You are best off using the WP core functions as file validation occurs here. As for removing extraneous files that is best done in the file to be downloaded.
There are many hooks in the process take a look in wp-admin/includes/class-plugin-upgrader.php. The upgrader_pre_install or upgrader_pre_download hooks might be useful to your process.
I still believe what you’re describing will need to be done on the downloaded zip before handing it off to the update process.
What are you trying to accomplish?
We’re trying to replace an older plugin called “WP Easy Uploader” that we install on dev/test sites, so that developers can upload code. That plugin doesn’t honor, or intentionally ignores, the fact that DISALLOW_FILE_MODS is set in our sites’ wp-config.php files, which is useful in our case. But it doesn’t do any real validation, it will let you do unwise things like upload over parts of core, and it doesn’t work on PHP 7.
Since we want to replace (part of) that functionality anyway, might as well try to improve upon things. Specifically, when you grab a zip file from Bitbucket or Github, the file often has silliness that we want to correct. (Example: Bitbucket usually names the top-level directory orgname-slug-commit, but WordPress expects just the slug, for instance. If you don’t fix this you end up with a half-dozen nearly-identical copies of the same plugin.)
So, my goal is eventually to write an in-house plugin/theme uploader and updater, that detects and resolves (when possible) the odd things that are likely to crop up in uploaded files, then hands them off to the built-in update routines. If I can do the cleanup on an already-uploaded file, that would save a manual step, but if that’s not possible I could settle for detecting such things, and stopping the update with a suitable end-user notification.
Handling uploads isn’t too hard, and cleaning up an uploaded zip file isn’t too hard; I just need to work out how to take the (potentially-modified) zip and hand it off to the internal plugin and theme updaters.
Now that I know where to look, it looks like it might be as simple as:
Get the location of the uploaded file (probably somewhere in /tmp)
Inspect the file, correct those things which can be corrected
Create an instance of WP_Upgrader and feed the file to $upgrader->run()
Almost anything with ‘automatic’ in the description will be a hard sell to our hyper-conservative upper management (for the case of a mistaken commit followed by a late-night automatic update that WSOD’s the site). But I’ll dig into it a bit more, and if nothing else I may steal borrow some code.
Updating would still be done via the dashboard. While it’s possible to automatically update, that’s not the default behavior.
Feel free to borrow steal some code. 😉
There’s loads of info in the wiki
Unfortunately, I ended up creating my own plugin for this (it’s actually part of a much larger in-house plugin). I do wish there were a way to actively modify an uploaded theme or plugin, but I understand I’ve got a really niche use-case.
(Yes, it basically did boil down to instantiating my own copy of Plugin_Upgrader or Theme_Upgrader, feeding it the appropriate arguments, and doing $upgrader->run().)
