A few years ago, I was working on a WordPress theme that had some really cool features (if I can say that without sounding as if I’m bragging). The features were brainstormed by a team and gathered through feedback through a number of customers and users, and all were implemented over a long period of time.

When the time came to actually release the theme, it proved to be worth it – it was well-received.

As with any product, we then went into maintenance mode doing the usual round of fielding bug reports, features requests, and so on, and then continued maintaining the product with periodic releases in order to provide bug fixes, minor feature updates, and so on.

Generally speaking, it was great. There was a lot to be proud of and things were going well.

But, as with anything, things couldn’t continue on the up and up forever and during one of the releases, I neglected to remove a line of code that was intended only for the development environment.

We shipped it.

And it negatively affected all of the customers who applied the update.

A Lack of Integrity? (Let’s Fix This)

Immediately, there was a, sinking feeling in the pit of my stomach. I’d like to think that anyone who really cares about the things they’re building, who care about their customers, and who care about trying to continually improve the product(s) they are releasing knows this feeling.

To make the situation even more complicated and is such the nature of maintaining something that runs, you know,on the Internet, it didn’t take long before someone caught on to the problem.

Honestly, this isn’t a bad thing. We want feedback right? And we want to provide updates and fixes as soon as possible.

To be clear, that wasn’t a type of vulnerability or anything that would compromise their WordPress installation, but it was something that would negatively impact the SEO of their site. For some, this wasn’t a big deal – especially if they were a new customer – for others, this was a major deal because their blog had been established for a while.

Luckily, a customer reported the bug to us and we had it patched and updated within hours (and by hours, I mean within four hours). But the news also found its way to another very popular blogger who decided that it would make good fodder for a story.

And who can argue with that? If you’re into spreading bad news about other people in your industry, then it makes total sense to follow the story.

The Two Types of People

I could be over-generalizing with this next bit, but it seems to me that when it comes to something like this, there are generally two ways in which people will proceed:

  1. Some people will report the bug and give you n-number of hours to apply a fix before taking the story to someone with a larger audience. If you end up patching the problem within the allotted time, you’re normally clear.
  2. Others will report the bug to you as well as to others who are likely going to run a story. If you’re lucky, you can get things fixed and then the story is moot. If, on the other hand, the story gets picked up while you’re working on the fix, then there’s little to do. The story begins to snowball and it goes from there.

Personally, I’d much rather be the first type of person. I’d like to believe that most of us would. Unfortunately, I don’t know if many people want to act that way or not; however, I’ve witnessed first hand – numerous times, both in this story and in others that aren’t directly related to me – where people seem to enjoy being the second type of person.

Perhaps the most irritating thing about that, though, is they’ll present themselves as professionals who respect their competition and want to take care of their customers though their actions will speak directly in contrast to that.

And that’s exactly what happened.

We provided a fix, ended up having to make a statement, and going into full damage control for the sake of something that could have been fixed and distributed in less than a work day had we just had the preferred protocol been followed.

But “preferred” is subjective.

Clearly.

And Then The Plot Twist

If this is an ongoing story, what wouldn’t a fantastic plot twist be to say that the person who was antagonizing us ultimately came under fire for something that was far more serious than what they chastised us for, and that was far more detrimental to the security of their customers installations.

There’s a level of poetic justice that isn’t there?

But the true measure of determining just how professional you really are is how you react in situations like that. That is, it’s in how you react to those who have once spat in your face.

Watching a story crop up all over the place and watching certain criticisms fly and negativity abound, you would expect, feels good.

But does it, really?

After all, if that’s how I was going to feel and how I was going to react, then what would make me any more professional than the second type of personality – the person who is now the victim – that I mentioned above?

Are We Better Than This?

So where am I going with all of this?

We, as the WordPress development community, do a pretty good job of sharing the the work that our peers are doing. There is fair reporting, a high number of retweets, and generally good, respectable discussion that all go around things that are released.

Not always, though.

To me, when it comes to security issues, it would seem that the standard protocol of operation would be to first give the developers a heads up so that they can roll out a patch.

If they opt not to patch the problem, then bring it to large blogs, publications, and security professionals who can help customers fix the problems that developers failed to do.

It’s not so much about throwing developers or companies under the bus, but it’s about protecting the people who are running the vulnerable software. Then it’s about figuring out why the developers responsible for the problem were lax on fixing the problem.

