Commons 1.13.4

I’ve just released version 1.13.4 of the CUNY Academic Commons. This is a maintenance release, and also a major update release for themes and plugins. Among the issues addressed in this release:

  • Finalized the migration of our “cron” system to a new set of tools
  • Fixed bug that caused per-site upload limits to be enforced incorrectly in some cases
  • Fixed display bug with “plain text” notice in WordPress editor
  • Performance improvements for avatars

For complete details, visit the 1.13.4 milestone.

A new maintenance release cycle for the Commons

For the past few years, the Commons has seen maintenance releases three times monthly. On the 1st, 11th, and 21st of each month, plugins and themes were upgraded to their latest versions, except in the case of “major” updates, which were done en masse as part of the release on the 21st. Date-based releases are good for predictability and regularity. But they often result in releases on Fridays or over the weekend, when members of our development and IT teams are not fully available. This has led to the occasional performance issue or period of downtime, when a release caused an unexpected problem, and we were underequipped to handle it.

Beginning in December 2017, we will be moving to a new schedule, in order to mitigate these shortcomings:

  • Maintenance releases will take place on the second and fourth Tuesday of each month, at approximately 11am Eastern time.
  • Each month’s “major plugin/theme update” release, previously scheduled for the 21st of each month, will now be part of the month’s second release (on the fourth Tuesday). The corresponding blog post will still appear on the 5th of each month.
  • When a scheduled release falls on a major holiday (like Christmas 2018), the dev team may decide to push the release to the following business day. This has always been our informal policy, but this post makes it formal 🙂

Maintenance releases have been added to the Commons Calendar of Events. See https://commons.gc.cuny.edu/events/event/commons-maintenance-release/ for an iCal file that will add the releases to your scheduling application.

The guidelines at https://dev.commons.gc.cuny.edu/release-schedule-and-procedures/ have been updated in accordance with the new policy.

Please leave questions in the comment section below, or direct them to our help desk using the Help button in the toolbar.

Major Commons plugins updates scheduled for 2013-10-21

The following plugins will receive major updates during the maintenance release on October 21, 2013. The numbers in parentheses represent the major version series for each plugin; on the 21st, the plugin will be updated to the latest available version in that series, but no later.

  1. Custom sidebars (1.3)
  2. Jetpack (2.5)
  3. List Pages Shortcode (1.6)
  4. PhotoDropper (2.2)
  5. Rotating Tweets (1.6.1)
  6. Subscribe2 (9.0)
  7. TablePress (1.1.1)
  8. The Events Calendar (3.1)
  9. ThreeWP Broadcast (1.32)
  10. Twitter Widget Pro (2.6.0)
  11. WP Security Scan (4.0.1)
  12. WP-PostRatings (1.76)

No themes will receive major updates during the maintenance release on October 21, 2013.

Question or concerns about these releases? Leave a comment below, or contact our team at commons@gc.cuny.edu.

(This post is the second in the series of “major update release warning posts”, announced in https://dev.commons.gc.cuny.edu/2013/09/05/new-release-schedule-and-procedures-document-available/ and described in detail at https://dev.commons.gc.cuny.edu/release-schedule-and-procedures/#major-update-releases.)

Commons 1.4.12.1

On Monday morning, I released version 1.4.12.1 of the CUNY Academic Commons. 1.4.12.1 was an emergency security release. On Saturday, Dec 11, our automated security scans showed that there had been unauthorized access to our system. Over the course of Saturday and Sunday, the Commons development team investigated the problem and cleaned up the vandalism left by the hack. We determined that the source of the vulnerability was a WordPress plugin that contained an incorrectly implemented feature. We modified the plugin to remove the problematic feature, closing this particular security hole, and we are working on implementing improved procedures for vetting software before installing it on the Commons to avoid further issues.

Our team has determined that damage was limited to a minor piece of vandalism on one page of the site and that no changes were made to user files or data as a result of this incident.

If you have questions or comments about this issue, please don’t hesitate to contact the Commons team.

Commons 1.4

I’ve just released version 1.4 of the CUNY Academic Commons. 1.4 is a major feature release for the Commons. Some feature highlights:

  • Reply to BuddyPress content (forums, private messages, public activity mentions) by responding to email notifications. This plugin, BP Reply By Email, was developed specifically for use here on the Commons, by our own Raymond Hoh.
  • Users can now specify that specific profile field should be visible to Friends, Logged-In Users, or Anyone
  • Upgraded to the latest version of BuddyPress, version 1.6
  • New WordPress plugin for embedding Google Docs, developed (again!) by our own Raymond Hoh
  • Users can now select affiliation with more than one college
  • The WP plugin Anthologize is now available for Commons blogs
  • Users can now clear recent status updates from their profile headers

Special thanks to all members of the Commons Development and Community teams who helped to make this release possible.

For complete details on the release, visit the 1.4 milestone.