Much has been said in recent weeks regarding WordPress upgrades, security, and responsibility. While I still think end users are the ones responsible for what happens regarding their WordPress powered site, I do think there are areas of improvement that the WordPress team should consider. The following is a list of some of my own ideas as well as a few presented by other folks involved in the conversation.
Better Release Posts – As I was doing research for this idea, I checked out the release posts between 2.7 to 2.8.4 and the one thing about all of them is that they are all different. Different in that the information presented within them are in different locations. Sometimes, the information presented is different from release to release depending on its severity or whether it’s a point release or full version release. To compound the issue, more than one person has access to write the release posts and each person has their own style of conveying the information. What I am proposing is a structured format. The format would go as follows:
[Summary containing (to the point) information regarding the release]
[Some major or minor issues resolved with a link to their ticket in trac]
[A link to all of the issues resolved in the release version. This is generally added to release posts already]
[What type of release is this? Security? Maintenance? What is the urgency level for this release?]
[Since trackbacks are the only forms of communication on the development blog, there should be an official thread in the WordPress support forum setup for each release so that we as a community have a central area to communicate and ask questions regarding the new version]
[Important information that theme/plugin authors need to know]
[Either a link that shows all of the changed files in the released version or a list of all the changed files. Also, a download link to download only the changed files which would serve as the secondary upgrade procedure if automatic upgrade is not possible or does not work]
[Last but not least, a link to download the new version]
These development blog posts should be the go-to source for all of the important information not only for site owners but for plugin and theme authors as well.
WordPress Threat Levels – This is an idea that came up in a conversation I had with someone in the community. WordPress would have three threat levels. Green, Yellow, and Red. Green would mean that upgrading wouldn’t need to be a high priority. This would probably be confined to bug fix or feature releases. Yellow would stress that upgrading sooner rather than later is recommended perhaps based on a core feature or an important fix that effects plugins or themes. Red would signify upgrade as soon as possible. Obviously, WordPress 2.8.4 would be considered Red. Using threat levels such as this might be the way to avoid constantly telling people to upgrade as soon as possible. Not all versions of WordPress require people to upgrade the minute it is available.
Email Notifications – While there are more than enough ways to find out that a new version of WordPress is available, I’ve been giving it some thought and I now believe that it would be a good idea for there to be some sort of box that I can check which would allow WordPress to send an email to the address tied to the site administrators account. Email is still the method of communication everyone uses more than anything else so it would just make sense. This would also take care of the need for the WP-Announcements email list which is not used anyways.
Dougal Campbell – The following is a large excerpt from Doug’s post on the WP-Hackers mailing list which contains his thoughts and ideas on this entire subject.
As has been pointed out time and time again, WordPress is easier than ever to keep updated. When a new version is released, a nag appears in the Dashboard. From there, it’s just a couple of clicks to upgrade. And yet, people *still* lag behind. The reasons are varied, and _mostly_ invalid (depending on your perspective). Some of it is simply “fear of breaking something”. Some of it is just simple stubbornness (“I just upgraded, I don’t want to do it again so soon!”). Some of it might be ignorance and laziness (they see the nag, but don’t look at the WordPress News blocks in the Dashboard, or go to the main site to read about it).
So, what more can we do? Not a *whole* lot, but I do have a suggestion:
You can read Dougals entire post on the WP-Hackers mailing list archive here.
What Do You Think?
So what other ideas do you have to improve the WordPress release strategy?