Categories
Uncategorized

WordPress 5.6 Beta 4 Delayed, Auto-Updates Implementation Changed

Earlier today, release lead Josepha Haden announced the team was pushing back the release of WordPress 5.6 Beta 4 to Thursday, November 12. The beta release was slated to go live today. Questions around the readiness of the auto-updates feature held the beta update back. However, those questions are now resolved.
Haden followed up the Beta 4 announcement with a more in-depth picture of how auto-updates will change for WordPress 5.6. She summarized the current concerns, laid out a path for version 5.6 and 5.7, and discussed plans for the future. The auto-updates feature is not something that will be complete overnight or in just one release. There are complex technical hurdles that must be jumped and a need for a dedicated focus in upcoming releases.
Much of her post focuses on the tactics going forward. However, she mentioned in our chat that she does not want the community to lose sight of the big-picture, vision-setting aspects of the project.
“The subject of auto-updates has resulted in many complicated discussions,” she wrote. “As I reminded the release squad, decisions like these require us to remember that we’re contributing to over 30% of the web, and we have to balance our immediate needs with long term planning.”
The short-term plan is to allow current WordPress users to opt-in to major updates while enabling auto-updates for both minor and major releases for new installations. Some changes to the auto-updates UI are also in the works along with a plan to revise based on feedback in WordPress 5.6.1.
In WordPress 5.7, which is several months away, the goal is to add a nudge on the Site Health screen for anyone opted out of major updates. We could also see a setting to opt-into updates as part of the WordPress installation flow for new sites.
The big picture that Haden is talking about? That is to make sure that all WordPress installations are receiving auto-updates, that these updates are seamless, and that users are running a secure version of WordPress.
Nearly two years ago, WordPress project lead Matt Mullenweg outlined nine goals for 2019. One of those goals was to provide users a method of opting into automatic updates of major releases. It has taken WordPress a while to get there, but it is on the cusp of launching this feature that many have looked forward to.
Haden also further clarified that goal. She said that the long-term plan for both Mullenweg and the other original feature contributors was to always have auto-updates for major releases enabled by default.
Apart from those who already prefer to opt-out of any sort of automatic updates, some users’ trust in the system eroded a couple of weeks ago. The WordPress auto-update system updated sites to version 5.5.3-alpha instead of 5.5.2 — WordPress currently automatically updates only minor releases. While there was no difference between the two versions and the core team quickly resolved the problem, the damage to user trust was already done.
This was not an ideal leadup to the December launch of auto-updates for major releases.
However, one hiccup — one that was effectively not an issue — seven years after WordPress 3.7 launched with security and maintenance updates is not too bad. The system has been a boon to making the web a more secure place. Ultimately, that is what auto-updates are all about. The big goal is to make sure that all WordPress sites are running on the most secure version available.
“It’s important that whatever we implement isn’t taking us further away from our long term goals of having seamless, auto-updates across the project,” wrote Haden. “Auto-updates can help us have a more secure WordPress ecosystem, and in turn can help change the public perception of WordPress being an unsecure choice for users of any skill level.”
WordPress 5.6 delays, issues around auto-updates, jquery, meta boxes, block-based widgets, and navigation screen. Oh my!
Report
Exactly my thoughts, but as a WordPress developer you will always has somethign to do.
Report
There are tons of plugins that deal with auto-updates. The latest round gives the option for plugins and themes, not for core. All three should be optional.
I use this plugin: https://imgur.com/HGGGbpK
Here are the options, quite simple: https://imgur.com/cZIzMCB
What if an update done by the auto-update screws up the site?. Manual updates, I am right there to fix things if things break up, screw up, F*** up.
Forced auto-updates are so wrong.
To reply to some of the replies to my post here……….yes I know some people have clients, updating 100 sites take so long……..well, your clients pay you to keep things up to date (maintenance), update the sites manually. You shouldn’t be charging your clients if you turn on auto-updates, you aren’t updating/maintain if you do.
I update close to 385 sites for my clients. I get paid to do that, so I do it. Part of maintenance is to make sure the site does not screw up.
Report
They need to create a user friendly UI for the automatic plugin updates like toggles. Currently it’s hard to distinguish where it is activated and where it’s not.
Report
Security is essential in any site.
WP (30% of them) has an additional responsibility on that matter.
Wouldn’t a core backup system resolve the big issue – breaking sites?
A “simple” rollback one. Just some snapshots of plugins, themes, WP versions in a before/after update state?
And even a way to automatically detect if the site is down, rollback and warn the developer?
Report
One of my plug-ins crashed my site after an update.
I restored the site to a backup from a few days ago and before I could do anything it auto-updated to the buggy plug-in and crashed again.
I was stuck in this loop until I went back far enough to where I hadn’t set my auto updates on.
No more auto updates for me. Thanks.
Report
Will automatic updates still occur even if your installed plugins aren’t indicating they’re tested with the update?
I’m thinking of what’s going to happen when you have a combination of things like 1) old plugins, 2) new WordPress versions that have updated jQuery, and 3) auto-updates enabled…. that sounds like a recipe for automated site failure.
Report
These are all very good questions. I’ll see if I can find out or get someone with more knowledge of this to respond.
Report
Hi David,
No, it doesn’t work that way. The “Tested up to” field is here to indicate on which maximum version of WP the plugin has been tested and this information is used to display a message indicating that the plugin has not been tested on this version of WordPress in the plugin installation screen, but that’s all. This is not used to actively prevent the installation of the plugin.
Worth noting that the only actively and officially supported version of WordPress being the latest version released, there is currently nothing preventing the installation of a plugin that does not indicate that it has been tested with the current version.
Have a look on the plugin installation screen, and scroll through the plugins list: there is a message to show if the plugin was tested or not with the current version of WP (= “Untested with your version of WordPress” for example), but you can always install it if you want to.
Report
From a security and software development standpoint changes to a production environment should go through a testing and change management procedure. I’ve personally had far too many plugins and WP update wreck my site to allow auto updates (not to mention how many Windows updates have bricked computers over the years). I’ve disabled them all (core, plugins, themes) and now have a set update schedule that follows a system-wide backup.
Report
Auto update feature seems way to risky to me without an auto restore / rollback feature in case of failure. I wouldn’t like to wake up one morning to a dozen of crashed sites and angry emails from clients.
Report
Your email address will not be published. Required fields are marked *









This site uses Akismet to reduce spam. Learn how your comment data is processed.
Enter your email address to subscribe to this blog and receive notifications of new posts by email.


WordPress Tavern is a website about all things WordPress. We cover news and events, write plugin and theme reviews, and talk about key issues within the WordPress ecosystem…read more →
Proudly powered by WordPress.

source

Leave a Reply

Your email address will not be published. Required fields are marked *