PUC automatically changes "tested up to" version numbers that are in the major.minor format to major.minor.latest-patch to prevent WP from showing "this update hasn't been tested with your WP version" warnings. (This was implemented because WordPress.org does something similar.) Previously, this adjustment didn't happen when the user clicked the "view details" link in a plugin update notification, so they would still see a compatibility warning there. That has now been fixed.
Fixes#307
Previously the update checker used a mix of 2.0 and 1.0. Version 1.0 was deprecated a while ago and has now stopped working for at least some users.
This should fix the errors reported in #289.
PUC uses parse_url() in a number of places to parse the metadata URL or repository URL. If someone provides an invalid URL then that's already a configuration error so it's not necessary to hide the warnings emitted by parse_url().
Also, as of PHP 5.3.3, parse_url() no longer emits warnings when it fails to parse something, so anyone using an actively supported PHP version (7.2+) wouldn't see any warnings anyway.
This bug was caused by a combination of two facts:
1) The version that gets loaded first takes the Puc_v4_Factory alias.
2) All other versions register their class names with the existing Puc_v4_Factory, not their own factory class.
We can't really do much about the first one, but we can work around the second one by also registering each class with the version-specific factory.
See also #279
The filter 'puc_get_vcs_service' will then allow user to add their self hosted gitlab or bitbucket as a recognised service
like so
add_filter('puc_get_vcs_service', function($service, $host) {
if ($host == 'gitlab.mydomain.com') {
return 'GitLab';
}
return $service;
}, 10, 2);
mt_rand() is not cryptographically secure. This probably doesn't matter that much in most cases because it only affects BitBucket API interactions that already happen over HTTPS, but why not use a better option when it's available?
Closes#233
Let's only add our UI hooks if the user has the required permissions. This way we can avoid duplicating the permission checks in each individual callback.
Yahnis Elsts
tak
David Anderson
Pierre
Adrien Foulon
Meszaros Robert