4.6.30

TL;DR

WordPress 4.6.30 is primarily a security and maintenance release that updates the bundled Root Certificates, improves build and test tools, and adds an end-of-support notification for WordPress 4.6. This release ensures continued security for sites still running this legacy version while encouraging users to upgrade to newer WordPress versions for ongoing security updates.

Highlight of the Release

• Updated Root Certificate bundle to the latest version from Mozilla
• Added end-of-support notification for WordPress 4.6
• Improved build and test tools with reusable workflows
• Migrated to Docker Compose V2 for development environments
• Updated composer/ca-bundle to version 1.5.7

Migration Guide

Upgrading from WordPress 4.6.29

This maintenance release focuses on security updates and development environment improvements. No specific migration steps are required when updating from WordPress 4.6.29 to 4.6.30.

However, as WordPress 4.6 has reached end-of-support status, site administrators are strongly encouraged to plan a migration to a newer WordPress version to continue receiving security updates. Please visit the WordPress Updates documentation for guidance on upgrading to a current version.

Upgrade Recommendations

WordPress 4.6.30 contains important security updates, and all sites running WordPress 4.6.29 should upgrade immediately.

However, as WordPress 4.6 has reached its end-of-support status, users are strongly encouraged to upgrade to a current WordPress version rather than remaining on the 4.6 branch. This release includes a notification to remind administrators of this important security consideration.

For sites that cannot immediately upgrade to a newer WordPress version, updating to 4.6.30 is still recommended as an interim security measure.

Bug Fixes

Build and Test Environment Fixes

• Fixed issues with the WordPress Importer plugin in tests by switching from SVN to Git for fetching
• Fixed container architecture issues by updating the MySQL container to always prefer amd64 containers
• Fixed JavaScript testing on Ubuntu 24 by disabling AppArmor
• Fixed SVN-related command failures in CI workflows
• Fixed healthcheck command for the MySQL container

New Features

End-of-Support Notification

A new notification has been added to alert site administrators that WordPress 4.6 is no longer receiving security updates. This notification encourages users to upgrade to a newer version of WordPress to maintain security protection.

Security Updates

• Updated the bundled Root Certificate (ca-bundle.crt) file to the latest version from Mozilla
• Maintained backward compatibility by keeping all unexpired legacy 1024bit certificates
• Updated composer/ca-bundle to version 1.5.7
• Added clear notification that WordPress 4.6 is no longer receiving security updates

Performance Improvements

Development Environment Improvements

• Improved Docker container configurations and workflows
• Enhanced artifact and comment generation for Playground testing
• Optimized GitHub Actions workflows by utilizing reusable components
• Streamlined local development environment setup

Impact Summary

WordPress 4.6.30 is primarily a security maintenance release that updates critical components to enhance security for sites still running this legacy version. The most significant changes include updating the Root Certificate bundle to the latest version from Mozilla and adding a clear notification that WordPress 4.6 has reached end-of-support status.

While this release provides important security updates, it also serves as a reminder that WordPress 4.6 is no longer actively maintained. Site administrators should prioritize upgrading to a current WordPress version to ensure continued security updates and access to modern features.

For developers working with the 4.6 branch, this release includes several improvements to the build and test tools, including migration to Docker Compose V2, container configuration updates, and fixes for the test environment. These changes ensure that the development environment continues to function properly for those who need to maintain compatibility with WordPress 4.6.