[wp-hackers] WordPress plugin inspections
jamie at wunderdojo.com
Wed Feb 19 20:27:44 UTC 2014
I had the exact opposite reaction to Chris Williams. Literally a week
ago I was talking to someone about the need for more rigorous evaluation
of plugins. I find that I now use only a small handful of plugins that I
have extensive experience with because of the lack of any quality
If that sounds a bit harsh, I'd suggest enabling DEBUG and mysql slow
query (at something like 1 second) and then test out various plugins.
And that's just the blatantly obvious stuff. I won't point fingers, but
I recently had issues with one pretty popular plugin and when I went
into the code to poke around I found that it is fundamentally flawed in
the design -- so much so that I rewrote it and will be sending the
author the new code and explanation.
I understand that a cursory review is subjective and prone to
misstatements, but it's at least a step in the right direction. Perhaps
the next step would be for Harry to formalize some kind of process for
responding to / contesting reviews and to encourage community
involvement (maybe via this list) to "review the reviews" if you will.
I'd be happy to get involved in a process like that if the end result
were a base of plugins that had been scrutinized by some of the WP
brains on this list.
And if, at the end of the day, he harnesses that power to help build a
business, I don't see anything wrong with that either. I think 99% of us
are using WP to make money and it seems to me like he's identified a
clear need and at least attempted to address it -- which is pretty much
the story of every successful business.
Founder / CEO
1840 Park Newport, #409
Newport Beach, CA 92660
Master web & app developers
------ Original Message ------
From: "Chris Williams" <chris at clwill.com>
To: "wp-hackers at lists.automattic.com" <wp-hackers at lists.automattic.com>
Sent: 2/19/2014 12:17:17 PM
Subject: Re: [wp-hackers] WordPress plugin inspections
>I certainly can't speak for others, but I would venture to say that
>business model is evil at best. You do fly-by character assassination
>(oops, I mean "light-touch inspections"), based on personal bias ("this
>plugin is large"), and then broadly publish the results as if they are
>somehow authoritative. Worse yet, you then hold plugin developers at
>ransom for changing the review: "If you would like to commission us to
>inspect or review the latest version, please contact us."
>How this is of value to anyone, and how you sleep at night with this
>specious business model, is completely beyond me.
>On 2/19/14 10:43 AM, "Harry Metcalfe" <harry at dxw.com> wrote:
>>We write and publish light-touch inspections of WordPress plugins that
>>we do for our clients. They are just a guide - we conduct some basic
>>checks, not a thorough review.
>>Would plugins which fail this inspection be of general interest to the
>>list and therefore worth posting? Is the list also interested in
>>vulnerability advisories, or do people tend to get those elsewhere?
>>Here's an example report:
>>Grateful for a steer...
>>07790 559 876
>>wp-hackers mailing list
>>wp-hackers at lists.automattic.com
>wp-hackers mailing list
>wp-hackers at lists.automattic.com
More information about the wp-hackers