Recommended usage of the Updates API to support the auto-updates UI for Plugins and Themes in WordPress 5.5

This is an addendum to Controlling Plugin and Theme auto-updates UI in WordPress 5.5.

Edit 8/05/2020: An error in the example of populating no_updates for plugins has been corrected: in site_transient_update_plugins the value of response and no_update are arrays of objects; whereas in site_transient_update_themes, they are arrays of arrays. props @afragen. @pbiron

By default, the enable and disable auto-updates action links for plugins (detailed in the previous developer note) will only appear when the WordPress CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. Updates APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. (available since version 3.7.0) is supported.

All plugins that are hosted in the WordPress Plugin Directory and themes that are hosted in the WordPress Theme Directory already fully support the Updates API and require no changes.

Plugins and themes that are hosted elsewhere (such as premium or “private” plugins) can also support the Updates API with a little bit of code.

Though there is currently no one “official” way for such plugins to support the Updates API, this note offers recommendations for how developers can provide enough support for the auto-updates UIUI User interface to work for their plugins.

Filtering the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party update transient

The responses received from querying the WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ Updates API are stored in the update_plugins site transient. There are several existing filters that developers can use to add information about the availability or lack of available updates for a specific plugin that is not hosted in the WordPress Plugin Directory to that transient. The most common are:

Using pre_set_site_transient_update_plugins, for example, developers can do:

<?php
function myplugin_pre_set_site_transient_update_plugins( $transient ) {
	// Query premium/private repo for updates.
	$update = myplugin_check_for_updates( 'my-plugin' );
	if ( $update ) {
		// Update is available.
		// $update should be an array containing all of the fields in $item below.
		$transient->response['my-plugin/my-plugin.php'] = $update;
	} else {
		// No update is available.
		$item = (object) array(
			'id'            => 'my-plugin/my-plugin.php',
			'slug'          => 'my-plugin',
			'plugin'        => 'my-plugin/my-plugin.php',
			'new_version'   => $myplugin_current_version,
			'url'           => '',
			'package'       => '',
			'icons'         => array(),
			'banners'       => array(),
			'banners_rtl'   => array(),
			'tested'        => '',
			'requires_php'  => '',
			'compatibility' => new stdClass(),
		);
		// Adding the "mock" item to the `no_update` property is required
		// for the enable/disable auto-updates links to correctly appear in UI.
		$transient->no_update['my-plugin/my-plugin.php'] = $item;
	}

	return $transient;
}

add_filter( 'pre_set_site_transient_update_plugins', 'myplugin_pre_set_site_transient_update_plugins' );

Developers that have already been using the Updates API to offer updates for their plugins that are not hosted in the WordPress Plugins Directory have already been populating the response property for their plugin.

The no_update property is a requirement for the auto-update UI to work correctly for externally hosted plugins.

Some are already populating the no_update for their plugin. Any that are not should update their code accordingly for the best user experience.

Filtering the theme update transient

For themes, the responses received from querying the WordPress.org Updates API are stored in the update_themes site transient. The filters used to modify the values of these transients are similar to the ones used for plugins but slightly different:

Using pre_set_site_transient_update_themes, for example, developers of a theme hosted in a different location can do:

<?php
function mytheme_pre_set_site_transient_update_themes( $transient ) {
	// Query premium/private repo for updates.
	$update = mytheme_check_for_updates( 'my-theme' );
	if ( $update ) {
		// Update is available.
		// $update should be an array containing all of the fields in $item below.
		$transient->response['my-theme'] = $update;
	} else {
		// No update is available.
		$item = array(
			'theme'        => 'my-theme',
			'new_version'  => $mytheme_current_version,
			'url'          => '',
			'package'      => '',
			'requires'     => '',
			'requires_php' => '',
		);
		// Adding the "mock" item to the `no_update` property is required
		// for the enable/disable auto-updates links to correctly appear in UI.
		$transient->no_update['my-theme'] = $item;
	}

	return $transient;
}

add_filter( 'pre_set_site_transient_update_themes', 'mytheme_pre_set_site_transient_update_themes' );

The no_update property was only recently added to API responses for theme update queries, and like plugins, the no_update property is a requirement for the auto-update UI to work correctly for externally hosted themes.

Props @desrosj and @audrasjb for review prior to publishing.

#5-5, #auto-update, #auto-updates, #dev-notes, #feature-autoupdates

Auto-updates feature weekly meeting agenda – July 28th, 2020

Next meeting is scheduled on Tuesday July 28, 2020 at 17:00 UTC and will take place on #core-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel with the following agenda:

  • Progress report on Docs
    • HelpHub end-user documentation
    • Dev notesdev note Each important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include: a description of the change; the decision that led to this change a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase.
    • About page/communication
  • Remaining tickets:

Got something to propose for the agenda? Please leave a comment below.

#auto-update, #auto-updates, #core-auto-updates, #feature-plugins, #feature-projects, #feature-autoupdates

Controlling Plugin and Theme auto-updates UI in WordPress 5.5

Site security is an integral part of modern websites. Keeping sites up to date by running the latest versions of WordPress, PHPPHP The web scripting language in which WordPress is primarily architected. WordPress requires PHP 5.6.20, and any installed plugins or themes is highly recommended as an easy way to keep a site safe from any known security vulnerabilities.

By default, WordPress itself is configured to automatically update when new minor versions become available. While the code to auto-update plugins and themes has been in CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. for just as long, it’s seldom used by site owners because it requires the use of a filterFilter Filters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. hook.

This past February, a feature plugin was created in response to the 9 Projects for 2019/2020 to explore introducing a user interface that allows site administrators to easily manage pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party and theme auto-updates right from the dashboard. After 5 months of development on the GitHub repository, user feedback (the plugin was available on the WordPress.org plugin directory), testing (which includes over 1,000 active installs), and iterating by the contributors of the #core-auto-updates team, this feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. was merged into Core in [47835] and will be released in WordPress 5.5.

A screenshot of a site’s Plugins page in the dashboard with the new “Automatic Updates” column (click to open this image in a new tab).

These new controls will allow website owners to keep their sites up-to-date and secure with less time and effort.

Note: Plugin and theme auto-updates are disabled by default. Administrators and site owners need to enable this feature to receive automatic plugin and theme updates. However, language packs for plugins and themes have always auto-updated when new updates are available. The new interface will not adjust language pack updates.

By default, all users with the update_plugins and update_themes capabilities are able to toggle auto-updates for plugins and themes respectively. On multisitemultisite Used to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site installations, only networknetwork (versus site, blog) administrators have this capability, and only when in the context of the network dashboard.

A number of hooksHooks In WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same. are included for plugin authors and WordPress developers to customize the new feature to fit their needs. Let’s have a look at the available functions and hooks and how they can be used to tailor the plugin and theme auto-update experience.

New function: wp_is_auto_update_enabled_for_type()

This function indicates whether auto-updates are enabled for a given type. The two types accepted are theme and plugin.

// Check if auto-updates are enabled for plugins.
$plugin_auto_updates_enabled = wp_is_auto_update_enabled_for_type( 'plugin' );

Disable the auto-update user interface elements

It is possible to disable the new interface elements if desired. Returning false to the plugins_auto_update_enabled and themes_auto_update_enabled filters will disable the user interface elements for plugins and themes respectively. By default, these are enabled (true).

Note: This does not enable or disable auto-updates. It controls whether to show the user interface elements.

The following snippet will disable the plugin and theme auto-update UIUI User interface elements:

// Disable plugins auto-update UI elements.
add_filter( 'plugins_auto_update_enabled', '__return_false' );

// Disable themes auto-update UI elements.
add_filter( 'themes_auto_update_enabled', '__return_false' );

Modifying auto-update action links

Sometimes, a plugin or theme may want to manage updates on their own. This is common when they are not hosted on the WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ directories. For these instances, there are filters in place so plugin and theme authors can modify the auto-update related HTMLHTML HyperText Markup Language. The semantic scripting language primarily used for outputting content in web browsers. output in certain locations.

Plugins screen: single site and multisite

With the plugin_auto_update_setting_html filter, it’s possible to filter auto-update column content, including the toggle links and time till next update attempt.

This filter pass the default generated HTML content of the auto-updates column for a plugin, with two additional parameters:

  • $plugin_file: The path to the main plugin file relative to the plugins directory.
  • $plugin_data: An array of plugin data.

For example, let’s say the “My plugin” plugin wants to prevent auto-updates from being toggled and its path relative to the plugins directory is my-plugin/my-plugin.php. The following example will change what is displayed within the auto-update column for that plugin:

function myplugin_auto_update_setting_html( $html, $plugin_file, $plugin_data ) {
	if ( 'my-plugin/my-plugin.php' === $plugin_file ) {
		$html = __( 'Auto-updates are not available for this plugin.', 'my-plugin' );
	}

	return $html;
}
add_filter( 'plugin_auto_update_setting_html', 'myplugin_auto_update_setting_html', 10, 3 );

Below is the result:

In the screenshot above, the default toggling action in the auto-updates column for one particular plugin has been modified using the previous example (click to open this image in a new tab).

For reference, here is the default HTML content:

<a href="…" class="toggle-auto-update" data-wp-action="…">
	<span class="dashicons dashicons-update spin hidden" aria-hidden="true"></span>
	<!-- The following text is replaced with "Disable auto-updates" when auto-updates are already enabled for this plugin -->
	<span class="label">Enable auto-updates</span>
</a>

Themes screen: single site only

Filtering the auto-update HTML content for Themes screen is a bit more tricky since this screen is rendered with a JavaScriptJavaScript JavaScript or JS is an object-oriented computer programming language commonly used to create interactive effects within web browsers. WordPress makes extensive use of JS for a better user experience. While PHP is executed on the server, JS executes within a user’s browser. https://www.javascript.com/. template. However, it is possible to hook into this screen using the theme_auto_update_setting_template filter and returning a modified $template (the rendering template used for every theme on the Themes page).

Note: since this template is used for each theme on the page, using a conditional statement to check for the theme being targeted is highly recommended. This can be done by utilizing the data.id JSJS JavaScript, a web scripting language typically executed in the browser. Often used for advanced user interfaces and behaviors. parameter (which contains the theme slug).

Full documentation about the properties available for the theme data object is available in wp_prepare_themes_for_js() DevHub page.

The following example will replace the text auto-update HTML content for the my-theme and twentytwenty themes:

function myplugin_auto_update_setting_template( $template ) {
	$text = __( 'Auto-updates are not available for this theme.', 'my-plugin' );

	return "<# if ( [ 'my-theme', 'twentytwenty' ].includes( data.id ) ) { #>
		<p>$text</p>
		<# } else { #>
		$template
		<# } #>";
}
add_filter( 'theme_auto_update_setting_template', 'myplugin_auto_update_setting_template' );

Below is the result:

In the screenshot above, the default toggling action for auto-updates has been modified using the previous example (click to open this image in a new tab).

For reference, here is the default template output:

<div class="theme-autoupdate">
	<# if ( data.autoupdate ) { #>
		<a href="{{{ data.actions.autoupdate }}}" class="toggle-auto-update" data-slug="{{ data.id }}" data-wp-action="disable">
			<span class="dashicons dashicons-update spin hidden" aria-hidden="true"></span>
			<span class="label">' . __( 'Disable auto-updates' ) . '</span>
		</a>
	<# } else { #>
		<a href="{{{ data.actions.autoupdate }}}" class="toggle-auto-update" data-slug="{{ data.id }}" data-wp-action="enable">
			<span class="dashicons dashicons-update spin hidden" aria-hidden="true"></span>
			<span class="label">' . __( 'Enable auto-updates' ) . '</span>
		</a>
	<# } #>
	<# if ( data.hasUpdate ) { #>
		<# if ( data.autoupdate ) { #>
			<span class="auto-update-time">
		<# } else { #>
			<span class="auto-update-time hidden">
		<# } #>
		<br />' . wp_get_auto_update_message() . '</span>
	<# } #>
	<div class="notice notice-error notice-alt inline hidden"><p></p></div>
</div>

Themes screen: multisite only

On multisite installs, the Themes screen can be modified in a way similar to the Plugins screen detailed above. Using the theme_auto_update_setting_html filter, the auto-update column content can be filtered, including the toggle links and time till next update.