On Pessimism and Improvement

As much as I’d love for that to be the protocol, I think that there’s currently more evidence that points to the contrary. In fact, I’ll go as far as to say that for as much positivity that exists within the community, it’s counter-balanced by the infestation of people who are looking to disrespect and throw others under the bus before actually helping customers.

And that’s where it sucks. It ends up looking more like a glorified rumor mill than it does about an industry that aims to democratize publishing and looking out for the customers above anything else.

But I’m pessimistic. I don’t think things will change. I think it will always remain this way; however, I do think that some people and publications are above board when it comes to things like this. I know that this is how I want to conduct both myself and my company.

And as much pessimism as I have, maybe this will resonate a little bit you with and we raise the bar of integrity of our industry just a little bit.

Maybe.

Category:
Articles
Tags:

Join the conversation! 27 Comments

  1. Well spoken, Tom. The throwing under the bus especially bothers me within the WP community. A high level of coherence and cooperation among the developer community is important to the brand and image of WordPress… which ultimately effects market share and confidence in the platform.

    Big headline stories about huge vulnerabilities and infighting among developers do absolutely nothing to further the mission of WordPress. My ideal would be that we all treat vulnerabilities with as much confidentiality as possible. Even if it is the competition.

    • A high level of coherence and cooperation among the developer community is important to the brand and image of WordPress

      Agreed.

      My ideal would be that we all treat vulnerabilities with as much confidentiality as possible. Even if it is the competition.

      On point.

    • Trust me, I get exactly what you’re saying. Certainly not trying to play the naivete / ignorance card here.

      But I also believe that we have the capabilities to be better than this. Writing it off is something that I’d hate to see some of my fellow peers do. I’d rather be kept in check by you guys, you know? Maturity and all that jazz :).

  2. Great post, Tom! Bringing integrity to the Wild, Wild West world of WordPress is going to take some time but there is another area where WordPress integrity is lacking that needs to be brought to light as well. In our role as white label WordPress outsourcing providers, The White Label Agency frequently gets called by new potential clients who are in crisis mode. A deadline looms and their freelancer or offshore agency has simply disappeared. The subcontractor isn’t returning emails or calls. They’ve simply disappeared – often with a deposit or other partial payment in hand. Tools like Odesk and Elance may have helped this tragedy somewhat but there are millions of client / freelancer relationships around the globe who are working through platforms like Craigslist where the buyer has limited if any protections. Abandoned projects and disappointed clients give all of us a bad name.

    As with any new phenomenon there are unforeseen consequences. WordPress has lowered the bar in terms of the technical skills required to declare, “I’m a developer.” This lower bar means a bigger pool of people. While I’m not suggesting that WordPress developers have lesser character than freelancers in the pre-WordPress world, even if the same percentage of low integrity people who would abandon a project exist today, the fact that the pool is so much bigger means that the impact is that much greater.

    My guess is the percentages are higher today because based on anecdotal information from agencies and individuals seeking to hire us, WordPress developers who abandon projects tend to do so because they underestimated the complexity of the project. This means that they either a) don’t have the skills required or b) don’t want to give away the extra hours required to close the gap between what they quoted and what it will actually take to get done.

    Now, I’ve seen the other side to this as well. There are clients whose list of tweaks and fixes is unreasonable and never ending. There are clients who simply don’t understand how to work with people and who drive good developers away. Those types of people will be disappointed – and will broadcast their disappointment – no matter how well you take care of them. If you have a client like that and you need to end the relationship, simply disappearing is not the professional approach. You need to have that difficult phone call or Skype and officially end the deal.

    No break up is fun, but if we’re going to raise the bar on integrity in the WordPress industry, abandoned projects need to become a thing of the past.

    • Allen – you are all too right. In my past life working tech in the non-profit world I saw this very thing nearly kill an entire platform: Drupal.

      Drupal was very hot among non-profits in the early to mid 2000’s. There were lots of reasons why… which is a whole other story…. But one reason is WP hadn’t matured as a CMS solution quite yet (though we were pushing the boundaries as hard as we could) and the best options for politically-minded organizations with an interested in Freedom were the likes of Joomla, EZPublish, and Drupal.

