Matt continues with his latest chapter in showing he is absolutely unfit to lead a company, foundation, or to be any sense of an important figure in "open source" anything. He needs to step down...
Matt continues with his latest chapter in showing he is absolutely unfit to lead a company, foundation, or to be any sense of an important figure in "open source" anything. He needs to step down and go away forever.
Any potential or initial "good point" or concern he may have ever had has been buried under absolutely asinine piles of ill will and petty behavior. I no longer even care if he had anything actually useful to say in the beginning, he surrounded it with bad faith from the beginning and continues it to this day. Any valid criticisms he has had are null and void given his actions
A manchild if there ever was one, and as a comment on the article states:
"He literally went from criticizing Musk to emulating him in a matter of months. "
We switched self-service site creation at our organization over to using a major field-specific WordPress host a couple of years ago (not WP Engine, but also not WordPress.com). Definitely feeling...
We switched self-service site creation at our organization over to using a major field-specific WordPress host a couple of years ago (not WP Engine, but also not WordPress.com). Definitely feeling a little anxious about that move now. We've got about 1000 sites in WordPress right about when WordPress's future is looking highly questionable.
For work, sure, I'll keep supporting the install and everything, but outside of work you won't catch me doing any future-focused projects or development anywhere inside the blast radius of this.
I wonder if Matt realizes that a vast number of mid-size organizational multi-site installs go where nobodies like me say they go, and if this has spooked people like me into dipping back into the CMS market in our own time, the repercussions of this kind of boneheaded decision-making are going to continue to be felt a decade from now.
I'd imagine personal sites will be fine. In the near term it will be more to do with how WordPress hosting companies interact with the existing WordPress infrastructure and how confident they feel...
I'd imagine personal sites will be fine. In the near term it will be more to do with how WordPress hosting companies interact with the existing WordPress infrastructure and how confident they feel in their ability to continue offering their services at the current prices.
What we've seen is that hosts can be singled out for not contributing enough back, or for making money that Automattic feels it should be making, and they can be locked out of the community and have their development efforts hijacked. A lot of companies that sell industry-specific WordPress multisite hosting customize it to their target audience, which isn't that different from the crime WP Engine has been accused of, so they're probably concerned right now about where they stand.
Basically I'd be thinking hard right now if I were offering popular plugins with a subscription model, or selling (or a user of) a tailored WordPress hosting service.
I kind of expected this to have blown over by now. A hostile takeover of one of the most popular WordPress plugins definitely wasn't on my bingo card, and I don't see a way to cleanly de-escalate from that. ACF isn't a default part of WordPress, so everyone who just had the publisher changed out from under them on that had specifically gone out and gotten that plugin, expecting it to be coming from a specific developer.
From where I sit, this doesn't look all that different from a man-in-the-middle attack, except WordPress attacked itself. So then, what headline will I be reading next week?
I don't think there's any imminent danger to sites, so you're probably fine for many years yet, but projects like WordPress depend on developers to have confidence in their futures to bother investing time into them. Nothing about this has inspired confidence.
It's time the rickety trash heap was retired anyway. There are some truly awful practices under the hood, including database query practices. PHP has supported prepared SQL statements for many...
It's time the rickety trash heap was retired anyway. There are some truly awful practices under the hood, including database query practices.
PHP has supported prepared SQL statements for many years now, which is the industry accepted practice for avoiding SQL injection vulnerabilities. WordPress does not use them, and actually has a facade that makes it look to plugin/theme developers that it is doing so, while it's actually just mangling strings together and doing some quote-escaping like you'd expect on PHP4.
This whole show felt far away, even though my work/art depends on Wordpress for generating an income for me, my cofounder and a couple of freelancers working for us. But with them attacking ACF...
This whole show felt far away, even though my work/art depends on Wordpress for generating an income for me, my cofounder and a couple of freelancers working for us. But with them attacking ACF like that, which is just an amazing and important tool for us that makes Wordpress so much more powerful, it came a lot closer.
We’re a paying ACF customer so as far as I know there won’t be any change for us. I just hope it stays that way. And that Matt cools down a little…
I’ve used WordPress for decades, even used to chat with Mr. Mullenweg back in the earliest days on IRC. That said, other CMS options seem fairly appealing right about now.
I’ve used WordPress for decades, even used to chat with Mr. Mullenweg back in the earliest days on IRC.
That said, other CMS options seem fairly appealing right about now.
Matt continues with his latest chapter in showing he is absolutely unfit to lead a company, foundation, or to be any sense of an important figure in "open source" anything. He needs to step down and go away forever.
Any potential or initial "good point" or concern he may have ever had has been buried under absolutely asinine piles of ill will and petty behavior. I no longer even care if he had anything actually useful to say in the beginning, he surrounded it with bad faith from the beginning and continues it to this day. Any valid criticisms he has had are null and void given his actions
A manchild if there ever was one, and as a comment on the article states:
We switched self-service site creation at our organization over to using a major field-specific WordPress host a couple of years ago (not WP Engine, but also not WordPress.com). Definitely feeling a little anxious about that move now. We've got about 1000 sites in WordPress right about when WordPress's future is looking highly questionable.
For work, sure, I'll keep supporting the install and everything, but outside of work you won't catch me doing any future-focused projects or development anywhere inside the blast radius of this.
I wonder if Matt realizes that a vast number of mid-size organizational multi-site installs go where nobodies like me say they go, and if this has spooked people like me into dipping back into the CMS market in our own time, the repercussions of this kind of boneheaded decision-making are going to continue to be felt a decade from now.
What do you feel the blast radius is going to be? I'll be needing to move my website if I'm in it.
I'd imagine personal sites will be fine. In the near term it will be more to do with how WordPress hosting companies interact with the existing WordPress infrastructure and how confident they feel in their ability to continue offering their services at the current prices.
What we've seen is that hosts can be singled out for not contributing enough back, or for making money that Automattic feels it should be making, and they can be locked out of the community and have their development efforts hijacked. A lot of companies that sell industry-specific WordPress multisite hosting customize it to their target audience, which isn't that different from the crime WP Engine has been accused of, so they're probably concerned right now about where they stand.
Basically I'd be thinking hard right now if I were offering popular plugins with a subscription model, or selling (or a user of) a tailored WordPress hosting service.
I kind of expected this to have blown over by now. A hostile takeover of one of the most popular WordPress plugins definitely wasn't on my bingo card, and I don't see a way to cleanly de-escalate from that. ACF isn't a default part of WordPress, so everyone who just had the publisher changed out from under them on that had specifically gone out and gotten that plugin, expecting it to be coming from a specific developer.
From where I sit, this doesn't look all that different from a man-in-the-middle attack, except WordPress attacked itself. So then, what headline will I be reading next week?
I don't think there's any imminent danger to sites, so you're probably fine for many years yet, but projects like WordPress depend on developers to have confidence in their futures to bother investing time into them. Nothing about this has inspired confidence.
It's time the rickety trash heap was retired anyway. There are some truly awful practices under the hood, including database query practices.
PHP has supported prepared SQL statements for many years now, which is the industry accepted practice for avoiding SQL injection vulnerabilities. WordPress does not use them, and actually has a facade that makes it look to plugin/theme developers that it is doing so, while it's actually just mangling strings together and doing some quote-escaping like you'd expect on PHP4.
https://developer.wordpress.org/reference/classes/wpdb/
https://github.com/WordPress/WordPress/blob/da2f8d9cc6e4c2feac4f16a17e171be60caed118/wp-includes/class-wpdb.php#L1395
That would have been looked at with disdain 15 years ago, let alone now. Might as well take the opportunity to move to newer, safer options.
Further escalation:
WordPress bans WP Engine from sponsoring or participating in user groups
This whole show felt far away, even though my work/art depends on Wordpress for generating an income for me, my cofounder and a couple of freelancers working for us. But with them attacking ACF like that, which is just an amazing and important tool for us that makes Wordpress so much more powerful, it came a lot closer.
We’re a paying ACF customer so as far as I know there won’t be any change for us. I just hope it stays that way. And that Matt cools down a little…
I’ve used WordPress for decades, even used to chat with Mr. Mullenweg back in the earliest days on IRC.
That said, other CMS options seem fairly appealing right about now.