Releases: ClassicPress/ClassicPress-release
ClassicPress 2.2.0
ClassicPress 2.2.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.1.1
New features
- Added a Media Categories Dropdown on the Media Library List page
- Enable uploading of Media by media category taxonomy
- Backported and introduced wp_trigger_error() function
- Added Attachment Pages Toggle to Media Settings
- Added an Object Relationships Database Table
- Added relationships between posts and attachments/featured images
- Added ability to Quick / Bulk Edit Media Attachments
- Added new columns in Media List View
Minor changes and bugfixes since 2.1.1
- Use cp_ table prefix for new installs
- Fixed a spelling mistake in maybe_upgrade_translations()
- Disabled attachment pages on new installations and add new option
- Removed “Hello Dolly” plugin from core
- Removed translation data from update url query
- Added ClassicPress database version to handle updates
- Use css data url for admin menu CP logo
- Upstream security enhancements - WP-r58479
- Deprecated ClipboardJS library and replace its usage in core
- Deprecated hoverIntent library and replace its usage in core
- Fixed HTML paragraphs for backport information
- Strengthen password encryption and add pepper via filter
- Fixed JS error in plugin pages when esc is pressed
- Added a return value for wp_delete_file() in the Filesystem API
- Prime notoptions cache when deleting options - WP-r58782
- Added new functions to check if serving a REST API request - WP-r57312
- Added two polyfill functions to support Query Monitor v3.16.4
- Protected composer.json from over-writing if customised
- Simplified implementation of auto-update message
- Fixed wp-tinymce.min.js build process and enqueuing
- Improved CSS on Post Edit and Dashboard Screens
- Ensured correct focus in Edit Image modal from the Media Library
Build and Testing Changes
- Updated dependency from node-sass to sass
- Updated Contributing guide about Window Subsystem for Linux
Deprecation Notices
- Post by Email feature will be removed in a future release
- XML-RPC server feature will be disabled by default in a future release
- Emoji javascript functionality will be disabled by default in a future release
- ClipboardJS and hoverIntent libraries are deprecated
- Several core scripts and style are deprecated, see PR1427
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.1.1
ClassicPress 2.1.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.1.0
Minor changes and bugfixes since 2.1.0
- Change the prompt for clarity when incompatible plugins and themes are detected
- Cleaned up files removed for the core codebase in 2.1.0
- Install the new ClassicPress Theme
Build and Testing Changes
- Update contributing.md with testing and install information
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.1.0
ClassicPress 2.1.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.0.0
New features
- Added a new default ClassicPress theme
- Added Directory dashboard widget
Minor changes and bugfixes since 2.0.0
- Transitioned to SortableJS for Media, Metaboxes and Media
- Fixed
open_basedirwarning in Editor when using TinyMCE plugins - Backport implementation of modern PHP string functions including polyfill
- Restored automatic installation for WordPress Import Tool
- Replaced jQuery UI Autocomplete in datalists
- Replaced jQuery UI dependency in color picker
- Replaced jQuery UI dependency in Revisions slider
- Added option to configure site icons in general settings
- Order attachments by date rather than ID
- Fixed console errors introduced by changes in
script-loader.php - Backport introducing hooks for deleting by post_type
- Introduce filter for classicpress.net URLs in API requests
- Fixed modal not closing when plugins are updated
- Fixed console errors in Customizer
- Fixed tabbing out of media modals
- Removed legacy Adobe Flash code
- Updated
setcookie()calls to include Samesite and array structure - Updated mediaelement.js to v7.0.3
- Updated PHPMailer to 6.9.1
- Backport preventing exposure of private post type slugs
- Fixed metaboxes for non-hierarchical taxonomies
- Added UI to facilitate User Taxonomies
- Added default Media Taxonomies
- Update general-template.php to add enterkeyhint="search" to search-form
- Backport fixing implicit nullable parameter type deprecation on PHP 8.4
- Added more helpful notice when attempting to publish an empty post
- Added Admin Bar notice when
WP_DEBUGis true - Added a filter to the comment template form tag
- Added option to upload media by year alone
- Backport to initialize the $checkout variable in WP_Automatic_Updater::is_vcs_checkout()
- Updated theme.php to use correct deprecation function for HTML5
- Updated translation file API endpoint
- Use correct checksum endpoint in Site Health
- Invalidate opcache for translation-install.php during upgrade
- Backport to fix get_sample_permalink returning the right permalink
Build and Testing Changes
- Conditionally minimize images during build only on Linux to avoid commit pollution
- Extended testing to include PHP 8.2 and 8.3
- Extended Testing to include MySQL 8.0
- Updated PHPUnit object cache testing and implement broader testing on PHP versions
- Fixed skipped QUnit tests due to delayed rendering
- Remove unnecessary use of utf8_encode() in KSES tests to fix PHP deprecation notice
- Added $fixture_replacements for media categories to avoid generated wp-api-generated.js changes in testing
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.3
ClassicPress 1.7.3 is available now - use the "Source code (zip)" file below.
This release is a maintenance release in the v1 branch. You are encouraged to update your ClassicPress sites to v2 so you can benefit from continued development efforts and any future security fixes.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
- Applied a fix to wp-cli to bring $cp_version into scope
- Added v2 release information to Dashboard widget
- Updated back ported security notes
- Updated license text
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0
ClassicPress 2.0.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
- Compatibility fix with WooCommerce v3.9.x
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.2
ClassicPress 1.7.2 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0-rc1
ClassicPress 2.0.0-rc1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.1
ClassicPress 1.7.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.0
- Marc Montpas of Automattic for finding a potential disclosure of user email addresses.
- Marc Montpas of Automattic for finding an RCE POP Chains vulnerability.
- Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users.
- John Blackbourn (WordPress Security Team), James Golovich, J.D Grimes, Numan Turle, WhiteCyberSec for each independently identifying a way for logged-in users to execute any shortcode.
- mascara7784 and a third-party security audit for identifying a XSS vulnerability in the application password screen.
- Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block.
- s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.0
ClassicPress 1.7.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.6.0
Minor changes and bugfixes since 1.6.0
- Add a deprecation notice for XHTML theme syntax
- Fix a potential issue in plugin modal including a WordPress backport
- Fix failing PHPUnit test
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.6.0
ClassicPress 1.6.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.5.3
New features since 1.5.3
New Dashboard widget raising awareness of ClassicPress 2.0.0 development
Deprecation Notice: the minimum supported version of PHP will be 7.4 in ClassicPress 2.0.0
Minor changes and bugfixes since 1.5.3
Security Page will be hidden by default unless it is used
The Petitions widget has been retired and removed
Backports of upstream enhancements
– Add support for Enums in is_serialized()
– Disable auto-correct when bulk editing slugs
– Prevent excessive trimming of names in email “From” headers
– Correct the check for non-existing post in get_post_permalink()
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub: