Latest news with #MattMullenweg
Yahoo
3 days ago
- Business
- Yahoo
WordPress veterans launch FAIR project to tackle security and control concerns
The recent travails of WordPress have caused consternation among the web community that relies on the platform, which powers more than four in ten websites online today. Now, a coalition of prominent WordPress contributors and the Linux Foundation is unveiling a federated update and plugin-distribution network aimed at eliminating what they describe as a critical 'supply chain security' vulnerability at the core of the world's most widely used website system. Supersonic air travel gets green light in U.S. after 50-year ban lifted Why you're catching the 'ick' so easily, according to science How to Watch George Clooney's Broadway play 'Good Night, and Good Luck' live for free The FAIR Package Manager project, to be announced at a conference in Switzerland later today, enables web-hosting companies and large organizations to run their own mirrors of WordPress's core update, plugin, theme, and translation servers. This setup would replace reliance on domain controlled by Automattic CEO Matt Mullenweg. Supporters say the new system will strengthen security, reduce costs, and open new commercial opportunities for software that millions depend on for web hosting. The project emerged earlier this year in response to controversial moves by Mullenweg. In September, he cut off access to WP Engine—a popular WordPress hosting provider—accusing it of extracting hundreds of millions of dollars in value from the open-source platform without adequate contributions in return. He also alleged that the company breached WordPress trademarks, creating confusion. Amid the fallout, around 150 employees exited Automattic after Mullenweg offered buyouts to those who disagreed with his handling of the situation. 'In October, when Automattic took over the slug of WP Engine's product within the ecosystem, we received phone calls from the chief legal counsels of some of our clients—these are large corporations—saying, 'this is a supply chain security issue,'' says Karim Marucchi, CEO of enterprise agency Crowd Favorite and one of the project's initiators. Around the same time, Joost de Valk, founder of Yoast SEO, was attempting to communicate with Mullenweg. While de Valk shared the view that more equitable contributions to WordPress were needed, he disagreed with Mullenweg's methods. 'We stopped talking pretty much after that, because I didn't agree with him,' de Valk says. One central concern is that every WordPress site depends on for updates and extensions. 'When we started looking at this, we realized there's a lot of things in this whole ecosystem that we don't control,' de Valk says. 'One of the things that everybody's eyes were opened on was that was, in fact, not part of the WordPress Foundation, but owned by Matt privately, and that he used it as his private website in many ways.' WordPress executive director Mary Hubbard notes that users have always had control over how their sites are updated and where updates originate—flexibility that has existed since WordPress's early days. 'The beauty of WordPress and open source is that people have complete control to run it how they please and modify how it works,' she tells Fast Company. The FAIR system offers an alternative that remains fully compatible with WordPress but operates independently from 'It's still all WordPress,' says de Valk. 'It's just a different distribution.' Rather than forking WordPress, FAIR provides server components that anyone can run. Over 100 contributors from more than 10 organizations have been involved in building it over the past six months, according to Marucchi. The group has asked the Linux Foundation to provide neutral oversight. Hubbard pointed out that some large hosts like Newfold/Bluehost have implemented custom mirrors in the past, and emphasized that WordPress's update system has always allowed users to modify where their updates come from. 'The important thing is that users know where their updates are coming from and have a choice to change it, regardless of their host,' she says. 'WordPress is a critical piece of infrastructure for communication and for organizations that rely on it for their website, for content management, for blogs and media,' says Mike Dolan, SVP of legal and strategic programs at the Linux Foundation. 'And in order to sustain something like that, you need to have a reliable backend behind it.' To avoid centralization, the Linux Foundation has created a technical steering committee cochaired by long-time WordPress leaders Carrie Dils, Mika Epstein, and Ryan McCue. McCue, the architect of the WordPress REST API, called FAIR 'a platform to power the next decades of WordPress,' and noted that the community had 'fractured' and needed to be brought back together. Dolan echoed the sentiment. 'I think the interesting part about this is the organic nature of this,' he says. 'This is something that is coming out of the community. It's people who have lifelong and career-long engagement in the WordPress community who are saying we need to go and build this, and they want to work on it together.' Jory Burson, VP of standards at the Linux Foundation and a participant in the project, hopes it will lead to a 'reintroduction and reenergization of the community.' She adds that morale is currently low. 'I think this is going to be very exciting for people, and hopefully move some folks past this negativity and drama. We want to get people focused on the very positive future that we think WordPress still has.' Although FAIR was created out of frustration with Automattic's control over its backers insist it's not a competing fork. 'When we get up on stage on Friday, literally the words that are going to come out of our mouth are: 'We're offering this code to Automattic, WP Engine, GoDaddy, Newfold—everyone,'' says Marucchi. If widely adopted, the network could allow developers to ship both free and premium versions of plugins in a single signed package—something currently prohibited by the official WordPress repository. 'That opens up innovation,' de Valk says, 'making it easier to build businesses around plugins and to provide good user experiences.' Still, Hubbard emphasizes that fragmentation of WordPress's core infrastructure could create more problems than it solves—disrupting update processes, inflating server loads, and breaking plugin telemetry used for ensuring compatibility. 'If this work leads to improvements like signed updates or better fallback systems, we're open to that,' she says. 'But it has to be done with the same long-term care that got us here.' The FAIR repository is already live on GitHub and accepting contributions. Whether Automattic will participate remains uncertain; regardless, the project team plans to move forward. 'You're dealing with a community that has had some trust challenges in the past, and they're looking for stability,' says Dolan. 'They're looking for neutrality. They have business that they want to get done.' This post originally appeared at to get the Fast Company newsletter: Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Fast Company
