felix-arntz.me

Category: Plugin Development

  • Deploying Your WordPress Plugin’s “Tested Up To” Version Bump in Isolation

    Deploying Your WordPress Plugin’s “Tested Up To” Version Bump in Isolation

    Keeping the “Tested Up To” version of your WordPress plugin up-to-date on WordPress.org is crucial for ensuring compatibility and giving your users confidence. However, the process of manually updating this information can be a bit tedious, often involving a new release even if no other code changes are necessary.

    While there are existing GitHub Actions that can deploy plugin assets to WordPress.org, such as the excellent 10up/action-wordpress-plugin-asset-update, using them solely for updating the “Tested Up To” version without any customization can be less than ideal. You might inadvertently deploy other changes you’ve made to your readme.txt file or other assets, even if those weren’t intended for immediate release. This could lead to unexpected updates on the plugin directory.

    Imagine you implemented a new plugin feature in your GitHub repository which is not released yet, and you’ve already included documentation about it in the readme.txt. You wouldn’t want that to be deployed by accident when all you want to do is bump the “Tested Up To” version.

    This post highlights a targeted GitHub workflow for exactly this purpose, which allows you to automate the deployment of bumping your WordPress plugin’s “Tested Up To” version in isolation.

    Read more

  • Writing a WordPress plugin to generate image alt text with AI Services

    Writing a WordPress plugin to generate image alt text with AI Services

    In my initial post that announced the AI Services plugin for WordPress I mentioned several times how it simplifies using AI in WordPress by providing AI service abstractions as central infrastructure.

    In this post, let’s take a more hands-on look how you as a developer can use the AI Services plugin: We will write a WordPress plugin that generates alternative text for images in the block editor – a crucial aspect of good accessibility, which AI can be quite helpful with. Since the feature will be built on top of the AI Services plugin, it will work with Anthropic, Google, OpenAI – or any other AI service that you may want to use. And the entire plugin will consist of less than 200 lines of code – most of which will in fact be for the plugin’s UI.

    Read more

  • Introducing the AI Services plugin for WordPress

    Introducing the AI Services plugin for WordPress

    It’s safe to say the topic of generative AI doesn’t need an introduction in today’s age. It has been emerging throughout the tech world. However its adoption in the WordPress ecosystem has been slower than in other ecosystems. This is for various, mostly technical reasons that make implementing generative AI features in WordPress harder than elsewhere.

    That’s what I’m trying to address with AI Services, a new free open-source plugin that is now available for early access on GitHub, and as an early version 0.1.0 in the WordPress plugin directory.

    AI Services is an infrastructure plugin which makes AI centrally available in WordPress, whether via PHP, REST API, JavaScript, or WP-CLI – for any provider. Other plugins can make use of the APIs from the AI Services plugin to easily add AI capabilities to their own plugins, for whichever third party service they prefer: Whether it’s Anthropic, Google, or OpenAI, whether you’d like to use another service, or whether you’d like to leave the choice up to the end users of your plugin – AI Services makes it possible by providing access to the various APIs in a uniform way. It acts as a central hub for integrating AI services, allowing plugin developers to focus on functionality instead of managing individual service integrations. As an end user of WordPress, that means you have more control on how you would like to use the AI capabilities provided by the plugins.

    Read more

  • Autoloading WordPress options efficiently and responsibly

    Autoloading WordPress options efficiently and responsibly

    If you’re a WordPress plugin developer, you may have come across the concept of autoloading options. Or you may not, since knowing about autoloading options is, technically speaking, entirely optional when implementing a WordPress plugin that uses options. However, being unaware of the concept of autoloading options can lead to massive performance problems for large WordPress sites. It can notably slow down the server response of sites using your plugin. And by doing that, it hurts their “Time to First Byte” (TTFB), which directly contributes to the Core Web Vitals metric “Largest Contentful Paint” (LCP).

    This post is about explaining what autoloading options in WordPress is, how it works, and how plugins should go about it. We’ll go over the basics as well as explore how to use more recently introduced WordPress Core enhancements, including some code examples. This will hopefully help you get to a comprehensive understanding of how to apply autoloading in your WordPress plugins in a way that’s both efficient (for your own plugin’s usage) and responsible (for the overall sites using your plugin, in a gazillion of combinations with other plugins).

    Read more

  • An issue with block editor e2e test cross-version compatibility

    An issue with block editor e2e test cross-version compatibility

    While I was making minor updates to my Attachment Taxonomies plugin (GitHub repository) the other day, I noticed that the e2e tests were failing when run against WordPress version 6.1. Since the plugin’s minimum requirement is that version, I still run tests against it, to make sure it keeps working as expected.

    After some investigation, I noticed the issue was happening due to the way the block editor used to work prior to WordPress 6.3, when it started to be iframed by default. So the failure most likely wasn’t happening due to an actual bug in the plugin, but due to an issue with the e2e tests.

    Read more

  • Storing Confidential Data in WordPress

    Storing Confidential Data in WordPress

    When using a content management system like WordPress, it is obvious that the content site owners and collaborators create and manage needs to be persistently stored somewhere. In WordPress, this storage space is typically a MySQL database. For most WordPress sites, every single request to the site results in several queries to the database so that the content stored can be displayed.

    When extending the capabilities of WordPress through plugins, such plugins usually leverage that same database to store their own data. As a plugin developer you are probably already familiar with the many APIs that WordPress provides to integrate with database storage; for example the Options API to store and retrieve options, or the Meta API to store and retrieve metadata. However, do you ask yourself what the consequences of storing data in a WordPress database are?

    Not all data is equal. Certain types of data that plugins (or WordPress core itself) need to store are more sensitive than others. Think about personal data from all the customers of your WooCommerce shop, the figures of revenue you are making from affiliate links, or API credentials to access personal information from your Google account. For any data you deal with in WordPress, you should ask yourself:

    1. How sensitive or potentially confidential is the information I would like to store?
    2. What can I do to store the information safely?

    In this post, we will look more closely at how we can deal with more sensitive information in WordPress from a security perspective.

    Read more