A new episode of the “WordPress Drama” once again features Matt Mullenweg, founder of WordPress, who On October 12th it forked (Forking means creating a new version of a software starting from its original source code) on the famous plugin Advanced Custom Fields (ACF), renaming it Secure Custom Fields.
The ACF plugin has disappeared from the WordPress repository, while on the same URL and keeping previous reviews and installations active the new SCF plugin has appeared, making the majority of the WordPress community turn up their noses.
The official reason? “Remove commercial upsells and fix a security issue” says Mullenweg. But, as always in these cases, the truth seems more complex. ACF is not just any plugin: it is a tool loved by anyone who wants to customize the fields of their WordPress site (we at BigFive implement it on all the sites we develop).
WP Engine's response
WP Engine, the company behind ACF, didn't take it well at all, accusing Mullenweg of violating a fundamental principle of the WordPress community, that of consensus in development.
We have been made aware that the Advanced Custom Fields plugin on the WordPress directory has been taken over by WordPress dot org.
— Advanced Custom Fields (@wp_acf) October 12, 2024
A plugin under active development has never been unilaterally and forcibly taken away from its creator without consent in the 21 year history of… pic.twitter.com/eV0qakURLc
“Never in 21 years of history has a plugin been unilaterally torn from the hands of its creator.,” the ACF team said on X). This move inevitably raises questions: How much power should the parent platform have over third-party plugins? What is the ethical line between public safety and abuse of power?
WP Engine, in the meantime, it did not remain idle and sent an email to its users to be able to update the plugin:
“If your website is hosted on WP Engine or Flywheel or you are a customer of ACF PRO, you are not impacted and do not need to take any action. Otherwise, to protect our users and ensure you have access to updates approved by the ACF team, we recommend that you follow the instructions in this guide.”
How did WP Engine get banned?
It all started in September, when WordPress.org banned WP Engine from its ecosystem with this press release, preventing them from accessing resources like themes and plugins. Mullenweg has publicly called WP Engine “a cancer for WordPress“, criticizing the fact that the provider was turning off the post review function to save costs, undermining, in his opinion, the fundamental promise of data protection for users, and that WP Engine was enriching itself with WordPress without contributing in any way to the project.
Matt Mullenweg, CEO of Automattic, has misused his control of WordPress to interfere with WP Engine customers' access to https://t.co/ZpKb9q4jPh, asserting that he did so because WP Engine filed litigation against https://t.co/erlNmkIol2. This simply is not true. Our Cease &…
— WP Engine (@wpengine) September 26, 2024
WP Engine responded, accusing Mullenweg of abusing his power and interfering with the normal functioning of the ecosystem. WordPress Foundation then accused WP Engine of trademark infringement, while Automatic pushed for a licensing deal that never came to fruition.
Meanwhile, the WordPress community is divided. On one side, there are those who argue for the need to maintain the integrity of the open source platform; on the other, those who see these moves as an abuse of power that sets a dangerous precedent.
What happens now?
Mullenweg sought to reassure, stating: “We don't expect this to happen with other plugins.". We all have to stay calm. Or maybe not?
The case is raising serious questions in the WordPress community about how much power should be concentrated in the hands of one person. Some developers fear that this could be the beginning of a dangerous trend in which access to key open source project resources could be restricted for commercial reasons.
One thing is certain: this battle has opened a deep wound in the WordPress community.
