Hi @jkudish.

You have a nice plugin here, and I very like this.

But, I want use with private repo, and I use with Bitbucket (git) repo.
Can you make this support?

Thanks,
Yakir.

This library didn't seem to work so I var_dumped the WP_Github_Updater object. $github_data returned an error along the lines of 'Too many login attempts'. I was able to track this down to the lines in the library that add the access_key to the query argument. It seems it is added no matter if access_key is empty or not. After commenting out any attempt to add that to the query arguments, things worked fine.

Is this behavior expected? Should add_query_arg calls be wrapped in a conditional?

Hi guys,

is it possible to rewrite the link to the Plugin information in the notification in the plugins list?

Totally loving your work. Thanks for the code and the continued development :-)

I noticed this bug when adapting this for a non-GitHub context, so potentially it is something that I've done. But hopefully I can explain this bug and how it effects the updater.

Inside the callback on the pre_set_site_transient_update_plugins hook we have:

// Check if the transient contains the 'checked' information
// If not, just return its value without hacking it
if ( empty( $transient->checked ) )
    return $transient;

This is presumably because wp_update_plugin() saves the transient twice - and we only want to run our check the second time. (Or is there another reason?).

However, $transient->checked is only ever non-empty when $time_not_changed is 'true' ( see source: https://github.com/WordPress/WordPress/blob/3.4.1/wp-includes/update.php#L155 ). This is only true when within the 'timeout' of the plug-in checker (minute on update-core.php, hour on the plug-ins page).

So, if you go to the plug-ins page and more than an hour has passed since the last plug-in check - the updater doesn't do anything. Refreshing the page, and the plug-ins have been checked under an hour ago (obviously), so this time the updater does run (and the update is viewable in the admin bar).

In real terms this shows itself as updates appearing for other plug-ins (because a cron job has been triggered), but not ones using this updater.

Hopefully that makes sense...

Instead of having to provide the zip/api/raw URLs, it could be easier for most uses to just have the 'username', 'repository-name', and 'branch-name' be provided instead, and build those URLs within the class.

On checking required config (line 117) the ! negates the effect it seems?

The get_plugin_info method is using $args, but below that it uses $response and returns $response, so this won't work.

Either rename $args to $response, or all calls to $response to $args as a solution.

I can only get update notifications if my plugins are Network Activated...

Plugins activated (ONLY) on sub domains never get an update ?

Hi there,

I think there's some confusing mixup when comparing the plugin slug with the reponse slug in /updater.php:394.

$response->slug is actually just the folder name of the plugin (i.e.: github-updater), but $this->config['slug'] is the pugin's basename (folder name + plugin name, i.e.: github-updater/plugin.php). This leads to a false negative, returning on line 395 and causing wp-admin/update-core.php to show an empty list, when instead there should be a new update visible. I tried it with your example in plugin.php as well; and this also causes the same problem.

As far as I can tell, the issue is simply solved by changing
if ( !isset( $response->slug ) || $response->slug != $this->config['slug'] )
into
if ( !isset( $response->slug ) || $response->slug != $this->config['proper_folder_name'] )

After upgraded the plugin the notification still shows there is 1 plugin to update. It is showing in the admin bar, in the plugins menu and in the update menu also.

I'm running a WP Multisite network, so it shows in the network admin area.

The get_new_version function loads up the base file and then also loads up README.md without checking if a valid version number was found in base file.

I recommend replacing get_new_version with the following:

    /**
     * Get New Version from github
     *
     * @since 1.0
     * @return int $version the version number
     */
    public function get_new_version() {
        $version = get_site_transient( $this->config['slug'].'_new_version' );

        if ( $this->overrule_transients() || ( !isset( $version ) || !$version || '' == $version ) ) {

