momentum can be a crushing blow to a business that doesn’t manage the transition correctly. I asked Haskins how he plans to shift momentum from Lasso to the new brand name.

“The first idea I had, was to let the community rename it, possibly even have a $500 prize to the winning name. By incentivizing a rebranding campaign, together with a concentrated effort on re-educating, along with URL redirects and custom messages, I feel pretty strongly that we’ll be able to move right along without skipping a beat,” he said.

When it comes to naming a WordPress product and launching it into the WordPress ecosystem, Haskins offers the following advice:

“Use Google to see if it already exists either in the WordPress ecosystem or in a related field. This may seem like a no-brainer and it’s really common sense, but for some reason, I either never searched or that company never popped up. At any rate, I think you’ll be in good shape by sticking to something with wp prefixed or appended to the name.”

“Avoid generic terms and verbs because apparently, you can trademark a verb. I’d also run the search again in six months and if it’s a product that you plan on working on for a while, go through the process of getting the term trademarked.”

In addition to Haskins’ advice, I recommend using a search and discovery process provided by legal counsel familiar with trademark law.

Help Haskins Rebrand Lasso

In light of the battle between Chris Pearson and Matt Mullenweg involving patents, GPL, and trademarks, Haskins decided to rebrand Lasso, “There are a lot more important things in life than the name of a plugin for WordPress,” he said.

Haskins is giving the community an opportunity to rebrand his product. So far, he’s ruled out WP Front End Editor as it’s too similar to the name of a feature plugin that may one day be merged into WordPress core.

If you have an idea on what to call Lasso, please leave a comment on this post. Sometime next week, Haskins will gather the suggestions and publish a poll where the community can vote on which one is best.

by Jeff Chandler at July 22, 2015 01:08 AM under nick haskins

July 21, 2015

Matt: There is No Such Thing as a Split License

There’s a term that pops in the WordPress community, “split license”, that we should put to rest. It’s sloppy at best, misleading at worst.

First, some background. WordPress is under a license called the GPL, which basically says you can do whatever you like with the software, but if you distribute changes or create derivative works they also need to be under the GPL. Think of it like a Creative Commons Sharealike license.

In the past people weren’t sure if themes for WordPress were derivative works and needed to be GPL. In 2009 we got an outside legal opinion that cleared up the matter saying that the PHP in themes definitely had to be GPL, and for CSS and images it was optional. Basically everyone in the WP community went fully GPL, sometimes called 100% GPL, for all the files required to run their theme (PHP, JS, CSS, artwork). The predicted theme apocalypse and death of WordPress didn’t happen and in fact both theme shops and WordPress flourished, and best of all users had all the same freedoms from their themes as they got from WordPress. It was controversial at the time, but I think history has reflected well on the approach the WP community took.

As I said the PHP has to be GPL, the other stuff can be something else — many people started to use the term “split license” or “split GPL” to describe this. The problem, especially with the latter, is it leaves out the most important information. “Split GPL” doesn’t say whether the theme is violating WordPress’ license or not (maybe it’s proprietary PHP and GPL CSS), and more importantly doesn’t say what the non-GPL stuff is, which is the part you need to worry about! It also makes it sound like a split license is a thing, when all it really means is there are different licenses for different parts of the work. If something has a “split license” you have no idea what restrictions or freedoms it provides.

If someone decides to have different licenses for different parts of a theme they ship in one package, it’s probably worth taking a few extra words to spell out what the rights and restrictions are, like “GPL PHP, and a restrictive proprietary license for all other elements included with the theme.” This is really important because if you’re a smart WordPress consumer you should avoid proprietary software, there is always a GPL alternative that gives you the rights and freedoms you deserve, and probably is from a nicer person who is more in line with the philosophy of the rest of WordPress. Vote with your pocketbook, buy GPL software!


by Matt at July 21, 2015 08:55 PM under Asides

WordPress Planet

This is an aggregation of blogs talking about WordPress from around the world. If you think your blog should be part of this send an email to Matt.

Official Blog

For official WP news, check out the WordPress Dev Blog.


Last updated:

August 01, 2015 01:15 AM
All times are UTC.