Francisco Torres 4:11 pm on September 9, 2024

Guidance on plugins that install other plugins

TL;DR: Clarification on installing another pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party from within a plugin, and community consultation on how to better inform and consent users in this regard.

There are plugins in the directory that ask to install other plugins. This can happen for various reasons, and there are different contexts and cases.

We would like to explore this with the community, analyze the cases where this happens, get feedback from different perspectives, and hopefully make an informed decision about what should and should not be allowed in certain cases.
Please share your feedback before September ~~23rd~~ 30rd.
After this process, this post will be updated with specific details in those cases.

What do the current guidelines say?

The current guidelines have different indications regarding the context in which other plugins are installed. For example: no tracking without consent, guidelines regarding executable code, dismissible notices, trialware, etc.

There are two specific cases we want to mention because they will be useful in analyzing the different casuistries:

Inform users and ask for permission: Users must be adequately informed of the actions they are taking and be able to decide whether they want to perform that action or not, otherwise that would be considered dishonest towards the users.
The guideline regarding executable code via third-party systems, mentions this specific case which won’t be allowed: “Serving updates or otherwise installing plugins, themes, or add-ons from servers other than WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/’s”. This simply means that a plugin will not be able to perform the installation of another plugin that is not in the directory. The way to install plugins that are not part of the directory will be a manual installation by the user.

Why install other plugins?

We have narrowed it down to two main reasons: Extended plugins and Recommendations.

Extended plugins

There are plugins that extend other plugins. Technically, they need the extended plugin to work.

A common example of this is a payment gateway integration for WooCommerce, which of course requires the WooCommerce plugin as it’s extending it.

In this case, the installation of that other plugin is a requirement, since the plugin won’t be able to work without it.

For plugins available in the directory, this just got a lot easier since the WordPress core now includes support for required plugins. If you have a plugin that extends another plugin in the directory, we recommend that you use it.

Recommendations

There are many different cases within this classification, here are some:

Cooperating plugins: There are plugins that can do more when used with other plugins; they are designed to integrate and work well together. They do not need the other plugin to work, but if they have it, they can integrate its functionality.
An example of this is Contact Form 7, which integrates with Akismet to detect spam when available.
Plugin ecosystems: There are plugins that, even if they are not integrated and they do different things, they may be from the same author, same set of plugins, they offer the same experience to the user, and they just recommend the user to try these other plugins that are in this so-called ecosystem.
Other recommendations: Just nice and friendly recommendations of other plugins, in some cases also paid recommendations.
Pro / Premium versions of the plugin: Another version of the plugin or an add-on for the plugin that provides additional functionality.

In any case, after reading this list, you can probably forget about it completely, because while there are different reasons behind it, they all fall into the same categoryCategory The 'category' taxonomy lets you group posts / content together that share a common bond. Categories are pre-defined and broad ranging.: a plugin recommendation and their installation should be optional.

How are other plugins installed?

We have narrowed this down to the following 4 cases in essence.

Manually

The plugin informs the user that another plugin is recommended or required. Then the plugin must be manually installed by the user, either using the search plugins feature (if the plugin is in the directory), uploading a zip file, or uploading it to the /plugins/ directory.

Using the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it.

This also informs the user that another plugin is recommended or required, but instead of asking the user to manually install it, it uses the interface that the WordPress core already provides to install it.

A screenshot of the core interface for installing a plugin.
It shows: a header with the name of the plugin, different tabs to navigate through the plugin information, description of the plugin and other details like: version, author, when was the last update, compatibility details, etc.
Finally it has a button with the text "Install Now"

In this case, the user seems to be well informed right out of the box. They can see the plugin’s name, description, version, etc. and the call to action is a clear button with the text “Install Now”.

Using a Custom UX

In this case, the install functionality is built into a custom interface that takes care of displaying information about the plugin being installed and asking the user for permission to install it. This is often embedded in an options page and in setup wizards or onboarding processes.

In this interface it’s important to get the user’s consent after providing them with sufficient information about what’s being installed.

No-asking

Automatically install plugins without informing the user and/or asking for their permission. This is expressly not allowed.

Let’s summarize

Ok, too much information: typologies, interfaces, guidelines. Let’s narrow this down.

Why install other plugins?	Extended plugins	Recommended plugins
As a requirement	✅	❌
Optionally	N/A	✅

How are other plugins installed?	Manually	Core UX	Custom UX	No-asking
Plugins in the directory	✅	✅	✅	❌
External plugins	✅	❌	❌	❌

What do we need your help for?

Now that we’ve clarified what is and isn’t allowed in terms of installing other plugins under the current guidelines, let’s take a closer look at a common case that we know is causing confusion for both plugin authors and users: information and consent regarding plugins that are installed using a Custom UX.

This is because while the general rule is “get the user’s consent after providing them with sufficient information about what’s being installed”, we recognize that this is on a case-by-case basis, and is somewhat subjective.

This team does not have specific details about what these interfaces should contain or how they should work, which leads to different criteria. We also realize that interfaces are complicated to regulate; it’s challenging to define specific details for them that are applicable in all cases, sufficiently clear, easily understandable and applicable and durable over time.

The number one goal we want to achieve with your help is to improve user information and consent, so that users have all the information they need to make a decision about installing a plugin, and a clear and easy way to give their consent. The lack of information or processes where the user was not aware of the action they were taking is an issue that users have reported to us and, after investigation, we believe needs to be addressed.

We have some suggestions on what plugin authors can do to achieve this goal (if applicable to their case). Please feel free to mix and match these suggestions and make your own, any feedback towards this goal is welcome. Note that there are suggestions that can be combined with each other.

Suggestion 1: Make clearer that it’s going to install a plugin

We have found cases where it is mentioned that a plugin will be installed, but it is done in a way that is not clear to the user, as it is mentioned in a smaller font, separated from the option, and/or using other techniques that in practice do not make it clear what the main action will be.

One suggestion would be to make the information about installing a plugin the most prominent information in the area where the user chooses to install it.

Before

Two pre-checked options with text that does not indicate that you are installing a plugin. Below them there is a less visible text that mentions that it's going to install a plugin.

After

Two pre-checked options with a text mentioning that it's going to install a plugin.

Suggestion 2: Avoid pre-selected options

We have found cases where the option to install a plugin is pre-selected and the user has to explicitly uncheck it to avoid installation.

A suggestion would be to make that option not selected by default, so that the user has to take explicit action regarding that particular plugin in order to install it.

Before

After

Two unchecked options with a text mentioning that it's going to install a plugin.

Suggestion 3: Avoid multi-install, install one at a time instead

There are cases where several different plugins are installed at the same time during the process.

One suggestion would be to require plugins to be installed one at a time in a process that requires explicit user action to install them, by clicking a button that clearly states what it does.

Before

After

Two fields with a text mentioning that it's going to install a plugin and a button to install that plugin with the text "Install Now"

Same as previous image but the button changes to "Installing" and "¡Installed!"

Suggestion 4: Provide additional information about the plugin

We see cases where the information about the plugin is pretty much limited to the name, there is other information that could be really useful for the user to make an informed decision about the plugin they are about to install.

One suggestion is to provide access to all information about the plugin, and perhaps the easiest way to do that would be to clearly link to the WordPress.org plugin page for that plugin.

Before

After

Two unchecked options with a text mentioning that it's going to install a plugin and a link to the plugin at WordPress.org

Suggestion 5: Use the Core UX to install the plugin.

The WordPress core includes an interface that can be used to install a plugin, and it meets most of the suggestions already mentioned: It’s clear, it’s not pre-selected, install them one by one and it gives all the information. Also, it would be a really clear definition of what’s allowed (the definition: only this).

The downside is that users lose the integrated interface and experience that a plugin could provide to perform those operations. There are some plugins that create really great onboarding forms, and users can lose a bit of that experience by having a modal window with a different aspect when asked to install another plugin.

The suggestion in this case would be to route any plugin installation process through this interface.

Before

After

A screenshot of the core interface for installing a plugin.

Same two fields as usual but the button "Install Now" changed to "¡Installed!"

Next steps

This post will be updated after getting your feedback and the team makes a decision.

After that, there will be a 3-month period during which plugin authors will be able to make the necessary changes to meet this common goal of improving user information and consent.

Please share your feedback in the comments. Thanks!

Andy Fragen 4:36 pm on September 9, 2024

It is possible to use the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. to install a pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party that exists not on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ servers. You have listed this a N/A in your table above and you should probably just use a ❌.
- Francisco Torres 4:53 pm on September 9, 2024
  
  Thanks for your comment, I wasn’t aware of that possibility, in that case it’s a ❌ then. Thanks!
  - Andy Fragen 5:43 pm on September 9, 2024
    
    That was the case for my Advanced PluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party Dependencies plugin rejection and not even that the plugin itself installed other plugins but could be used by others for that purpose.
CodeBard 4:53 pm on September 9, 2024

Suggestion 5: Use the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. to install the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party

This is not ideal, and in certain cases not workable. It moves the user away from the flow too much, gives way too much information to the user, and the user does not have a way of easily coming back to the initial setup flow. For non-technical users, its outright scary. As WP reaches broader audiences, and actually for the exact purpose of reaching broader, non-technical audiences, we should go for simplifying everything and making everything easier and faster. The setup flow with the easy to read and understand ‘Install this plugin’ choices are way better than the core plugin setup ui and flow.
- Francisco Torres 5:06 pm on September 9, 2024
  
  Thanks for your comment, I fully understand that it takes the user away from the flow, although if I’m not mistaken the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. can appear in a Modal Dialog (having in mind accessibility) and can be easily recognizable by the user as a “WordPress core element” (like the Android or iOSiOS The operating system used on iPhones and iPads. modal dialogs that ask for permissions). I think those can be some pros and cons regarding this particular case.
nosilver4u 5:08 pm on September 9, 2024

As long as the wizard states which pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party is going to be installed, and that information is not separated from the option which enables it, I’m generally fine with it. I would agree that such things should be off by default, just as “usage tracking” options should be (but I know that’s a separate discussion). What would bother me is, “hey, do you want to improve your website stats”, the option is pre-selected, and no indication it is going to install a plugin.
So I would be in favor of this:
1. Must state that an option is going to install a plugin, and which one.
2. Must not be pre-selected.
3. Establish a minimum font-size, and a minimum color contrast.
4. Statement about installation must be next to the option, and not separated by other UIUI UI is an acronym for User Interface - the layout of the page the user interacts with. Think ‘how are they doing that’ and less about what they are doing. elements. That is, both options in Suggestion 1 “Before” would be fine if they conformed to rule 3.

As to using the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it., I think that’s a great recommendation to make, but I don’t think all plugins are going to want to throw out their existing flows for that.
Implementing Suggestion 3 allows for one-click per plugin, and keeping a nice UI. However, I wonder if a one-click installation leads to the same issues, where folks just click the buttons without reading what is happening? So I think check-boxes are preferable, as it gives the user just a bit longer to think through what they’ve selected before they hit the Continue button.

Suggestion 4 seems unnecessary if everything is unchecked by default, as the burden is on the plugin to convince the user to check that box now, so they will need to give sufficient motivation with the information provided.
- Francisco Torres 7:15 pm on September 9, 2024
  
  Thanks for your feedback!
  A clarification to suggestion 4 is that it is partly based on giving the user the ability to see all available information about the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party: the full description, the author, installations, reviews, etc. Just as they can when installing a plugin from the WordPress dashboard or searching them at WP.org
David Perez 8:30 pm on September 9, 2024

Thanks Fran for the detailed info. What I see is that it’s clear that the user has to be conscious that it’s installing plugins after the options. The minimum should be suggestion 4 as it’s telling clear that there are plugins that are going to be installed and giving more information about them.
Alan Fuller 2:08 pm on September 10, 2024

I think there is a more general point of ‘dark patterns’ should not be used for any user consent. The problem is dark patterns is a little subjective and the guidelines would start to become prescripitive if going to far, but you could start with any user consent must not be pre-ticked, which would probbaly eliminate a lot of noise on this subject.

In an ideal world the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. should be fit for purpose, with many features such as plugin devs being able to register grouping of plugin and also for the core UX to be used for external plugin ( well it is but zip files !) but that is a ton of work and unlikely to be a priority.
- Francisco Torres 8:22 am on September 14, 2024
  
  Thanks for your comment!
  Yes, one of the problems in handling this is that there is a subjective side to all of this, and while there is a way to remove the subjectivity (Suggestion 5), perhaps this can also be handled fine by drawing up some generic guidelines to be followed and adding common sense to the formula.
Amy 12:19 pm on September 11, 2024

Thank you all for your work on WordPress and pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party support.

I’d like to add an additional scenario for possible future consideration: Plugin A requires EITHER Plugin B OR Plugin C
- mrcasual 9:23 pm on September 11, 2024
  
  This discussion and the update of guidelines are long overdue, IMHO 🙂 I will cast my vote for Suggestion #5 and for the installation of external plugins via a custom UIUI UI is an acronym for User Interface - the layout of the page the user interacts with. Think ‘how are they doing that’ and less about what they are doing..
  
  We, GravityKit, are a company that has created, in addition to various WordPress plugins, over two dozen add-ons for the Gravity Forms pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party. Some are free, some are paid, and certain paid ones extend the free add-ons with additional functionality. Moreover, other developers extend our products, and we offer those third-party integrations to our users.
  
  As you can imagine, maintaining an ecosystem of this size is quite a task, and it can’t be achieved using the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UI since most of the products are not in the directory (i.e., they are what you refer to as “external plugins”). We value our users’ time (and sanity too, to be honest), so having them navigate away from the WordPress dashboard to find and download all those products was never ideal. To that end, we unified product management in an easily accessible UI that allows users to install, activate/deactivate, update, and delete both our and third-party add-ons right in the dashboard. This includes both directory-hosted and externally-hosted products! Under the hood, we use native WordPress methods, and everything seamlessly integrates with the core UI, which can still be used to manage our products. Users have full control over the actions; they choose what to install, are shown complete product information, and nothing happens without their consent. We also built in robust dependency management, so if Product A (not installed) requires Product B (deactivated), which depends on a specific version of Product C (installed, but outdated), the system informs the user and requests confirmation before proceeding to first update Product C, followed by the activation of Product B, and finally the installation of Product A. All this is aligned with Suggestion #5.
  
  Our users love such a seamless experience. It also allows our support team to focus on resolving technical issues instead of spending time on repetitive “Where and how do I get product X?” inquiries. It’s a clear win for everyone.
  
  However, there’s a major sticking point – this approach goes against the directory guidelines, forcing us to strip this functionality from directory-hosted products. This is more than just a minor inconvenience as it diminishes the user experience by adding unnecessary steps and creating friction. It also affects our business, as product discoverability takes a hit (as if Google’s recent search algorithm changes weren’t enough).
  
  We believe the guidelines need to evolve to reflect the modern landscape of plugins with their own ecosystems and complex dependencies. By incorporating points from Suggestion #5, such as clear information and user consent, the updated guidelines should also allow for custom UIs to install products. This approach would better serve both users and developers, providing a more intuitive and integrated experience for managing plugins.
  
  Cheers!
  - Francisco Torres 8:34 am on September 14, 2024
    
    Thanks for you comment and for sharing you case, which sounds amazing, congrats for the hard work with that.
    I see the drawback of not being able to use the same UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. in plugins in the directory as in “external” plugins, and honestly I wouldn’t know what the next step could be regarding this, as guideline 8 seems essential for many reasons.
Jussi Hattara 9:41 am on September 12, 2024

I would prefer that at least all of the suggestions 1–4 would be implemented. Be informative, do one thing at a time and don’t make decisions on behalf of the user.
- Francisco Torres 8:35 am on September 14, 2024
  
  Thanks for your comment!
Syed Balkhi 12:14 pm on September 12, 2024

Thank you Francisco for the detailed information and starting the discussion.

I believe a combination of Suggestion 1 and 4 would lead to the best UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it.. It clearly requires pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party authors to state which plugin is being recommended by stating the name, explaining why it’s important, and also share the Author information.

Adding the link to WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ plugin page should be left as an optional as it takes users away from the onboarding flow.

The ability to have Recommended plugins pre-selected makes it easier for beginner users to go through the onboarding wizard and also get the tools they need to enhance their website. I do understand this leads to frustration for power users who would rather prefer to have everything unchecked. Perhaps, a good in-between option would be to make it easy to uncheck all with a single click.

I think Option 3 and 5 should be avoided as it requires far too many clicks and hinders seamless onboarding.
- Francisco Torres 9:18 am on September 14, 2024
  
  Thanks to you for your comment!
  As for the link to WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/, it’s something that can open in a new tab, maybe even in a modal, and it’s something that’s optional for the user to decide to click on, but it’s certainly something that can temporarily take the user out of the onboarding flow.
  Regarding the difference between beginners and power users, that’s a possibility, but I can also think of beginner users who are not that familiar with: WordPress, plugins, onboarding, configuration, etc and the only thing they can find among that much information at the same time is clicking next until they get out of that process and hopefully they have something ready to use.
  I can see that as long as enough information is given to the user, this can be considered the user’s responsibility. On the other hand, requiring a conscious act to perform these actions (even if they are simple actions) may improve all users’ awareness of what they are doing (especially for actions that involve important changes to their installation, the use of their data, and/or are not necessarily aligned with the main goal of an onboarding, which would be to perform the setup and configuration of their pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party).
Jeremy Herve 3:53 pm on September 13, 2024

Thanks for starting this discussion in the open! As more and more plugins have built their own custom UIUI UI is an acronym for User Interface - the layout of the page the user interacts with. Think ‘how are they doing that’ and less about what they are doing. to address some of the pitfalls of the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it., it would certainly be nice to agree on some common best practices.

As you mentioned, Core now supports the concept of “required” pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party now, and that may make things easier for everyone in the future. That concept and the flows around it are still in flux though (related Trac ticket), so I suspect we will continue to see custom implementations around the concept of “required plugins” for a bit longer. Some plugins may require the installation of another WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ plugin, but may not be able to rely on the Requires Plugins headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes. just yet. Until those flows are more stable in Core, informing the users as much as possible certainly seems like the best thing to do.

Suggestion 1 makes a lot of sense. Adding some information as suggested in suggestion 4 makes sense. Each plugin will most likely want to implement their own version of that UI to avoid overwhelming the site admin with too much information.

Suggestions 2 and 3 seem like things that are hard to judge. Each plugin onboarding flow has different needs, a different number of plugins suggested for installation, so it’s hard to really say “no pre-selected”, “no multi-installation” all the time. I think there are situations when it can be useful to site owners.
- Francisco Torres 10:03 am on September 14, 2024
  
  Thanks for your comment and sharing this ticket, I didn’t know about it and it’s something to keep an eye on.
Josepha 7:08 pm on September 13, 2024

Can we extend the Sept 23 deadline by a week? We have a lot of people traveling to WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. US and I think they would appreciate a little extra time to come up with some thoughtful responses.
- Francisco Torres 10:09 am on September 14, 2024
  
  That makes sense, extended until September 30th, thanks for pointing that out!
  - Josepha 5:46 pm on September 16, 2024
    
    Thank you!
Matt Mullenweg 12:46 am on September 14, 2024

It feels like there should be different rules if it is a commercial pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party, community plugin, solo plugin, or canonical plugin.
- Josepha 5:43 pm on September 16, 2024
  
  That’s where I’ve landed as well. I think for anyone building/managing a complex ecosystem using WordPress, the proposed ways forward could end up increasing user friction which has the potential to lower their success.
  
  I would like to get a sense for the commonalities of this type of business apart from being commercial/community/canonical etc. I believe there is a lot of variety in the scale of support and company size for each of those groups, and I don’t want a rule that helps end users to become too onerous for small companies.
- Jason Adams 3:55 pm on September 30, 2024
  
  I very much agree with this. I think we’re being to exhaust the one-size-fits-all approach to plugins on .org. Overall, we agree that the UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. should be excellent, but this changes depending on context, and blanket rules makes it difficult to maintain an excellent UX in a premium context — which is an important domain of the WP ecosystem.
  
  I think it’s worth imagining a system and rules on .org that differentiates between different types of plugins. I believe there should be rules, just contextualized ones.
- Francisco Torres 9:05 am on October 12, 2024
  
  This request for feedback concerns the basic standards of user information and consent for the installation of recommended plugins.
  How would a different type of pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party or context affect this objective?
  What differences in user information/consent should there be between different types of plugins?
lyhiz 9:49 am on September 16, 2024

my pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party was simply removed in order, without notifying any emails, I added again, perhaps you will succeed 🙂
Takayuki Miyoshi 9:51 am on September 18, 2024

Hello. I wrote a post as feedback to this.

In short, I think stricter regulations are necessary.
- Francisco Torres 8:37 am on October 12, 2024
  
  Hi Takayuki, thanks for your post. Some of these issues are not mentioned in this post, but seem to be relevant regarding other issues in the interaction between plugins that could be handled in the future.
Andy Fragen 7:12 pm on September 19, 2024

Honestly at this point I think that the CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. UXUX UX is an acronym for User Experience - the way the user uses the UI. Think ‘what they are doing’ and less about how they do it. should be able to install a non-dot org pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party. This is a very valid use case and currently the only method within core to install an outside plugin is to download a zip file of the plugin and use the Upload Plugin button.

Since Core already allows the user to install a non-dot org plugin why not make the experience better by allowing installation via the Core UX? If it’s a question of users possibly confusing non-dot org plugins for dot org plugins we could simply add some UX differentiation or some simple sentence that informs the user the plugin will install from a non-WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ server.

Imposing the current arbitrary limitations seems just that — arbitrary.
- Francisco Torres 8:52 am on October 12, 2024
  
  This is related to the following guideline
  https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#8-plugins-may-not-send-executable-code-via-third-party-systems
  That is a direct consequence of the current guidelines.

Comments are closed.

Welcome to the official blog for the Plugins Team.

Communication

Guidance on plugins that install other plugins

What do the current guidelines say?