[wp-trac] [WordPress Trac] #30465: Dashboard alert if a plugin/theme was removed from WordPress repo

WordPress Trac noreply at wordpress.org
Tue Oct 29 07:17:37 UTC 2024 

#30465: Dashboard alert if a plugin/theme was removed from WordPress repo
---------------------------------------------+-----------------------
 Reporter:  sergej.mueller                   |       Owner:  (none)
     Type:  feature request                  |      Status:  reopened
 Priority:  normal                           |   Milestone:  6.8
Component:  Security                         |     Version:
 Severity:  normal                           |  Resolution:
 Keywords:  dev-feedback security has-patch  |     Focuses:
---------------------------------------------+-----------------------
Changes (by dd32):

 * milestone:  Future Release => 6.8


Comment:

 Moving to 6.8 for consideration. Pending a lot of work and discussion
 elsewhere.

 I'm fairly not-in-favour of this due to the limited information collected
 about plugins on WordPress.org when it comes to closure reasons. As noted
 in comment:7 above, further data may need to be collected / set on the
 WordPress.org side before this can be considered ready for use.

 I'm especially concerned that if this is merged as-is without extra action
 occuring elsewhere, the text will end up being changed to be overly
 alertism of "This is DANGEROUS! You need to replace this plugin!11!11"
 which is a disservice to majority WordPress users and developers.

 Work will also needs to be done with the WordPress.org plugin review team
 to ensure that the reasons cover a wide enough range of cases, to unify
 the closure reason text between Core and WordPress.org, and to ensure that
 plugins can be adopted and maintained by others when required. There are a
 shocking number of plugins closed for mundane reasons (including mundane
 security issues). Or where the plugin is closed as `guideline violation`
 because their email is bouncing, because although the plugin is perfectly
 working today it's author is unreachable.

 As noted, the PR is blocked by #53333 as the 1.2 updates API returns the
 autoupdate data differently, so this is intentionally blocked until issues
 are resolved (or someone wants to test and run forward with that ticket
 too)

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/30465#comment:45>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list