Meet Sulfur — a Media Manager App Built in JavaScript

Originally posted on Developer Resources:

Since Automattic is a distributed company and a lot of us work from home, we hold meetups to get face-to-face interaction. The whole company meets up once a year and individual teams get together more often. One component of those meetups is a “meetup project” that we all work on together.

The team I lead — “Team I/O*” — just finished a lovely week in Reykjavik, Iceland. Our team is responsible for partnerships and our APIs.

We spent the first day releasing better JavaScript support for our APIs. After that we decided to make an example app, mainly focusing on the new CORS support and implicit OAuth system.

We decided to build a media manager purely in the browser. We picked a codename and Sulfur was born.

Update: Check out the live demo!

Screen Shot 2014-05-20 at 5.18.13 PM

Sulfur is an app built using Backbone, Underscore.js, Plupload, jQuery, MomentJS

View original 123 more words

Big Media & Enterprise WordPress Meetup: Metro UK’s Powerful Content Algorithm

A huge thank you to everyone who attended our first WordPress Big Media & Enterprise WordPress Meetup in London last Wednesday! We had a solid group who came out to the event to hear the presentations, and afterwards we all went nearby to continue the networking.

We had a great lineup of speakers from the London and UK community who are using WordPress for their big media and enterprise sites in different ways:

• Dave Jensen, Metro.co.uk, Head of Development, “Metro’s Content Algorithm

 Lee Aylett, IPC Media, Head of Web Technology, “Breaking the Project Management Triangle”

• Ed Coke-Steel, Rufflr, “RUFFLR – not just another WordPress site

• Simon Dickson, Code for the People, Director, “Seeing your content as WordPress sees it.

We were able to film all of the talks and we’ll be posting the videos of those talks right here on VIP News.

For the first installment, Dave Jensen (@elgrom) from Metro UK (hosted right here on WordPress.com VIP) explains how Metro continually experiments with their content algorithm to promote and feature the most interesting content for their readers and increase engagement on their site and mobile apps.

Dave recently shared some insight on how Metro UK has grown 350% through some growth hack experiments, so he provides another great inside look on what Metro has been doing internally to tweak their site content.

Below is his slide deck and the video from his presentation — thanks, Dave!

https://speakerdeck.com/elgrom/metros-newsfeed-algorithm

To see the presentations from previous Big Media & Enterprise WordPress Meetups, click hereFor Big Media & Enterprise WordPress Meetup groups in other cities, see the full list on VIP Events and join your local group. 

A New VIP Training course: Security, Performance, & Debugging

WordPress.com VIP Training Days - Security, Performance, & DebuggingAfter the success of our two initial training courses, we’re launching a second developer course in June in San Francisco!

The new course, WordPress Fundamentals: Security, Performance, & Debugging draws from issues and examples we’ve seen here with our WordPress.com VIP clients. We’ve worked with numerous VIP clients to make their sites more secure, faster, and able to scale WordPress for high traffic, and we’ll now work with you to help make the sites you build safe and scalable.

Below is a complete description of the course. You can sign up for the new training course in June in San Francisco now!

WordPress Fundamentals: Security, Performance, & Debugging is a day-long, intensive course meant to improve WordPress developers’ in advanced concepts like security and performance. Attendees should be familiar with developing WordPress plugins and themes or should have attended our Developer Fundamentals I course.

We’ll cover the basics of writing fast and secure code. Attendees will see and try popular profiling tools and we will show common performance problems, both on the front- and the back-end. Instead of just listing vulnerabilities, attendees will learn how to think like an attacker and exploit the vulnerabilities before fixing them.

Prerequisites

  • Proficiency with PHP development.
  • Awareness of WordPress as a platform, including common terminology such as a post, a page, widgets, and sidebars.
  • Proficiency with basic WordPress plugin and theme development – actions, filters, loading assets, main core APIs.
  • The latest version of VirtualBox: https://www.virtualbox.org/

Curriculum Overview

  • Performance: common reasons for slow back-end code
  • Performance: profiling back-end code with WordPress tools
  • Performance: profiling back-end code with lower level tools
  • Performance: profiling tools for front-end code and asset loading
  • Security: common types of vulnerabilities
  • Security: exploiting and fixing XSS problems
  • Security: exploiting and fixing SQL injection problems
  • Security: exploiting and fixing CSRF vulnerabilities
  • Security: exploiting and fixing remote file inclusion attacks

Sign up for the Security, Performance, & Debugging course in June in San Francisco, or take a look at our other upcoming events and training!

Remaining Spaces for the VIP Workshop in March – Register Now!

200_6563_CH-669

The WordPress.com VIP Intensive Developer Workshop is March 31 – April 3, 2014. The event will dive deep into topics which concern enterprise-level sites the most like security & performance, and provides many opportunities to talk strategy and learn from other VIPs in beautiful Napa Valley, California.

We’ve had an incredibly good response from participants in the past two editions (100% and 95% respectively said they would recommend the VIP Workshop to a colleague) and we can’t wait to welcome this year’s group.

Participation costs $3,600 per person, and covers 3-nights’ lodging, meals, and airport transfer. So pretty much all you need to do is book a flight! What are you waiting for?
This event will sell out, but as of today spaces are still available for current VIP clients and partners. Here’s more information, or register directly.

WordPress Agencies: Facing Challenges for the Next 10 Years

Last week I gave a presentation at WordCamp Paris, focused on what WordPress agencies need to do to be enterprise-ready which I think is the biggest challenge the WordPress community is facing in the next ten years.

At WordPress.com VIP, we’re at the forefront of evaluating, analyzing, and enabling enterprise and large-organization WordPress projects with WordPress developers and agencies all over the world.  As the software matures and becomes more well-known, the demand for bigger and more innovative projects is increasing, too, and the many WordPress consultancies around the world need to be ready to answer that call.

Below are the slides from my presentation and then some additional insights and advice from WordPress.com VIP Featured Service Partners to WordPress agencies and consultancies all over the world.

Q: When did you know it was time to grow your team & how did you do it? What has contributed the most to your growth?

Austin Smith from Alley Interactive: Our project management team keeps a close eye on resource allocation and lets us know when it’s time to hire. We don’t allow ourselves to grow rapidly in response to any one big site build project—the baseline revenue has to grow in order for us to take on a new FTE. This also means that we can’t say yes to every large project. We’re lucky to have watched a similar agency expansion in the Drupal world from the sidelines, and we’ve witnessed that the agencies that grew rapidly in response to a few big contracts had a very hard time surviving after those projects were delivered and the big checks stopped coming. Don’t accept a project that you can’t deliver with the team you have at the moment you sign the agreement.

Tom Willmot from Human MadeWe’ve grown organically as the amount of work coming in has grown, we’ve generally been pretty cautious when adding to the team which I think has served us well. In the beginning that growth is slow as adding a single new person could be the equivalence of growing the team size by 33% but as you grow it becomes easier to grow more quickly.

Simon Dickson from Code for the People: I think of the early days of WordPress as a ‘serious’ platform – by which I’m talking 2006-8 – as its ‘punk rock’ years. I had seen corporate web development become slow, costly and too clever by half: think Pink Floyd, Frank Zappa, Emerson Lake and Palmer. For me and many others, involvement in WordPress was a reaction against all that, powered by enthusiasm rather than education. We could produce great work in small teams with minimal knowledge and minimal overheads. And although we could see amazing potential in WordPress, we tended to keep our ambitions in check – no concept albums or twenty-minute solos.

But as WordPress developed, and as we kept proving ourselves on the small stuff, clients began bringing bigger and bigger projects to us. Instead of modest microsites, we were being asked to develop the main website, or a corporate publishing platform. And with greater budgets come greater responsibility. We needed to expand the team, to provide cover for the skills we already had, and to add extra skills we didn’t already have.

The bar to becoming a great web developer is higher now than it ever has been. It’s unrealistic for someone to be an end-to-end expert in everything from responsive visuals to server efficiency, not to mention sales and business management. There’s still a huge market for ‘jacks of all trades’ – building smaller sites or working with smaller clients. But to build the kind of sites we wanted, for the kind of clients we wanted, we needed to put together a team of specialists.

Q: How has your coding workflow & style changed as you’ve grown? What prompted the changes?

Tom: We’ve evolved our workflow a lot, from what was a mish-mash of personal coding styles / workflows to what we have now which is pretty clearly defined. This was important to us for a number of reasons:

  1. We enforce internal code review, all code is reviewed by a coding buddy and vice-versa. This increases overall code quality, reduces bugs, promotes consistency and is a great way to learn from each other. We rotate those buddy pairs quarterly and purposefully pair across skill levels.
  2. Having a clearly defined workflow helps us work more effectively with freelancers and clients as they can easily get up to speed on how we like to work.
  3. Our local development environment is based on Vagrant which is huge in terms of ensuring everyone is working from a consistent base.

Simon: Over the past year, as we’ve added extra employees and expanded our freelancer pool, git has become absolutely pivotal to our work process.

We are a distributed team, scattered across the UK; yet we can all collaborate safely and effectively. Features can be developed in parallel, and merged together when ready – all the more important as we each specialise in different facets of site development. And with a visual tool such as SourceTree, we always have an overview of who’s working on what, and which version of the code is on which server. I can’t imagine how we ever coped without it.

Austin: The most significant change we made was to implement code review for everything we deliver. Every line of code we ship has at least one extra set of eyes on it. It’s not supervisory, it’s peer review, which fosters collaboration. This had a very positive side effect in terms of natural exchange of ideas, and has also ensured that our Github repositories now all use feature branches, which is definitely a best practice.

We formalized this practice when we grew our management team beyond the co-founders—it’s a way for us to ensure high quality code delivery whether the founders are involved in a project or not.

Q: What was the biggest challenge your team faced in serving larger clients? 

Simon: In our experience, even with the largest clients, the day-to-day responsibility for a project usually rests with one individual. And whenever possible, we like that individual to feel like part of our extended team. We often give them a login to our company-only chatroom and our code repository, so they can see the commit messages and join the ongoing dialogue. Transparency builds trust, with benefits for both sides.

Our biggest challenge has been learning to be patient. I spent most of my career working for large organisations, from national governments to tech multinationals, so I know all about dealing with slow decision-making processes, and challenging long-established policy or practice. In those first few months working for myself, I couldn’t quite believe how productive I could be. It’s all too easy to forget that others are still suffering.If you want to deal with large clients, you just have to accept the slowness. ‘No brainer’ decisions can take months, and there’s almost nothing you can do about it – apart from being ready to respond, as best you can, when the answer finally arrives.

Austin: We started our firm to work on big projects with big clients, so the size of work has only gotten incrementally bigger. We’ve always enforced internal consistency per project, but allow for overall standards to improve from project to project.

Tom: Assuming clients want the cheapest not the best – when you come from the mindset of serving small-business you tend to be hyper focused on delivering solutions as cheaply as possible. Often when estimating a project, say to add a simple e-commerce section you’ll think “we could knock something simple together in 2 days, but to really build something great we’ll need 2 weeks”. We want to seek out clients that want us to go for the latter option.

Q: What’s one thing you wish you had done from the very beginning?

Tom: I wish we had participated more in the WordPress community, in the early days I was more of a lurker than an interacter and definitely lost out because of it, more WordPress agencies need to wake up to the power of being part of the WP community.

Austin: I’d say code review, but it I’m not sure it would’ve been a reasonable thing to ask of our smaller team a couple years ago.

Simon: Simon & I had both been through the ‘starting a company’ thing previously; and we had been working as an unofficial partnership for a couple of years. So we knew the pitfalls which lay in wait during that first year.My advice to others would be to look for opportunities to use third-party services wherever possible. Time is the one thing you can’t stockpile: so it’s almost always worth spending a few pounds/euros/dollars on a good hosted service which will ‘just work’, even if there’s a free self-hosted equivalent.

Thanks to our WordPress.com VIP Featured Service Partners for their insights! We’ll be adding more to this as the answers come in. 

“VIP Scanner” Plugin Updated with Exports and a Brand New Design

WordPress.com VIP themes and plugins represent over 5 million lines of code, with thousands more committed every day. Since we manually review all of this code, we try to make it as easy as possible for developers to double-check their code against the standards that we look for, streamlining the process for everyone.

Version 0.4 of the VIP Scanner is another step in that direction. We’ve refreshed the interface to make it easier to use: instead of choosing the theme and the type of review you want to run, we’ll automatically show you the results for the current theme. Issues are broken down by severity, with the most pressing issues at the top. And we’ve moved Notes (these are issues that you should be aware of, but are not strictly necessary to fix) to another tab to help reduce clutter.

We’ve also added the ability to export your VIP Scanner results, so you can submit them alongside your theme, to our team for review. We’ll be polishing this a bit more in future iterations, but for now it will simply download a Markdown formatted text file with the details of your review. If you’re using the VIP Theme Review scan, you’ll also be asked a set of standard questions, before you run the export, which will help us understand the thought process involved in building the theme. The answers to these questions will also be included in the export.

As always, pull requests are welcome over on Github.

Introducing: VIP Quickstart

One of the pain points we often see in the development process is getting a development environment set up. Today we’re introducing VIP Quickstart to fix that. The goal of VIP Quickstart is to provide an environment similar to what you would be deploying to on WordPress.com that’s also quick and easy to setup.

VIP Quickstart is a mix of Vagrant, Puppet, Bash scripts, and some PHP code that will help you quickstart your WordPress.com VIP development. The setup installs a base Ubuntu 12.04 box running PHP, Nginx, and MySQL. The WordPress installation will be WordPress multisite from the latest trunk build. It also includes the WordPress Developer plugin along with all the recommended VIP plugins and the VIP Shared Plugins repository. Finally, there are some WordPress.com customizations and WP-CLI.

Updates will be pushed out on Github. You can always make sure you’ve got the latest version of Quickstart by running the VIP init script that’s included. If you’re already familiar with Vagrant, all the built in Vagrant commands will still work as well.

What’s Next

Currently we’re working on a Windows installer that should be available shortly. After that the plan is to add support for PHPMyAdmin along with some other tools. We want to include any tools that make sense for WordPress development in general and VIP specifically, so if you’ve got ideas we’d love to hear them.

In the future, issues involving local development environments will be unsupported unless you’re using Quickstart.

Follow Along

You can follow development on Github. If you come across problems, we’d ask that you first check the issues on Github and if the problem hasn’t already been reported, go ahead and create a new one. As always, pull requests are welcome.

This slideshow requires JavaScript.

Upcoming Demo: How Parade.com uses the WordPress Theme Customizer

Have you been curious about the WordPress Theme Customizer?

It’s used by many theme designers to allow users to quickly preview and customize themes from the admin interface, but many VIPs are using it as a way to give editors and content owners more control of the site’s appearance without having to delve into the code. The Theme Customizer can allow them to preview and publish significant personalizations or changes to a site’s home page (or other page) with just a few clicks, allowing for the editorial team to react quickly to the latest news stories.

Parade.com's Demo of the Theme Customizer

The WordPress.com VIP team is featuring a deeper look at the Theme Customizer with the help of the Parade.com team.

During the free 30-minute demo, we’ll take a deeper look at the Theme Customization API and why it’s interesting, how it works from a technical standpoint, and we’ll see some examples from Parade of what it can do, as well as how these customizations were enabled at the code level. The demo will be led by Parade.com’s Senior Developer, Taylor Buley (Twitter / Github), and he’ll cover both technical & non-technical information so all participants are welcome to attend. A brief Q&A will follow the demo.