4 days ago
- Business
- Fast Company
WordPress veterans launch FAIR project to tackle security and control concerns
The recent travails of WordPress have caused consternation among the web community that relies on the platform, which powers more than four in ten websites online today. Now, a coalition of prominent WordPress contributors and the Linux Foundation is unveiling a federated update and plugin-distribution network aimed at eliminating what they describe as a critical 'supply chain security' vulnerability at the core of the world's most widely used website system. The FAIR Package Manager project, to be announced at a conference in Switzerland later today, enables web-hosting companies and large organizations to run their own mirrors of WordPress's core update, plugin, theme, and translation servers. This setup would replace reliance on domain controlled by Automattic CEO Matt Mullenweg. Supporters say the new system will strengthen security, reduce costs, and open new commercial opportunities for software that millions depend on for web hosting. The project emerged earlier this year in response to controversial moves by Mullenweg. In September, he cut off access to WP Engine—a popular WordPress hosting provider—accusing it of extracting hundreds of millions of dollars in value from the open-source platform without adequate contributions in return. He also alleged that the company breached WordPress trademarks, creating confusion. Amid the fallout, around 150 employees exited Automattic after Mullenweg offered buyouts to those who disagreed with his handling of the situation. 'In October, when Automattic took over the slug of WP Engine's product within the ecosystem, we received phone calls from the chief legal counsels of some of our clients—these are large corporations—saying, 'this is a supply chain security issue,'' says Karim Marucchi, CEO of enterprise agency Crowd Favorite and one of the project's initiators. Around the same time, Joost de Valk, founder of Yoast SEO, was attempting to communicate with Mullenweg. While de Valk shared the view that more equitable contributions to WordPress were needed, he disagreed with Mullenweg's methods. 'We stopped talking pretty much after that, because I didn't agree with him,' de Valk says. One central concern is that every WordPress site depends on for updates and extensions. 'When we started looking at this, we realized there's a lot of things in this whole ecosystem that we don't control,' de Valk says. 'One of the things that everybody's eyes were opened on was that was, in fact, not part of the WordPress Foundation, but owned by Matt privately, and that he used it as his private website in many ways.' WordPress executive director Mary Hubbard notes that users have always had control over how their sites are updated and where updates originate—flexibility that has existed since WordPress's early days. 'The beauty of WordPress and open source is that people have complete control to run it how they please and modify how it works,' she tells Fast Company. The FAIR system offers an alternative that remains fully compatible with WordPress but operates independently from 'It's still all WordPress,' says de Valk. 'It's just a different distribution.' Rather than forking WordPress, FAIR provides server components that anyone can run. Over 100 contributors from more than 10 organizations have been involved in building it over the past six months, according to Marucchi. The group has asked the Linux Foundation to provide neutral oversight. Hubbard pointed out that some large hosts like Newfold/Bluehost have implemented custom mirrors in the past, and emphasized that WordPress's update system has always allowed users to modify where their updates come from. 'The important thing is that users know where their updates are coming from and have a choice to change it, regardless of their host,' she says. 'WordPress is a critical piece of infrastructure for communication and for organizations that rely on it for their website, for content management, for blogs and media,' says Mike Dolan, SVP of legal and strategic programs at the Linux Foundation. 'And in order to sustain something like that, you need to have a reliable backend behind it.' To avoid centralization, the Linux Foundation has created a technical steering committee cochaired by long-time WordPress leaders Carrie Dils, Mika Epstein, and Ryan McCue. McCue, the architect of the WordPress REST API, called FAIR 'a platform to power the next decades of WordPress,' and noted that the community had 'fractured' and needed to be brought back together. Dolan echoed the sentiment. 'I think the interesting part about this is the organic nature of this,' he says. 'This is something that is coming out of the community. It's people who have lifelong and career-long engagement in the WordPress community who are saying we need to go and build this, and they want to work on it together.' Jory Burson, VP of standards at the Linux Foundation and a participant in the project, hopes it will lead to a 'reintroduction and reenergization of the community.' She adds that morale is currently low. 'I think this is going to be very exciting for people, and hopefully move some folks past this negativity and drama. We want to get people focused on the very positive future that we think WordPress still has.' Although FAIR was created out of frustration with Automattic's control over its backers insist it's not a competing fork. 'When we get up on stage on Friday, literally the words that are going to come out of our mouth are: 'We're offering this code to Automattic, WP Engine, GoDaddy, Newfold—everyone,'' says Marucchi. If widely adopted, the network could allow developers to ship both free and premium versions of plugins in a single signed package—something currently prohibited by the official WordPress repository. 'That opens up innovation,' de Valk says, 'making it easier to build businesses around plugins and to provide good user experiences.' Still, Hubbard emphasizes that fragmentation of WordPress's core infrastructure could create more problems than it solves—disrupting update processes, inflating server loads, and breaking plugin telemetry used for ensuring compatibility. 'If this work leads to improvements like signed updates or better fallback systems, we're open to that,' she says. 'But it has to be done with the same long-term care that got us here.' The FAIR repository is already live on GitHub and accepting contributions. Whether Automattic will participate remains uncertain; regardless, the project team plans to move forward. 'You're dealing with a community that has had some trust challenges in the past, and they're looking for stability,' says Dolan. 'They're looking for neutrality. They have business that they want to get done.'
