Published on July 11th, 2013 by Boone Gorges
Published on July 10th, 2013 by Boone Gorges
BuddyPress 1.8 is so close you can smell it! (Incidentally, it smells kinda like pizza.) The first release candidate (RC1) for BP 1.8 is now available.
“Release candidate” means we think everything’s in place for the final 1.8 release, but want to give developers and users one last chance to kick the tires. Not sure what to test? We’re working on formal release notes, but in the meantime visit
/wp-admin/index.php?page=bp-about of your RC1 test installation for a summary of the major changes in 1.8.
RC1 also means a strict string freeze. If you maintain any BuddyPress localizations, now is the time to complete any necessary translations against trunk.
Get BP 1.8-RC1 via SVN, or as a zip. If you find issues or have questions, head for our support forums or our development tracker.
Published on July 5th, 2013 by Boone Gorges
BuddyPress 1.7.3 is now available. This is a security and maintenance release, and we urge all installations running BP 1.5 or later to upgrade immediately.
Version 1.7.3 includes fixes for the following:
- A cross-site scripting vulnerability in the way that success/error messages are stored and then displayed
- A bug that caused Set-Cookie headers to be sent inappropriately, causing problems for certain caching configurations
Complete details can be found in the 1.7.3 release notes.
Many thanks to Andrew Nacin for his responsible disclosure of the XSS issue to the BuddyPress team. As a reminder to the community: if you think you’ve found a security issue in BuddyPress, please practice proper disclosure procedure, and report issues directly to the BP development team (or to security [at] wordpress.org).
Download BuddyPress 1.7.3 from Dashboard > Updates, or from the wordpress.org plugin repository.
Published on June 13th, 2013 by Boone Gorges
BuddyPress 1.8-beta2 is now available. Since our first 1.8 beta a few weeks ago, we’ve fixed a number of issues, especially related to the new
BP_Group_Member_Query class. If you are a plugin or theme developer, please test the latest beta in your development environments. This is also a good time for BuddyPress translators to start thinking about the 1.8 release, which is slated for about two weeks for now.
As usual, this is beta software, and we recommend that you do not run it in a production environment.
Download BP 1.8-beta2 via svn, or in zip format. Check out our support forums if you have questions, and visit Trac with bug reports.
Published on May 16th, 2013 by John James Jacoby
Ladies and gentlemen, start your testing engines: BuddyPress 1.8-beta1 is ready for a lap around the track.
If you develop BuddyPress themes or plugins, or if you run a BP-powered community site, now is the time to start testing the next major version of BuddyPress in your development environments. BP 1.8 will feature a large number of fixes and enhancements. For the full list, see the 1.8 milestone in Trac. Here is a short list of major changes, areas where you may want to focus your testing energies:
BP_Group_Extension has been largely rewritten, with the goal of making Group Extension plugins faster and more consistent to write (#4955). We’ve worked hard to make sure that existing
BP_Group_Extension plugins will continue to work as before, but we encourage you to verify your own plugins. In the upcoming days, I’ll be writing updated Codex documentation for the Group Extension API, so you can see how the new features in BP 1.8 will make writing group extension plugins radically simpler. Watch bpdevel.wordpress.com for updates.
- The group administration panels in the Dashboard have seen some improvements – in particular, to the way that the Manage Members section works (#4482, #4977). Pagination support has been added to the member lists in these panels, as well as the
bp_group_has_members() stack that underpins the panels.
- The bp-legacy stylesheet has undergone a process of “detheming” (#4953). We’ve combed through the bp-legacy CSS – which provides BP-specific styling on themes that don’t have native support for BP – and removed some of the lingering stylistic remnants of the bp-default theme. Now, things like font faces, buttons, and form element styling will be inherited from your WordPress theme in a much more graceful way.
- We’ve introduced a new template hierarchy layer for top-level templates (#4639). Similar to WordPress’s template hierarchy, this new feature allows themes to provide top-level template files that are specific to a component or item. For example, if your theme contains a template at
groups/index-directory.php, it’ll be used instead of
page.php when viewing the Groups directory. See r7212 for more details on the hierarchy, and watch the Codex and bpdevel for documentation between now and the 1.8 release.
bp_has_activities() now accept a
meta_query parameter (#3521). This means you can filter a group or activity query based on groupmeta or activitymeta, using the very same
meta_query syntax familiar from WP_Query.
- @-mentions can now be disabled (#3388), by adding
add_filter( 'bp_activity_do_mentions', '__return_false' ); to your bp-custom.php file.
