HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

WordPress

>

Releases

>

4.3.26

WordPress Release: 4.3.26

Tag Name: 4.3.26

Release Date: 5/12/2021

View Release
WordPress LogoWordPress

World's most popular open-source content management system powering over 40% of all websites. Offers extensive plugin ecosystem, themes, and robust community support for blogs, e-commerce, and corporate websites. Highly customizable and scalable platform suitable for beginners and advanced developers.

Open SourceBloggingWebsite Builder

TL;DR

WordPress 4.3.26 is primarily a maintenance release focused on build and test infrastructure improvements. The most notable change is the transition from TravisCI to GitHub Actions for automated testing, along with updates to support NodeJS 14.x across all security-maintained branches. This release also includes a security fix for PHPMailer to improve attachment handling. These changes ensure WordPress 4.3 branch remains maintainable for security updates while modernizing the development workflow.

Highlight of the Release

    • Transition from TravisCI to GitHub Actions for automated testing
    • Added support for NodeJS 14.x in the 4.3 branch
    • Backported Docker-based local WordPress development environment
    • Security improvement for PHPMailer attachment handling

Migration Guide

No specific migration steps are required for this release. This is primarily a maintenance release focused on development infrastructure improvements and a security enhancement.

If you're a WordPress core contributor working with the 4.3 branch:

  1. Note that automated testing now uses GitHub Actions instead of TravisCI
  2. You can now use NodeJS 14.x for development work
  3. The Docker-based local development environment is now available for the 4.3 branch

Upgrade Recommendations

This release contains a security improvement for PHPMailer attachment handling. While WordPress 4.3 is no longer receiving regular updates, this security maintenance release is provided as a courtesy.

Recommendation: All sites running WordPress 4.3.x should upgrade to WordPress 4.3.26 immediately.

For optimal security and features, we strongly recommend upgrading to the latest version of WordPress (currently 6.x), as WordPress 4.3 is significantly outdated and only receives critical security updates as a courtesy.

Bug Fixes

  • JavaScript File Correction: Restored a JavaScript file to its correct state that was unintentionally changed in a previous commit.
  • Test Reliability Improvements: Enhanced HTTP tests to use skipTestOnTimeout() with support for more types of timeouts (e.g., "Resolving timed out", "Connection timed out").
  • SVN Configuration: Corrected svn:mergeinfo for the 4.3 branch to ensure proper version control functionality.

New Features

Development Environment Improvements

  • Docker-based Local Environment: Backported the Docker-based local WordPress development environment to the 4.3 branch, making it consistent with newer WordPress versions.
  • NodeJS 14.x Support: Updated the 4.3 branch to support the latest LTS version of NodeJS (14.x), allowing the same version to be used across all WordPress branches that receive security updates.
  • GitHub Actions Integration: Replaced TravisCI with GitHub Actions for automated testing, including:
    • Workflow files for running automated tests
    • Support for the workflow_dispatch event to run tests on a schedule
    • Split single site and multisite tests into parallel jobs
    • Separate parallel jobs for slow tests on PHP <= 5.6
    • Better branch and path scoping for workflows when running on pull requests

Security Updates

  • PHPMailer Improvement: Enhanced attachment handling in PHPMailer to address potential security concerns. This change improves how email attachments are processed and validated.

Performance Improvements

  • Test Execution Speed: Improved test execution performance by splitting single site and multisite tests into parallel jobs.
  • Slow Tests Optimization: Separated slow tests into dedicated parallel jobs for PHP <= 5.6, improving overall test suite execution time.
  • Build Process Efficiency: Various improvements to the build process and GitHub Actions workflows to make testing more efficient.

Impact Summary

WordPress 4.3.26 is primarily a maintenance release that modernizes the development infrastructure for the 4.3 branch while providing a security enhancement for PHPMailer attachment handling.

The most significant changes are behind-the-scenes improvements to how WordPress core is developed and tested, including the transition from TravisCI to GitHub Actions, support for NodeJS 14.x, and the addition of a Docker-based local development environment. These changes ensure that the WordPress team can continue to provide security updates for older branches more efficiently.

For end users and site administrators, the PHPMailer security improvement is the most relevant change, enhancing the security of email attachment handling. This release demonstrates WordPress's commitment to maintaining security even for older versions of the software.

Overall, this is a low-impact release for most users but an important one for ongoing security maintenance of the WordPress 4.3 branch.

Statistics:

File Changed34
Line Additions15,962
Line Deletions6,776
Line Changes22,738
Total Commits15

User Affected:

  • Benefit from modernized build and test infrastructure
  • Can now use GitHub Actions instead of TravisCI for automated testing
  • Can use NodeJS 14.x for development on the 4.3 branch
  • Have access to Docker-based local development environment

Contributors:

whyisjakedesrosjSergeyBiryukovpeterwilsoncc