What’s The Deal with Invalid Reviews?

tl;dr: Don’t make reviews for your own pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party(s) using other people’s accounts. We will remove them and warn you first, and if it keeps happening, your plugin will be closed.

There have been a lot of reviews being removed for being invalid in ways beyond a ‘normal’ sockpuppetSockpuppet A false online identity, typically created by a person or group in order to promote their own opinions or views. Generally used to promote or down-vote plugins en masse..

We know this is messy and scary because any time we say ‘Do bad things, and your plugin(s) will be closed!’ is a terrifying prospect. We really do know that. We really don’t want to do it, which is why we warn people instead of just closing everyone who makes mistakes. Our goal is, and has always been, to make a place where users can download functional, safe, plugins that solve the problems faced by users.

At the same time, we know that developers want people to use their plugins, and one of the ways that happens is by being popular. And yes, one of the ways to become ‘popular’ is to get a lot of good reviews. Which is how we get here. Sometimes people leave reviews for their own plugins. Actually, a lot of the time.

We’re not talking about an individual developer using their developer account to leave a review on their own plugin. While that’s weird and pretty pointless in the long run, it’s not currently prohibited and we leave those alone unless you’ve been flagged for fake reviews in general. Instead we recommend you not review your own plugins since it doesn’t help you out. People generally assume you like your own plugin, so your users won’t learn anything from the review, and since you left it yourself, you won’t learn anything either, making it a net-loss.

The kinds of reviews we’re talking about is when someone (or a group of someones) makes multiple accounts with which to leave reviews about plugins. And this is a global issue. Fake reviews are a huge problem not just on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/. Amazon in particular is filled with fake reviews, and they’re getting harder and harder to spot. It’s an ongoing battle to spot them before they get ‘too bad.’ We aren’t perfect, and that’s why the first time we see someone leaving fake reviews, we warn them. What happens after that is usually pretty telling.

One big thing to keep in mind, reviews are for two purposes:

  1. Your users can see how other people feel about your plugins (and how you handle bad reviews)
  2. You can see how people really feel about you and your work

Both of those things, when they’re positive, can help your plugin become more popular. And of course, if they’re negative, it can hurt you. Which is why people work so hard to earn and merit positive reviews.

What is a fake/invalid review?

A fake review is a review made by someone who is not your actual user.

Sounds simple, right? If you write a review for someone else about your own product and hide who you are, that’s fake. The most common reason this happens is that an intern or a marketer gets the bright idea to share customer stories on the WordPress.org review system. The problem? They’re posting for the customer, which is making a fake review.

Another common way to make fake reviews is to use sockpuppets.

What’s a sockpuppet?

A sock puppet or sockpuppet is an online identity used for purposes of deception. The term references the manipulation of a simple hand puppet made from a sock, and was originally referred to a false identity assumed by someone to hide who they are and talk up themselves.

For example, if you make a second account and post a question about your plugin and then reply as your normal account? You’ve made a sockpuppet.

Sockpuppet accounts are very commonly used to leave positive reviews on plugins.

What’s an invalid review?

An invalid review is one that was made under duress or other promotional encouragement, or one that was made on behalf of a real person.

For example, if you offer a discount for your products if a user leaves a review, then you’ve actually just bribed them for a review, which makes it an invalid review. When people are compensated for a review, they generally leave better ones than they might if you just asked. Related to this, if you tell someone you won’t refund their money unless they leave a positive review, you’ve blackmailed them, and that too is invalid.

As another example, if someone leaves a great review for you via email or on your website, and you help them make a user account on WordPress.org (or make it for them) just to leave that review, you have invalidate their review. We have no way to be sure you didn’t alter the review, and your involvement could have altered the review content simply by being there.

Another kind of invalid review would be one made by someone with a personal, or professional, relationship to you. In other words, if you ask your parents or co-workers or people who share a co-working-location to leave a review, you’ve inadvertently asked them to make invalid reviews. This is a little touchy, since sometimes they are your users. The issue here is that people who know you are more include to leave favorable reviews, but also they can tell you to your face (virtual or otherwise) how they feel. You don’t actually need their review, and they can be more honest by talking to you via your existing connections.