This filter is passed the default generated HTML content of the auto-updates column for a theme with two additional parameters:

  • $stylesheet: The directory name of the theme (or slug).
  • $theme: The full WP_Theme object.

For example, let’s say the network administrator of a multisite network wants to disallow auto-updates for the Twenty Twenty theme. The following example will change what is displayed within the auto-update column for that theme:

function myplugin_theme_auto_update_setting_html( $html, $stylesheet, $theme ) {
	if ( 'twentytwenty' === $stylesheet ) {
		$html = __( 'Auto-updates are not available for this theme.', 'my-plugin' );
	}

	return $html;
}
add_filter( 'theme_auto_update_setting_html', 'myplugin_theme_auto_update_setting_html', 10, 3 );

Blanket auto-update opt-in

If a developer wants to enable auto-updates for all plugins and/or themes (including any that are installed in the future), the auto_update_plugin/auto_update_theme filters can be used.

// Enable all plugin auto-updates.
add_filter( 'auto_update_plugin', '__return_true' );

// Enable all theme auto-updates.
add_filter( 'auto_update_theme', '__return_true' );

Note: Any value returned using these filters will override all auto-update settings selected in the adminadmin (and super admin). Changes made using these filters also will not be reflected to the user in the interface. It is highly recommended to use these filters in combination with the hooks detailed above to inform the user of the auto-update policy being enforced.

This approach will not be appropriate for all sites. It’s recommended to use the new UI to manage auto-updates unless you’re sure blanket opting-in is right for your site.

Also note: This filter was added to the codebase in WordPress 3.7.0 and is likely being used to blanket enable auto-updates for plugins and themes on sites today. If it appears the new UI elements are not changing the auto-update behavior for plugins or themes on your site, this may be why. #50662 has been opened to notify site owners that this filter is being used in Site Health.


For information, refer to the following tickets on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress.: #50052, #50280.

This post is the first part of the plugins and themes auto-updates dev notesdev note Each important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include: a description of the change; the decision that led to this change a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase. for WordPress 5.5.

Thanks @desrosj and @pbiron for technical review and proofreading.

#5-5, #auto-update, #auto-updates, #dev-notes, #feature-plugins, #feature-projects, #feature-autoupdates

Auto-updates feature meeting summary – July 14, 2020

These are the weekly notes for the WP Auto-updates team meeting that happened on Tuesday July 14, 2020. You can read the full transcript on the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

Reminder: WP Auto-updates Feature has been merged into WordPress Core so bugs reports and enhancements requests should now happen on Core Trac.

Dev notedev note Each important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include: a description of the change; the decision that led to this change a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase. for WordPress 5.5

@audrasjb drafted a dev note focused on hooking the plugins and themes auto-updates UIUI User interface controls. @pbiron, @desrosj and @azaozz started to review this proposal.

It was previously decided to split the auto-updates dev note into several Posts. @audrasjb also drafted a dev note for email notifications. @pbiron pointed out that a dev note will be necessary for Site health screen hooksHooks In WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same. and functions. It will probably be added to the second dev note about email notifications. The first dev note will be published on Wednesday or Thursday.

