Published on January 30th, 2020 by John James Jacoby
bbPress 2.6.4 is a security release, and fixes 8 total issues reported by our amazing, patient, and vigilant community members:
- Fixes an obscure security issue with BuddyPress Group Forums, allowing Group Members to save Topics to invalid Forum IDs
- Fixes performance degradation for 2.5 database schemas
- Fixes a few typos
- Fixes some debug notices
- Fixes user email changes using the wrong API
- Improves compatibility with PHP 7.2 and higher
Special thanks to Yuvraj Dighe for his responsible disclosure of the BuddyPress Group Forums bug over at HackerOne. Thank you for helping improve bbPress. 👍
Work continues on improving bbPress 2.6 while also doing a bit more clean-up for 2.7. 🧹
Expect for the next minor release (bbPress 2.6.5) to be released sometime before March 1. 🐝
Published on December 10th, 2019 by John James Jacoby
bbPress 2.6.3 fixes 9 issues reported by community members:
- Fixes a few typos and grammatical errors
- Bumps required WordPress versions to 5.3.0 (bbPress always only officially supports the latest WordPress version)
- Fixes the Forums widget displaying in the wrong order
- Fixes a JavaScript error with hierarchical replies
We’re continuing to work on improving bbPress 2.6 while also deciding what exactly will make it into 2.7.
Expect for the next minor release (bbPress 2.6.4) to be released sometime before Christmas 2019. 🐝
Published on November 22nd, 2019 by John James Jacoby
bbPress 2.6.2 fixes 5 more small bugs that were reported by community members in our support forums:
- Hierarchical replies in threaded discussion topics were broken for sites that were enabling the visual editor, so we unbroke it.
- Sites with custom
bbpress.css
files were not having their custom styling applied in some cases. We fixed at least one case that we could find. Let us know if this is still not working correctly for you. - BuddyPress Notifications stopped working completely, but that wasn’t on purpose so we made them work completely again.
- The “Edit” part of a URL pattern was not customizable inside of Forum Settings. Now it is!
- One of the repair tools had a typo in it, so we untypo’ed it.
Thanks to everyone in the forums for being persistent and helping us identify all these annoyances.
We’re going to continue minor releases as bugs get reported and fixed. The team is committed to making sure your forums are running as smoothly as can be, so don’t be surprised if you see 2.6.3 soon too! 🐝
Published on November 14th, 2019 by John James Jacoby
It seems like only yesterday that 2.6.0 was released, and depending on where you live that might actually be true! 🗓
bbPress 2.6.1 fixes a few small (but very annoying bugs) that warranted some immediate attention:
- One was causing subforums not to be listed underneath their parents anymore.
- Another was causing styling issues for a few of the themes that come bundled with WordPress itself.
- The last one was causing issues with posting content within WordPress Admin, because of incompatibility with a few plugins that were interacting with the REST API in admin area pages in fun ways that we hadn’t anticipated yet.
Thanks to the quick reporting of stevehammatt and pdvwp, we were able to identify all of these problems and get them into bbPress 2.6.1 right away. You both rock! 👏
One bug still remains that we could use your help with, that is affecting sites that have a custom bbpress.css
file in their theme. If you need to fix this ASAP, you can rename it to bbpress.min.css
temporarily. If you’re able to chime into this topic in the forums, that would be super helpful!
If you have a few moments, the great Justin Tadlock from WPTavern asked me a few questions about bbPress 2.6, so consider giving it a read.
Lastly, thank you everyone for the positive comments and responses to seeing bbPress 2.6 finally happen. It made my day, and I really appreciate it. 💚
Published on November 12th, 2019 by John James Jacoby
There’s no way for me to contain either my excitement or anxiety when I say that bbPress 2.6.0 is available now! 🎉
This version of bbPress has been in development for just a bit under 6 years (yikes!) over which 420 tickets were resolved via 1737 individual code commits.
There are so many improvements that a changelog hardly seems fitting for this post, but the major features include per-forum moderation, a bunch of new platforms to import from, and an extensible engagements API that now powers the relationships between users, forums, topics, replies, subscriptions, and favorites.
At the time of this writing, bbPress is installed on approximately 336,000 WordPress installations, and is the most widely installed forum software in the world (according to BuiltWith.com and other sources.) Several of those are right here on bbPress.org, BuddyPress.org, and WordPress.org, the later of which includes a few dozen separate languages for non-English speaking communities of contributors all over the world.
The elephant in the room… the reason that 2.6.0 took so long, is pretty simple. bbPress has a small contributor pool, and none of us are 100% dedicated towards it. The project gets very little community feedback, which makes it hard to know if everything is working perfectly, or nobody is testing it at all.
So… 4 less-than part-time folks supporting over 300k sites, each with their own thousands of users, depending on us.