      Drupal took off as the very hot leader and within a few years anyone with a copy of Transmit and a liking to Chomsky declared themselves a Professional Drupal Developer. Within a few more years I was making a nice living specializing in converting half-baked, abandoned, and very expensive Drupal sites into simple, elegant, reasonable WordPress sites. And now, most people in the non-profit sector will tuck and run for the hills at the very mention of Drupal.

      So yes. Let’s do everything we can to make sure this doesn’t happen to WordPress. I’m not sure how. It’s way beyond me. Integrity needed.

    • deadline looms and their freelancer or offshore agency has simply disappeared.

      I’ve heard this story all too often and I’m hearing it more an more each month. Such a bummer. It gives the rest of us a bad wrap.

      As with any new phenomenon there are unforeseen consequences. WordPress has lowered the bar in terms of the technical skills required to declare, “I’m a developer.”

      I think that’s definitely one way of looking at it. In another route, it gives people this false sense of confidence of what it really takes to build something from the ground up and that’s frustrating because it gives those of us with a classical programming background a bad wrap.

      There are clients whose list of tweaks and fixes is unreasonable and never ending. There are clients who simply don’t understand how to work with people and who drive good developers away. Those types of people will be disappointed – and will broadcast their disappointment – no matter how well you take care of them.

      Agreed. And it’s #sad isn’t it? That’s not how it should be.

      No break up is fun, but if we’re going to raise the bar on integrity in the WordPress industry, abandoned projects need to become a thing of the past.

      I’d take it a step further and say that clearer objectives need to be stated and agreed upon from the outset, as well.

  3. I know someone quite prominent in the WP community who’s considering leaving WordPress altogether because of the prevalance of negative attitudes and behaviours.

    Personally I still see lots of positivity, and Doing Things Right.

    I suspect that humanity being what it is we’ll always have both. I choose to be on the side of positivity and growth, and hopefully I can help keep things weighted to that side.

    • That’s interesting what you say Topher.

      Just out of interest, the person leaving, where are they going? And do the think it’s going to be different elsewhere? (Obviously if you can’t go into too much detail as you might revel their identity, don’t worry about answering!!)

      Because for me, as Dave LeBlanc said above, “Welcome to human nature”, it’s not really a WordPress issue, it’s a human nature/greed mentality. And that’s just going to follow them where they go!

      • Because for me, as Dave LeBlanc said above, “Welcome to human nature”, it’s not really a WordPress issue, it’s a human nature/greed mentality. And that’s just going to follow them where they go!

        I absolutely agree with this (I even said in the post that I’m pessimistic about things :), but I also know that when given the choice to try to introduce some level of positivity into a situation, I’d much rather be known for that or for trying to counter-balance that.

        I know you aren’t arguing against that, I’m just adding to your comment :).

    • I know someone quite prominent in the WP community who’s considering leaving WordPress altogether because of the prevalance of negative attitudes and behaviours.

      Mixed emotions on reading things like this because there are those who aren’t negative and who have positive attitudes and outlooks on things. I’d like to think we could counterbalance it.

      But at the end of the day, that’s a person’s prerogative – and if they’re happier elsewhere, I can’t fault them for that.

      I suspect that humanity being what it is we’ll always have both. I choose to be on the side of positivity and growth, and hopefully I can help keep things weighted to that side.

      Indeed.

  4. Tom,

    Reading this brings back memories (not very happpy ones) of me shipping a version of my plugin late one night. I was proud of the major updates that I had done and everything worked in my test install. But, I missed a line of code that created a circularity and crashed the site only when the user upgraded. Guess what… everyone around the world upgraded the plugin and by the time I woke up I had a 1 star review and several support tickets. I was able to push a fix out pretty quickly, but the damage was done. Was the 1-star review justified… maybe… but what about the fact that this was soon fixed and everyone went away happy?

    I don’t think it’s just the WP community suffering from this. We’ve got a tonne of users and I am sure very few technically oriented ones. From them it either works or doesn’t. If it does, they might praise you. If it doesn’t you’re under the bus!

    And, I’m not sure if user teaching would work or not.

    • That’s different — customers are not developers or WP “professionals.” They’re going to react that way if you put out an update that breaks their site. You can mitigate the reaction by being able to communicate quickly and maybe by not shipping an update late and night and immediately going to sleep with nobody on deck.

