In a recent action against WP Engine, WordPress has taken over control of the ACF plugin.

It's not over yet between WordPress founder Matt Mullenweg and hosting company WP Engine: WordPress has "forked" a plugin developed by WP Engine.
In a recent action against WP Engine, WordPress has taken over control of the ACF plugin.

It's not over yet between WordPress founder Matt Mullenweg and hosting company WP Engine: WordPress has "forked" a plugin developed by WP Engine.
Specifically, it's called Advanced Custom Fields: A plugin that simplified the customization of the edit screens for WordPress users. WP Engine is out of the picture, and the plugin was rebooted as Secure Custom Fields.

This was something Mullenweg indicated was necessary "to remove commercial upsells and fix a security problem."

The Advanced Custom Fields team responded on X, describing this as a situation where a plugin "under active development" has been "unilaterally and forcibly taken away from its creator without consent," which it said has never happened "in the 21 year history of WordPress."

"This core community promise has been broken, and we ask everyone to think through the implications and ethics of doing so, as well as the precedent that has been set," ACF team writes. 

Such things, Mullenweg's blog post and a response from WordPress claim have actually occurred in the past, though Mullenweg also cautioned, "This is a unusual and rare situation triggered by WP Engine's legal attacks, we don't expect this for other plugins."

They also point to WordPress' plugin guidelines, which give WordPress the right to disable or delete any plugin, remove developer access, or change a plugin "without developer consent, in the name of public safety."

Some background: WordPress is a free, open source content management system used by many websites (including TechCrunch), while companies like WP Engine and Mullenweg's Automattic offer hosting and other commercial services on top.

Last month, Mullenweg himself wrote a blog criticizing WP Engine as a "cancer to WordPress." His criticism ran from the lack of WP Engine's apparent support for revision history to the investor it had picked, Silver Lake; but he also couldn't resist pronouncing that its "WP" branding confuses customers, sounding almost too good to be true-that is, its name is actually officially sounded by WordPress.

Cease-and-desist letters have been flying back and forth, with WP Engine accusing Mullenweg of threatened "scorched earth nuclear approach" unless the company paid for a license to use the WordPress trademark.

WordPress banned WP Engine from updating the WordPress.org repository, then shortly lifted the ban, before reinstating it again. This essentially stops WP Engine from pushing out security updates through WordPress.org — it can't therefore provide automatic updates to close security vulnerabilities.

WP Engine has posted, though, a workaround for users who would like to update the plugin and continue using ACF. (It says the workaround applies only to free users of ACF, while pro users will keep receiving updates from the ACF website.)

Next, Mullenweg wrote, Secure Custom Fields will be released as a free plugin: "If anyone wants to get involved in maintaining and improving it, please get in touch."

Blog
|
2024-10-13 19:17:31