[wp-trac] [WordPress Trac] #33374: Improvements for the messages visible in the plugin manager
WordPress Trac
noreply at wordpress.org
Fri Aug 21 04:35:41 UTC 2015
#33374: Improvements for the messages visible in the plugin manager
-------------------------+---------------------------------
Reporter: dziudek | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Plugins | Version:
Severity: normal | Resolution:
Keywords: | Focuses: ui, administration
-------------------------+---------------------------------
Comment (by dd32):
> “This plugin has not been updated for more than 2 years” - some plugins
are no longer developed and can contain vulnerabilities which are not
managed by the plugin developer
IMHO A plugin not being updated in more than 2 years for an existing user
isn't something we need to point out, plenty of plugins continue to work
without issue past the 2 year mark. The plugins directory does alert and
remove it from the search results however, as for a new user, it's more
likely the plugin won't work as intended.
> “Security update” - it would be great to provide the plugin authors a
possibility to add a message that the current update is a security update.
Then users will know that they should update their plugin immediately
(Currently I often check every changelog to make sure that I can made an
update in weekend).
We allow for a `Upgrade Notice` to be set at present, plenty of plugins
have used something of the form of `SECURITY UPDATE: x.y.z is an important
security update, all users should update`. Many plugins skip this and/or
don't know it exists. We also don't make it as prominent as we could in
the update UI. (See the [https://wordpress.org/plugins/about/readme.txt
example readme.txt file].
> “No longer in directory” - some plugins were removed from the repository
and of course are no longer maintained - it is a similar issue as the
first one. Additionally it will help users to detect plugins which was
accepted but breaks the WordPress.org rules.
Plugins get removed from the directory for all kinds of reasons, often
temporarily (security issue, guideline violation, license violations, and
of course no-longer-maintained just to name a few) drawing attention to
most of those isn't in the best interests of the vast majority of plugin
users IMHO.
These are just a few initial thoughts, and isn't designed to say "we
shouldn't do any of these" simply to point out some pitfalls.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33374#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list