Howdy,

It’s good to be home again. As much as I enjoyed spending time with WordPressers in Porto, and with my family and long-time friends in Germany, it’s good to be back, too. It’s easier to work when there are less distractions.

Isn’t it an odd way of putting things? We are trying to find the sweet spot between working remotely from anywhere in the world, be it the home town where parents live or a new city, like Porto. There are always temptations and more fun things to do, or people to see, that make it hard to focus on work. If you work remotely, how are you dealing with it?

Anyway, speaking of distractions, there were some rumblings in the WordPress space, that took away some focus from WordPress 6.1, Gutenberg and the block editor and other cool things that are happening around the open-source project. You can read all about it on the WPTavern or this week’s issue of The Repository.

Back to the usual programming …

Yours, 💕
Birgit

PS: Don’t forget to reserve your seat for the upcoming Gutenber Live Q & A. I can hardly wait to talk about the cool block things happening at Pew Research Center!

A Block-First Approach at Pew Research Center with lead developer Seth Rubenstein and head of digital strategy, Michael Piccorossi
on July 22, at 11am EDT / 15:00 UTC

WordPress Release Information

Gutenberg 13.5

Anne McCarthy was the lead for this week’s Gutenberg plugin release and in her post What’s new in Gutenberg 13.5? she highlighted: “The 13.5 release comes with 12 enhancements and 15 bug fixes, with an improved featured image UX, expanded design tools for the Post Navigation Link block, a few solid accessibility fixes, and some nice quality of life improvements.”

Sarah Gooding over at WPTavern has more detail in her article Gutenberg 13.5 Adds Featured Image Placeholder Support for Cover Block, Cleaner Pasting to Other Apps.

Mary Job and I will bundle the changelog of Gutenberg 13.5 and 13.6 together in our next episode of Gutenberg Changelog, which will be recorded around July 7th, 2022. If you have questions for us or Gutenberg developer send us an email to changelog@gutenbergtimes.com.

WordPress 6.0.1 and 6.1 scheduled

The core team identified the team for the minor release 6.0.1 and proposed to schedule the RC for July 5th, 2022 and the final release a week later on July 12th,2022. Sergey Biryukov and Adam Zielinsky will coordinate the release. Anne McCarthy posted more details on tickets and PRs in her post WordPress 6.0.x release team and 6.0.1 schedule

Hector Prieto shared in his post WordPress 6.1 Planning Roundup the proposal schedule for the next major WordPress release, 6.1 and added a call for contributors to join the release team. If you are intested, leave a comment on the post. Proposed Release date is October 25, 2022 with Feature Freeze and first Beta on September 20, 2022. ICYMI, Matias Ventura posted a the Roadmap for 6.1 (block editor edition) a few weeks ago.

 “Keeping up with Gutenberg – Index 2022” 
A chronological list of the WordPress Make Blog posts from various teams involved in Gutenberg development: Design, Theme Review Team, Core Editor, Core JS, Core CSS, Test and Meta team from Jan. 2021 on. Updated by yours truly. The index 2020 is here

Building Themes for FSE and WordPress

On WordPress TV, the Anatomy of a Block Theme was published. “You quickly learn the key components of what makes up a block theme.”

Ramon James Dodd, Contributor to Gutenberg, posted an update on initiatives and goals around Block editor styles. “The purpose of this post is to highlight ongoing initiatives targeted at addressing these issues, and to outline longer-term ambitions to output more readable, efficient and extensible frontend styles.”

Dodd divided his post into three sections: First he highlights the recurring challenges for theme developers to style blocks, then he offers a three part strategy to tackle those challenges, and then he outlines how the contributors could get there, admitting: “Style nirvana might well be out there, however the path comprises individual stepping stones, discovering how individual parts contribute to the whole, and balancing compatibility and stability with innovation.”

This week, Mike McAlister, creator of Atomic Blocks in the early days, and now product designer and principal software enginieer at WPEngine announced on Twitter the alpha phase of FSE Studio, a “developer tool to make building full-site editing themes faster and easier to manage.” McAlister and Phil Johnston also shared a YouTube video of a first FSE Studio walk-through. It reminds me a little bit of Carolina Nymark’s Theme Generator and of David Gwyers ThemeGen App, both have a different goal in mind. From little I saw of the FSE Studio in the video, I like the one page list to check or uncheck the various design tools for users, and I am also intriged by the built in pattern creation tool. It promises “to streamline the theme building process and make theme management a breeze”. Can’t wait to see the alpha version. You can do, as they are looking for alpha testers. Connect with Mike McAlister via Twitter DM

If you can’t wait for the tool to go public, I wrote about four other block theme generators before.

• In Weekend edition 215 we listed three generators,
• Last week in #219, you learned about the  Create-Block Theme plugin.

Also this week, the WPWatercooler gang hosted Brian Gardner, creator for the theme Frost and developer advocate at WPEngine in their show about Full Site editing and Block Theme. Listen in on WordPress Themes Block It Like Its Hot. Brian Gardner also talked about his new theme he just announced via Twitter.

