This is not a dig at the author of the file, as they have stated elsewhere that they wrapped up the code provided by Civic UK to create the plugin and other than that do not have any connection with Civic UK.
However since Civic UK list this plugin on their website, they need to help the author upgrade the plugin so it is fully compliant with the WordPress guidelines for plugin developers - http://wordpress.org/extend/plugins/about/guidelines/
The guidelines that have been breached include:
- The plugin must not embed external links on the public site (like a "powered by" link) without explicitly asking the user's permission. Any such options in the plugin must default to NOT show the link.
Two links to the Civic UK site are contained on the front end of the site. While it is important to give credit it should be up to the site owner, how that credit is given (if any).
I have personally stripped out the two links from appearing on the front end of the site, however Civic UK and Sherred have been added to my credits page with links to their sites/profiles, but that is my choice.
- No obfuscated code. We believe that obfuscated code violates the spirit, if not the letter, of the GPL license under which we operate. The GPL specifically states "The source code for a work means the preferred form of the work for making modifications to it." Intentionally obfuscated code is not the preferred form, and not allowed in the repository under any circumstances. However, note that some systems, like Paypal donation buttons, use encoded code as part of their normal operating mechanism. This is not considered to be "obfuscated" as this is simply how these types of systems operate and it is not a choice by the plugin author. These types of things are acceptable, but may result in the author being questioned about it for edge cases. If a non-encoded method for such services is available, use it.
This rule has been breached, which is my major concern with the plugin. If you check the plugin file: cookieControl-4.1.min.js, it is using base64 encoding, which is obfuscated code.
I see no reason why this code should be obfuscated, and I find obfuscated code untrustworthy as it does not allow the site owner to have complete control over their site, as well as understanding how the code operates.
Again, I'm not having a dig at the author, as they have publicly stated they have only wrapped up the code provided by Civic UK, and I think the author has done really good work in turning it into a plugin.
However, it needs to be mentioned to Civic UK who are actively promoting the plugin, that they need to help the author in changing the code to make it fully compliant with the WordPress guidelines.