[kevmarsden]

> I'm pretty sure WP Engine could patch Wordpress to use its own infrastructure, so this isn't a really as much of a security risk as people claim.

Patching core WordPress is straightforward, but there's also tens of the thousands of plugins and themes on WordPress.org. Until WP Engine can create a mirror of the plugin and theme repos, there will be security risks.

[porker]

Mirroring is not difficult, I've done it in order to perform code analysis on plugins at scale.

[martpie]

Well, it definitely becomes harder when you cannot (officially) access any of the WP infra, including themes and plugins.

[tomachi]

The cost of providing free ice-cream to WPengine is $218,685 or 7.9% of wordpress.org total income! ($2,768,057). But if the people eating up all the ice-cream you give them for free take you to court.... then you gotta cut off that ice-cream. WPengine should apologise and starting slinging cash to Automattic.

    WordCamp expenditures: $2,159,747 (82.81% of total expenses)
    Meetup expenditures: $229,571 (8.80% of total expenses)
        Total Meetup.com dues: $224,249
        Total Meetup Venue rental & exp: $5,322
    Operations: $218,685 (8.39% of total expenses) <------ HOSTING PLUGINS/THEMES ETC