Need a plugin .zip from Gutenberg’s master branch?
Gutenberg Times provides daily build for testing and review.
Have you been using it? Hit reply and let me know.

WordPress Social Learning Spaces

June 27, 2022 – 1 pm EDT / 17:00 UTC
Hello Blocks! Coding a custom block with Ryan Welcher

June 30, 2022 – 5:00 PM EDT / 21:00 UTC
My First Recipe Blog with Destiny Kanno

July 4, 2022 5 pm EDT / 21:00 UTC
Using Block Patterns with Wes Theron

July 12, 2022, 5 pm EDT / 21:00 UTC
Explore the Block Directory with Wes Theron

Featured Image: Technology old circuit boards by Jennifer Bourn via WordPress Photos

Don’t want to miss the next Weekend Edition?

Immediately available is BP Rewrites 1.3.0. This maintenance release fixes two bugs and brings BP Rewrites compatibility to bbPress. For details on the changes, please read the 1.3.0 release notes.

Update to BP Rewrites 1.3.0 today in your WordPress Dashboard, or by downloading from the WordPress.org plugin repository.

Many thanks to 1.3.0 contributors 

shawfactor & imath.

In a recent Twitter storm, Matt Mullenweg characterized GoDaddy as “a parasitic company,” that is “an existential threat to WordPress’ future.” In a series of tweets that were subsequently deleted, Mullenweg contended that GoDaddy is lacking support for WordPress and WooCommerce, relative to how much the company is benefiting from the projects. He also said the company’s investment in proprietary website and store products is at odds with how much it gives back to WordPress.org.

This sparked a heated discussion across Twitter, the Advanced WordPress Facebook group, blog comments, and Post Status Slack. The most outspoken people were those who felt Mullenweg was arbitrarily disparaging one company’s contributions while commending another. There was also a significant group of people who vehemently agreed with his assessment.

“I think parasitic is the right word to apply to GoDaddy,” Boulder WordPress Meetup organizer Angela Bowman tweeted. “Taking something that is free and leveraging it for maximum profits by undercutting the very thing you are selling out of existence. Capitalism at its best, most ruthless, and short sighted.”

Bowman distilled it into a more succinct example:

GD: Why buy the cow when you can get the milk for free?

MM: Well, we need to feed and house the cow. Provide medication when needed. Or the cow dies.

GD: How long before it dies? How much $$$ can we make until it does?

I contacted GoDaddy to find out how many people the company sponsors and how much they spend on sponsoring events.

“Our company contributes to open-source in a variety of ways, including through dedicated employee roles, specific projects on which these employees work, and many employees who have a passion for the WordPress community and give back whenever possible,” GoDaddy Director of Public Relations Nick Fuller said.

The company declined to comment on specifics but pointed to its Five for the Future pledge page, which shows that GoDaddy sponsors 34 contributors for a total of 217 hours per week across 15 teams. With 9,000 employees, this amounts to a relatively small number of hours compared to other hosting and product companies, like Automattic (4098 hrs/week) and Yoast (250 hrs/week).

Compared to the other economy hosts listed on WordPress.org’s recommended hosting page, GoDaddy’s contributions are much smaller relative to its size:

• Bluehost (750 employees) sponsors 6 contributors for a total of 102 hours per week across 4 teams.
• SiteGround (500 employees) sponsors 12 contributors for a total of 58 hours per week across 7 teams.
• DreamHost (200 employees) sponsors 3 contributors for a total of 30 hours per week across 4 teams.

While GoDaddy’s contributions may be smaller in terms of work hours, the company allocates hundreds of thousands of dollars for sponsoring WordCamps and related events. After another successful WordCamp Europe in the books, many attendees agreed that the value of these events cannot be overstated. Without corporate sponsors, WordCamps would not happen on the scale that they currently do.

“Beyond contributions to open-source projects, GoDaddy is extremely active at various WordPress events,” Fuller said. “In 2022, our plan is to spend hundreds of thousands of dollars on WordCamp and other related events such as WordSesh and WordFest. Many of our employees will be active participants in these community events.”

When asked to comment on the accusations of being a “parasitic company” and “an existential threat to WordPress’ future,” Fuller would not address the complaints directly.

“We all have the same goal, to make WordPress better each and every day,” he said. “Our team is passionate about making WordPress better, both for the community and for our customers, and we greatly appreciate the support expressed by many in the WordPress community in recent days.”

Matt Mullenweg took to Post Status Slack today to clarify some of the opinions he voiced on Twitter yesterday. He hinted at strategies behind the scenes that even employees may not know about.

“Keep in mind that people might not be aware of actions happening in other parts of the company, for example the pressure from their new activist investors,” Mullenweg said. “As an example: I 100% believe the good intentions of the Google folks who were working on AMP, and of course we learned later it was part of a larger strategy they were unaware of that, after being disclosed in litigation discovery, appears malicious.”

Mullenweg also referenced the free-rider problem, a type of market failure where those who benefit from public goods do not pay or under-pay, which leads to over-consumption. This is similar to the Tragedy of Commons situation he mentioned in the past as a fate that WordPress is tying to avoid with its Five for the Future program.

“Failed open source projects usually succumb to the free rider trap — the parasites kill the host, which ultimately hurts the parasites as well but they can’t think beyond short-term,” Mullenweg said. “Successful open source projects escape the free rider problem, as WordPress has so far, largely because of awareness of it and people voting where to invest their talent and their dollars in organizations that contribute to the shared resource in a way that keeps it sustainable.”

If looking solely at the definition of Five for the Future contributions, GoDaddy may constitute a free rider. They are not conforming to what the project has requested from companies in order to keep WordPress sustainable for generations to come. However, highlighting GoDaddy in this fashion may not be the best way to extract more contributions or inspire others to be part of this initiative. WordPress needs to find a better means of dealing with what it deems to be under-performing contributors, because many well-meaning individuals can get trampled underneath the heavy tread of social sanctioning.

Awesome Motive, makers of popular plugins like OptinMonster, WPForms, and MonsterInsights, acquired WP Charitable this week. The plugin is used by more than 10,000 non-profits for creating fundraising campaigns and collecting online donations. It does not charge any transaction fees and currently has a 4.9/5-star average rating on WordPress.org.

“Wes and I launched Charitable in 2015 because we were tired of seeing non-profits use hosted fundraising platforms that charge hefty fees and strip them of the ability to brand and control their donation pages,” WP Charitable co-founder Eric Daams said in his farewell post.

“After being a small team splitting our time on the product as well as our agency business for the last 7 years, we are ready to pass the reins to someone who shares the same passion and has the resources to make Charitable even better than it is today.”

Awesome Motive CEO Syed Balkhi said the company’s non-profit users had long been requesting a beginner-friendly donations plugin. They could either acquire one or build one from scratch. WP Charitable’s timing to sell coincided with Awesome Motive’s next move on expanding tools for non-profit customers.

“As you know, at Awesome Motive, our mission is to help small businesses grow and compete with the big guys,” Balkhi said. “Our software today powers over 20 million websites and helps shape the web for billions worldwide.

“Along with our core mission, we believe that companies should be forces for good.

“The WP Charitable plugin allows us to use our knowledge, experience, and resources to empower those who are changing the world for good.”

WP Charitable’s chief competitor is GiveWP, a donation plugin and fundraising platform with more than 100,00 users. While WP Charitable doesn’t collect any transaction fees whatsoever, one of the big differences with GiveWP is that it collects a 2% fee on Stripe donations taken via the company’s free Stripe integration with GiveWP core. There are no fees for GiveWP’s commercial Stripe add-on.

Demonstrating one of the more endearing aspects of the WordPress ecosystem where competitors often support each other, GiveWP co-founder Matt Cromwell congratulated WP Charitable on the acquisition.

WP Charitable co-founders said current users can expect “business as usual” without any interruptions. They will be helping the transition process but moving on to their own new endeavors. David Bisset will be leading product development moving forward with Awesome Motive. Balkhi said he has an “an extensive list of ideas and a feature roadmap” that the company will begin working on with the plugin’s new team.

It's been several years since WooCommerce had their last WooConf, aside from the fact of Covid. Is it time again? What would that look like?

>> The post WooBits: Pondering a WooCommerce Conference IRL appeared first on Do the Woo - a WooCommerce Builder Community .

On Thursday Matt Mullenweg responded to an inquiry on Twitter from Jeff Matson, a Pagely employee, about whether Automattic’s Newspack platform had all open open source components or some proprietary elements. In his response, he formally identified GoDaddy as “an existential threat to WordPress’ future.”

The response raised more than a few eyebrows on Twitter as it seemed unrelated to the topic of discussion, which was Amazon’s expansion of its proprietary digital publishing technology.

The conversation following this statement grew more heated and escalated, as GoDaddy employees felt this statement disparaged their contributions and careers dedicated to WordPress.

Mullenweg elaborated on why he sees GoDaddy as an existential threat in a series of tweets that have now been deleted but were preserved in screenshots below. He urged GoDaddy employees to examine how many people are contributing to WordPress and WooCommerce, two open source projects from which the company makes what he estimates to be hundreds of millions of dollars, versus the company’s investment in proprietary website and store products. “How much did GoDaddy put back into .org vs spend on cPanel licenses?” he asked.

In response to a tweet from WordPress digital producer Allie Nimmons, Mullenweg said that although GoDaddy employs some great people, they are “unfortunately overshadowed by massive corporate actions made many levels above them.”

“Those who care about the future of WordPress should spend their dollars with less parasitic companies,” Mullenweg said.

He commended Bluehost for its support of WordPress and its ecosystem since 2003.

Citing GoDaddy’s market dominance, revenue estimates, and 25% of its commerce customers using GoDaddy Payments, the concern seemed more strongly aimed at preserving WooCommerce and the its ability to benefit the rest of the ecosystem.

