Ipstenu (Mika Epstein) 7:32 pm on December 28, 2017
Tags: guidelines ( 27 )

Guideline Update

The previously proposed changes have been merged into the plugin guidelines.

It’s important to note that I do not think this is a ‘complete’ or ‘finished’ project. The guidelines are imperfect, in part because it’s impossible to create a rule for every single possible variant of a possible conflict, but also because we cannot predict the future.

There are people who are unhappy we didn’t go far enough with certain guidelines — like not saying “you may have 3 links to your own products on your pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party admin pages.” Others are unhappy we’ve gone as far as we did in certain situations — such as the 9th guideline’s prohibition against harassment.

Accepting the imperfection of English, as well as the flaws built in to creating guidelines for such a large audience, many of whom do not speak English natively, has led to situations where we have to settle. These guidelines are not perfect. They are not complete. They will be constantly evolving and adapting as we try to please and protect the majority of developers and users.

I encourage all of you to help us write them better. You can email us at plugins@wordpress.org or make pull requests on the GitHub repository. While we may not accept all requests, I promise we do listen to and read every last one.

#guidelines

Jon Brown 7:56 pm on December 28, 2017

I appreciate that these continue to improve! So first thank you for the effort here.

I do have a question about #7. How is “tracking” defined because it seems to me that loading remote hosted images, whether that be a tracking pixel or a banner ad, are common methods of tracking, yet this seems to be allowed?

I’m disheartened that there is still no guideline for the context in which notices (upgrade, up sell, update, allow tracking, ads, etc) are displayed. I’d like to see something along the lines of “notices for upgrades and upsells must be limited to displaying only on the admin settings page which the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party creates or modifies”.
- Ipstenu (Mika Epstein) 8:00 pm on December 28, 2017
  
  Loading remote hosted images is absolutely not permitted. If people are doing it, please let us know and I’ll explain that they are, indeed, violating the guidelines.
  
  I’m disheartened that there is still no guideline for the context in which notices (upgrade, up sell, update, allow tracking, ads, etc) are displayed.
  
  There are – https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#11-plugins-should-not-hijack-the-admin-dashboard
  
  Upgrade prompts, notices, and alerts must be limited in scope and used sparingly, or only on the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party’s setting page.
  
  1) Upgrades, upsell, and updates should be contextual. If you’re slapping them on every single page, you’re annoying your users, please stop.
  
  2) Tracking and remote Ads are NEVER okay unless they are 100% opt-in by the user. Period. No exception.
  
  Is there a way/place we can make that more clear?
  
  Edit: I specify remote ads here because if you include the ad image locally, then it’s not tracking.
  - Jon Brown 8:57 pm on December 28, 2017
    Thank Mika.
    
    On #7 –
    “Offloading images and scripts when not acting as a service” doesn’t scream to me “you can’t load an image from your own server”.
    
    Suggestion on that bullet point:
    
    loading assets (scripts, images, banners, tracking pixels, etc) from remote servers whether under your control or not unless part of an opt-in service,
    
    Maybe just need to ad “opt-in” before the word service, but being more explict here I think helps.
    
    As for those doing it that I’ve seen it’s most often a rotating ad banner, often on a settings page and for a premium version. Where devs want to be able to change the banner to advertise a sale or other temporary condition without pushing an update to the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party. I usually find them because things break under HTTPSHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information. or locally with airplane mode enabled. I’ll report them from now on to plugins@. I know it’s hard to find reviewing code because it’s easy to obfuscate (and best coding practice to put those domains in a define or function return).
    
    On #11 – I swear I’ve read these a dozen times. Still pointing helps. I think 11 suffers a bit of confusion from the softening language and complex sentence structures in there. It’s there, it’s just still hard to parse and easy to interpret as a weak suggestion rather than a strong guideline. FWIW, I reviewed the changes in the last few commits and those helped strengthen it but I still feel it’s not that strong or clear. I think more about how that can improve and maybe send a PR.
    
    As I said up top, I think these are continuing to improve so thank you again for your work on these, it is appreciated!
    - Ipstenu (Mika Epstein) 9:19 pm on December 28, 2017
      
      Rotating ad banners are not okay UNLESS the banner images are all loaded locally.
      
      FWIW, we’ve had only about three people try to argue that “the ad is a service.” If the image is not related to the service THIS pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party is provided, then it’s not a part of the service and therefore not permitted.
      
      I’m not sure that spelling out ‘tracking pixels are tracking!’ is going to help much. After all, if someone can’t connect that a ‘tracking pixel’ is tracking a user, then I highly doubt further explanations would help them (it has the word TRACKING in it for goodness sake). We already say opt-in in the paragraph above. If they didn’t read it once, they’re probably not going to read it twice.
      
      As for 11… It’s hard to spell that out for people in a way that I can draw a line, because every single time we’ve tried, some people just PUSH. This includes Yoast 😉 We’ve had some serious (and beneficial!) talks with them about how to phrase this right, and for the most part, annoying your users with spam all over the wp-admin dashboard hurts YOU more than them. Which IMO is fair. We’re not trying to nanny-police people, we’re trying to make sure everyone can actually use the plugins without feeling like they’re driving down a US interstate.
LittleBizzy 10:37 pm on December 28, 2017

Others are unhappy we’ve gone as far as we did in certain situations — such as the 9th guideline’s prohibition against harassment.

Not sure anyone complained about your team opposing “harassment” but rather that the guidelines do not abide by U.S. law. TOS are an agreement between a service and its users, and are legally binding (calling it “guidelines” does not absolve either party). This continually dismissive approach is opening your team members and the WordPress Foundation (etc) up to serious liability.

The guidelines also seem to be applied inconsistently depending on who you are, or which WP.org moderator is involved.

Paper trail:

https://github.com/WordPress/wporg-plugin-guidelines/pull/57

https://wordpress.org/support/topic/vastly-improve-plugin-reviews-with-this-one-weird-trick/

Thanks for all your time and efforts, and please aim for all parties to be properly and reasonably protected. Otherwise, the notion that WP.org is being micro-managed entirely by Automattic and is overrun with favoritism will never be put to rest.
dmccan 6:17 pm on December 29, 2017

Thank you. It is an important and sometimes difficult task.

Personally, I would like the guidelines to go further, for example, to not allow prompts like the JetPack backup advertisement when coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. is being updated. Imagine if you used iThemes Security and they put an ad for BackupBuddy there … you could end up with a slew of ads for related services.

Comments are closed.

Welcome to the official blog for the Plugins Team.

Communication

Guideline Update

Welcome to the official blog for the Plugins Team.

Communication

Share this:

Site resources