            $raw_response = $this->remote_api_get( trailingslashit( $this->config['api_url'] ). basename( $this->config['slug'] ) );

            if ( is_wp_error( $raw_response ) )
                $version = false;

            if (is_array($raw_response)) {
                if (!empty($raw_response['body']))
                    preg_match( '#^\s*Version\:\s*(.*)$#im', $raw_response['body'], $matches );
            }

            if ( empty( $matches[1] ) )
                $version = false;
            else
                $version = $matches[1];

            if( ! $version ){
                // back compat for older readme version handling
                $raw_response = $this->remote_api_get( trailingslashit( $this->config['api_url'] ) . $this->config['readme'] );

                if ( is_wp_error( $raw_response ) )
                    return $version;

                preg_match( '#^\s*`*~Current Version\:\s*([^~]*)~#im', $raw_response['body'], $__version );

                if ( isset( $__version[1] ) ) {
                    $version_readme = $__version[1];
                    if ( -1 == version_compare( $version, $version_readme ) )
                        $version = $version_readme;
                }

            }

            // refresh every 6 hours
            if ( false !== $version )
                set_site_transient( $this->config['slug'].'_new_version', $version, 60*60*6 );
        }

        return $version;
    }

This should speed up every site using this class, removing an unneeded call to the GitHub API.

I'm working on a proper pull request but wanted to share this to get feedback.

I'm creating a WP plugin 100% javascript/jquery to search Plugins and Themes on Github. it's almost done. but i want to make installation possible directly into Wordpress.

For direct installation, it would be great if you you would add URL parameter to your Github Updater so i can send users to your plugin and pass the installation infos in this URL for direct installation to your plugin.
installation.

My WPGIT theme and plugin search plugin (Not released)

The example shows the wrong class, it should be updated with WPGitHubUpdater

The code doesn't work for the private repo . Then what is the benefit of using access token ? If any way available to update with private repo kindly let me know

Why is readme required as a parameter?
Should it not server as a flag that the version is fetched from the readme and otherwise there won't be a check and an error is raised when the version could not be gotten from the header.

There is a bug in the code where the transient data key names can easily end up larger that the WP options table 64 char length.

It really needs to be at most 26 characters. This takes into account the longest prefix WP adds (site_transient_timeout) and the longest postfix the plugin adds (_new_version).

I don't currently have a proper fix yet as I just added a dirname() around the slug for the usage.

The consequence of this is that the get_new_version() logic is always executed instead of only once over 6 hours like I believe its intended.

Also the get_new_version() function checks both the readme and the plugin file version number all the time when it probably should just check the plugin comments and if not found then move to the readme.

I've been trying this lib in a plugin, but after updating the plugin I get this warning:

Warning: ftp_rename() [function.ftp-rename]: /full/path/to/webroot/wp-content/plugins/githubuser-repositoryname-8f2d3c364ae5693d7ae6f411b9969b9f6fbf44ae/: No such file or directory in /full/path/to/webroot/wp-admin/includes/class-wp-filesystem-ftpext.php on line 195

The plugin has been updated, but could not be reactivated. Please reactivate it manually.Plugin updated successfully.

Is there some reason not to automatically include or require updater.php ? Why leave it to the user when they will have this plugin enabled.

Am I missing something obvious?

When I get "View version ... details" link, then it is going to Wordpress. I want to pass github url to this. As plugin is not hosted on wordpress it gives error. So I want to pass github link.

There is no my plugin name in the list of available updates. Please see the screenshot: http://pix.toile-libre.org/upload/original/1420974796.jpg. So, I cannot update the plugin from the page update-core.php, it gives error "Please select one or more plugins to update."
Update is only available from plugins.php page if to choose plugin to update manually.

If a composer.json is available, the version number, as well as a significant amount of information about dependencies and requirements, will be available in an easily parsed json format.

If a composer.json is available, perhaps the updater can use that instead of referencing some arbitrary line in a readme

Apologies if this has been suggested before - I looked through the issues but couldn't spot anything.

Getting X developers to include different versions of the class (as it it improves) in Y plugins seems to be taking the wrong approach. I'd rather see the class turned into something more like ACF (though I've not used ACF myself) - that is, an individual plugin that enables the other plugins to use it if it exists. This updater plugin could then be improved, and so long as the API between the other plugins and the class plugins stays the same, nothing should break.

To put it another way, WPGHPU becomes a plugin which adds another repository for WordPress, and other plugins can tap into that, if it exists.

Thoughts?

Sometimes updater.php gives me this error

Fatal error: Cannot use object of type WP_Error as array in /a/lot/of/dirs/updater.php on line 228

I fixed it just changing in line 225

        if ( is_wp_error( $raw_response ) )
            $version = false;

by

        if ( is_wp_error( $raw_response ) )
            return $version;

I know this may not be the right choice (i didn't tested it so far), maybe a return false; would be better ¿What do you think guys?

