Download Link on Plugin info pages

Oh, so that those in charge can understand the full idea, it would be to have the wordpress “update” flag only appear when there is a significant (.1 or more) difference in versions. The update process right now is somewhat self defeating, as micro updates require the same level of attention as full ones, which generally means that updates don’t get done.

So if a plugin goes from 3.3.2 to 3.3.3 I would prefer not to have an UPDATE! flag screaming at the top of the page every time I log into the admin. Yes, I understand that it would be important on wordpress core updates, but on plugins, especially if authors are instructed on what constitutes a real update, we could save a lot of time and annoyance.

This is my opinion only…

What happens of the only change between 3.3.2 and 3.3.3 is to plug a security vunerability that’s been made public and had hackers exploiting it? Surely you’d want to know about that, wouldn’t you? By your standard, a small change would not be granted a high enough version number to warrent showing the update.

As far as forcing a verion numbering system on developers, that’s never going to work. While most developers do things the right way, they also have the freedom to version their plugins the way that they want to. Even if using this sort of version numbering was “required”, how would it be enforced? What level of changes would be needed to justify each level of changes? What type of changes would be allowed/not allowed? There’s just way to many things that are not able to be controlled, and really shouldn’t be controlled, to have something that rigid put into practice.

“What happens of the only change between 3.3.2 and 3.3.3 is to plug a security vunerability that’s been made public and had hackers exploiting it?”

Well, quite simply, that should be a change from 3.3.2 to 3.4.0. A security update should be flagged as SIGNIFICANT, not incremental.

You don’t have to enforce the system, as always the community does that naturally. Plug in developers who constantly flag updates for no real reason “modified font size on optional page” would quickly find themselves getting flagged for silly updates. Those who fail to note security updates with .1 version increase would find themselves facing the same issue. You don’t have to force anything or come up with complex rules. That the dashboard light does not come on for a .0.1 increase and does come on for a .1 increase should be enough to tell them how to handle themselves.

So no, you don’t need anything rigid to make it work, you only need to let them know that there is a difference, and let them work it out. Right now the system is rigid, any even trifling modification leads to an annoying “update light” on the dashboard.

Ahh. I see now. You’re only upset that you get nagged to update, not anything more.

My only advice for that, and I know you’re not going to like it, is “live with it”. If there’s an update, there’s a reason for that update. Sure it may be small, but it’s still there. If you start deciding which updates people are and are not shown, people will miss a lot of them when they probably should be installing them. Remmber, as a general rule most users are stupid. Unless you give them a big red warning that completely covers their screen, they won’t do anything. I’ve seen that way to many times myself to count.

How many plugins currently are “flagged for silly updates”? I haven’t seen any yet, but I might not be looking at the same ones as you. Some that I use do have small updates that may seem to be not essential to me, but it’s not my plugin, so I can never be 100% sure that something that seems trivial rally is, or if it’s bigger then I realise.

And is installing the updates really that hard? Even on big sites it’s an hour or so which includes all of the backups that I need to do before and after updating the site. If it’s a non-essential site I can skip the backup portion if I’m confident that the updates will be fine as I’ve installed them on other sites before.

I’ve seen customers that leave their sites without updates ever since we hand the site over to them – and this is after us always instilling in them that updates are very important, and have to be done to ensure that their site stays secure. They just don’t do it. They know, but they don’t care, even with the “annoying” update indicator. some of these sites are fine, but there’s also a few that have come back to us after the sites bene hacked horribly and asked us “why???” and been shocked when they’ve been told that they didn’t update their site and hackers got in from known security issues.

Your idea does have a good base, but the reality that I can see is that hiding things leads to even more issues then there are now, and for the majority of users, it has the chance to leave them vunerable if the developers don’t version thier plugins exactly as you tell them to (which is a very rigid system in itself).

My thought wasn’t to just block it, but rather allow for it. In the dashboard have a “ignore minor updates on themes and plugins” so that people don’t get nagged.

Updating a single site isn’t an issue. Update hundreds of sites, deal with clients calling you because “oh no it says update again!” in their admin panel… then you start to understand the scope of the issue. The other option of totally automated updates leads to potential compatibility issues and problems, so just turning on the automatics to let it fix itself is not an option.

One plugin I use had an update this week, and I kid you not, it was “added estonian language support” – and this was enough to trigger an update notification on about 3 dozen blogs that use it. I am sure it was a useful update for someone, but did I need to know about it?

Trying to build stuff so that entirely dumb users are safe means a lot more work for the rest of us, it would be like pushing wordpress into the proverbial short bus and making us all crowd in. There should be options – and this becomes more and more apparent as WordPress moves towards being a full on commercial use CMS. Every time you see a commercial site using wordpress, there is almost certainly a support guy or company running it, and they have to deal with the same issues as everyone else.

Perhaps WordPress needs a “short bus” branch, to keep it simple?

Those issues all come down to end-user education. It doesn’t matter if it’s something that you do for them, or they find themselves, but someone needs to tell users what they can and can’t do, and what they should and shouldn’t do. I’m also a big fan of not giving users too many options. As I said before, the vast marority of users are stupid, as you’ve seen with your “oh no it says update again” issues. Give these people more options, and they’ll jsut find new and creative ways to break things themselves. That’s why the autoamted updates were first added in, and that’s why a vast majority of customisation is done by code rather then by setting options in the admin area.

And you are right saying that commercial sites have support people behind them. It’s a very big business. That’s one of our big income streams, and it works well for both parties. We take care of things and get the bills paid, and our clients don’t have to worry about those sort of issues because that’s what they pay us to do. That’s why I don’t see any rason for a “short-bus” (most non-USA people won’t understand that one) version is really not a great idea. Users may want things to be simple, but as soon as they know that there’s a different version available with more options that they can play with (break…) they’ll want to get that one instead.