Matt removes my wp-db-backup plugin from the default WordPress package. No trac ticket suggesting this course of action, no seeking feedback from testers or hackers, and no public discussion of his actions prior to executing them. The backup plugin was very highly recommended by a lot of people on the hackers list for inclusion with the default download.
I continue to get trackbacks about how it has saved folks’ sites. I see my plugin listed in many “top ten plugins” lists. I honestly don’t care whether my plugin is bundled by default or not. It’s Matt’s unilateral decision making that raises my ire so much. He’s written time and again about what users want when justifying things he wants to ram into the core, but then happily ignores popular opinion for his own undocumented, unpublished, goals.
I take particular umbrage with Matt's claim that it “has been a source of security probs”. I was only ever made aware of one security issue, which I published immediately here, as well as on the WordPress support forums. If one security issue means the plugin should be removed from the core, then the core of WordPress itself should be excluded from the core, since it’s had far more security vulnerabilities in its lifetime. Doug Stewart claims "it’s been a security nightmare", but offers nothing to back up that claim. Nor have I received any emails from him, Matt, or anyone else about these security problems, even before I stopped officially supporting my plugins.
Matt says, rightly, "There is nothing stopping you from continuing to use the plugin". Sure, I still host the plugin version here, even though I have no intention of updating it to work with any future versions of WordPress. The kicker, though, is Matt’s final comment “I just don’t think it’s appropriate to bundle with core anymore.” And that alone is sufficient grounds for him to take action, community be damned.
Don’t let yourself be fooled: although the code to WordPress is available for download and personal modification, there’s very little chance of anyone other than Automattic making substantial contributions to the product. It’s “open source” in name only.
Matt suggests folks should use the new fangled XML import/export feature, instead of the backup plugin. This isn’t the first time Matt has removed someone’s contributions to be replaced by something he cooked up. I haven’t used the import/export feature yet (because I gave up following WordPress development), but I do wonder about its utility in comparison to the backup. Export and backup are two different things.
If anyone wants to take ownership of the wp-db-backup plugin, feel free to contact me. I’ll happily facilitate anything I can if you want to pick up where I left off. I’ll also politely ask Autocrattic to grant you write access to the wp-plugins.org repository, though be warned that it took almost a month to get subscribe2 updated for its new maintainer.