Plugin management with Grav

First, let me say that I really love what I have seen so far from Grav. I am interested in starting to move away from wordpress on new site builds that do not require it. One of the biggest issues for me with wordpress has been the dependence on plugins to do so much. Having features being able to be added or removed via a plugin does give you much greater control of what is included in a build. It also allows you not to have to re-invent the wheel everytime you need to do something. In wordpress however it has grown into a problem with many sites I have had to work with. Either plugins are outdated and have not had any updates in a long time or in some instances developers have just quit supporting the plugin or has made major changes to the plugin causing some issues. You mix that with major core changes which can also break plugins it can cause plenty of problems.

I was just wondering if there has been any discussions on how to better manage plugins in Grav or is this just something that is a given with an open source platform with 3rd developers creating plugins?

Good topic! Am also interested in this.

There was a discussion recently about making sure plugins are compatible with the correct version of Grav - like WordPress has done for a while - and also suggestions of version-specific feedback so compatibility is ensured. But like any CMS it’s virtually impossible to make sure all plugins are kept up to date.

However, a benefit of Grav so far is that the core is “larger” than the plugins, whereas in WordPress a lot of what I would consider necessary functionality rests in plugins - and thus breaking the core happens much more often.

Also, Grav’s version bumps are by far not as destructive as WordPress’ have been since v3. As long as the developers of Grav maintain the stability and keep optimizing the core, as well as improve its feature-set, then the frankly ridiculous plugin-dependency of WordPress should not occur. A good REST API will also go a long way in helping this.


I was wondering if it was just an inherit issue with having a open source project where many are contributing. I do see few areas where Grav has advantages over wordpress in regards to plugins and updates.

  1. No Database to be corrupted or broken when a plugin or the core is updated. Sucks when a plugin is updated and makes changes throughout the database and breaks the site. You are pretty much stuck restoring from a backup. Just reverting to a early plugin or core version does not fix the database changes as far as I know.

  2. No Database : D — Easier to backup, test and restore if needed. I am thinking cloning a site on a test server and testing updates before trying it live may be much easier in Grav. Some sites in wordpress were impossible to clone and test any effectively… Heck some sites I have seen had so many plugins just viewing a page in the editor broke things. lol

  3. Don’t have much experience yet with this but seems like adapting jquery and javascript scripts into the grav site to accomplish tasks that normally would require plugins may be much easier to accomplish and maintain compared to wordpress.

  4. The ability to run twig on pages and pass data between pages will allow for a lot of things to be accomplished inside of grav without need of any additional plugins.

Wordpress to me has been a great platform and I can do just about anything with it but the core update changes like the shortcode api changes which broke many of sites from what I have read, and the plugin issues along with the vulnerability issues have really made what used to be enjoyable feel like I am in a constant battle to keep up with it all. There is a reason why platforms like Squarespace and Wix which are so restrictive and costly have millions of users. People like ease and do not want to spend all their time trying to fix things that break from updates or worrying about scanning their sites to see where the vulnerabilities are. I am excited about the future of Grav and hope they can succeed in becoming the go to platform of choice for developers and everyday people a like.

I am curious of your thoughts on this as well if others have these same concerns or if it is just me…

I do think it is a “problem” with open source projects, but not really because of the third-party developers. Rather, it is the changes to the core system that breaks the plugins, because the changes are often not planned thoroughly enough in regards to how plugins interface with the core. So far, Grav’s architecture seems to have avoided this without many problems, but I could imagine that it would be advantageous to automatically case-test plugins upon each release of Grav.

The lack of a database is definitely a plus, though scaling remains an issue. As anyone working with Node will have experienced, moving or deleting thousands of files is a hassle and time-consuming.

On #3: In my experience so far it has been easier to adapt Javascript for use with Grav, though it relies more on the structure of the theme (as also in WordPress) than Grav itself. More declarative priorities in Grav itself and categorized plugins would help in the plugin load order - lest it ends up like WordPress where you have to override priorities for compatability.

I had the same experience as you with WordPress: I used it and followed its development since early v3, but the pace of updates and changes consequently broke plugins and themes, thus loosing the efficiency of a multisite setup. APIs make utilizing a CMS tremendously easier, and WordPress’ did not come in time.

I can understand the point of scaling although most of the sites I have developed or worked with are probably 30 pages or less but that is a good point for those who will have hundreds or thousands of pages.

I have seen with just moving the core files + admin can take up some time just by itself although I have not tried out the backup option and not sure if it backs up just the user files or everything and if it makes things any faster.

I have been becoming increasingly frustrated with the way things are being handled in wordpress and although I have been blessed not to have ran across major issues for the most part after I read about this there on on some forums where many were discussing having many sites broken it really had me thinking about how I want to move forward with development.

We have put a lot of effort and power into our GPM solution to ensure maximum control and functionality when it comes to managing plugins.

WordPress often makes use of global variables and functions for plugins to work which can lead to conflicts and errors. Grav uses event hooks and modern features such as dependency injection containers to ensure these issues are greatly reduced.

Another important feature that we added in Grav 1.1 is plugin dependencies. This means you can now set certain dependencies in Grav plugins that dictate a version of Grav, or even other plugins. This means that you can now ensure that Grav is a certain version before allowing installation of a certain version of a plugin.

Also our GPM system has the ability to install dependent plugins. For example, Admin plugin will install forms, email, and login if not already installed. Also any shortcode specific plugin will install shortcode-core that provides the core shortcode functionali ty.

Also we now have the ability to have a Release/Testing option to make ‘test’ releases available to install.

I’m pretty sure that no other CMS has this combination of features in the plugin/theme system.


Sounds like the development team has already given a lot of thought to how to improve on what has been the standard in plugin and core management with many of the mainstream cms platforms. Is the GPM part of the admin panel or something separate?

I’ll be honest, composer, CLI or even ssh are things I have not used. It is hard enough getting some clients to remember their wordpress passwords or even know what ftp is. How do you go about using CLI or composer on a clients server. Would you need to contact the host for each client to have these things setup and enabled and what risks do they pose to the server at that point. I plan on setting it up on my test server to use and learn but wonder how others will deal with getting access to using CLI and/or composer on servers where you don’t have access to those. Sorry if it is a stupid question, I really just don’t know. : D

Most of the CLI capabilities are available via the admin plugin.

CLI requires SSHing to the machine. This is not something for newbies but let’s more advanced people do things quickly and without the need for an admin which might be broken for whatever reason.