[wp-trac] [WordPress Trac] #47653: Site Health plugin security check

[WordPress Trac]

#47653: Site Health plugin security check
-------------------------+------------------------------
 Reporter:  galbaras     |       Owner:  (none)
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Site Health  |     Version:  5.2
 Severity:  normal       |  Resolution:
 Keywords:  2nd-opinion  |     Focuses:  administration
-------------------------+------------------------------

Comment (by brookedot):

 I was looking at this code today which brought me here. While I know this
 ticket is about changing the default behavior (and let me know if there's
 a separate ticket for filters) I think I would solve this with filters
 instead of changing the default behavior. This works well for the the
 recommended PHP Modules array allowing hosts and savvy users to disable a
 check while still being beneficial to the majority of users.

 In the case of inactive plugins, I would look at it as for the majority of
 cases the default should be recommendation they are removed as is the case
 today. Then I'd recommend we add a new  bool filter in
 `get_test_plugin_version` to not recommend the removal of inactive plugins
 but still ensure they are running the latest version.

 It likely doesn't make sense to allow specific plugins to be excluded
 looking at the current code since that would require a rewrite, but could
 also be useful if a rewrite was coming to list specific plugins that need
 to be removed or we break out inactive and active plugins into their own
 checks.

 Just my two cents, but do let me know if a filter like the one above would
 be helpful.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47653#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform