[wp-meta] [Making WordPress.org] #4160: Add to w.org plugin's directory the support of additional params from readme.txt - "Coding-Standards:" (like "Tags") and "Micro-Framework:"

Making WordPress.org noreply at wordpress.org
Tue Feb 12 16:01:32 UTC 2019

#4160: Add to w.org plugin's directory the support of additional params from
readme.txt - "Coding-Standards:" (like "Tags") and "Micro-Framework:"
 Reporter:  KestutisIT        |       Owner:  (none)
     Type:  enhancement       |      Status:  new
 Priority:  normal            |   Milestone:
Component:  Plugin Directory  |  Resolution:
 Keywords:  2nd-opinion       |

Comment (by KestutisIT):

 Replying to [comment:4 Clorith] + Replying to [comment:5 dd32]:
 Ok @Clorith adn @dd32 , I will base my comment of facts and research /
 sales results:

 1. **"KNOW YOUR CUSTOMER".** At WordCamp Europe 2018 one of the main talks
 was "**WordPress in 2019**" by @noel_tock (Noel Tock), which was about
 where WordPress was 10 years ago and where it will be next year, and how
 it changed. Session - https://2018.europe.wordcamp.org/session/wordpress-
 in-2019/ , slides - https://www.slideshare.net/ntock/wordpress-in-2019 .
 From the attached images bellow, you see, that if in 2010 WordPress had a
 coverage from "representational "About.us" site" to the very complex
 website (enterprise solution), then in 2018 it is already different - the
 "About Us" websites are now fully covered by Facebook, for those who need
 a bit more modifications for the "About.us" websites - they use Wix.com.
 WordPress is used then, when either - privacy matters a lot, meaning
 everything has to be self-hosted, including internal analytics, no Google
 tracking, no policy given big company like Facebook - and Facebook does
 that a lot, it try's to set 'their favorable' political views, as well as
 even to use your friend as a 'product' by their newest "Include donation
 campaign to your birthday". So there is a lot of people who resist to that
 - but everyone who I met, who does resist to Facebook, does not install
 WhatsApp, Messenger or Facebook apps on their phones, and use Facebook
 only via Web - all they were **smart**, **tech-savvy** people. So they
 know what is PGP key, ProtonMail.ch, https and Signal App. Very often they
 also have at least basic understand about security, and this is where
 often pop-us questions about data validations and coding standards - they
 may not be a developers or so, but they have heard in one or another
 conference some term, what is secure and high-quality, and they want an
 "MVC website with S.O.L.I.D. and there has to be https and semantic
 versioning". Also they want "PHP7, and object-oriented code". That's what
 I hear often from those people. So despite they may not know exactly what
 it does, they got recommendations from their IT friends, on some Facebook
 IT group, to what to use for their product. So how to discover those
 WordPress plugins at w.org right now, whose code follows these security
 standards, and design principles - we can't, just via Google index we may
 pick-up some data from the content. White there has to be a way to do



 ''*NOTE: If someone has a question, what the empty white space in the
 middle represent there in a picture of 2018 - that is **SaaS** software -
 a niche websites, like Booking.com or AirBnb.com, that focus on specific
 problem and provide **multi-tenancy** feature - allowing customers to
 create their own profile of seller and make money''

 WordPress is much more Enterprise-accepted than it was in 2010, so that
 blue bar for today should be moved even further. The big companies started
 to trust WordPress. In Summer, 2018, I convinced probably the first
 capital in European Union - Vilnius City Municipality, to ditch their
 current custom made website, and switch to WordPress. And they did that -
 so now WordPress is being used for **PUBLIC SERVICES**. And I go even
 further - last weekend I pitched the SolidMVC, as the in VoteCraft
 hachathon in European Parliament Bureu in Vilnius. I been working in
 Digital Democracy (Online Petitions and Internet Voting) field for past 5
 years, did my scientific research, involved in to that Vilnius University
 proffers and even a Dean of Faculty of Mathematics and Informatics -
 that's how the SolidMVC has boarch - it is not just a micro-framework for
 C#'ers or JAVA'ers to start writing their code immediately without any
 need to learn additional coding standards, SolidMVC is also **secure-
 enough** to use if for **elections**, by starting local elders of city
 areas elections online with secret-voting. That includes cryptography, and
 even digital signatures - and WordPress already has plugins in E-Signature
 field like this one - https://www.secure.approveme.com/demo/ ). So things
 moving forward, and even government organizations started to trust
 WordPress security.

 3. **EDUCATE THE WORLD** 10 years ago nor Mayors of the Cities, nor
 Ministers at the Parliament had any idea about how the WordPress is
 different from Symfony, or PHP from JAVA. Today they have that knowledge.
 WordPress leads the **33% of the whole internet** - so that also put a lot
 of responsibility and ability to educate the world - educate them about
 **security**, **coding-standards**, **programming languages**,
 **frameworks**, **micro-framorks**, **principles** and **techniques**. So
 the main question is here - do we want to make the world smarter, if so -
 then let we give our customers more details about micro-framework and
 coding standards used - not everybody will digg-down to it, but **people
 and curious** - that is given to use by the nature, they will Google or
 ask - their friend or in plugins support forum - what it is, and how to
 eat that. And the message will spread.

