Being very involved in the WordPress industry, what I find funny is the majority of angry reviews masquerading as victims are from entitled pseudo devs who sell WordPress sites to clients and now they were made to look bad because they had automatic updates enabled while charging their customers for a retainer package with "plugin & themes updates".
How about buying premium version in the first place just as you charged your client for it.
I believe they played with the semantics here to perhaps get a pass on it not counting as an exact violation of wp.org repository guidelines. There's a proposal to have strict policies and disallow any sort of global ads now but it seems dismissed [1].
It was a dismissable admin notice that looked like an ad and wasn't exactly a tracking link (in the wp.org classifications at least), but a generic marketing campaign link [2].
I used to work in this WP field and I can confirm your story about this industry clients devs. I have one more story:
Back then (maybe still possible now?), if you have a custom plugin named "abc" but which is not uploaded to wp.org repository, I can upload a plugin with the same id "abc" to wp.org, bump the version and WordPress will suggest to update the plugin. This will replace the real plugin with yours. I voiced the problem to the WP guys but they seemed cool with it.
As someone who has contracted with a bunch of agencies and contractors for Wordpress sites, I have paid for such retainers even though automatic updates are on.
I want automatic updates on; its better for security.
And I want the folks who built the sites available on short notice, so if automatic updates break something, I can get it fixed quickly without trying to do a contract with some random WP dev on short notice.
Updates are different from upgrades, though. But if you are saying that we should pay for premium (in order to get the updates, which you are saying we should stay on top of), then I get what you're saying.
> It's free, GPL, and open source - you know, "No Warranties" and all that.
Making something available for free doesn’t absolve you from blame when you make stupid decisions. Well, it does legally, but from a social standpoint it’s still not nice.
I'm a big fan of vanilla WordPress, especially the new block editor, but the plugin ecosystem is a total mess. Almost all popular plugins come with a free version that spams you to upgrade to "pro". They add menu items to the admin panel with different colours so you find it harder to ignore them. They add messages to the dashboard. The look and feel of their settings pages don't match WordPress core. And, even if you pay for an upgrade, that usually means removing the plugin provided and automatically updated by WordPress.org and replacing it with a manually uploaded zip. Crazy.
The garbage user experience with most plugins led me to collect together a bunch of ideas from plugins I used and rewrite almost all of them entirely into one spam-free plugin. I did it for my own sanity as a user of my own plugin but I'd like to see more " old fashioned" plugins that are providing high quality code for everyone's free benefit.
Plugin devs can generally NOT be trusted with seamlessly integrating their plugins because it usually leads to all kinds of dark patterns and poor UI for WP as a whole. WP.org's strict plugin guidelines is one of the main reasons why plugins behave relatively well considering how huge the WP.org repository is.
The Yoast CEO Marieke van de Rakt responded on Twitter:
> That BlackFridayBanner was not the best idea. We’re truly sorry for the annoyance and difficulties it may have caused. We did not think this through properly. If you want, you can update to a new version of our plugin without that banner. #blackfriday #neveragain #apologies"[1]
> I OK'd this. I am the CEO. And I made a big mistake. I am sorry. [2]
Hardly the first time Yoast have been forced into an embarrassing climb-down.
In the early days of mass Wordpress adoption they got a lot of traction by offering a plug-in that made few basic seo improvements and that early success went to their heads. Every iteration since has been a bloated mess of features, most of which are entirely unnecessary.
I have a lot more respect for a response that contains the words "sorry" and a statement that the entity admits that they made a mistake, vs. the usual corporate statement that contains neither.
An "I'm sorry" and "it was my call" are much more honest than the usual legal-approved CEO-speak that doesn't admit any fault, or justifies it with an un-provable statement like "many users have asked for this feature"
For those not deep into the WP community reading this headline: Yoast injected an ad into the WP admin pages (every admin page), not into public WP sites. The headline sounds much worse than it is - this is just an annoyance for editors, not Yoast abusing its reach to target billions of worldwide website readers.
I for one am glad that Wordpress doesn't behave like the App Store, yanking apps willy-nilly with no warning, and little recourse.
Wordpress development is for developers, not consumers. They don't require the same level of hand-holding. When things like this occur, devs can make the choice to remove the plugin on sites they maintain.
For prospective users, every plugin page has a "reviews" section that tells them exactly if the plugin does anything shady. Yoast isn't a monopoly and thanks to how the plugin ecosystem has evolved over time, WP devs usually have a second or third option to go with, should their #1 pick no longer meet their needs.
I think a lot of the rip is from Wordpress generally being insecure. You can have it locally and treat it like Jekyll and have your json sent to git and published to something like Netify.
> I think a lot of the rip is from WordPress generally being insecure.
That too - I put adware on my wp-admin pages in the same boat.
I've seen the JSON publishing route and I'm not 100% impressed with how it operates. In most WP situations you want to give people who are non-devs the capability to manage content which local setups like this don't accommodate well.
A lot of people complain how apple app store removes apps that Apple doesn't like. Or how Firefox no longer allows users to provide add-ons that are not through the Firefox store. That and other walled gardens make the the new tech world much less free and much more dependent on tech giants. I personally would prefer WordPress to allow whoever wants to make an app and give the users the responsibility to choose what to add and what not
> I personally would prefer WordPress to allow whoever wants to make an app and give the users the responsibility to choose what to add and what not
I'm totally with you but that assumes that WP devs have the responsibility to make responsible decisions. The range of skill for a typical WP dev is outstanding, where on one end you have people who can't write a for loop adopting the "dev" title, and on the other end you have skilled engineers.
I've seen WAY too many people call themselves "devs" when all they do is try to install plugins to piece together a website. In relation to Apple and FF - average users are not savvy at all and have been shielded from the nuts-and-bolts decisions that we make on a daily basis. Trusting them with the responsibility to make good decisions is precarious.
this was the worst spam of all my wordpress experience. a yoast banner on every admin page - yoast must have gone crazy. I took screenshots of this shameful moment.
wordpress plugin as well as mobile app stores are reminiscent of the ugly pc shareware and freewares of past 30 decades.
I don't use wordpress/yoast so am probably wrong. But I don't think splashscreens on shareware is 'ugly', I think it's fair enough. In some instances - such as Sublime Text - I am amazed at how discreet it is.
I suspect Sublime realizes that they have three classes of customers:
1. Companies
2. Private individuals who are happy to pay for software
3. Private individuals who aren't going to pay for software
The discreet notification is enough to get 1+2 to pay. Group 3 isn't going to pay anyways, and making the notification more annoying will just make it more likely that they crack it and never see it again. Most importantly, when people from group 3 start working at a company, they may get the company to buy a license (which is now a subscription, i.e. makes them a lot more money than a personal license).
A more annoying notification would likely win them very little, and lose them a lot (from people who use a different editor instead).
Well, people need to learn not to depend on redundant Wordpress plugins.
The plugin-landscape in Wordpress is plagued by bugs and ads, some spamming you to update or pay for a premium version. That is not something you would accept for professional CMS solutions.
If you consider yourself knowledgeable in SEO, then learn to walk the talk and stop relying on phony third-party plugins!
SEO is such a small part of owning a website, and ideally, any technical SEO that is needed should be integrated in the core CMS by developers and not fiddled with at random by clueless bloggers or SEO gurus.
Since Wordpress is such "crapware" out-of-the-box, you can easily create a Yoast replacement plugin to handle what is really needed. The rest is just useless bloat and clutter.
I would not touch Yoast in my wildest dream. It is totally redundant for people who can code themselves.
> It is totally redundant for people who can code themselves.
Not really, it saves time. I have my own website and I am a profesionnal developper, but I don't want to spend time learning wordpress programming. The few things I had to code for WP was very off putting.
Because of Matt Mullenweg's strange philosophy of keeping only barebones features in "core" Wordpress and having all other functionality be delivered by plugins. This means that even to have a basic site, you just have to install various plugins to deliver key features, which leads to the bloat, instability and security problems that Wordpress is infamous for.
Modularity isn't free. Wordpress' obsession with it – and bad implementation of it – leads to bizarre, 80000+ recursion level deep callback hells even on simple pages once you have 3-4 plugins running.
It is because a lot of functionality is now bundled as part of the Automattic Jet Pack plugin. I guess the plugin is technically open source (due to the GPL) , but a lot of functionality depends on Automattic's server and requires a subscription.
