Non classé

So, two other Matts at Cloudflare announced EmDash — the spiritual successor to WordPress that solves plugin security. (Is it nominative determinism or a simulation glitch that everyone trying to terraform the web has some variation of “Matthew” in their name? I was in a call set up by Matthew Prince, talking to Matt Taylor and Matt Kane, with my right hand there, Matías.) First, I’m going to tell you why this isn’t spiritually tied to WordPress at all, then why they haven’t solved plugin security, and finally offer some suggestions. The Spirit of WordPress WordPress exists to democratize publishing. That means we put it everywhere. You can run WordPress on a Raspberry Pi, on your phone, on your desktop, on a random web host in Indonesia charging 99 cents a month, and you can run it scaled up on AWS or across multiple datacenters. The same code. When you download WordPress Playground you’re running the same code that’s being attacked a thousand times a second at WhiteHouse.gov. That’s what we mean when we say democratization. It’s all built on open source and web standards. You can run it anywhere; there’s no lock-in. That’s why we do what we do. It’s really hard. You can come after our users, but please don’t claim to be our spiritual successor without understanding our spirit. The Spirit of EmDash I think EmDash was created to sell more Cloudflare services. And that’s okay! It can kinda run on Netlify or Vercel, but good stuff works best on Cloudflare. This is where I’m going to stop and say, I really like Cloudflare! I think they’re one of the top engineering organizations on the planet; they run incredible infrastructure, and their public stock is one of the few I own. And I love that this is open source! That’s more important than anything. I will never belittle a fellow open source CMS; I only hate the proprietary ones. If you want to adopt a CMS that will work seamlessly with Cloudflare and make it hard for you to ever switch vendors, EmDash is an incredible choice. Claimed Plugin Security In another example of them not understanding the spirit of WordPress, the fact that plugins can change every aspect of your WordPress experience is a feature, not a bug! And their sandboxing breaks down as soon as you look at what most WordPress plugins do. I know we get a bad rep because there are 62k plugins with wildly variable engineering quality, and more every day, and when one installed on 0.01% of our user base has a vulnerability, a bunch of websites write breathless articles that get clicks saying “122,000 WordPress Sites Vulnerable!” That, by the way, I think we’ll be able to fix in the next 18 months with AI. The plugin security only works on Cloudflare. Critical Feedback As I said, we had a call with Cloudflare on March 23rd, where they asked for feedback on this thing they built but didn’t tell us the name, said it would probably launch in their developer week towards the end of April, and some top colleagues and I offered to help. I wish I could say the things I’m saying in this blog post on that call, and if they had just shared the announcement post I could have, but in the spirit of open source here’s what I would have said: If they had said the name I would have asked if they had any other options because I have an amazing colleague named Emdash who is doing some of the most exciting stuff with WordPress and AI. (BTW I think our Em will have more impact on the web than this in five years.) I actually think the product is very solid, there’s some excellent engineering, migration tools, it’s very fast, and the Astro integration is nice. I’d be surprised if this doesn’t get tens of thousands of sites on it. The UI is in the uncanny valley of being sorta-WordPress sorta-not. I know it wasn’t a weekend vibecode project, but it has some of that smell. Stuff breaks at the edges. I think using TinyMCE is a regression, and they should adopt Gutenberg, which we licensed and created to be used by other CMSes. The Skills are amazing, a brilliant strategy, and we need to do the same as soon as possible. I’ve been working on something similar and got some good ideas from their implementation. I’m not going to say which parts, but they copied a lot of things we’re planning to kill. Build from first principles. Make it better. Skate to where the puck is going. There’s a new CMS every other day. And that’s great! I love building CMSes and I totally get why other people do, too. In Conclusion Some day, there may be a spiritual successor to WordPress that is even more open. When that happens, I hope we learn from it and grow together. Until then, please keep the WordPress name out of your mouth.

Key figures from the FAIR TYPO3 hackathon discuss the platform-agnostic FAIR protocol, its integration with TYPO3, and advancements in digital goods distribution across multiple systems.

