[wp-hackers] Richer metadata for plugin versions

Ryann Micua ryannmicua at gmail.com
Thu Jul 12 14:47:59 UTC 2012

when you put it this way, it starts to make sense now :) especially when 
you think about the "machine-parsable" part.. we could then have a 
plugin that sends out an email when a *security update* for a plugin is 

when you think about this, what David is proposing is differentiating 
*critical* updates (i.e. security fixes) from *normal* (can't think of 
the right term) plugin updates (i.e. new features, ui enhancements)

right now, you really can't tell a critical update from a normal update 
without reading through the notices (if ever there are any).. yes, I do 
agree that site owners should generally update *all* their plugins as 
soon as they can but the way I see it, right now, all plugin updates are 
considered critical and *immediately* be updated..

this may not matter much to site owners who only have a few plugins 
installed or who have a lot of time to test and evaluate each plugin.. 
but I do see David's point, especially the 
"conserve-internet-time-because-it's-so-expensive" part.. when you 
maintain a lot of sites (assuming 10-30 plugins each site) but don't 
have the luxury of unlimited internet/time, you'll want to be able to 
know which updates are critical so you can focus on this first, then 
leave the rest for later.

yes, I've already mentioned the Upgrade notice tag, but as David has 
pointed out, it's really not structured in any way and you could put 
whatever you wish in there.

but, one could also argue that, whenever the Upgrade notice tag is 
filled out, then one could assume that the update is *important* since 
that's the only way right now (through the meta tags that is) to give a 
notice.. but I dunno..

On Thursday, 12 July, 2012 01:30 PM, 
wp-hackers-request at lists.automattic.com wrote:
> I was proposing machine-parsable, fixed-format meta data which can be
> used to programmatically resolve the question, "does this version of the
> plugin have known security problems?", just as we presently have
> meta-data which can deterministically resolve the question "is this
> version of the plugin compatible with my version of WordPress?".

*Ryann Micua*
/Web Developer/

Website: /www.pogidude.com/
Skype: /rmicua/
Mobile: /+639169273059/

More information about the wp-hackers mailing list