Some speculated that GoDaddy is more likely an existential threat to WooCommerce and WordPress.com than it is to the WordPress project.

“What I’m worried about is the future of WordPress if GoDaddy succeeds and suffocates the rest of the ecosystem,” Mullenweg said.

In a strange turn of events that would have been unimaginable years ago, many in the WordPress community took to Twitter to defend GoDaddy, even though the company has historically been criticized for its poor performance and predatory sales practices. GoDaddy has been working to improve its tarnished reputation by sponsoring open source contributors and events. Representatives from GoDaddy have not yet responded to a request for comment.

“People have contributed some really great work to the WordPress ecosystem over the years while employed by Godaddy,” Mullenweg told the Tavern. “I wish the company great success and many happy returns.”

Although the tweets were ultimately deleted, fragmenting the resulting conversation, it is clear that Mullenweg perceives GoDaddy as lacking support for the WordPress project and WooCommerce, relative to how much the hosting company is benefiting in revenue. He also sees GoDaddy’s support for proprietary solutions at grave odds with its purported support for WordPress.

Gutenberg 13.5 is now available. The release comes two weeks after the plugin introduced support for button elements in theme.json, axial spacing in the Gallery block, and a redesigned Publish popover in 13.4. The latest release includes 12 enhancements and 15 bug fixes with the most notable changes landing in the Cover block.

Prior to 13.5, the Cover block’s support for using a featured image had a more confusing UI with a separate button in the block toolbar. The featured image toggle has now been relocated to the media replace flow. The Cover block has also been updated to display a placeholder when the featured image in use.

The Cover block’s overlay color and opacity controls have been moved into the inspector controls sidebar’s Color panel for consistency to match the UI for other blocks.

Gutenberg 13.5 also expands the design tools available to the Post Navigation block. Users can now set the link color and font family. This is one of those situations where contributors discussed how much design control makes sense for users in this context. Automattic-sponsored contributor Jeff Ong made the case for instances where users may want to have post navigation use the heading font, instead of the body font.

One small update to the Publish date picker is that it now highlights today’s date, expanding on the popover design update introduced in 13.4.

Gutenberg users who frequently copy and paste between other writing apps may be pleased to learn that version 13.5 introduces a change that strips the HTML from copied block markup for the text/plain version of the clipboard. Gutenberg engineer Andrei Draganescu explained the reasoning behind the change:

Pasting into plain text editors should only paste the text we see on screen not the whole underlying markup.

This is an improvement in the experience of writing in a different app rather than in the WordPress editor itself, and then bringing over the content. Since one could move text content back and forth a few times, pasting block markup is annoying if not even prone to introducing problems.

Prior to this change, pasting from Gutenberg into another app looked something like this:

Stripping the HTML out of serialized data in the copy handler before placing it in the text/plain version results in a cleaner paste, as Draganescu demonstrated in a video:

Check out the release post for a full list of changes in 13.5. If you don’t have the Gutenberg plugin installed, you will have to wait until the next major WordPress release to take advantage of these fixes and enhancements. WordPress 6.1’s release date was announced today as October 25, 2022, following a long alpha and two short beta periods.

Another in the series of recordings we did at WordCamp Europe. A great conversation that brings you IRL to the camp experience.

>> The post Woo BizChat Hits WordCamp Europe with Vito Peleg and Robert Windisch appeared first on Do the Woo - a WooCommerce Builder Community .

At the risk of spoiling the answer to a clue included in the image below, WordPress made an appearance in the New York Times crossword puzzle today. Likely nobody reading this post would struggle to answer the clue “popular blogging platform” with nine letters. New York-based digital consultant and media co-founder Matt DeSiena tweeted a screenshot with the caption, “You know it’s a good day when WordPress makes an appearance in the NYT Crossword.”

Despite the software powering 43% of websites, many of us working in the world of WordPress still cannot adequately explain what we do to some of our friends and family. The rare pop culture reference still gives an exciting and affirming jolt of recognition to WordPress’ fondest fans.

One of the more obscure and unforgettable WordPress references happened 12 years ago when the code was used to guide missiles. WordPress lead developer Dion Hulse spotted the project’s post.js code in episode 5 of the British mini-series Strike Back as part of a weapons guidance system. Mark Jaquith then ported those changes back to core, giving props to Left Bank Pictures.

The software was also mentioned in Lily Allen’s “URL Badman” released in 2014, and briefly mentioned on the popular Netflix original series Orange is the New Black in 2015.

WordPress.com has also twice been featured on Jeopardy, an American television game show. In 2014, the platform was included in a clue under the category “dot-com” with the answer “What are blogs?”

More recently, in 2020, WordPress.com was featured in a Jeopardy clue that read like an advertisement. The answer, “What are blogs?”, echoed the previous Jeopardy reference.

There are probably many more references that have gone unnoticed, as WordPress is becoming more of a household name these days. Where have you seen it mentioned in the wild recently?

