wp-autoupdates
wp-autoupdates copied to clipboard
WordPress
Automatically rollback to previous version if fatal errors detected after update.
Migrated from: https://github.com/audrasjb/wp-autoupdates/issues/31 Previously opened by: @danieliser Original description:
The one thing that makes this safe to use on production sites seems to be missing.
If a new plugin update all of a sudden causes a fatal error I assume the WP core error detection and notifications will kick in, but this is not ideal for something that is running on autopilot.
I'd suggest something along the lines of what the Easy Theme & Plugin Upgrades plugin does and backup the current copy of the plugin/theme to a zip in the uploads folder.
Further if an error is detected during the update process or within a defined period of time shortly after, the older version should be restored and a notice sent about the error information to the admin.
- Backup existing version to zip file in uploads folder.
- Install new version.
- Set flag/transient that it was _recently_updated.
- Listen for errors until that flag expires.
- If an error occurs:
- email admins relevant info
- revert to previous version
- disable auto updates for this plugin until reviewed.
Previously commented by: @audrasjb Original comment:
Hi,
Thank you for raising this but it's not in the scope of the Core feature for the moment. Let's discuss this in the next few weeks but I really feel we're out of the scope and it will remains plugin’s territory. But I prefer to keep the issue open so it could be discussed as we're in the earlier stage of the feature.
Thanks
I think this one is a simple no brainer as much of the work is done for us already.
- Backup plugins before auto update: borrow from Easy Theme & Plugin Upgrades plugin.
- Detect errors after upgrade & activation: WP Core's built in error detection could easily do this. A little sniffing on the error message could tell which plugin, or better yet process the plugin upgrades one at a time, reactivating and checking for fatal errors on the home page and wp-admin pages before moving to the next.
- Restoring: basically the same as installing, but from a local source in
wp-content/uploads. - Notify admin either in the error notification email, or via a dashboard notice that the upgrade failed, better yet include error details there as well if available for quick reporting to the author of the plugin with a new ticket in the forums or such.
Might not make the cut in the first draft, but I have a feeling if you roll this out without some type of protection added relatively quickly you will see a lot of people report issues the first time this happens with a larger plugin. Like early gutenberg this could scorn many users away from this much needed functionality. Sites could be down days before site owners notice in some cases. Not you or I of course, but the average WP user. Just don't want to see the negatives impact forward progress on something this crucial to WP security.
Hi @danieliser, sorry for the delay 🙂 Yes it may be doable, but I don't think it's in WordPress core scope. I'll ask during today's devchat.
Currently the Updates API also passes the plugin/theme slug and the current version. This can be use to create a rollback package URL as https://downloads.wordpress.org/plugins/{$slug}.{$current_version}.zip.
This could be stored in a short term transient and then it wouldn't need to be downloaded and stored. Simply run the updater on the stored URL for a rollback.
Though it's not really the Updates API that provides the current version, it might be more helpful if this could be added to the API return.
I see there is now a core feature plugin for this :) thanks to @afragen
https://wordpress.org/plugins/rollback-update-failure/