New Policy Coming to WordPress Plugin Repository: Plugins Not Updated in 2 Years Will Be Hidden

Big news from Matt’s State of the Word address at WordCamp San Francisco is a new policy concerning WordPress plugins. Those plugins that have not been updated in two years will be hidden both in the repository and in the WordPress admin plugin search. I’d say this is a big win for all WordPress users worldwide.

Siobhan recently conducted a fantastic investigation of the current state of the WordPress plugin repository, which revealed that more than half of the plugins in the repository are not compatible with WordPress 3.x. Her analysis also showed that only 32% of those 15,000+ plugins have been updated in 2011.

WordPress plugin repo is growing all the time and there’s bound to reach a point when there’s more junk than gold. Can things be changed before then?

For more information, check out her article: What Lurks in the WordPress Plugin Repository?.

It’s good to see that the WordPress plugin repository will soon be a more useful resource where you won’t have to sift through as many old plugins in order to find the good ones. Hopefully WordPress users will get fewer PHP warnings, errors and notices when testing out plugins. Looks like the WordPress plugin repository won’t become a wasteland afterall! We’re looking forward to all the changes and hope to see a more advanced search form built in as well.

Make sure you subscribe to our blog and we’ll keep you up to date on when you can expect to see the new policy in effect at the WordPress plugin repository.

22 Responses

  • 24 months is a long time and a blunt weapon. I think a filter that takes more parameters into consideration would be an even better idea. But this is of course better than nothing.

  • As you said it is a big win for all users and the whole WordPress community. I want to install many plugins that are not compatible with WP 3.x and aren’t working. So, I think, that’s a good rule.

  • Agree with Gunnar in that it is a blunt (albeit easy to action) method of ridding the repository of out of date plugins.

    Some plugins simply haven’t needed updating, and that becomes even more relevant where the author has since walked away but the plugin is still doing everything it should.

    I think some kind of voting system would be a better idea:-

    [ ] This is way too old and doesn’t work any more – hide
    [ ] This is an oldy but goody – keep
    [ ] This is new but has too many problems – hide
    [ ] This is new and works just great – display in BOLD

  • Two years since the last update seems reasonable. There is always the problem of old plugins that still work, but I can’t help but wonder if that is widespread or just a few dozen out of whole lot.

    • Even if it’s an old plugin that still works, the developer should re-tag it with compatibility for the current version. There’s no justifiable reason to wait 2 years (or even 2 months) to do that.

      • I think the logical justification is that many authors have lost interest and thus won’t go to even this much trouble… Seems to me that it is better to lose the few cases where this happened than have a whole bunch of buggy ones.

  • Seems stupid to me! Why not just build better search functionality eg search for plugins that are compatible with the version you’re using, and have been updated in the last 3/6/12 months?

  • A good step. I hope they’d give us an option to “unhide” the older plugins through a checkbox or something, though. Some are still very relevant…

    I agree that a better search function would be the best solution though, at least on the web site itself. The 1999-esque search has been the biggest WordPress weakness from the start, both in the script and on the WordPress site.

  • I have a plugin that hasn’t been updated in almost 3 1/2 years on the repo, and from what people have been telling me, it still works beautifully (it’s only uses the the_content hook and really nothing else).

    This type of plugin doesn’t need to be updated per se, but the readme should be updated periodically to show that it does indeed still work with the latest version of WordPress.

  • I think that this is really a good move as judging by the study that was made by Siobhan revealed a staggering and scary pretty scary results. 85% of the plugins tested had bugs and only 35% have been updated. That is mind blowing and I sincerely hope that this “new” come into effect very soon. That would certainly make the repository much more trustworthy and safe. The idea about “enhancing” the search functionality will definitely be a welcome addition…

  • The Incredible Code Injector

    This is like throwing the baby out with the bath water. There are plenty of perfectly good plugins that will now be hidden, and plenty of bad plugins that will still be visible. A voting system and better search functionality would be a far better solution. The plugin repository is such a huge resource to WP users, it deserves a better solution than this. Too bad those who make these decisions apparently don’t recognize what a big part of WP the repository is.

    • While this may negatively affect some legitimate plugins, the bottom line is that it really is the responsible thing to do. Plugins that haven’t even been tagged for compatibility are putting every potential users site at risk, and the effort required to test compatibility for most plugins is minimal on the part of the developer.

      The plugins will still be accessible, too. If you’re coming from a Google search (which exists most likely because of the many existing users that recommend a given plugin), you can still get the plugin.

      And two years is not a short period of time. If the code has been abandoned that long, there’s no telling what might be wrong with it – and there really is no hope of getting a security update pushed thru to the many users out there relying on it.

      • The Incredible Code Injector

        Thanks for your feedback Shawn, it is well taken. I understand the importance of getting bad plugins out of circulation, but it seems to me that hiding all plugins that have not been updated within a certain amount of time is a rather hasty solution. Maybe adding a compatibility filter to the search would be more effective. For instance, compatible with versions 3.x would obviously eliminate anything not updated in 2 years, while 2.9 and newer will return more results. A simple notice posted somewhere regarding the potential security issues with using older plugins would dissuade many from taking the risk, while those a bit more code savvy might actually take the time to update the more useful plugins. I’m sure there are other solutions as well. Just ask the user community and you’ll get plenty of ideas. But setting a cut-off date is a bit rash and short sighted. The Plugin Directory deserves better.

  • Perhaps you would choose, and we will take it into consideration.
    A good step. I hope they’d give us an option to”unhide” the older plugins through a checkbox or something.

  • I see it forcing developers to maintain a free plugin. If it needs to be maintained, they’ll need to make it a commercial plugin. I’m giving a presentation at WordCamp Salt Lake City (similar to WordCamp Chicago) about whether you can go commercial for a plugin, and this is a big factor that will encourage paid plugins.

Comments are closed.