GitHub has announced that Copilot, its new AI pair programming assistant, is now available to developers for $10/month or $100/year. Verified students and maintainers of open source projects will have free access to Copilot. The assistant is available as an extension for popular code editors, including Neovim, JetBrains IDEs, Visual Studio, and Visual Studio Code.

Copilot was trained on billions of lines of public code in order to offer real-time code suggestions inside the editor. GitHub claims it is capable of suggesting complete methods, boilerplate code, whole unit tests, and complex algorithms.

“With GitHub Copilot, for the first time in the history of software, AI can be broadly harnessed by developers to write and complete code,” GitHub CEO Thomas Dohmke said. “Just like the rise of compilers and open source, we believe AI-assisted coding will fundamentally change the nature of software development, giving developers a new tool to write code easier and faster so they can be happier in their lives.”

Despite its many claims to improve developer efficiency, Copilot is still a controversial tool. Opponents object to the tool’s creators training the AI on open source code hosted on GitHub, generating code without attribution, and then charging users monthly to use Copilot. It has also been criticized for producing insecure code and copying large chunks of code verbatim.

Evan after 12 months in technical preview, Copilot remains generally polarizing at its public launch. Developers either seem to be impressed by its capabilities or offended by its ethical ambiguities. GitHub had more than 1.2 million developers in its technical preview and reports that those who started using Copilot quickly found it “an indispensable part of their daily workflows.”

“In files where it’s enabled, nearly 40% of code is being written by GitHub Copilot in popular coding languages, like Python—and we expect that to increase,” Dohmke said. “That’s creating more time and space for developers to focus on solving bigger problems and building even better software.”

On the podcast today we have Milan Ivanovic.

Milan is a WordPress Developer at Valet.io, and is a WordCamp volunteer, speaker, and organizer.

He’s the WordPress.org global translation editor, WordPress Serbia lead, and is now part of the WordCamp Europe alumni.

As if that weren’t enough, Milan is one of the lecturers of the WordPress Academy in Serbia, where he has given talks and WordPress Workshops. He’s also a member of the Theme Review and Community Get Involved Teams.

It’s pretty clear to see that WordPress and WordPress events play a major role in Milan’s life, and that’s what this podcast is about.

We’re drilling down on why the community which surrounds WordPress is a key part in the success of the whole project.

The recent hiatus of in-person events has meant that all the events moved online. Whilst this was a good stop gap, Milan, as you will hear, is pleased that real world events are back.

We talk about the importance of the WordPress community as a whole, as well as exploring what the situation is like in Milan’s home country of Serbia.

We discuss how Milan got started as a community member and the different roles that events like WordCamps can offer people wishing to dip their toes in the community waters.

We also get into the subject of diversity and how Europe as a continent might face diversity challenges which differ from other parts of the world.

Milan is an enthusiastic speaker and I’m sure that you’ll get a fresh perspective from listening to the podcast.

There is always that first WordCamp experience. In this short BuilderByte, meet Silvana who attended WordCamp Europe.

>> The post Meet Silvana Pop, First-Time WordCamper appeared first on Do the Woo - a WooCommerce Builder Community .

Even developers, freelancers and agencies need to create their content persona the right way.

>> The post Building Data Driven Content Personas for WooCommerce Builders appeared first on Do the Woo - a WooCommerce Builder Community .

With inflation rising and the unemployment rate falling, economic forecasters are predicting an impending recession in 2023. A few major WordPress companies are tightening their belts ahead of what many believe will be an unavoidable economic downturn.

Elementor announced that it is laying off 60 employees, 15% of its workforce, in a tightly controlled release of information to Globes, an Israeli business newspaper. Co-founder and CEO Yoni Luksenberg gave the following statement:

“Today, we make the difficult decision to say goodbye to some of our colleagues. We are in a changing global situation with rising inflation and a pending recession. To ensure the efficiency and effectiveness of our business, we are restructuring and optimizing our workforce, becoming more efficient in certain areas and continuing to grow our product offerings, to secure the company’s long-term success, growth and business goals as we plan for 2023 and beyond.”

The Globes article states that “most of the layoff will be in the company’s marketing department and will apparently not effect engineers and development staff.” Elementor has raised a total of $65M across three funding rounds since 2017, but the Globes’ statement fueled speculation about why their marketing department had such a large number of employees available to be cut.

Earlier this month, Elementor acquired Strattic, a static and headless WordPress hosting company. A representative from Elementor confirmed that no Strattic team employees were affected by the layoffs. The company declined to answer specific questions about whether all the discharged employees belonged to the marketing department or if developers were included among them.

Elementor’s former VP of Marketing, Yam Regev was not one of those cut from the company during the layoffs. Regev resigned a few weeks ahead of a large swath of the marketing team getting cut. He declined to comment on the layoffs but posted on LinkedIn that “the decision to move on is pragmatic and ego-less on such a level that I feel it is purely professional.”

