#46789 closed defect (bug) (fixed)
Site Health: PHP upgrade recommendation label should not be "security" when on a secure version
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 5.2 | Priority: | normal |
| Severity: | normal | Version: | 5.2 |
| Component: | Site Health | Keywords: | site-health has-screenshots has-patch commit |
| Focuses: | ui, administration | Cc: | |
| PR Number: |
Description
I have a site running on PHP 7.2.16, which is a supported and actively maintained version. It does not have any currently know security issues.
On the Site Health screen, I get the recommendation to update my PHP version with a label of Security. See attached screenshot.
I think this label should be changed to Performance in the instance where a user is using a secure and actively supported version of PHP. It's misleading to say a user needs to update for security reasons in that case.
The serve happy API, which is used for this test, returns is_supported and is_secure values. We should look at those to determine whether to show Security or Performance as the label.
Attachments (3)
Change History (8)
Note: See
TracTickets for help on using
tickets.
This is a good call, we should also do the same for core.
For MySQL, I'm thinking it should be performance in general, then security if it's outdated.
I've supplied 46789.patch which swaps all three around for clarity sake.