Updates let's do some magic

Krzysiek Dróżdż

Who am I?

Krzysiek Dróżdż

We all know this

But where does it come from?

WordPress sends a request to server.

Using cron.

Every 12 hours.

  • wp_version_check
  • wp_update_plugins
  • wp_update_themes

OK, but… How?

Functions in wp-includes/update.php

  • wp_version_check
  • wp_update_plugins
  • wp_update_themes

Notice: We can use filters: http_request_args and http_response and action: http_api_debug

And then what?

The response is stored as transient, so it can be displayed later on

  • update_core
  • update_plugins
  • update_themes

Notice: So we can access this info using filters: pre_set_transient_{$transient} and transient_{$transient}

Let's see some code…

And requests?

As we're already wiretapping…

Where does this come from?

And when we click Update

An instance of one of these classes is constructed:

Notice: Available hooks: pre_auto_update, upgrader_pre_download, upgrader_process_complete and more…

So how can we use this knowledge?

We can:

  • Hide some/all update notices
  • Notify users, but prevent them from doing updates
  • Allow updates for custom plugins/themes
  • Log who updates what and when

Any other ideas?

Anything we should be careful about?

As always… Name conflicts.

That's all Thanks!

Krzysiek Dróżdż