Plugin Developer FAQ

Topics

Submissions and Reviews Submissions and Reviews

Where do I submit my plugin? Where do I submit my plugin?

Go to the Add page and upload your zip.

Top ↑

What happens after submission? What happens after submission?

You’ll get an automated email telling you about the submission. Then someone will manually review your code. If we find no issues with the security, documentation, or presentation, your plugin will be approved. If, however, we determine there are issues, you will receive an email with details explaining what needs to be fixed.

Top ↑

What will my plugin URL be? What will my plugin URL be?

Your plugin’s URL will be populated based on the value of Plugin Name in your main plugin file (the one with the plugin headers). If you set yours as Plugin Name: Boaty McBoatface then your URL will be https://wordpress.org/plugins/boaty-mcboatface and your slug will be boaty-mcboatface for example. If there is an existing plugin with your name, then you will be boaty-mcboatface-2 and so on. It behaves exactly like WordPress post names.

Once your plugin is approved, it cannot be renamed. But don’t panic. If you get a -2 plugin name, we’ll help you fix it. Just wait for an email.

Top ↑

How long does it take to get a plugin approved? How long does it take to get a plugin approved?

There’s no official average, as no two plugins are the same. If your plugin is small and all the code is correct, it should be approved within seven days. If your plugin has any code issues, it will take as long as it takes for you to correct the issues. Either way, you will get an email from plugins@wordpress.org with the status, so please add that to your email whitelist and patiently wait for our response.

Top ↑

If my plugin has a problem, how long do I have to fix it? If my plugin has a problem, how long do I have to fix it?

As long as it takes. We don’t reject plugins automatically after 7 days anymore.

Top ↑

It’s been months and I finally fixed my plugin. Should I resubmit? It’s been months and I finally fixed my plugin. Should I resubmit?

No. Reply to the email. Even if it’s been months. Seriously.

Top ↑

Are there specific things you’re looking for that I should avoid? Are there specific things you’re looking for that I should avoid?

We look for some pretty obvious things, all of which are listed in our guidelines. Most can be summed up as “Don’t be a spammer,” but to touch on the ones people do the most:

  • Not including a readme.txt file when acting as a service
  • Not testing the plugin with WP_DEBUG
  • Including custom versions of packaged JavaScript libraries
  • Calling external files unnecessarily
  • “Powered By” links
  • Phoning home

Again, this is a brief overview. Please read the guidelines, as the full list is quite detailed.

Top ↑

Are there plugins you don’t accept? Are there plugins you don’t accept?

A plugin should be something directly beneficial to the user. It shouldn’t ask users to edit files, and it should just work out of the box. We also don’t accept 100% copies of other people’s work.

Currently we are not accepting framework or library type plugins, and we never accept plugins that are or encourage illegal behavior. Similarly, we will not accept black hat SEO scamming plugins.

Top ↑

Can I change my plugin’s name? Can I change my plugin’s name?

Yes and no. You can change the display name, but the slug — that part of the plugin URL that is yours — cannot be changed once a plugin is approved.

To change the display name, edit your main plugin file and change the value of “Plugin Name:” to the new name. You may also want to edit your header in your readme.txt

Top ↑

Are there names you don’t permit? Are there names you don’t permit?

Vulgar or offensive plugin names (display names or slugs) will not be permitted.

Top ↑

Are there words I can’t use in my plugin slugs? Are there words I can’t use in my plugin slugs?

There are! Besides the aforementioned vulgarities, we have the following restrictions:

  • Plugins may not use ‘WordPress’ or ‘Plugin’ in their slugs except under extreme situations
  • Plugins may not use version numbers in plugin slugs
  • Due to system limitations, only English letters and Arabic numbers are permitted in the slug
  • Plugins may not start with a trademarked term or name of a specific project/library/tool unless submitted by an official representative

We encourage everyone to be creative and come up with unique names. As of March 2017, we will automatically correct any plugin that has an unacceptable name. If there’s a question to the best name, we will contact you to be sure.

Top ↑

Can I use WordPress or Plugin in my display name? Can I use WordPress or Plugin in my display name?

Yes, but we’d rather you didn’t. Again, it’s incredibly redundant.

Top ↑

I made a mistake and submitted a plugin with the wrong name. How can I fix it? I made a mistake and submitted a plugin with the wrong name. How can I fix it?

Email plugins@wordpress.org and explain the situation. We can correct plugin slugs before approval, so we are often able to fix that for you. If not, we’ll let you know what to do. We try to catch typos in names before we approve anything, but we make mistakes too.

Top ↑

I already have a plugin, but I want to redo it! I just submit again, right? I already have a plugin, but I want to redo it! I just submit again, right?

We’d rather you actually just rewrite the existing plugin. Make it a major version release. We can’t rename plugins, so a new one wouldn’t carry over any existing users, reviews, support topics, ratings, downloads, favorites, etc.