Envato, the Australia-based digital assets company that sells thousands of WordPress products, has also recently laid off 100 of its 700 employees, roughly the same percentage as Elementor.

“We were spread too thin across all of these products we’d established,” Envato CEO Hichame Assi told told The Australian Financial Review.

“They’re all creative products, but some are older with legacy platforms, whereas some are newer and going really well. We wanted to sharpen focus on our future products that are going really well.”

Assi also cited global conflicts and inflation as factors affecting the company.

“There’s been flow on effects in markets like Europe and the US, and there has also been a pull down from inflation that has not helped as well,” Assi said.

These WordPress product companies join Netflix, Tesla, Coinbase, Zumper, Wealthsimple, Notarize, and many others in widespread tech layoffs.

Augustin Prot from Weglot joined us at WordCamp Europe to talk about community and multilingual WordPress and WooCommerce sites.

>> The post Bringing Multilingual to WordPress and WooCommerce with Augustin Prot appeared first on Do the Woo - a WooCommerce Builder Community .

In light of a recent German court case, which fined a website owner for violating the GDPR by using Google-hosted webfonts, WordPress.org’s themes team is updating its recommendations for hosting webfonts. Most theme authors have been enqueuing Google Fonts from the Google CDN for better performance, but this method exposes visitors’ IP addresses.

“The themes team strongly encourages the theme authors to update their themes,” Themes Team representative @benachi said in a recent announcement. “We recommend updating by switching to locally hosted webfonts. Luckily Google Fonts can be downloaded and bundled in a theme. Bundled font files allow users to host webfonts locally and comply with GDPR.”

The Themes Team is also considering banning remotely hosted fonts moving forward and will discuss at the next meeting.

Core contributors are now working on updating all the default themes from Twenty Twelve through Twenty Seventeen to use locally hosted webfonts. The task had previously been discussed but was renewed by a recent topic in the German support forums. A user created a small website using the Twenty Seventeen theme and said he has been threatened by a site visitor who cited the German court ruling. The ruling threatens a fine of €250,000.00 for each case of infringement or, alternatively, six months imprisonment, if the site owner does not comply and continues to provide Google with IP addresses through their use of Google Fonts.

“While in the newer default themes fonts got added as an asset, the older default themes remained untouched,” WordPress contributor Jessica Lyschik said. “This can cause issues with users not being aware of both the legal stuff and the fact that Google Fonts are directly used in default themes.

“We think while it is still widely among plugins and other themes to use Google Fonts directly, the default themes of WordPress should be able to used risk-free and compliant with the GDPR.”

The Themes Team recommends authors refer to the Twenty Twenty-Two theme to learn how to bundle locally hosted webfont files using theme.json. Another option, for those using functions.php, is to follow the Implementing a Webfonts API in WordPress Core tutorial.

Many theme authors may not update their themes until forced to by a ban from WordPress.org. In the meantime, users might consider adding a plugin to host webfonts locally. WordPress developer Xaver Birsak has created a small single-purpose plugin called Local Google Fonts that automatically detects Google font sources and gives users the option to download them and use them locally.

This plugin checks for fonts embedded via wp_enqueue_style. Users who are embedding Google fonts via @import will need to change that before using the plugin. It currently auto downloads new font versions if available. Birsak has created it as a set-it-and-forget it kind of plugin. This may be a good option for non-technical users who have a theme that hasn’t yet been updated by the author. Local Google Fonts is available for free on WordPress.org.

Another free plugin option on WordPress.org is the OMGF | Host Google Fonts Locally plugin, which has a few additional features. It preloads fonts to reduce Cumulative Layout Shift above the fold, unloads fonts that are not used by the theme or plugins, allows users to set a fallback font stack, and will replace font-families with system fonts to speed up loading times. A commercial version offers multisite support and more advanced features.

Late last week, Ninja Forms users received a forced security update from WordPress.org for a critical PHP Object Injection vulnerability. This particular vulnerability can be exploited remotely without any authentication. It was publicly disclosed last week and patched in the latest version, 3.6.11. Patches were also backported to versions 3.0.34.2, 3.1.10, 3.2.28, 3.3.21.4, 3.4.34.2, and 3.5.8.4.

Wordfence noticed a back-ported security update in the form builder plugin, which has more than a million active installs. Threat analyst Chloe Chamberland explained the vulnerability in an advisory alerting the company’s users:

We uncovered a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection. This could allow attackers to execute arbitrary code or delete arbitrary files on sites where a separate POP chain was present.

The vulnerability affects Ninja Forms’ “Merge Tags” feature that auto-populates values from Post IDs and usernames, for example. Wordfence threat analyst Ramuel Gall reverse engineered the vulnerability’s patches to create a working proof of concept. He found that it is possible to call various Ninja Forms classes that could be used for a wide range of exploits, including complete site takeover. Chamberland reports there is evidence to suggest the vulnerability is being actively exploited in the wild.