A counter to this is sometimes your friends do legitimately use your plugin and see the note “Please review!” in wp-admin and leave you a review. Those are totally fine and rarely raise red flags.

How do you know the review isn’t real?

More or less the same way people know when a term paper is plagiarized.

There are significant tells in most reviews that give away the actual author. We also take into account things like the age of the user (that is, how long ago did they create their account), what their other actions were, where they logged in from, what their digital footprint is, what their email is, etc etc. Then we compare that to all the other reviews made for that plugin and for other plugins and themes around the same time.

Or, as we tell people, we have a complex set of heuristics, as well as researchers who are experts with tracking down users.

Why can’t you provide details?

Two reasons which sum up as privacy and security.

First, the more we let on about exactly how we do this, the more people will learn about how to get around them. It’s like spam. The more spammers know about how they’re caught, the more they work to get around those limits.

Second, and this is more important, some of that information is private. Telling people exactly who did the bad thing, how we know, and sharing IPs and emails, is a privacy violation. It would run afoul of GDPR related laws, which by the way is also the case in some states in the US (like California).

I reported a review/account as fake, why did someone tell me it wasn’t?

Because it wasn’t.

The majority of reviews reported as ‘fake’ come from developers reporting a brand new user whose only post in the forums is a negative review on their product.

This does not mean the account is fake. It doesn’t even mean the review is invalid. It means someone was angry enough to make an account and leave a review. That’s a pretty painful thing to get, I know, but just because someone doesn’t like your work doesn’t mean they or their comment is invalid.

We use our tools to check on the account and will remove anything that we can prove is fake, but a lot of the time it’s really just angry users.

I heard you track VPN usage, is that true?

No, we don’t track VPN usage, but we do take it’s use into consideration.

There’s nothing wrong with using a VPN. I’m writing this post on one. What’s wrong is people using VPNs to get around things like bans or to hide their accounts. That’s why flagging the use of a VPN (and which specific VPN it is) is a part of our process, but it’s not the ultimate be-all and end-all of things.

Keep in mind, there are certain VPNs utilized heavily by malicious actors. Some specifically exist to be used to generate fake reviews. If your company is using a VPN, make sure it’s a legit one (not one of those free, fly by night, ones).

What happens if my plugin is flagged for fake reviews?

First of all, you’ll get a warning. In general this is how everyone finds out about being flagged. We will make a note in your plugin as well as on the accounts used.

In that warning email, you will be told why you got flagged, that we saw the reviews and they’ve been removed, and that all suspect accounts have been suspended. We have read-receipts on our emails, so we know if/when someone read it. That means the situation persists, and no one read the email, we will close your plugins to force you to pay attention. If it keeps happening after that, you will find your plugins and account closed.

The email also explains that all we want is for the fake reviews to stop. Mistakes happen, please don’t do it again.

Why did some of my reviews vanish and I wasn’t warned?

That means either you noticed before you got the email or (more common) we figured out someone else was trying to frame you. We usually don’t tell you so as not to scare you. Removing invalid reviews is a regular occurrence for every single review-platform, and if we told you every time we removed a spam or fake review, you’d get real tired of it real fast.

Some valid reviews were removed, how do I get them back?

In most cases, you won’t.

We know that the reviews appear valid to you, but we can see things you cannot. Just for an example, a real user of yours wouldn’t use a VPN from Russia and a disposable email address to leave that glowing review which is identical to another review also left from Canada and a different VPN at the same time. Also some users think it’s a great idea to make fake accounts to promote you. We have no idea why they think that, but we will remove those and the user will be banned, so all their reviews become invalid.

There’s also a common trend where companies make reviews for people. They get a good testimonial and make a review using that. Sounds smart, but it’s still spamming.

What do I do if I get warned for fake reviews and I know I didn’t do it?

