Published: September 27, 2024
Updated: October 5, 2024
If you’re just here for the post-publish updates, most of them start here.
This post is a little more hasty than some of my others, in the interest of keeping up with unfolding events. I hope you’ll bear with the jumble of thoughts. It’s being actively edited, though I’ve noted updates made since the original publish date. (Look for the “Update mm/dd/yy” marker.)
Cover image from this Etsy store (unaffiliated).
There are some people who think being right about something confers the right to do whatever they think should be done about it; a license to act however they see fit in order to correct what they see as wrongness.
This, of course, is never the case. No matter how egregious the original infraction, there are some responses it never justifies. That’s such common knowledge it’s proverbial: two wrongs don’t make a right; the ends don’t justify the means; etc.
Doing the wrong thing for the right reason doesn’t makes it the right thing.
Matt Mullenweg appears to have decided those truisms don’t apply to him, as he’s effectively spent the week causing destruction and collateral damage to countless WordPress sites and users, in his fight with one of the community’s landlords.
Matt has, for far too long, enjoyed unchecked powers at the top of WordPress—powers which are all too often a direct and flagrant conflict of interest. And while we’ve seen this power abused before, we’ve never seen it on this scale.
Some might agree with Matt’s original reasoning. But his egregious actions and reactions since then have utterly nullified any previous merit.
A line has been crossed, and the entire community is worse for it.
I believe that if WordPress is to survive, let alone thrive, Matt Mullenweg must be removed from all forms of official WordPress leadership, as expediently as possible.
Wait, who are you and why do you care?
Let’s get this out of the way right off: I’m not the best person to be talking about this. I haven’t really been involved in WordPress for about five years now. Honestly, I couldn’t tell you the last time I even logged in to a WordPress site.
That said, however: I spent some six or seven years of my life deep in the WordPress world. I built and customized WordPress sites for clients as a designer; I taught a WordPress development course (focused on building custom themes in PHP) for about five years; and I worked in support for Flywheel, a managed WordPress hosting company, for a little over five years. It was there I transitioned to full-time frontend work, building tools to help support WordPress sites.
So while I’ve been out of the WordPress game for a good while now, I still might be considered an expert next to your average Joe. I’d like to think I could still sling some theme templates with the best of ‘em. (Hell, some days I even get a little nostalgic and think about booting up a Local site just for fun.)
You might have spotted the word “Flywheel” up there and realized that company was acquired by WP Engine—the company with which Mullenweg is publicly feuding at the moment—back in 2019. That might reasonably raise questions of my objectivity, so let’s get this out of the way:
Yes, I used to work for WP Engine. I even kinda liked them, for a while (mostly while they just kinda left us alone for the first year or so). But I wouldn’t say my time at the company left a good taste in my mouth.
We don’t need to dredge up a bunch of old and buried stuff that isn’t really important anyway, but suffice to say: I really don’t have any reason to be a WP Engine cheerleader. Most of the people I knew there have left, and I’ve watched from the sidelines as the company has implemented a bunch of scummy policies and shady sales tactics to squeeze money from their customers and make it harder to leave. (Oh yeah: they also like to brag about record growth and profits in the midst of layoffs.)
On most days, if you wanted to have a conversation about how much WP Engine sucks, frankly, I’d be a happy participant.
So this post might be a lot of things, but I can assure you it’s not me defending my old company just because I used to work for them. I’ve got literally no reason to do that.
To the extent I’m on WP Engine’s side, it’s not because of any sense of loyalty to the company or to the remaining good people I know there; it’s because I believe what Matt’s doing is deeply wrong and foolishly destructive.
I’ll also go on record as saying I got pretty far in the interview process at Automattic once, a few years back. And, since we’re being honest, it was the absolute worst interview process I’ve ever taken part of as a web professional (though the people themselves were lovely). But that alone ain’t gonna get a post out of me. I’m not wasting my time and yours just to gripe about an interview I chose to drop out of over three years ago. Just thought it merited a mention.
I still regarded Matt Mullenweg himself pretty highly after that, up until the last year or so. This post isn’t long enough to get into the details, but Matt had already become a pretty problemat(t)ic character well before any of this went down.
So in summary: I’m not a big fan of either party, and I don’t have any good reason to side with either one of them.
I am, however, somebody who still cares deeply about WordPress. It’s what gave me my start, and I still recommend it to a lot of people when they ask me what system might best suit their needs.
It’s a wonderful community, all in all, and despite my inactivity, I still feel invested in WordPress, and interested in seeing it continue to be a productive way to democratize the web.
Finally: I am not a lawyer, and since it’s Friday now and this feud had already reached lawyers-involved level by Monday morning, I should be careful to clarify any legal commentary here is expressly my personal, non-expert opinion.
I’m sorry, what happened?
For those of you who haven’t been following the story thus far (read: aren’t chronically online web nerds like me), let’s hit the highlights.
Automattic approaches WP Engine to offer a “license”
Sometime in or around July of this year, Automattic (Matt Mullenweg’s for-profit company, which owns, among other things, WordPress.com, a major WordPress hosting company) reached out to WP Engine (also a for-profit company that offers WordPress hosting, and probably Automattic’s largest business rival).
Automattic was offering WP Engine some kind of “licensing,” at a rate of 8% of total business revenue, adding up to the eye-popping sum of several million dollars per year.
WP Engine apparently turned down this offer, presumably because it doesn’t appear they actually need any license. The term “WP” is explicitly not covered by the WordPress trademark policy, and using the term “WordPress” to describe products and services (e.g., calling yourself a “WordPress specialist,” or saying you offer “WordPress hosting”) is fully allowed, according to the policy.
They’ve also been in business for like 15 years now, and somehow none of this has come up before.
Besides, I could name dozens of companies just off the top of my head also using one or both of those terms. So the “you need a license to say this” argument seems highly targeted and extremely dubious.
Matt’s rejected, so he tries new strategies
Immediately following WP Engine’s rejection, the WordPress Foundation (the nonprofit side of WordPress, the open source software, and which Matt Mullenweg also runs, in effect if not nominally) filed to trademark the terms “Managed WordPress” and “Hosted WordPress.”
Neither trademark has been granted at this point, nor should they; they’ve been in use for ages, and are obviously far too generic for any one organization to hold.
Most reasonable and knowledgeable people seem to share this opinion. Companies have been describing themselves as one or both of those terms for around 15 years at this point. (We freely called Flywheel a “managed WordPress hosting company” the entire time I worked there, and we were far from the first. We were also at one point one of WordPress.org’s recommended hosts. So…obviously, not a big deal.)
Anyway, this filing of spurious trademarks makes it appear very much like Matt’s endgame was to extract money from WP Engine, but he just needed more of a foundation to do it (pun intended?). So, following that initial rejection, Matt set the Foundation arm of WordPress working on securing highly dubious trademarks, which, again, I and most reasonable observers think and hope will fail.
Meanwhile, Matt also began sending a series of very apparently extortive messages to WP Engine leadership, essentially demanding they pay up or else. (This is all in WP Engine’s letter to Automattic, which I’m getting to, but which comes later in the story.)
