Automate Security Releases
|Reported by:||ericmann||Owned by:|
|Component:||Upgrade/Install||Keywords:||needs-patch dev-feedback ux-feedback|
When security releases are published, several less tech-savvy users might neglect to update in fear of breaking their site. In reality, security/maintenance releases don't change the core API and shouldn't break anything*.
We should have an option (disabled by default) that allows these X.X.1-style security updates to happen in the background. This will keep sites updated and secure and (hopefully) prevent the inevitable "I wanted to wait to install 3.0.2 and someone hacked my site while I was waiting" support requests.
The option should be disabled by default, but when users are on the update screen they should see an option to "install security releases automatically."
Major releases should always require an explicit action from the user to update the site as they can break themes and plug-ins and could potentially update database schema.
- Except in the rare occasion where a developer hacks core.
Change History (6)
- Keywords dev-feedback ux-feedback added; needs-dev-feedback needs-ui-feedback removed
- Milestone changed from Awaiting Review to Future Release
- Type changed from enhancement to feature request