Opened 14 months ago
Last modified 14 months ago
#7139 new enhancement
Add a "Security Supported" statistic to stats page
Reported by: | benniledl | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | WordPress.org Site | Keywords: | 2nd-opinion |
Cc: |
Description
WordPress has great security/bugfixes support for old versions, the version 4.1 which was first released December 2014 has just recently gotten a security and bug fix release: https://wordpress.org/documentation/wordpress-version/version-4-1-38/
Adding a graph that shows how many of the active WordPress installations still have security support would really show how good WordPress is for website creators in the long run.
Inspiration: https://www.t3versions.com/statistics-detail/20
The site in question: https://wordpress.org/about/stats/
Attachments (2)
Change History (6)
#1
@
14 months ago
Adding a graph that shows how many of the active WordPress installations still have security support would really show how good WordPress is for website creators in the long run.
I think showing the number of historical security fixes would have the opposite effect.
#2
follow-ups:
↓ 3
↓ 4
@
14 months ago
Hi @dufresnesteven
I wouldn't want to show the number of security fixes but what % of active WordPress installations would still get security fixes if there was a problem.
#3
in reply to:
↑ 2
@
14 months ago
Replying to benniledl:
Hi @dufresnesteven
I wouldn't want to show the number of security fixes but what % of active WordPress installations would still get security fixes if there was a problem.
yeah, I understand that but we should always incentivize upgrades to the latest version. So for me, I don't know what this stat is communicating other than there were vulnerabilities in previous versions.
#4
in reply to:
↑ 2
@
14 months ago
Replying to benniledl:
I wouldn't want to show the number of security fixes but what % of active WordPress installations would still get security fixes if there was a problem.
So, you'd be thinking something like 99.56% of known WordPress installations are currently receiving security updates
?
Realistically that'd be better as just that static text with "Over 99%", and could probably stay like that for quite some time.
As noted on https://make.wordpress.org/security/2022/09/07/dropping-security-updates-for-wordpress-versions-3-7-through-4-0/ at the time WP <= 4.0 accounted for less than 1% of overall installations, today WP 4.1~6.2 accounts for close to 99.5%.
So... Adding the statistic is likely not beneficial for most people IMHO, and minor movements in the 99.xx% area is likely to cause the security team more issues (ie. When they drop support for WP 4.2~4.5 or something like that, it might drop from 99.8% to 99.1%). If we wanted to use it in some copy on PR/Marketing materials it'd have a better impact just saying 'over 99%'.
suggestion