This issue is waiting on it's parent #395474: Plugin Manager in Core: Part 2 (integration with update status) to be committed.

In the parent issue, DWW's position was that if the Plugin Manager doesn't respect the original Update Status differentiation between different versions of the same project, then users will be unable to choose between a 1.2 security update version and a 1.3 released version (most current).

DWW: Upgrading your Drupal site is *not* as simple as running "software update" on your Mac, and it never will be given how Drupal actually works and exists in the world. This interface has to reflect reality. If you want to completely simplify the interface and hide all the "ugly" details from the "less knowledgeable audience", then you have to change reality. You can't make the interface reflect your ideal vision of reality and then hope reality will magically shift on its own.

Then, later on, Catch summed up the situation with:

We're losing some of the finer grained reasons for upgrading - i.e. I'm on Views 2.6, and Views 3.0 UNSTABLE-1 comes out - the current UI tries to suggest some caution about upgrading to unstable 1 (or alpha, beta, rc), if we only have red and blue, and no descriptive text then we're losing some of that.

There's also the issue of being on 2.5 and having the option of 2.6 OR 3.0-UNSTABLE-1 which the current UI doesn't support. i.e. does it default to 2.6 or 3.0-unstable1. If it defaults to 2.6, will I get nagged to upgrade to 3.0-unstable-1 as soon as I've updated to 2.6? Or do we only ever recommend stable releases from this interface? What if I'm running dev and there's a newer dev build.

There are also other statuses for currently installed modules which are critical but aren't a security update - the main two is when a module author unpublishes a release because it's unsupported - i.e. sites running panels-6.x-2.x which should be prompted to upgrade to panels-6.x-3.x - IMO these should just be red as well.

Then there's the situation where rather than a new security release, modules are so broken that we recommend uninstalling them completely - see http://drupal.org/node/318746 - this status is 'revoked' in the current UI. As far as I can see, the current UI wouldn't show those modules at all, because they don't have updates as such.

Note, I don't think we need to allow for fine-grained updates of contrib modules via this UI, if you want that, use tarballs, drush or cvs - but these particular sitautions where either uipgrading, or not being prompted to do something else can result in a hosed site ought to be dealt with I think.

Comments

Senpai’s picture

Senpai CreditAttribution: Senpai commented
Title: Plugin Manager in Core: Part 2-E (distinguish between released version of the same project) » Plugin Manager in Core: Part 2-E (distinguish between released versions of the same project)

Changing the title.

Senpai’s picture

Senpai CreditAttribution: Senpai commented

In addition, there's a real need to distinguish between a module and a theme when presenting this upgrade info, and I think this UI can handle it. Wireframe mockups to follow.

JacobSingh’s picture

JacobSingh CreditAttribution: JacobSingh commented

I think the solution for this is already found on d.o. When a mod maintainer marks a release as "recommended" then it is the one which the user is offered to upgrade to.

I don't see how that doesn't solve the first couple problems in the description.

Theses ones:

* Critical but not security
* Broken mods w/ no upgrade path.

are likely separate issues IMO.

can we decide, before this issue also inundated which of these are MUST HAVE for launch? I'll get Dries to weigh in if I can find him. If we don't start identifying and agreeing on critical path, we are totally doomed.

Best,
Jacob

Senpai’s picture

Senpai CreditAttribution: Senpai commented

IMO Jacob, none of these four auxiliary issues are marked critical for a reason. :) In fact, all four of them are postponed until the main issue is fully committed. Baby steps!

JacobSingh’s picture

JacobSingh CreditAttribution: JacobSingh commented

This is in re to http://drupal.org/node/395474#comment-1820434.

My feeling is that it can go either way. Some module maintainers use a lot of branches, some use them sparingly and reserve it for total overhauls. My belief is that a module maintainer is under obligation to set the recommended version to the one people should be using, and that normal people should just be able to upgrade to the recommended version. Honestly, module maintainers should provide some kind of BC in all cases, but I know as well as you that they often don't.

I hear what you are saying though... The dangerous thing is that by making the decision to not allow major version upgrades, we are essentially saying, "you don't need to use SSH or FTP to manage your site, until you do." Which means we have kinda failed to provide an environment for non-geeks to stay up2date. That to me is the core message of this project, and we can't abandon it.

I'd prefer to have the known risk that they may screw up their site. If we focus energy to solve this, I'd like to see it focused on Backup and Migrate module or something in core, to provide for a backup and a recovery operation in case the "recommended" release isn't too great.

I'm not against the idea at all, and what you are saying makes sense, I'm just very nervous about delaying this yet again, if and when we implement the choice of a branch upgrade vs. a security update, how do you propose we do it on the UI?

Best,
Jacob

Paul Natsuo Kishimoto’s picture

Paul Natsuo Kishimoto CreditAttribution: Paul Natsuo Kishimoto commented
Issue tags: +Update manager

Tag!

dww’s picture

dww
we/he/they
CreditAttribution: dww commented
Title: Plugin Manager in Core: Part 2-E (distinguish between released versions of the same project) » Distinguish between released versions of the same project when selecting projects to upgrade with Update manager
Status: Postponed » Active
Issue tags: +Usability

Not yet resolved by #538660: Move update manager upgrade process into new authorize.php file (and make it actually work).
See #602496: Clean up the update manager project selector page when updating your site which is related.
Better title and adding Usability tag...

