[wp-trac] [WordPress Trac] #50455: wp_check_php_version() does not account for backporting and therefore leads to confusing user messages about PHP security
WordPress Trac
noreply at wordpress.org
Sun Oct 11 11:48:44 UTC 2020
#50455: wp_check_php_version() does not account for backporting and therefore leads
to confusing user messages about PHP security
--------------------------+---------------------------------
Reporter: robert.peake | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Site Health | Version: 5.1
Severity: normal | Resolution:
Keywords: 2nd-opinion | Focuses: ui, administration
--------------------------+---------------------------------
Comment (by Clorith):
I'm afraid I'm not convinced here, putting such an administrative burden
on us to know what distros backport, which versions of distros backport
what versions, what about those specialized distros that aren't mainstream
but still used, not to mention hoping hosts are applying backports, it is
just not feasible I believe.
Adding on that the aim of the Site Health is to let users self-service
their site, if there's a potential for their site running insecure
software, the user should know, and have the option of engaging their
host, or finding a new one if such an engagement doesn't end as expected.
Is this a popular stand to take for those who apply backports? Absolutely
not, but at the same time such hosts could utilize the filters in place to
reflect that their version of PHP is acceptable.
There are multiple ways they can do this, either by changing the test
using the `site_status_tests` filter, changing the result of the check
using the `site_status_test_result` filter, or maybe even filtering the
ServeHappy API lookup directly using the `http_response` filter.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50455#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list