Time & Date: Wednesday, August 28th, at 10am PT. Find what time the demo is in your timezone.

Want to attend this free demo? Register here

Check out the teaser video below to get a taste of what’s in store during the Theme Customizer demo.

Want more information about using WordPress for big brands and enterprises? Get in touch.

2013 VIP Intensive Developer Workshop Recap

One month ago, dozens of WordPress.com VIP clients, partners, and enterprise WordPress users gathered for our second WordPress.com VIP Intensive Developer Workshop in Napa, California.

WordPress.com VIP Workshop 2013 Group photo

The event was decidedly bigger than the inaugural event and it sold out quickly. We wanted to keep the intimate feeling of the exclusive event so all attendees had a chance to interact and get to know each other during networking breaks and dinners.

We’ve gotten some great feedback from the attendees:
95% of participants surveyed said
they would recommend the conference to their colleagues
97.37% said they would come again! 

This year we added flash talks from select VIP clients including CBS, Simperium, AlleyInteractive/KFF, PMC, Local TV, The Washington Post, Time Inc, Grist, Metro UK, Quartz, The New York Times, and Maker Media, about how they are using WordPress and WordPress.com VIP to power their businesses. We’ll be reposting those presentations right here on WordPress.com VIP News.

Developers from WordPress.com VIP and the extended Automattic team lead hands-on training sessions that covered everything from Security, Advanced Caching Patterns, MySQL Query Optimization, Building JS Apps with WordPress, Front-end performance, Backend optimization, Automated Testing with WP, Building Mobile sites with WP, in-depth looks at WordPress.com functionality, and more.

We also dedicated some time to open discussions on subjects which are dear to VIP clients like development workflow, single sign-on, administrator tools and utilities, and content embeds and integrations. The open format gave everyone a chance to share their ideas, solutions, and for VIPs to learn from each other directly as well as from the WordPress.com VIP team.

A special thanks to Jeff Veen (VP, Adobe) for his insightful welcome speech, and to all the VIP clients and partners who attended! Below are some of our favorite moments from the event.

We’re ready for what’s next, too!

The WordPress.com VIP team is busy planning the next installment of the VIP Workshop, as well as a series of VIP training this fall which should be interesting for both developers and superusers such as site administrators, managers, and editors!

If you’d like to receive word of the next WordPress.com VIP training or networking event, sign up for the WordPress.com VIP News & Announcements newsletter to receive the latest, and stay tuned to the VIP News site!

If you have any questions about WordPress.com VIP Services, be sure to get in touch!

100,000 Commits on WordPress.com VIP

Last week, a developer at Time Inc. made a milestone commit on WordPress.com VIPr100000!

Our WordPress.com VIP clients commit and deploy code daily, and often development teams will commit several times a day to keep up with their changing site features and improvements. We do several checks on code optimization and security before approving a commit for deployment, and we’re really proud to get 90% of commits deployed within two hours of submission. We also unveiled automatic deploys for static CSS and images last year, which has made deploying instantaneous for thousands of client code commits.

It took roughly 75,000 deploys to help reach this milestone commit. We began tracking deploys in March 2011, and as you can see in the chart below, we doubled the number of deploys from 2011 to 2012, and are on track to do so again this year.

Screen Shot 2013-04-01 at 10.13.54 PM

And, for those who are interested, here’s a peek at commit activity over the course of a week at WordPress.com VIP (times in GMT):

Screen Shot 2013-04-01 at 10.20.39 PM

While we’re looking at commit data, here’s a quick nod to the top five committers from the last 365 days: I.N. from Global News (942), C.B. from GigaOM (791), F.I. from Dawn Media (784), V.K. from COED Media Group (652) and E.G. from CBS Local (605).

And finally, here’s a peek at deploys from WordPress.com VIP over the last 3 years.

Screen Shot 2013-04-01 at 10.13.44 PM

Interested in learning more about WordPress.com VIP Cloud HostingGet in touch.