[theme-reviewers] Guidance on theme security

Chip Bennett chip at chipbennett.net
Wed Oct 20 14:02:34 UTC 2010

Perhaps we should indicate an allowable age of backward-compatibility
support? What's the right answer here?

1) Themes must support current major WP version only (e.g. 3.0, not 2.9.x)
2) Themes may support a certain number of previous major WP versions (e.g.
for 3.0, Themes may provide backward-compatibility for 2.9.x, or 2.8.x)
3) Themes may provide backward-compatibility as old as the Developer wishes
to support

I think One might be a bit restrictive, and difficult to enforce (WP 3.0
adoption is at just over 49%, 4 months after release), but certainly easiest
on the Review Team. I think Three would be way too difficult to manage, and
would end up causing nightmares for the automated checks (Theme Check and
the Uploader Script), due to backward-compatibility support for deprecated
functions. So, it would seem to me that Two is the most viable option.

The question is: how far back?


On Wed, Oct 20, 2010 at 8:28 AM, Gene Robinson <emhr at submersible.me> wrote:

> A quick draft item has been added to the Theme Review ...
> http://codex.wordpress.org/Theme_Review#Site_Information
> Looks good. I think it would be a service to theme developers to state
> that bloginfo('url') is a wrapper for home('url') that provides backward
> compatibility for versions <  3.0 Although an opposing argument might view
> this as enabling people to hold out on upgrading WP.
> @Nacin -  When you review Simply Works Core 1.3.3<http://themes.trac.wordpress.org/ticket/1596> ,
> I'd appreciate your going-over my <http://themes.trac.wordpress.org/ticket/1566>previous
> review's suggestions <http://themes.trac.wordpress.org/ticket/1566>.
> -Gene (emhr)
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20101020/3f6905e8/attachment-0001.htm>

More information about the theme-reviewers mailing list