[wp-hackers] Plugin update & security / privacy
Matt Mullenweg
m at mullenweg.com
Sun Sep 23 22:32:49 GMT 2007
Kimmo Suominen wrote:
> Why are the plugin versions sent to the server? It should be
> enough to send the plugin filename and/or name, so the server can
> return a list of current versions. The client (WP) can then figure
> out which plugins need updating.
The system was designed to keep the client side as light as possible so
the heavy lifting can be done on the server side, allowing us a lot more
flexibility and agility in adapting the service as it gets rolled out
and evolves.
For example right now nothing is done with regards to localization, but
because of the data being sent and the lightness of the client side we
could introduce that feature in the future without having to update
every install of WordPress in the world. This philosophy has worked very
well for Akismet over the past 2 years. I believe it is also the best
approach for WordPress.
Today the server does basically nothing, no logging, no analysis, no
stats, it's just designed to be as fast as possible since I don't know
what type of impact 2.3 is going to have on api.wordpress.org. In the
future, however, I think there is a lot of room to grow it, particularly
once we take updates to the next step and allow people to
upgrade/install things with one click from their dashboard.
--
Matt Mullenweg
http://photomatt.net | http://wordpress.org
http://automattic.com | http://akismet.com
More information about the wp-hackers
mailing list