Again a complete misunderstanding from the original point of my topic.
I give up and will board my plane now.
Again a complete misunderstanding from the original point of my topic.
I give up and will board my plane now.
I agree as long as we can make sure that doing this doesnât break peopleâs sites.
Is it ok to point out when there are problems with a suggestion, or should we just silently agree?
I like to believe that this is just a misunderstanding.
However, @pieter and @timkaye rather than just stating we donât understand could you further explain your side of the argument?
readme.txt
- it just seems like unnecessary work when everyone knows it isnât a breaking change. I am happy to hear another argument as to why we should do this, I do understand it shows they are active but there is a tradeoff.I am certainly in favor of promoting (4). And I think the tradeoff you mention in (2) militates strongly in favor of what @pieter and I have been saying. Itâs a very small requirement, and it will help to indicate who is playing an active role and who isnât.
I think you have a stronger point with (3). Itâs one of the reasons why, instead of complete delisting, Iâd also be happy to go with @viktorâs suggestion of preventing further downloads with an accompanying notice to that effect. It would enable potential forkers to see which formerly listed plugins are no longer supported and encourage them to look further. It would also avoid the issue of delisting and relisting a plugin.
The real controversy seems to be over (1). Letâs use an example to illustrate the point. A developer builds an invoices plugin that relies on an e-commerce. A user installs the plugin without that e-commerce plugin, because it isnât available in the directory. What happens? Either nothing, or else the user gets a notice saying that the e-commerce plugin needs to be installed. So no problem there.
Letâs try a different tack. In this instance, the user has both plugins installed, but the e-commerce plugin is then delisted or made unavailable for download. What happens now? Nothing at all. The two plugins work together as before. Plugins that are already installed donât stop working just because the source from which they came no longer exists.
The only real issue arises if (a) the invoices plugin is updated to require a later version of the e-commerce plugin and (b) the latter is not available in the directory. But thatâs on the invoices plugin developer. Either s/he should be checking that the e-commerce plugin is still available, or else s/he should be running a dependency check before the new version gets installed. Sure enough, @pieter does this in the Classic Editor Addon plugin he co-created.
So that takes us neatly back to (4). The proposal (or that of simply making further downloads unavailable) would not only reward active devs but also encourage good practice.
No, youâve missed a crucial point about how dependencies need to work! In any sane package management system, it is impossible to install a package without its dependencies.
So what happens under this example? Installing the invoice plugin fails with an error because its dependency is not available.
This would be a really bad user experience, and it is worth avoiding one way or the other.
Actually, @james, I thought I did. I said:
A developer builds an invoices plugin that relies on an e-commerce. A user installs the plugin without that e-commerce plugin, because it isnât available in the directory. What happens? Either nothing, or else the user gets a notice saying that the e-commerce plugin needs to be installed.
Whenever Iâve had the experience of a pluginâs dependencies not being satisfied, I get a message telling me just that. I donât see any problem with that experience because it provides the explanation I need.
How would you resolve the dependency in this case?
The WordPress ecosystem has never had a dependency management system that works anything close to well. Existing solutions are ad-hoc and not user-friendly.
In my opinion, having to hunt down and manually install unlisted dependencies would also not be an acceptable user experience.
That may still be the direction we ultimately go, because this is a hard problem to solve, but it is worth discussing first. I donât want us to end up with a user experience that is broken under certain cases because we didnât think them through.
As I indicated in a previous comment, I think the primary responsibility is on the developer whose plugin has a dependency. So Iâm not sure it needs any resolution at the directory level.
This is the way things stand today, but our stated goals for ClassicPress v2 require that we do better than this.
Also, no established package management system works this way, because it is a backwards and ineffective approach. To name just a few systems Iâm familiar with that have solved this set of problems: apt
on Linux, npm
for JavaScript, composer
for PHP, and go get
for Go.
True, but that doesnât mean that we need to change everything.
True again, but not necessarily relevant. Whatâs becoming clear is that the disagreement here is over the questions of whatâs easiest for users compared to what may be desirable for developers doing complex work. These donât appear to yield the same answer.
Yes, exactly. I think itâs important to discuss these trade-offs.
Now that Iâve made my point about how our goals for dependency management would impact the topic of this particular thread, I expect we will continue the rest of the conversation around dependencies elsewhere.
Edit: I started a new thread about plugin dependencies.
Just to reiterate my point to include dependencies.
