Full Site Editing, and Both Sides of the FLoC Argument

Episode 13 April 23, 2021 00:25:18
Full Site Editing, and Both Sides of the FLoC Argument
WP Review
Full Site Editing, and Both Sides of the FLoC Argument

Hosted By

Joe Casabona

Show Notes

It was a big couple of weeks in the WordPress space! After Full Site Editing getting the green light for 5.8, more information has come out to clarify what that looks like, and how it will affect theme designers. We also answer, “What is FLoC,” and what’s all the hubbub around FloC and WordPress Core? Plus, an update on my Gutenberg course.


View Full Transcript

Episode Transcript

Hey everybody. And welcome to WP Review, a show that looks at WordPress news offers opinions, and brings you new helpful tools to build better WordPress websites. My name’s Joe Casabona. And let’s get to the review. But before that, I do want to tell you about my community. This episode is brought to you by the Build Something Club. This isn’t my only podcast. In fact, this podcast started off as a sub-series of my main show, How I Built It. And as part of that main show, I launched a community called the Build Something Club. You can find more information over at [buildsomething.club] where you get bonus episodes, ad-free episodes, longer interviews, a community of builders, and much, much more. I cover general technology for small business owners, as well as WordPress-specific stuff. And one of the members-only things I’m doing right now is a live stream where I’m building out a WordPress theme from scratch. So if you’re interested, you can head over to [buildsomething.club]. You can sign up for $5 a month or $50 a year. And if you’re listening to this before April 30th, you can actually get 25% off using the code ‘founder’ for being a founding member. Again, that’s over at [buildsomething.club]. And now, let’s actually get on to the review. So there are three stories I want to mention here. First, just announced today as I record this, it’s official, IE 11 support will end with WordPress 5.8. So the support for IE 11 is officially being removed in WordPress 5.8. It’s noted on a core or [make.WordPress] that the change will only affect WordPress is built-in features. Plugins made to support IE 11 will still work, as well as themes. Now, there is a two-phase plan for this. Phase one, which will be WordPress 5.8, will remove IE 11 support from the core. However, there are a lot of pieces of code that specifically target IE 11. And for WordPress 5.9 and beyond, there will be a ticket created to remove each instance of IE 11 specific code. And these tickets will not be considered for 5.8 unless the release squad or a committer feels that the ticket is a blocker for Full Site Editing. So, again, just to recap that really quick before we get into some of our juicier topics. IE 11 support, it’s ending officially with 5.8. 5.8 will not be tested for IEP11. And anything that is IE 11 specific code will be systematically removed through tickets in WordPress 5.9, and beyond. Now, shortly after the last episode, the WordPress core team met to give the Go/No Go on Full Site Editing. That happened on April 14th. And the Full Site Editing got the go-ahead for 5.8. Now, there are a couple of things that will not make it into a 5.8. Namely global styles, the global styles interface, and the site editor, which allows managing of all templates that will ship posts WordPress 5.8. So this will give more time for more theme authors, plugin developers, agencies, designers, to explore Full Site Editing in its first iteration, and provide feedback on what will make it into 5.8 is improvements from Gutenberg 9.9. Plus, we’ll talk about that more in a second. The introduction of new blocks specifically the query block, site logo, and navigation, theme.Json mechanism, we’ll talk about that more too. The template editor for pages and blank templates, the widget screen and block widgets in the customizer, and certain design tools like duotone, layout controls, and padding. So there was a follow-up to the Go/No Go post that was published on April 20th, talking about what the next steps are. And this provides a schedule for what’s going to happen. Specifically, it provides a schedule for the Gutenberg plugin release, and the Gutenberg plugin roadmap goes up to 10.7 with the release candidate coming out on May 19th. The stable release of that plugin is slated for May 26. That’s significant because the 5.8 feature freeze is due to take place on May 25th. So what’s going to happen is the 10.7 release candidate of the Gutenberg plugin will be merged into WordPress 5.8 core, and fixes will take place. Now I will link this, as well as all of the links we’re talking about in the show notes over at [wpreview.io]. This should also be in your podcast player. But, there are a few things that this post dives into things that need to be improved upon, like the block theme building. Block themes, according to this post, “Block themes might arguably represent one of the biggest core theme building paradigm changes in the last decade as such a huge effort is being done to achieve a future-proof evolvable foundation. With most of the infrastructure ready, the focus remains on theme.json, the configuration file.” So the theme.json file, I’m going to do my best to explain what this is. But it’s a simple Json file that allows you to set some theme defaults that WordPress will then read in, handing off most of the heavy-duty lifting to the Block Editor. So, the theme.json allows you to define some default blocks and default style attributes for blocks and things like that. I will pay much closer attention to this as we get closer to 5.8. And in the next segment, I’ll take you behind the scenes on my Gutenberg update course, and this will play a big part. But as far as Full Site Editing goes, it looks like we’re going to start to see the first parts of that in 5.8 including the query block and a few other things. If you want to get a deeper understanding of Full Site Editing and how it will impact WordPress, I highly recommend episode two of WP Tavern Jukebox. The host Nathan Wrigley interviews, and McCarthy who is the developer relations, Wrangler, for Automattic. And I hope and doesn’t mind me saying this, but she is quickly becoming my favorite automation. I’ve been on a couple of podcasts with her recently. And her passion for this project and her dedication to making sure it’s done right are admirable. I am extremely excited about Full Site Editing. and is working very hard to make sure that it’s done. Right. So, along with the entire team, I don’t want to discount the work of the entire team but I’ve had good contact and conversations with Anne over the last few weeks. And so I just want to give her a shout-out. so I will, again, I will link this episode of the WP Tavern Jukebox in the show notes. But it’s a good conversation. There’s a lot of really good insight there. Okay. So that’s Full Site Editing. Another big proposal that made a lot of waves over the last week is the proposal to treat FLoC, which is Google’s federated learning of cohorts for the Chrome browser. Treat FLoC as a security concern. Now, as I record this, it has been, the proposal’s been updated and recategorized to not be a security concern. The Tavern has, Sarah Gooding has just fantastic coverage on this, over at the Tavern where she breaks down the whole issue as it relates to WordPress. So first, let’s talk about what is FLoC? And I want to even the playing field here a little bit. The proposal as I read it treats FLoC as an absolutely bad thing even calling out a certain discrimination. It could lead to some discrimination according to those who wrote this post. So, and they want to treat it as a security concern, meaning that It will be included as a patch in the next minor release as opposed to waiting for a major release. As well as, and this is important, Backporting the patch to previous versions of WordPress. So not only would this patch make it into the next minor release, but it would also be backported. That’s what a stack is how it would be treated As a security concern. And again, this proposal comes out the gate treating FLoC as an absolute terrible thing. So let’s look at both sides of the argument. So if you go to [web.dev/FLoC], this is Google’s website and they have an extremely long explainer of how this works. but what this means FLoC provides a privacy-preserving mechanism for interest-based ad selection. As a user moves around the web, their browser uses the FLoC algorithm to work out its interest cohort, which will be the same for thousands of browsers With a similar recent browsing history. The browser recalculates its cohort periodically on the user’s device without sharing individual browsing data with the browser vendor or anyone else. So according to Google, this is better than what we have now, which is third-party tracking cookies. But basically what this means is if I visit a set of sites and you visit a similar set of sites, we will be put in the same cohort. And then advertisers will be able to show us ads based on that cohort. So, what they’re saying is that this is going to be better because Chrome is going to control how the advertisers get the information, and how they decide to show the ads. So they’ll say, advertisers’ sites that pay for advertisements can include code on their own websites in order to gather and provide cohort data to their ad tech platforms. And then subsequently the ad platform can use the data to select relevant ads when a browser from one of those cohorts requests a page from a site that displays ads. The privacy sandbox, which is part of this whole FLoC thing, is a series of proposals to satisfy third-party use cases without third-party cookies or other tracking mechanisms. So again, Google is painting this as a good thing instead of the third-party tracking cookies that potentially give personal data to advertisers. FLoC in Chrome can abstract this away. Now, the EFF that is the Electronic Frontier Foundation published an article in March called ‘Google’s FLoC Is a terrible idea’. And they talk about how, again, how this isn’t really any better than third-party tracking cookies. It’s just different but still, it’s still bad for the user. A couple of pull quotes from the article, again, I will link everything in the show notes. I strongly recommend you read both Google’s explainer and the EFF article because I think you’re getting both sides of the argument that way. For FLoC to be according to eff.org, for FLoC to be useful to advertisers, a users cohort will necessarily reveal information about their behavior that makes sense. There are new privacy problems like fingerprinting. Browser fingerprinting is the practice of gathering many discrete pieces of information from a user’s browser to create a unique stable identifier for that browser. So while Google is saying it’s only gathering information that needs to put you in a cohort, EFF is saying, look, your browser is going to be unique enough from other people’s browsers that it’ll be able to fingerprint it to you so you’ll still be able to be identified even with FLoC. Cross-content exposure is a second problem. The technology will share the new personal data with trackers who can already identify users. So for FLoC to be useful to advertisers, they use a cohort that will necessarily reveal information about their behavior. Again, these advertisers already have user information. The cross-content exposure combined with fingerprinting will basically say, “All right. This browser looks exactly like this user. They’re probably the same person” is my understanding of this. And the article ends with, instead of reinventing or towards the end, I should say, instead of reinventing the tracking wheel, we should imagine a better world without the myriad problems of targeted ads. So the EFF is saying, “Look, do we really need targeted ads?” They say, “Google, please don’t do this.” They can do certain things to improve user privacy, but FLoC is using old scaffolding for surveillance without replacing it with something new. And oh, saying that they can choose to dismantle. I’m sorry. They can choose to dismantle the old scaffolding for surveillance without replacing it with something new and uniquely harmful. So, Google is saying that this is better than third-party tracking cookies. The EFF is saying it’s still terrible because the advertisers need to do maybe marginally more work to figure out who you are based on your browsing preferences. And then the proposal for WordPress is basically to just block it right out the gate. There’s a really good discussion going on over here. Again, the Tavern, WP Tavern