Monthly Archives: November 2017

WordPress Plugins – A Cautionary Tale

I stumbled across this story while working on one of my websites.  I use numerous plugins on the wordpress sites I manage, and one day I was updating a plugin named ‘Display Widgets’ and got an error when trying to update.

Upgrade error

For background, for those of you non-WordPressers,  WordPress is a website package that makes it easy to quickly build full featured websites.  Plugins allow for adding of custom components to a standard install.  For instance, Contact forms, weather info, stock market info, etc.  And finally widgets are the sections in the websites that show many of these features.  For instance, if someone has a box on their website that is showing weather info, that is likely a weather plugin configured to show in a WordPress widget.

Anyway.. I started googling to see what is going on with this widget – and came across this great detective work put together by the folks at wordfence:

https://www.wordfence.com/blog/2017/09/display-widgets-malware/

This chronicles the history of this plugin, and also gives a little insight to how the plugin market works.  Who knew you could sell an innocuous plugin for $20,000?   This also makes the point that just because a plugin is safe when you install it, upgrades to it may not always be wise, especially if the owner/author of the plugin is trying to monetize his code.

So this a great reminder to be careful with all the free code we use out there.  In most cases the authors are providing code for use because they just want to share and show their stuff, in many cases we are just a vehicle for illicit motives.  In this day and age of pay-for-click dollars and the email spam marketing, there are lots of people wanting to use the unwitting public to make money.  Remember the old saying – if you are not paying for the product, you are the product.

Top Programming languages

GitHub, the worldwide repository for software projects, is out with its latest statistics for 2017.

A lot of fluff in this post, but the chart that  I liked was the one showing the most popular languages in GitHub:

 

A few random thoughts on this chart:

  1. Amazing to see Javascript so dominate.  With Javascript frameworks all the rage, it would be interesting to see this split out by framework.  Interesting that TypeScript is still pretty small, considering Angular in most cases should use Typescript, so I would expect to see Typescript grow faster than Javascript.
  2. Python #2?  For years few people in the business world have taken python seriously (famous quote by Stack Overflow founder Jeff Atwood on PHP:  “PHP isn’t so much a language as a random collection of arbitrary stuff, a virtual explosion at the keyword and function factory,”).
  3. C++ ahead of C#?  This leads me to believe this chart may not be an accurate representation of language popularity.  I find it hard to believe the C++ community is bigger than C#.  Interestingly, but not surprisingly,  VB doesn’t even make the list.
  4. Ruby at #4.  I don’t know Ruby, but I keep hearing really good things about it.  If I was going to start in on  learning a new programming language, I would want to look at Ruby.  I am attracted to opinionated languages, and Ruby on Rails has a reputation for being so.  Another great example of opinionated software was Microsoft Access – by doing what it was designed to do you could crank out forms faster than anything – as long as you didnt deviate from what it did well.

Reading GitHub’s post makes you realize how much GitHub is  responsible for the growth in open source software.  It is also perhaps the best collaborative public programming platform out there.  Having a community where developers can easily share code and contribute is one reason for the speed at which new software applications come to market.  We all borrow code from someone.  And perhaps thats the way it should be.