Some of us (particularly @1stepforward!) are aware that the Classic SEO plugin inherited a load of obfuscated JavaScript files when it was forked from Rank Math, and the authors of Rank Math have declined to assist in any way. It’s particularly frustrating for ACF users because there’s a bug which interferes with the SEO scoring mechanism for custom fields.
Because Rank Math is in the WP repository, it has to abide by the repository’s guidelines, and I’ve found that guideline 4 states the following:
Obscuring code by hiding it with techniques or systems similar to p,a,c,k,e,r ‘s obfuscate feature, uglify’s mangle, or unclear naming conventions such as $z12sdf813d , is not permitted in the directory. Making code non-human readable forces future developers to face an unnecessary hurdle, as well as being a common vector for hidden, malicious code.
So I decided to email the main WordPress plugins email address as follows:
I need to inform you that the plugin “WordPress SEO Plugin - Rank Math” (URL below) violates at least one of the repository guidelines. Rank Math SEO – WordPress plugin | WordPress.org
Guideline 4 states (paraphrasing) that code must not be deliberately obfuscated. Here is the reference: Detailed Plugin Guidelines | Plugin Developer Handbook | WordPress Developer Resources
However, all the JavaScript files in the “assets/admin/js” folder of Rank Math plugin are obfuscated.
This makes it impossible to verify the plugin’s lack of malicious intent, and prevents other developers from investigating bugs or developing integrations.
I would appreciate if this matter could be investigated and hopefully resolved so that future tags contain human-readable JavaScript files.
Yours etc.
Well there you go folks, there’s the response. Knowing their reputation for agressiveness I would expect nothing less.
What they haven’t said is that the Github repo they created 17 days ago doesn’t contain the source files for any earlier versions of the plugin.
So for a very long time they were in breach of the WP repo guidelines, even if, strictly speaking, they aren’t now.
But it’s still virtually impossible to debug Rank Math on a live site unless their build process can be replicated, because the source JS files don’t have a 1:1 relationship with the distribution files.
Just want to start off by saying it is not my aim to antagonize Rank Math. I was grateful to be able to use RM as a base for Classic SEO and RM certainly seemed to be the preferred option among the ClassicPress community.
Having said that, I do believe RM could have been more helpful. It’s taken RM a long time to embrace the open source philosophy and I’m still not sure they have even now. Their GitHub repo was only created on or around 11 June 2020, probably to coincide with the release of v1.0.44 (although there’s no mention of this in the release notes).
Just as aside, I did come across this in the many fruitless times I’ve searched on Google for a Rank Math repo: [ link removed - see below ]
So that does appear to show that RM hasn’t always been helpful.
I also agree with @anon95694377 that the source files on the repo bear little resemblance to the compiled files. So, all in all, it’s still not very helpful and does absolutely nothing to address the “future developers to face an unnecessary hurdle ” issue in the WordPress guidelines.
Yes. I have spent a bit of time playing around with jsnice and although it does help a little, it still leaves a lot of code that is difficult / impossible to follow. So far, I’ve been able to make any changes that are necessary to the compiled code but I know that’s not an option longer term.
Well it appears that Rank Math have removed the page I referred to in my earlier post and, instead, redirected the URL to their GitHub repo. For reference, the link used to be
It also seems that Rank Math have done their best to remove the page from Google cache and the Wayback Machine (web.archive.org). What they can’t do, however, is to remove the copy of that page from an old backup of my browser’s cache.
Here’s the page, with the subject Unminified Source, that Rank Math seem so desperate to hide:
Oh well, I guess I stirred the hornet’s nest, but with people like that it was going to happen sooner or later anyway. They don’t embrace open source. They grudgingly tolerate the letter of it (though not the spirit) when they have no other option. When Rank Math was selected as the fork base my immediate thought was “this will be interesting”.
RM was a popular choice with the CP community. I’ve always known we wouldn’t get any help from RM but I spent a good while evaluating all SEO plugins and examining the code of each and again, RM seemed like the better option.
But in any case, as I see it, they are still in breach of the WP guidelines. And possibly GPL.
Once I’ve got version 1 of Classic SEO sorted, my priority is to then look at the JS and your help (and anyone else’s) would be greatly appreciated.
The unnamed [email protected] person (they never sign their emails) finally replied, and said:
They are not obfuscated, but they are heavily minimized.
It makes it harder (and more annoying) to read, but it does not qualify as obfuscated. It’s basically right on that line.
WordPress just need to take a look at their own guidelines and ask themselves “will RM’s code force future developers to face an unnecessary hurdle”, the answer to which is undoubtedly “yes”.
