Version support policy
According to the WordPress core team, only the latest active version of WordPress is actively supported.
VIP supports the current version of WordPress, and one major version behind.
For example, if the latest version of WordPress is v.6.1, the WordPress VIP platform will support v.6.1 as well as v.6.0.*. Once WordPress v.6.2 is released, VIP is unable to guarantee the amount of time an environment can continue to run a version of WordPress previous to v6.0.
VIP considers a major new software version of WordPress to be X.X (e.g. 5.8, 5.9).
Advance notice and details of upcoming major release versions are posted in the VIP Lobby. Details of recommended testing are included.
As a major release approaches, non-production environments should be upgraded to the new release version. This allows application code to be tested against the new release version prior to an upgrade on production, and helps to ensure that the upgrade process goes smoothly.
VIP considers a minor new software version to be X.X.X (e.g. 5.8.1, 5.8.2).
Available minor release versions will be automatically applied to the active version of WordPress on an environment. For example, a VIP environment at WordPress version 5.8 will update to 5.8.1, and an environment at WordPress version 5.7.2 will update to 5.7.3.
Minor releases are designed to change the most minimal set of code possible to fix a given group of bugs and are considered to be low-risk upgrades.
Security releases and proactive mitigations
Some minor versions of WordPress are security releases, and VIP will act on them as soon as they come out. A security release will be automatically deployed to all environments on the platform as quickly as possible.
VIP promptly deploys patches and other protections to mitigate critical vulnerabilities.
The WordPress core team attempts to backport security updates to older versions when possible, but there are no guarantees, and no timeframe for updating older releases. This can mean that sites running older versions of WordPress cannot benefit from important security measures that may be publicly known. Point (minor) releases, in particular, are often security releases, or contain important security updates and bug fixes.
All relevant common vulnerabilities and exposures (CVE) notices for WordPress are acted on as quickly as possible by the VIP Team.
Development teams are expected to test WordPress releases through the beta and release candidate periods. This can be managed by switching over local development environments to use the Beta Tester plugin or updating the locally running version of WordPress to trunk via either SVN or GitHub.
- “Trunk” contains the latest development code in preparation for the next major release cycle of WordPress. It is the newest possible version, but not necessarily a stable version. It includes Alpha and Beta versions and changes often.
Environments running “Trunk” versions will continue to track trunk until explicitly changed.
- “Branch” contains directories that consist of the latest code for each major release, and minor release development occurs within the branch.
Environments running “branch” versions will be upgraded to the release version on release day.
Last updated: September 14, 2023