Just Launched: GitHub Deployments

Say goodbye to the hassle of manual file uploads and tedious deployments, and say hello to WordPress.com’s new GitHub Deployments.

With GitHub Deployments, you can seamlessly connect your repository to your WordPress.com site in just a few clicks. Now you can focus on what you do best: writing outstanding code. Each time you push a change to your GitHub repository, it will be deployed to your WordPress.com site automatically or upon request. 

Check out this video overview from Paulo Trentin, one of the developers who worked on this feature:

Here are three reasons why we know you’re going to love GitHub Deployments on WordPress.com:

1. A streamlined workflow

GitHub Deployments help you manage your site’s code in a reliable, predictable, and automated way using version control instead of older or manual mechanisms, such as FTP or SSH tools. In its simplest form, it doesn’t require a workflow file like our previous GitHub integration, which relied on a GitHub action; instead, you can connect and deploy in just a few clicks, all within your WordPress.com dashboard.

This is a welcome change for developers who want to simplify their code deployment process and migrate away from the manual operations and error-prone nature of SFTP and SSH transfers. 

GitHub Deployments also allows you to connect multiple repositories to a single site, encouraging code reusability between the sites you manage. Want to deploy a plugin or theme to multiple sites with a single branch push? Have at it! Want to manage your entire site’s code from a GitHub repository? We’ve got you covered!

2. Run checks and tasks

GitHub Deployments also gives you the power to process files and run tasks before transferring the files to your WordPress.com site through GitHub workflows. This helps ensure that all team members publish code following your chosen patterns and expectations, for example. 

If that’s your thing, you can install Composer dependencies and run any command supported by GitHub actions prior to sending any code updates to your site. Find a few of our favorite workflow recipes here.

Three cheers for unified, well-written code!

3. Deploy the way you want

You can adjust the deployment settings for each repository, giving you complete control over how your code is shipped.

You can choose to automatically deploy changes to your WordPress.com site as soon as code is committed to your repository, or you can request deployments manually. Manual deployments give you the most control over when your code changes are pushed live, as you’ll use the GitHub Deployments interface to trigger a deployment. We recommend manual deployments if you don’t want to use a staging site.

In general, automatic deployments are not recommended for live production sites, as any changes to the code in the repository are automatically deployed from GitHub to the live site. Instead, you may decide to automatically deploy first to a staging site and then sync the staging site to production once you’re ready.

That said, choose your own adventure and deploy on your own terms.

Do your thing, and we’ll handle the rest

Development on WordPress.com has never been easier. Say goodbye to manual deployments and hello to more efficient collaboration, streamlined version control, and the peace of mind that comes with knowing your project data is secure.

Get instant access to our new GitHub Deployments with a Creator or Entrepreneur plan (did you know we have a 14-day refund policy?).

Ready to try GitHub Deployments out for yourself? Click here to start deploying, and learn more by reading our developer documentation.

Major kudos to the GitHub Deployments team on this launch! Paulo Trentin, Jeroen Pfeil, Kenroy Mcleish, Mike Kelly, Javier Arce, Jeff Sanquist, Alexa Peduzzi, Jeremy Anderberg, and our beta testers.

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com

In this “Build and Beyond” video, Jamie Marsland re-creates The New York Times’ website in less than 30 minutes using WordPress.com. By utilizing mega menus, master layouts, typography controls, and post grids, Jamie shows us what’s possible with the limitless customizations available with WordPress.

When it comes to mega menus, specifically, it’s worth noting that this is a highly complex customization that should only be attempted by WordPress pros and is mainly shown here as a demo of what’s possible. Please read this blog post on the WordPress.org developer blog before embarking on your own mega menu.