Update on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. tickets

  • #50350: A couple weeks ago, the team agreed to add the version updated TO to the emails for 5.5 and possibly add the version updated FROM in 5.6. @audrasjb is working on a patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing. for this.
  • #50437 still needs a patch.
  • Concerning #50512, items 1, 2 and 4 of the ticketticket Created for both bug reports and feature development on the bug tracker. are already fixed. Item 3 will be discussed on Friday by the accessibilityAccessibility Accessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both “direct access” (i.e. unassisted) and “indirect access” meaning compatibility with a person’s assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility) team.
  • @desrosj is working on #50662.
  • @pbiron is working on #50663.
  • @johnbillion pointed out that #50437 needs some more discussion. This ticket will probably be moved to milestone 5.6.
  • Concerning #50623, It’s probably too late to address this ticket before 5.5 is released, but @audrasjb proposed to comment with few links to previous decisions (especially design decisions, as the design team already reviewed the interface) made by the team.
  • @apedog asked for review on ticket #32101, but given it’s not directly related to plugins and themes auto-updates, it’s probably better to raise this ticket during core team dev chat meeting.

#5-5, #auto-update, #core-auto-updates, #feature-plugins, #feature-projects, #feature-autoupdates

Auto-updates feature meeting summary – June 16, 2020

These are the weekly notes for the WP Auto-updates team meeting that happened on Tuesday June 16, 2020. You can read the full transcript on the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

Reminder: WP Auto-updates Feature has been merged into WordPress Core so bugs reports and enhancements requests should now happen on Core Trac.

Update on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. tickets

#50215Help Tabs implementation.
This ticketticket Created for both bug reports and feature development on the bug tracker. was discussed by the team and the patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing. was merged by @whyisjake during the meeting.

#50268Auto-update email notifications.
@desrosj is working on a new patch.

#50350Provide pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party and theme versions informations in auto-updates email notifications.
This ticket still needs a patch. @audrasjb is working on it.

#49771Double “Updated!” text blocks when updating theme.
This one still needs a patch.

#50280Enable auto-updates shows for plugins with no support.
This ticket is now very close to be ready for commit. @azaozz and @pbiron are on it.

#41910Scheduled maintenance message.
This ticket was raised by @paaljoachim. As it is outside the auto-updates feature scope, the best way to move forward on this proposal is to point it out in core devchat.

HelpHub documentation

@audrasjb touched bases with the Docs team last meeting on Monday. @milana_cap is available to review it.

It should be done ahead of the release date so localized versions of HepHub have time to translate it before WordPress 5.5 release. @audrasjb is going to open a MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. Trac ticket to follow this task.

Dev notedev note Each important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include: a description of the change; the decision that led to this change a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase. for WordPress 5.5

@audrasjb proposed the following structure for the dev note:

  • Introduction
  • How to hook into the general auto-updates interface
    • Disable the whole auto-updates UIUI User interface
    • Plugins screen (single and multisites)
    • Themes screen (multisites)
    • Themes screen (single sites)
    • Update screen
  • How to hook into auto-updates email notifications
    • Success notifications
    • Failure notifications
    • Mixed notifications
  • WP-Cron & plugins/themes auto-updates
  • Auto-updates Help Tabs

Feel free to comment below or to get in touch in core-auto-updates Slack Channel if you have any suggestion for this dev note.

#5-5, #auto-update, #core-auto-updates, #feature-plugins, #feature-projects, #feature-autoupdates

Auto-updates feature meeting summary: June 9, 2020

These are the weekly notes for the WP Auto-updates team meeting that happened on Tuesday June 9, 2020. You can read the full transcript on the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

Reminder: WP Auto-updates Feature has been merged into WordPress Core so any bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. report or enhancementenhancement Enhancements are simple improvements to WordPress, such as the addition of a hook, a new feature, or an improvement to an existing feature. request should happen on Core Trac.

Update on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. tickets

Some tickets were recently fixed:

There are still few remaining tickets to address:

  • #50215 – Help Tabs implementation. @audrasjb is going to put together the feedback the team received into a new patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing..
  • #50268 – Auto-update email notifications. @desrosj is the owner of the ticketticket Created for both bug reports and feature development on the bug tracker., but any help is welcome to refresh the current patch.
    Worth noting this ticket was splitted in two. This part will focus only on text changes.
  • #50350 – Provide pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party and theme versions informations in auto-updates email notifications. This one was opened during the meeting and it is the other part of #50268.
  • #49771 – Double Updated! text blocks when updating theme. This one is not 100% related to auto-updates but @paaljoachim wanted to mention it during the meeting.
  • #50280 – Enable auto-updates shows for plugins with no support. This one is actively reviewed.

