For v2: offer the ability to turn off features most people don’t need or want, and start growing our own plugin and theme ecosystem.
When it comes to developing a CP plugin ecosystem, may I suggest implementing some type of review/rating system? I prefer selecting plugins which pass security and coding standard reviews, rather than depending solely on downloads or end-user comments.
Hi @edsuth, thanks for your suggestion. I’ve moved your question here for further discussion.
Who would complete these security and coding standard reviews, in your opinion? How often would the plugins be reviewed? Would they all be subject to re-review every time there was an update to ClassicPress core, and/or when there was an update to the plugin itself?
There may be no need for a discrete reviewer. Potentially, these security standard could be folded into the other requirements for inclusion in any CP plugin collection. My overriding push is to differentiate – not replicate – WordPress development standards. Too often, WordPress leaders focus on pushing out every possible plugin for every potential use, leading to security holes. If the CP community wants to go beyond simply removing Gutenberg, quality – not quantity – must be a touchstone. Naturally, that will reduce the number of potential plugins available. But should making simple plugins created simply to patch programming holes (when a bit of knowledge would suffice) be a reason for plugin inclusion?