Issue with auto update option #45

New Issue

Open

opened 2024-09-04 06:05:08 +00:00 by dwaxweiler · 3 comments

dwaxweiler commented 2024-09-04 06:05:08 +00:00

Copy Link

I successfully deployed a WordPress site without changing the default option ENABLE_AUTO_UPDATE=true but WordPress' site health tool displays the errors that the WP_AUTO_UPDATE_CORE constant is defined as false and that WordPress security and maintenance releases are blocked by define( 'WP_AUTO_UPDATE_CORE', false );.

I successfully deployed a WordPress site without changing the default option `ENABLE_AUTO_UPDATE=true` but WordPress' site health tool displays the errors that the `WP_AUTO_UPDATE_CORE` constant is defined as `false` and that WordPress security and maintenance releases are blocked by `define( 'WP_AUTO_UPDATE_CORE', false );`.

decentral1se commented 2024-09-04 11:13:18 +00:00

Owner

Copy Link

@dwaxweiler hey 👋 (and welcome? 🎉) I believe the ENABLE_AUTO_UPDATE=true is not related to define( 'WP_AUTO_UPDATE_CORE', false );. The ENABLE_AUTO_UPDATE deals with kadabra, our prototype auto-upgrade tool: https://docs.coopcloud.tech/operators/tutorial/#automatic-upgrades

So, I maybe you need to look at another env var (maybe one of the recipe maintainers will know?) or you need to adjust the recipe to be able to configure this value.

@dwaxweiler hey 👋 (and welcome? 🎉) I believe the `ENABLE_AUTO_UPDATE=true` is not related to `define( 'WP_AUTO_UPDATE_CORE', false );`. The `ENABLE_AUTO_UPDATE` deals with `kadabra`, our prototype auto-upgrade tool: https://docs.coopcloud.tech/operators/tutorial/#automatic-upgrades So, I maybe you need to look at another env var (maybe one of the recipe maintainers will know?) or you need to adjust the recipe to be able to configure this value.

👍 1

dwaxweiler commented 2025-12-15 06:38:09 +00:00

Author

Copy Link

Ah, thanks for your clarification! Then, this recipe sets WP_AUTO_UPDATE_CORE to false. Could you set it to minor or expose it via the config file please? In the past, WordPress fixed important vulnerabilities using this automatic update process.

Ah, thanks for your clarification! Then, this recipe sets `WP_AUTO_UPDATE_CORE` to `false`. Could you set it to `minor` or expose it via the config file please? In the past, WordPress fixed important vulnerabilities using this automatic update process.

3wordchant commented 2026-01-30 05:10:31 +00:00

Owner

Copy Link

@dwaxweiler thanks for the report (and likewise, welcome!).

I have mixed feelings about apps self-updating; I assume the reason that @moritz set WP_AUTO_UPDATE_CORE=false (back in 55f00a4) was that it's confusing if the version reported by abra is different to the actual version running – and the version will be (probably-unexpectedly) reset after an undeploy / deploy – and I would agree with that rationale.

I think project-wide the expectation is that folks will be staying on top of recipe updates by e.g. configuring renovate, or running abra app ls -S periodically. Otherwise, folks might be getting Wordpress security updates but missing out on security updates for other apps they're running (including, at minimum, Traefik or Caddy).

All of that said, I would support making this configurable, as long as the default remains false. I can make this change myself eventually, but very happy for you to make a pull request if you're able.

@dwaxweiler thanks for the report (and likewise, welcome!). I have mixed feelings about apps self-updating; I assume the reason that @moritz set `WP_AUTO_UPDATE_CORE=false` (back in 55f00a4) was that it's confusing if the version reported by `abra` is different to the actual version running – and the version will be (probably-unexpectedly) reset after an `undeploy` / `deploy` – and I would agree with that rationale. I think project-wide the expectation is that folks will be staying on top of recipe updates by e.g. configuring [`renovate`](https://git.coopcloud.tech/coop-cloud/renovate/), or running `abra app ls -S` periodically. Otherwise, folks might be getting Wordpress security updates but missing out on security updates for other apps they're running (including, at minimum, Traefik or Caddy). All of that said, I would support making this configurable, as long as the default remains `false`. I can make this change myself eventually, but very happy for you to make a pull request if you're able.

👍 1

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

renovate/wordpress-6.x

fix/3wc/wp-cli

ftp

ssh

service-rename

drone

2.19.1+6.9.4

2.19.0+6.9.4

2.18.0+6.9.1

2.17.1+6.9.0

2.17.0+6.9.0

2.16.2+6.8.3

2.16.1+6.8.1

2.16.0+6.8.1

2.15.0+6.8.0

2.14.0+6.7.2

2.13.3+6.7.1

2.13.2+6.7.1

2.13.1+6.7.1

2.13.0+6.7.1

2.12.2+6.6.2

2.12.1+6.6.1

2.12.0+6.6.1

2.11.0+6.6.0

2.10.0+6.5.5

2.9.1+6.5.3

2.9.0+6.5.2

2.8.0+6.5.0

2.7.3+6.4.3

2.5.2+6.3.0

2.7.2+6.4.2

2.7.1+6.4.2

2.7.0+6.4.2

2.6.3+6.4.2

2.6.1+6.4.0

2.6.0+6.4.0

2.5.1+6.3.0

2.5.0+6.3.0

2.4.3+6.3.0

2.4.2+6.3.0

2.4.1+6.3.0

2.4.0+6.3.0

2.3.0+6.2.0

2.2.1+6.1.1

2.3.3+6.2.2

2.3.2+6.2.0

2.3.1+6.2.0

2.2.0+6.1.1

2.1.0+6.1.1

2.0.1+6.0.1

2.0.0+6.0.0

1.1.2+5.9.3

1.1.1+5.9.2

1.1.0+5.9.0

1.0.2+5.8.3

1.0.1+5.8.2

1.0.0+5.8.1

Labels

No items

No Label

Milestone

No items

No Milestone

Assignees

Clear assignees

3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud cyrnel decentral1se devydave fauno flancian Frando iexos jade javielico jmakdah2 joe-irving kawaiipunk knoflook kolaente lambdabundesverband linnealovespie marlon mayel mirsal moritz nicksellen notplants p4u1 pau pharaohgraphy renovate-bot ripclap rix rscmbbng sef simon sixsmith stevensting tobias trav val vaznasty virtualboys wolcen wykwit xynosis yksflip

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/wordpress#45

No description provided.