Support » Plugin: Cache-Control » has been removed from wordpress.org ?

  • Resolved cantoute

    (@cantoute)


    The Plugin “Cache-Control” has been removed from wordpress.org ans is no longer available for download.

    Is this permanent or it just because a a security issue needing an update 🙂

    This plugin is well handy and is the only one I could find that does the job (when behind varnish for example)

    Thanks for your work and hope this isn’t the end of this.

Viewing 12 replies - 1 through 12 (of 12 total)
  • Why doesn’t WordPress.org post a reason?

    My guess is that its a security issue, that wont be reported before it is patched.

    Plugin Author Paul Gilzow

    (@gilzow)

    And this is what I dislike about the current WordPress ecosystem: plugins are closed/removed with ZERO notification to site’s using the plugin. And no information on WHY it’s been closed.

    Interestingly, the author has left the WordPress ecosystem because of similar frustrations with WordPress: https://www.ctrl.blog/entry/enough-of-wordpress.html

    Snuwerd

    (@snuwerd)

    Thanks for the post @paul

    Plugin Author Paul Gilzow

    (@gilzow)

    I spoke with the author. He said he doesn’t know why his access has been revoked. He never received a notice, here or at the email address associated with his account here. Given he’s done with WordPress, he’s not overly motivated to look into it further. I’ve asked if he’d be willing to let me work on getting his access restored so he can transfer ownership to me so I can maintain it, but have not received a response yet.

    Given we depend on this plugin, if he doesn’t respond, I’ll probably fork it and submit it as a new plugin, though I’d prefer to just maintain the original.

    • This reply was modified 5 months ago by Paul Gilzow. Reason: Typo
    Plugin Author Dan

    (@geekysoft)

    Sorry, for ignoring this thread. I was a bit upset with WordPress for closing my plugins without giving prior notice or even notifying me afterward.

    I just wanted to confirm @gilzow’s version of events.

    The plugin was most likely closed because of an email address mix-up. WordPress.org had partially updated my account email address, but still sent some emails to the old address. I remember reading something from WordPress.org saying that they were going to remove plugins registered to unreachable email addresses this summer. I can’t find where I read this, but I clearly remember reading it somewhere.

    I’m willing to help migrate the plugin to a new maintainer. Assuming WordPress’ plugin review team are willing to facilitate it, of course. I’ll also help answer any question the new maintainer may have, and help monitoring WordPress core for changes relevant to the plugin.

    I don’t really have a good way to audit a prospecting new maintainer. Here are the best requirements for a new maintainer that I could come up with:

    1. A link to an actively maintained self-hosted WordPress website with your name somewhere on it. You can include it temporarily in an HTML comment on the front page if there’s nowhere on the site it would normally go. I just want to see your name on something more than a placeholder Lorem ipsum blog.
    2. Some proof of prior PHP development experience. WordPress plugin development is a bonus but not a requirement. An active OpenHub, GitHub, or similar coding profile with some commits in PHP will suffice. I’ll just check that you can add your semicolons and close your brackets.
    3. An active Keybase, GitHub, OpenHub, BitBucket, or account with a similar service with your full name and an email address visible to the public (or at least to logged in users).
    4. Email me a photo of yourself and holding your ID and a note saying “I promise not to develop malware, inject ads, or do anything nasty with $plugin_name.” The name on the ID and sending email address must match that of the above websites. (The sending server must also DKIM-sign the entire message and attachment. All leading email providers do this automatically. It’s the only way for me to verify that the message most probably originated from that email address.)

    The last one is just to verify that you’re either the person, or control the email address of the person, from the three other links.

    Transferring the plugin to a new maintainer gives them access to auto-update and deploy to thousands of WordPress websites. So I’m trying my best to do this right. The plugin is open-source, so you can of course fork it and start over from scratch without the existing user-base.

    • This reply was modified 5 months ago by Dan. Reason: typos
    • This reply was modified 5 months ago by Dan. Reason: more details
    Plugin Author Paul Gilzow

    (@gilzow)

    Happy to take it over as we have hundreds of sites depending on it, and if it isn’t available here, I’ll have to either maintain it on our local gitlab instance anyway or as I mentioned above, fork it. Do you want me to send the information you listed to our previous email thread, or post here?

    Plugin Author Dan

    (@geekysoft)

    @gilzow you’ve got my email address so send it there.

    Plugin Author Paul Gilzow

    (@gilzow)

    Sent.

    cantoute

    (@cantoute)

    I guess you have noticed this last update crashes wp-admin…

    can I help you guys ?

    Plugin Author Paul Gilzow

    (@gilzow)

    Really? I have not seen that. Can you start a new thread with the details so we can troubleshoot?

    Plugin Author Dan

    (@geekysoft)

    The plugin has been restored and @gilzow has been granted commit access.

Viewing 12 replies - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.