{"id":288,"date":"2007-03-07T10:09:46","date_gmt":"2007-03-07T17:09:46","guid":{"rendered":"http:\/\/www.red-sweater.com\/blog\/288\/my-super-ex-wordpress"},"modified":"2007-03-07T10:15:38","modified_gmt":"2007-03-07T17:15:38","slug":"my-super-ex-wordpress","status":"publish","type":"post","link":"https:\/\/redsweater.com\/blog\/288\/my-super-ex-wordpress","title":{"rendered":"My Super Ex-WordPress"},"content":{"rendered":"<p>Anybody running <a href=\"http:\/\/wordpress.org\/\">WordPress<\/a> should be aware of the recent <a href=\"http:\/\/wordpress.org\/development\/2007\/03\/upgrade-212\/\">security breach<\/a> at WordPress HQ, that caused a pretty troubling &#8220;tainting&#8221; of the 2.1.1 release distribution. The funny thing here is, if you updated to 2.1.1 early enough, or if you got the sources directly from the Subversion repository, you&#8217;re &#8220;safe.&#8221; Well, relatively safe. They apparently added some more security fixes to 2.1.2, so it&#8217;s a good idea to upgrade anyway.<\/p>\n<p>\nIf you run WordPress, you&#8217;ve probably discovered that upgrading can be somewhat tedious &#8211; especially if you have custom changes. The problem is you need to apply all the modified files to your blog directory, without destroying anything custom you&#8217;ve popped in there yourself. <strong>Assuming you haven&#8217;t modified any core files<\/strong> the process is a simple matter of updating the core files while leaving your custom files, e.g. themes and plugins, alone.\n<\/p>\n<p>\nFor a long time I did these updates by unzipping the release files directly to the affected directory. It turns out that the unarchiving process was &#8220;non-destructive&#8221; in the sense that it wouldn&#8217;t overwrite an entire directory just to update one file. So that worked pretty well. But then one day lurking in the IRC #wordpress channel, I learned a great tip, which is to use Subversion directly to export the release onto your blog directory.\n<\/p>\n<p>\nI use Subversion myself for all my web files, so it&#8217;s easy to &#8220;play with fire&#8221; and run a command like this:\n<\/p>\n<p><pre style=\"font-size:0.9em;\">\nsvn export --force http:\/\/svn.automattic.com\/wordpress\/tags\/2.1.2\/ .\/\n<\/pre>\n<\/p>\n<p>\nWhat this does is spray all the files from a particular release (in this case 2.1.2) into my blog directory. Since I&#8217;m also running svn, I then have the luxury to &#8220;svn status,&#8221; &#8220;svn diff&#8221; etc, and compare the changes. I then test the upgrade and commit the changes to my personal svn repository when everything looks OK.\n<\/p>\n<p>\nThis technique has essentially cut my &#8220;time to upgrade&#8221; for WordPress down to about 2 minutes &#8211; and I don&#8217;t have to deal with downloads, packages, etc. The only downside I can imagine is that if WordPress removes a file, I&#8217;ll have a stale copy of it. I suppose I should look into an improved technique that would consider this &#8211; but it hasn&#8217;t been a problem yet.\n<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Anybody running WordPress should be aware of the recent security breach at WordPress HQ, that caused a pretty troubling &#8220;tainting&#8221; of the 2.1.1 release distribution. The funny thing here is, if you updated to 2.1.1 early enough, or if you got the sources directly from the Subversion repository, you&#8217;re &#8220;safe.&#8221; Well, relatively safe. They apparently [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-288","post","type-post","status-publish","format-standard","hentry","category-web"],"_links":{"self":[{"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/posts\/288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/comments?post=288"}],"version-history":[{"count":0,"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/posts\/288\/revisions"}],"wp:attachment":[{"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/media?parent=288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/categories?post=288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/redsweater.com\/blog\/wp-json\/wp\/v2\/tags?post=288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}