 4. **CUSTOM-WORKS** and **STATS OF PLUGIN USERS** - By taking an example
 of mine Reservations plugin sold on Envato for ~2000 times, I can say,
 that only 15 people of those 2000 (less than 0,1%) had no idea of what
 they doing - meaning they tried to upload plugin as a theme, or whole
 package ZIP, not just the plugin's ZIP. 500 customers (20%) were
 individual developers, doing the website for their customer - they really
 did cared about security, and scalability-ensuring patterns (like BCNF-
 database structure and MVC). Then the majority of customers - 1500
 customers, where the **Agencies** (with 3-10 employees, of whose 1-8 were
 developers), who are doing websites for their end-customers, which is
 often is medium to enterprise companies (100-1000 employees). 50% of them
 did **custom-works** to the plugin. And they bought the plugin just
 because they **can do the custom works** with it. Meaning they needed the
 **MVC**, **S.O.L.I.D.** and plugin support for **Unicode CLDR**
 (Key=>VALUE pairs) to add the Geo-Data in their language i.e. country
 names, city names, phone area names and so on, on what they are working,
 and they changed the plugin's behaviour to fit their medium/enterprise
 business customer needs, i.e. a business rule, that if object is rented in
 state X, for a Y days, and it was returned before the noon, then do not
 charge additional day costs - the rules that you cannot predict by filters
 or hooks - or you would need 100,000 filters and hooks support and 1
 million pages documentation for all them. That would not work for the
 larger business, as nobody would want to learn now to hook to and what is
 the filter names of each bigger plugin.

 5. **FILTERS & HOOKS**:
  a. I love the WordPress because of it's filters and hooks - the ability
 to hook to the WordPress core **from a plugin** - but at he same time keep
 in mind that WordPress has probably over 100 people who been writing it's
 documentation of hooks in last 15 years - the regular plugin authors does
 not have this luxurity, plus **nobody would want to learn the names of
 filters of the plugin that does not have at least 1 million active
 installations and 10 millions downloads**, especially if that is web-
 agency who bought that plugin for use in that 1 particular customer's
 website and they are **done** and goes to next project.
  b. Also it is great for child themes of some kind of theme.
  c. Also, for **cross-plugin** WordPress plugins - i.e. "ReCaptcha
 integration" plugin (if it is not done by the plugin), "SMTP mailing
 settings" plugins, "Google Analytics" plugin or "WPML" language plugin
 (while I personally think that WordPress Multisite with Network-Enabled
 plugin and linking by ID's is much better, more stable, and more scalable
 solution, plus it is free).
  d. All other bigger plugins, have no need to have filter or action hooks,
 if they don't want to (''a choice in favor'') - I does complicate the
 testing of that plugin if it has UnitTests, as you don't know if the
 function 5+3 will always return 8. So instead of filters-and-hooks these
 plugins use **extension-points** for i.e. **Captcha Provider** (i.e.
 ReCaptcha), **Notification method** (i.e. SMS Provider) or **Payment
 Method** (i.e. PayPal), where they add their payment method library's
 folder to **/wp-content/plugins/GreatSystem/Libraries/** folder, and then
 use a **transpiler class**, i.e.:
 final class PayPalToGreatSystemTranspiler implements
  e. And here the **GreatSystemPaymentMethodInterface** has all the
 required method and in documention is cleary described what each method
 implementation does. So there is no need then to write a 10,000 pages
 documentation with 10,000 filter names, just make one class that is
 testable and suitable for TDD (Test-Driven-Development) and can be tested
 with PHPUnit on PHPStorm via "/wp-content/plugins/GreatPluginTests/"
 plugin, if that payment methods comes pre-installed or from '/wp-
  f. So with my, **enterprise-ready**, plugin I may hook to cross-plugin
 type plugin like WPML but not vice-versa.