WordPress.org’s forced security updates are a mitigation effort used in rare instances where the vulnerability is particularly severe and affects a large number of users. More than 680,000 sites were updated on June 14. This PHP object injection vulnerability scores 9.8 on the Common Vulnerability Scoring System, but it has not yet been given a CVE ID.

Reviewing previous CVE ID’s for Ninja Forms, this is the most severe vulnerability in the plugin’s history. Ninja Forms’ changelog doesn’t communicate the severity of the threat, categorizing it as a “security enhancement:”

3.6.11 (14 JUNE 2022)

Security Enhancements
* Apply more strict sanitization to merge tag values

Ninja Forms did not post about the security update on its blog or social media accounts. Wordfence plans to update the text of its advisory as the company learns more about how attackers are exploiting the vulnerability. Ninja Forms users should check their sites to ensure the automatic security update went through. This update comes just one week after Ninja Forms patched a less severe, authenticated stored cross-site scripting (XSS) vulnerability on June 7.

Developers who have learned and grown their writing skills may question themselves whether those writing skills have a direct impact for them as a developer.

>> The post devlife-snippet: Writing as a Developer, the Soft Skills appeared first on Do the Woo - a WooCommerce Builder Community .

Howdy,

Summer is almost here! I love the warmer days, but the heat wave making its way through Europe is brutal. Stay safe and keep cool, please.

This week, the usual business set in again and we have ton of great articles and products to link to.

Have a great weekend!

Yours, 💕
Birgit

PS: Don’t miss it:

July 22 at 11 am EDT / 15:00 UTC Gutenberg Times Live Q & A: Block First Approach at the Pew Research Center, we will discuss with Seth Rubenstein, Lead Developer, and Michael Piccorossi, Director of Digital Strategy, how they use a mixture of Core and Custom Blocks to streamline their publishing process, and to create powerful charts and quizzes for the Pew Research Center. Join us!

WordPress team updates around the Block editor

In his latest video, Core Developer reviews WordPress 6.0 – see his top 3 feature picks, Dave Smith talked to Adam Zielinski, Editor release lead for, to get the low down on the latest release of the software. They covered features of WordPress 6.0, and discussed the the responsibilities and challenges of being release lead. Smith and Zielinski also touched on the project wide discussion around experimental APIs in Gutenberg.

Gutenberg Landing Page received a major overhaul. Steven Dufrensne just announced taking the site live. Designer Beatriz Fialho started working on the Redesign back in October 2021. “Now that Gutenberg has been a part of WordPress for a few years, it makes sense to update it, shifting the message from what used to be the new post editor to the editor that can power all parts of your site.” Fialho wrote in her earlier post.

Such an undertaking takes a whole team. It also needs maintenance and if you want to contribute, the theme repo is available on GitHub. What do you think about the new Gutenberg Landing page? Please share in the comments on the post.

Matias Ventura published his thinking through the WordPress Admin experience following some lessons learned from the Site editor menu designs and behavior.
“Given the third phase of the current WordPress roadmap has a focus around workflows and multiplayer, considerations around the various admin flows become all the more important.” he explained. The post takes a look at the various aspects:

Shell and Canvas – a full-screen view as the default experience with sub-menus sliding in and out of the screen. That way the admin can also give access to out of context information or configurations. The shell as awayfinder with drill-down panels and the canvas as the place to browse, manage, edit, customize.

The Home Button as it is now in the Dashboard or the Site editor has different targets, and it’s a place for confusion with many users. It’s meant to be a place to espace the inner most focus, and go one level higher. Hopefully with some breadcrumps to show the location clearly. “The aim of this interface element is to both give control and build familiarity to navigate away from any context.” Ventura wrote.

Make it Extensible is the headline of the next section. Given the nature of WordPress as extensible plattform for website, and its promise of backwards compatibility, this seems like a given. I

I am particularily intrigued by the contemplations around “Make it Personal”. Customization of the Admin menu has long been plugin territory, and it would be great if that can become built-in functionality as it would also come with standards and guard rails for plugins and themes. Each user should be able to hide/show specific menu items they need. I would love the “recently visited areas as some sort of stack” feature. Most of the time, i only do a few things on certain web sites, and if those activities could be available as Quick links that would be fabulous.

There are more sections in these early sharing of creative thinking about the future WPAdmin. There is certainly nothing set in stone or even remotely concrete available, but it’s worth reading and also sharing your opinion on the post.

 “Keeping up with Gutenberg – Index 2022” 
A chronological list of the WordPress Make Blog posts from various teams involved in Gutenberg development: Design, Theme Review Team, Core Editor, Core JS, Core CSS, Test and Meta team from Jan. 2021 on. Updated by yours truly. The index 2020 is here

NoCode Site builders and Content Creators using Gutenberg

Dumitru Brînzan published a post on how Reusable Blocks will change the way you create WordPress websites. It not a quick mention of this powerful feature, but a step-by-step tutorial that will help you streamline your creation processes and speed up your idea to publish time. Brînzan’s biggest give away is a list of use cases and how to accomplish those with Reusable block. The 11 minute-video add great demos to the written guide.

