Plugin Directory: Community
As one of two 3.org groups tasked with improving the WordPress.org Plugin Directory, the Plugin Directory: Community (PDC) group has read through all the Potential WordPress.org Improvements and has weighed what ideas would best improve the community and would be manageable to do before development on WordPress 3.1 starts. This group is tasked with improving the user interaction with the directory, the authors, and the rest of the community. Here are the ideas that have made it to the final round of the selection process:
- A standardized taxonomy for organizing plugins and making tags more relevant.
- Allow filtering of plugin search results based on version compatibility.
- Allow the community to publicly ‘Like’ plugins.
- Allow plugin pages to display hash-style URLs from the Read Me file.
- UI Improvements for i8n support.
- Allow users to publicly review plugins.
- Small UI changes to the Plugin Directory
- Plugin Adoption Stats
- The formation of a Plugin Security Review Team.
PDC would like for each of you, members of the WordPress community, to look over these ideas and suggest ways of how they could be best implemented. We would like each of these ideas to be sustainable for the long term, meaning they would not create overwhelming work for people contributing to the community or have a negative impact on portions of the community.
To get the ball rolling with one of these ideas, the Plugin Security Review Team, we would like to suggest that responsibilities and obligations of this team be ramped up in stages. Instead of just throwing nearly 11,000 plugins at the team and having the them read every line of code, the team would pro-actively develop solutions that would aid developers in making their own plugin more secure. The Plugin Security Review Team could provide detailed tutorials, presentations, working examples, scanning programs, or any other ideas as they see fit.
The PDC group is open to ideas, suggestions, and help, feel free to contact any of our members: Peter Westwood, Austin Matzko, Dan Cole, Brian Layman, and Michael Torbert. Hopefully with the communities’ help and feedback we will be able to implement all of these ideas.
Mike Schinkel 9:18 pm on July 30, 2010 Permalink
One idea I’ve been bouncing around is to have a color-coding (and an accessibility equivalent) for plugin ratings based on the number of ratings a plugin has. Clearly a plugin with one 5 star rating (typically from it’s own developer) looks good at first glance but that rating means little. I’d far prefer to see a 4 star rating for a plugin that has been rated 100 or a thousand times.
Suggestion: Calculate and graph the distribution of the count of ratings that are given to plugins and then find natural break points in the distribution much like how a college professor grades on a curve. Hopefully you’ll find between 4 to 7 ranges and then for each range assign a color for the stars starting with a gray and moving toward a bright yellow. The plugins with less vivid colors but high average star ratings will give an easy indicator that a few people think highly of the plugin, but the few plugins with very vivid stars and a high average star rating are the real winners. Thoughts?
Utkarsh Kukreti 8:04 am on July 31, 2010 Permalink
Something like Bayesian Average could also be used.
Mike Schinkel 9:53 am on July 31, 2010 Permalink
Even better idea!
Gautam 8:29 am on July 31, 2010 Permalink
Can you elaborate on plugin adoption process? IMO, only some ellegible members should be allowed to take over abandoned plugins. Otherwise, people/companies may take over it, put some ads/more links/bad coding/spam/footer links etc.
Peter Westwood 1:53 pm on July 31, 2010 Permalink
We don’t have a particular process in mind yet.
It is one of the things we intend on trying to create over the next few weeks as part of the output of our 3.org team
Dan Cole 4:49 pm on July 31, 2010 Permalink
Were looking into doing a more detailed version of plugin stats, looking at user adoption. The PDC group decided that allowing developers to adopt plugins belonged to the Plugin Directory: Support & Management group. I think both Plugin Directory teams should chat to clear up some of the gray areas between the two tasks we’ve been assigned to.
Mike Schinkel 8:15 pm on July 31, 2010 Permalink
Other things I’d love to see about plugins are 1.) when first available, 2.) how many updates. A plugin that was first uploaded last week is less likely to be mature than one first uploaded 2 years ago with 17 updates, for example.
mark. 4:12 am on August 1, 2010 Permalink
“Allow the community to publicly ‘Like’ plugins.”
I had to double check I wasn’t on Facebook… Is this a replacement for the star rating, or is it just to tie into the community profiles (ie, Jon likes x plugins)?
Dan Cole 3:30 pm on August 1, 2010 Permalink
When I worded that, I was thinking of the WordPress.com ‘Like’ button. My thoughts were for something in the community profiles, where people could see how many plugins you like, as well as the list of those plugins. Each plugin page would also have a list of people who liked the plugin. I didn’t think of replacing the star rating system, but it’s a possibility if people are on-board.
mark. 4:45 pm on August 2, 2010 Permalink
This is semi-unrelated to my original post, but what I’d like to see before completely new features are added is a few updates to the old ones; case in point, people shouldn’t be allowed to say “Doesn’t Work” without filing a report (can be private or public) as to why it didn’t work for them.
I hate seeing that on my plugins and not knowing what to do to help fix it. If it’s a valid issue people should have no problem entering a two line description (or more if they’re really nice!) and if it’s just a bad day for somebody it would slow them down enough to reconsider.
Dan Cole 2:04 am on August 3, 2010 Permalink
Mark, the report part of the “Doesn’t Work” problem, is on the PDC list. The bullet of it was kicked off this post because of a poor choice of words that obscured things.
Jane Wells 11:51 pm on August 1, 2010 Permalink
I don’t love the Like idea. I’d rather have a place in profiles where .org users can ID what plugins they actively use, and show their ratings/reviews for them.
Paul Gregory 8:28 am on August 2, 2010 Permalink
Profiles should list all plugin reviews, positive and negative.
A “plugins I actively use” section could be useful too, but I think people would be more likely to fill this in if their efforts made their life easier. I know the focus is on the .org site but this data could be fairly easily made available to WP to make it easier to add commonly used plugins.
So whenever I set up a new site, I could go to Plugins > Add New, change the dropdown to “User”, search for my own ID and easily see my favourite plugins. Even more usefully, I could see a colleague’s list (or vice versa). This would save a lot of time.
I’m not fussed whether adding plugins to my profile list is called “Like”, “Add to Favourites” or “Add to public list of plugins I actively use but may merely tolerate”. I suspect however that a phrase that is widely understood but inaccurate will prove most suitable.
Dan Cole 1:58 am on August 3, 2010 Permalink
I realise now, that ‘Recommend’ would have been a better word to use to describe my view.
Hopefully this 3.org update will continue as a full-time gig for a few developers, because their are a lot of useful things that could be done to the WP.org site. I’ll be sure to create WordPress.org Trac tickets for the great ideas that are not developed.
Dan Cole 1:50 am on August 3, 2010 Permalink
To go further into you view Jane, what would your vote (+/-1) be for 1) Bookmarking plugins, 2) Marking plugins as favourites, 3) Showing actively used plugin, 4) Reviewed plugins, 5) Recommending plugins? Basically, I’m trying to get at how exclusive/inclusive should using, ID-ing, and reviewing plugins be?
Mike Schinkel 2:14 am on August 3, 2010 Permalink
@Jane: If people have to work at recommendations the 90-9-1 rule[1] says only 1% of users will do it.
What about adding a new plugin to be distributed with WordPress called (something like) “Rate My Plugins” that will let users from their own WordPress dashboard give their opinion of the plugins that they are currently using and have their recommendations submitted by to 3.org? Such a plugin could put notices on their dashboard showing plugins they’ve not rated and/or written a recommendation for complete with a one-click way to make specific notices go away. And If they want all notices to go away they go simply disable the plugin. This plugin could ask for a rating on deactivation too.
Of course this would only be worthwhile if bundled with WordPress because <1% would actually take the effort to download and use such a plugin. Worth consideration?
[1] http://www.useit.com/alertbox/participation_inequality.html
@Dan: +1 on the continued development of 3.org.
Mike Schinkel 4:53 pm on August 2, 2010 Permalink
I’d really like to see anonymous reporting back to WordPress.org on plugin usage so we could generate stats on what plugins are really in use.
Azizur Rahman 10:07 am on August 3, 2010 Permalink
Anonymous reporting is good but in some environment it would not be allowed. I have worked in such environment.
Andrew Nacin 6:51 pm on August 5, 2010 Permalink
We have reporting via the plugin update check. We don’t collect what is active and what isn’t, nor do though I believe we should. But we can provide plugin developers with basic aggregate stats they can use to identify which versions of WP they should support, whether they can force PHP5 without deserting a lot of their userbase (no longer an issue, but a historical example nonetheless), etc.
Mike Schinkel 6:55 pm on August 5, 2010 Permalink
@Azizhur I guess I should have been explicit with my assuming optionality of this request.
@Nacin: Why should we not collect which plugins are in use, anonymously and with explicit approval by the site owner? It would be hugely beneficial to know which ones are actually being used vs. just which ones were downloaded for evaluation.
Andrew Nacin 8:20 pm on August 5, 2010 Permalink
Mike, that sounds like a good idea for a plugin that, as a primary purpose, puts plugin ratings (works/doesn’t work, +1/-1, reviews, etc) directly in the administration area.
Mike Schinkel 8:33 pm on August 5, 2010 Permalink
@Andrew I guess I was bitten by the implication again; see elsewhere on this page where I said “Of course this would only be worthwhile if bundled with WordPress because <1% would actually take the effort to download and use such a plugin." Without a large and non-self selected sampling (ignoring the opt outs) the statistics generated would be meaningless.
Andrew Nacin 9:22 pm on August 5, 2010 Permalink
Let me clarify/amend my position. I do think we should be collecting active versus inactive stats. I think the whole ‘explicit approval’ thing confused me with something else I’ve been thinking about.
Azizur Rahman 10:11 am on August 3, 2010 Permalink
I would like to see the Plugin Security Review Team clearly label or block plugins download from wordpress.org that has verifiable vulnerability until the author/developer fixed it. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wordpress has list of some of them.
Dan Cole 11:39 pm on August 5, 2010 Permalink
In the immediate future, this will not be possible to do. The team would have to read millions of lines of code, most of which are not standardized, or clearly laid out. However, if things with the Plugin Security Review Teams go well and the team decides to move in this direction, then maybe we would see labelling or blocking of insecure plugins in a year or two by this new team.
Andrew Nacin 11:49 pm on August 5, 2010 Permalink
I’m pretty sure the current policy is to disable any plugin listing that has a major security flaw pending a fix. Labeling a plugin as abandoned, etc. (what have you) is fine, but for seriously insecure plugins, the proper contact would be plugins@wordpress.org or security@wordpress.org, I think.
Sergey Biryukov 11:55 pm on August 10, 2010 Permalink
It would be great to have the Plugin Directory available in different languages, along with the plugin descriptions and installation instructions.
Brian 11:54 am on October 2, 2010 Permalink
I like the idea of user profiles with plugins used, ratings and reviews. I don’t need to know the name but I would love some stats on users to determine authority. 1 idea — “__% of users that downloaded this plugin also downloaded X, Y & Z plugins” My biggest pet peeve right now though is the search functionality. This should include: the version, which could use: reported by dev, broken/works data. I would also suggest forcing login to download this could then be used to track downloads and request feedback. Users could then see what they have already looked at, reviewed, rated and a feature I would love would be the ability to remove plugins from searches so they don’t keep looking at the same plugins. Login would also increase reporting, reviews, rating for better dev feedback.