1. Chip Bennett

    “I think when making these decisions, we as developers have to consider what is best for the broadest number of users and be realistic about the type of users we have. If a user is already not updating plugins regularly, it is unlikely they are going to have the awareness to flip a toggle to turn auto-updates on. So opt-in makes them mostly useless.”

    It seems that, once again, where automatic updates are involved, developers forget Freedom 0:

    “The freedom to run the program as you wish

    The freedom to run the program means the freedom for any kind of person or organization to use it on any kind of computer system, for any kind of overall job and purpose, without being required to communicate about it with the developer or any other specific entity. In this freedom, it is the user’s purpose that matters, not the developer’s purpose; you as a user are free to run the program for your purposes, and if you distribute it to someone else, she is then free to run it for her purposes, but you are not entitled to impose your purposes on her.”


  2. Eric Karkovack

    I’d also note that, looking at the changelog, this plugin had several updates in a very short period of time. Perhaps more security but also more chances for things to break.

    My hope is that plugin/theme authors really take users into account. Inform them of what’s going on and what’s best practice. Don’t just force these things without communication. It’s almost always going to backfire.


    • Pierre LeBaux

      Another reason why plugins update often is because both users and plugin search on w.org take into account when was the plugin last updated. It is marketing.

      Developers know it is better to release less updates, less often. We try to ship mature and tested code. This way it is easier to spot problems and we do not constantly spam admin dashboard with updates.

      The thing is, good coding practices are not always good for marketing. I am reasonably sure AIO SEO prefer marketing and sales to stability and reason.

      Come to think of it, I should put on our site that one of the advantages of our SEO plugin is we do spam updates, especially garbage like readme updates.


      • Eric Karkovack

        Pierre, I’d never considered that part of it – thanks for sharing!

        Perhaps the answer would be to not provide incentives in the .org repository searches. How that could be accomplished, I’m not sure. Maybe the results are weighted differently.

        There’s probably only so much you can do to discourage the behavior. But ultimately this kind of backlash may be the best way to do it.


    • Ryan Steiner

      AIOSEO seems to update weekly. I wonder exactly what they are changing or if they just publish updates so that their plugin appears up to date.


  3. Clark

    Maaaybe wanna tweak this headline. It sounds like the enabled auto update and then removed useful other features. Which sounds way more nefarious that enabling then disabling auto update. Still wrong, but I was expecting more pitchforks, haha.


  4. Rarst

    For hosts auto updates looks like switch that says “enable to make more money and ruin someone else’s day” and like… but what’s the downside!?

    As a user why should I tolerate my things being broken by someone for the sake of improving nebulous average case out there?

    And that’s already happening, my last WP host’s automated updates system broke updates for me, because my case wasn’t perfectly average.

    Auto updates aren’t about average, they are about the worst thing that they can and will do to someone. In WordPress people are being awful casual about that and hiding behind average isn’t advocating for users’ benefit here.


  5. Ryan Hellyer

    This seems like very strange functionality to include in a plugin like this. If someone wanted automatic updates to be turned on, then presumably they’d turn them on. There’s no need for their SEO plugin to be handling this sort of thing for them.


  6. Against all odds

    WordPress desperately needs:

    1) A common one place where plugins install itself and not bloating the other interfaces. Or have the ability of the users to arrange its place if they want – if they don’t want the plugin to stuff things on the top bar or on the main root menu sidebar, they should be able to move that in a folder where it belongs. I am sorry but this anarchy should stop once and for all.

    2) A system wide notification place for all notifications only there the same way Notification Center works for Mac or whatever it is called for Windows. Even Windows did the right thing.

    I am tired of bloatware, clients refuse to install ANY plugins thanks to this. I know that it is playing good in the basket of Gutenberg [the idea that plugins should not be installed], but in the same way it stiffs the development of plugins.


  7. SEO Consultant

    Then that just inconvenience the users from turning it off again and again who knows if this happens again after turning it off


  8. Bastian

    I was a big proponent of this plugin. But, when I discovered that the plugin was acquired by that guy from Awesome Motive I knew it was time to start looking for another SEO plugin, as he already ruined a pretty popular Google Analytics plugin in the past. My suspicions have been confirmed. The moral of the story is that acquisitions are usually a bad sign for a product because for the new owner the tool is simply a new additional way to make money and expand his portfolio. Now I use The SEO Framework in all the sites I manage.


    • Pierre LeBaux

      Glad to have you on board. As I mentioned in other comment here, we do not plan to turn automatic updates, especially because we do not even think any plugin should have option to toggle this by itself.

      We also do not “spam updates” just to look busy. Silly.

      Again, thank you from picking us from the bunch!


    • Eric Kuznacic

      I came here to make a similar comment as @Bastian. I read the post, then remembered that AI1SEO recently was sold but I couldn’t recall by whom. When I looked it up, it all clicked. That guy and his company are some of the biggest abusers of WP dashboard alerts, and frequent “updates” that don’t really add/change anything or that could certainly be combined into a single, less-frequent update. I steer clear of anything from this company.


  9. Miroslav Glavic

    I have commented this in the past, here and other places…….automatic updates are bad.

    1) You, as the admin of your site, should be there in front of your computer/laptop/etc…and do the updates, to fix things in case the update(s) screw up your site.
    2) If you offer site maintenance for clients and all you do is rely on automatic updates then you are not really maintaining your site.

    Imagine if Amazon were to rely on automatic updates for whatever runs their site and things go down.

    No plugin or theme should ever turn ON automatic updates.


  10. David Anderson

    I think this story also needs to look at wider context. WordPress core, for example, pushes automatic updates – and has used this in the past not just to push limited-scope security patches, but whole new features (e.g. the privacy features in 4.9.6 – https://wordpress.org/news/2018/05/wordpress-4-9-6-privacy-and-maintenance-release/). Some core team members are in favour of promoting automatic updates as much as possible. So whilst I disagree in principle with forcing automatic updates on users, I think it might be a bit harsh of WPTavern to single out one plugin vendor when the same practice is part of every core WP install and more of such things is part of the core roadmap. If there’s an issue here, then it’s not a new initiative from this plugin (which personally I have no relationship to and don’t recall if I’ve ever used).


    • Eric Karkovack

      You make good points, David. When I brought up this plugin, I didn’t necessarily intend to single it out as the sole offender. It just happened to be the one that caused me problems personally with a site breaking.

      To me, the broader question is how do we as users want plugin/theme authors to handle automatic updates? Is it acceptable to turn them on without notice? Should WordPress encourage or even allow this practice?

      And honestly I’m fine with WordPress core doing this in most cases. I’d trust them to do no harm – even though there is always a risk.

      With plugins or themes, anyone can push one out and there are varying degrees of quality. So now we are having to trust not just the core team, but other developers as well. I think a line needs to be drawn here between what core and plugins/themes can do.


Comments are closed.

%d bloggers like this: