Not every valuable contribution involves fixing broken code. Some of the most useful changes are the ones that quietly improve everyday experience — removing copy that aged out years ago, surfacing the right explanation at the right moment, or making sure a log file doesn’t silently expose things it shouldn’t. Here are four contributions that fall into that category.
WP Job Manager: Remove the stale “New” label from the Job Statistics banner
WP Job Manager is an Automattic-maintained WordPress plugin for running job boards — submission forms, listing pages, employer dashboards, the works.
The Job Statistics feature launched in April 2024 with a notice banner that included a “New” badge and a “See what’s new in 2.3” link pointing to a blog post from that release. A year later, both were still there for any site that hadn’t dismissed the banner — making the plugin look like it hadn’t been touched since the Obama administration (okay, 2024, but still).
The fix clears the label to an empty string and removes the blog-post action from class-release-notice.php. The banner itself — description, Enable and Dismiss actions, image — stays intact, since it’s still useful for sites that haven’t turned on Stats yet.
WP Job Manager: Add a square-format hint and configurable max size for logo uploads
Still in WP Job Manager: the company logo upload field on job submission forms gave users zero guidance about what format or size to use. Support threads were full of people confused about why their logos looked wrong — stretched, letterboxed, or just weirdly proportioned.
Two additions:
- A “Square format recommended (1:1 ratio).” hint rendered below the upload field
- A new Company Logo Max Size setting (in KB) on the Job Submission settings tab — enforced server-side on upload, and displayed in the field hint so users know before they try
Leaving the setting blank falls back to the PHP/Apache server default. The key UX principle here: showing the constraint before an upload attempt is almost always better than surfacing it as an error message after the fact.
WP Performance: Link to the FAQ from the Modern Image Formats settings section
The WordPress Performance plugin handles things like generating AVIF and WebP versions of uploaded images. It also generates a lot of support forum threads asking why images aren’t being converted.
The FAQ in readme.txt already had the answer (the plugin discards converted images that would be larger than the original — which is more common than you’d think). But there was nothing in the admin UI pointing users there. The Settings > Media section heading for Modern Image Formats was rendering with no description at all — its callback was __return_empty_string, a placeholder that had simply never been filled in.
The fix replaces that empty callback with one that renders a single sentence linking to the plugin FAQ. A small change, but finding the right place to surface documentation is often more valuable than writing more of it.
Kometa: Redact default values before logging config fallback warnings
Back to Kometa. When a library uses a partial settings override (say, Sonarr credentials defined globally but partially overridden per-library), Kometa’s check_for_attribute() emits a warning for each missing key — helpfully including the default value it fell back to:
Config Warning: sonarr sub-attribute token not found using abc123secrettoken as default
The problem: this warning fires before the service connection is initialized, which means logger.secret() hasn’t been called for that library’s token yet. Kometa’s log redaction works by replacing registered secrets at emit time — so if the secret isn’t registered when the message is written, nothing gets redacted. Raw API key, in plain text, in the log.
The fix is two lines: call logger.secret(default) immediately before the warning is emitted. After:
Config Warning: sonarr sub-attribute token not found using (redacted) as default
The broader lesson: log redaction systems that work at emit time have an ordering dependency that’s easy to miss. Any warning that includes a config default value is a potential leak if the warning can fire before the initialization that registers the secret.