As horrible as this sounds… Are you sure? Double check. Do you work with anyone else? Do you share a co-working place with others? Do you and your company all use the same VPN? Did you ask a bunch of people at an in-person event to leave a review? Did your spouse tell you how cool your plugin was and leave a review? All those things can set up warning flags because they mimic suspicious actions.

If any of those sound familiar, fess up. Just tell us “Hey, I’m sorry, I asked my coworkers/spouse/family to leave reviews. I didn’t realize how that looks.”

If you’re still certain you didn’t do it, just tell us. “I don’t work with anyone else, and I know I didn’t do this.” We’ll check again. It’s possible that someone’s trying to attack you, and while we make every effort to be as certain as we can be that it’s not that, we’re not perfect any more than you.

We are very well aware how painful and scary the email is, and we’ve worked on the language to try and make sure it’s less so.

I got warned for fake reviews and it was my fault. Now what?

Apologize and don’t do it again. Seriously, that’s it. Mistakes happen, and it’s okay if you make one. Just don’t repeat it. We absolutely, totally, forgive honest mistakes.

We do remind you to make sure everyone who works with you on the plugin knows this. You are responsible for the actions your employees/coworkers/etc take on your behalf. If they spam, you are on the hook for their actions. Usually we see repeat infractions come from that.

I got emailed that one of my support reps was banned for fake reviews. Can I help them resolve this?

In most cases, yes. However you will be asked to formally take responsibility for all of that person’s actions on WordPress.org for as long as they represent your company. That means everything they do is your responsibility and if they violate any guidelines, you will be on the hook for that infraction.

In some cases, the person is permanently banned and that generally means it’s related to previous guideline issues. If that is the case, we will explain that, under no circumstances, are you to help this person regain access. We recognize that sometimes employees or staff go rogue, and we are attempting to insulate your from their behavior.

How can I be sure I won’t be accidentally flagged for fake reviews?

Glad you asked! Besides the obvious (don’t hire people to boost your review rating), you should be aware of the following:

  • Don’t ask people you work with (either the same company or share a coworking space) to leave reviews
  • Don’t ask people to leave a review in your physical presence
  • Don’t ask your family/friends to leave reviews
  • Don’t offer people a ‘reward’ for reviews (that’s bribery)
  • Don’t make accounts for people to leave reviews
  • Don’t require a review for anything (i.e. ‘You get a free X if you leave a review!’)
  • Use only reputable VPN services (if it’s free, don’t use them)
  • Make sure every person you work with, who uses the WP.org forums, has their OWN account

How do I get more valid reviews?

You can (and should) ask your users! Put a notice on your plugin settings page. Make a dismissable alert that asks people to review. Post on Twitter or your website. But really? It’s down to asking your users in a kind, and non spammy, way. Those people will leave the reviews you need.

Why I shouldn’t ask people I know to leave reviews?

I understand why people get confused about this one. Asking people for reviews is fine, but then to say asking people you know isn’t? Yeah that sounds weird. But the crux is to think about what a review is for in the first place.

A review is someone’s experience with your plugin. For good or ill, it’s them using the plugin and sharing their story.

If you’re asking people to leave reviews to learn about what they do and don’t like about your plugin, then there’s no point to asking folks you know since you can just … ask them. In turn, they can just tell you to your face how they feel. Also they’re generally more inclined to leave good reviews, though I will admit we’ve seen someone leave a 1-star review for their spouse.

Interestingly, that review was invalid, as the review was a personal attack on the developer.

Questions? Concerns?

Have a shout.

#guidelines, #reminder, #reviews

Change to How Long Active Reviews Remain Open

tl;dr Starting in October, you will have THREE (3) months to complete your review before we reject it.

This will not affect most of you who actively read this site.

For a very long time, we’ve allowed plugins 6 months to finish a pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party review. That’s more than enough time for any reasonably attentive developer to make changes (especially considering the majority are ‘please sanitize/escape’).

In January 2021, we had 596 ‘pending’ reviews, which meant there just under 600 plugins that had been reviewed and we were waiting on a reply/completion. We’re seeing over 800 in September.

