Anybody else find it kind of annoying that WordPress has so many supported (but not really supported) versions of itself?
For example, WordPress 4.2.4 was released this week to resolve a security issue. Good luck finding any release statement for WordPress 4.1.7 and WordPress 4.0.7. Are there other versions of WordPress that are being (kind of) supported?
I try to encourage all of my web hosting clients to keep their WordPress script up to date. But it’s hard to keep tabs on all of this when some are running WordPress 4.2, some are running WordPress 4.1, some are running WordPress 4.0, even some are running WordPress 3 - I now have no idea if those are “up to date” or not.
Is it too much to ask for WordPress and other CMS developers to keep a table some where on their website: “Below are the latest support versions of our product” and list all of the up to date versions? Are they just going to keep supporting versions for all eternity? It is difficult to keep security in perspective when there are so many different versions out there that may or may not be secure.
I don’t know if that is always necessarily true. Certainly makes sense, I wish developers would do that.
But if you look at that changelog page note that:
3.7.9
3.8.9
3.9.7
4.0.6
4.1.6
4.2.3
were all released on July 23rd.
Note that
3.7.10
3.8.10
3.9.8
4.0.7
4.1.7
are all missing from that page, but yet those versions were released.
Is WordPress really supporting:
3.7.10
3.8.10
3.9.8
4.0.7
4.1.7
4.2.4
with WordPress 4.3 set to come out any day now?
I pity the day 2 years from now, when the list of “support” WordPress versions is 10 pages long. And good luck insuring that users are keeping it up to date.
This really begs to be simplified, am I the only one seeing this? Only one that cares?
WordPress is trying to encourage it too. Minor patch upgrades now happen automatically - you just get an email telling you that your WordPress version has changed.
Even the other updates are now just a matter of clicking a button. The WordPress dashboard tells you in several spots how many modules are out of date and when you click on any of those references it tells you whether WordPress itself is out of date and which plugins and themes are out of date. To update all of them to the latest version even if all of them are out of date is about five clicks of the mouse.
I agree that WordPress makes it very easy to stay up to date. I’m just not sure if it’s wise to keep this many different versions “active.”
Why are the 3.9 versions still active? Why not retire those? Why not force users to update? If you’re going to argue that some people don’t want the features or the risks of upgrading from 3.9 to 4.2, then realize you’re going to be supporting 3.9 forever. Either people need to upgrade or WordPress is going to have to support it forever. If that’s what they want to do… OK.
Still, a standard place to go on WordPress’s website that lists the latest “versions” for each and every supported release would be great. The only thing that gets announced is 4.2, I have to hunt and peck to find other subsequent releases.
On a separate but perhaps related note, I would encourage WordPress to scale back their releases. I personally don’t see a lot of differences between 4.0, 4.1, and 4.2 (although I’m not a heavy WordPress user) why does there have to be 3 branches for that?
Personally, I like having 1 version of something. If you want to have wide beta’s where you test new features and new items, that’s fine too. Under this scenario, WordPress 3.9 would be the standard 1 version that is being kept alive. WordPress 4.0, 4.1, and 4.2 would all be clumped into a WordPress beta version. If you’re someone that wants new features - understand there’s going to be a lot more upkeep and a lot more updates and subsequent versions - then you can use and test the beta. Everyone that wants a stable version would stay on 3.9. Eventually when all of those features in the beta version become stable, that gets released as WordPress 4.3 (or 4.4, or 4.5… whatever) and WordPress 3.9 dies. Then the feature/beta version starts over again.
The only current officially supported version is WordPress 4.2.2. Previous major releases from 3.7 onwards may or may not get security updates as serious exploits are discovered.
That means that anyone still running 4.1 is no longer guaranteed of support - effectively 4.1 and earlier are already retired.
It is just that WordPress does not force upgrades other than at patch level - and it isn’t that long ago that they introduced that feature.
We’ll have to see what happens when 4.3 comes out (it is the current beta scheduled for release later this month. Presumably all of the new features people have requested in the last six months that they have been able to get working are already in that version and undergoing final testing now.
“We’re going to suppor these older versions of WordPress… until we decide not to… or something”
If you’re only going to support 4.2, then only release updates for 4.2. Anybody not using 4.2, you’re a security risk.
I support that line of thinking. I like that line of thinking. But instead of doing this, WordPress is being wishy-washy and releasing updates for versions all the way back to 3.7.
What am I suppose to tell someone that updates to 3.7.10 today, and then when a security hole is patched next week WordPress chooses not to update 3.7, what am I suppose to tell that person? “Oh yea… you should have upgraded to WordPress 4.2, sorry.” You can’t support 3.7 without supporting 3.7. I also can’t exactly force people to upgrade to 4.2.4 when 3.7.10 was released to security-fix 3.7.
“You need to upgrade to 4.2.4” Why?
“Because it contains the latest security fixes” What is 3.7.10 for?
“It’s for security updates for a WordPress version that is not supported, but is being supported”
This fear to appease everyone by keeping 3.7 “active” is going to backfire eventually.
It’s just a big headache that doesn’t make a lot of sense to me.