I’m really excited to introduce a project I worked on with various AI agents the other night, which I think represents a new way we might build things in the future. First, the problem: My WordPress site has 5,600+ posts going back decades, and I had some categories that were old and I didn’t really use anymore, and I wasn’t happy with the structure. Every time I made a new post, it irked me a little, and I had this long-standing itch to go back and clean up all my categories, but I knew it was going to be a slog. Let me present Taxonomist, a new open-source tool you can run with one copy-and-paste command line that solves this problem. Here’s the idea: You run this code in your terminal, and it spins up a Claude Code instance that asks you for your URL. Then it takes that and figures out what type of site you have, which APIs are available, and starts downloading all your posts locally for analysis. Sub-agents analyze every post against your current categories and thinks about suggesting new ones. It previews all the changes. Tries a variety of ways to authenticate against your site and make all the changes. Logs everything locally, so anything is reversible later. THIS IS VERY ALPHA. PROBABLY BUGGY. BE CAREFUL WITH IT. PATCHES WELCOME. MAYBE MAKE A BACKUP OF YOUR SITE BEFORE YOU CHANGE IT. It kind of just worked. I ran it live against ma.tt and it cleaned up a ton of stuff pretty much exactly how I wanted. But there’s a lot of weird stuff happening here, so I don’t know quite what this is yet. It’s very non-deterministic! There is some pre-written code, and probably could be more, but a lot of the code is generated on the fly by your agent. This creates interesting bugs where people testing with less powerful models had some odd behavior. I kind of want a directory of these useful AI agents on WordPress.org, but also, there’s something a little strange about trusting a remote shell script to run on your machine. I tested this with Claude, but there’s no reason Codex couldn’t use the repo in the exact same way, and I’d love to improve the quick start script to start by detecting all the agents you have, asking which you’d like to use, and also which directory you’d like to work in. I think we could kill the cd taxonomist-main && claude « start » part of it. Because much of the code and commands are generated on the fly from prompts, it’s very resilient! I’ve seen people try it, and it ran into errors with libraries or whatever, but it just figured out how to work around them. I’d love it if, at the end of every session, there was a moment for self-reflection where the agent would take the repository and suggest upstream issues and PRs based on anything that went wrong. Then this could recursively self-improve very quickly. There are some obvious improvements to this, for example, doing this for tags. Sometimes it creates too many categories when you might only want 3-5 for your theme. One fun thing is a bunch of the work of this just uses public WordPress APIs, so you can run it against any site! I like using distributed.blog as a demo. It’ll still do all the fun downloading and analysis and everything, you just won’t be able to make changes. I now have a local cache of all my WordPress posts I can do other interesting things with, and that’s cool. The logging and reverting probably still has some bugs in it. You can riff with it along the way, so for example, it suggested I get rid of my Audrey category because it didn’t have enough posts, and I asked it to look at all the companies on Audrey.co website and categorize any posts that talk about them as Audrey, which created like 50 more. I want to check the GitHub repo for any updates before it starts, and maybe periodically, because it’s iterating and improving really fast. It’s not the default but the entire thing is way more pleasant if you run it with skip-permissions. So testing I usually run the one-liner, exit, resume with skip. You can see some of my prompt history in the Github but I apologize it’s not comprehensive, I also used Gemini and Codex with this and got lots of value from them. So, not sure what this is, but please check it out, play with it, submit improvements or ideas, and think about what’s next. Might host a Zoom or something to brainstorm. The final thing I say is that this was a very different process of writing software for me. Instead of staying at the computer the entire time, I found myself going away for a bit, napping and dreaming about the code, coming back with new ideas and riffing on them. Maybe I’ll return to my Uberman polyphasic sleep days? Nap-driven development? BTW I have lots of thoughts and feedback for Emdash but I thought this was more interesting, will try to get that out later tonight. One preview: TinyMCE is a regression; they should use Gutenberg! We designed it for other CMSes and would be fun to have some common ground to jam on.