Top ↑

Top ↑

Using The SVN Repository Using The SVN Repository

Top ↑

In what directory should I put my files? In what directory should I put my files?

Put your code files directly in the trunk/ directory of your repository. Whenever you release a new version, tag that release by copying the current trunk revision to a new subdirectory of the tags/ directory.

Make sure you update trunk/readme.txt to reflect the new stable tag.

Images for the readme (such as screenshots, plugin headers, and plugin icons), belong in the assets/ directory (which you may need to create) in the root of your SVN checkout. This will be on the same level as tags/ and trunk/, for example.

Top ↑

Can’t I put my files in a subdirectory of trunk/? Can’t I put my files in a subdirectory of trunk/?

You can, but don’t. The .zip file the WordPress.org Plugin Directory creates will automatically wrap all your files inside a directory, so there is no need to put your files into a subdirectory.

If you have complicated plugin with lots of files, you can of course organize them into subdirectories, but the readme.txt file and the root plugin file should go straight into trunk/.

Top ↑

How should I name my tags (a.k.a. releases)? How should I name my tags (a.k.a. releases)?

Your Subversion tags should look like version numbers. Specifically, they should only contain numbers and periods. 2.8.4 is a good lookin’ tag, my neato releaso is a bad lookin’ tag. Inflexible? Yup. Easy to handle and sanitize? You bet! We recommend you use Semantic Versioning to keep track of releases.

Note that we’re talking about Subversion tags here, not readme.txt tags. Those can obviously be any words you like.

Top ↑

What should be in my changelog? What should be in my changelog?

A changelog is a log or record of all or all notable changes made to your plugin, including records of changes such as bug fixes, new features, etc. If you need help formatting your changelogs, we recommend Keep A Changelog as  that’s the format used by many products out there.

Top ↑

How many versions should I keep in my changelog? How many versions should I keep in my changelog?

Always keep the current major release in your change log. For example, if your current version is 3.9.1, you’ll want that and 3.9 in the change log. Older versions should be removed and migrated to a changelog.txt file. That will allow them to be accessible to users, while keeping your readme shorter and more pertinent. At most, keep the most recent version of your plugin and one major version back in your readme’s changelog. Your changelog.txt will not be visible within the WordPress.org Plugin Directory, but that’s okay. Most users just want to know what’s new.

Top ↑

Can I specify what version of my plugin the WordPress.org Plugin Directory should use? Can I specify what version of my plugin the WordPress.org Plugin Directory should use?

Yes, by specifying the Stable Tag field in your trunk directory’s readme.txt file.

Top ↑

Where does the WordPress.org Plugin Directory get its data? Where does the WordPress.org Plugin Directory get its data?

From the information you specify in the plugin file and in the readme.txt file, and from the Subversion repository itself.

Read about how the readme.txt works for more information.

Top ↑

How do plugins include videos on their plugin description pages? How do plugins include videos on their plugin description pages?

For YouTube and Vimeo videos, simply paste the video link on a line by itself in your description. Note that the video must be set to allow embedding for the embed process to work.

For videos hosted by the WordPress.com VideoPress service, use the wpvideo shortcode. Shortcodes can also be used for YouTube and Vimeo, if needed, just like in WordPress.

Top ↑

I made some changes to my SVN repository. How long will it take for the WordPress.org Plugin Directory to reflect those changes? I made some changes to my SVN repository. How long will it take for the WordPress.org Plugin Directory to reflect those changes?

The WordPress.org Plugin Directory updates every few minutes. However, it may take longer for your changes to appear depending on the size of the update queue. Please give it at least 6 hours before contacting us.

Top ↑

Can I include SVN externals in my plugin? Can I include SVN externals in my plugin?

Nope, sorry. You can add svn externals to your repository, but they won’t get added to the downloadable zip file.

Top ↑

How do I make one of those cool banners for my plugin page? How do I make one of those cool banners for my plugin page?

You can make your own plugin headers by uploading the correctly named files into the assets folder.

Read about plugin headers for more information.

Top ↑

How do I make a plugin icon? How do I make a plugin icon?

You can make your own plugin icons by uploading the correctly named files into the assets folder.

Read about plugin icons for more information.

Top ↑

The Support Forums The Support Forums

Top ↑

How do I get notified for forums posts? How do I get notified for forums posts?

Go to https://wordpress.org/support/plugin/YOURPLUGIN and scroll down to the bottom of the list of posts. There you will see an option for the RSS link, as well as a sign up for emails.

Signup links for email/rss

Click the subscribe link for emails, or use the RSS link in your favorite reader.

Top ↑

How do I get notified for all my plugins? How do I get notified for all my plugins?

If you’re tracking the WordPress forums, https://wordpress.org/support/view/plugin-committer/YOURID will list all of the support requests and reviews for any plugin you have commit access.

Not a comitter, just someone listed as an author? Use https://wordpress.org/support/view/plugin-contributor/YOURID

Those are RSS only. If you need email, go to https://profiles.wordpress.org/YOURID/profile/notifications/ and put in the terms you want to be emailed for.

