[wp-hackers] WordPress plugin inspections
Jacob Snyder
jacobsnyder at gmail.com
Thu Feb 20 17:58:32 UTC 2014
I think the idea of what DXW is doing is an okay one, but it should be
prefaced better with disclaimers and the "do not use" type of summary
should reevaluated to be a little more responsible.
At the heart of it, the issues his team is quickly reviewing are the same
things I look at when reviewing a plugin, and they are all good indicators
of potential problems or extra, unnecessary overhead.
*It is just irresponsibly reported right now in my opinion.*
Also, I would have no problem with DXWs posting this type of report in my
public forums. I am fine with that kind of transparency. Obviously, an
exploit should be private until a fix can be made available...
I definitely see both sides of this, but I don't think it is black and
white. Harry could do this in a way that would have some benefits (and
still piss some people off), but right now it isn't quite there, because it
can be misleading.
As chip said, right now you are asking to condemn a plugin because it is a
little dirty. That isn't helpful, but pointing out the dirt could be.
My two cents.
Jake.
More information about the wp-hackers
mailing list