Latest version reported incorrectly. Will not update via WP

That’s it! This is caused by the Bellevue theme. Thanks for putting me on the right track.

Actually, it’s a bit more complicated. It’s actually a single instance, but the Bellevue theme is causing the plugin update system to report the wrong available version.

I’ll explain in a bit more detail for the benefit of others who have the same problem.

Bellevue being just a theme, does not exactly bundle Kirki, but it bundles an installer that installs Kirki. That should be fine, but when I grepped for kirki in the Bellevue codebase and found that it is using the Plugin Update Checker library.

https://github.com/YahnisElsts/plugin-update-checker

This is really intended for managing plugins that are outside the WP ecosystem (self-hosted, Github, Bitbucket, Gitlab).

Basically, it points to a JSON file to get the latest version and in this case, they are pointing to a fixed version of Kirki like so:

$myUpdateChecker = Puc_v4_Factory::buildUpdateChecker(
    'https://import.themovation.com/live-plugin-updater/kirki.json',
    $th_plugin_dir.'/'.$th_plugin_slug.'.php',
    $th_plugin_slug
);

When you open that JSON file it is pulling the Kirki plugin not from a qualified repo, but from a Dropbox zip file with a frozen version

{
  "name": "Kirki",
  "version": "3.0.25",
  "download_url": "https://www.dropbox.com/s/62cikx5ctanx412/kirki.zip?dl=1",
  "sections": {
    "description": "The latest update for Kirki."
  }
}

This version number overrides the version number as reported by the WP.org library.

So what happens is that the WP system correctly reports that an update is available, using the actual version of Kirki in use and the version number of the latest version available on WP.org.

But when you then go to look at available updates or (as mentioned in my first post) you try to install it and look at the “details” for the latest version, but Plugin Update Checker library overrides the normal system and uses the JSON file that the Bellevue theme authors have created.

I have noticed the same thing on occasion with other plugins, but I think Kirki only floated to the top of my attention because it gets frequent updates. The other plugins would all have the same problem, but of course only when my installed version is out of sync with the latest version in the WP plugin library.

• This reply was modified 3 years, 11 months ago by Tom.
• This reply was modified 3 years, 11 months ago by Tom.

Based on the comments in their code, I think the reason the theme author is doing it is because their theme is tested with particular versions of plugins and that means they know that automatic updates won’t break their theme.

I find that reasoning inadequate – of course I have plugins other than the ones they install automatically and of course those plugins can break my site on update. Anyone who worries about that should have a means of rolling back updates and, in any case, should have a dev/staging site where they can run all updates and test the site before rolling out to a live site.

In any case, as you say, if they want to do that, they should be updating their JSON files so that their users can stay up to date on critical updates.

As it is, their theme is blocking all updates to abour 4-5 major plugins (including Elementor and Master Slider) and it means that their theme is effectively creating a security risk as only the more savvy users will be able to figure out which plugins need updating and then actually update them.

At this point, I’ve basically created a minor fork of the theme to avoid this.

In any case, this is not your problem, but I do much appreciate your help in figuring it out. Without your comment, I would never have guessed the theme was causing these plugin update problems.

• This reply was modified 3 years, 11 months ago by Tom.
• This reply was modified 3 years, 11 months ago by Tom.
• This reply was modified 3 years, 11 months ago by Tom.