Potential idea for showing plugin ownership change.

That is the question posed by Ian Atkins in a recent ticket for WordPress.

“I’ve experienced a few plugins change ownership, and it’s really not clear as a user, developer, and maintainer of sites when that has happened,” he wrote in the ticket. “Whilst having a plugin continue to be developed is admirable — I do think it would be wise to inform users of that change.”

For full disclosure, the ownership change that prompted Atkins to create the ticket was from the Members plugin. I am the former owner of the plugin and sold it to the MemberPress team in 2019 (I was a full-time plugin and theme developer before joining WP Tavern). Having been both a plugin author and user in this scenario before helps mold my viewpoint.

I agree with the idea. WordPress should have some mechanism for notifying users of changes of ownership. The more transparency that exists in the ecosystem, the healthier it is for all.

As a plugin author who was letting go of a project that I had worked nearly a decade on, it was tough to say goodbye. I had built friendships and trusted users who walked beside me on my journey. I posted on the company blog, Twitter, Facebook, and the WordPress support forums. I replied to emails, PMs, and more. I wanted to be as transparent with my plugin users as possible. When the plugin was out of my hands, there was no way for me to reach out to the 1,000s of users who did not follow me on social media or the blog. The new owner was as transparent. Even today, a year later, some users are just now realizing someone else is running the show.

In hindsight, perhaps there was more we could have done. Maybe there was more WordPress could have also done and can do in the future. There are valid concerns from users.

Atkins lists three primary reasons for his proposal:

  • There might be privacy policy changes that have impacts on what data is shared and how it is shared. Legally, depending on location, this may have to be communicated to end-users (under GDPR, etc.).
  • The plugin may change direction or add features that were not originally included or required under the stewardship of the prior owner.
  • The plugin may have changed hands to a developer or development house that a user knows isn’t as reliable as the previous owner.

He also asked whether the plugin team reviewed ownership changes. Changing owners is a simple task, and these changes are tracked internally.

Mika Epstein, a Plugin Review Team representative, said that the team could make such changes public. The biggest flaw with that system is that it is not always possible to know when a plugin’s owner changes. Sometimes, an entire company is sold, which would include ownership of the WordPress.org account. She also cited situations where serviceware plugins change hands in unobvious ways.

“I want to be clear, I’m not against this!” she said in a follow-up response. “I’m for this! I just want to be clear that we’re going to receive MAYBE half of the changes.”

Half would be better than none. An automated system may work to create notices in some situations. However, an addition to the plugin review guidelines may also be part of the solution.

Plugin authors could also take it upon themselves to implement an ownership-change notification. This may be one of those use cases for the much-maligned admin notices that is worth exploring.

At this point, we are just asking the question of whether WordPress should create a system in which users are notified of plugin ownership changes. What would you like to see in terms of solutions?

I want to see continued progress on the transparency front. Atkins’ first list item is the most important. If there are privacy policy changes or a plugin deals with personal data in any way, users need to know when the plugin has a new owner. They should be able to make a decision about their continued use of the plugin with all the facts laid bare.

Like this:

Like Loading…



Source link