Codex tools: Log in
22:00 < rboren> <meetup> 22:00 < rboren> There's one thing on the agenda. 22:00 < rboren> Some security issues with plugins... 22:00 < rboren> That aren't checking caps. 22:01 < rboren> Which I'm looking at. Not much we can do in WP proper except make sure the default plugins are locked down tight. 22:01 < rboren> And remind people to check caps in their plugins. 22:01 < skeltoac> How are the docs on this? 22:02 < rboren> Haven't looked yet. 22:02 < rboren> Need to audit docs. 22:03 < rboren> WP does not check caps for plugins. All it does is make sure the user is logged in when accessing plugins through the admin. 22:03 < rboren> We fixed some bugs like this for db backup in 2.0.3... 22:04 < rboren> So, we need to audit the default plugins, audit docs to make it clear that plugins need to check caps, and notify authors of compomised plugins. 22:05 ::: bazza [n=bazza@c-24-5-66-10.hsd1.ca.comcast.net] has joined #wordpress-meetup 22:05 < rboren> Anything else on that? 22:06 < rboren> Okay then. Let's talk 2.0.4. 22:06 < rboren> Getting thumbs up on testers list. 22:06 < rboren> We wittled down the bugs against the 2.0.4 milestone pretty well. 22:06 < rboren> I think we should release a beta soonish. 22:06 < rboren> Get one more round of testing. 22:06 < rboren> And get it out the door. 22:07 < skeltoac> Sounds good. 22:08 < rboren> Show and tell time? Anyone got fun stuff in the works? 22:09 < skeltoac> Scott Wallick (plaintxt.org) and I have been working on a theme 22:09 < mdawaffe> workinng on a slim backpack style plugin for wp 22:09 < mdawaffe> only a local copy at the moment 22:09 < mdawaffe> skeltoac: yeah - that sounds hot 22:09 < skeltoac> thanks mdawaffe 22:10 < skeltoac> We're making it very strong in the markup department 22:10 < skeltoac> and including a skin chooser for picking stylesheets 22:11 < skeltoac> I'd love it if this became the new default theme. It has a Kubrick skin already. 22:11 < skeltoac> It comes with some base stylesheets for 1-col, 2-col and 3-col layouts 22:11 < skeltoac> all using the same markup 22:11 ::: You're now known as westi 22:11 < mdawaffe> skeltoac: do all your fancy classes have any appreciable overhead? 22:12 < mdawaffe> I imagine not 22:12 < skeltoac> mdawaffe: Not that I've seen. They do stuff like is_single 22:12 < skeltoac> mostly bool checks 22:12 < mdawaffe> sure 22:15 < skeltoac> We'll have something for public testing soon. 22:15 ::: gsnedders [n=gsnedder@host81-156-237-58.range81-156.btcentralplus.com] has quit [] 22:18 < rboren> I've got nothing else. Anyone? 22:18 < skeltoac> not so much 22:19 < rboren> Let's call it. 22:19 < rboren> </meetup>
