[wp-trac] [WordPress Trac] #57719: UpdateURI fails to prevent it's intended purpose
WordPress Trac
noreply at wordpress.org
Tue Feb 14 17:42:20 UTC 2023
#57719: UpdateURI fails to prevent it's intended purpose
--------------------------+-----------------------------
Reporter: edouble74 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version: 6.1.1
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Line:
https://github.com/WordPress/WordPress/blame/ab357891753b86b192d6efd6713a3bca35fc8b76
/wp-includes/update.php#L466
The isset( $updates->response[ $plugin_file ] ) check should not be
present, as it defeats the purpose of UpdateURI and the original
addition/commit ("This allows third-party plugins to avoid accidentally
being overwritten with an update of a plugin of a similar name from the
WordPress.org Plugin Directory.")
If there is already a response from the plugin check at
http://api.wordpress.org/plugins/update-check/1.1/, the plugin with
UpdateURI is skipped and therefore, the apply_filters(
"update_plugins_{$hostname}"... is also skipped.
If a plugin author specifies an UpdateURI, this should always take
precedence over a similar named plugin in the WordPress plugin repository
Commit:
https://github.com/WordPress/WordPress/commit/9fbc705dc0740bdd2a4d80569f11e400520e599e
I can submit a pull request to https://github.com/WordPress/wordpress-
develop if we can agree this is a bug
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57719>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list