 6. **WHEN THE POT (Portable Objects Template) IS GREAT**:
  a. It is cool that WordPress core made in POT. It is a platform, not a
 product for niche market, so there is no WordPost, WordArticle etc. - but
 if it would, the nobody would ever want to maintain different code-base
 for every extension - that is for what POT is absolutelly not suitable.
  b. Also the POT files are **great for themes** - I believe that themes
 has to be light and fast and **should not** go into **plugin territory**.
  c. POT files might be also great for some small one/two file plugins,
 that does not need any micro-framwork, like "EasySMTP". Also POT can be
 usefull for 'hook-based' general-purpose plugin like WooCommerce.
  d. But that is only one option. Besides the **WooCommmerce** there is
 other products, for other market needs. Especially for the companies, who
 don't like WooCommerce and it's ads-full interface and promotion of other
 WooCoomerce product / extensions in WooCommerce admin, as well as those
 who focus on fast and scalable soluctions for medium-size to enterprise
 companies, and when they look a products that have a defined use-case
 scenario, i.e. **Hotel Booking**, without any need to configure thousands
 of options before launch.
  e. So for all those 'd' cases - it is **enough** that plugin just have a
 **text-domain** registration, would apply plugin locale filter before
 loading it's language file file (doesn't matter it is Unicode CLDR or POT)
 and register **'load_textdomain'** and **'load_plugin_textdomain'** - that
 is enough that the w.org would be able to fully process through GlotPress
 the plugin name and description for translation, which is important for
 multilingual w.org website - you can see that right here - the 5 lines are
 available for translation - https://translate.wordpress.org/projects/wp-
 plugins/expandable-faq/dev/lt/default . And the Source code of the mail
 controller is here - https://plugins.trac.wordpress.org/browser
  f. The excerpt with only the 'i18n' method of SolidMVC micro-framework,
 of MVP (extension-less boilerplate) is below:
 final class MainController
     // Because loading of language text is not allowed in the very early
 time, we use constants to simulate language text behavior, just the text
 is English
     const LANG_ERROR_CLONING_IS_FORBIDDEN_TEXT = 'Error in __clone()
 method: Cloning instances of the class in the Rental System is
 __wakeup() method: Unserializing instances of the class in the Rental
 System is forbidden.';
 Sessions are disabled in your server configuration. Please enabled
 sessions. As a slower & less secure workaround you can use virtual
 session via cookies, but that is not recommended.';
     const LANG_ERROR_PLEASE_UPGRADE_PHP_TEXT = 'Sorry, %s requires PHP %s
 or higher. Your current PHP version is %s. Please upgrade your server Php
     const LANG_ERROR_PLEASE_UPGRADE_WP_TEXT = 'Sorry, %s requires
 WordPress %s or higher. Your current WordPress version is %s. Please
 upgrade your WordPress setup.';
 but %s extension does not exist neither in %s plugin directory, nor in %s
 child theme folder, nor in it's parent %s theme's folder.';
 %s extension does not exist neither in %s plugin directory, nor in %s
 theme folder.';
     const LANG_ERROR_UNKNOWN_NAME_TEXT = 'Unknown name';
 not loaded';
 '$confWithoutRouting is NULL';
     const LANG_ERROR_CONF_IS_NULL_TEXT = '$conf is NULL';
     const LANG_ERROR_LANG_IS_NULL_TEXT = '$lang is NULL';
     const LANG_ERROR_IN_METHOD_TEXT = 'Error in '%s' method: %s!';

     // Configuration object reference
     private $confWithoutRouting         = NULL;
     private $conf                       = NULL;
     private $lang                       = NULL;
     private $canProcess                 = FALSE; // Have to be in main
 controller, as we don't use that for abstract controller
     private static $dependenciesLoaded  = FALSE;

     // <..>

      * Internationalization.
      * Load the language file, only if it is not yet loaded
      * @access private
      * @return null|\ExpandableFAQ\Models\Language\Language
      * @throws \Exception
     private function i18n()
         if(static::$dependenciesLoaded === FALSE)
             throw new

         // Singleton pattern - load the language file, only if it is not
 yet loaded
         if(is_null($this->lang) && static::$dependenciesLoaded === TRUE)
             // Assign routing to conf, only if it is not yet assigned
             $conf = $this->conf();

                 throw new

             // Traditional WordPress plugin locale filter
             // Note 1: We don't want to include the rows bellow to
 language model class, as they are a part of controller
             // Note 2: Keep in mind that, if the translation do not exist,
 plugin will load a default english translation file
             $locale = apply_filters('plugin_locale', get_locale(),

             // Load textdomain
             // Loads MO file into the list of domains.
             // Note 1: If the domain already exists, the inclusion will
 fail. If the MO file is not readable, the inclusion will fail.
             // Note 2: On success, the MO file will be placed in the $l10n
 global by $domain and will be an gettext_reader object.

             // See 1: http://geertdedeckere.be/article/loading-wordpress-
             // See 2: https://ulrich.pogson.ch/load-theme-plugin-
             // wp-content/languages/<PLUGIN_FOLDER_NAME>/lt_LT.mo
             // wp-
 load_plugin_textdomain($this->confWithoutRouting->getTextDomain(), FALSE,

             $this->lang = new \ExpandableFAQ\Models\Language\Language(
 $this->confWithoutRouting->getGlobalLangPath(), $conf->getLocalLangPath(),
 $locale, FALSE

         return $this->lang;
     // <..>

Ticket URL: <https://meta.trac.wordpress.org/ticket/4160#comment:6>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org

More information about the wp-meta mailing list