Make WordPress Core

Opened 3 years ago

Last modified 2 weeks ago

#36669 assigned defect (bug)

Update SimplePie to Latest Version and possibly include PHP-MF2

Reported by: dshanske Owned by:
Milestone: 5.4 Priority: normal
Severity: normal Version:
Component: External Libraries Keywords: has-patch needs-testing early
Focuses: SimplePie Cc:
PR Number:


SimplePie Version 1.4 is now available.


It is the first release in 3 years and has a large number of bug fixes. It also is the first version that includes support for new types of feeds as described by the IndieWebCamp community.

These feeds are made up of h-feed and h-entry microformats, which allows the feed to be parsed from the html rather than a separate xml file.

SimplePie will now detect when it finds such a feed and parse them when it finds the php-mf2 parser available.

Attachments (3)

update-simplepie.patch (86.6 KB) - added by slushman 3 years ago.
Patch updating SimplePie to version 1.4.
SimplePie-1.5.2.diff (120.1 KB) - added by wpshades 12 months ago.
The latest release of SimplePie found at - https://github.com/simplepie/simplepie/releases
36669.diff (121.2 KB) - added by Hareesh Pillai 5 months ago.
Adding refreshed patch

Download all attachments as: .zip

Change History (40)

#1 @jorbin
3 years ago

  • Owner set to rmccue
  • Status changed from new to assigned

@rmccue - thoughts?

This ticket was mentioned in Slack in #core by dshanske. View the logs.

3 years ago

3 years ago

Patch updating SimplePie to version 1.4.

#3 @slushman
3 years ago

  • Keywords has-patch added

I've run into an issue with a plugin trying to read an RSS feed from a site with a Lets Encrypt (self-signed) cert. It appears this was fixed in [May 2015](https://github.com/simplepie/simplepie/pull/407) and that fix is part of SimplePie 1.4.
Submitting patch to update SimplePie to version 1.4.

This ticket was mentioned in Slack in #core by dshanske. View the logs.

3 years ago

#5 @jhabdas
2 years ago

SimplePie 1.5 has been released. It still does not support PHP 7.0, which is what I believe WP suggests. It seems apt to deprecate or make private fetch_feed() entirely and let the plugins manage the use cases and forward-facing support role for end users.

Last edited 2 years ago by jhabdas (previous) (diff)

#6 @Presskopp
2 years ago

1.5.1 is latest now

#7 @aquakitty
2 years ago

#42515 was marked as a duplicate.

#8 @etruel
18 months ago

Hi all, someone recommended me to tell the following here. I'll try to say some different behaviours that we have in our plugin WPeMatico by reading different feeds.

I can't give too much technical details, but we're attending so much tickets of lot of users with problems using the Simplepie 1.3.1 included in WordPress that we solved just by using the new version 1.5 or newer.

Almost all the new things we found in the 1.5 version (already to download in simplepie.org) was related with fixed issues and improvements. (https://github.com/simplepie/simplepie/releases)

Using 1.3.1 included in WP, some of the feeds with problem are solved with force_feed and others by changing to a known User-agent. (But in 1.5 works by default)

There are feeds giving different errors in 1.3.1 than 1.5. And some of them work well in 1.5 and not in 1.3 (1.3 tried with and without force_feed)

For example http://thenationonlineng.net/feed/
Works well with 1.5.

1.3.1 = ERROR: The feed http://thenationonlineng.net/feed/ cannot be parsed. Simplepie said: This XML document is invalid, likely due to invalid characters. XML error: Reserved XML Name at line 2, column 38

Many errors that produce notices like examples below are fixed easily by using the new 1.5:

ERROR: Feed https://www.cryptocoinsnews.com/feed could not be parsed. (SimplePie said: A feed could not be found at https://www.cryptocoinsnews.com/feed. A feed with an invalid mime type may fall victim to this error, or SimplePie was unable to auto-discover it.. Use force_feed() if you are certain this URL is a real feed.)

ERROR: Feed https://www.youtube.com/feeds/videos.xml?channel_id=UCCWYNcRdRteOF3wIRVeaJZQ could not be parsed. (SimplePie said: cURL error 60: SSL certificate problem: unable to get local issuer certificate)

Hope this helps.



#9 @swissspidy
17 months ago

#44309 was marked as a duplicate.

12 months ago

The latest release of SimplePie found at - https://github.com/simplepie/simplepie/releases

#10 @wpshades
12 months ago

  • Focuses SimplePie added
  • Version changed from 4.6 to 4.9.8

Hi everyone!

I have just submitted a patch that includes the latest release of SimplePie(1.5.2).
If there's any way in which I can help test this out, please let me know.


#11 follow-up: @dmenard
12 months ago


I would like to second this request.

With WP 4.9.8 and PHP 7.2, the WordPress RSS widget generates many warnings like this:

Warning: A non-numeric value encountered in wordpress\wp-includes\SimplePie\Parse\Date.php on line 694

10	SimplePie->get_items( $start = ???, $end = ??? )			...\class-simplepie.php:2812
11	SimplePie_Item->get_date( $date_format = 'U' )				...\class-simplepie.php:2925
12	SimplePie_Parse_Date->parse( $date = '2018-10-02T08:38:56Z' )		...\Item.php:773
13	SimplePie_Parse_Date->date_w3cdtf( $date = '2018-10-02T08:38:56Z' )	...\Date.php:603

These are caused by the way SimplePie 1.3.1 parses dates and by the new E_WARNINGs introduced in PHP 7.1.

A simple fix for this has been made in july 2016 and is included since SimplePie 1.4.2.

So upgrading SimplePie to the latest version would solve these warnings.


#12 in reply to: ↑ 11 @miunosoft
12 months ago

Just in case for someone who are facing this issue and need to get away from the warnings without modifying the core, here is a plugin, Fix - SimplePie Errors: https://github.com/michaeluno/_fix-simplepie-errors).

#13 @pento
11 months ago

#45436 was marked as a duplicate.

#14 @Znuff
10 months ago

This bug has been present for years and it affects all production websites on current PHP versions.

There have been patches submitted, people even made plugins.

How come this is taking so long to be adopted in the core?

It's spamming our servers logs so hard that we ended up at 3GB in 3 days. It's incredible.

This ticket was mentioned in Slack in #core by dshanske. View the logs.

10 months ago

#16 @pento
9 months ago

#42684 was marked as a duplicate.

#17 @pento
9 months ago

  • Milestone changed from Awaiting Review to 5.2
  • Version 4.9.8 deleted

PHP 5.2 support was dropped in SimplePie 1.4, 1.5 requires PHP 5.3+.

I'm moving this to the 5.2 milestone, when we'll be bumping WordPress' minimum PHP version to 5.6.

#18 @knutsp
7 months ago

#42515 was marked as a duplicate.

#19 @desrosj
7 months ago

  • Keywords early needs-refresh added
  • Milestone changed from 5.2 to 5.3

5.2 beta is in less than 2 days. The latest patch needs to be refreshed to apply cleanly to trunk, and this needs to be tested. Punting to 5.3.

@rmccue do you have any thoughts about this?

#20 @dshanske
7 months ago

@rmccue was assigned this task 3 years ago and has not commented on this or noted his acceptance of the assignment. Can I suggest that, if he is occupied with other things, this revert to unassigned in the hopes someone else will take this on?

#21 @rmccue
7 months ago

  • Owner rmccue deleted

@Hareesh Pillai
5 months ago

Adding refreshed patch

#22 @Hareesh Pillai
5 months ago

  • Keywords needs-testing added; needs-refresh removed

#23 @elexem
4 months ago

not sure I understand the implications of the latest entries in this thread.
Can we expect the error-causing-behaviour to go away sometime soon? Looking into /wp-includes/SimplePie seems to still be on ver 1.3.1 while https://github.com/simplepie/simplepie/releases/ lists 1.5.2 as released early Aug 2018 - so perhaps I'm too incompetent to grasp the monumental hindrances impeding adapting that.
Either way, it would be nice if that could be mended; the nuisant oversight pelts us with error lines we could clearly do without; 91953 in the last cycle.


#24 @dshanske
4 months ago

No one with privileges to commit wants to take ownership of it.

#25 @Znuff
4 months ago

How about mark this as a BUG instead of an "enhancement" and mark it as a blocker?

The amount of pussyfooting around this issue is astounding.

At this rate, I'm gonna have to patch that file manually until Wordpress 8.0. And I'm sick of patching it every release.

#26 @elexem
4 months ago

I'll have to agree with @Znuff here.

+1 :/

#27 @dshanske
4 months ago

  • Type changed from enhancement to defect (bug)

Okay. I will classify it as a bug...

This ticket was mentioned in Slack in #core by hareesh-pillai. View the logs.

5 weeks ago

#29 follow-up: @mikeschroder
5 weeks ago

@stevenkword as Feeds maintainer, what do you think about upgrading this as part of 5.3?

#30 in reply to: ↑ 29 @stevenkword
5 weeks ago

Replying to mikeschroder:

@stevenkword as Feeds maintainer, what do you think about upgrading this as part of 5.3?

Thanks for putting this on my radar. The current version in WP is 1.3.1, last updated 6 years ago.

I think a major prerequisite for this would be to have better test coverage across the feeds component. I began introducing tests a few years back, but they are still not complete.

I think this is a great idea to inherit the bugfixes, but I'd like to ensure we have 1:1 tests against every function touched in the SimplePie changelogs between 1.3.1 and 1.5. I'd always want this big of a change to land in the release early to allow for a long bake time.

Last edited 5 weeks ago by stevenkword (previous) (diff)

#31 @dshanske
5 weeks ago

SimplePie has its own test coverage. Do we need to redo them or simply incorporate them?

#32 @davidbaumwald
4 weeks ago

  • Keywords early removed
  • Milestone changed from 5.3 to Future Release

This ticket still needs a decision, and with 5.3 Beta 1 only a few days away, this is being moved to Future Release.

#33 @jrf
4 weeks ago

Related #47746 - the current version used of SimplePie contains a PHP 7.4 compatibility issue.

This issue has been patched upstream, but is not contained in a tagged release yet. Tagging a new release has been requested: https://github.com/simplepie/simplepie/issues/620

#34 follow-up: @jrf
3 weeks ago

SimplePie has released a new version including the changes needed for PHP 7.4 support: https://github.com/simplepie/simplepie/releases/tag/1.5.3

#35 in reply to: ↑ 34 @stevenkword
3 weeks ago

  • Keywords early added
  • Milestone changed from Future Release to 5.4

Replying to jrf:

SimplePie has released a new version including the changes needed for PHP 7.4 support: https://github.com/simplepie/simplepie/releases/tag/1.5.3

Due to the late introduction into this cycle, I'm very hesitant for a push. The PHP 7.4 support doesn't concern me necessarily since there is a patch available in #47746, but I would like this sort of request to hit a release early. Let's aim for 5.4 with a tag of 'early' so that we can properly kick the tires. I'm not nearly as worried about breaking Core functionality as I am dependent plugins.

We should do some discovery against the largest plugin consumers of the library and confirm compatibility first.

#36 @desrosj
3 weeks ago

#44087 was marked as a duplicate.

#37 @Hareesh Pillai
2 weeks ago

#29238 was marked as a duplicate.

Note: See TracTickets for help on using tickets.