- RSS feeds for activity streams have been overhauled (#5020). Our RSS implementation has been brought more in line with best practices for feed construction. And feed-building logic has been abstracted from myriad standalone feed templates into a single
BP_Activity_Feed class, which makes the creation of custom feeds a breeze.
Remember that BuddyPress 1.8-beta1 is beta software, and we don’t recommend running it on a production site quite yet.
Get 1.8-beta1 via svn, or by downloading the zip file from wordpress.org. Find a bug or have a question? Check out our support community, or visit our development tracker.
Read more →
Published on April 30th, 2013 by Boone Gorges
BuddyPress 1.7.2 is now available. This maintenance and security release fixes several MySQL injection possibilities reported by Glyn Wintle from dxw.com, and a few other issues we caught after 1.7.1 was released last month. 1.7.2 is a recommended upgrade for all installations running BP 1.5+.
For complete details on what’s changed in BP 1.7.2, see the Trac milestone or the 1.7.2 changelog in the BuddyPress Codex.
Download it today from the wordpress.org plugin repository, or from the Plugins page in your WordPress Dashboard. Questions or comments about the release? Visit our support forums or our bugtracker.
Published on April 11th, 2013 by John James Jacoby
BuddyPress 1.7.1 is now available. This is a maintenance release, which fixes a number of bugs reported since version 1.7 came out earlier this month. For complete details on what’s changed in BP 1.7.1, see the Trac milestone or the 1.7.1 changelog in the BuddyPress Codex.
1.7.1 is a recommended upgrade for all installations running BP 1.5+. Download it today from the wordpress.org plugin repository, or from the Plugins page in your WordPress Dashboard. Questions or comments about the release? Visit our support forums or our bugtracker.
Published on April 8th, 2013 by Boone Gorges
With the release of BuddyPress 1.7 just a few days ago, and with almost 1.5 million downloads behind us, I wanted to take the time to remind everyone about what’s gone into improving BuddyPress recently, and to reassure everyone that it’s okay to update.
In the early days of BuddyPress, things were in flux. Andy and I were furiously building components and features, deprecating code, refactoring the way things worked, and generally tearing up the codebase over and over again. It helped us build a great foundation, but it made updating to the next version a scary and frustrating experience. To those that remember those days, I apologize; to everyone else, I’m sorry you missed out on the fun.
Whenever your WordPress installation checks to see if BuddyPress needs an update, the WordPress.org Extend API remembers the current version of BuddyPress that you’re running. This is how we know (with relative accuracy) approximately how many of what versions are out in the wild, and it’s also how we generated the pinwheel below, taken from the Stats page from WordPress.org Extend:
Every color of the rainbow is clearly represented
Despite the pretty colors, this pie chart is actually a little scary. There are so many old and outdated installations of BuddyPress out there, not taking advantage of the neat new features, and not running the most stable and secure code available. The irony is, this is largely our fault.
These days, BuddyPress is a 1 click update in your WordPress dashboard, and we’ve built a bunch of API’s that allow third party plugin developers to write plugins that won’t break when BuddyPress needs an update. We’ve spent a large part of the past 2 years reinforcing the foundation we invested in, so that no one needs to be afraid to update BuddyPress ever again.
Starting with BuddyPress 1.8, the core team will be focusing our efforts on including automated tests with each enhancement and critical bug fix, to help ensure that each future release gets more stable than the release before it. Boone Gorges and Paul Gibbs both donated huge amounts of labor building a test suite that is already committed into our development branch, just days after BuddyPress 1.7 was packaged up. Their dedication towards making BuddyPress stable and amazing for everyone is unwavering, and their contributions are truly awesome.
If you’re running an old version of BuddyPress, I urge you to check out and update to BuddyPress 1.7. It’s the culmination of thousands of hours of effort, and is the most stable, secure, and performant version of BuddyPress yet. Help us change that pinwheel into more of a Pac-Man or a circle.
Published on March 27th, 2013 by John James Jacoby
BuddyPress 1.7 “Totonno” has arrived, and it’s our best version yet!
What’s New in 1.7
BuddyPress 1.7 is a major feature release, containing hundreds of bugfixes and dozens of new features. We’ll show off a few of our favorites below. Want to see a full changelog for 1.7? Check it out on the Codex.
