Elevated Plugin Update Notification

  1. Joseph Kesisoglou

    As we already receive notifications for plugins & theme updates, I am suggesting to have an elevated notification system solely for security reasons.

    The third-party developer has to flag their update as a security crucial one, and thus the admin/manager of the website knows to set the update in priority.

    The idea sprung out of the inability to perform an update instantly on a clients website, because one has to go through the changelog before, so as to minimise risk of new updates causing issues with other plugins, child themes and any other custom WordPress feature.

    If there was a security flag on the notifications one can know to not set the updates aside, but move forward with considering updating before it's too late.

    Obviously the elevated states should be under consideration. I am suggesting the Security related one, I am certain there is room for other states of notification.

    To expand on the functionality of the idea, the flagged update notification could also deliver an email through the WordPress admin email, or to any other parties involved in maintaining the installation.

    Furthermore, I believe this feature can open up room for new plugins in the notification delivery pool through other services APIs, SMS or any automation workflow platforms.

    I can already see this idea fitting perfectly with the currently REST API-oriented WordPress.

    Posted: 1 year ago #
  2. Ipstenu (Mika Epstein)
    Lead Plugin Wrangler

    It's not currently possible, due to the type of API we have on Plugins (which is not the same as on WP core). The biggest issue is who is in charge of flagging those updates? If it's the end developers, I'm sad to say they're not reliable or dependable enough for it. If it's the plugin review team, then we would need a lot of people to review, vet, and mark those daily.

    It's a great idea, but it's not possible to automate on a scale that would make it work just yet.

    Posted: 1 year ago #
  3. Hi Mika, thanks for your response and constructive feedback.

    I was afraid that someone would mention the responsibility aspect, which is the hardest to solve some times, perhaps greater that technological implementations.

    I wasn't aware of the differences in the APIs and thanks for pointing this out.

    Of course getting more people to review plugins doesn't sound elegant and very against of what automation is all about.

    I am assuming that one day WordPress will have a more unified look and feel that will allow for ideas such as this to become easily implemented into core.

    Posted: 1 year ago #

RSS feed for this topic


You must log in to post.

  • Rating

    3 Votes
  • Status

    This idea is under consideration