has a really good coverage of this, including pull quotes from Chrome’s developer lead saying, “This is nothing set in stone. This is experimental. The API could change.” One thing the EFF points out is that this will probably be opt-in for advertisers and opt-out for users, which is bad. Rowan Merewood, the Chrome lead developer, a developer lead says that the opt-out mechanism might change, right. Eligibility criteria might change. And so this is still highly experimental. And then WordPress contributors, those who decided to comment on the article say things like, “First of all, backporting is bad.” Mika Epstein says this. Mika is a legendary WordPress contributor. I mean, she has contributed more to WordPress both personally and professionally than I think. You know, I think she’s really, she has a certain amount of…what’s the word I’m looking for? You know, people should pay attention to her opinion (I’m really good with words today). When she speaks, people should listen. And you know, she points out that while she’s not pro-FLoC, she doesn’t support backporting, because there’s a precedent to knock backport for GDPR staff. A plugin is sufficient for those on older versions. And then there are people who say, “Look. Why are we even deciding what users can do? We shouldn’t on the WordPress core level decide if users want to opt-in or out of FLoC.” And that is what I like. Right. A user can opt out of FLoC by turning it off in Chrome by not using Chrome. If you’re concerned about privacy, use Safari, use Brave. But making it so that publishers maybe who rely on advertising, need a way around WordPress core to use FLoC. I think that’s problematic. And there is a quote in the proposal that I take issue with. “Those websites who want to opt-in to FLoC, I likely to have the technical know-how to simply override this proposed filter in core.” That is a poor position to take. You’re saying that a platform that powers over 40% of the web, most of those people who want to opt-in to FLoC has the technical know-how. The people who might know FLoC or heard of it from an advertising perspective probably don’t have the technical know-how. I would wager a guess that if this makes it into the core, those who want to opt-in to FLoC will have no idea that WordPress is blocking FLoC. So, again, this comes up time and time again. All of these decisions and not all of them, but a lot of these decisions and justifications are well, you know, this is good for developers and developers can fix it. If we’re talking to 41% of the web, if we are putting so much effort into the Block Editor, and Full Site Editing to help non-developers, we cannot make decisions from a position of, well, a developer can just fix it. If you want to make it easy to opt-out a FLoC in WordPress, put a setting in this, put a checkbox in the settings. Don’t just assume that those who want to opt-in to FLoC are likely to have the technical know-how because this line makes way too many assumptions about WordPress users. So there we. That’s my high horse for today. So I will link all of that information in the show notes. Wrapping up here, I want to give a little, I said, this is the main segment, but I just talked to 20 minutes about two pretty deep conversations. So this is just the, aside here, my work has officially begun on my Gutenberg course update and spent a long time coming. A lot has changed since my last course update, which I think I think was in 2019, it was pre-pandemic and the pandemic’s been going on for 40 years. So, I’m not really sure. I’m going to change the course in a few ways though because there have been significant changes since my course came out. There will be a Block Editor tour section before we get into the actual work of using the Block Editor. So this will help students get their bearings and hopefully show them some new features that even if they’ve been using the Block Editor, maybe they didn’t realize I’m adding the new features like block patterns and the block directory. We do a full site build-out in the course. So the theme for that will probably be different. I don’t know that I’m going to use Twenty Twenty One. I might, or I might be using the Full Site Editing version of Twenty Twenty One. But it’s also likely that I’ll use something like Kadence, which has a native kind of Gutenberg page builder. For the Gutenberg for freelancers course, there are two versions of the course. An introduction to the Block Editor for $29, and the Gutenberg for freelancers course for $159. And the main difference is that everything in the $29 courses is in the freelancer’s course, but there’s also kind of how to mitigate client relationships and train them and make the transition. And that course will include a section on Full Site Editing. I will likely also sell a separate course for Full Site Editing just because I think that they are similar. But there is a lot of content that can go into Full Site Editing. And then for the bonus sections, I’ll likely highlight some block packs, but also block-friendly themes. Again, like Kadence, like Twenty Twenty One, and some of the other ones that are rolled out. So it’s going to be a lot of work. But I am excited to finally get an update out for this course. It’s been far too long. And I’m probably also going to bump the price up. It’s probably going to be a modest price bump. I think it was $29. Now it will probably go to like $39. But if you register for the course today, you’ll get the update for free. So you registered today at $29, you’ll save $10, You’ll get the bonus content, or the updated content without having to pay the extra 10 bucks. So, that is it for this episode. I, you know, generally moving forward, I do want to highlight a new theme or plugin, but I also want to keep these episodes under a half hour. So that’ll happen next time. If you liked this episode, be sure to share it with somebody in the WordPress community. We covered some pretty big topics today. And I think I did a pretty decent job of explaining them or at least putting some big explainer resources in front of you. So share it with somebody in the community. For all of the show notes, you can head over to [wpreview.io] and be sure to check out the Build Something Club over at [buildsomething.club]. Thanks so much for listening. And until next time, get out there and build something.

