WordPress version 5.2 dubbed “Jaco” is available for download and includes a number of new security features and improvements, such as digitally-signed updates, Site Health Check, and PHP error protection.
The latest version of the world’s most popular content management system (CMS), WordPress 5.2 now leverages a more robust cryptographic library ‘Sodium Compat’ and stronger security by signing update packages via ED25519 public-key signatures. ED25519 is a specific digital signature use case for Edwards-form Curve25519. This will allow local systems to verify the authenticity of the update package before downloading, thus improving security and preventing supply-chain attacks.
Developed by Paragon Initiative Enterprises, Sodium Compat is “a pure PHP polyfill for the Sodium cryptography library (libsodium),” a core extension in PHP versions 7.2.0 and above.
As part of the latest version, WordPress Site Health Check adds two new pages (Site Health Status and Site Health Info) to help site admins debug common configuration issues. Developers can also use a new space to include debugging information for site maintainers.
Version 5.2 also adds PHP error protection feature that allows site administrators to safely fix or manage “fatal errors” without incurring developer time. Administrators can now use the feature to better handle “white screen of death” and recovery mode feature by pausing bad plugins or themes that would otherwise cause errors.
Additional WordPress improvements include accessibility updates, new dashboard icons and plugin compatibility checks.
As part of the plugin compatibility check feature enhancement, WordPress will now check to make sure your site’s latest version of PHP is compatible with installed plugins. So, if you try to install a plugin that requires a higher version of PHP, WordPress will not allow you to activate the plugin and thus prevent future errors.
Site admins must also update to minimum supported PHP version (5.6.20 or higher) prior to installing WordPress 5.2.