That rise is out of step with the number of plugin submissions. In fact, if you look at our posts to Make/Updates, you can see we’re pretty stable around 140 plugins submitted a week, but the “pending; replied to” value is inching up.

Since the majority of those plugins that don’t reply or finish in 3 months aren’t going to any time soon, we’re changing our policy to try and be more sustainable and less work. From now on, you have THREE months to finish a review before we reject it.

What about existing plugins/reviews through September?

There’s no change to existing submissions. Which means the “Reject all reviews pending completion” logic works like this:

  • Sept 30 – 6 months (i.e. from March ’21)
  • Oct 31 – 6 months (i.e. from April ’21)
  • Nov 30 – 6 months (i.e. from May ’21)
  • Dec 31 – 6 months (i.e. from Jun ’21)
  • Jan 31 – 6 months (i.e. from Jul ’21) and 3 months (i.e. Oct ’21)
  • Feb 28 – 6 months (i.e. from Aug ’21) and 3 months (i.e. Nov ’21)
  • March 31 – 6 months (i.e. from Sept ’21) and 3 months (i.e. Dec ’21)
  • April 30 – 3 months and older (i.e. Jan ’22 and before)

Yes, it’s a little messier for us, but it’s the most fair we can be to existing reviewers. It would not be kind to pull the rug out from under them.

What happens if I take more than 3 months?

Just keep replying to the review! We’ll work through it with you and tell you to resubmit when the review is good. That also lets us fast track you since you’ve worked so hard!

Can’t I just resubmit right away?

You could, but we’d pend your review and ask you why you never finished the previous one, which means your whole review will take longer, and we’ll make a note on your account about not following directions.

What if I can’t reply because I deleted/lost the review?

We get it. Mistakes happen. We’ve all deleted the important email! Email us at plugins@wordpress.org from the account/address that submitted the plugin and we will re-send it for you.

Why did I get rejected if I never got a review?

There are two cases where this could happen:

  1. Your plugin was rejected right away. In those cases we email you with an explanation as to why, so please wait an hour. You should get a followup.
  2. Your email ate the review email. A number of services (including Gmail) can be configured in a way that might cause you to have a review misplaced through no one’s fault.

In both cases, reply to the rejection email and ask.

Is this automated?

Not yet, no, but I’d like it to be eventually.

UYes, this means every month end, someone goes through and selects all submissions from a time period and changes the status en bulk.

Why did you rejected my plugin after you emailed and said it was approved?

Human error. Or internet greebles. Probably the first. We do our best, but sometimes a mouse didn’t click when we thought it did, or a human got distracted, and mistakes happen. Those are generally our mistakes, and we are sorry when that happens.

Please email us back and tell us. We’ll get you fast tracked and sorted.

I have another question not answered!

Have a shout in the comments.

#reviews, #timeline

Plugin Reviews Disabled (And More about the Support Forums)

Reviews will be broken until about September 5.

This is directly related to the support forumSupport Forum WordPress Support Forums is a place to go for help and conversations around using WordPress. Also the place to go to report issues that are caused by errors with the WordPress code and implementations. maintenance.

Per @jmdodd:

We’ll do our best to keep this window short, but for now the choice was between closing reviews for 4 days or closing all of the support forums for 24 to 48 hours.

The MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. team felt (and I personally agree) that it is far more important to have support forums than the reviews. And the support forums were unsustainable. So while this is a wrench in your plugins, it’s far far better than no forums at all for Labor Day Weekend.

Updated Sept 2 0233

From @otto42

Consider this an announcement: all pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party/theme connections to the forums are currently considered broken. We expected that. It will take a few days to restore this, and that’s considered acceptable losses, for now. We will be working to fix these issues over the next few days, and it will be corrected as we get to it. In other words, we are aware of the issues and working to fix them.

Updated Sept 2 1628

You may have noticed you can’t do some things in the forums anymore. This is known. Please read Forum Bugs and Broken Things before you complain. Here’s a list of what you’re probably trying to figure out. ALL of these are being working on. Don’t fret. Enjoy your weekend.

  • Plugin authors can’t sticky
  • Plugin committer/author support views don’t work
  • Plugin authors can’t resolve threads
  • Pinned topics are unpinned in plugin forums
  • Plugin Authors aren’t labelled as Plugin Authors
  • Cannot subscribe to plugin forums

#forums, #reviews

Reminder: Do Not Compensate Reviewers

It was brought to our attention that some pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party developers on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ have used various third party services to find new users for their plugins and to have them leave reviews on our site.

It’s time for a reminder.

We do not allow for compensated reviews to be on our site, by any means whatsoever, and consider those reviews to be disingenuous.

The WordPress.org plugin and theme directories are for users to write their experiences, not for companies to use market their products. A compensated or recruited review should be posted on someone’s own site, the reviewers own site, or the 3rd party site itself.

While you may not consider getting a product free (or at a discount) to be compensation, we do. It messes up the system, which really is meant for people who legitimately use a plugin to leave a review of their experience. It’s also misleading, in our eyes, because it was not made by an actual user of the product in question.

Asking an existing user to leave a review is one thing. Emailing your user base, while possibly annoying to many people, is totally fine. Reaching out to new people and saying ‘please try and review’ inflates the number of reviews in an unnatural manner.

You may have heard about how Amazon does permit reviews like that, as long as the reviewer “clearly and conspicuously disclose[s] that fact” in their review. We’re not Amazon, and being a much smaller community, we’re able to monitor our reviews in a tighter manner. Paid reviews, compensated reviews, or recruited reviews are all the same idea. You’re ‘paying’ someone to review.

The Consumerist has a long article about this, asking Is Amazon Doing Anything To Fight Latest Wave Of Fake, Paid-For Reviews? This article illustrates the issues these kinds of reviews cause, primarily they break the trust a reader has in any review. Also keep in mind that companies like Yelp hire people to blacklist companies who reward people for leaving reviews.

This is just something you should avoid and reviews that are found to have been compensated for will be removed.

#bribery, #reviews

Plugin Review “Inconsistencies”

A few people have complained that they feel the review process is inconsistent. I’d like to take a moment to explain exactly why that happens. The tl;dr is, of course, humans make mistakes. But if you really want to understand what’s going on, read on!

There is no automated review process

This is the big thing. Every single pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party is opened and read by a human being. We download the plugin, read it, and try to catch the myriad things that are wrong, insecure, not permitted, etc. And we’re humans. We do our best to scan/grep for things we know are easy to find (like I love checking for wp-(con|load|blog) to see if that’s being called). But a lot of times things are buried or hard to catch.

This means mistakes are made. We don’t claim to be perfect. We claim to try our best to give you the best review we possibly can for your sake, as well as your users.

Some replies are canned, the process is not

I’m sure a lot of you have gotten an email starting with this:

There are issues with your plugin code. Please read this ENTIRE email, address all listed issues, and reply to this email with your corrected code attached. It is required for you to read and reply to these emails, and failure to do so will result in your plugin being rejected.

Yes, that’s a canned auto-reply. In order to get through reviews faster, we have replies for the common issues. Right now I have 60 in A-Text. That means there are at least 60 problems with plugins I see every single day.

This makes us able to keep up with reviews. It’s impersonal, we know, but we try to cite examples from your plugin to help you understand what needs your attention.

We don’t test your plugin on all environments

Sometimes we do. But really that’s your job, not ours. We do if we notice things that are weird and we think may be problematic. Some days we test on VVV with PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. https://www.php.net/manual/en/preface.php. 5.6, sometimes it’s HHVM, and sometimes its PHP 5.2. Why? It depends on what we have available just then.

This means sometimes we catch that you coded something for PHP 5.3 and up and sometimes we don’t.

Every new version is checked top to bottom

Think about that for a second, please. If you submit a plugin and we pend it for changes, and you send us the new version, we read the whole thing all over again. Every. Single. Time. We check to make sure you did your changes first, yes, but then we go back and re-read everything to make sure we didn’t miss anything, or you didn’t accidentally add in something new.

This is why, sometimes, you get an email that starts with “We missed this before…” or “This is also not permitted because…” We’re giving you the best review we can.

No, we don’t list everything wrong

It’s not what you’re thinking. Every time we do a review, we list everything we see that’s wrong. We do not list out, for example, every instance of a non-sanitized/validated POST call. We do not list out every single usage of script tags instead of enqueues. We will give you an example, especially if you miss some on your first edit, but we expect you to know how to search your own code.

This helps you learn how to better vet and review your own code. Also it saves us a little time.

There are multiple people doing reviews

Some of us are better at some thing than others. When we find a plugin we don’t feel confident in reviewing on our own, we raise a flag and ask our cohorts to spot-check our work.

This also lets us hand off troublemakers. Let’s be honest here, folks, we don’t all get along with everyone. When it’s clear we’re at an impasse with someone, we ask each other for help.

Our goal is protecting users first, then you

The people we care about the most are the users who can’t code or who don’t understand the severity of things like offloading CSSCSS CSS is an acronym for cascading style sheets. This is what controls the design or look and feel of a site.. You may think it’s trivial and makes your plugin smaller. Someone in another country could find them sued for not disclosing it. Or your plugin may not work because Google is blocked where they are.

We care about protecting the users from XSS and SQL injections. We care about protecting their information. We care about keeping them safe. But we care about you too! We’re so techy about you documenting ‘This plugin calls service XYZ’ because, yes, the users have a right to know where their data is going, but also because you deserve not to have a slew of angry 1-star reviews that you didn’t tell them.

This is a tricky road to walk. Some people may get exceptions. Some people may teach us more about code! Some people may be told ‘no’ flat out.

Guidelines evolve over time (so do security best practices)

We’re constantly looking over the guidelines and evaluating them for clarity, consistency, supportability, and real-world applicability. Have you read our Detailed Plugin Guidelines lately? You should. Similarly, our security checks have gotten better over time. We used to allow you to call wp-config.php directly. We don’t anymore. The more a specific vulnerability is targeted, the harder we are on your code to ensure you are not the weakest link.

This is for your protection! We’re doing our best to make sure you don’t get dog-shamed for being the reason sites go down.

Remember: We are mortal

I said this to start off this post and I’ll say it again. We, your review team, are human beings.

We make mistakes. We miss things. We read code incorrectly. We don’t test everything as fully as we should. We screw up. We never miss things out of maliciousness or an intent to blacklist you from the repository. We believe you submit your plugins in good faith, and we respect you enough to treat you as adults and point out what you missed or explain how you can do things better.

This means you should give us the same benefit of doubt we give you.

#reviews

Ratings Rebuilt

Did your ratings suddenly change dramatically? Hopefully not, but if they did, it’s because the ratings for all plugins were recently reset and rebuilt earlier this week. All ratings now correspond exactly with existing, non-deleted, reviews.

As Otto put it:

Back when we launched the review system 2.5 years ago, we tied ratings to reviews. However, up until that point, we had existing ratings in the system. At the time, some argued that the ratings should be wiped and everybody start fresh. I argued for the opposite, that we should leave the existing ratings in place until such time as we had enough reviews in the system to build up a good body of ratings.

That time has finally come. What you see now is the ratings that correspond to your reviews. The data comes directly from the reviews themselves, and is accurate. Any ratings previously left over from the pre-review world are no longer available.

Additionally, the ratings now will accurately reflect the actions of the moderation team. If a review is deleted for whatever reason, then the associated rating for it will not be reflected in the results.

Please keep in mind, this means that all of the people who thought making sockpuppets to spam the reviews with 5-stars on their own plugins (or 1-stars on their competitors) have had the biggest swings. It should go without saying that you should never leave multiple reviews on your own product (we’re pretty sure you like it 😉 ) and you should never attempt to hide behind proxies and fake accounts to leave reviews. Be honest. It works out better.

#directory, #repository, #reviews