Automatic Core Updates, an update
Over the last few weeks I’ve been working on bringing Automatic Core Updates to WordPress 3.7 through #22704, Up until now it’s been disabled in trunk while development in progress – today however, that all changes.
As of  WordPress 3.7+ installs will begin updating themselves without the need of user input every time a new security release has been released, or in the case of all us development users, it’ll update daily to the latest nightly if possible.
Automatic Updates are unattended, and by default, will only update WordPress to security releases (for example, from 3.7 to 3.7.1, but not from 3.7.1 to 3.8). Great lengths will be taken to ensure that no site will break as the result of an Automatic update.
Note: Filter and constant names may change pending feedback and discussion.
Edit, October 18: WordPress 3.7 RC1 changed some filter names. This post now reflects the latest names. AUTOMATIC_UPDATER_DISABLED does not work in RC1. This is fixed in 3.7-RC1-25851.
In order for Automatic Updates to be enabled, there are a few simple requirements:
- If the install uses FTP for updates (and prompts for credentials), automatic updates are disabled
- If the install is running as a SVN or GIT checkout, automatic updates are disabled
- If the constants
AUTOMATIC_UPDATER_DISABLEDare defined, automatic updates are disabled
- If the constant
WP_AUTO_UPDATE_COREis defined as false, automatic updates are disabled
- Your WordPress install also needs to be able to contact WordPress.org over HTTPS connections, so your PHP install also needs OpenSSL installed and working
- Wp-Cron needs to be operational, if for some reason cron fails to work for your install, Automatic Updates will also be unavailable
We’ve also been working on a bunch of related features to make updates even more bulletproof than before, including HTTP, Filesystem, and File verification enhancements, amongst many other things.
How do I test it?
If you’d like to test this out, the simplest way is to simply create a new non-svn checkout of trunk and visit the site regularly to make the cron task run.
If you’d like to test this out, and you’re running SVN/GIT, you can use
add_filter( 'auto_upgrade_ignore_checkout_status', '__return_true' ); in a mu-plugin to make it ignore the checkout status, note, that you’ll lose any modifications you’ve made to core files.
After each update, you’ll receive an email with a summary of the actions taken, which will let you know if the upgrade completed, or encountered any problems – the emails are still a work in progress, the email currently in trunk is designed for developers, and may not be the same in the final release.
I don’t like the sound of this, How do I turn it off?
- If you’re using a deployment system that uses SVN or GIT, it’s disabled by default
- The simplest way to disable it is to add
define( 'AUTOMATIC_UPDATER_DISABLED', true );to your
- You can also make use of the
Are there any more hidden features?
This is WordPress we’re talking about, of course there’s a bunch more that it can do!
- If you’re using a non-English install, this will also automatically update any plugin/theme Language Packs which are installed, hopefully resulting in a better i18n experience, See #18200 for more information on Language packs, there’ll be a follow up post in the near future explaining how and when Language packs will work
- Plugin & Theme Updates! – You can hook into the
'auto_update_theme'filters to enable auto-updates of one, or many plugins/themes note: Plugin/Theme updates will not be enabled by default in WordPress 3.7
- By default, Core Auto-Updates will only apply to WordPress Security & nightly releases, that is, from 3.7.0 to 3.7.1, 3.7.1 will not automatically update to 3.8.0 – This can however be changed, you can simply add
define( 'WP_AUTO_UPDATE_CORE', true );to your
wp-config.phpfile and it’ll happen automatically!
What can I do to help?
Please test it out and report any bugs you find! Triggering automatic updates can be a little bit difficult since it currently relies upon a twice daily cron job, so the easiest way is to just create a new nightly install and visit the site once a day to cause the cron to be initiated, If you’re game to run it on a production site, please be aware that WordPress will go into Maintenance mode during the upgrade.
You can also head over to Trac and check out report/48, which is a temporary 3.7 report containing anything related to automatic updates and Language packs (more on that in a few days)