October 15, 2024 at 10:24AM
A public dispute has erupted between WP Engine and WordPress founder Matt Mullenweg over the Advanced Custom Fields (ACF) plug-in, following Mullenweg’s decision to fork ACF into Secure Content Fields (SCF). This has led to user confusion regarding updates, security issues, and potential legal actions between the companies.
### Meeting Takeaways
1. **Dispute Overview**:
– A major disagreement has arisen between WP Engine (WPE) and Matt Mullenweg, founder of WordPress, regarding the Advanced Custom Fields (ACF) plug-in. This dispute centers around the delivery of security fixes and updates.
2. **Forking of ACF**:
– Mullenweg has announced the creation of a new version, Secure Content Fields (SCF), effectively forking ACF and cutting off WPE’s access to WordPress.org update servers.
3. **Impact on Users**:
– Free version users with auto-updates enabled will be switched to SCF automatically to receive future updates.
– Users wishing to continue with ACF must install an alternate update mechanism provided by WPE.
– Paid ACF version customers will continue to receive updates from WPE without any required action.
4. **Accusations and Responses**:
– Mullenweg criticizes WPE for exploiting open source software without contributing back to the community, calling them a “cancer” to WordPress.
– WPE has accused Mullenweg of violating open source principles and has labeled his actions as “malicious.”
5. **Legal Actions**:
– WPE has taken legal action against Automattic and Mullenweg, alleging “abuse of power, extortion, and greed,” and has issued a cease-and-desist letter.
6. **Concerns about User Confusion**:
– Stephen Kowski suggested that the dispute could lead to confusion among users regarding which version of the ACF plug-in to use, potentially requiring migration efforts and additional diligence concerning security.
7. **Security Implications**:
– There are concerns that users may unknowingly transition to the unapproved SCF plug-in, which may not necessarily offer better security compared to updates already made by WPE.
8. **Recommendations for Users**:
– Users are advised to assess their installed plug-ins carefully and ensure they are receiving updates from trusted sources to avoid potential risks associated with the ongoing conflict.
### Next Steps
– **Monitor Developments**: Keep track of any new communications or updates from both WP Engine and Mullenweg regarding the dispute.
– **User Communication**: Consider informing stakeholders about potential impacts on ACF users to mitigate confusion and security concerns.
– **Legal Considerations**: Consult with legal counsel regarding the implications of ongoing litigation and how it may affect organizational use of either ACF or SCF.