To learn more and get started on your own site today, click below:

Health Alert Network (HAN) – 00504 | Increase in Global and Domestic Measles Cases and Outbreaks: Ensure Children in the United States and Those Traveling Internationally 6 Months and Older are Current on MMR Vaccination – CDC Emergency Preparedness

Health Alert Network (HAN) – 00504 | Increase in Global and Domestic Measles Cases and Outbreaks: Ensure Children in the United States and Those Traveling Internationally 6 Months and Older are Current on MMR Vaccination  CDC Emergency PreparednessU.S. Measles Cases Surpass 2023 Levels, C.D.C. Says  The New York TimesWisconsin pediatrician emphasizes vaccination as measles cases surge across 17 states  Fox11online.comMeasles count through mid-March surpassed last year’s total  The Washington Post

WordCamp Asia 2024: The WordPress Community Comes Together in Taipei

This year’s WordCamp Asia was held in Taipei, the vibrant capital city of Taiwan. Members from WordPress.com joined other Automatticians, as well as around 2,000 other attendees from across 70 countries to connect, learn, build, and give back to the platform that powers millions of top websites across the internet.

The event kicked off with Contributor Day, an opportunity for anyone in the WordPress community, from newcomers to seasoned experts, to get involved and contribute to WordPress. Contributing can mean contributing to code, but it can also mean sharing your expertise in design, offering support in forums, translating content, and much much more. This year’s Contributor Day had a fantastic turnout and it was amazing to see so many folks show up and participate! 

As always, there was a variety of informative and inspiring talks. Some of our favorites included talks about the future of WordPress, the multifaceted nature of design, building and maintaining WordPress sites with AI, achieving efficient workflows with the site editor, and the importance of diversity, equity, inclusion, and belonging in the tech and WordPress communities. If any of these topics pique your interest, you can take a look at the livestream recordings for these and all other WordCamp Asia 2024 talks here

While our colleagues from the WordPress Project, Woo, and Jetpack participated in the event, folks from WordPress.com were also present, contributing, networking, and engaging with the community.

This year we were particularly interested in connecting with developers so that we could better understand their experiences with WordPress.com. Our hosting infrastructure, powered by WP Cloud, is best-in-class, yet the benefits aren’t as well-known in the developer community. To help get the word out about all of our developer-focused features, we’ve recently relaunched our developer site at developer.wordpress.com. Check it out to learn about staging sites, WP-CLI access, and Studio, our upcoming local development environment. 

During the anticipated closing Q&A session at WordCamp Asia 2024, Matt Mullenweg, co-founder of WordPress and CEO of Automattic, opened up about his dreams for a web that’s both open and accessible to everyone. He shared how the core principles of open source are not just shaping WordPress but also knitting together a worldwide community of contributors.

That sense of community is something you can definitely feel at WordCamps. Thirty-six percent of attendees at this WordCamp were first-time participants—a testament to the event’s growing appeal and the ever-expanding WordPress community.

During the closing remarks, Matt revealed that State of the Word 2024 will be held in Tokyo, Japan. The lead organizers also revealed the next WordCamp Asia location: Manila, Philippines, in February 2025. With Manila’s rich tapestry of Spanish, European, American, and Asian influences, we’re in for a vibrant mix of culture, cuisine, and community!

But you don’t have to wait until 2025 to start getting involved. There’s a huge number of local and regional WordCamps happening year-round. Head over to https://central.wordcamp.org/ to find one near you. Whether you’re looking to develop your skills, learn something new, network with the community, there’s something for everyone. We hope to see you out there! 

Introducing “Build and Beyond”: A New Video Series From WordPress.com and Jamie Marsland

Jamie Marsland has been preaching the WordPress gospel for over a decade and has trained thousands of people on blocks, plugins, and more. Through his popular YouTube channel and hands-on courses, Jamie provides incredible tutorials and breaks down the most common misconceptions about building with WordPress. 

We’re happy to share that WordPress.com is partnering with Jamie over the next few months to create a series of videos that will show you how to get the most out of your website experience. From exciting new feature announcements to handy tips and tricks to Jamie’s mind-blowing “website re-creations,” we promise you’ll learn something new in every video.  

