wpackagist
wpackagist copied to clipboard
outlandishideas
Some plugins always install in latest version
Hi there,
I've experienced that some plugins always install in the latest version although an older version is specified in composer.lock
{
"name": "wpackagist-plugin/cf7-grid-layout",
"version": "4.13.0",
"source": {
"type": "svn",
"url": "https://plugins.svn.wordpress.org/cf7-grid-layout/",
"reference": "trunk"
},
"dist": {
"type": "zip",
"url": "https://downloads.wordpress.org/plugin/cf7-grid-layout.zip?timestamp=1653228166"
},
"require": {
"composer/installers": "^1.0 || ^2.0"
},
"type": "wordpress-plugin",
"homepage": "https://wordpress.org/plugins/cf7-grid-layout/"
},
This seems to be related to download URLs that don't include a version number but a timestamp. Because these links seem always to point to the latest version the wrong version might be installed.
I've opened an issue in the plugin support forum and the author needs some hint where to change the download url: https://wordpress.org/support/topic/include-version-in-download-url/#post-16078572
He also points out that older versions are available through this page: https://wordpress.org/plugins/cf7-grid-layout/advanced/#download-previous-link
So maybe it's possible to always use these "previous download links" and not the default link on the blue "Download" button.
Currently we've seen this with the following plugins:
- https://wordpress.org/plugins/captcha-solution/
- https://wordpress.org/plugins/cf7-grid-layout/
- https://wordpress.org/plugins/cf7-polylang/
Best regards
