Critical OpenSSL vulnerability • Australia raises fines for data breaches • Apple only commits to patching the latest OS • EU may require secure code and timely patches.• NSA/CISA guidance for software developers and suppliers
Magne Ilsaas wants WordPress to be more than the pragmatic choice for enterprise clients. He wants WordPress agencies to be known for a distinct WordPress culture and mindset. Alain Schlesser, Carole Olinger, Carl Alexander, and Zach Stepek have a frank talk with Bob Dunn about the costs of not supporting WordPress contributors. Post Status members including Dave Loodts, Marius Jensen, Jeremy Ward, and Chris Reynolds discuss the looming PHP 7.4 EOL. Plus Jb Audras' breakdown of contributions to the WordPress 6.1 release. For your weekend reading, some news and insights from business, workplace, webtech, and govtech writers beyond the WordPress bubble.
Cory Miller asks, "What can we do to better support our plugin developers and product owners?" Katie Keith offers some clues with the story of her WordPress/WooCommerce agency and product shop, Barn2 Plugins. Dan Knauss and Nyasha Green talk about microaggressions, the Active Install Growth Data story, and US federal legislation aimed at Open Source Security. In an increasingly "demon-haunted world," how can we know who is doing what with the hardware and software tools we use? Ben Gabler, CEO and Founder of Rocket.net, is in our Member Spotlight.
In this episode of Post Status Excerpt, Dan and Ny take on three issues in the WordPress community that can threaten or impair trust while also revealing how foundational trust and healthy communication are: 1) racism and microaggressions, 2) the sudden removal and uncertain fate of the active install growth chart in the WordPress.org plugin repository, and 3) open source and security. Briefly discussed: emerging US federal policy that aims to secure open-source software. Zero-trust architecture might work well for networked machines, but human relationships and communities need trust.
United States national security interests are poised to become more invested in and engaged with open source projects classified as public infrastructure. From Log4j to the Securing Open Source Software Act, how did it all come together in 2022, and what may lie ahead?