[theme-reviewers] Guidance on theme security

Gene Robinson emhr at submersible.me
Wed Oct 20 16:36:22 UTC 2010

I now see the flaw in my earlier suggestion that we should suggest "backward compatibility" in the guidelines. My suggestion and the topic of "How far back?" do we allow with regard to review is an unnecessary abstraction and over complicates the process.

As it stands function deprecation is a determining factor for code quality and I think it should remain that way without having to weigh backwards compatibility. 

> I don't see how it conflicts with core philosophies. We're not talking *all* Themes, but rather only talking in the context of Themes hosted by the official WordPress Theme Repository.

I'm at odds with your saying "We're not talking *all* Themes" when you disparage the quality and security of themes that are not in the official repository. In this I am noting your recent blog post, which I appreciate on many points btw.

> So... The stuff in Thematic -- which I'm just seeing now, after I left the comment, so I didn't realize how much came from that -- it made me cringe. Should receive a security audit at some point.

Nacin, Thanks for the guidance and for the reality-check on Thematic's security. It will be addressed. 


More information about the theme-reviewers mailing list