      @Tom There’s nothing to disagree with in your stance at all, but it may not be as bad/damaging as it looks to you. I agree it is probably inevitable that any popular open source project is going to feature developer egos (maybe especially young and male ones) that clash with each other. Fortunately intra-developer rancor in the WP community seems pretty easy to miss if you don’t follow those channels, and most people don’t. It doesn’t seem to spill over into more public venues like the wordpress.org support forum. The WP forum has always seemed like a clean and well lit space, unlike others I have seen where developers and advanced users air their grievances with each other, talk shop politics, and behave as harsh scolds to novices who ask “stupid questions,” don’t bow before them and are “doing everything wrong.” Thankfully wordpress.org is free of this; maybe developers should ask why they can’t be so civil with each other?

      My guess is developers will naturally tend to categorize others as competitors, allies, or irrelevant — or people who are just wrong and a waste of time. Customer-service relationships tend to work the same way. If there is presumptive distrust or reasons given for distrust, then people don’t see each other as allies who value and trust each other. And you really can’t give everyone your time and attention.

    • Reading this brings back memories (not very happpy ones) of me shipping a version of my plugin late one night.

      This is one of those things that many of us learn the hard way, isn’t it? How many times have you shipped a plugin or a project before signing off for the night since then? :)

      but what about the fact that this was soon fixed and everyone went away happy?

      Unfortunately, the fact that something was pushed out that broke an install gives users less confidence in the problem. People won’t see things as “ah, they fixed it now so I’m happy,” they see things as “well this is what should’ve been done immediately,” or something like that.

      And yeah, the damage gets done and that part sucks. The best we can do is learn from those mistakes and move forward with stuff like that in current and future projects.

      • Now I ship the plugins usually on weekends and usually in the mornings when I’m available to monitor and fix updates. Also helps that I can usually detect an issue because I update the plugins on my sites asap as well.

        There is always a lesson learnt in the first big mistake made!

  5. This article shines some light on some things I’ve been noticing as well, namely the growing negativity and hyper-competitiveness within the community. While it is human nature to give in to our negativity, no one in history has ever elevated themselves by pushing other people down.

    Dan, you bring up some points, as did many others so far in the comments. Our community shouldn’t be a pissing contest, where grievances are aired publicly, and respected community members bash the lower status members for “doing it wrong”.

    Allen mentioned that many projects have AWOL developers, and while there are more facets to that particular problem, it doesn’t help the community as a whole. We need to provide MORE community education, not less. If a rising tide lifts all boats, then we need to do what we can to help educate the newest and lowest members of the WordPress community so they can deliver quality projects. Like it or not, many clients seek out people on places like Odesk and Craigslist, so we need to reach outside of our own community and educate onlookers as well, about what to look for, and how to select a good developer. Many people only consider price, and good developers who charge accordingly seem like an anomaly.

    Jason mentions Drupal as the old CMS of choice for non-profits. It is still the default CMS of choice for enterprise level projects, because it has a reputation of stability and scalability. Also, on average, the developers charge a whole lot more, so the perception is Drupal is more reliable.

    Tom: Security vulnerabilities come and go. Most are patched quickly, and we all move on. Most situations are not a ThemePunch situation. But people who write “news” for a living thrive on bad news.

    • Yea, John makes an interesting point about where Drupal ended up landing. It’s as if after being the CMS du jour it suffered a period of bad reputation, many jumped ship, but those that stayed were the professionals. And they could then charge a lot without much low-cost competition to compete against. So now it stands as a sort of enterprise open source CMS. Interesting trajectory. Nice point, John.

    • Tom: Security vulnerabilities come and go. Most are patched quickly, and we all move on. Most situations are not a ThemePunch situation. But people who write “news” for a living thrive on bad news.

      Right on point here. Bad news is news and good news isn’t.

  6. Just FYI: I’m not sure if this was your intention, but given the timing and subject matter, it seems really really apparent that you’re talking about Yoast. Even if by some chance that’s not your intent, it reads like it is.

    I have no dog in that fight, just sayin’.

    • Timing never was my thing. The point of the post has more to do with observations that I’ve seen over the past few years (rather than in a single day’s drama), and it tends to be par for the course for how things play out.

      And that’s a bummer as I’d love to see us actually course correct that a bit.

  7. Any group, community or other gatherings, big enough, will reflect the “real” world. And the WordPress community is no difference.

    There will always be people with bad behavior, as there will alway be abandonned projects. The only thing you can do, is to treat others as you would like them to treat you. We are all both good and bad, and it’s up to you to decide, which side of yourself is the dominant one.

    Believe it or not, the WordPress community is among the more friendly ones. There are few others, where the willingness to help is equal to that of WordPress, among them the Pythonists.

    In your case Tom, it’s the law of Jante ( a Danish saying, read it as the rule of envy). Jante says, if youre good, I’m here to tell you, youre not. The more of an authority you become, the more people will try to put you down.

    Don’t let them get to you Tom, I personally admire your skills and the way you share your work to the benefit of us all. The dead of WordPress, will come when such schoolyard bullys have success with their envy campaigns, and drive talented developers away from the community. The best thing to do, is to ignore them.

    •  Believe it or not, the WordPress community is among the more friendly ones.

      Definitely agree. I think this is why when someone or someone in such stark opposition shows up, it really stands out.

      Thanks for your comment – I do appreciate the kind words :).

  8. Interesting article Tom, and it sounds like you’ve been through some pain to be able to write it. I can sympathise with that sinking feeling – pinging awake at night having suddenly thought of something that might not be quite right and trying to fix what went wrong.

    I’ve found, however, that the vast majority of my experience with the WordPress community has been very positive, especially when compared with experiences I’ve had with other sections of the web development community which have been far from pleasant. 95% of the WordPress folks I’ve worked with have been decent, helpful people who don’t want to hurt anyone else’s chances of success and would quietly tell you you’re doing something wrong rather than announce it on twitter.

    There are exceptions though. I was recently involved in organising a WordCamp, and the one person out of over 150 who wasn’t happy with a communication I’d sent out chose to tweet about it instead of replying to me to voice those concerns. It was frustrating at the time but I just kept sight of all the positive feedback we were getting from everyone else.

    There are a few people in the WordPress community who have a more competitive, business-oriented attitude to things (and often very high self-regard) and maybe aren’t representative of most of us who think in a way that’s much more in tune with the open source ethos. I hope that small minority of people don’t put you off continuing to do all the great things you do!

    • Thanks a lot for the comment, Rachel!

      It’s true that I’ve had my fair share of knocks, but I think we all have and the longer we’re around releasing things, the more likely it is to happen, you know?

      On the same point, I’m sorry to hear your point about your WordCamp experience. It sucks that Twitter can be a vehicle for so much disdain versus civil conversation but, you know, so be it, I guess.

      What can we do?

      There are a few people in the WordPress community who have a more competitive, business-oriented attitude to things (and often very high self-regard) and maybe aren’t representative of most of us who think in a way that’s much more in tune with the open source ethos.

      Agreed.

  9. I’m going to venture slightly off topic a second but I feel it’s relevant to the point I would like to make.

    I served in Iraq as a combat medic with the Marines in 2004. That year I lost a lot of people. Some I knew, some I didn’t but I remember every single one of them. We serviced over 5,000 patients in the time I was there and I couldn’t tell you a single person I helped that didn’t die. What I could tell you is the names of every single person I lost. I say I because I took personal responsibility for it.

    That being said, it taught me a valuable lesson. I couldn’t do anything more to save those people than I did. Their loss though didn’t mean I was a sub-par medic or that I personally did something to cause their death. There are thousands of people alive today because of the service we provided during that time.

    I have taken that experience and applied it to my business today. I’m not the best developer and sometimes I wonder if I should even call myself one. I’ve never wrote a plugin, I’ve never released a public theme, I’ve never contributed to the codex and I’ve never been to any WordPress conference / event.

    I’m a designer that knew some code, taught myself WordPress and now to develop custom themes. It’s small, niche and what I’ve built my business on. I continue to learn, improve and have plans to do some of the things I mentioned having not done yet.

    I can control what I do. I do the best job I possibly can and sometimes that’s not enough. I’ve lived with it before and I will live with it now.

    If more of the community would put their pride aside and realize their limitations and what they bring to the table I think we would all benefit greatly from that experience. That is up to each individual though and we only have control over ourselves.

    As always thanks for the great read. This is why I love reading your blog.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.