You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
List WP Puller on the WordPress.org plugin directory so users get one-click install and automatic updates from their dashboard, instead of manually uploading wp-puller.zip.
Why
Discoverability + trust (official directory).
Built-in update delivery — no custom updater needed.
Forces us to meet the directory's quality/security bar, which is good hygiene anyway.
Blockers to fix before submission
Add readme.txt in the WordPress.org readme format (this is required and separate from README.md). Must include headers — Contributors, Tags, Requires at least, Tested up to, Requires PHP, Stable tag, License, License URI — and the == Description ==, == Installation ==, == Frequently Asked Questions ==, == Screenshots ==, == Changelog == sections. Stable tag must match the released version.
Fix plugin-header placeholders in wp-puller/wp-puller.php: Author: Developer and Author URI: https://github.com/developer are placeholders and must be real values.
Confirm licensing. The directory requires a GPLv2-or-later-compatible license. The header currently declares MIT (which is GPL-compatible), but the readme/header should state a GPL-compatible license explicitly; recommend GPLv2 or later for least friction. Reconcile the repo LICENSE files with the chosen license.
Disclose all external service calls (required by the guidelines): the plugin contacts api.github.com (core function) and, since v1.0.8, www.cloudflare.com/ips-v4|v6 for trusted-proxy ranges. Either document these in the readme or make the Cloudflare fetch opt-in / ship the ranges bundled to avoid an undisclosed external dependency.
Clear the WPCS backlog so the code passes WordPress Coding Standards cleanly (we currently run WPCS as advisory in CI — see CONTRIBUTING.md). Reviewers check sanitization/escaping, prefixing, and i18n; our security review already covered most of this.
Set Tested up to to the current WordPress version and re-verify no fatals (last verified clean on WP 7.0 / PHP 8.2).
Confirm slug availability — wp-puller must be free in the directory.
Marketing assets (committed to SVN /assets, not the plugin zip)
Icon — icon-128x128.png and icon-256x256.png (or icon.svg)
Banner — banner-772x250.png and banner-1544x500.png
Screenshots — screenshot-1.png … matching the == Screenshots == captions
Submission process
Create / use a WordPress.org account for the team.
Address reviewer feedback (expect a back-and-forth, often about escaping/external calls/licensing).
On approval, you receive an SVN repo (the directory uses SVN, not Git): commit the plugin to trunk, tag releases under /tags/<version>, and place assets in /assets.
Establish a release flow that mirrors main → SVN trunk + tag, keeping Stable tag in sync.
Naming / trademark
Follow the trademark guidelines: a plugin name may not start with "WordPress"; the existing "WP" prefix and "WP Puller" name are fine.
Acceptance criteria
Plugin is approved and live at https://wordpress.org/plugins/wp-puller/.
Installable + updatable from the WP dashboard.
readme.txtStable tag, the plugin header version, and the SVN tag all agree.
Summary
List WP Puller on the WordPress.org plugin directory so users get one-click install and automatic updates from their dashboard, instead of manually uploading
wp-puller.zip.Why
Blockers to fix before submission
readme.txtin the WordPress.org readme format (this is required and separate fromREADME.md). Must include headers —Contributors,Tags,Requires at least,Tested up to,Requires PHP,Stable tag,License,License URI— and the== Description ==,== Installation ==,== Frequently Asked Questions ==,== Screenshots ==,== Changelog ==sections.Stable tagmust match the released version.wp-puller/wp-puller.php:Author: DeveloperandAuthor URI: https://github.com/developerare placeholders and must be real values.LICENSEfiles with the chosen license.api.github.com(core function) and, since v1.0.8,www.cloudflare.com/ips-v4|v6for trusted-proxy ranges. Either document these in the readme or make the Cloudflare fetch opt-in / ship the ranges bundled to avoid an undisclosed external dependency.Tested up toto the current WordPress version and re-verify no fatals (last verified clean on WP 7.0 / PHP 8.2).wp-pullermust be free in the directory.Marketing assets (committed to SVN
/assets, not the plugin zip)icon-128x128.pngandicon-256x256.png(oricon.svg)banner-772x250.pngandbanner-1544x500.pngscreenshot-1.png… matching the== Screenshots ==captionsSubmission process
trunk, tag releases under/tags/<version>, and place assets in/assets.main→ SVNtrunk+ tag, keepingStable tagin sync.Naming / trademark
Follow the trademark guidelines: a plugin name may not start with "WordPress"; the existing "WP" prefix and "WP Puller" name are fine.
Acceptance criteria
https://wordpress.org/plugins/wp-puller/.readme.txtStable tag, the plugin header version, and the SVN tag all agree.References
wp-puller/wp-puller.php(header), repoLICENSE, CONTRIBUTING.md (WPCS status)