Speaking of Guide, Eric Karkovack published A Guide to Choosing the Right WordPress Block Plugins. Many Block collections plugins were published in the early years of the Block editor, as core blocks were lacking basic customizations features. Now that the block editor matured, Karkovack walk you through the decision making process on how to select the right extensions for your site.

It’s been a while since we reported on new Themes in the WordPress.org repository featuring Full-Site Editing. Today’s count is 84.

Among the newest addition are two themes from the team at Extendify.

The first one is called Extendable, “a distinct, dynamic block theme designed as a canvas for your next online venture. Sporting multiple style variations, Extendable is the most expressive block theme yet. Go fresh, bold, bohemaian or minimal.” Or so they say. It does have 12 Style variations some of them quite intriguing with great harmony of fonts and color, some are less engaging.

The second theme is called Wei and it comes from the experience block and theme builder Rich Tabor, head of product at Extendify. He writes about his theme ” a minimal block theme inspired by entirely by simplicity. Embracing clean type, beautifully bold color schemes, and color-matched featured images”. Tabor goes into more detail in his post: Introducing Wei, a minimalistic block theme with gobs of creativity. Or you can check out this Twitter thread

On WordPress.tv, you can find the newests recording of the WordPress Social Learning event with Nick Diego Builder Basics – Let’s Build a Custom Theme (No Coding Required). Diego took the Twenty Twenty-Two theme and fully customized it using the Site Editor and Global Styles. He make template chnages, updated the color pallete and the layout. The he exported these changes into a complete new theme.

Developing with Gutenberg and building blocks

Kathy Zant explains in her post Full Site Editing vs. Dynamic Templating, when she prefers to use the block editor and when ACF and template for the custom fields are better for her needs.

Tuan Nguyen, a full-stack LAMP developer from California, dives into the details of his decision making process on When to Use Editor Versus CSS Styles. Nguyen walks you through the various aspects on styling blocks, how to override the Global Styles for core blocks, how to adjust styling for Custom HTML Blocks or how apply mobile styles via Media queries. It’s a great introduction.

Need a plugin .zip from Gutenberg’s master branch?
Gutenberg Times provides daily build for testing and review.
Have you been using it? Hit reply and let me know.

Theme Building for Blocks and Full-site Editing.

If you want to learn more about Style Variations, that came to WordPress 6.0 check out Rich Tabor’s article: How to add style variations to WordPress Block Themes. “Just because a method of defining a theme style is standardized, doesn’t mean the styles themselves are.”.

About four weeks ago, in Weekend Edition 215, I shared three block theme generator provided by members of the larger WordPress Community. Today, a new plugin from WordPress contributors went live the plugin repository: the Create-Block Theme plugin. This plugin provides tools to enable theme builders to create block themes. There are four different ways of using it:

1. Export: The current theme gets exported as a zip file, along with the user’s changes. This is essentially the same as the export option in the Site Editor
2. Create a child theme
   Creates a new child theme with the currently activated theme as a parent.
3. Clone the current theme
   Creates a new theme by cloning the activated theme. The resulting theme will have all of the assets of the activated theme combined with the user’s changes.
4. Overwrite theme files
   Saves user’s changes to the theme files and deletes the user’s changes.

It’s in its first version. The team would appreciate some more testing and start discussions on GitHub issues or send in your PRs.

WordPress Events

Social Learning Spaces

June 27, 2022 – 1 pm EDT / 17:00 UTC
Hello Blocks! Coding a custom block with Ryan Welcher

July 4, 2022 5 pm EDT / 21:00 UTC
Using Block Patterns with Wes Theron

July 12, 2022, 5 pm EDT / 21:00 UTC
Explore the Block Directory with Wes Theron

Page Builder Summit starts Monday!

Here is a selection from the schedule of Gutenberg talks.

• Jun 20 – 8 am EDT / 12:00 UTC – Gutenberg, Full Site Editing and WooCommerce with Jamie Marsland
• Jun 20 – 2 pm EDT / 18:00 UTC Creating Effective WooCommerce Sites with Kadence Blocks Template w/ Ben Ritner
• Jun 22- 10 am EDT / 14:00 UTC It’s Time to Get Serious About Full Site Editing w/ Nick Diego
• Jun 23 – 11 EDT 15:00 UTC Creating Dynamic Content with Kadence Blocks w/ Kathy Zant
• Jun 24 8am EDT / 12:00 UTC Pagebuilders in a world of Full Site Editing and Blocks w/ Jakob Trost
• Jun 24 – 10 am EDT / 14:00 UTC The Full Site Editor and the Cwicly Toolkit with David McCan

Featured Image: “Pablo’s cubism period began at three” by woodleywonderworks is licensed under CC BY 2.0.

Don’t want to miss the next Weekend Edition?

I had an amazing time at WordCamp Europe in Porto, Portugal. Here are some highlight around and during the event.

>> The post WooBits: WordCamp Europe Before, During and After appeared first on Do the Woo - a WooCommerce Builder Community .