The problem here is buyers cannot update the plugin. The buyer has to wait for the theme update to come with the new bundled plugin version, or the buyer has to go and purchase their own license to get the latest version.
SOLUTION!
Here’s some code for Theme Authors to include in their themes. This allows your buyers to update to the latest version of Visual Composer straight away.
Good job. We did code up the same thing last year but decided not to include in the theme. There might be a legal and an ethical issue here.
Not sure if Envato allows distribution of plugins and theme via a 3rd party server or we would have theme authors offering auto-updates from their own servers instead of forcing users to go through the gruesome process of acquiring and entering Envato API keys. It’s great that you’re returning download URL directly from the API, but still not sure if it’s allowed. Can we get a confirmation on that? And yes the download limit per account (50 downloads?) also needs a confirmation if it still exists.
There’s also the issue that this reduces one incentive for the buyers to buy their own copy of VIsual Composer. Now, we tell buyers that if they want immediate updates for VC, they should buy it.
If a theme includes 3rd party add-ons, the theme buyers are NOT entitled to direct updates of those 3rd party add-ons, as only direct buyers are entitled to that. So bypassing that limitation by using the theme authors extended license code (even if its hidden on another server) in order to retrieve the update directly from the plugin authors profile seems highly questionable to me.
I understand the appeal and ease of such an approach, but in the end, only the theme author is allowed to have direct access to the updates and the solution suggested extends that direct access to all theme buyers. Extended licenses for plugins are very cheap on CodeCanyon and theme authors benefit much more from including some plugins with their theme and the price for an extended license is already recovered after selling just a couple of theme licenses.
By giving theme buyers now access to direct updates removes one of the biggest incentive for theme buyers to also purchase a separate license for an included plugin (aside from direct support from the plugin author). So either Envato drastically increases the price for extended licenses in order to make up for that, or Envato needs to step in and put a stop to such a delivery method for otherwise unauthorized updates. Or plugin authors have to start to provide all their updates through their own servers and just host outdated versions on CodeCanyon.
I see absolutely no difference in packaging up the latest version of the Extended License Plugin zip file into my theme and manually releasing a theme update to my buyers, when compared to this automated approach. The manual approach just seems pointless when it could be automated.
The difference might be minor when it comes to the end result (theme buyers having updated plugins), but the issue is that you are providing the theme buyers direct (server) access to the updated plugin via the plugin author’s profile on CodeCanyon, which they have no right to. The theme buyer can only have access to plugin updates via a theme update package, provided via the theme author’s profile. You are basically “giving out” your extended license key for theme buyers to use in order to get faster plugin updates. That you are “hiding” the license key on your server is irrelevant, since you still allow theme buyers to use it, which is against Envato regulations.
As stated already, I can fully understand why one would want to offer direct update access because it means the theme author doesn’t have to push as many minor theme updates anymore, but theme buyers simply don’t have a license for the bundled plugins and can therefore only receive updates through the theme.
An official statement from Envato here would really help!
There is also another problem: when bundled plugins are automatically updated, integration code for such plugins in the theme may not work with new version and clients’ site can be broken. (This is especially true in the case of Visual Composer, where most of themes using it have custom shortcodes.)
So authors should check that theme works with new version of plugins and then release update of the theme with new versions of bundled plugins.
Yep I’ll be hosting the update file on my server like my other bundled plugins that get automatically updated, the API limit is no good for big updates.
I am sure this won’t be allowed just because it is not the right way to deliver updates. And, there are many drawbacks. First this will not benefit plugin authors in anyway. Letting customers directly update Visual composer when the theme authors themselves haven’t tested it with their own theme is the second drawback. And the third one, according to the guidelines, bundled plugins should be updated along with theme package by the theme author themeselves.
Please refrain from using this method. This is not allowed under our licensing rules.
Authors should only provide updates to bundled plugins by updating the containing theme, not by distributing either the plugin itself or a purchase code.
If you have used this method by any chance and you don’t have a license, I strongly suggest you get one straight from the source to avoid any issues with your installation.
If anyone wants to discuss this further (including the OP, because licensing is tricky), you know where to find us.
Happy to see the team step in there. This made me nervous and now I think I’ll second guess bundling my plugins in the future. I haven’t see an increase in sales whatsoever, actually a decrease if anything. In the end it just short changes the developer. I thought this was like a try & buy thing, but in my experience with clients, nobody ever buys the license unless they’re in dire need of support.
Hit the 
if you like.
