Reminds me of the old Oxygen regenerate signatures thing. If we migrate a site or clone it or restore a backup, do we have to manually go regenerate all signatures or will this feature take care of itself automatically? If there are extra steps, can those be made automatic during migrations and cloning through hooks or something?
Hmm... adding every new echo function into theme function is kind of a bummer for me. I do expect that people will forget about this (after the update and even beyond) which might lead to unwanted behavior. Would be nice to have an better option here :) But I do appreciate your efforts.
Does this mean theres no way to test echo statements / query loops now without adding each one first? I used to find it super handy to be able to add them and make sure they work first.
Great stuff guys! It is more work but I think you did it in a way that is as simple as possible. Thanks for this video. I would have been lost trying to get this to work without it.
Tbh as someone that switched over from elementer and is really enjoying the more semantic html of Bricks. The manually signing each code before it updates even the css. Makes integrating custom elements made in VS code to Bricks a lot less smooth. Which is unfortunate since it should/could shine in this area. Perhaps a method to disable the code singing for admins during a certain build period. Where at the end you're saving the final changes and not every single height or class edit. Would solve this issue!
I understand there would be a potential window of infiltration but it would be very minimal due to the short periods of time needed to adapt the custom element.
What might also be a more easy to implement solution, would be to have a button that has a function to automatically sign all code on the page every few seconds. Which would also provide a "live" code editing experience.
for some reason I do not have the "execute code" button, although I activated code execution for my role. Why is that? And I also can not sign the functions in the builder
The new "Code review" feature gives you a copy & paste code snippet that contains all the "echo" tag function names on your site. For more details: academy.bricksbuilder.io/article/code-review/
@@bricksbuilder Yeah, but manual review on everything across all sites is going to cost me days of revenue :( I get that it needs to be done and all, just not looking forward to it
@@bricksbuilder And the fact that this update completely screwed WooCommerce is why it's not just a case of copying and pasting functions. Every site needs to be thoroughly tested across the board, which costs time and money when it's a mandatory breaking update which, IMO, is an overreaction to the issues pre-1.9.6.1. Security is incredibly important, but it really shouldn't be Bricks' job to "idiot proof" it for users who haven't gotten a grasp on proper processes. It's done now, it is what it is, but that this was pushed without even a beta that would've flagged the WooCommerce issue is a concern.
Seriously impressive update, Bricks team! Big props for doubling down on security and for rolling out these security enhancements in 1.9.7! 🙌
Please list the steps and timestamps in the description so its easier to track on the video
Reminds me of the old Oxygen regenerate signatures thing.
If we migrate a site or clone it or restore a backup, do we have to manually go regenerate all signatures or will this feature take care of itself automatically?
If there are extra steps, can those be made automatic during migrations and cloning through hooks or something?
Hmm... adding every new echo function into theme function is kind of a bummer for me. I do expect that people will forget about this (after the update and even beyond) which might lead to unwanted behavior. Would be nice to have an better option here :)
But I do appreciate your efforts.
Agreed. This feels like a headache to me.
Great update - the code review is really useful even beyond security, just really nice to see all of that in one place.
Does this mean theres no way to test echo statements / query loops now without adding each one first? I used to find it super handy to be able to add them and make sure they work first.
Great stuff guys! It is more work but I think you did it in a way that is as simple as possible. Thanks for this video. I would have been lost trying to get this to work without it.
Thank you Bricks! Excellent work because it is pro-active!
Tbh as someone that switched over from elementer and is really enjoying the more semantic html of Bricks. The manually signing each code before it updates even the css.
Makes integrating custom elements made in VS code to Bricks a lot less smooth. Which is unfortunate since it should/could shine in this area.
Perhaps a method to disable the code singing for admins during a certain build period. Where at the end you're saving the final changes and not every single height or class edit.
Would solve this issue!
I understand there would be a potential window of infiltration but it would be very minimal due to the short periods of time needed to adapt the custom element.
What might also be a more easy to implement solution, would be to have a button that has a function to automatically sign all code on the page every few seconds.
Which would also provide a "live" code editing experience.
for some reason I do not have the "execute code" button, although I activated code execution for my role. Why is that? And I also can not sign the functions in the builder
so nice, THE CODE REVIEW !
Are you monetising these videos?
We don't. TH-cam can show ads even if the channel is not part of their Partner Program support.google.com/youtube/answer/2475463
@@bricksbuilder OK thanks for the reply. Link doesnt work btw
You with this update destroyed all my logic I built around acf posts…
Did you insert the echo part into your child theme. Worked for me
@@rebelinc suppport said, I have to try redownload the version of the theme from Bricks Account and it helped me :)
First!
Sounded a bit like a pain in the ass, but looks like a nice feature
This echo thing is going to cost me a fortune to update on all sites
The new "Code review" feature gives you a copy & paste code snippet that contains all the "echo" tag function names on your site.
For more details: academy.bricksbuilder.io/article/code-review/
@@bricksbuilder Yeah, but manual review on everything across all sites is going to cost me days of revenue :( I get that it needs to be done and all, just not looking forward to it
@@old_ogcdigital indeed but, in my opinion, unsecure websites cost much more than cost to secure them
@@bricksbuilder And the fact that this update completely screwed WooCommerce is why it's not just a case of copying and pasting functions. Every site needs to be thoroughly tested across the board, which costs time and money when it's a mandatory breaking update which, IMO, is an overreaction to the issues pre-1.9.6.1. Security is incredibly important, but it really shouldn't be Bricks' job to "idiot proof" it for users who haven't gotten a grasp on proper processes. It's done now, it is what it is, but that this was pushed without even a beta that would've flagged the WooCommerce issue is a concern.
@@old_ogcdigital what happens with woo? I haven't started yet, and I have several complex woo implementations.