Releases: ClassicPress/ClassicPress-release
ClassicPress 2.3.1
ClassicPress 2.3.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.3.0
Minor changes and bugfixes since 2.3.0
- Fixed TypeError passing jQuery object when element expected
Build and Testing Changes
- Updated several build dependencies
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.3.0
ClassicPress 2.3.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.2.0
New Features
- Added option in General Options to disable XML-RPC
- Added option in General Options to disable Emoji
- Replaced the media library grid view
- Added core support for PHP 8.4
Minor changes and bugfixes since 2.2.0
- Upgraded SimplePie to 1.8.0
- Improved string representation for translators in AJAX
- Ensure required file system functions are available when using CP Pepper plugin
- Fixed link to volunteer information in Dashboard
- Removed excessive branding in Privacy Policy Guide
- Updated file list for release integrity checks
- Add placeholders to i18n strings in object-relationships.php
- Populated cp_db_version on new installations
- Ensured that Safari indicates when a button has focus
- Restrict range input control styling on the Revision screen
- Prevent Firefox reporting that Autosave contains a later version
- Add a README to CP Pepper Password Plugin for directory listing
- Fix undefined variable error in Customizer from common.js
- Updated file size meta data when editing images
- Updated saving and updating of widgets to use the Fetch API
- Removed Safari fallbacks from SortableJS
- Fixed for PHP error for password reset cookie
- Enabled background images for non-image files in Media Library
- Ensured trailing slash in get_pagenum_link() is not forced
- Upgraded PHPMailer to version 6.9.2
- Allow uploads to have empty filesizeHumanReadable property
- Updated the Requests library to version 2.0.11
- Added Ajax pagination in the new Media Library grid view
- Ensured Custom panels show as intended in the theme Customizer
- Increased setTimeout to locate tabbable elements in Image Editor
- Modernised SCSS structure to avoid deprecation warnings
- Minify FilePond JS and CSS during build
- Updated media-grid.css to change selector from class to id
- Fixed errors in Media Grid when no files have been uploaded
- Set wp-video CSS height to auto to prevent vertical stretching
- Fixed console error in Media Grid when variables are undefined
- Rebuilt Text and Custom HTML Widgets in vanilla JS and PHP
- Implemented password rehash checks at point of password use
- Instantiate widget title inputs before enabling sorting
- Depopulated Update Services list for new installs
- Fixed “Show Details” button in admin Updates page
- Fixed filename data attribute in the media grid view
- Added polyfill for get_block_theme_folders() for plugin compatibility
- Ensured image details correctly updated in Media Grid
Build and Testing Changes
- Added PHPUnit 9 as developer dependency
- Run PHPUnit tests on PHP 8.4
- Update readme.html and supported version tests
- Changed to non-resolving URL for PHPUnit tests
Deprecation Notices
- wp-api library is deprecated and will be removed in a future version
- Moment.js library is deprecated and will be removed in a future version
- Contributors
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.2.0
ClassicPress 2.2.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.1.1
New features
- Added a Media Categories Dropdown on the Media Library List page
- Enable uploading of Media by media category taxonomy
- Backported and introduced wp_trigger_error() function
- Added Attachment Pages Toggle to Media Settings
- Added an Object Relationships Database Table
- Added relationships between posts and attachments/featured images
- Added ability to Quick / Bulk Edit Media Attachments
- Added new columns in Media List View
Minor changes and bugfixes since 2.1.1
- Use cp_ table prefix for new installs
- Fixed a spelling mistake in maybe_upgrade_translations()
- Disabled attachment pages on new installations and add new option
- Removed “Hello Dolly” plugin from core
- Removed translation data from update url query
- Added ClassicPress database version to handle updates
- Use css data url for admin menu CP logo
- Upstream security enhancements - WP-r58479
- Deprecated ClipboardJS library and replace its usage in core
- Deprecated hoverIntent library and replace its usage in core
- Fixed HTML paragraphs for backport information
- Strengthen password encryption and add pepper via filter
- Fixed JS error in plugin pages when esc is pressed
- Added a return value for wp_delete_file() in the Filesystem API
- Prime notoptions cache when deleting options - WP-r58782
- Added new functions to check if serving a REST API request - WP-r57312
- Added two polyfill functions to support Query Monitor v3.16.4
- Protected composer.json from over-writing if customised
- Simplified implementation of auto-update message
- Fixed wp-tinymce.min.js build process and enqueuing
- Improved CSS on Post Edit and Dashboard Screens
- Ensured correct focus in Edit Image modal from the Media Library
Build and Testing Changes
- Updated dependency from node-sass to sass