All of this was in the run-up to WordCamp US, the largest WordPress event of the year, at least in North America. (Of note: WP Engine sponsored this event at the highest level, as did WordPress.com.)
Matt let WP Engine leadership know, via private DMs, that he intended to “go nuclear” and “scorched earth” on WP Engine in his keynote at the conference—that is, if WP Engine failed to acquiesce to his monetary demands, i.e., 8% of total revenue, i.e., tens of millions of dollars. It appears he repeated the “just pay up and I’ll make this all go away” offer up to the literal last minute before he went on stage.
Let’s not beat around the bush: words like “threat” and “extortion” very much apply to Matt’s behavior here.
Update 9/28/24
I left out that Matt’s demands included the alternative option for WP Engine to “pay” in contribution hours; i.e., instead of cash, they could just donate employee work hours to WordPress. I didn’t feel this was important, since ultimately it all shakes out the same—it’s an identical sum of money that WP Engine is paying, one way or the other—but I suppose it’s relevant information.
End update
Again: this demand was ostensibly in exchange for a “license” to use terms like “WordPress,” “WordPress hosting,” “WooCommerce,” etc.—none of which appear to be actually necessary.
The only possible exception seems to be “WooCommerce,” which is a trademark (and product/company) owned by Automattic. However, the lines are very blurry on what is and is not permissable when it comes to using the WooCommerce name. WP Engine does indeed call one of its offerings “WooCommerce hosting,” which is explicitly called out in the guidelines. So I don’t know, maybe there’s validity there. Maybe.
However, for one thing, it’s hard to know whether, or how much the trademark guidelines might have changed. Matt made several changes to the WordPress license page in the last week, among other things, to call out WP Engine. That makes me not trust that the WooCommerce license page I’m looking at today is the same as it was last week—which, all on its own, should be setting off raging alarms for even the most casual of observers. It’s extremely bad news when the company you’re doing business with can just decide what the new terms are with no warning or recourse.
Anyway, Matt keeps sending the DMs all the way up until the literal last minute, offering not to excoriate WP Engine onstage during his keynote at the country’s (continent’s? world’s?) largest WordPress event, provided they simply pay up.
Once more: I’m no lawyer, but I’m pretty sure that’s called extortion.
WP Engine says no (actually, they ask for more time, which Matt denies and takes as a no), so he proceeds with operation “scorched earth,” and blasts WP Engine both onstage at WordCamp US, and in several other venues.
Wait—what’s Matt’s actual deal? Why is he doing this?
Aside from the licensing issue, which I covered above (and which seems like a mostly flimsy premise to me), Matt’s got some other complaints with WP Engine. Some have validity, some seem completely made-up. Let’s walk through them.
Matt claims WP Engine is misrepresenting itself
Among Matt’s complaints: that WP Engine is “misrepresenting” itself as an entity that’s officially affiliated with and/or endorsed by WordPress itself. Matt’s repeatedly used as an example his own mom’s confusion; she apparently thought WP Engine was somehow affiliated with WordPress.com (I guess because they also use the word “WordPress,” and are maybe a vaguely similar shade of blue).
I’m sure it’s frustrating, having taken over half the internet and being worth hundreds of millions of dollars, only to find out your own mom still doesn’t really understand what you do, but: come on, bro.
First, tons of companies use “WP” in their names, and/or the names of their products. Why isn’t Matt going after them?
Second, as many people have already noted: Matt effectively runs both wordpress.com and wordpress.org, which are entirely separate entities that do two completely different things. You wanna tell me that’s clear, but somehow WP Engine and WordPress.com are too similar? Really?
Third, my kindergartner and every kid in his class could tell the difference between the WordPress W and WP Engine’s dumb logo. (WP Engine’s logo has always been a grid of weird, almost-square shapes that’s apparently meant to vaguely resemble an engine, but which makes no sense to pretty much anyone who’s ever seen it, far as I can tell. It’s a bad logo, in my professional opinion as a designer, even the slightly better version they just released recently. But I digress. Point is: it looks literally nothing like any WordPress logo. Also: it’s not the same color. I have color vision deficiency, and even I can tell that.)
Finally, for the whole two years I worked for Shopify, most of my family thought I was at Spotify. Now I’m at Deno, and nobody in my family has any clue what a JavaScript runtime is, and my dad basically thinks I work for Java.
Family members don’t always get tech. That’s not a sign that something is wrong, and it’s most certainly not a sign that any wrongdoing has been committed, let alone deliberately. (Which, I assume, probably wasn’t Matt’s mom’s point to begin with, but that didn’t stop him from running with it.)
Update 9/28/24
As an additional point here: if the problem was confusion around WP Engine’s name, why not just ask them for a name/marketing change? Why all the contribution stuff, too? Conversely, if Matt’s beef was with WP Engine’s lack of contribution, why is he going after their name and marketing? It feels very much like Matt’s just trying to cobble together all the reasons he can think of to justify his assault, in my opinion.
End update
Update 10/1/24
WP Engine have added a disclaimer to their website footer, clarifying that they have no official affiliation with WordPress, and have removed the word “WordPress” from the titles of their hosting plans.
End update
Matt claims WP Engine is selling a “cheap knock-off” of WordPress
Matt also claims WP Engine is selling “something that they’ve chopped up, hacked, butchered to look like WordPress.” His reason for this wild claim? Because WP Engine disables revisions (a default feature of WordPress, albeit a pretty small one).
Literally, that’s it. One tiny feature. The whole thing’s been “hacked and butchered” because they just chose to modify one mostly insignificant detail.
Of all Matt’s spurious claims, this one strikes me as the biggest reach, for a lot of reasons. For one: WP Engine will just turn on revisions if you want them to, but that’s honestly beside the point.
If I decide to build something with, say, Laravel, but decide there’s one feature I want to turn off, I’m not “hacking and butchering” Laravel. That’s obviously ridiculous.
Besides, pretty much all hosts limit revisions in some way or another anyway, because they take up a ton of memory and most people don’t really need them that bad.
And regardless, it’s open-source software! You don’t get to tell people how they use it.
We could also get into the utter hypocrisy that many of WordPress.com’s plans do far, far more invasive modifications of WordPress core (notice you can’t even install themes and plugins until you upgrade to the Business plan!) but again, that’s all beside the point.
The ability to disable or customize revisions is built into WordPress, for crying out loud. So it’s obviously not some forbidden mutation, like Matt seems to be presenting it.
This whole claim is clearly total garbage, and the fact that Mullenweg even tried to sell this as a significant and legitimate grievance seriously undermines the credibility of his case, in my view.
Matt says WP Engine doesn’t give back enough
Matt’s other complaint—and I think this is what everything else really boils down to—is: WP Engine doesn’t give back enough to WordPress, in Matt’s estimation.
Matt showed some numbers onscreen at WCUS, comparing Automattic’s contributions to WP Engine’s. But I’m not going to repeat them because I’m certain they’re heavily distorted. Besides, I’m not sure the two companies’ work can, or should, be considered directly comparable in the first place. They do different things in different ways, and there’s no law or license mandating either of them do anything to begin with.
