TL;DR
WP Ultimo has released version 2.1.1, which mostly focuses on fixing bugs such as small lingering issues and some other larger improvements. Additionally, various topics have been addressed such as the Add-ons page issue that was resolved by tweaking the caching configurations; invalid licenses and community access where lifetime licenses were marked as “Invalid” or “Expired,” and new tools will be available for selected members in the community via a closed-alpha space; and Amphp and Malware detections where a file inside the wp-ultimo
dependencies folder was being flagged as possible malware but is simply a false alarm, so it will get removed from core eventually.
Hello everyone! How are you doing today?
We’re pleased to announce the release of version 2.1.1! Similar to version 2.1.0, this release is primarily focused on resolving various bugs – both small and large issues that have persisted for some time. The complete changelog can be found at the bottom of this post. Additionally, I would like to address some other topics that have come up in the past week.
The Add-ons page
We had an issue that persisted for a few days where add-ons were not being properly loaded into the Add-ons page. It took some time to figure out why this issue was presenting inconsistently for customers in different locations, but we were finally able to pin it down on our old friend: cache.
We tweaked the caching configurations we have for those particular endpoints and the issue was resolved at the beginning of last week. To add another layer of protection (making sure we’re notified whenever something like this goes on again) and allow customers to verify if the issue they’re having is restricted to their network or if it’s something global, we’ve added the add-on API endpoint to our status page as well.
Now, if something goes wrong with that endpoint, the monitor will notify our team immediately, and the disruption of service will be displayed on the status page.
The status page is also the channel we use to communicate incidents and update the community on the progress being made in trying to fix whatever is going on with one or more of our services.
Invalid Licenses and Community Access
We got reports that Lifetime Licenses were being marked as “Invalid” or “Expired” inside the account panel. No need to worry about that, as it was simply a bug in the display logic of the license status.
We’re working on deploying the new version of the Account panel and making it available for the entire customer base by the end of this week (as of now, we have only rolled it out for a small portion of customers).
The new panel is built entirely on top of WP Ultimo, and we’re using some of the incredible new features we’ve been working on for the past 1.5 years to build it.
We’ll create a closed-alpha space in the community soon to make these tools available for a selected number of community members, chosen based on different factors.
To help us pick the members we fill can best contribute to that development process, we’re making a community survey soon, targeted at understanding our customer base a little better, how they are using WP Ultimo, which integrations are most crucial, etc.
I’ll make a separate post about the survey soon (and link it here when it is out), so keep an eye on the blog and signup for the newsletter to be notified when the post goes out.
Amphp and Malware detections
Another thing that started to pop up this week was reports of a particular malware detector flagging a file inside the wp-ultimo
dependencies folder as possible malware.
I understand the anxiety that can cause, but rest assured that is simply a false alarm.
The file being flagged is part of the Amphp library (Asynchronous Multitasking PHP | AMPHP). This library allows for PHP code to be run asynchronously, which offers huge benefits whenever you need to run a lot of tasks in parallel.
We use it in one place only and the library is only loaded on that particular place: the V1 → V2 migrator.
Our next releases will introduce a new queue system that allows us to achieve the same results without the need to rely on Amphp, so it will eventually get removed from core.
Even though this is a false alarm – as that file does nothing malicious – if you already run the migrator or started directly on V2, you can delete the folder dependencies/amphp
. No side effects or errors will be caused by that deletion unless you try to run the migrator again. Doing that is not recommended though, but I understand that it might make people feel a bit better.
That would be all for now! As always, let me know if you have any questions =)
Have a lovely week ahead!
Changelog
## [2.1.1] - 2023-05-01
- Added the filter "wu_checkout_add_field_{field_type}" to allow developers to change form fields in the checkout form
- Added an option called "checkout_page" to set a page ID to redirect to `wu_templates_list` shortcode
- Compatibility with PerfMatters plugin on registration pages
### Changed
- Improved the limitation merge methods on plugins and themes permission rules
- Checks permissions before the deletion of sites, payments, and memberships, during customer deletion
- Checks permissions before the re-assignment of sites, payments, and memberships, during customer deletion
- Filter WP Ultimo admin bar menu items by capabilities
- Filter financial data widgets on the dashboard by capabilities
- Filter side panel buttons on the settings admin page by capabilities
- Disabled the save settings button for unauthorized users
- Check if the Billing Country field exists before setting the v-model
### Fixed
- Allow free addons with free plans on membership update
- Fixed rollback fatal error
- Fix error where non-customer-owned sites were being affected by permissions
- Fix a fatal error triggered by generating a membership URL for non-customer-owned sites
- Allow accentuated and other special chars when saving a checkout session
- Fixed data replacement on serialized objects during site duplication
- Filter WP Ultimo checkout forms menu by `wu_read_memberships` capability
- Fix permissions required to invite customers in `add_new_customer admin` form
- Fix permissions required to transfer sites in the admin page
- Fix permissions required for redirecting to the edit broadcast admin page after creating a new broadcast
- Fix the login block redirecting to the default WordPress login page after an error
- Fix capability checks when redirecting to the site edit admin page after site creation
- Add setup fees to the first stripe invoice in case of trials to include it in the first payment
- Fix Cloudways SSL domain syncing methods
- Redirect to the checkout page after selecting a site template on a `wu_templates_list` shortcode
- Build process changed to guarantee backwards compatibility with php 7.4
- Fixed duplicate emails and other small inconsistencies after checkout when Stripe is used
- Get the original cart order from the payment before processing checkout instead of creating a new one from the request data
- Allow downgrade from free memberships to plans with a duration smaller than 1 month