DEV Community

Discussion on: Static Site Generators - the WordPress alternative no one's talking about

Collapse
 
grahamthedev profile image
GrahamTheDev

That still isn't a WordPress problem as per my first answer.

It is a plugin problem and SSGs will suffer a similar fate with broken plugins as they gain popularity and people with less experience start developing with them.

As for plugin vulnerabilities, SSGs use plugins too and most are served via something like npm (which can be an additional vulnerability as people just blindly trust packages).

Yet again I would stress I am not a fan of WordPress but none of the issues are an issue with WordPress itself and SSGs are far from immune, they are just not widely used enough to justify the effort of attacking them (yet).

Thread Thread
 
jdforsythe profile image
Jeremy Forsythe

I understand what you're saying, and WP isn't inherently bad.

There is something different about the dependencies, though. WP plug-ins are code running on your production server. That is inherently more dangerous (to my server) than an npm script that runs in the browser, or a plugin that emits static HTML code that I upload to S3. The npm script can't bork my production DB and take down my site because there isn't a production DB (speaking strictly about page/article content).

Thread Thread
 
grahamthedev profile image
GrahamTheDev • Edited

All valid points and I am playing devils advocate in all of this as I actually like SSGs, I am in the middle of working on a hybrid system as we speak.

Just sticking up for poor old WordPress (poor thing with its dominant market share 😂😂).

Thread Thread
 
jdforsythe profile image
Jeremy Forsythe

I just made a bunch of arguments against WP to the marketing department and inadvertently made a new project for my team to redo the site with an SSG. Maybe I'll tell them you said it's not so bad 🤣🤣