[theme-reviewers] Guidance on theme security
Marty Martin
m at seoserpent.com
Wed Oct 20 14:07:06 UTC 2010
Personally I don't give a crap if other users aren't upgrading their WP, but
upgrades to core happen for many reasons (security is a good one) and
there's not much point in releasing a theme for a version of WP you can't
(easily) get any more. Plus, I don't want to have to deal with trying to
figure out if a theme is compatible with 2.9 when I run 3.0.1 on all of my
sites, including my theme checking site. :o)
My $0.02.
Marty
On Wed, Oct 20, 2010 at 10:02 AM, Chip Bennett <chip at chipbennett.net> wrote:
> Perhaps we should indicate an allowable age of backward-compatibility
> support? What's the right answer here?
>
> 1) Themes must support current major WP version only (e.g. 3.0, not 2.9.x)
> 2) Themes may support a certain number of previous major WP versions (e.g.
> for 3.0, Themes may provide backward-compatibility for 2.9.x, or 2.8.x)
> 3) Themes may provide backward-compatibility as old as the Developer wishes
> to support
>
> I think One might be a bit restrictive, and difficult to enforce (WP 3.0
> adoption is at just over 49%, 4 months after release), but certainly easiest
> on the Review Team. I think Three would be way too difficult to manage, and
> would end up causing nightmares for the automated checks (Theme Check and
> the Uploader Script), due to backward-compatibility support for deprecated
> functions. So, it would seem to me that Two is the most viable option.
>
> The question is: how far back?
>
> Chip
>
>
> On Wed, Oct 20, 2010 at 8:28 AM, Gene Robinson <emhr at submersible.me>wrote:
>
>>
>> A quick draft item has been added to the Theme Review ...
>>
>> http://codex.wordpress.org/Theme_Review#Site_Information
>>
>>
>> Looks good. I think it would be a service to theme developers to state
>> that bloginfo('url') is a wrapper for home('url') that provides backward
>> compatibility for versions < 3.0 Although an opposing argument might view
>> this as enabling people to hold out on upgrading WP.
>>
>> @Nacin - When you review Simply Works Core 1.3.3<http://themes.trac.wordpress.org/ticket/1596> ,
>> I'd appreciate your going-over my <http://themes.trac.wordpress.org/ticket/1566>previous
>> review's suggestions <http://themes.trac.wordpress.org/ticket/1566>.
>>
>> -Gene (emhr)
>>
>>
>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20101020/84b8e238/attachment.htm>
More information about the theme-reviewers
mailing list