Next steps

HelpHub documentation

@desrosj mentioned that we’ll need a documentation page on HelpHub. @audrasjb will get in touch with the Docs team on next Monday to make sure plugin and theme auto-updates feature is properly documented on the end users documentation.

@desrosj added that it should be done ahead of the release date so localized versions of HepHub have time to translate it before WordPress 5.5 release. @audrasjb added that it could be nice to open a MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. Trac ticket to follow this task.

Dev notedev note Each important change in WordPress Core is documented in a developers note, (usually called dev note). Good dev notes generally include: a description of the change; the decision that led to this change a description of how developers are supposed to work with that change. Dev notes are published on Make/Core blog during the beta phase of WordPress release cycle. Publishing dev notes is particularly important when plugin/theme authors and WordPress developers need to be aware of those changes.In general, all dev notes are compiled into a Field Guide at the beginning of the release candidate phase. for WordPress 5.5

@audrasjb to draft a basis for the feature’s dev note so it can be discussed and iterated during next week’s meeting.

#5-5, #auto-update, #core-auto-updates, #feature-plugins, #feature-projects, #feature-autoupdates

Auto-updates feature meeting summary: May 12, 2020

These are the weekly notes for the WP Auto-updates team meeting that happened on Tuesday May 12, 2020. You can read the full transcript on the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

Reminder, WP Auto-updates Feature PluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. is developed on GitHub and is available for testing on WordPress.org plugins repository.

Update on core patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing.

@pbiron is in charge of the core patch. It should be ready around the middle of this week. Paul asked whether it’s better to do a pull request against wordpress-develop GitHubGitHub GitHub is a website that offers online implementation of git repositories that can can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ repository or a diff file on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress..

@azaozz answered both would work, and have different pluses and minuses:

  • Pull requests can be reviewed in inline comments, but are harder to modify by different people.
  • A diff file would need to be applied to a svn checkout before testing, but easier to iterate (to make new diffs)

Paul will send a diff file.

WP auto-updates version 0.8.0

Here are the expected steps for the core merge:

  1. Publish the diff file on the related Trac ticketticket Created for both bug reports and feature development on the bug tracker. (#50052)
  2. After merge details are known, update Pull request #123 – Self-deactivate the plugin after the functionality has been merged to core
  3. Release WP Auto-updates version 0.8
  4. Commit the Trac diff file to WordPress Core

@azaozz noted that releasing version 0.8 after the diff is available on Trac is needed to make sure the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party can self deactivate once the diff file is merged into WordPress core. The check in version 0.7 doesn’t actually work with the patch, because the name of the function it is checking changed in the patch

The plugin’s options should also be deleted from WordPress installs once the plugin is uninstalled by sites owners. @audrasjb opened pull request #125 to handle that.

The team noted the feature plugin reached 900+ active installs. 77% are running version 0.7, 12% are running version 0.6 and 11% are running versions 0.6.0 or less.

@whyisjake also implemented prettier on the plugin. It allows to run CSSCSS Cascading Style Sheets./JSJS JavaScript, a web scripting language typically executed in the browser. Often used for advanced user interfaces and behaviors. lint check, using npm test , and to fix linting issues using ESLint --fix option.

Open floor

@azaozz shared some thoughts about keeping some stats on successful/failed autoupdates, on the WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. side. It’s not a blockerblocker A bug which is so severe that it blocks a release. for merging and can be added later. The idea is to potentially have anonymous/aggregated stats per plugin/theme. This is also related to the Tide project, which can use those stats to determine how “safe” an update may be.

