The ACF vulnerability that is "fixed" by the Secure Custom Fields plugin is not an actual vulnerability. The updated code path gets executed only if:
1. You're using ACF to define custom post types or taxonomies,
2. AND an administrator-level user has specified a custom metabox callback function that (a) already exist in your codebase and (b) is somehow malicious.
Responded to @kasparsd:
There are tools like https://github.com/humbug/php-scoper or https://github.com/coenjacobs/mozart but they don't solve the problem of rewriting the composer.json to exclude the scoped dependencies, for example.
For utility binaries there are now "shim" packages like https://github.com/wp-cli/wp-cli-shim or tools like https://github.com/bamarni/composer-bin-plugin to pull them in into isolated directories.
The complexity of isolating or scoping PHP dependencies is the main reason why WordPress developers don't rely on re-usable packages. Ideally, this would be solved at the Composer level like NPM does it for Node.js. Like PHAR but for libraries.
I’m really looking forward to inline blocks in WordPress which are code named “bits” for now. See this comment on GitHub for videos of the potential user experience for them. https://github.com/WordPress/gutenberg/discussions/39831#discussioncomment-9895203
Do you use Threads? You can find me there too at @wpelevator@threads.net.
I use Buffer to schedule and cross-post all my content for easy access on whichever platform you prefer.
"Don't roll your own crypto" they say. I've decided to roll my own online course platform with WordPress because all existing plugins and tools do too much for what is really needed. I've really enjoyed the custom platforms that https://wesbos.com and https://ian.is have built.
For a weekend project I built a 12V UPS that can power 35W for around 2h. There is a boost converter in line that brings it up to 48V for PoE cameras and other devices while the NVR and the mini PC sip 12V directly.
How do you keep track of links across the site to ensure they're up to date? On relatively new sites I often find myself updating page and post slugs which then requires replacing all references.
Safari bookmarks bar on macOS now supports favicons and empty titles so I can finally switch from Chrome to Safari on Desktop. It was the only thing keeping me using Chrome.
How are you navigating to frequently visited sites?
Responded to @carstingaxion:
@carstingaxion I didn’t check, no 😅 I imagined there would be one. Is it this? https://github.com/WordPress/gutenberg/issues/41606
WordPress themes used to embrace Microformats which helped search engines extract semantic content without needing a plugin that prints JSON-LD schema.
How do we solve this with blocks when different content elements can be anywhere? Is it time to have basic JSON-LD implementation in core?
WP Inspector is a Chrome extension that gives you quick access to the login link of any WordPress site, along with information about the current view type (single, page, archive) and REST API links for the current request.
Get it from the Chrome web store: https://chromewebstore.google.com/detail/wp-inspector/ilamkjihnomdekgagflnjjnkdnomcjbl
And check out the source code on GitHub: https://github.com/wpelevator/wp-inspector-browser-extension
Many WordPress projects skip on unit tests because of how complicated the setup seems. I'm working on a course that will let you start writing your first PHPUnit test in minutes! Subscribe on https://wpelevator.com to get notified when it launches!
Responded to @kasparsd:
This is the relevant part of the WP block that makes the display decision. Somehow the page had its modified date stuck before the publish date…
Something is not working with the "last modified" block in WordPress – it isn't showing up for posts that have definitely been modified. Anyone experienced this before?
I've published this ultimate 📖 guide for how to mirror WordPress SVN repositories. It's not a trivial task and requires several terabytes of disk space but it can be done! Visit: https://wpelevator.com/guides/mirror-wordpress-svn-repositories
Restic is wonderful for Docker volume backups. Used it to recover an older sqlite database for Nginx Proxy Manager a few days ago.
New on blog: How to Rate Limit Requests to Specific PHP Files with Nginx https://kaspars.net/blog/nginx-rate-limit-php
New on blog: Use AppleScript to Resize All Windows for Screen Recording https://kaspars.net/blog/applescript-resize-all-windows