@skylabb
Now that I have just seen the recent temporary court injunction in favour of WP Engine, I am reminded to reply.
I’m happy to give a justification for all my statements (although I don’t think I should need to because I am objecting based on facts, not subjective opinions).
1) My justification for using the word “hijack” is from the dictionary definition: “to seize by force or threat of force”
2) My use of the phrase “have no right”…
Automattic can do what it likes to block WP Engine from using the WordPress.org site.
Automattic can fork open source plugins according to the terms of use of those licenses.
What they have no right to do is this:
If I have installed a plugin on *my* website called “Advanced Custom Fields” by a developer called “WP Engine”, Automattic should not cause a different plugin, made by *other* developers besides the ones I decided to trust, to be installed on *my* website as a result of me clicking the “update” button. An update button, to any reasonable mind, would be expected only to update to a newer version of the *same* plugin provided by the *same* original developers. To change this behaviour without providing knowledge or obtaining explicit consent and making it unmistakably obvious what will happen is wrong. Even if they have terms of service that allow them to take over a plugin (I prefer a forking approach) that does not allow them to install it without consent. Matt / WordPress did not do this.
Any terms that allow this are dangerous and foolish, in my opinion, because it provides a situation where end users grant trust too broadly and are not in full control of what ends up on their websites. There is also an implied trust that this sort of thing would not happen based on common expectations. If these expectations can be subverted and changed at any time by simply changing the ToS, it opens up too many possibilities that users are not in control, or aware, of. No one can reasonably be expected to check the ToS every time they update their website’s plugins just to make sure that the terms have not changed to allow something else to happen.
Even if the terms do exist and are longstanding, during the process of downloading and installing WordPress or plugins I have not seen, nor have I ever been asked to agree to, any terms. If ToS allow a repository owner to dictate who can provide updates to software besides those who originally provided the software which the user downloaded, it is a big oversight not to make these terms front and centre at points of download, install and/or update.
There is also a long-established software development principle called “The Principle of Least Astonishment“. I think that applies well here. I saw no reason to believe that the plugin would be replaced when I clicked on update because, for years prior doing this action, doing so had resulted in the plugin being updated with a new version provided by the same developers. I saw no reason to think anything other than this would happen.
The only legitimate option in this scenario – or should I say ethical – given that my websites are my property and only I have the right to determine what does and does not get installed on them, is to attempt to notify website owners beforehand by all available means informing us that the plugin ACF is no longer maintained, has been closed and is no longer updatable, and that an equivalent, forked version is now available via a *separate* download/install action. In fact, a notification would not even have been necessary since an update error would have sufficed enough to cause a website owner to look into the matter, find out the cause, and then make a decision themselves as to whether to switch to the new plugin or not.
I understand that the word “hijack” is an emotive one; however, it is apt for such an action. I do not know of any other software repository where projects are forcibly taken over rather than closed/forked. The reason why they don’t do this is because of the software development principle I mentioned above and a desire not to subvert users’ reasonable expectations. It erodes trust. Software will often update automatically from a repository without user intervention. Users will have developed a relationship of trust (for good or bad) with the original software vendor. People do not like to suddenly find that the software they installed has suddenly changed to another software or another vendor – even for supposed ethical or security reasons. This may feel subjectively to some as a positive action, but to me and others it appears subjectively as a negative action. In either case, objectively, it is a hijack (a seizure/takeover by force/without permission).
You obviously have a (subjective) disagreement with the involvement of for-profit companies in the WordPress eco-system. It is your right to hold that opinion but that has no bearing on this particular matter. You would need to broach with Matt and the WordPress Foundation. There are many for-profit companies in the WordPress eco-system and forbidding them from participating in WordPress community will have far-reaching and long-lasting effects on many people, especially if it is commonly handled in the same way Matt handled this issue with WP Engine. I don’t think that would be a good idea.
