You are here: Home / Heartbroken about what Plone has become :-(

Heartbroken about what Plone has become :-(

by Hawke Robinson last modified Jul 17, 2019 01:14 AM
I have been involved with tech since the late 1970s when I first started programming. Fast-forward to the web, and content management systems and web applications, platforms, products, frameworks, etc. Plone has been a stellar solution up until the version 5.x line, and since then something seems to be going more and more "wrong" with the development and community, which breaks my heart...

This is likely TLDR for most folks, so the short version:

Loved Plone 2.x, 3.x, and especially 4.x. But 5.x has been disaster with security, lack of features, lack of products, lack of community support, and an increasingly mercenary and smaller pool of developers.

So I am very sad to have to start moving away from Plone. I don't have an easy solution to this. For now we're evaluating many different options, and Django is looking possible, but is less of a bundled "product" that is ready to go like Plone was in the 3.x/4.x days, and more of a framework which is more what Plone 5.x has become more like alas, but without the active community that Django has.

If there is anyway to NOT have to move these 30+ community sites off Plone, I would REALLY prefer to stay with Plone, but the core Plone community doesn't seem to care anymore. I have posted many requests, have paid thousands of dollars to their developers, and still Plone 5.x is an extremely anemic product with still several severe security holes unresolved for several years now.

I am heartbroken about this.

 

 

Long version

I began using Zope around 1999 for administrative web-based tools when I was, admin, head of security, director of ops, and finally corporate architect at Franklin Covey and elsewhere. But it was far too clunky for general users, it was "just for techies" like me.

Meanwhile i had a growing list of hobby websites, between Hawkes Haven, Merp.com and others in th 90s, and now I have about 30 different community sites with nearly 300 domains!

I am just one person supporting these very different communities, and I need a web-based community portal content management system that is user friendly, rarely requires taking time to code, so that the communities can just thrive.

I was using a wide range of perl, java, and (blech!) php based portal and CMS products, but:

* Very unhappy with perl's code mess and security issues

* Loved java but frustrated with the limited opensource communities related to CMS (then and now)

* and horrified at the script-kiddy constantly hacked vulnerable PHP language and the growing popularity of php-based CMSs (phpboard, phpnuke, phpgeekboard, wordpress, the list goes on).

 

I was increasingly having to spend more and more time just trying to keep the sites running fighting off spammers, hackers, bad code up dates (looking at you PHP!), etc.

I liked Python well-enough, but it wasn't as mature on web platforms as I needed it to be, but Zope was looking very promising...

 

I was drowing in the security hassles and constant core language updates of perl and PHP based sites making it very difficult to be a single admin of donated community sites that started having millions of visitors per month, and thousands of active users.

Then Plone came along to help save the day.

I was able to scale so much better, the security was far superior, the product add-ons we acceptable though lacking polish, and the opensource community robust, active, friendly, supportive, happy to work with non-programmers to create new "products' (add-ons) to help address features that community sites needed, and to keep Plone competitive with the other "CMS" light products (Plone's CMS features were awesome!) with a wide variety of possible solutions and developers always willing to help if you were willing to put in the time and work with them.

I have loved Plone versions 2.,x, 3.,x through 4.x, but since 5.x the product and community seems to have gone off the rails with security, features, seemingly  much smaller opensource community and very few generous developers (there used to be many more it seems), and increasingly mercenary community. They seem to have heavily fractured in the past years since 5.x launched. I'm and outsider and don't know anything about any internal politics but the whole community seems to have quite drastically changed.

I have tried for years now to get serious security holes addressed, and finally they fixed a few very serious ones after ignoring my postings and proof for years (after I gave a developer direct access to my server they finally acknowledged there was a serious issue, and then quickly rolled out a few critical hotfixes that worked until 5.x seemed to have brought those back and added new ones), but now some are back and they have said "don't publicly share these vulnerabilities" only send to the private email, until they are fixed, but now more than a year has gone by and no resolution.

Finally, while baseline has greatly improved for the basic product, most of the wonderful extended features of Plone 4.x are now gone, and every time asked if anyone will recreate or port those "Products" "Add-ons" to 5.x, they keep saying, "how much will you pay?". And I have paid, for a few small projects a few thousand dollars here and there, but they have become far too mercenary now and it it nowhere near the community it once was alas.

So I am very sad to have to start moving away from Plone. I don't have an easy solution to this. For now we're evaluating many different options, and Django is looking possible, but is less of a bundled "product" that is ready to go like Plone was in the 3.x/4.x days, and more of a framework which is more what Plone 5.x has become more like alas, but without the active community that Django has.

If there is anyway to NOT have to move these 30+ community sites off Plone, I would REALLY prefer to stay with Plone, but the core Plone community doesn't seem to care anymore.

 

 

Navigation