The pressure is high, and the chamber is echo’y, and as my own career has progressed these past 13 years, the numbers above make me increasingly nervous.
And the longer something takes to do is the higher the expectations are, and I personally locked up pretty hard multiple times on whether done was done enough to be trusted by so many having been tested by so few.
But… good things come to those who wait, and I’m sincerely sorry to have kept any of you waiting for too long.
bbPress 2.6.0 has been running smoothly on these forums since day 0. It’s stable, pretty, and a joy to use. We know you are gonna love it!
🐝💚
Published on September 12th, 2017 by Stephen Edgar
Today we are releasing bbPress 2.5.14, which fixes a few small bugs we’ve noticed since 2.5.13 was released, in particular we’ve fixed some incompatibilities when using PHP 7.1, an unexpected debug notice with the Topics & Replies widgets, and improved validation and sanitization of database properties with the forum converter.
Also, remember that since bbPress 2.5.12, the minimum WordPress version allowed is 4.7. If you need to use a previous version of WordPress, you will want to continue to use 2.5.11.
bbPress 2.6 is still in the release candidate phase while we tie up some loose ends across WordPress.org, but I’ll let you know when it’s ready to go!
Published on July 18th, 2017 by John James Jacoby
Today we are releasing bbPress 2.5.13, which fixes a few small bugs we’ve noticed since 2.5.12 was released, and also adds some sanitization to anonymous user data that went missing from previous versions.
If your site allows anonymous users (users without registered accounts) to create topics & replies in your forums, you’ll want to upgrade to 2.5.13 right away. This feature is not very widely used on public forums because spammers very aggressively target these kinds of sites, but for communities that rely on this feature, please know you can safely upgrade to 2.5.13 without any issues.
Also, remember that since bbPress 2.5.12, the minimum WordPress version allowed is 4.7. If you need to use a previous version of WordPress, you will want to continue to use 2.5.11.
bbPress 2.6 is still in the release candidate phase while we tie up some loose ends across WordPress.org, but I’ll let you know when it’s ready to go!
Published on December 9th, 2016 by John James Jacoby
Oh, bother! Out now is bbPress 2.5.12, which fixes a bug for WordPress 4.7 users who did the right thing and updated to bbPress 2.5.11. Some of you may have noticed your bbPress menu items disappear – this release fixes that stinger. 🐝
2.5.12 officially bumps the minimum WordPress version requirement to 4.7 for all releases going forward. If you are stuck on a previous version of WordPress, please continue to use 2.5.11.
This cut-off is in place because the improvements to user-roles in WordPress 4.7 are really that important, and all future bug-fix releases to 2.5 and major releases going forward will be taking advantage of them.
If you’ve updated to 4.7 and are one of the unlucky few to get stung by the missing-menu bug, please accept my sincere apologies along with an update to 2.5.12 to relieve the itching.
Published on November 9th, 2016 by John James Jacoby
bbPress 2.5.11 is out, and is a maintenance release for all previous 2.x versions. 2.5.11 includes support for the soon to be released WordPress 4.7. If you’re planning on updating to WordPress 4.7 right away, you’ll want to update to bbPress 2.5.11 immediately.
If you’re using any version of bbPress 2.x and have not yet updated, please take a moment to update your bbPress installations to 2.5.11. If you’re using WordPress’s built-in updater, it should only take a click or two. If you need help, please reach out in our support forums and someone will be happy to assist you.
These fixes have also been ported over to 2.6, which we continue to run here at bbPress.org and BuddyPress.org.
Speaking of bbPress 2.6, per-forum moderators, favorites, and subscriptions are fully refactored and working pretty great. Our findings have also helped push performance improvements upstream to WordPress core, and are already employed across the forums on WordPress.org.
Published on July 13th, 2016 by John James Jacoby
bbPress 2.5.10 is out, and is a security release for all previous 2.x versions. 2.5.10 includes additional escaping on user display names in places where names & avatars are commonly displayed together.
These changes are internal to bbPress and do not affect any third-party themes or modifications to bbPress template parts. If you are using a third-party theme or template parts, you will inherit these fixes automatically.
If you’re using any version of bbPress 2.x and have not yet updated, please take a moment to update your bbPress installations to 2.5.10. If you’re using WordPress’s built-in updater, it should only take a click or two. If you need help, please reach out in our support forums and someone will be happy to assist you.
These fixes have also been ported over to 2.6, which we continue to run here at bbPress.org and BuddyPress.org.
Thank you to HackerOne user psych0tr1a for identifying (and responsibly disclosing) these findings to the WordPress security team, who worked to get 2.5.10 out within a few hours from when the original report came in.
Speaking of bbPress 2.6, we’re working on refactoring per-forum moderators now, and we’ll have a beta ready for everyone to try shortly!