- Updated Contributing guide about Window Subsystem for Linux
Deprecation Notices
- Post by Email feature will be removed in a future release
- XML-RPC server feature will be disabled by default in a future release
- Emoji javascript functionality will be disabled by default in a future release
- ClipboardJS and hoverIntent libraries are deprecated
- Several core scripts and style are deprecated, see PR1427
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.1.1
ClassicPress 2.1.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.1.0
Minor changes and bugfixes since 2.1.0
- Change the prompt for clarity when incompatible plugins and themes are detected
- Cleaned up files removed for the core codebase in 2.1.0
- Install the new ClassicPress Theme
Build and Testing Changes
- Update contributing.md with testing and install information
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.1.0
ClassicPress 2.1.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.0.0
New features
- Added a new default ClassicPress theme
- Added Directory dashboard widget
Minor changes and bugfixes since 2.0.0
- Transitioned to SortableJS for Media, Metaboxes and Media
- Fixed
open_basedirwarning in Editor when using TinyMCE plugins - Backport implementation of modern PHP string functions including polyfill
- Restored automatic installation for WordPress Import Tool
- Replaced jQuery UI Autocomplete in datalists
- Replaced jQuery UI dependency in color picker
- Replaced jQuery UI dependency in Revisions slider
- Added option to configure site icons in general settings
- Order attachments by date rather than ID
- Fixed console errors introduced by changes in
script-loader.php - Backport introducing hooks for deleting by post_type
- Introduce filter for classicpress.net URLs in API requests
- Fixed modal not closing when plugins are updated
- Fixed console errors in Customizer
- Fixed tabbing out of media modals
- Removed legacy Adobe Flash code
- Updated
setcookie()calls to include Samesite and array structure - Updated mediaelement.js to v7.0.3
- Updated PHPMailer to 6.9.1
- Backport preventing exposure of private post type slugs
- Fixed metaboxes for non-hierarchical taxonomies
- Added UI to facilitate User Taxonomies
- Added default Media Taxonomies
- Update general-template.php to add enterkeyhint="search" to search-form
- Backport fixing implicit nullable parameter type deprecation on PHP 8.4
- Added more helpful notice when attempting to publish an empty post
- Added Admin Bar notice when
WP_DEBUGis true - Added a filter to the comment template form tag
- Added option to upload media by year alone
- Backport to initialize the $checkout variable in WP_Automatic_Updater::is_vcs_checkout()
- Updated theme.php to use correct deprecation function for HTML5
- Updated translation file API endpoint
- Use correct checksum endpoint in Site Health
- Invalidate opcache for translation-install.php during upgrade
- Backport to fix get_sample_permalink returning the right permalink
Build and Testing Changes
- Conditionally minimize images during build only on Linux to avoid commit pollution
- Extended testing to include PHP 8.2 and 8.3
- Extended Testing to include MySQL 8.0
- Updated PHPUnit object cache testing and implement broader testing on PHP versions
- Fixed skipped QUnit tests due to delayed rendering
- Remove unnecessary use of utf8_encode() in KSES tests to fix PHP deprecation notice
- Added $fixture_replacements for media categories to avoid generated wp-api-generated.js changes in testing
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.3
ClassicPress 1.7.3 is available now - use the "Source code (zip)" file below.
This release is a maintenance release in the v1 branch. You are encouraged to update your ClassicPress sites to v2 so you can benefit from continued development efforts and any future security fixes.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
- Applied a fix to wp-cli to bring $cp_version into scope
- Added v2 release information to Dashboard widget
- Updated back ported security notes
- Updated license text
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0
ClassicPress 2.0.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
- Compatibility fix with WooCommerce v3.9.x
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.2
ClassicPress 1.7.2 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0-rc1
ClassicPress 2.0.0-rc1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.1
ClassicPress 1.7.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.0
- Marc Montpas of Automattic for finding a potential disclosure of user email addresses.
- Marc Montpas of Automattic for finding an RCE POP Chains vulnerability.
- Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users.
- John Blackbourn (WordPress Security Team), James Golovich, J.D Grimes, Numan Turle, WhiteCyberSec for each independently identifying a way for logged-in users to execute any shortcode.
- mascara7784 and a third-party security audit for identifying a XSS vulnerability in the application password screen.
- Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block.
- s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub: