We’re getting close to release for 1.0, so a quick heads up on some breaking changes that’ll be shipping with this release:

• WP_JSON_Posts::prepare_author() is being removed: Use the new WP_JSON_Users::get_user() instead. (Previously a protected method, so only subclasses need worry.)
• Basic authentication is being removed: This will now be available via a plugin if needed. This is mostly of use to developers working locally; live applications should begin using OAuth authentication instead.
• Nonces will be required for cookie-based authentication: If you’re using WP API from Javascript, you’ll need to ensure you send the nonce with the request if you need authentication. Requests without nonces will be treated as being logged out, so they’re still fine for most GET requests.
• Meta data will only be exposed for requests with the edit context: This is a workaround for the issues discussed with @iandunn previously, until we have more powerful permissions tools in core.

We’ve also got some awesome features shipping with this release:

• User endpoints are now available: Thanks to the tireless efforts of tobych, the user endpoints are now active and useful! You can also use /users/me to check who you’re logged in as.
• Revision endpoints are now available: Thanks to tlovett1, post revisions are now supported at /posts//revisions!
• Post types can now use the show_in_json parameter: If you want to have a public post type, but still want to hide it from the API, you can now specify 'show_in_json' => false in your register_post_type call. This is the main resolution to the privacy issues previously discussed, props @iandunn.
• Non-pretty permalinks sites are now supported: No need for weird hacks any more; you can now access the API at http://example.com/?json_route=/ instead. The discovery methods (Link headers and RSD) now also reflect this.

Thanks to everyone involved so far, and thanks to @rachelbaker for helping to manage the project! Thanks also to those who’ve been talking about and promoting the API at WordCamps; the evangelism is much appreciated!

We’re not done with this release yet: there’s also post meta on the radar that should make it into 1.0; you’ll be hearing more about that shortly.

I also know there’s people who’d love to get involved with the project. Your best bet is to take a look at the issues scheduled for 1.1. In particular, we’re looking for help in the following areas:

• Javascript and theme developers: We have a JS library currently included with the API, but it’s in danger of not making it into the final version unless we put some serious work into it. Help is needed here; contributions always welcome!
• WP-CLI developers: As a reference client for the API, Daniel Bachhuber is planning on working on a WP-CLI client. Help will definitely be wanted in this area, as there’s a lot of the API to use here.
• Other developers: Help is always wanted on the API itself, but of special interest is the OAuth server code, which needs more testing. We also need more reference clients. If you can code in any language, we’d love your help creating clients in other languages.
• Designers: The OAuth server currently contains a thrown-together UI, which certainly doesn’t match the slickness of WP.com’s UI. We could use help here.

Thanks again!