@audrasjb asked if it’s directly related to this feature or if it should be handled in a separate ticket/project. For @azaozz, it is part of plugins and themes auto-updates, but it can be a separate Trac ticket.

@pbiron asked if we were talking about stats on the results of auto-updates, or about user preferences for what should be auto-updated (since whether an auto-update is attempted can be controlled by other plugins, such as Easy Updates Manager, etc). Andrew answered that it may be both.

@audrasjb asked what would be the main benefit for the end user? Having prompts to alert on “not recommended” updates? @azaozz doesn’t think it would be a direct communication but an auto-update may be eventually stopped/postponed if there are many failures.

@apedog wanted to mention a version-rollback feature for plugins. For them, it would become relevant as more installations start using WP Auto-updates feature plugin. @audrasjb answered it should eventually be introduced independently of auto-updates feature as it’s not only related to this type of updates mechanism. @apedog pointed out that breakage occurring from a manual update gives the user immediate feedback. An over-night auto-update (especially if multiple plugins/themes were updated) could make debugging much harder. @audrasjb added that the best way to move this independent project forward is to open a ticket on Trac if it doesn’t exists yet. @sergeybiryukov added that WP Core do perform a rollback if a background core update fails (enabled for minor versions by default), that might be helpful when looking into implementing this for plugins and themes too.

@apedog also asked whether WP Auto-updates log the previous version vs new version? For example, for a user encountering breakage from an auto-update. Site breakage can occur even on successful updates – simply due to conflictconflict A conflict occurs when a patch changes code that was modified after the patch was created. These patches are considered stale, and will require a refresh of the changes before it can be applied, or the conflicts will need to be resolved.. @audrasjb answered there is no such log mechanism in core, even for manual updates.

@pbiron asked @audrasjb if Pull request 121 – Add help tabs on update-core, plugins, and themes admin screens is going to be ready on time for version 0.8.0. @audrasjb is on it, but it will probably needs copy review.

The team agreed Help Tabs will be handled separately from the initial core patch, to give it time for copy review.

#auto-update, #core-auto-updates, #feature-plugins, #feature-projects, #feature-autoupdates

Auto-updates feature weekly meeting agenda – May 12th, 2020

Next meeting is scheduled on Tuesday May 12, 2020 at 17:00 UTC and will take place on #core-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel with the following agenda:

  • Update on coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing.
  • Feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins.’s scope for version 0.8
  • Prettier implementation
  • Open floor: issues & PR / other topics

Got something to propose for the agenda? Please leave a comment below.

#agenda, #auto-update, #core-auto-updates, #feature-plugins, #feature-autoupdates

Auto-updates feature meeting summary: May 4, 2020

These are the weekly notes for the WP Auto-updates team meeting that happened on Tuesday May 4, 2020. You can read the full transcript on the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

As a reminder, WP Auto-updates Feature PluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. is developed on GitHub and is available for testing on WordPress.org plugins repository.

Core merge announcement

Last week, we announced the incoming core merge of the Feature Plugin 💥

@whyisjake already opened the Trac ticket. It will be used to merge the feature into WordPress core.

However, @azaozz and other people raised some issues, especially with JSJS JavaScript, a web scripting language typically executed in the browser. Often used for advanced user interfaces and behaviors./AJAX implementation. Our top priority is to fix them before sending a full patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing. on TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress..

Version 0.7 scope: core merge prerequisites

Version 0.7.0 will be focused on core merge prerequisites.

@pbiron is currently working on cleaning the AJAX part of the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party. For reference, see PR #103 on GitHub. This is one of the major blockers before core merge and that’s why we absolutely need a new release before the core merge. @azaozz added that this pull request is almost ready to be merged.

While @pbiron is working on cleaning the existing AJAX code, @audrasjb will focus on other minor issues, like internationalization issues raised by @PascalC.

Once PR #103 is merged, the team will release version 0.7.0 and give it around one week to be tested before sending the patch proposal on Trac.

@azaozz pointed out issue #95 which raises some user interface issues. The setting that the users can change (enable|disable auto-updates) is actually the default setting. It can be changed at the moment of updating by plugins and by core. He thinks it should be reflected in the UIUI User interface to avoid giving wrong expectations to users. It can be addressed by changing the wording and/or the name of the functions, for example by replacing the existing functions with something like maybe_auto_update_plugins or default_auto_update_plugins. Concerning the interface wording, @audrasjb noted it could be addressed by changing the column heading: Enable/disable auto-updates or Toggle auto-updates so users could understand we’ll be able to disable it later. By the way, the team agreed this concern is not a blockerblocker A bug which is so severe that it blocks a release. for the merge.

After few discussions, it was also decided to remove the feature’s constants. Indeed, constants are used in WordPress core for specific cases:

  • Very early use, before WP is loaded
  • For use mostly by hosting companies/low level settings
  • Mostly for things that are really “constant” (never change)

@audrasjb will remove the existing constants once PR #103 is merged.

@azaozz also noted few small bugs on the AJAX action links. It kind of “jumps” when you click on the link, then “flashes” different text (when the networknetwork (versus site, blog) is fast) and the user cannot see/read the changed text, then it changes it again. These bugs are not a blocker for core merge and can be fixed in WordPress core after the merge. @pbiron noted that some of these bugs will be fixed in PR #103. @azaozz added that adding some delay (so text changes are readable) would be nice, or alternatively not changing the text while AJAX is running is another thing. (so there is only one text change instead of two).

The team also discussed the idea to add some filters for plugin authors to override what is outputted in the UI, for example to show something like “Updates enabled by [plugin/theme name]”.


Next meeting is scheduled on Tuesday May 12, 2020 at 17:00 UTC.

#5-5, #auto-update, #core-auto-updates, #feature-projects, #feature-autoupdates

Merge Announcement: Plugins & Themes Auto-Updates

After making the auto-updates project a feature plugin, the #core-auto-updates team is excited to announce that the plugins and themes auto-updates feature is ready for a coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. merge.

Here are the main features that have been developed:

  • The ability for website administrators to opt-in to automatic updates for plugins and themes.
  • Ability to enable/disable auto-updates on a pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party-by-plugin and theme-by-theme basis.
  • Multisitemultisite Used to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site support for both themes and plugins auto-updates.
  • Email notifications to send auto-update summaries to website administrators.
  • HooksHooks In WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same. and constants to help developers programmatically define auto-updates settings.

To be clear, plugin and theme auto-updates already exist in WordPress core, but these new features add a fully-featured user interface to allow administrators to opt-in to these features.The feature was developed on WordPress GitHub repository and tested for a few months as a feature plugin available on WordPress repository.

@audrasjb and @pbiron hosted weekly meetings on #core-auto-updates SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel, and those meetings allowed the feature to be developed at a good pace. While there are still some details currently discussed on GitHub, the feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. has been a great success, with more than 700 active installations. The plugins and themes auto-updates team is now excited to bring this feature to WordPress users and ship this feature in WordPress 5.5.

Site security is integral for modern website hosting, and bringing auto-updates to plugins and themes is a much-awaited feature in WordPress. This will allow website owners to more easily keep their site up-to-date and more secure. The core plugin team has also added a number of hooks that can be used by plugin authors and WordPress developers to customize the feature, including email notifications.

@whyisjake has opened a core ticket for the core merge. Any help is welcome to test the incoming patches.

Thank you to everyone who contributed to the feature plugin on GitHubGitHub GitHub is a website that offers online implementation of git repositories that can can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/: @audrasjb, @whodunitagency, @xkon, @desrosj, @pedromendonca, @javiercasares, @karmatosed, @mapk, @afercia, @gmays, @knutsp, @pbiron, @passionate, @nicolaskulka, @bookdude13, @jeffpaul, @mukesh27, @whyisjake, @paaljoachim, @ronalfy, @timothybjacobs, @wpamitkumar and @azaozz.

#5-5, #auto-update, #feature-plugins, #feature-projects, #feature-autoupdates