Forum Replies Created
-
Posts
-
I agree – the quality of journalism here on WPTavern has always been exceptionally good.
I would like everyone involved to know that your good is greatly appreciated.
Someone purchasing a plugin to put malware is not going to happen.
It will be a one of the great WordCamp this year. Exited to speak at WordCamp Mumbai for First time. :D
Someone purchasing a plugin to put malware is not going to happen. At best you can expect more updates with more ads.
There have been few instances where the new owner changed the core functinality of the plugin but that is very unlikely.As long as you don’t have the plugin set to automatically update and the plugin doesn’t make any requests to the abandoned domain, then you should be okay to continue using the plugin for the time being. The worst-case scenario in that situation is that a vulnerability would be found in the plugin and there wouldn’t be an update. But considering how poorly developers respond to security issues in actively supported plugins, that isn’t a big risk. Depending on how long you are considering using the plugin and the security profile of your website, you could get a security review of the plugin done to hold you over.
If you are concerned the plugin might get taken over through the abandoned domain, you can contact the team running the plugin directory at plugins@wordpress.org about that.
An onboarding script would only address the onboarding aspect of this. It doesn’t address the larger issue of custom settings screens. For that, you’d need a much more general-purpose solution.
There is a discussion on Make Themes that gives full context of what the Themes Team is mulling over: https://make.wordpress.org/themes/2023/10/17/discussion-how-to-handle-custom-settings-screens-in-block-themes/
Some sort of script/library/framework could be a part of that discussion.
Hey Ashley, awesome Home page! I love the motto too!
Hello Lisa, I am Carlos from Mexico. I’m relatively new to WordPress too. I created a few websites with WordPress in the last two years but now I am looking to learn ReactJS and maybe Vue. I started with PHP some months ago and now I’m looking to become a WordPress programmer in the future :)
Hello Iqbal, I’m new to this forum too. My name is Carlos and I am mexican. I a currently studying JavaScript and PHP because I want to use WordPress as a developer too :)
Hi Usman,
I’m Carlos from Mexico. I’m a WordPress enthusiast and I am currently studying code (PHP, JavaScript, ReactJS), and in the future I’ll become a WordPress programmer too, but I like to learn every technology I can so I would like to merge WordPress in the future with React o Vue just for fun :)
There is also the One-Click Demo Import plugin.
It’s not an integration plugin per se, but it can import an entire website at once. Many theme stores have used it over the years as a starting point for importing themed demos.
Thanks, but that block still uses the shortcode in its underlying code. As I said before, I wanted to get rid of this – for good.
Also, it adds custom admin notices, a dashboard panel, and links to other commercial plugins. You know, non-essential things for me. My WordPress dashboard is already too cluttered.
Don’t you think we can have a bare-bones plugin, that does a simple thing and nothing else? I surely do. Hence, the above option.
Those are great questions, and learning from this situation is something that should happen. From what we have seen from the outside, it looks like the answers can be summed up in large part by WordPress’ lack of proper governance.
A group of people got in charge of the team, who to put it politely, shouldn’t have even been on the team. These were people that were unable to deal with being wrong and unable to understand that they didn’t know everything. They then blocked anyone else from even applying to join the team and refused outside help to address the problems they were creating.
While the problems with the team were very evident, there hasn’t been someone with oversight of the team that others could go to get the problems with the team addressed. So the problems were allowed to continue for years, until, for unclear reasons, the head of the team left. The lack of oversight unfortunately doesn’t look to have changed.
Making the situation worse, those people seem to be protected in the WordPress community, so there was largely silence about the problems. The WP Tavern, for example, has covered the new team multiple times, but ignored the team for years before that despite the ongoing problems being brought to their attention. The same is true for other outlets that cover WordPress. Those trying to civilly raise the issues were criticized for doing that. Bringing up the problems behind the scenes with the companies sponsoring the problematic team members was also ignored. The team members also have controlled the WordPress support forum and shut down attempts to discuss the problems there as well.
Hopefully, things are moving in the right direction now with the new team members, but so far, things are still not in great shape. Earlier this week, we found that a plugin with a publicly known vulnerability likely to be exploited is still available in the plugin directory, despite the company run by the head of WordPress having publicly claimed nearly a month before that the vulnerability existed. If the new team is actually interested in getting things right, working with us and others who have tried to help the team in the past would be an easy way to make things better.
Plugin is block and shortcode, so has both.