Other Episodes

Episode 41

March 10, 2022 00:22:50
Episode Cover

Analysis: State of WordPress Security in 2021

In a bit of serendipity, the same week I finished recording my next LinkedIn Learning course, Troubleshooting and Repairing Your WordPress Website, Patchstack has published its State of WordPress Security in 2021 white paper. I’ll go through some of the highlights from the white paper, and give you my analysis. Brought to you by GoDaddy Pro. Get all of the show notes, and a written to be read article over at https://wpreview.io/41 Show Notes State Of WordPress Security In 2021 - Patchstack | Download PDF Plesk Podcast: Next Level Ops GoWP Nexcess ...


Episode 28

November 12, 2021 00:31:11
Episode Cover

The Simplest Solution

What's up with all of the acquisitions? What are we even doing in the WordPress community? How much of a say do we really have on the open source project? These are big questions, but as my friend William of Occam said, ""entities should not be multiplied beyond necessity." Or as it's often (but maybe incorrectly?) paraphrased, "The simplest solution is often the best solution."  But whether or not that's actually the principle behind Occam's Razor, it's still a good one. And that helps us answer the above questions, on this week's WP Review. Brought to you by GoDaddy Pro Get all of the show notes at https://wpreview.io/028 Get even more great content by joining the Build Something Club ...


Episode 47

April 28, 2022 00:16:30
Episode Cover

MemberPress and Asking: Is the WordPress Way the Right Way?

MemberPress made some waves this week when it was discovered that they were completely locking out users who had expired license keys. The WordPress way is you get access to the plugin, which you get to keep because it's open source, whether or not you keep paying for the license. Generally, support and updates are the things that you keep paying for. But why is this the case when virtually every other piece of software we use today is based on, "a keep paying for access" model? Brought to you by GoDaddy Pro. Get all of the show notes, and a written to be read article over at https://wpreview.io/47 ...