Lessons for custom WordPress plugins and themes

I was reminded of this WordPress issue that has bitten me twice now, so it’s definitely time to document it.

Short version: If you write a custom WordPress theme or plugin only for your site, you probably want to include Update URI: false in the header comment. This stops WordPress from checking for updates against the official directories and potentially overwriting your code. Read more in the official blog post.

Longer version: When WordPress checks for updates to plugins and themes, it is basically checking the name and the version number against the official directories. If there is a newer version, then it prompts you to install the update. This generally works fine until you consider more generically-named things. For example, years ago for a work client, we set up a member directory plugin that we very aptly named... “member directory.” Later, the client saw there was a new version available so clicked “update” and suddenly the directory stopped working.

Yep, the WordPress update system didn’t really have a way to differentiate generically-named plugins. The update process replaced our custom plugin with the one in the official plugin list. We have backups so it was an easy fix, but it was baffling to find out that could even happen. I tracked down a WordPress issue discussing it and chimed in with my +1.

Thankfully there was an update in version 5.8, but it still requires developers to opt-out by adding a line to the header comment. We were bitten by this again today with a third-party plugin called “custom post types.” No, not that one.

Lessons for custom plugins and themes:

• Use Update URI: false in the header comment to disable update checks
• Optional, but a good practice: use more specific names. Prefixing the name with the client/organization goes a long way to making unique names.

Today’s fun Unicode character: Multiocular O, aka biblically accurate angel: ꙮ

h/t benji

Sorry, #2 is wrong. The Omidyar Network runs the Reporters in Residency program that Lorenz is in. Both that org and Lorenz have disclosed that (it was announced in a blog post) and the Omidyar Network is not dark money. Omidyar the person did donate to the Sixteen Thirty Fund years ago. These are not comparable; Lorenz has not been shown to be taking dark money.

I was hanging out on a co-working Zoom with some friends today and there was some joking about whether a younger person had seen something before. It was very lighthearted and in good fun (no one was offended), but it reminded me of my desire to approach things like that with curiosity and foster an environment of delight. I think it’s becoming an important personal value for me as I get older.

It also reminded me of something Ego Nwodim said on the So True podcast:

“I aspire to be an older person whose mind can be changed ... that seems super rudimentary, but how often do we go like, ‘oh, that person's older.’? I would feel like part of a life well lived for me would mean that at 70, someone could change my mind by presenting information I had not previously considered.”

I made a small update on my homepage. The photos section (screenshot below) previously was not showing some of the meta information like the syndication links. I added those along with the rest of the h-entry markup so that Bridgy will find the syndication links and send back responses from Bluesky.

I gave Bridgy a nudge to scrape my homepage again and it quickly started sending the responses back to the original post. This IndieWeb stuff really seems like magic, sometimes!

Hi hi, it’s been a minute since I shared my face. I made it to the beach to enjoy a nice sunset last night.

I am so sorry about your dad’s and your own infections. I hope you both recover well and there is not long-lasting damage.

It’s important that everyone who is medically capable wears well-fitting masks in public settings. It is one of the simplest and most effective ways to reduce transmission. Each broken chain of transmission is lives saved. Remember that damage from these infections is cumulative. Each time, you’re more likely to have long-term post-viral illness, even if your initial symptoms were “mild.”

Institutions are failing us, but we can still protect each other. 😷💛

This was a great read and I really appreciate the now-therapist reflections! I found you from the alumni Facebook group and look forward to reading the rest in this series. I went on a couple trips in the ’90s and interned in ’97. The documentary was pretty good and I’m planning to write some on my blog too. I realized I mostly haven’t written about it publicly, from my current perspective, just shared in the Facebook groups.

Purity Ring is requesting that fans wear high-quality masks at their shows and they’re providing them if you need one. Grabbed a ticket so fast!

“we kindly request that fans please wear high filtration masks at our shows. n95 or kn95, and we'll have them at the door if anyone needs. thank you!!!”

https://www.instagram.com/p/DL7zqJnRu-m/

Spent most of the day cleaning up a hacked website. Computers might have been a mistake. WordPress definitely was.

I’m trying out AutoHotKey after seeing Joel’s post with his example script. Looks promising and more flexible.

Please help support a trans community member in San Diego receiving gender affirming surgery: https://gofund.me/1892ec18

Any amount helps and boosting appreciated. 💛

I’m a big fan of Blue Star Donuts

Listened to “Air-Borne” with Carl Zimmer on 99% Invisible. It was a great introduction to our growing understanding of airborne viruses and the importance of cleaning the air, much like we clean the water.

Very relatable. Thank you for sharing and I wish the same for you tomorrow. 💛

Watched a great Defcon talk by Micah Lee: “We are currently clean on OPSEC”: The Signalgate Saga

I knew it was bad but hadn’t followed it much after the initial news cycle. It was even worse than I thought.

★ How I, a non-developer, read the tutorial you, a developer, wrote for me, a beginner

This cracked me up: comicss.art/comics/190/ 🤣

h/t Joe Crawford

I updated my site to use the Libravatar CDN for avatars. If one isn't found, it will still fallback to Gravatar, so it should be seamless for commenters. I also updated the default icon to identicons, so people without avatars will get a nifty geometric image instead of the anonymous silhouette.

My privacy policy is updated with this information too.

Want to read: The Heartbeat of Wounded Knee by David Treuer (ISBN 9780399573194)