Regardless, Matt seems irked that WP Engine isn’t abiding by the “Five for the Future” program, outlined on WordPress.org. Five for the Future asks that if you benefit from WordPress, you give back 5% of your time directly to that open-source project, which I think pretty much everyone can agree is a very noble and admirable aspiration that companies such as these involved should probably be doing.
But it’s not a requirement, or a policy, and enforcing it as such—acting unilaterally as the WordPress police, let alone so suddenly and violently—is extremely questionable and deeply troubling. (Not to mention a likely deterrent for people and organizations who might want to participate in the WordPress space.)
Matt’s claimed he/Automattic have been soliciting WP Engine for increased contributions for “years,” and that they’ve given “$0” to the WordPress foundation. To the best of my knowledge, neither of those claims has been substantiated, but I suppose they don’t really change this discussion much either way, because again: Matt’s taken it upon himself to act as the WP PD to enforce a law that isn’t even a law.
Update 9/28/24
It’s also worth calling out that Matt is the one doing all the math on both companies’ contributions, and he’s quite obviously skewing the numbers heavily in his own favor, as I explore more in the next section. Even without seeing the full ledger, it’s pretty clear Matt’s making some highly suspect choices on what counts and what doesn’t. He really should’ve showed up with something at least vaguely resembling an objective and transparent tally if he wanted to make this point. The numbers he showed fall apart at even a cursory examination. And even if an unbiased dataset would still agree with him, it seriously damages Matt’s credibility that he came in with such blatantly one-sided figures.
End update
Update 9/30/24
To underscore the above point, over the weekend, Matt floated the idea of merging Advanced Custom Fields Pro into WordPress core. Now, I don’t really take Matt seriously here; this reads more like a threat or a troll than something that’s likely to happen, in my view. But it highlights Matt’s lopsided criteria for what counts as a contribution.
Advanced Custom Fields has been one of the most-used and -loved plugins in WordPress as long as I’ve been around. WP Engine acquired it in 2022, and has fully funded its ongoing development since then. If we take Matt at all seriously in this comment, it’s even valuable enough to consider merging into core. But yet, somehow, all the time and money WPE has put into it doesn’t actually count for anything…?
Conversely, if we don’t take Matt seriously, and if he’s just stirring up trouble for fun like a mini-Musk, then…well, that also reinforces the point that he’s not the person who should be in charge of all this.
End update
Update 10/1/24
A number of people have reached out to confirm Matt Mullenweg, by his own admission, is the sole owner of wordpress.org. The project itself is ostensibly open-source, but he privately owns the domain, and there do not appear to be any other people or entities involved, as yet another item on the conflict-of-interest pile.
This also raises questions of Matt’s rights and motivations for even asking for contributions in the first place. I mean, if he owns .org and helms and funds the Foundation, isn’t he, at least to some degree, demanding WP Engine do more work for him?
End update
So that’s it; that’s what Matt’s mad about. There’s some substance there, and in a vacuum, I think he’d probably have a lot of people on his side.
But we’re not in a vacuum; there’s a lot of context here. So I’d like to talk about that next.
An aside on motivations and justifications
Having explored Matt’s complaints, I’d like to pause for a moment, because this is where the sides seems to diverge.
The relatively small minority of people in the community who appear to remain on Matt’s side (which seems to be mostly made up of his own employees and some people with their own reasons for hating WP Engine) appear to be sticking with him because they agree with this core point, i.e.: WP Engine should be doing more—maybe much more—especially considering that they’re a company owned by private equity and making significant money off WordPress.
On its own, I think that claim seems perfectly fair. We could disagree about the details, or how much is too much or too little, but I don’t think it’s unreasonable to say a company the size and profitability of WPE probably owes quite a lot to the open-source software it’s built on (ethically, at least; likely not legally).
So it bears mentioning that WP Engine actually does do a pretty good deal for WordPress. You can cherry-pick specific ways it hasn’t contributed much, and you could certainly make a reasonable case they should be doing more. But to say they’ve given “$0” strikes me as pretty deliberately misleading.
WP Engine pays several staff members to contribute work hours to WordPress core (again, maybe the number should be greater than it is, but it’s definitely not zero), on top of the full-time maintenance of plugins, themes, and apps like Advanced Custom Fields, WP Migrate, WP GraphQL, Genesis, Local WP, and many others—all of which used by countless thousands of WordPress users every day. (In some parts of the community, many of those plugins are even considered essential enough to be part of WordPress core.)
This is to say nothing of WP Engine sponsoring of WordCamps, creating their own tutorials and educational material, their own events, and so on and so forth.
Point is: WP Engine does do a lot more than zero. You could argue those contributions are not “pure” (Matt does), and that they’re ultimately in service to WP Engine, and not the WordPress community.
But in fairness: sure, they’re all marketing tools in some form or another, but you don’t have to pay for any of them. They all get maintained by WP Engine, they all have tons of users both on and off WP Engine, and they all work no matter what host you choose. (I’m sure they’re all used on WordPress.com. I’d even use some of those things if I had to spin up a WordPress site tomorrow, even if I probably wouldn’t host on either WPE or WordPress.com, personally. I’d probably choose SpinupWP, myself, which is another company with “WP” in the name that Matt apparently doesn’t care about.)
Besides, Matt’s company does exactly the same thing with Jetpack, which charges $5–$50 per month, depending on tier, so…not sure where that moral high ground is supposed to be coming from. Is Automattic really gonna claim Jetpack’s paid features are purely for the altruistic benefit of the community? Why do they get a pass on paid features?
I think you could fairly, if crudely, paraphrase Matt’s argument as: “WP Engine is in it for the money, and we are in it for WordPress.”
That’s a really flimsy stance in my view, without even getting into whether we can, or should, have exactly the same expectations of both companies in the first place (which is at least questionable; Automattic has their hands in a lot more things than WP Engine does, including Tumblr, PocketCasts, Longreads, and many others things that may or may not be related to WordPress, along with at least two hosting companies).
Still, once more: there’s probably some validity there. WP Engine is a big company that makes lots of money, and it probably can and should do more.
Matt could’ve made that point. I think most people would’ve agreed with him, if he had gone about it properly. We’d probably be lining up with him. There was a way to rally the community around this.
If Matt Mullenweg had done this the right way.
But Matt, being Matt, didn’t make that point in a good way.
(Sorry, this post is already too long without me going into all the times in the past he’s stirred up drama and just generally been a toxic jerk to undeserving people in the WordPress community. But if you’re not aware: it’s become increasingly common. He was even adding public snarky comments on WP Engine employees’ posts, ones who had given decades of their life to the project, as recently as yesterday.)
Update 10/2/24
As if to underscore this point, Matt himself saw this post, went to my Ko-Fi, and paid to leave a condescending message—presumably after seeing that I literally closed comments on this post explicitly because I figured he might come argue with me.
So yeah…Matt’s apparently the kind of guy who will respond to allegations that he’s not being a very good guy by paying for the privilege of sending you a mildly harassing note. (It was a nice tip though, in fairness.)
End update
Matt tried extortion, and threats, and petty, childish tantrums, and when none of that worked, he fully exercised his unmatched and unchecked powers in an inconscionable way, in order to extract millions of dollars from WP Engine to put in his own for-profit competitor’s bank account.