Yahoo
30-05-2025
- Business
- Yahoo
Automattic says it will start contributing to WordPress again after pause
parent company Automattic is changing direction... again. In a blog post titled "Returning to Core" published Thursday evening, Automattic announced it will unpause its contributions to the WordPress project. This is despite having said only last month that the 6.8 WordPress release would be the final major release for all of 2025. "After pausing our contributions to regroup, rethink, and plan strategically, we're ready to press play again and return fully to the WordPress project," the new blog post states. "Expect to find our contributions across all of the greatest hits — WordPress Core, Gutenberg, Playground, Openverse, and This return is a moment of excitement for us as it's about continuing the mission we've always believed in: democratizing publishing for everyone, everywhere," it reads. Automattic says it's learned a lot from the pause in terms of the many ways WordPress is used, and that it's now committed to helping it "grow and thrive." The post also notes that WordPress today powers 43% of the web. It's unclear what has changed between then and April. However, according to sources who spoke to TechCrunch, Automattic CEO Matt Mullenweg explained in an internal post published last night that he wants to get a 6.9 release out this year with an admin refresh and something from the "new AI team." (The latter references this week's announcement that WordPress formed a new team to steward the development of AI projects.) "I don't think that will happen without our contributions," the post stated, according to a source familiar with the internal discussions. Insiders are speculating there's more to it than that, and various theories are being floated. Some wonder if Mullenweg was pressured into this move or if he realized that pulling back wasn't good for his business or its reputation? Others are debating if this change of heart has to do with Automattic's ongoing litigation with WordPress hosting company, WP Engine, which Automattic has called a "threat" to the WordPress community and a "cancer to WordPress." No one knows what to believe, and none of these backchannel theories line up with the officially stated reason. Automattic was asked for additional comment. Since 2024, Automattic has been engaged in a legal dispute that has to do with how little, in Mullenweg's opinion, WP Engine contributes to the WordPress project, despite its size and revenue. He sees the hosting company as profiting off the open source work WordPress is doing without giving back. Mullenweg also alleges that WP Engine benefits from the confusion between WordPress and commercial services like WP Engine. This led him to ban the company from accessing and sue in court for unauthorized trademark usage. Simply put, Mullenweg thinks WP Engine should either pay a direct licensing fee or up its contributions to the open source WordPress project, or shouldn't be allowed to use its trademark. WP Engine responded that it doesn't think it needs a license and that Automattic misunderstands trademark law, suing Automattic in return. Last month, Automattic laid off 16% of staff, saying the restructuring was necessary to be more agile and improve its productivity and profitability. The WordPress vs. WP Engine drama, explained WordPress has formed an AI team Sarah Perez can be reached at @sarahperez.01 on Signal and sarahp@ . This article originally appeared on TechCrunch at Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
TechCrunch
30-05-2025
- Business
- TechCrunch
Automattic says it will start contributing to WordPress again after pause
parent company Automattic is changing direction… again. In a blog post titled 'Returning to Core' published Thursday evening, Automattic announced it will unpause its contributions to the WordPress project. This is despite having said only last month that the 6.8 WordPress release would be the final major release for all of 2025. 'After pausing our contributions to regroup, rethink, and plan strategically, we're ready to press play again and return fully to the WordPress project,' the new blog post states. 'Expect to find our contributions across all of the greatest hits — WordPress Core, Gutenberg, Playground, Openverse, and This return is a moment of excitement for us as it's about continuing the mission we've always believed in: democratizing publishing for everyone, everywhere,' it reads. Automattic says it's learned a lot from the pause in terms of the many ways WordPress is used, and that it's now committed to helping it 'grow and thrive.' The post also notes that WordPress today powers 43% of the web. It's unclear what has changed between then and April. However, according to sources who spoke to TechCrunch, Automattic CEO Matt Mullenweg explained in an internal post published last night that he wants to get a 6.9 release out this year with an admin refresh and something from the 'new AI team.' (The latter references this week's announcement that WordPress formed a new team