Do you do actual WP development? How many clients do you have? How much Yoast functionality does your plugin cover?
There are certain plugins that deliver so much value that developing and maintaining them yourself is nonsense for most devs out there. Unless your agency manages thousands of plugins and you have some very specific needs, you don't need to re-implement everything from scratch. Even then, it's probably far cheaper and easier to re-use their GPL code as the basis for a less bloated plugin rather.
I can't see how Yoast needs any more exposure. They're the equivalent of Coca-Cola in the WordPress world - everyone's heard of them, most use them already.
Actually the comments indicate that the "controversy" seems to be imagined by many people. By the way, I don't know anything about Joost, so he may not be innocent. But the article is an excellent example of an inability to distinguish between consensual but obnoxious stuff and clearly non-consensual behavior.
Also read the comment by Jenny Halasz, it seems very telling: "I had the audacity to start a thread on twitter where I suggested that perhaps we should ask the women involved if they were being harassed before we leveled accusations at the supposed harasser.
For my trouble, I got called a woman hater, an enabler, and plenty of other terrible things (now conveniently deleted by the people who said those awful things: Cohen, Rayner, a handle by the name of callis1987, and Forden)"
Perhaps Yoast thought they were cleaver. I hope someone reads this who works there. Because of "this", and as a precaution for further abuse one of my agencies removed Yoast SEO from over 2000 Wordpress-sites last week.
Update: Just found out that Yoast CEO is a woman and apologize with GIF:s on Twitter. Awaiting my ban and #forevershame.
I disagree - to me, it _is_ a huge deal. It's an overstep of a boundary that definitely should not have been crossed.
Yoast has always been borderline spammy with their upgrade nags, but at least historically they followed the WordPress guidelines and kept them inside of the Yoast pages. But flat-out injecting ads into every admin page with not much context is a step too far in my opinion.
As far as I'm concerned, automattic should revoke their wordpress.org plugin hosting until this has been addressed (as this clearly violates their hosting guidelines) and a public apology is issued.
It has been addressed and their CEO offered hundreds of apologies on Twitter. It is definitely not okay and I would still not use them as there are better plugins out there, but they (now) say they made a mistake and owned it.
The SEO framework (slug: autodescription) is great and performs about 30x as good as Yoast SEO in terms of processing time. They’re also pretty strict about sticking to WordPress’ native styles.
>As far as I'm concerned, automattic should revoke their wordpress.org plugin hosting until this has been addressed
Unfortunately Automattic only contributes to WordPress.org [0]. Automattic actually owns WordPress.com [1] which is a separate-ish entity, and does not have any authority over plugins hosted on WordPress.org.
as for all the doom and gloom, I think the main thing that makes this so bad is that the ad was hard to close - the X was not very visible / easy to click, some said clicking it still brought you to ad site...
to me the bad thing was that the ad was moving / not static. Might be time for a checkbox, 'allow plugins to show disounts / partners / third party ads' - some of them are helpful / wanted.
when a plugin hijacks your next screen, like wp-statistics does after an update sometimes (others too, eg all-in-one-seo sometimes )- I hate that even more than what this yoast ad did.
The plugin exists to inject seo-relevant tags into your page, so I don't see how a permission system would help to prevent them from injecting other tags into your page.
And no, there's no real capability system for plugins in Wordpress. Plugins can define their own user permissions that hooks into WP's system to determine what user can use what feature, but that's entirely opt in on the plugins' part.
- It was an upsell to the Pro version of free plugin. Not some random ad spam.
- The ad was an admin notice - which appear in WordPress on top of every page in the backend Admin Area in what's generally the notification area.
- It's free, GPL, and open source - you know, "No Warranties" and all that.
Grayhat, and not something you should ever do. But not as nefarious as everyone is making it sound like.
WP.org is about freedom, so they're unlikely to restrict it either unless malicious: https://github.com/WordPress/wporg-plugin-guidelines/pull/69...
Being very involved in the WordPress industry, what I find funny is the majority of angry reviews masquerading as victims are from entitled pseudo devs who sell WordPress sites to clients and now they were made to look bad because they had automatic updates enabled while charging their customers for a retainer package with "plugin & themes updates".
How about buying premium version in the first place just as you charged your client for it.