WordPress.org

On behalf of the WordPress.org community of commiters, contributers, and volunteers, I’m very proud to announce the immediate availability of WordPress 2.1 “Ella”, named for jazz vocalist Ella Fitzgerald. Here’s a sampling of what’s in the new version:

• Autosave makes sure you never lose a post again.
• Our new tabbed editor allows you to switch between WYSIWYG and code editing instantly while writing a post.
• The lossless XML import and export makes it easy for you to move your content between WordPress blogs.
• Our completely redone visual editor also now includes spell checking.
• New search engine privacy option allows you take you to indicate your blog shouldn’t ping or be indexed by search engines like Google.
• You can set any “page” to be the front page of your site, and put the latest posts somewhere else, making it much easier to use WordPress as a content management system.
• Much more efficient database code, faster than previous versions. Domas Mituzas from MySQL went over all our queries with a fine-toothed comb.
• Links in your blogroll now support sub-categories and you can add categories on the fly.
• Redesigned login screen from the Shuttle project.
• More AJAX to make custom fields, moderation, deletions, and more all faster. My favorite is the comments page, which new lets you approve or unapprove things instantly.
• Pages can now be drafts, or private.
• Our admin has been refreshed to load faster and be more visually consistent.
• The dashboard now loads instantly and brings RSS feeds asynchronously in the background.
• Comment feeds now include all the comments, not just the last 10.
• Better internationalization and support for right-to-left languages.
• The upload manager lets you easily manage all your uploads pictures, video, and audio.
• A new version of the Akismet plugin is bundled.

…and much, much more. There are little easter eggs hidden everywhere, so the best way to find everything new is to just try it out.

Developer Features

Developers will especially love this release, as it has much cleaner code than 2.0 and includes hundreds of enhancements that will enable a new generation of richer plugins. Here’s a taste of some of the things included:

• Psuedo-cron functionality let’s you schedule events much like cron.
• Users admin can now comfortably handle hundreds of thousands of users.
• The new WP_Error class cleans up how we do error reporting and handling.
• The javascript loader makes it easier for plugins to include rich functionality.
• Tons of new hooks and APIs.
• We’ve started to fill out our code inline documentation.
• Image and thumbnail API allows for richer media plugins.
• Custom header, color picker, and image cropping framework.

2.1 also includes over 550 bug fixes.

The Future

What’s really exciting for me is what’s coming in the future. First of all, the 2.0 series was an unparalleled success, with over 1.8 million downloads, and thanks to the work of Mark Jaquith we’re committing to maintaining stable security and bug fixes on the 2.0 branch until 2010.

More exciting for most of our users, though, is our new development cycle. Based on everything we’ve learned in the past 3 years of doing WordPress, we’ve decided to shift to a more frequent release schedule like Ubuntu, with major releases coming several times a year. So, for the first time in WordPress’ history, I have an answer to when the next version is coming out: April 23rd.

Even better, the development will be driven primarily by the features you guys are voting for on the ideas board. (But wait, there’s more: the ideas board now has a new Hot-or-Not-like interface for rating a bunch of ideas at once, so go get your vote on and have a say in WordPress 2.2.)

Recently a bug in certain versions of PHP came to our attention that could cause a security vulnerability in your blog. We’re able to work around it fairly easily, so we’ve decided to release 2.0.7 to fix the PHP security problem and the Feedburner issue that was in 2.0.6. It is recommended that everyone running WordPress 2.0.6 or lower upgrade to this new version.

Because this is a much smaller update than previous versions, you do not have to update all of WordPress’ files if you’re upgrading from version 2.0.6. Here is the list of files that have changed since 2.0.6:

• wp-admin/inline-uploading.php
• wp-admin/post.php
• wp-includes/classes.php
• wp-includes/functions.php
• wp-settings.php
• wp-includes/version.php

We know it sucks to have a release only 10 days after our last one, but we think it’s important enough for your blog to be secure to do it, and hopefully only having to change a few files will make the upgrade easier than normal.

Here are the changes that have been made since 2.0.6:

• Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
• Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug).
• Backport of another 304 Not Modified fix from WordPress 2.1
• Deleting WordPress Pages no longer gives an “Are You Sure?” prompt.
• After deleting a WordPress Page, you are now properly redirected to the Edit Pages screen.
• Sending an image at original size in Internet Explorer no longer adds an incorrect “height” attribute.

And just as a reminder, the next major version of WordPress (2.1) is due out by the end of the month, but the 2.0 branch of WordPress will continue to be maintained for several years.

It’s a new year, and we have a new major release of WordPress coming soon. (We’re currently aiming for the 22nd.) It’s as good a time as any to examine where we’ve been, and where we are, and where we’re going as a community. 2006 was a pretty exciting year, we saw 1.54 million downloads of WP, and that’s not even counting the people who install it through their host’s one-click install or the half a million who have experienced it through the hosted WordPress.com. WordPress is touching more lives than ever.

However, just because what we’ve done has worked in the past doesn’t mean it’s the best for the future. We have to take a self-critical look at assumptions we have about our development process and WP itself. The upcoming release, which has been long coming, is a perfect time to focus on WP’s secret ingredient… you.

If you could add anything in the world to WordPress, what would it be? If you could name the thing that frustrates you the most about WP, what would that be?

Now you can tell us. We’re announcing new projects—two sides of the same coin.

The first is simply called Ideas, and it’s a place where you can share your wildest WordPress wishes with the world, and also vote on other people’s ideas. This allows people outside our normal circle of developers to have a direct say in what goes into the next version of WordPress. For 2.2, which comes out in late April, we will include the top voted on features, so propose something, tell your friends about it, and link it from your blog.

The second we’ve named after the Yiddish word, Kvetch. This is a place where you can quickly and anonymously express whatever might disagree with you in the WordPress world. Let it all loose, but try to keep it PG rated, and we’ll show a random kvetch on the page once we get enough in the system.

Both are just part of putting you guys—our users—first. It’s easy because there’s so many of you.

We have a pretty important release available for everyone, it includes an important security fix and it’s recommended that everyone upgrade. This is the latest release in our stable 2.0 line, which we’ve committed to maintaining for several more years.

Here’s what’s new:

• The aforementioned security fixes.
• HTML quicktags now work in Safari browsers.
• Comments are filtered to prevent them from messing up your blog layout.
• Compatibility with PHP/FastCGI setups.

For developers, there’s a new anti-XSS function called attribute_escape(), and a new filter called “query” which allows you filter any SQL at runtime. (Which is pretty powerful.) Thanks to Mark Jaquith for handling this release and Stefan Esser for responsibly reporting the security issue.

As always, you can download the latest version of WordPress here.

As a side note, this is probably our last release before 2.1 is out, which will be our first major feature release in quite a while. 2.1 just entered beta stage, so if you’re interested in helping out with that process consider joining our beta group. As a reminder, if you’re a plugin or theme author you should check your code to make sure it’s compatible with 2.1 before the release.