But I’m getting ahead of myself.
So that’s the core of this whole thing; Matt thinks private equity is ruining everything and taking too much without giving enough back. It’s an easy home run of a point to make in this economy. Pretty much nobody disagrees with that.
Maybe he thought he’d come off like Robin Hood in this whole deal. I don’t know. But if there was a way to tactfully and gracefully thread that needle, it wasn’t the rampaging hippopotamus approach Matt took.
The split in the community seems to lie in whether that core point justifies Matt’s actions.
It seems to me that most people agree it does not; that Matt’s committed too many flagrant fouls of his own for the original infraction to matter.
Matt had a problem with the landlords, so he set fire to the building. He disagreed with Alderaan’s leaders, and so he fired the Death Star. And now it doesn’t really matter what his original point was; he’s made himself the bad guy.
There are some people who just keep reading about all this and saying “but, but WP Engine…” and my dude (it’s always a dude), it does not matter. We’re past that point.
We’ve all seen a sporting match where one player commits a minor foul, and it enrages an opposing player into a frenzy of flagrant violations that gets them tossed from the game. That’s basically where we are; Matt’s the second guy. Whatever he was reacting to: sure, it existed, and you can point to it all you want. But if that’s all you’re focused on, you’re severely missing the point.
Anyway, back to the timeline. (Note: I may have the chronology slightly mixed up here on a few of the points, but I don’t think it should really matter.)
The WordCamp US fallout and Matt’s abuse of power
At some point in this chaos (during his keynote at WCUS, or shortly after), Matt used his control over every branch of power in the WordPress government to publish a post titled “WP Engine is not WordPress” (which isn’t something anybody seems to have been confused about, except of course Matt’s mom).
That post lambasts WP Engine for all of the already discussed reasons. It also, crucially, went up on WordPress.org, which on its own seems questionable. WordPress.org is ostensibly the website for the nonprofit foundation; it’s supposed to exist to prevent any one for-profit company from having too much power over the WordPress ecosystem. It’s supposed to be agnostic.
Not only was that boundary ignored, but since the post was published as WordPress news, it was then syndicated to each and every WordPress admin dashboard in the world.
Forget for a second whether you agree with Matt or not; we’re getting into some of the worst of the conflicts of interest and abuses of power here.
This type of maneuver, plainly, is anti-competitive. It’s a flagrant exploitation of Matt’s many roles and the wild control he has over many branches of WordPress, many with conflicting priorities.
It’s bullying, really; WP Engine doesn’t have any tools to strike back like that. It can’t. (Maybe it wouldn’t, since to date, WP Engine appears to be the company with grown-ups in the room, who know to behave as though their actions will be examined in a courtroom one day.)
This would be like Meta one day deciding it didn’t like how a competitor was using React, and serving every single Facebook user a story on their home feed, brutally disparaging that competitor. It’s clearly a dramatic overreach.
But Matt wasn’t done. Matt went on flexing (read: abusing) his power by updating the WordPress trademark policy to retroactively disincentivize the use of the term “WP” in titles of products and companies. (Here’s the source on that change.)
I want to emphasize the word “retroactively” in the above paragraph. You know why you constantly get notifications saying “we’ve updated our terms”? Because you legally have to do that. To just change the terms without letting people know is shady at best, and actively malicious at worst.
Well, Matt just went in and changed the rules everyone’s been playing by this whole time.
Altering the WordPress trademark policy is yet another abuse that should make any remotely impartial observer shudder. Why would anyone want to use a software with an oligarch dictating the terms, and changing them on a whim, with no warning?
It’s around this point in the story Matt is really losing the plot. His whole complaint with WP Engine is that they’re not helping WordPress enough.
But yet…he’s burning WordPress to the ground to make that point.
WP Engine’s reaction
WP Engine—quite understandably—doesn’t really care for all of their users seeing that smear blog post in their wp-admin. So, WP Engine finds a way to block the news feed on WP Engine sites.
That would be questionable in a vacuum, to be sure. But we’re steeped in context at this point. (A lot of users either turn off the news feed, or ignore it on their own anyway, for what it’s worth.) I have to assume this was only meant to be temporary, until the post cycled out of the most recent headlines, but either way: maybe not great, but probably not very impactful.
Following WordCamp US, WP Engine also sent a cease-and-desist to Automattic. It’s pretty damning, and does a good job laying out all the points I tried to cover above. (In short: Matt tried to extort money from WP Engine for spurious licensing claims, and used disinformation, or at least heavily slanted data, to do it.)
One of the biggest revelations here is: Matt wanted the money he was trying to get from WP Engine to go to Automattic, which, again, is Matt’s for-profit company.
There are some pretty obvious conflicts of interest here. First and foremost, Automattic (or WordPress.com, at least) is a direct competitor of WP Engine’s.
Second, while Automattic does apparently own the WooCommerce trademark, it does not own the WordPress trademark. That is owned by the WordPress Foundation (which evidently grants Automattic a license to use it. Gee, how thoughtful).
But it gets even murkier from there, as the Foundation is maybe (or maybe not) WordPress.org? And either way, the Foundation is apparently three people, and Matt Mullenweg is not only one of them, he appears to be the only active one!
Of the other two board members, one is a blogger whose company Matt bought out, and who apparently is no longer in the industry. The other is reportedly a Partner and Managing Director at—surprise!—a private equity firm (not to mention a twice-failed Republican politician).
Wait…isn’t private equity bad? I guess not if it’s on Matt’s side.
For the record, Matt and his companies are tied up in equity in many other, far more substantial ways than this. He outlines more than a dozen of Automattic’s investors in this blog post, which came out right before WCUS. The post praises all 14 of Automattic’s investors for being “the fuel of entrepreneurship and capitalism and responsible for most of what we enjoy today” (yikes), while indirectly implying WP Engine’s investors are bad, and “just taking,” rather than contributing, all as a preview to Matt’s talk.
Again: sure, nobody likes private equity, with good reason. And yes, WP Engine’s done some pretty slimy stuff in order to maximize their investors’ returns. But it looks pretty hypocritical of Matt to think he’s the guy to make this point (let alone in a post that largely reads like a paean to capitalism)—especially when ultimately, the moves he’s making quite transparently seem designed to maximize his own companies’ profits.
Anyway: the WordPress Foundation is basically just Matt, it turns out, and he’s just fine using his authority however he sees fit.
It appears neither of the other two Foundation board members is active, and therefore, behind the curtains, Matt is the King, Prime Minister, and Pope when it comes to WordPress.
Nobody holds any ability to check his power or challenge him. (That’s very relevant to what happens next.)
Also: Matt apparently owns WordPress.org, too. So he has a dizzying interweaving of conflicts of interest and power abuses here. (Source for all that about the foundation here.)
Let’s acknowledge the irony that the guy who basically is WordPress.com, and WordPress.org, and the WordPress Foundation, wants you to think the name “WP Engine” is confusing.
Anyway. Automattic responded by sending its own cease-and-desist to WP Engine, claiming mainly that WP Engine is deliberately confusing people, and that it owes licensing to…someone. Automattic, I guess, though the lines are so blurry it’s clear the separations between WordPress entities were always little more than a smokescreen.
