+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: WP-SpamShield Plugin Removed from WordPress.org, Author Plans to Pull All Plugins from the Directory

WPTavern: WP-SpamShield Plugin Removed from WordPress.org, Author Plans to Pull All Plugins from the Directory

The WP-SpamShield plugin was removed from the WordPress.org directory this week due to what the Plugin Review Team has deemed a violation of the guidelines and a possible miscommunication.

Two weeks ago, the author of WP-SPamShield and the author of the Plugin Organizer plugin exchanged contentious remarks in a support forum thread where each accused the other of targeting each others’ plugins. This resulted in both parties adding code that disabled the others’ plugins, and both were asked by the Plugin Team to remove the code.

WP-SpamShield’s author, Scott Allen, has published an account of his interactions with the Plugin Team with updates for users who are monitoring the status of the plugin. Although the team rarely discloses why a plugin was removed, representative Mika Epstein responded to Allen when he said he had not received an answer about what guideline the plugin had violated:

Sorry, I thought it was clear that it’s issues regarding the forum guidelines and rule #9:
Intentionally attempting to exploit loopholes in the guidelines.

To whit, you were asked to make a change and did so incompletely. If this was not intentional, then I apologize.

I’ve sent you a followup email, trying to clarify what we would accept as solutions to the issue (I came up with 3 options, but I’m open to hearing more).

I understand why you’re angry and we will respect any decision you make regarding this. Nothing that has happened thus far is insurmountable or permanent.

In the post Allen published, he said his experiences with the Plugin Team over the past 10 years have caused him to decide to move his plugins off of WordPress.org. When I contacted him to see if he plans to update his code according to the Plugin Team’s suggestions, he said he doesn’t agree with the solutions the team is offering, nor their assessment of the situation.

“They really were not solutions,” Allen said. “It was just rehashing the same issues we’d already discussed. Unfortunately, neither Otto nor Mika have the security expertise to be making the dictates they were making, so there were no realistic solutions.”

Allen also claimed that Epstein’s report about him making a change and it being incomplete was not accurate and that the Plugin Team did not seem to be on the same page:

We literally did exactly what they asked and made the changes. Two weeks ago Mika had emailed me and indicated things were good. (No code updates since then.) Then two weeks of silence, and then angry email from Otto out of the blue yesterday telling us it was booted. The issue he brought up was different code.

The two of them cannot make up their minds on what is acceptable, and what is not. The arbitrary removal was the last straw though. WordPress.org is the only venue that would do that. We repeatedly asked them what rule we broke, to no answer. Only after I called Mika out on the forum did she come up with something – Rule 9 – exploiting a loophole in the rules. Seriously? It’s impossible for developers to comply with rules that are constantly changing.

Allen confirmed that his team at Red Sand Media Group plans to pull all seven of its plugins from WordPress.org as the result of the incident but will continue maintaining and hosting them elsewhere.

“Developers cannot operate like that,” Allen said. “People depend on us. While it might hurt a bit in the short term, in the long term, we have to do it. There really need to be some major reforms to the way plugins are handled.”

WP-SpamShield was installed on more than 100,000 WordPress sites before it was removed. There is currently no standard way to notify users why a plugin was removed from the directory, but the original dispute between the WP-SpamShield and Plugin Organizer authors is public, as well as a few exchanges between Allen and the Plugin Team. Allen said he is still working out the details of how to notify users that his plugins will be hosted elsewhere from now on.

“We’ll come up with a good plan in the next few days,” he said. “Some people have been notified already because WordFence let them know yesterday that WPSS was removed. (They knew before I did.)”

Samuel “Otto” Wood said the Plugin Team is still willing to put Allen’s plugins back up if he removes the code in question and that the team is not offended by a plugin developer being angry over a decision. At this time Allen appears to be unwilling to comply with the team’s most recent requests.

In the meantime, users who know that WP-SpamShield was been removed are waiting to hear if they need to begin looking for a replacement. Allen said that users shouldn’t need to replace the plugin, since the it will continue to work as before. However, some users are not comfortable installing free plugins hosted outside of WordPress.org. Allen’s team is figuring out a plan for how they will deliver updates to the plugin and will post more information for users on the Red Sand Marketing blog.



Source: WordPress

Related Post
WPTavern: WordPress 5.0.2 to Bring Major Performance Improvements, Scheduled for December 19

WPTavern: WordPress 5.0.2 to Bring Major Performance Improvements, Scheduled for December 19 Processed with VSCOcam with c1 preset WordPress 5.0.1 was released yesterday as a security release with fixes for seven vulnerabilities that were privately disclosed. It includes a few breaks in backwards compatibility that plugin developers will want to review. WordPress 5.0.2 will be […]

Read more
WPTavern: WPWeekly Episode 341 – Recap of WordCamp US 2018

WPTavern: WPWeekly Episode 341 – Recap of WordCamp US 2018 In this episode, John James Jacoby and I recap WordCamp US 2018. We discuss what’s new in WordPress 5.0.1 and when users can expect to see 5.0.2. We also chat about the new path that WordPress is on and where it may lead. John shares […]

Read more
WPTavern: WordCamp US 2019 to be Held November 1-3 in St. Louis

WPTavern: WordCamp US 2019 to be Held November 1-3 in St. Louis photo credit: Wikimedia Commons Dates for WordCamp US 2019 were announced today, less than a week after wrapping up a successful camp in Nashville. Unlike all previous years held in December, next year’s event will take place November 1-3 in St. Louis, Missouri. […]

Read more