Aren Cambre’s picture

Aren Cambre CreditAttribution: Aren Cambre commented

Has this been forgotten? How does this affect the Plugin Manager's own "port to D7" issue? (#336743: Port Plugin Manager module to D7)

dww’s picture

dww
we/he/they
CreditAttribution: dww commented
Version: 7.x-dev » 8.x-dev
Component: update system » update.module

Not forgotten, but not critical and very few people have been helping with with the update manager so no one got around to dealing with this in time for D7.

dww’s picture

dww
we/he/they
CreditAttribution: dww commented
Issue tags: +Update manager dev

Adding the Update manager dev tag to track this with other issues relating to how Update manager handles -dev releases.

Kebz’s picture

Kebz CreditAttribution: Kebz commented

@ dwww (Derek)
Per your comment https://www.drupal.org/node/977414#comment-3754086 and conversation from this thread https://www.drupal.org/node/977414

I think that it is critical to have an option to upgrade from and to.... regardless of the admins skill/technical level.

The reason being is this .... as this has happened to me (lol) ... when it prompts me to update, I just click and don't realize that it's forcing me to update the "recommended" version vs. the dev version. So then I believe it messes up the installs and database.

It's worth looking into for Drupal core 7.x+ as well since core 8 is not in stable mode and a lot are still in 7.

Version: 8.0.x-dev » 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.1.x-dev » 8.2.x-dev

Drupal 8.1.9 was released on September 7 and is the final bugfix release for the Drupal 8.1.x series. Drupal 8.1.x will not receive any further development aside from security fixes. Drupal 8.2.0-rc1 is now available and sites should prepare to upgrade to 8.2.0.

Bug reports should be targeted against the 8.2.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.2.x-dev » 8.3.x-dev

Drupal 8.2.6 was released on February 1, 2017 and is the final full bugfix release for the Drupal 8.2.x series. Drupal 8.2.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.3.0 on April 5, 2017. (Drupal 8.3.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.3.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.3.x-dev » 8.4.x-dev

Drupal 8.3.6 was released on August 2, 2017 and is the final full bugfix release for the Drupal 8.3.x series. Drupal 8.3.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.4.0 on October 4, 2017. (Drupal 8.4.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.4.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.5.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.4.x-dev » 8.5.x-dev

Drupal 8.4.4 was released on January 3, 2018 and is the final full bugfix release for the Drupal 8.4.x series. Drupal 8.4.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.5.0 on March 7, 2018. (Drupal 8.5.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.5.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.6.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.5.x-dev » 8.6.x-dev

Drupal 8.5.6 was released on August 1, 2018 and is the final bugfix release for the Drupal 8.5.x series. Drupal 8.5.x will not receive any further development aside from security fixes. Sites should prepare to update to 8.6.0 on September 5, 2018. (Drupal 8.6.0-rc1 is available for testing.)

Bug reports should be targeted against the 8.6.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.7.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.6.x-dev » 8.8.x-dev

Drupal 8.6.x will not receive any further development aside from security fixes. Bug reports should be targeted against the 8.8.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.9.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.8.x-dev » 8.9.x-dev

Drupal 8.8.7 was released on June 3, 2020 and is the final full bugfix release for the Drupal 8.8.x series. Drupal 8.8.x will not receive any further development aside from security fixes. Sites should prepare to update to Drupal 8.9.0 or Drupal 9.0.0 for ongoing support.

Bug reports should be targeted against the 8.9.x-dev branch from now on, and new development or disruptive changes should be targeted against the 9.1.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.9.x-dev » 9.2.x-dev

Drupal 8 is end-of-life as of November 17, 2021. There will not be further changes made to Drupal 8. Bugfixes are now made to the 9.3.x and higher branches only. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.2.x-dev » 9.3.x-dev

Version: 9.3.x-dev » 9.4.x-dev

Drupal 9.3.15 was released on June 1st, 2022 and is the final full bugfix release for the Drupal 9.3.x series. Drupal 9.3.x will not receive any further development aside from security fixes. Drupal 9 bug reports should be targeted for the 9.4.x-dev branch from now on, and new development or disruptive changes should be targeted for the 9.5.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.4.x-dev » 9.5.x-dev

Drupal 9.4.9 was released on December 7, 2022 and is the final full bugfix release for the Drupal 9.4.x series. Drupal 9.4.x will not receive any further development aside from security fixes. Drupal 9 bug reports should be targeted for the 9.5.x-dev branch from now on, and new development or disruptive changes should be targeted for the 10.1.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.5.x-dev » 11.x-dev

Drupal core is moving towards using a “main” branch. As an interim step, a new 11.x branch has been opened, as Drupal.org infrastructure cannot currently fully support a branch named main. New developments and disruptive changes should now be targeted for the 11.x branch. For more information, see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.