• John Walker posted an update in the group Group logo of UpdatesUpdates 4 months, 3 weeks ago

    2019 May 22

    The Dim Patrol at WordPress have extruded another quick-draw
    update, version 5.2.1:
    to (purportedly) fix 33 bugs introduced in the 5.2 release just
    two weeks ago, including fixes to the "Site Health" feature
    added in 5.2 to correct two flaws which could bring down a
    perfectly correctly running site.  They also changed
    wp-includes/js/jquery/jquery.js without documenting the change
    in the log and supplying only an obfuscated "minified" version
    of the file; heaven knows what they changed (probably they
    I integrated our local code into the new version, which went
    very smoothly as with only one exception our code was in files
    which were unmodified by the update, and that exception was a
    change in a separate part of a large file which did not
    conflict.  After reviewing the code, I decided this update did
    not merit bringing up the test server and losing a day and a
    half of my life re-testing everything (especially since they've
    threatened to unleash these updates *every two weeks*), but,
    after making an "unkit" in case I needed to reverse the
    application of the update, simply unpacked the update kit onto
    the production server.  The first time I tried unpacking it, tar
    died with a permissions problem, but when I unpacked as
    super-user it unpacked correctly.  (I suspect this might have
    been due to the faffing around I did with
    wp-content/themes/twentynineteen/package-lock.json trying to
    resolve the tar vulnerability warning from GitHub on
    2019-05-10.  This piece of junk, which we don't use, remains in
    .gitignore, so I'm hoping it will not cause any more trouble.)
    After applying the update, the administration dashboard reports
    everything up to date and there were no immediate problems in
    the error_log.  As always, I'll give it some time to mellow
    before committing the changes.  This update included a new
    version (4.9.4) to TinyMCE, which, of course, includes lots of
    JavaScript files, so users may not see the changes until their
    browser cache is flushed.
    More than eight hours after the WordPress 5.2.1 update was
    applied there have been no errors or problems reported by users,
    so I went ahead and committed the changes (Build 312) and
    published them on GitHub.