to steward the development of AI projects.) Techcrunch event Save now through June 4 for TechCrunch Sessions: AI Save $300 on your ticket to TC Sessions: AI—and get 50% off a second. Hear from leaders at OpenAI, Anthropic, Khosla Ventures, and more during a full day of expert insights, hands-on workshops, and high-impact networking. These low-rate deals disappear when the doors open on June 5. Exhibit at TechCrunch Sessions: AI Secure your spot at TC Sessions: AI and show 1,200+ decision-makers what you've built — without the big spend. Available through May 9 or while tables last. Berkeley, CA | REGISTER NOW 'I don't think that will happen without our contributions,' the post stated, according to a source familiar with the internal discussions. Insiders are speculating there's more to it than that, and various theories are being floated. Some wonder if Mullenweg was pressured into this move or if he realized that pulling back wasn't good for his business or its reputation? Others are debating if this change of heart has to do with Automattic's ongoing litigation with WordPress hosting company, WP Engine, which Automattic has called a 'threat' to the WordPress community and a 'cancer to WordPress.' No one knows what to believe, and none of these backchannel theories line up with the officially stated reason. Automattic was asked for additional comment. Since 2024, Automattic has been engaged in a legal dispute that has to do with how little, in Mullenweg's opinion, WP Engine contributes to the WordPress project, despite its size and revenue. He sees the hosting company as profiting off the open source work WordPress is doing without giving back. Mullenweg also alleges that WP Engine benefits from the confusion between WordPress and commercial services like WP Engine. This led him to ban the company from accessing and sue in court for unauthorized trademark usage. Simply put, Mullenweg thinks WP Engine should either pay a direct licensing fee or up its contributions to the open source WordPress project, or shouldn't be allowed to use its trademark. WP Engine responded that it doesn't think it needs a license and that Automattic misunderstands trademark law, suing Automattic in return. Last month, Automattic laid off 16% of staff, saying the restructuring was necessary to be more agile and improve its productivity and profitability. Sarah Perez can be reached at @sarahperez.01 on Signal and sarahp@ .
Yahoo
02-04-2025
- Business
- Yahoo
WordPress maker Automattic lays off 16% of staff
Automattic, the company behind Tumblr, WooCommerce, and a range of other online services, is reducing its workforce. The layoffs will impact 16% of staff across divisions, an Automattic blog post published Wednesday reveals. Ahead of the layoffs, Automattic's website listed 1,744 employees, which means north of 270 people may have lost their jobs. (Automattic was asked to confirm this number but has not responded as of the time of publication.) The post, which was also shared with company employees via Slack earlier on Wednesday, explains that this "restructuring" was necessary due to the competitive nature of the market and the speed with which technology is evolving. However, the move also comes after a tumultuous year for Automattic, which has engaged in a controversial legal battle with hosting company WP Engine. The ongoing drama already led to the departure of some Automattic employees last fall. In Automattic CEO Matt Mullenweg's opinion, hosting provider WP Engine did not sufficiently contribute to the open source project and its use of the "WP" brand was confusing consumers about its affiliation with WordPress itself. In Wednesday's announcement, Mullenweg explained that the newly announced layoffs will allow Automattic to become "more agile and responsive," "break down silos that have created inefficiencies," "focus on product quality," and "ensure a viable financial model for long-term success." "To support our customers and products, we must improve our productivity, profitability, and capacity to invest," reads the post, authored by Mullenweg. The layoffs will impact employees across 90 countries, who will receive a severance package and job placement assistance, among other things. "Automattic has multiple products with world-touching potential in WordPress and beyond. I'm confident we will come out of this situation in a better position, poised to create a vibrant, profitable, well-designed company that will continue our mission to democratize the internet," Mullenweg wrote. TechCrunch sources told us that the layoffs were effective immediately, meaning people received an email and then immediately lost access to Slack. The layoffs include some longtime employees who have been with the company for north of a decade, we understand. The news follows Automattic's cancellation of its annual "Grand Meetup" company retreat for 2025, a source also told us. Sarah Perez can be reached at @sarahperez.01 on Signal and sarahp@ . This article originally appeared on TechCrunch at Sign in to access your portfolio