I should mention: most people believe WordPress.com and WordPress.org/the Foundation are two (three!?) separate entities. I sure did, before this week. I thought the two had separated many years ago, with the express intent of preventing any one for-profit company from abusing the WordPress name.
I guess they technically are. But when one person apparently enjoys unchecked control over all of them…
[Guitar strumming begins with Alanis Morissette vocalizing]
Update 10/1/24
It should be said that licensing the WordPress trademark to other companies would obviously be a massive cash opportunity. But since the Foundation and Automattic are already so inextricably intertwined, and controlled by one person, it raises some serious, potentially even IRS-level questions of where that money would be going, exactly. (I’m not a lawyer or a tax expert. It’s just that using a nonprofit to help create a monopoly that funnels money to your own for-profit company, which doesn’t have to pay the nonprofit like the other businesses do because you run both of them, just sounds like the kind of thing federal agencies might be interested in.)
Regardless: if you wanna sell licenses, you need to set the terms at the start, not just suddenly tell people they’re on the wrong plan to slap them with a huge up-sell years down the road.
Plus, this whole thing reminds me a lot of the Unity saga from earlier this year, where Unity decided to just charge a bunch of extra money for licenses out of the blue and the entire community revolted. The decision was eventually walked back, but the damage was done.
End update
Matt melts down
Two really weird things happened on Wednesday.
First, out of nowhere, Matt decides to publish a post on his personal blog outlining his charitable donations. He really frames it as though he’s being victimized and bullied into revealing this information, and I suppose some people were probably (reasonably) asking how much he gives, since he spent the whole week blowing up half the internet over how much WP Engine gives.
In the post, he also spends a lot more time defending himself against claims of being a “mafia boss” than most people who aren’t mafia bosses or acting like mafia bosses ever feel the need to do.
Weird move all around. Especially since the implication seems to be…what? “I’m a good guy so I can’t do bad things”?
I tried my best to look up Matt’s net worth and work out what percentage he’s giving, and by the best figures I could find, we’re likely at or below 5% here. (He’s said to be worth around $400 million, although that figure appears to be a little outdated—especially since he may or may not have sold a shitload of user data to AI companies earlier this year.)
Which, fine, that’s still millions of dollars going to charity, and that’s objectively a good thing.
But also: if my wife and I gave that percentage of our income, it wouldn’t even be enough money to get a tax deduction for it. So it’s worth mentioning that just for scale. Contextually, Matt’s donating at below the standard deduction level for somebody of his net worth. (And, most likely, enjoying significant tax benefits for it.)
Anyway, no matter which way you look at it, that’s all weird, but it doesn’t even really matter in the case of this larger discussion. It has major “oh yeah? Well would a bad guy do THIS?” energy.
You know…the sort of thing actual good guys don’t usually have to do.
The whole thing seemed like a distraction, and it turns out, it was…
Matt goes nuclear
The next move, and most recent development in this story, is still shocking to me. I think it should be shocking, and deeply disturbing, to any observer.
WordPress.org banned WP Engine sites from accessing the plugin repository.
No more doing anything with plugins via the WordPress admin area. No installing, no updating. Not if you’re on WP Engine/Flywheel.
There are many layers to this.
First: again, this is the .org arm of WordPress enforcing this brutal new edict. The Organization, or Foundation, or whatever, is not supposed to be controlled solely by an oligarch who can bend it to their own will, to directly benefit their own interests. It’s supposed to be agnostic.
WordPress.org’s entire reason for existence, as I understood it (and I think as it was pitched to a lot of people), was explicitly to prevent things like this from happening.
Second: not being able to update plugins can be a massive deal. You could very well be exposing your site to security vulnerabilities if plugins don’t update (to say nothing of bugs). There are nonprofits, charities, government agencies, and public services that host on WP Engine, on top of countless businesses. All of those are just being thrown under the bus to serve one man’s whims.
(Yes, it’s possible to manually update plugins, but nobody’s gonna do that. Certainly not the agencies and freelancers who oversee dozens or hundreds of sites on WP Engine.)
This is setting fire to the commons. This is putting innocent bystanders in harm’s way. This is firing the Death Star.
What Matt’s done is unforgivable, no matter how good of a point he might have had at the beginning. To unleash harm on actual users of WordPress, indiscriminantly, solely over where they choose to host their sites, is an unconscionable, terroristic abuse of power.
At some point in the middle of all this, Pressable, yet another WordPress host, and one which Automattic also owns, started offering a promo to help users migrate to Pressable from WP Engine.
That alone should be majorly headline-grabbing, since Matt’s abuses of power are the main reason anybody would even be considering leaving WP Engine right now to begin with. But Matt’s other abuses are so egregious this one barely even registers on the scale, even though it absolutely should.
Exercising power over a nonprofit to steal users from a competitor is in fact very much something a mafia boss would do.
But back to the plugins thing:
You don’t hurt users because you’re beefing with their host. You don’t put innocent bystanders in harm’s way.
It no longer matters what this was all about at that point, or whether you were originally right or not. You are irreversibly the bad guy now.
It’s also worth calling out a side effect of this move, which may or may not have been deliberate:
Matt’s actions have ensured his hosting companies are now the only WordPress hosts that can guarantee something like this will never happen to their users.
I mean, he can just flip the switch at any time. He can change the rules whenever he wants to. So what company is safe?
None. Except his.
I hope I don’t need to go into how anti-competitive that is, all on its own, or what an egregious abuse of power it is to have put himself and his company in that position by using WordPress.org to do it.
Update 9/30/24
I didn’t even cover what else somebody with Matt’s powers might do; what other escalations would be possible with unilateral control over WordPress.org. Blocking the plugin repo is scary, but there’s a lot more Matt could do with this power that would potentially be even scarier—which is why I don’t think any one person should hold all the keys in this situation, and especially not Matt Mullenweg. He’s shown us what he’s capable of and willing to do. There’s no other reasonable response but to take him seriously, and ensure neither he nor anyone else can ever abuse such all-encompassing power over WordPress again.
End update
Update 10/1/24
Matt agreed to unblock the plugins repo temporarily after the community backlash, but the block went back up today. It seems WP Engine must already have a workaround in place this time, though.
End update
Update 10/1/24
Matt has now apparently rescinded the previous 8% licensing agreement, and is instead threatening a corporate takeover of WP Engine.
There are some incredibly Trumpian quotes from Matt in that article; he makes a lot of this about him, personally, and paints himself as the victim. (“I was taken advantage of for so many years,” Matt claims—leaving this reader, for one, wondering exactly how one might be taken advantage of in such a way to become worth a half billion dollars or so.)
Matt repeats the claim that he’s been asking WP Engine for increased contributions “for years,” but again: we haven’t actually seen receipts on that one yet. Still, even if it’s 100% true Matt was repeatedly rebuffed, it seems like shaky ground for this whole campaign anyway.
Matt also loosely threatens his enemy and promises vengeance—via corporate takeover, I guess—yet provides no hint of a substantial plan for actually achieving that.
