17 Comments

  1. Miroslav Glavic
    · Reply

    Perfect example to turn off ALL automatic updates.

    Do manual updates, in case something goes wrong and breaks your site…you can fix it if you are in front of your computer.

    Report

    • Alex Sirota
      · Reply

      Unless of course you’re responsible for managing hundreds or thousands of websites for your customers. Then you need something else.

      Report

      • Miroslav Glavic
        · Reply

        If an automatic update screws up hundreds or even thousands of your clients sites………..if you are there doing the updates, you can start right away to fix the issue(s).
        That is what your clients pay you to (the ones that pay for maintenance), for YOU to maintain them, they don’t pay WordPress to update itself. This is a general you, not you specifically.

        I have had to update hundreds of sites at once. It took me a while but I did it in under 24 hours.

        My clients pay ME to update not WordPress.

        I think it’s lazy to charge clients for maintenance and then let the automatic updates do it for you.

        Report

  2. Jake Spurlock
    · Reply

    Hey Sarah, thanks for writing up a synopsis about the eventful day that we had today! I just wanted to offer a few corrections, as user trust is incredibly important, and we went into all changes today with user trust at the front of our minds.

    WordPress’ Core systems team had an eventful Friday when an error in the auto-update system caused sites to update to WordPress 5.5.3-alpha-49449, including live production sites with no auto-update constants defined.

    Auto-updates do not need constants defined, or special settings to receive auto-updates on minor releases. This is a core feature of WordPress that makes it possible to dole out features to millions of sites over the hundreds of releases over the last few years. With the 5.5.2 release on Thursday, we auto-updated code to 19 versions of WordPress. All of the way back to 3.7!

    The primary issue that led to today’s release stems from the way that WordPress handles database connections. We added a change to the 5.5.2 release, and then after that release, an issue was reported that installations were failing. With failing installations in mind, the release team jumped into action knowing that if installs are prevented, that’s obviously a huge issue, and we aimed to resolve this as soon as possible.

    To slow the spread of this problematic update that was already rolling out, we wanted to change the API to prevent new downloads while we fixed the problem and rolled out a new minor release. The update API was rolled back by the systems team to 5.5.1 as a stop-gap.

    Unexpectedly, it caused this 5.5.3 alpha state for a small subset of sites that were connected to the update server during this window of about 24 minutes. After realizing the problem, a change was made to pin the version and stop the updates.

    It was after this change that the reports started coming into Trac and the WordPress.org slack. Obviously, this was an unintended result of the change. Triaging the issues, both in the forums and in Trac, was carried out quickly.

    The minor release team returned focus to the pressing issue around installations and they were able to pull the release together. The change was backported from WordPress 5.5 to WordPress 5.1, fixing all sites that would be affected, both with the alpha status, and the installation issue.

    Ideally in testing, both user and automated, we would have caught this issue ahead of the release. That’s not what happened, but I am incredibly proud of how the WordPress core team was able to roll out a fix successfully to the millions of sites that connect for updates.

    Report

  3. Vinny O'Hare
    · Reply

    So now we have to go in and delete themes that were updated that weren’t even on the site anymore?

    Is there going to be an update? I have like 15 sites that auto updated which I need to turn off auto updates on.

    Report

    • Yep
      · Reply

      I always hated havinga cluttered Themes folder and having to delete each one again after each update, even a minor one. I don’t know why WP continues to enforce default themes when most people don’t use them. I don’t need that clutter, along with the Hello plugin & Akismet.

      Report

    • Otto
      · Reply

      The update is already out. 5.5.3 fixes the issue.

      If your site happened to update within that 24 minute window, then you may have gotten some extra themes installed. You can remove them if you don’t want or use them. They’re not active and don’t do anything.

      Report

      • Gary Taylor
        · Reply

        … except that Site Health and similar tools will point out that having unactivated themes (and plugins) is a security risk and that you ought to delete them. My sites weren’t affected as I find no additional themes – which makes sense, you can’t auto-update one-third of the world’s websites in 24 minutes. Probably.

        Report

        • Otto
          · Reply

          This is generally true and decent advice, however, these are the core themes, and have no known security issues in that respect. Simply having them there is not a risk. Direct access to files is not usually a concern for themes, as the various templates need the underlying WP engine to be running for them to do anything.

          Report

  4. Will Stocks
    · Reply

    I wonder how this will affect the development and rollout of the auto-update functionality on themes/plugins front moving forwards, as that was already a fairly divisive feature as-is. Plugins I can kind of agree with (again, for minors not majors), but if WP core can’t be securely maintained… does not bode well?
    Furthermore, how does this affect the even more divisive “major auto-updates” feature that was in discussion a short while ago? If minors can’t even be securely managed, surely handing over majors is a no-go?
    Fuel for the “don’t do it” camp (of which, I admit I was a part of)?

    Report

    • Otto
      · Reply

      Plugins and themes use a separate prices than core, and so are not affected by this at all, really. For plugins, you can turn on auto updates yourself as of 5.5 and that’s pretty much where that will remain for a while. There are no plans to start auto updating those outside of that switch functionality.

      For themes, auto updates are different and not planned yet at all, because of the inherent differences there. One would need to detect changes to themes first, since not everybody uses child themes, and that needs a lot more thought. Themes are far more prone to modification.

      Report

  5. Cody Sharp
    · Reply

    Agency owner here – 50+ websites affected. I appreciate Jake providing more details on what happened but it makes me nervous of how these updates could go wrong when auto update is on.

    Report

  6. Jonathan Bailey
    · Reply

    Thanks team for great response and diligence!

    Report

  7. Louis
    · Reply

    Nice to see more people beginning to really think about the “Automatic Updates”. I warned against them before 3.7 was released. Back then they used the term “Bozo’d” for shadow banning and that’s what happened to me for disputing with Nacin.

    Told ya so!

    All it takes is for one rogue developer or someone not paying attention for something to happen to a whole lot of websites. Turn off automatic updates.

    Report

  8. Torie
    · Reply

    It’s concerning that there wasn’t more oversight about this. With one site on WordPress.com and the other on WordPress.org, I keep thinking about moving the .com site to a self-hosted .org for all the advantages, then I remember it’s such a headache when things glitch.

    Report

  9. Mekanagadde
    · Reply

    The WordPress 5.5.3 maintenance release contains no apology for the issues, only “thanks and props” to the development team for fixing the problems that they introduced.

    Report

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: