[wp-trac] [WordPress Trac] #60504: Plugin dependencies: Account for mu-plugin as dependency
WordPress Trac
noreply at wordpress.org
Mon Feb 12 12:30:46 UTC 2024
#60504: Plugin dependencies: Account for mu-plugin as dependency
-----------------------------+---------------------------
Reporter: johnbillion | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.5
Component: Upgrade/Install | Version: trunk
Severity: critical | Keywords: needs-testing
Focuses: |
-----------------------------+---------------------------
I believe there could be a situation where a plugin on a site gets
automatically deactivated despite its dependencies being met by a mu-
plugin, and subsequently that plugin cannot be reactivated.
I'm using "WooCommerce" and "WooCommerce Extension" as examples for
clarity.
* A site is using WordPress 6.4 or earlier which does not contain the
plugin dependencies feature
* The site is using WooCommerce as a mu-plugin
* The site is using WooCommerce Extension as a regular plugin
* WooCommerce Extension gets updated to the latest version which adds the
"Requires Plugins" header, and its update goes ahead as expected
* At a later date the site gets updated to WordPress 6.5 which does
include the plugin dependencies feature
* WooCommerce Extension now has an unmet dependency and gets automatically
deactivated, despite WooCommerce being in place on the site as a mu-plugin
* The site is now missing a plugin that ''cannot be reactivated'' because
its dependency exists as a mu-plugin
I've not had time to test this properly. There could be safeguards in
place to prevent a site from getting to this point (eg by preventing the
core update to 6.5), however the general problem of a mu-plugin fulfilling
a dependency remains. If a user circumvents a safeguard by manually
updating, they'll find themselves in the same situation where WooCommerce
Extension gets deactivated and cannot be reactivated.
* What safeguards are in place for this?
* How would a user recover from it regardless? Can they?
* Are mu-plugins accounted for at all within plugin dependencies? Should
there be a means of forcibly activating a plugin with unmet dependencies?
* Should plugins be automatically deactivated when their dependencies
aren't met? It seems potentially destructive
Related: #60491
Partially related: #60457
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60504>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list