If a plugin isnât updated or abandoned, then it will become âinactiveâ. This means that users canât download or install it (doesnât show up in search), and directory page will have a clear sign that this plugin is no longer maintained or abandoned.
If a plugin is a dependency of another plugin, then CP can still automatically install it when parent plugin is being installed.
When a plugin becomes âinactiveâ and it is a dependency of other plugins, authors of these plugins should be notified their dependency plugin became âinactiveâ and should be considered for replacement.
Iâm using âinactiveâ as an internal label. It can be whatever, thatâs just what I use for this discussion.
This rewards active developers, ensures users donât use outdated/abandoned plugins, and also ensures dependencies are not broken.
Yâall are making this way more complicated than it needs to be.
Wild West
The plugin directory is open to anyone who isnât actively harmful.
For those users who are looking for guidanceâŚ
Compatibility With Current Version
Set a âCompatibility Ratingâ
Prioritize listings by rating, only show rating=4 by explicit consent (e.g., âshow me all plugins, even if they arenât compatibleâ)
If a plug-in dev canât be arsed to check the plugin with a clean install of the current CP version and update a simple text file, then they should be bumped down the list.
Olympic Ranking
Rather than the common â5 starâ ranking system, move to a more granular system (percentage?). Then remove the outliers (as is standard in statistics). So (for example) ignore every review under 10% and over 95%. Eliminate the fanboys and haters from the equation.
Badges
CP needs to make money. Use the plug-in directory to do so.
Develop a clear and well-defined set of criteria for âcertification levelsâ. Bronze means âworks with the most current V.x version of CP and the most popular pluginsâ. Platinum means "works with the most current V.x.x version of CP and has no conflicts with any Badged plugins.
Plugins can pay to be assessed for certification at each level (e.g., platinum, gold, silver, bronze).
Badges would heavily influence search rankings.
Find the right balance of Certified, Approved, and Popular, and you have a valuable listing of plugins.
And a great marketing tool.
And a great source of income.
Those are good ideas, but they are not relevant to the topic at hand. What happens to plugins that are not maintained or abandoned?
As it seems, everyone wants CP directory to be well maintained and listing updated plugins. Nobody wants the wild west that is WP repo, with thousands of abandoned plugins that can cause serious harm.
So the question is, what do we do with plugins that become outdated or abandoned?
Some folks want to de-list (delete) those plugins. But that poses a problem for plugin dependencies, which isnât a problem for WP since they donât offer it.
We did find some common ground on labeling these plugins clearly with a warning message and making them unavailable for download or installation, unless they are installed as a dependency.
Though the admin panel, but through the website Iâd still have them listed so people can adopt/takeover
So the question is, what do we do with plugins that become outdated or abandoned?
You keep them in the repository, flag them as âabandonedâ, and set a default filter to exclude them from searches. If someone wants to see and install abandoned plugins they have to click âshow abandonedâ, confirm the understand the risk, and click âshow meâ (3 clicks = âtell me three timesâ).
At that point, itâs âtheir problemâ, and CP wonât support their installation.
Treat plugins the same way companies treat hardware: OEM, Approved 3rd-Party, and everything else. The first is guaranteed, the second has limited support, and the last is specifically discouraged, unsupported, and entirely the responsibility of the user.
This is SOP for industry and has solid legislation and legal precedent to back it up.
This also neatly solves the previously discussed issues with dependencies: âoutdatedâ plugins donât appear by default, but they can still be installed when another plugin requires it.
Iâm a real-world very-small-type developer. I know CSS well and enough PHP to modify a template without breaking anything, I generally start with a theme I like and modify it to extreme lengths. About half are WooCommerce sites so will be able soon, I hope, to commit to CP.
Now one of my favourite plugins is called Flexi Pages Widget - and the description is just perfect. Just nothing comes close. I curate it myself so I can vouch for it on the 4.9.9 generation. Updating is just a paper exercise. But it was last updated 3 years ago. So a perfectly good, safe plugin would be axed,
It is so simple to test, that it must not be impossible for it to be placed under a âcuratedâ category?
@ColinP: maybe not in this specific case, but not updating a plugin for 3 years generally means that it is forgotten and may or may not work.
Weâre also open to considering other solutions here - such as a button maintainers and/or users can click to say âyes, this plugin still worksâ.
Implementation of this is still a ways out. Weâll be back and asking for help & feedback as we work through this and other plugin directory tasks