Skip to:
Content
Pages
Categories
Search
Top
Bottom

BuddyPress 3.2.0 Maintenance Release

Published on September 14th, 2018 by Paul Gibbs

BuddyPress 3.2.0 is now available. This is a maintenance release that fixes 25 bugs and is a recommended upgrade for all BuddyPress installations.

Update to BuddyPress 3.2.0 today in your WordPress Dashboard, or by downloading from the wordpress.org plugin repository. For details on the changes, read the 3.2.0 release notes.

BuddyPress 3.1.0 Maintenance Release

Published on June 6th, 2018 by @mercime

BuddyPress 3.1.0 is now available. This is a maintenance release that fixes 23 bugs and is a recommended upgrade for all BuddyPress installations.

For more information, see the 3.1.0 milestone on BuddyPress Trac.

Update to BuddyPress 3.1.0 today in your WordPress Dashboard, or by downloading from the wordpress.org plugin repository.

Questions or comments? Check out the 3.1.0 changelog, or stop by our support forums or Trac.

BuddyPress 3.0.0 “Apollo”

Published on May 18th, 2018 by Paul Gibbs

BuddyPress 3.0.0 “Apollo” is now available for immediate download from the WordPress.org plugin repository, or right from your WordPress Dashboard. “Apollo” focuses on various improvement for developers, site builders and site managers.

Say hello to “Nouveau”!

A bold reimagining of our legacy templates, Nouveau is our celebration of 10 years of BuddyPress! Nouveau delivers modern markup with fresh JavaScript-powered templates, and full integration with WordPress’ Customizer, allowing more out-of-the-box control of your BuddyPress content than ever before.

Nouveau provides vertical and horizontal layout options for BuddyPress navigation, and for the component directories, you can choose between a grid layout, and a classic flat list.

Nouveau is fully compatible with WordPress. Existing BuddyPress themes have been written for our legacy template pack, and until they are updated, resolve any compatibility issues by choosing the legacy template pack option in Settings > BuddyPress.

Support for WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installs, and much more, without using a web browser. With this version of BuddyPress, you can now manage your BuddyPress content from WP-CLI.

Control site-wide notices from your dashboard

Site Notices are a feature within the Private Messaging component that allows community managers to share important messages with all members of their community. With Nouveau, the management interface for Site Notices has been removed from the front-end theme templates.

Explore the new management interface at Users > Site Notices.

New profile field type: telephone numbers

A new telephone number field type has been added to the Extended Profiles component, with support for all international number formats. With a modern web browser, your members can use this field type to touch-to-dial a number directly.

BuddyPress: leaner, faster, stronger

With every BuddyPress version, we strive to make performance improvements alongside new features and fixes; this version is no exception. Memory use has been optimised — within active components, we now only load each individual code file when it’s needed, not before.

Most notably, the Legacy Forums component has been removed after 9 years of service. If your site was using Legacy Forums, you need to migrate to the bbPress plugin.

Make mine Apollo’s

In north-east London, Stoke Newington — or Stokey, as it’s affectionately known — is an area awash with newly-opening restaurants, amidst lapping waves of encroaching gentrification. Apollo’s is an authentically Neapolitan pizza place on the High Street, serving fantastically tasty yet uncomplicated pizzas. If you ever find yourself in north London, don’t miss Apollo’s!

BuddyPress 3.0 Beta 2

Published on April 15th, 2018 by Hugo Ashmore

It’s with a huge amount of pleasure and excitement that we’re announcing the Beta 2 release of BP 3.0 today ready for testing and feedback.

BuddyPress 3.0 will be a major milestone release for us and one we’re all really excited about, it’s been a long time coming but finally we are close to releasing the first template pack for BP, this is a completely new ‘theme’ or set of template files and functionality designed to replace bp-legacy which has served us so well since it’s inception way back in the major release of 1.7 where we introduced ‘Theme Compatibility’, and we’re all really eager for any feedback during these beta phases you may grab a copy of our beta1 release here to test with.

Nouveau – as our new template pack has been named – provides an all new clean set of markup files, refactored from the ground up to be semantic and accessible. Styles are re-written and provided as Sass partials for developers if wanting to build out new packs. A lot of core functionality for components has been re-written and re-located to be sourced from include files by component in the template directory which allows even easier access to modify functions by overloading to a new theme or child theme. Our major loops, members, activity etc have been re-factored to run under Backbone for a smooth Ajax experience and indeed all the Javascript functionality is re-written to be far more modular than it was before and has a far better modern feel to it’s structuring.

For the first time we have brought in the Customizer to provide user option choices and a range of layout configurations may be selected. In our initial offering we have provided various layout options for the main BP navigation elements allowing for vertical navs or horizontal, tab effect where suitable. for the component loops such as members, Groups we provide an option to display in a grid layout & at row quantity options or simply as a flat classic list layout.

While we are really excited about Nouveau 3.0 also has many other improvements to offer and you can view a list of all closed tickets for 3.0

As always your feedback and testing is an invaluable part of our releases, helping us to catch any last minute bugs.
You can download the beta release for testing at downloads.wordpress.org and install on a local copy of WordPress ( please remember this is a beta release and should not be run on an active production site). Any issues found can be reported on our Trac by creating a new ticket

If you’re a developer comfortable with SVN you might like to checkout a development copy which you can do from this link patches can be submitted to existing tickets or issues found reported on a new ticket.

Further guidance on contributing to BuddyPress is covered on our Contributor guidelines page in our Codex

10 years

Published on March 25th, 2018 by JJJ

In 2008 (just 10 short years ago) Andy Peatling made the very first code-commit to the newly adopted BuddyPress project, joining bbPress, GlotPress, and BackPress at the time. As most of you can probably imagine, BuddyPress was a different piece of software back then, trying to solve a completely different decade’s worth of problems for a completely different version of WordPress.

BuddyPress was multisite only, meaning it did not work on the regular version of WordPress that most people were accustomed to installing. It needed to completely take over the entire website experience to work, with a specific theme for the primary part of your site, and blog themes for user profiles and everything else.

There was a lot to love about the original vision and version of BuddyPress. It was ambitious, but in a clever kind of way that made everyone tilt their heads, squint their eyes, and ponder what WordPress was capable of. BuddyPress knew exactly what it was trying to do, and owned it without apologies.

It touted itself as a “Social Network in a box” at a time when MySpace was generating 75.9 million unique visitors per month, so if you couldn’t imagine how different BuddyPress may have been before, imagine how excited everyone was at the idea of owning their own MySpace.

Since then, Andy invited BoonePaul, and me to help lead the project forward, and in-turn we’ve invited several other prolific BuddyPress contributors to help with every aspect of the project, website, design, and so on.

The BuddyPress team has grown in a few different ways. Most recently, we’ve added Renato Alves to the team to help with WP-CLI support. Renato is a long-time contributor who stepped up big-time to really own the WP-CLI implementation and finally see it through to the end.

Slava Abakumov lead the 2.8 release, and we finally met in person for the very first time just last week at WordCamp Miami. He’s another long-time contributor who has always had the best interests of the project in mind and at heart.

Laurens Offereins has been helping fix BuddyPress bugs and work on evolving features since version 2.1, and while we haven’t met in person yet, I look forward to it someday!

Stephen Edgar (who you may recognize from bbPress) also works a bit on BuddyPress, largely around tooling & meta related things, but he’s fully capable and will jump in and help anywhere he can, be it the forums or features.

Mercime would prefer I not blather on endlessly here about how important she is, or how much I appreciate her, or anything like that, so please forget I mentioned it.

Hugo Ashmore has spent the past 2 years completely rebuilding the default template pack. This is an absolutely huge undertaking, and everyone is really excited about sunsetting ye olde bp-legacy.

Tammie Lister has moved on to work on the enormously important and equally ambitious Gutenberg project. Tammie is wonderful, and doing a great job crafting what the future of democratizing publishing is.

Lastly, a few of our veteran team members took sabbaticals from contributing to BuddyPress in the past few years, which I see as an opportunity to return with fresh ideas and perspectives, or maybe moving onto new & exciting challenges. This is a good, healthy thing to do, both for oneself and the project. Space makes the heart grow fonder, and all that.


A small aside but worth saying here & now, is that leading an open-source project is everything you think it is (or maybe have read already that it is) and like a million other things that are hard to understand until you understand. The one constant (and subsequently the hardest and funnest part) is how to provide opportunities for personal growth, without prohibiting contributions, while also doing what’s best for the greater vision of the project itself, amongst a completely remote group of bespoke volunteers. I think Paul, Boone, and I do OK at this, but we are always learning and adjusting, so please reach out to us if there is anything we can do differently or better.


BuddyPress is my personal favorite piece of software. It’s my favorite community. I wake up excited every day because of what it can do and who it does it for. Put another way, I love what we make it do and who we make it for: ourselves, one another, each other, and you.

Cheers to 10 years, and here’s to another 10!

BuddyPress 2.9.3 Security and Maintenance Release

Published on January 26th, 2018 by Boone Gorges

BuddyPress 2.9.3 is now available. This is a security and maintenance release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.

The 2.9.3 release addresses two security issues:

  • A dynamic template loading feature could be used in some cases for unauthorized file execution and directory traversal. Reported by James Golovich.
  • Some permissions checks and path validations in the attachment deletion process were hardened. Reported by RIPSTech and Slava Abakumov of the BuddyPress security team.

These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to all reporters for practicing coordinated disclosure.

In addition, 2.9.3 includes a change that fixes the ability to install legacy bbPress 1.x forums. Please note that legacy forum support will be removed altogether in BuddyPress 3.0; see the announcement blog post for more details.

BuddyPress 2018 Survey

Published on December 1st, 2017 by @mercime

What would you like BuddyPress to focus on in 2018? The core team has ideas of where BuddyPress can expand on and your input is important to harness the time and resources of an all-volunteer crew.

The survey will take 10-15 minutes to complete. Be assured that we will not publish your name, email address, nor IP address when we post the results of this survey at BuddyPress.org.

Thank you for your time and cooperation. Your feedback will help us improve BuddyPress for you.

=> Take the 2018 BuddyPress Survey

BuddyPress 2.9.2 Security and Maintenance Release

Published on November 2nd, 2017 by Boone Gorges

BuddyPress 2.9.2 is now available. This is a security and maintenance release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.

The 2.9.2 release addresses five security issues:

  • A Cross Site Request Forgery (CSRF) vulnerability was fixed in the interface used by admins to perform certain actions related to sitewide notices. Reported by J.D. Grimes.
  • Some uses of serialized data were judged to need hardening. Reported by John James Jacoby of the BuddyPress security team.
  • An open redirect was fixed on the user edit screens. Reported by Yasin Soliman (ysx).
  • An unauthorized information disclosure vulnerability was fixed in an AJAX handler. Reported by J.D. Grimes.
  • A Cross Site Scripting (XSS) vulnerability was fixed in the avatar upload interface. Reported by Ronnie Skansing.

These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to all reporters for practicing coordinated disclosure.

In addition, 2.9.2 includes a change that improves compatibility with the upcoming WordPress 4.9 release, by removing the call to a newly deprecated hook.

BuddyPress 2.9.1 Security Release

Published on August 23rd, 2017 by Paul Gibbs

BuddyPress 2.9.1 is now available. This is a security and maintenance release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.

We fixed two regressions introduced in 2.9:

  • Groups: fix group description truncation length on group screen.
  • Profiles: fix avatar quality when requesting avatar sizes larger than the user’s uploaded avatar.

Importantly, BuddyPress 2.9.1 and earlier versions were affected by the following security issue:

  • Cross-site request forgery (CSRF) in the XProfile administration Dashboard panel.

These vulnerabilities were reported privately by Ronnie Skansing. Our thanks to Ronnie for reporting security issues in accordance with WordPress’ security policies.

BuddyPress 2.9.0 – ‘La Lombarda’

Published on July 31st, 2017 by Hugo Ashmore

BuddyPress is happy to announce the immediate availability of it’s latest release 2.9 ‘La Lombarda’ available for download or updatable from your WordPress install plugin directory.

This release features a range of improvements and updates for both core functionality and templates.

Amongst a range of improvements and enhancements:

  • BP legacy templates are updated for aria labels to bring a vastly improved level of accessibility to layouts.
  • In line with current practises anchor title attributes are replaced with an enhanced version usable for all devices, BP Tooltips now provides pop up title requirements on mouse hover or keyboard focus.
  • Provide the capability to edit the Group slug: now site admins may edit the group name and the permalink in the dashboard.
  • Prevent group invites being sent to users that have already received one.
  • Uploading of profile images in mobile devices improved as well as better handling of files with non ASCII characters.
  • Email links to private message threads now re-direct logged out users to the login screen, logged in users are directed to message thread.
  • New template tag bp_group_link()
  • Add an order_by parameter for activity queries.

You can see the full set of changes on our codex page Version 2.9.0

Comments & feedback
Please report any issues to the Buddypress Support Forum or open a ticket on our Trac development home.

Contributors
Buddypress is a volunteer project and the core team acknowledges the contributions from everyone listed below that helped to bring 2.9 to the community.

La Lombada
This release is named after what is thought to the oldest and thus first Italian restaurant in the UK established circa 1922 in Aberdeen.

Skip to toolbar