Feature Request

  • bkjproductions

    (@bkjproductions)


    6 years, 2 months ago

    I like the checksum idea, where you compare the current WP installation vs. what-it-should-be. It notices when I do things like remove the readme.html. That is a boon!

    What would be the next level of improvement is: Do a checksum on each and every plugin. If I have any plugins from the WP Repository installed, it should then compare the folders/files for that official plugin vs. what is on my site and let me know if there are differences.

    If it’s a commercial plugin, then perhaps there is an API with that developer’s site to do the checksum, somehow. Developers should be encouraged to support this for their own sake.

    I think this would be a good improvement, because it helps to reinforce the “Use approved/vetted plugins from the WP Repository and no one gets hurt” message. And manytimes when there is a hack, it’s a plugin to blame, so why not check the plugins?

    Maybe do the same thing for themes?

    This could be an option you would click and wait a while for a result, much as the PHP7 compatibility checker can take a bit of time.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter bkjproductions

    (@bkjproductions)

    6 years, 2 months ago

    Needed to update the tags, typo on “checksum”

    Plugin Author Marius L. J.

    (@clorith)

    6 years, 1 month ago

    Hiya,

    Thanks for the thoughts, and I’m glad you appreciate the checksum tool!

    My main concern with checking plugins and themes are, as you mention, paid ones would be excluded (much like they are in the PHP compatibility tool right now as well), and it reduces the usefulness of the tool it self, this is a worry I still have about the PHP tool as well and why I’m always open to suggestions on how this can be improved upon.

    I do see the thoughts behind your suggestion though, and will take it into consideration, I can say that it won’t be in the next version, as the roadmap fro that has already been laid out 🙂

    Thread Starter bkjproductions

    (@bkjproductions)

    6 years, 1 month ago

    Hi Marius, Doing a checksum on the WP-repository plugins alone (ignoring the paid ones) would be very useful. I bet if you started doing that, then that would help people wake up to the idea that, “Hey, maybe I should not load too many plugins” or “I should really think about the plugins as a possible attack vector.” You will save a lot of grief for that set of users and developers, and then maybe the paid plugin developers will think about ways to hook in to an API or whatever.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Feature Request’ is closed to new replies.