v23 upgrade guide - draft

ferschubert-hm · ferschubert-hm · commit ed969c9d2c60 · 2025-05-01T16:47:35.000Z
diff --git a/other-docs/guides/upgrading/v23.md b/other-docs/guides/upgrading/v23.md
@@ -0,0 +1,115 @@
+---
+order: 23
+---
+
+# Upgrading to v23
+
+*If you are migrating from WordPress to Altis, check out the [migrating guide](../migrating/) first.*
+
+To upgrade to Altis v23, edit your `composer.json` and change the version constraint for `altis/altis` and any local environment
+modules to `^23.0.0`.
+
+```json
+{
+	"require": {
+		"altis/altis": "^23.0.0"
+	},
+	"require-dev": {
+		"altis/local-server": "^23.0.0"
+	},
+	"config": {
+		"platform": {
+			"php": "8.2"
+		}
+	}
+}
+```
+
+Once you have made these changes, run `composer update` and then run the `wp altis migrate` command:
+
+```sh
+# For cloud environments
+wp altis migrate
+
+# For local server
+composer server cli -- altis migrate
+```
+
+## WordPress 6.8
+
+Altis adds support to WordPress 6.8, "Cecil", which brings significant improvements to performance, security, and usability:
+
+- **Security**: bcrypt is now used for password hashing, replacing phpass. Application keys use stronger BLAKE2b hashing. Admins are alerted if open registration is active with high default roles.
+
+- **Performance**: Improved caching in WP_Query, better lazy loading, and speculative loading via the new Speculation Rules API for faster navigation.
+
+- **Editor Enhancements**: Updated Style Book UI, new Query Loop options (date filters, exclude sticky posts), and persistent rendering mode for editing experience.
+
+- **Accessibility**: Over 100 fixes across the admin and editor, including standardized tooltips and clearer admin notice prefixes.
+
+For more details check the [WordPress 6.8 release announcement](https://wordpress.org/download/releases/6-8/).
+
+## Headline Features
+
+### Altis Advanced Security, powered by Patchstack
+
+We're excited to launch Altis Advanced Security, a new additional add-on that provides real-time vulnerability protection for your Altis projects. Powered by Patchstack, this integration brings industry-leading virtual patching (vPatching) directly into your Altis environments.
+
+#### Why It Matters
+
+Identifying vulnerabilities is only the first step—mitigating them quickly is crucial. In many organizations, updating plugins or themes can take days or even weeks, leaving your sites exposed in the meantime.
+
+Even more critically, some plugins never release a fix, requiring manual workarounds or firewall rules.
+
+Altis Advanced Security solves this by automatically applying vPatches—plugin-level firewall rules that neutralize known vulnerabilities before an official fix is available. These rules are applied immediately and directly within WordPress, providing fast and targeted protection with minimal performance impact.
+
+#### Key Features
+
+- **Real-Time Vulnerability Mitigation**
+Instantly protects against known threats, without waiting for full plugin updates or release cycles.
+
+- **Smart vPatching**
+Only patches vulnerabilities in plugins you actually have installed, reducing overhead and improving efficiency.
+
+- **Seamless Integration**
+Works alongside Altis's built-in CDN-level WAF to provide protection across Layers 3, 4, and 7.
+
+- **Compliance-Friendly**
+Helps meet security expectations in compliance audits by proactively mitigating risks.
+
+#### What's Next
+
+We’re actively working to expand Altis Advanced Security with new features, including automated anti-virus scanning for uploaded assets.
+
+Altis Advanced Security is available as a paid add-on, billed per site. For pricing and enablement, please contact your Account Manager.
+
+### Altis Local Server Features
+
+This release includes several bug fixes and introduces new capabilities to enhance development workflows. Highlights include:
+
+#### Add Ability to Modify Docker-Compose Configuration 
+
+Altis Local Server now includes an extensible mechanism to allow for package-specific customizations of the `docker-compose` configuration. It enables developers to define additional configurations via Composer packages and have them incorporated into the `docker-compose.yml` generation process. 
+
+Learn more about this feature [here]().
+
+### Altis Dashboard Features
+
+In order to empower and improve developer experience we continue to ship self-service features and improvements to the Dashboard. In this release we are introducing a much expected feature, the ability for you to perform self-service PHP upgrades on your environments:
+
+#### Self-Service PHP Upgrades
+
+We’re introducing Self-service PHP upgrades, empowering users to upgrade their PHP version independently and instantly via the Altis Dashboard—no support request needed.
+
+Previously, PHP upgrades required contacting support and waiting for manual updates via infrastructure changes—adding delays, uncertainty, and deployment risks. Now, users can trigger PHP upgrades on their own schedule, reducing turnaround time and improving deployment predictability.
+
+This update builds on our ongoing mission to give developers greater control over their infrastructure, just like with Composer-managed WordPress versions. We're continuing to explore ways to further streamline your development experience.
+
+### Altis Core improvements
+
+We have incorporated many updates to modules and libraries in Altis to bring in important bug fixes and improvements.
+
+### Documentation
+
+Our developer focused documentation has been improved again. As usual, feedback from our customers and partners is always welcome.
+Please [send us any feedback you have](support://new).
