[wp-meta] [Making WordPress.org] #5352: Plugin Security - Add email confirmation prior to releases being processed
Making WordPress.org
noreply at wordpress.org
Thu Aug 6 18:15:41 UTC 2020
#5352: Plugin Security - Add email confirmation prior to releases being processed
------------------------------+---------------------
Reporter: dd32 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Plugin Directory | Resolution:
Keywords: |
------------------------------+---------------------
Comment (by Ipstenu):
I'm sitting on the fence about disallowing 'trunk' as a stable version. I
(personally) laud it. I'm also aware that people like to dev how they like
to dev.
> Thankfully only 15% of plugins with >= 100k active installs use trunk,
but that's still not a small number.
We have ~57k active plugins at the moment. How many of those (raw numbers)
use trunk?
My gut tells me we should make it by steps.
1. Write something for developer/plugins that explains why you don't use
trunk
2. If you use TRUNK as stable, you get alerts/warnings on every commit. An
email "Hi, using TRUNK for your stable release is not recommended [link to
article we need to write]"
3. If you use TRUNK as stable you see (when you visit your plugin page) a
warning about using trunk.
4. Make a make/plugins post about trunk, and give a time-frame for no more
support
5. Email everyone left using trunk with a link to the article and the
documentation
6. On the date, stop allowing trunk
We can also say "disable auto updates for plugins using trunk as stable"
though I don't know if the API (as is) is robust enough to handle that.
It's something we should consider.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/5352#comment:14>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list