Opened 2 years ago
Last modified 2 years ago
#56318 assigned enhancement
Add auto-update fatal error protection
Reported by: | apedog | Owned by: | afragen |
---|---|---|---|
Milestone: | Future Release | Priority: | normal |
Severity: | normal | Version: | |
Component: | Upgrade/Install | Keywords: | |
Focuses: | Cc: |
Description
When manually activating or updating plugins from the Plugins page, WordPress core sandboxes the plugin on activation. If the plugin errors out - the error is output to an error notice and the plugin is deactivated. Installation does not fatal crash.
Auto-updates does not sandbox the plugins. After an auto-update the plugins are not sandboxed on the next page load. This can result in a fatal crash.
Equivalent error-protection should be added to auto-updates as are available on manual updates/activation.
Change History (8)
This ticket was mentioned in Slack in #core-auto-updates by apedog. View the logs.
2 years ago
#2
@
2 years ago
- Component changed from Plugins to Upgrade/Install
- Type changed from defect (bug) to enhancement
- Version set to trunk
This ticket was mentioned in Slack in #core-auto-updates by afragen. View the logs.
2 years ago
#6
@
2 years ago
- Milestone changed from 6.1 to Future Release
Setting to Future Release as #51857 upon which this would dependent has been re-tasked.
To test the plugin you will need the Rollback Update Failure feature plugin installed and active. In my testing it works.
The only issues are that after the PHP fatal errors are caught and the rollback occurs, any further script execution halts. This means that any subsequent plugins scheduled to auto-update won't. Bulk auto-updates occur alphabetically by slug.
I don't plan on creating a PR until #51857 is committed, but by all means test away and leave feedback on the GitHub repo.
#7
@
2 years ago
- Version trunk deleted
Removing trunk
, as Version is for the first version of WordPress affected by a report.
#8
@
2 years ago
Currently the rollback-auto-update
plugin referenced above is working. It does require the Rollback Update Failure feature plugin to be installed and active.
To fully test you would need a plugin that updates and whose update has a fatal error when the plugin is activated. I've been running these tests continuously for the past several weeks.
I actually think the proper way is to hook something into the Rollback code.
Coincidently enough, I spent the day doing just that with @costdev and @pbiron.
It seems to be working but needs more testing.
If you want to see what we're working on it's a Work in Progress