14 Comments

  1. John Blackbourn

    It’s worth pointing out (and Andrew Nacin will attest) that a huge amount of the work done on shoring up the reliability of auto updates has been done by Dion Hulse (dd32). Big props to all those who’ve been working on this feature!


  2. Good to hear it’s going so well. I have been lazy and are still relying on SVN to update everything. I should turn that off so that I can test it out properly.

  3. Miroslav Glavic

    Will the auto upgrades have an option to turn them off? What if I am editing the footer or any other file and the auto upgrade thing tries to update?


  4. Sigh… talk about missing the point. The danger with automatic updates isn’t that the update itself will fail. In three years of using WordPress continually, I never had an update fail me.

    No, the danger is that a perfectly successful update will break something in the website. A plugin. A theme. Some other customization. And you won’t know until the next morning… or until Monday morning… or until you return from vacation. And by that time you won’t even be able to tell if it was the update that broke things or something else. You’ll lose readers, and possibly buyers, you’ll waste time and energy, and all because a dumb piece of software thought it knew better than a human being.

    I’m one of those 25% who will never, ever enable auto-updates in any way, shape or form. Too bad you refuse to understand why.


  5. Miroslav > It shouldn’t affect your theme – unless of course your theme is TwentyTen, TwentyEleven, TwentyTwelve, TwentyThirteen or TwentyFourteen (I just noticed I had all 5 of them in my theme folder). If you’re using a completely different theme other than the WordPress defaults, or you’re using a child theme of the defaults, then you should be fine as far as your modifications go.


  6. Felix > It’s always a concern, yes. However a security fix shouldn’t affect or break a site too much. A major update, maybe. Having said that, these updates aren’t for people who regularly visit, maintain & update their sites. The auto-updater is aimed more towards those who basically ‘set and forget’.


  7. @Felix – This is why this feature is for security and minor releases only. We’re talking a limited number of carefully considered fixes to address security issues or major bugs. We’ve been doing this a long time and have gotten extremely good at avoiding breaking plugins or themes (even the terribad ones).

    One can enable background updates for major releases too. It’s no more difficult for us to implement — but, of course, it is more difficult for us to avoid breaking sites. We aren’t missing the point. This is the point right here. We know how dangerous and scary this can be, which is why we’re doing this extremely carefully. We’ve been collecting an absolute ton of stats in 3.7, and we’ve also made updates much more reliable both of which are setting the stage for us to continue to improve the stability of updates. Not just the update process, or the ability to detect actual compatibility issues or failures, but approaching WordPress development in such a way that we can continue to keep plugin conflicts to a minimum.

    We also have the ability to roll out an automatic update slowly. Assuming 3.7.1 isn’t a pressing security release, we’ll be able to release it, wait 48 hours, then release it 1% of installs (let’s say), then slowly increase that percentage for a day or two, specifically watching for failures, support requests, and the like.

    And yes, updates do fail, even if you’ve never run into one. Even if 99.9% succeed, that’s still tens or hundreds of thousands of sites. Which means we have no choice but to be perfect.

  8. Sarangan

    @Felix
    It’s better to wake up on monday morning and find your site broken than you wake up and find your site was hacked because there was a security hole in WP. Automatic update is only for security fix releases. Security fix releases will not break your site.


  9. I think this fantastic and yet scares the hell out of me.

    I’ll be turning this off for client sites – it is incredulous there is so much support for auto-updates, I can only surmise that auto-updates are supported by folks that don’t use change-management …

    Certainly every release I’ve seen has required plugin / theme updates to support core changes. And who can forget the fiasco with WordPress 3.2?

    The ‘WordPress Update Blew Up My Website’ posts will be along shortly…


  10. @Sarangan –
    auto update’s most limited level is not for security releases only – at least according to the 3.7 release notes (and other duscusssions earlier). It is security and minor releases.




  11. Bob

    THIS UPDATE BLEW UP MY WEBSITE !!!!
    not happy :( I was using a heavilly modified 2010 theme, the default 2013 didn’t even work…

    gonna have to go back to 3.6 and stay there… SUCKS !!!

Comments are closed.