Starting later this week, you’ll see those videos posted to both our own YouTube channel as well as this blog. Stay tuned!  

WP Cloud Is Powering the Future of WordPress

The foundational infrastructure for the websites you build and manage is crucial for ensuring a safe, secure, fast, and reliable environment. That’s where WP Cloud comes in. 

Automattic, the parent company of WordPress.com, built WP Cloud because we wanted a cloud platform constructed from the ground up just for WordPress. We’ve hosted millions of websites across the WordPress ecosystem and have become one of the most trusted providers in cloud services. 

At WordPress.com, the WP Cloud infrastructure powers all websites on our Creator and Entrepreneur plans

We’re proud of WP Cloud’s 99.999% uptime, automated burst scaling and failure detection, and failover redundancies that allow you to spend time focusing on building your business or serving your clients instead of worrying about whether a traffic spike will crash the site. 

WP Cloud is also incredibly secure. With DDoS protection, malware scanning, anti-spam measures, SSL certificates, TLS traffic encryption, and real-time backups, you’ll have peace of mind from day one. 

We’re confident that there’s no better cloud platform for your WordPress site(s) than WP Cloud. And we’re not the only ones to think so. 

Today, WP Cloud is announcing that Bluehost—one of the largest website hosts in the world—is launching a new product built atop WP Cloud’s best-in-class infrastructure. 

Bluehost Cloud includes all the technical excellence of WP Cloud, with bundled options for hosting multiple websites. Plus, as with all of the sites on WordPress.com, it comes with Jetpack’s highly acclaimed performance and security features built right in. 

To kick off this partnership, we’re showcasing Bluehost Cloud on WordPress.com’s pricing page, so that you can choose the product that best fits your business needs. As fellow supporters of the WordPress ecosystem, we’re glad Bluehost has chosen WP Cloud for this powerful new offering.

Take advantage of these robust WP Cloud solutions with the Creator, Entrepreneur, or Bluehost Cloud plan.

Django security releases issued: 5.0.3, 4.2.11, and 3.2.25

In accordance with our security release policy, the Django team
is issuing
Django 5.0.3,
Django 4.2.11, and
Django 3.2.25.
These releases addresses the security issue detailed below. We encourage all
users of Django to upgrade as soon as possible.

CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

django.utils.text.Truncator.words() method (with html=True) and
truncatewords_html template filter were subject to a potential
regular expression denial-of-service attack using a suitably crafted string
(follow up to CVE-2019-14232 and CVE-2023-43665).

Thanks Seokchan Yoon for the report.

This issue has severity “moderate” according to the Django security policy.

Affected supported versions

Django 5.0
Django 4.2
Django 3.2

Resolution

Patches to resolve the issue have been applied to the 5.0, 4.2, and 3.2
release branches. The patches may be obtained from the following changesets:

On the 5.0 release branch
On the 4.2 release branch
On the 3.2 release branch

The following releases have been issued:

Django 5.0.3 (download Django 5.0.3 | 5.0.3 checksums)
Django 4.2.11 (download Django 4.2.11 | 4.2.11 checksums)
Django 3.2.25 (download Django 3.2.25 | 3.2.25 checksums)

The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.

General notes regarding security reporting

As always, we ask that potential security issues be reported via
private email to [email protected], and not via Django’s
Trac instance or the django-developers list. Please see our security
policies
for further
information.

Aid an Investigation or Report Something Suspicious in any National Park Service Site – Investigative Services (U.S – National Park Service

Aid an Investigation or Report Something Suspicious in any National Park Service Site – Investigative Services (U.S  National Park ServicePark rangers looking for two vandalism suspects at Lake Mead National Recreation Area  KTNV 13 Action News Las VegasMen caught on camera destroying protected rock formations at Lake Mead National Recreation Area  Fox 5 Las VegasTwo men topple boulders at Nevada national park as young girl watches in fear: ‘Daddy, don’t fall!’  New York Post