Make WordPress Core

Opened 4 years ago

Last modified 5 weeks ago

#47315 new defect (bug)

Download authenticity message has no actionability

Reported by: jipmoors's profile jipmoors Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 5.2
Component: Upgrade/Install Keywords: needs-patch needs-copy-review
Focuses: ui, accessibility, administration, ui-copy Cc:

Description

Problem

While testing some upgrades of themes I noticed the following message:

The authenticity of twentynineteen.1.4.zip could not be verified as no signature was found.

As a user I have no idea what this means and more importantly, what I can do about it.

Proposed solution

Add more context about what it means, why it is a not a blocker (soft-fail) when this is the case.
This could be a page on WordPress.org or explained in-line.

Provide a context on where this should be solved, locally/server/WordPress.org

Expectations

I would have expected the theme update to be verified as it is downloaded from WordPress.org directly.

Change History (13)

This ticket was mentioned in Slack in #accessibility by afercia. View the logs.


4 years ago

#3 @karmatosed
4 years ago

  • Keywords needs-design-feedback added

#4 @afercia
4 years ago

  • Keywords needs-copy-review added; needs-design-feedback removed
  • Milestone changed from Awaiting Review to Future Release

Discussed during today's accessibility bug-scrub. Pinging @pento as the Upgrade/Install component maintainer.

Also relevant:
https://wordpress.org/support/topic/5-2-1-update-authenticity-of-update-could-not-be-verified/

Copy could be improved here. The part The authenticity of twentynineteen.1.4.zip could not be verified is already a bit hard to get for non-tech-savvy users. Then, when it comes to signature, it's probably a bit too much technical :)

Pinging also @marybaum

Last edited 4 years ago by afercia (previous) (diff)

#5 @Hareesh Pillai
4 years ago

  • Focuses ui-copy added

#6 @SergeyBiryukov
3 years ago

#51428 was marked as a duplicate.

#7 @SergeyBiryukov
3 years ago

#47343 was marked as a duplicate.

#8 @SergeyBiryukov
3 years ago

#51672 was marked as a duplicate.

#9 @bridgetwillard
2 years ago

Happy to write copy, y'all. I'll need a bit more information.

What does it mean that the file wasn't verified?
What is the signature?
What is the solution?

Thanks.

#10 @s0what
2 years ago

Is this fixed now? Because I got this message when upgrading to 5.7
If this is not fixed, please remove the message!

#11 @SergeyBiryukov
19 months ago

#54495 was marked as a duplicate.

This ticket was mentioned in Slack in #core by sergey. View the logs.


17 months ago

This ticket was mentioned in Slack in #core by redsweater. View the logs.


5 weeks ago

Note: See TracTickets for help on using tickets.