Static WordPress Community

Removal of WP2Static from wordpress.org

Just to avoid alarm - this was actioned by me. Something I’d hoped to do a lot earlier and in a much smoother manner, but I see this has thrown some alerts to users via some WordPress security plugins because it was delisted from wp.org.

Backstory:

There are some great benefits to being listed on wp.org plugin repository:

  • discoverability
  • ease of installation / updates
  • looking legit
  • some page authority in search engines

And, a few downsides:

  • no built-in way to contact users to alert about important updates
  • another support channel unable to disable (wp.org support)
  • users using Reviews section to file issues
  • SVN / cumbersome release process (ie, must lint PHP 7.3 plugin for 7.2 compatibility or won’t commit)

Another aspect is that it was almost too easy for people to install WP2Static/Static HTML Output when in the wp.org repository. This lead to quite a few people installing it on their live production servers and expecting some magic performance improvement, which is not the way it’s intended to be used.

There’s also a minor aspect of my idealism regarding WordPress. Though I love the community around it and have enjoyed attending and speaking at a few WordCamps, I’m less enthused by the industry and commercial side of WordPress. In promoting a plugin which “solves some of WordPress’ major problems”, I’d rather not be stepping on eggshells about what I can say about some of the larger sponsors of WordPress. I would like to quickly shout out to Mika and Otto from the WP plugins team, who have always been quick to respond for so many years and along with the other members of the wp.org team do an excellent job.

Well, I’m not a big fan of GitHub/Microsoft either, but in terms of keeping open source collaboration as inclusive as possible, it makes sense to keep it there for now. I did try to self-host my own git and move away from it earlier in the year, but it was not done well enough to justify.

Security-wise, there’s little security benefit to being hosted on wp.org - after initial plugin submission, nobody is manually reviewing the code quality on any subsequent releases I push. Add to that no two-factor authentication on wp.org for plugin developer accounts (as far as I can tell), means it’s a risk to have that account compromised and malicious code pushed out to the 10k+ active users. I feel a bit safer with more eyes on the code in GitHub (about 700 stars on WP2Static and growing number of Static HTML Output).

Please let me know any concerns you may have with the delisting else, don’t worry about it and you can still download from the GitHub links or by visiting https://wp2static.com/download/

Cheers,

Leon

2 Likes

Possible option

https://plugins.trac.wordpress.org/browser/cookie-law-info/trunk/cookie-law-info.php#L80

image

You did a fantastic job with your project. I’d really like to see you continue, with as little loss of exposure as possible. On the flip side, I have to say: You don’t seem to belong in the Etsy/E-Bay/Shopify melange that WP.org plugins has become.

I understand–as much as I can without being you–the frustrations of being a round peg in the square, commoditized WordPress ecosystem. I feel the same “ungrateful cad” cringe at saying anything but high praise about WordPress. I guess I am a cad: When I search WP’s catalog for a plugin by its unique name, I couldn’t stand the “curated” results that buried the one I sought. I took to wpackagist.org. No pictures, and all your plugins and PHP components in one file.

I shared your distaste/distrust for Microsoft glomming onto Github for instant open source legitimacy. I prepared for Github to disappear inside the Windows/Azure/Visual Studio vortex. Microsoft did pump gallons of Github mojo into Azure DevOps Repos. Then MS removed its fangs, restored old policies and let Github be Github. At least enough so to keep me from jumping ship.

Bottom line: I wish you every success, whatever that means for you. Enjoy the upcoming holidays. And if you can hear this not as a cliche’, robust heath to you and yours.