BuddyPress’s social features add new kinds of content to your WordPress site: groups, profiles, and so on. Until now, displaying that content has required building or finding a BP-compatible theme – one of the biggest hurdles to using BuddyPress. Version 1.7 makes this a thing of the past. Using a feature we call “theme compatibility”, BuddyPress can display its content within the context of any WordPress theme – no modifications required. Here are a few screenshots showing BP running on a few popular themes:
Not satisfied with the way it looks out of the box? Not a problem. BuddyPress still provides a sophisticated, modular templating system, which you can easily customize in your own theme. Theme developers and designers can learn much more about theme compat on the BuddyPress codex.
Group Administration in BP 1.7
If you’ve run a BuddyPress-powered community site, you know that groups are a powerful way for members to connect. But there’s been no way for site administrators to manage groups. BP 1.7 introduces a brand new set of Group Administration panels on your WordPress Dashboard. Now BP admins can bulk-delete groups, edit group settings, and manage group membership without ever leaving wp-admin.
A Better Installation Experience
BuddyPress makes it easy to add social features to your site, and BP 1.7 streamlines the process more than ever. We’ve removed the installation wizard in favor of a totally automated setup – just hit Activate, and we’ll handle the rest. On new installations, only the Activity and Extended Profiles components are activated, helping you to start small and grow your community features bit by bit. And, following in WordPress’s footsteps, we’ve added About and Credits screens, helping you to get up to date on the BuddyPress project.
BuddyPress 1.7 is codenamed “Totonno”, after the legendary Brooklyn pizza joint. Totonno’s is just a few blocks from the Cyclone and the Coney Island boardwalk, and there’s no better end to a lovely spring day than to indulge in what may be the world’s greatest pepperoni pie. With spring finally coming to Brooklyn, we think it’s appropriate to honor a pizza institution with what we think will be a watershed BuddyPress release.
The BuddyPress Community Rocks
Hundreds of developers, designers, and community volunteers have put thousands of hours into this version of BuddyPress. When you use BP, you’re standing on their shoulders. The following individuals contributed patches during the 1.7 release cycle:
aesqe, apeatling, borkweb, calin, chouf1, chrisclayton, cnorris23, ddean, DennisSmolek, Dianakc, dontdream, empireoflight, enej, ethitter, fanquake, gmax21, hnla, humanshell, imath, Jacek, jag1989, jbobich, jkudish, jpsb, karmatosed, MacPresss, magnus78, markjaquith, Maty, mercime, michael.ecklund, modemlooper, nacin, netweb, rogercoathup, sboisvert, sbrajesh, slaFFik, steve7777, tiraeth, will_c, wpdennis, xt4v.
Do you have questions about the latest BuddyPress release? Check out the BuddyPress Codex – our growing collection of official documentation – and especially the pages in the 1.7 category. Volunteers are also standing by in our active support and discussion forums. If you’ve found a bug in BuddyPress, or if you want to contribute code to the next release, our development home is buddypress.trac.wordpress.org
You might not be able to make it to Coney Island this summer, but we think that BuddyPress 1.7 “Totonno” is (almost) just as good. Download it today from the wordpress.org plugin repository, or from your WordPress Dashboard.
Published on March 23rd, 2013 by John James Jacoby
Today the BuddyPress team would like to tell you a bit about BuddyPress 1.7, release candidate 1.
BuddyPress 1.7 is going to be one of our most exciting releases to date. It comes packaged with the same theme compatibility that was introduced in bbPress 2.0, which means that BuddyPress will now work out-of-the-box with a majority of the WordPress themes available today.
We’ve also fixed a bunch of annoyances, and smoothed out the installation and update experiences, to provide users and site-admins with a less intimidating introduction into building a community with BuddyPress.
Because of the hugeness of 1.7′s features and changes, we’ve spent a little extra time rigorously testing it with various types of themes and installations, to make it a worry-free update from BuddyPress 1.5 or later. The beta-testing phase has gone well, and uncovered only a few loose-ends that needed tying.
With that, we bring you BuddyPress 1.7, Release Candidate 1. Please try it, either on a test site, or wherever you feel comfortable running it, and let us know if you run into any issues.
BuddyPress 1.6.5 is now available. It’s the fifth minor release to the 1.6 branch, and is a recommended update for all previous versions of BuddyPress.
1.6.5 fixes 1 security issue potentially allowing access to the ‘delete-account’ Settings screen for users that should not normally have that privilege. This bug was reported and researched by Rob Begic, and fixed by the BuddyPress core team.
Download 1.6.5 or visit Dashboard → Updates in your administration area to update now.