Hi there,
I’m hoping to find a way to keep ( 'DISALLOW_FILE_MODS', true ), but still allow for minor WP updates.
I’ve tried changing config/application.php to:
define('AUTOMATIC_UPDATER_DISABLED', false);
define('WP_AUTO_UPDATE_CORE', ‘minor’);
and also adding an mu plugin:
// Enable automatic updates even if a VCS folder (.git, .hg, .svn etc) was found
add_filter( 'automatic_updates_is_vcs_checkout', '__return_false', 1 );
// Enable major updates
add_filter( 'allow_minor_auto_core_updates', '__return_true' );
So far neither of these changes seem to work, ( 'DISALLOW_FILE_MODS', true ) seems to override everything!
I’m testing by forcing minor update by calling the following code, but this only works with ( 'DISALLOW_FILE_MODS', false ).
<?php
require( dirname(__FILE__) . '/wp/wp-load.php' );
echo "Minor update complete!";
//Clear transients
global $wpdb;
$sql = "DELETE FROM $wpdb->options WHERE option_name LIKE '_transient_%'";
$clean = $wpdb->query( $sql );
//Clear object cache
wp_cache_flush();
//Attempt auto update
wp_maybe_auto_update();
I’ve read other posts which warn about being out of sync with composer and version control. For most of my use cases this is not a problem. Most of my clients use shared hosting and are not deploying and then running composer update. I’m handling updates locally and mostly as and when required.
Basically, I want to keep all of the advantages of ( ‘DISALLOW_FILE_MODS’, true ), but also not miss out on security updates etc. Has anybody come across this?
