WP Tavern › Forums › Create Topic
loganyott Instead of this, maybe we can take a few incremental steps? 1. Can we please fight for a better plugin management system in core than using FTP? It makes it a larger hassle to update plugins than the process needs to be. There are lots of ways to incorporate Composer into WP right now as a developer, but it’s never standard. Integrating Composer would save a lot of time managing plugin/theme versions, discourage users from making hard edits to files they shouldn’t be, and be more VCS friendly. 2. Perhaps we can start letting plugin developers flag a release as a security update? I’ve used this a lot with Drupal as it quickly identifies what updates are features (and may not be necessary enough to soak up precious dev time and money) vs. security patches that should be immediately updated. 3. An alternative and more controversial option would be allowing plugins to declare dependencies. Maybe myPlugin declares it depends on yourPlugin v1.3. However, no one depends on otherPlugin, so it can be (more) safely autoupdated. This would at least give users and developers a chance to prevent autoupdating on plugins that they want to test before deploying.
loganyott
Instead of this, maybe we can take a few incremental steps?
1. Can we please fight for a better plugin management system in core than using FTP? It makes it a larger hassle to update plugins than the process needs to be. There are lots of ways to incorporate Composer into WP right now as a developer, but it’s never standard. Integrating Composer would save a lot of time managing plugin/theme versions, discourage users from making hard edits to files they shouldn’t be, and be more VCS friendly.
2. Perhaps we can start letting plugin developers flag a release as a security update? I’ve used this a lot with Drupal as it quickly identifies what updates are features (and may not be necessary enough to soak up precious dev time and money) vs. security patches that should be immediately updated.
3. An alternative and more controversial option would be allowing plugins to declare dependencies. Maybe myPlugin declares it depends on yourPlugin v1.3. However, no one depends on otherPlugin, so it can be (more) safely autoupdated. This would at least give users and developers a chance to prevent autoupdating on plugins that they want to test before deploying.
Name *
Email *
Website:
Topic Title (Maximum Length: 80):
Forum: — No forum —AI and WordPress Articles Blocks Showcase Discussions Events Introductions Jobs and Working in WordPress Podcast Episodes Site and Block Editor
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Email Address
Submit
Enter the destination URL
Or link to existing content