Top ↑

Closed Plugins Closed Plugins

Top ↑

How do I close my plugin? How do I close my plugin?

If you ask for your plugin to be removed, you will not get it back unless you can justify your situation. Closing a plugin by request is intended to be permanent.

Email plugins@wordpress.org from an account with commit access and link to your plugin. If your email does not match someone with commit access to the plugin, you will be asked to send from a different email.

Top ↑

What happens when a plugin is closed? What happens when a plugin is closed?

When a plugin is closed, the front-facing URL for the plugin redirects to the main plugin directory and the zips are no longer generated. No one will be able to download the plugin via the website, nor will they be able to install it via the WordPress admin. The SVN repository will remain accessible to allow others to download and fork the code if desired, per the tenets of the directory.

Top ↑

Why was my plugin closed? Why was my plugin closed?

It was either a guideline violation, your behavior on the .org systems, or a security issue. In all cases, you should have received an email from plugins@wordpress.org explaining why.

Top ↑

Why was someone else’s plugin closed? Why was someone else’s plugin closed?

We do not publicize why we close plugins to anyone but the plugin developers and the WordPress core developers. Don’t bother asking. This is for safety reasons. If we publicized why we closed a plugin, everyone would know about vulnerabilities. If we chose not to say ‘it was for security’ then every time we said ‘we can’t tell you’ the world would know it was for security. Basically, it would make things less safe for everyone.

Top ↑

Can I get someone else’s plugin closed? Can I get someone else’s plugin closed?

If you report an security issue or a guideline violation in a plugin to plugins@wordpress.org, we will review the report and take appropriate action. Most of the time, this involves closing a plugin.

Top ↑

Someone posted a copy of my plugin! What do I do? Someone posted a copy of my plugin! What do I do?

Email plugins@wordpress.org with a link to the stolen plugin, and either a link to where we can download yours or attach the zip. We will compare the two files, as well as all the coding history we have, to determine if the plugin is, indeed, theft, or just an uncredited fork. Please keep in mind, if you licensed your plugin as GPLv2 or later, then it’s perfectly permissible to fork your work, as long as copyright remains intact and you’re credited.

Top ↑

How can I send a security report? How can I send a security report?

Email plugins@wordpress.org a clear and concise description of the issue. Make sure to explain how you verified this is an exploit (links to the plugin listing on sites like secunia.com are perfect). If you provide a link to your report, DO NOT delete it! We will passed it on directly to the developers of the plugin.

Top ↑

Can I get a bounty for finding a bug in a plugin? Can I get a bounty for finding a bug in a plugin?

We have no relationship with any bug bounty programs, so we don’t file your reports etc to them. The only one with which we work is hackerone.com/automattic and that’s for bugs related to Automattic properties. Everything else is on your own, don’t ask us to submit things.

Top ↑

Do you help file or provide CVEs? Do you help file or provide CVEs?

No. We do not have the ability to assist with that at this time.

Top ↑

My plugin was closed, can I reopen it? My plugin was closed, can I reopen it?

Maybe. If it was closed for a security reason, fix the issue, reply to the email, and most of the time we’ll reopen the plugin. If it was close for guideline violations, it depends on the severity and nature of the violation. Repeat offenders are less likely to have a plugin reopened, for example, than first-timers.

If you asked for the plugin to be closed, you will be expected to explain why the change of heart. Plugins are intended to remain closed when a developer requests it, and not reopened again a month later.

Top ↑

Plugin Ownership Plugin Ownership

Top ↑

How do I give someone else access to my plugin? How do I give someone else access to my plugin?

If you want to add users as committers, that is give them access to update code, you will need to go to https://wordpress.org/plugins/YOURPLUGIN/advanced and add their username in as a committer.

If you want them to show up as an author, you will need to add their username to the readme.txt file.

Top ↑

How do I remove someone’s access from my plugin? How do I remove someone’s access from my plugin?

Anyone with commit access can do this. Go to https://wordpress.org/plugins/YOURPLUGIN/advanced and hover over their ID. A delete link will appear. Click on it.

Top ↑

How can I take over an abandoned plugin? How can I take over an abandoned plugin?

We permit users to adopt existing plugins that are no longer currently developed.

We ask you try to connect with the original developers first, so they can add you. In some case, that’s not possible and you should start with fixing the plugin. Make sure it meets coding standards, is secure, and update the copyright information to include yourself. Then you can contact us regarding plugin adoption.

We offer no guarantee that you will be given anyone’s plugin.

Top ↑

What happens if a plugin developer dies? What happens if a plugin developer dies?

When a developer is determined to have died, they are removed from their own plugins in order to prevent the unethical from gaining access and harming users. If they are the only developer, the plugin is closed. All attempts are made to find their friends and coworkers, to offer them a chance to adopt the code first, but if no one reliable or willing can be found the plugin is closed.