WordPress.org

Make WordPress Core

Opened 2 years ago

Last modified 4 months ago

#47315 new defect (bug)

Download authenticity message has no actionability

Reported by: jipmoors Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 5.2
Component: Upgrade/Install Keywords: needs-patch needs-copy-review
Focuses: ui, accessibility, administration, ui-copy Cc:

Description

Problem

While testing some upgrades of themes I noticed the following message:

The authenticity of twentynineteen.1.4.zip could not be verified as no signature was found.

As a user I have no idea what this means and more importantly, what I can do about it.

Proposed solution

Add more context about what it means, why it is a not a blocker (soft-fail) when this is the case.
This could be a page on WordPress.org or explained in-line.

Provide a context on where this should be solved, locally/server/WordPress.org

Expectations

I would have expected the theme update to be verified as it is downloaded from WordPress.org directly.

Change History (10)

This ticket was mentioned in Slack in #accessibility by afercia. View the logs.


2 years ago

#3 @karmatosed
2 years ago

  • Keywords needs-design-feedback added

#4 @afercia
2 years ago

  • Keywords needs-copy-review added; needs-design-feedback removed
  • Milestone changed from Awaiting Review to Future Release

Discussed during today's accessibility bug-scrub. Pinging @pento as the Upgrade/Install component maintainer.

Also relevant:
https://wordpress.org/support/topic/5-2-1-update-authenticity-of-update-could-not-be-verified/

Copy could be improved here. The part The authenticity of twentynineteen.1.4.zip could not be verified is already a bit hard to get for non-tech-savvy users. Then, when it comes to signature, it's probably a bit too much technical :)

Pinging also @marybaum

Last edited 2 years ago by afercia (previous) (diff)

#5 @Hareesh Pillai
23 months ago

  • Focuses ui-copy added

#6 @SergeyBiryukov
10 months ago

#51428 was marked as a duplicate.

#7 @SergeyBiryukov
10 months ago

#47343 was marked as a duplicate.

#8 @SergeyBiryukov
9 months ago

#51672 was marked as a duplicate.

#9 @bridgetwillard
4 months ago

Happy to write copy, y'all. I'll need a bit more information.

What does it mean that the file wasn't verified?
What is the signature?
What is the solution?

Thanks.

#10 @s0what
4 months ago

Is this fixed now? Because I got this message when upgrading to 5.7
If this is not fixed, please remove the message!

Note: See TracTickets for help on using tickets.