[wp-trac] [WordPress Trac] #43987: Block plugin updates if required PHP version is not supported - Plugins screen (was: Block plugins from updating if required PHP version is not supported)

WordPress Trac noreply at wordpress.org
Mon Jun 11 16:03:10 UTC 2018 

#43987: Block plugin updates if required PHP version is not supported - Plugins
screen
---------------------------------------------------+---------------------
 Reporter:  schlessera                             |       Owner:  (none)
     Type:  task (blessed)                         |      Status:  new
 Priority:  normal                                 |   Milestone:  5.0
Component:  Plugins                                |     Version:
 Severity:  normal                                 |  Resolution:
 Keywords:  needs-unit-tests servehappy has-patch  |     Focuses:
---------------------------------------------------+---------------------
Changes (by flixos90):

 * keywords:  needs-unit-tests servehappy has-patch dev-feedback => needs-
     unit-tests servehappy has-patch


Old description:

> **Note: This ticket is a subtask for the overarching #40934 ticket.**
>
> When a plugin states it requires a specific minimum PHP version through
> its "Requires PHP" header information and the server does not support
> this PHP version, WordPress should block any possibility to update the
> plugin. This way, plugins will stay at the latest release that still
> supports the server's PHP version.
>
> Some initial observations:
>
> - The plugin infrastructure might need to be changed to allow querying
> for "the latest release that still supports a given PHP version".
> - Plugin authors should have a way to push security updates for older
> releases prior to a PHP version bump, to not leave sites behind on
> vulnerable plugin versions.

New description:

 **Note: This ticket is a subtask for the overarching #40934 ticket.**

 When a plugin states it requires a specific minimum PHP version through
 its "Requires PHP" header information and the server does not support this
 PHP version, WordPress should block any possibility to update the plugin.
 This way, plugins will stay at the latest release that still supports the
 server's PHP version.

 Some initial observations:

 - The plugin infrastructure might need to be changed to allow querying for
 "the latest release that still supports a given PHP version".
 - Plugin authors should have a way to push security updates for older
 releases prior to a PHP version bump, to not leave sites behind on
 vulnerable plugin versions.

 This ticket's goal is to prevent plugin updates from the "Plugins" admin
 screen. With that, it complements #44350, which deals with preventing
 plugins from the general "Updates" admin screen.

--

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/43987#comment:17>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list