It’s very unclear how Matt thinks a takeover would theoretically happen, which makes it seem more like a threat than a realistic scenario. I don’t know a lot about this type of business dealing, so I may not know what I’m talking about at all here, but: wouldn’t Matt either have to reach an agreement with WP Engine, or win against them in court for this to actually happen? Like, you can’t just march into WP Engine headquarters and take it over (though that does kinda sound like Matt at this point).
A sale doesn’t seem very likely to me; Matt and WPE probably aren’t even in the same ballpark on a price tag, since Matt already feels the company owes him many millions of dollars—and that’s even if WPE was motivated to negotiate, which I seriously doubt.
Maybe Matt comes in really high with (ahem) an offer they can’t refuse, to pressure the investors into a sale. That also seems unlikely to me, but crazier takeovers have happened in tech in recent memory.
So if that doesn’t happen, are we off to court? No idea. There’s a strong chance it’s all just posturing. But I’m sure I’m not the only one who would be deeply curious to see how Matt’s antics would play in a courtroom.
Regardless of how it all shakes out, though: this only reinforces my stance that Matt’s power must be severely curtailed. Matt’s intent to use the monopolistic powers at his disposal to absorb and neutralize his business’s only real threat and competition, all over a sudden extortive rules change, is perhaps the most striking sign yet that far too much power is concentrated in his unfit hands (even if said power does eventually turn out to be less than he seems to think it is).
Yet again, Matt comes off just like a mafia boss. “Nice business you’ve got there. Looks like it’s really feeling the squeeze lately. Sure would be a shame if that bad stuff kept happening, huh? You’d stand to lose an awful lot. But maybe we could reach some kind of an agreement…?”
If Matt’s lawyers really aren’t telling him not to say stuff like this, you’d expect him to at least have the self-awareness to realize how it comes off.
…Actually, I take it back. I wouldn’t expect that from him. Not anymore.
End update
Update 10/1/24
Automattic released a timeline and terms sheet, in a post coming after WP Engine pretty aggressively, accusing WPE of lying about the terms that were offered. (WP Engine, in its original cease-and-desist letter, didn’t mention any offer of work contribution as a payment method; they just said Matt demanded payment. Automattic seems to be saying this is a lie, and work contributions were apparently always an option.)
Automattic offers as proof the terms sheet they offered to WPE, but the sheet, bizarrely, is dated September 20th—i.e., the same day as Matt’s keynote at WCUS. So I’m a little confused how this is meant to show what Automattic seems to think it does. It shows the two payment options, sure, but that’s not the only allegation at play here. If Matt wanted to refute WP Engine’s claim that he made a last-minute extortion attempt, this is pretty much the opposite of what he needed to produce.
Is there not an earlier version Matt can release? If this went down the way he says it did, why aren’t we seeing more evidence of earlier terms being offered, rather than the literal last minute one?
Besides which, I’m not sure how much the “contribution” angle really matters, because ultimately, there was really only one offer on table, i.e., 8%. The difference was only in how WP Engine wanted to cough it up.
That is: whether WP Engine pays 8% to their people, or pays Automattic 8%, it’s all the same in the end; the price tag is identical. It’s not really two options, so much as one option with two payment methods. So I don’t think this gives a lot of credence to the “it was never about money” argument Matt and Automattic seem to be trying to make—
—especially since, once again, this is all going through Automattic! Not through the WordPress Foundation or .org (which owns the actual WordPress trademark in question), but through Matt’s own for-profit company, a direct competitor of WP Engine.
Honestly, this whole release is a little baffling, because it seems to do more to reaffirm WP Engine’s version of events than refute them.
It’s also worth calling out that in WP Engine’s version of events, they claim Matt was making “harassing texts and calls” to company leaders. (They showed some of those texts.)
Automattic, for their part, notes “On September 19th and 20th, Lee and Heather did not answer any of Matt’s calls.”
Hmmm.
The rest of the timeline Automattic presents seems to show lots of meetings between company leaders, mostly in the last year, but it’s just a written text schedule. There’s only one link, and it’s to a video of a conference panel talk from March of last year. At a cursory look, it doesn’t even seem to be relevant to the current issues; it just happens to feature Matt and people from both companies.
I’ll take it on good faith those meetings happened, but their nature and content remains unclear. Even if the terms were discussed in some form, the fact that Matt isn’t showing any official offer from before the same day as his presentation means we don’t really know much now that we didn’t already, and if anything, we have more reason to question his version of events.
One other interesting takeaway: the terms included full rights for Automattic to audit all of WP Engine’s finances, which WP Engine would’ve been required to provide, itemized, on a monthly basis, for the full seven years of the contract.
Seems to me like anything remotely that invasive would take months, if not years to get in order and approved by legal, HR, etc. Certainly not a day.
But again: Matt insists it wasn’t a day offer; it was a conversation that had been going on for “years.” So if that’s true, why aren’t we seeing earlier documents, or hard evidence of the substance of prior conversations? Why are we just seeing the one document from the 20th, and a bunch of dates?
Unless there’s more to come that we haven’t seen yet (and it’s hard to imagine both what that would be and why it wasn’t released initially), it’s tough to see this as anything but Matt just digging himself in even deeper.
Oh, by the way, that 8% figure we’ve been talking about? The terms sheet showed Matt wanted that to be 8% of gross revenue(!), which most observers seem to agree is absurd. It’s easy to hear 8% and think of it as a small number, but to tax gross earnings—i.e., pre-tax, pre-expenses, etc.—means the number is, in effect, dramatically higher. (8% gross could easily be 20% or more of net profits, possibly even as high as 50% in some businesses. Hard to say what the exact figure would be in WP Engine’s case, and I’m not qualified to try, but it’s definitely a much bigger number than 8.)
Matt also wanted WordPress.org (i.e., him) to decide what WP Engine was paying its employees to work on for him, had they gone with that option; WPE wouldn’t even be able to choose what they were paying their own employees to do.
The entire of demands seems incredibly outrageous, even in a vacuum, but especially between competitors, and particularly knowing the labyrinthine conflicts of interest and questionable authority at play here.
No wonder WPE stopped taking his calls.
End update
Update 10/2/24
Welp, looks like we’re going to court.
WP Engine is officially pursuing a series of legal complaints against Matt Mullenweg. Here’s the announcement, and here’s a direct link to the actual legal document.
I remain very much not a lawyer, so take this with an appropriately sized grain of salt. But as a quick overview, the complaint names both Matt and Automattic as defendants. WP Engine lists a dozen ways Matt and/or Automattic interfered with its business dealings, extorted WP Engine, broke verbal contracts, took unauthorized actions, and made libelous and slanderous statements that hurt their business (including insinuating patent and trademark violations). It’s a document full of receipts, and it makes WPE’s previous C&D look lighthearted by comparison. In any case (ha), WP Engine asks for s jury trial, and seeks a range of remedies, damages, and awards.
Most of the things they allege are things covered here already, but there are a few new juicy bits:
Matt tried to poach Heather Brunner, WP Engine’s CEO, and threatened her. When Heather ignored Matt’s offer, he threatened to “go public” with claims that she interviewed at Automattic (as this allegation could be severely damaging to her). WP Engine denies there was ever any actual interview; only a series of unsolicited offers from Matt that Heather either denied or ignored. The filing include enough screenshots of Matt’s communications to make a convincing case.