Transcript [00:00:19] Nathan Wrigley: Welcome to the Jukebox Podcast from WP Tavern. My name is Nathan Wrigley. Jukebox is a podcast which is dedicated to all things WordPress, the people, the events, the plugins, the blocks, the themes, and in this case, WordPress content creation, education, and the unexpected diversion into a pizza plugin. If you’d like to subscribe to the podcast, you can do that by searching for WP Tavern in your podcast player of choice, or by going to wptavern.com/feed/podcast, and you can copy that URL into most podcast players. If you have a topic that you’d like us to feature on the podcast, I’m keen to hear from you and hopefully get you, or your idea, featured on the show. Head to wptavern.com/contact/jukebox, and use the form there. So on the podcast today we have Elliott Richmond. Elliott’s been deep in the WordPress community for over 20 years, developing since the early days, back when WordPress was yet to be forked from b2. He’s freelanced, built with multiple CMS systems, and has contributed creatively to the community, including releasing a WordPress advent calendar way back in 2013. He is an active WordPress developer, content creator on YouTube, and unexpectedly a part-time pizza vendor running a thriving pizza business powered entirely by WordPress tools. Many listeners will know Elliott for his technical videos, but today we discuss how WordPress has served as the glue for unexpected ventures, like scaling a local pizza business during lockdown, using WooCommerce, Jetpack, and custom plugins. Elliott’s experience showcases just how flexible WordPress can be, whether for websites, unique ordering systems, or even streamlining business processes for other niches. Recently, Elliott has been asked by Automattic to create content around wordpress.com, giving him early access to features, and allowing him to share his workflow and insights with a broader audience. He talks about his approach to content creation, balancing scripting versus improvisation, and details his low tech kit from iPhone cameras to DIY lighting. Throughout the episode, Elliott shares how community connections and feedback loops, especially via YouTube comments, shape his work, and he discusses the new opportunities for content creators within the WordPress ecosystem. If you’re interested in WordPress beyond websites, curious about how to turn technical, know-how into educational video content, or just want to hear about WordPress powered pizza, and who doesn’t, this episode is for you. If you’d like to find out more, you can find all of the links in the show notes by heading to wptavern.com/podcast, where you’ll find all the other episodes as well. And so without further delay, I bring you Elliott Richmond. I am joined on the podcast by Elliott Richmond. Hello Elliott. [00:03:35] Elliott Richmond: Hello. How you doing? Thanks for having me. [00:03:37] Nathan Wrigley: You’re so welcome. Elliott and I have had a little bit of a chat prior to hitting the record button. Elliott’s one of those people who has been in my world for many years, because I’ve been vicariously watching what, this is going to sound a rather sinister. I’ve been watching what Elliott’s been doing for several years. And we’ll get into some of that in a moment. It’s a pleasure to have you on the podcast anyway. I feel like I know more about you than you will do about me, that’s for sure anyway. But welcome to the podcast. [00:04:08] Elliott Richmond: Thank you. Yeah, thank you for having me. I think if you put yourself out there, you are bound to attract stalking of some form. [00:04:14] Nathan Wrigley: That’s right. Okay. I hope it doesn’t come across as that. [00:04:18] Elliott Richmond: No, not at all. Not at all. [00:04:19] Nathan Wrigley: But will you just give us a little bit of your background? Obviously this is a WordPress specific podcast, so you can dip into your early childhood if you like, but maybe if we constrain it to WordPressy things. How long have you been using WordPress? What do you do at the moment? And then we can get into some of the fun things you’re going to be doing. [00:04:36] Elliott Richmond: Yeah, sure. So I’ve been using, or developing with, wordPress for over 20 years. So pretty much as old as WordPress is, but I was developing before that, building stuff. I’m self-taught developer, but I was building stuff in the early nineties for bands and stuff that I was in, creating music and just putting stuff out on the web. But then I realised, when I was working at an agency, it was a design agency, that there was definitely a market for the web effectively, but the company I was working for didn’t really want to get into it. So eventually when I went freelance, I was able to sort of self-teach myself all of the things I was interested in, which was web development. So I used all of the kind of CMSs like Joomla, Drupal, and eventually found b2 which was forked, ended up being WordPress. So, yeah, started seeing lots of communities popping up, meetups and I just reached out to people. And I’ve actually featured on WP Tavern before because of releasing an advent calendar I think it was, back in 2013, I think it was Christmas time. And it was basically just reaching out to other developers and asking them for code snippets. It was back in the day when WordPress was kind of, it was a blog but developers were using it in really creative ways like portfolios, and product databases where you had to use the category and tagging system to actually make things work, and then manipulate the templates. So there was lots of code snippets sort of flying about. So yeah, I just reached out to community and got about 30 developers submitting code, and then just released them as advent calendars. So, today I am still a developer and develop for WordPress, very passionate about WordPress. I’m

Website managers face overwhelming tasks daily, necessitating prioritization, proactive communication, and streamlined processes to reduce mental load and ensure client satisfaction.

In this episode, host Adam Weeks discusses cybersecurity strategies with Andrew Killen, Aaron Campbell, and Mart Virkus, exploring the collaboration essential for addressing evolving cyber threats.

In this episode, Derek Hanson chats with Devin Walker about Jetpack Social updates, including interface redesign, Twitter integration, AI features, and upcoming WordPress 7.0 enhancements for WordPress users.

The Hackathon team discusses their AI tool, TestAlly, focusing on improving accessibility for developers while enhancing collaboration and business benefits.