Initially, I was taking the side of WP.org and Automattic; however, I changed my mind completely once they took over the “Advanced Custom Fields” plugin, and replaced it with another plugin that broke people's websites. So Matt weaponized the WP package repository, and stole the users of a well-maintained package, making WP site admins work over the weekend to fix the breakage.
This isn't opinionated, this is theft.
If the project had been run like this since the beginning, it wouldn't be where it is today. Automattic is a rich company partially due to the community around WordPress, and the trust that community has had in the governance of the project.
> replaced it with another plugin that broke people's websites
What makes you think it broke someone’s website? AFAIK they just patched the security issue that wp engine team couldn’t patch because they were locked out from pushing to repo?
Firstly, the security patch was already published by the ACF team, and that wasn't the code that was pushed. This was a package takeover, slug, reviews, users, everything:
People woke up to their website being updated to “Secure Custom Fields”, an alternative (or a fork) that's not fully compatible. Here's one such report from HN:
What Wordpress did is insane, but let’s not spread misinformation. There were no pro features in the free plugin to turn off, they removed advertising for the pro version.
This isn't opinionated, this is theft.
If the project had been run like this since the beginning, it wouldn't be where it is today. Automattic is a rich company partially due to the community around WordPress, and the trust that community has had in the governance of the project.