WP Engine also asserts Matt probably messed up real bad in IRS filings for the Foundation. For one thing, it’s a .org domain, which is generally reserved for nonprofits, which probably isn’t a crime in itself, but which does sorta imply some shady dealings.
More seriously, however: the Foundation apparently never disclosed to the IRS that it owns the WordPress trademark, nor that it provided an exclusive license to use this trademark to Matt’s companies—which is a big problem, as Matt’s claiming it’s worth the millions and millions of dollars WP Engine allegedly owes him. Yet, no asset remotely near that value has ever been reported on the Foundation’s taxes, according to the filing.
Essentially, either the WordPress trademark owned by the Foundation (i.e., Matt) is not worth the millions Matt wants for it (because if it was, he should’ve reported that asset to the IRS)…or, it is, and Matt’s been filing bad tax reports for several years.
Yikes!
WP Engine also officially states that there were no conversations about licensing the WordPress trademark prior to mid September, just before WCUS. A They say any prior conversations had been specifically about a WooCommerce partner program. Automattic, they allege, suddenly pulled the rug on those talks in August, before suddenly bringing Matt’s extortion attempt days before WCUS. (WPE concedes there had been talk of “a license,” as part of these dealings, but says no details about what the license was, or was for, or would cost, had been mentioned prior to mid September.)
Matt’s insisted his apparent extortion was never about money, and that the talks had been going on for “years.” But now that both sides have showed their cards, it looks very much like he’s been lying about both. Matt had the chance to bring proof earlier in the week, and he came in with a doc from September 20th that very clearly asks for 8% in cash one way or another, and a weak list of meetings that barely went back a year. WP Engine’s saying in a legal document full of screenshots it didn’t go down the way Matt says it did, and thus far he’s completely failed to offer anything of substance to refute their version of events.
It’s striking how much of the filing is literally just Matt running his mouth. So much of it is just screenshots of actual things he said or did. WPE’s entire strategy seems to be “stay quiet and let him dig his own grave,” and at this point it sure seems like they picked the perfect tactic.
Unless Matt comes out with a major stockpile of receipts that directly contradicts huge swaths of this filing, I don’t see how he bounces back from this. Even if the filing were only 50% accurate, how could the community ever trust him after all this?
End update
Update 10/3/24
It’s being leaked through a number of channels that Automattic is offering employees buyout packages, said to be worth up to $30k at least $30k (see below), if they want to leave over all of this. It appears to be generous, although it evokes Elon’s deal to Twitter employees (which at this point I’m guessing Matt would take as a compliment); “get with me or get out.”
A number of prominent figures in the organization are said to have taken the exit deal, reportedly including Josepha Haden Chomphosy, the Executive Director of the WordPress project (who by all accounts—including my own—is an exceptional person, and who many felt was much better fit to lead WordPress than Matt. Also, unrelated: she’s also a fellow Kansas Citian and elected official in my county, so shout-out to a local Councilmember).
Josepha’s loss is a huge blow to the community all on its own. But there are said to be dozens of Automatticians (yes, they’re really called that) who have also exited at this point, on top of the hundreds and quite possibly thousands of people who were kicked out, harassed, dissuaded, or just turned off by Matt’s actions. The lasting damage Matt’s done to the community really can’t be overstated. All, ironically, in the name of somehow defending it.
Also, more Matt harassing innocent people. (He’s been dropping into a lot of DMs and comment threads, which doesn’t seem like advisable behavior for a defendant and CEO of a company that’s a defendant.)
End update
Update 10/4/24
According to Matt, the deal he offered employees is actually better than reported; it’s 6 months of salary, or $30k, whichever is greater. He says 159 employees accepted the offer, which is a little under 10% of the company.
(In my opinion, anyone and everyone in a company the size and scale of Automattic, with a hundred-millionaire at the helm, should be making at least the $60k required to eliminate the need for the “whichever is greater” clause. But alas, such companies often severely underpay where they can, which is often support teams in particular, because there’s a never-ending supply of people working even worse jobs waiting to be lured by fancy benefits, burned out, and discarded for the next wave. I know WPE does this, too, as did Flywheel, and as just about any tech company does. It’s part of the cycle that inevitably leads to these companies being completely out of touch with their own users, but I digress.)
Six months of salary is a sweet deal, to be sure. I’d definitely consider taking it even if I didn’t have any issues with the company. Not too many times in your life you get to take a six-month paid vacation. (I’m sure it’s not as simple as that for many of the employees, however.)
Still: it worries me that Matt, who has come off like an egomaniac throughout all of this (and since long before) is in effect cleaning house; getting rid of the dissenters, thus perpetuating the very culture that created all these problems in the first place.
Clearly, if there were adults in the room when Matt made these decisions, something kept their concerns from being heard. In my view, Matt’s doing the opposite of what he should be here, and making himself even less likely to be challenged. I don’t think it’s ultimately good for WordPress in any way, shape, or form, and it will likely result in even worse behavior and decisions out of Matt.
Matt/Automattic also secured a lawyer, who called WP Engine’s lawsuit “meritless,” which is of course the first thing any defense lawyer will do in any case no matter what. I’ve watched enough true crime to know a defendant could be in the middle of live-streaming their own crime spree to 10 million viewers, and the defense lawyer would still say the charges are baseless and the client is innocent.
I’m guessing things will probably quiet down at this point. Now that it’s legally super serious, I surmise both parties will be a lot slower to speech and action. So maybe I’m near the end of these updates, as we may be getting to the long, slow, legal portion of all this now.
One last thing worth mentioning: Automattic’s new lawyer, Neal Katyal, is apparently known for—among other things—defending Nestlé and Cargill against a class action suit brought by formerly enslaved children who were kidnapped and forced to work on cocoa farms for those corporations.
Yes, really. And it gets worse: his whole argument was that Nestlé and Cargill shouldn’t be prosecuted because—I cannot believe I am not making this up—the companies that supplied cyanide to the Nazis weren’t convicted either.
He also charged Johnson & Johnson $2,500 per hour (that’s several million per year, if anything even remotely in the ballpark of full-time work) to defend them for selling baby powder contaminated with carcinogens. (It’s all in his Wikipedia, if you’d like to see for yourself.) So…yeah. Draw from that what you will.
Incidentally, he also really likes Burning Man, just like Matt. (Look at that outfit). And finally, he is—surprise!—a board member of a venture capital firm.
End update
Update 10/5/24
I almost can’t believe Matt is still doing such destructive, careless things that I’m still writing these, but here we are.
Matt announced there’s a vulnerability in ACF, which you’ll recall, is a plugin WP Engine maintains, and which is reportedly installed on millions of WordPress sites. (You may also recall this doesn’t count as a contribution to the community in Matt’s estimation, but that’s not relevant to this specific news item.)
Matt hasn’t released the details of the vulnerability, but he did publicly disclose that it’s with ACF, which strikes me as highly questionable. I don’t know that this announcement needed to be made in the first place, but if it did, why couldn’t it be more vague? Why is Matt letting every hacker out there know exactly where to look? That just does not seem like something a guy who’s supposed to care about the community would do.
He didn’t disclose the specifics (except to WPE), but that info will be released in 30 days, and so WPE has that time to fix the vulnerability, whatever it is.
Pretty awful to start that clock on a Saturday, though. Matt knows the engineers in charge of the plugin are now likely forced to work on the weekend to try to keep users safe.
However—and this is the really shitty thing: remember, WP Engine is still locked out of the .org plugin repo because of Matt. So even once WPE does fix the issue, it can’t automatically go out to actual users; they have to manually update, which I don’t need to tell you, a huge chunk of them aren’t going to do.
Matt is effectively holding actual WordPress users hostage, and it’s no longer just WP Engine’s customers; it’s anyone with ACF installed. And again: ACF is one of the absolute most popular plugins in all of WordPress.
This is inexcusable, dangerous behavior on Matt’s part, made all the worse by how borderline giddy he seems to be at the prospect of playing chicken with his own community members’ digital safety and wellbeing.
Matt is clearly just fine with risking very real harm to very real people in his feud, which is made all the more scary by the fact that his company just jettisoned 159 voices that could be telling him how destructive and malicious he’s actually being.
I’m running out of ways to say good guys don’t do this. The harm here is no longer theoretical; it is a statistical certainty. And yet, Matt not only doesn’t seem to mind that people will be hurt by this, he seems to enjoy it.
The utter incineration of trust and goodwill is staggering.
This vindictive child of a man isn’t qualified to lead a shift crew at Wendy’s.
End update
Update 10/5/24
Sounds like that ACF vulnerability is low severity, which is good. But that doesn’t change the fact that Matt weaponized a vulnerability, made some extreme dick moves in the disclosure (including going public with it without releasing it to the maintainers first), and did it all fully knowing he’s standing in the way of that vulnerability actually being fixed.
And he did it all gleefully, because it serves his purposes, and he obviously doesn’t care who gets caught up in the collateral damage.
We deserve so much better than this petty tyrant.
End update
The weapons Matt Mullenweg has wielded unilaterally in this war shouldn’t even exist, let alone be controlled by one person.
I believe the ability to block an entire hosting provider from accessing the plugins repository is a power that nobody should have. If such unthinkably drastic measures could ever be justified, this case most certainly doesn’t seem extreme enough for that.
Imagine if Microsoft got into a dispute with Apple, and decided to block npm for anyone using a Mac.
Imagine if Apple got into a dispute with Google, and blocked all text messages from Android phones.
Imagine if Google had a dispute with Amazon, and blocked all Amazon communications in Gmail. Or with Walmart, and prevented store locations from showing up on Google Maps.
And imagine if one person at any one of those companies had both the power to make that decision, and was the sole arbiter of what justified that measure, unilaterally and without challenge.
This is the scale of thing we’re talking about. This is the collateral damage Matt has unleashed on the WordPress community, and it’s not to anyone’s benefit, except maybe Matt’s and his own companies’. (For now, anyway. We’ll see how it all shakes out; it seems pretty inevitable that a class action suit will follow and this all gets dragged into court.)
Virtually no WordPress users are happy about this, no matter how they felt about WP Engine. Certainly, none benefit.
No reasonable person could argue WordPress is in a better place today than it was a week ago, or is on a better path now than it was then.
It’s less secure, less trustworthy, more volatile, and overall just not something anybody is as excited about as they were a week ago. People who spent the majority of their lives working on this software are leaving it. Professionals are looking at new solutions and tech stacks, to keep their clients out of the line of fire. Major sites are considering changing platforms, when they wouldn’t have had any reason to previously.
We all sat by as one of our neighboring planets just got fired upon (forgive me, I’m going to the Death Star metaphor one last time). And as if that weren’t bad enough, the man who ordered that strike insists he’s doing the right thing, by putting our neighbors directly in the path of harm, and incinerating the trust and security of our shared community.
Matt’s clearly willing to burn it all down to score a pyrrhic victory, and that’s not a power he or anybody else should ever have over any community, let alone one this size.
Matt has to go.
I don’t expect him to be removed from Automattic leadership (although if there actually is a board, or other people who can challenge Matt’s power there, I think they absolutely should be considering whether that’s the right move for the company). But in any case:
It’s clear that the blurry lines between WordPress.org and WordPress.com should be turned into unbreachable walls, with no one company on both sides, or able to exercise power over the Foundation and/or Organization.
I don’t care about Automattic giving 5% to WordPress anymore. I want it to give up Matt’s unchecked, unilateral power. Because it’s clearer than ever he can’t be trusted with it.
Addendum: on the future of WordPress
(This section was added on 9/30 and 10/1)
Matt’s repeatedly downplayed his role as dictator by saying if he ever turns into “Evil Matt,” WordPress can just be forked—as though this is something incredibly easy and simple. Technically, sure, anyone could press the button to fork WordPress core, but that doesn’t really solve the problem. The Foundation/.org would still oversee the themes and plugins repository in that scenario, plus the news feed, and who knows how many other things in the ecosystem—all of which would also need to be replaced in order to fully extricate WordPress from Matt’s control, and all of which would cost massive amounts of money.
Each version of WordPress is downloaded tens, if not hundreds of millions of times. The entire plugin repository would need to be replicated, with all its untold millions of interactions a day. Same with themes, and probably lots else.
Infrastructure on that scale is a colossal undertaking that isn’t anywhere nearly as simple as just pressing a button or dropping some stuff on a CDN—and that’s without even getting into the logistical nightmare of keeping this new fork updated and maintained, which would require a huge dedicated team.
It’s possible enough of the community rallies behind a fork to create a critical mass, but that seems unlikely to me. That’s incredibly difficult to pull off in several ways, especially without some pretty massive cash behind it. And whoever’s fronting that cash probably wants a return, and probably holds a position of power in that new world, and so we’ve likely just recreated the same problem in a new form.
I think the better approach is to reshape what we have, not throw untold resources at forking and rebuilding everything, only to possibly end up in the same situation all over again, just with a different dictator.
It’s clear to me what WordPress needs is community governance—some kind of board or council—not control by a dictator. The kinds of decisions Matt’s making shouldn’t be made by one person or organization, and they shouldn’t be made by anyone with a business stake or conflict of interest in their consideration or execution.
Clearly, too much power has been concentrated in the hands of too few.
Ironic, then, that Matt insists venture funding is good as long as capital doesn’t achieve too big a stake and take control, as he’s essentially just made himself the embodiment of that problem. Whether it’s a VC or a BDFL, the risks of corruption and exploitation are the same.
The WordPress Foundation claims its reason for existence is ”to ensure free access, in perpetuity, to the software projects we support.”
It’s quite obvious the man who helms the foundation, who authors the news, and who holds pretty much all the cards when it comes to WordPress, isn’t interested in any ideals but his own.
I believe an entirely new leadership structure is needed. Maybe Matt still has a say in this new form of community governance (I remain vague on its details because I don’t believe my place is to make that prescription), but it should never be the case again that Matt’s say is all that matters, or that nobody else can override his authority.