I would like to self host a simple plugin that displays a widget in the wordpress dashboard. It's a very simple widget that displays a link to a company web support page. I must be doing something wrong because wordpress won't detect that the plugin has been updated when I up the version. I'm using require_once('updates.php') for the updates and initializing the class such as in the provided instructions. Am I missing something? Any help is appreciated, thank you for sharing this. Plugin at https://github.com/agentevo/AE-Support-Dashboard-WIdget.

If it works both for plugins and themes it would be greet :)

WordPress throws an error when I try to autoupdate:
Download failed. SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

The problem (and solution) is discussed here: http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssltls-protected-sites/ but I believe the curl options would need to be set inside WordPress core files.

Is there another work around for this?

I always get this error when trying to authenticate:

Warning: Cannot modify header information - headers already sent by (output started at /home/srain/public_html/wp-admin/includes/template.php:1642) in /home/srain/public_html/wp-includes/pluggable.php on line 876

Any ideas?

Git tags already provide us with a mechanism for indicating releases. It seems like a shame to ignore them here.

It's Wordpress :)

There is even a filter that has 'dang-it' in it to emphasize this.
Changing the repo-name: not sure if that is wise, but WordPress is rather a no-go ;)

Any thoughts on integrating the ManageWP API so that the GitHub updater can notify ManageWP through it's hooks that there's a new version for the plugin and where to get it?

http://managewp.com/api

// mwp_premium_update_notification filter (REQUIRED)
//
// Hook to this filter to provide the new version of your plugin if available
//
// input: $premium_updates array
// output: modified array, containing the current version number of your plugin
//
// 

add_filter('mwp_premium_update_notification', 'myplugin_mwp_update_notification');

if( !function_exists('myplugin_mwp_update_notification') ) {
    function myplugin_mwp_update_notification( $premium_updates ){

        if( !function_exists( 'get_plugin_data' ) )
            include_once( ABSPATH.'wp-admin/includes/plugin.php');

        $myplugin['type'] = 'plugin';

        // EDIT HERE
        $myplugin = get_plugin_data( __FILE__ );   // or path to your main plugin file, we expect it to have standard header with plugin info               
        $myplugin['new_version'] = '1.4';  // edit your plugin's new version (extract this from your own options, etc..)

        array_push($premium_updates, $myplugin);
        return $premium_updates;
    }
}


// mwp_premium_perform_update filter (REQUIRED)
//
// Hook to this filter to instruct ManageWP How to upgrade your plugin
//

add_filter('mwp_premium_perform_update', 'myplugin_mwp_perform_update');

if( !function_exists('myplugin_mwp_perform_update') ) {
    function myplugin_mwp_perform_update( $premium_updates ){

        if( !function_exists( 'get_plugin_data' ) )
            include_once( ABSPATH.'wp-admin/includes/plugin.php');

        $my_addon['type'] = 'plugin';

        // EDIT HERE
        $my_addon = get_plugin_data(  __FILE__ );   // or path to your main plugin file, we expect it to have standard header with plugin info      

        $my_addon['url'] = 'http://mysite.com/file.zip';    // Provide URL to the archive file with the new version of your plugin (easiest)
        $my_addon['callback'] = 'my_update_callback';       // *OR* Provide your own callback function that will perform the update when called (we will simply call when the user select to upgrade)
        $my_addon['slug'] = 'plugindir/pluginfile.php';     // *OR* Provide the plugin slug if you hook on to WordPress upgrade transients for your plugin upgrade

        array_push($premium_updates, $my_addon);

        return $premium_updates;
    }
}

// mwp_premium_update_check filter (OPTIONAL)
//
// Hook to this filter if you want ManageWP to be able to force check for updates
//
// We call this when the user clicks "Refresh" in their ManageWP Dashboard

add_filter('mwp_premium_update_check', 'myplugin_mwp_update_check');

if( !function_exists('myplugin_mwp_update_check') ) {
    function myplugin_mwp_update_check( $update ){

        if( !function_exists( 'get_plugin_data' ) )
            include_once( ABSPATH.'wp-admin/includes/plugin.php');

        // EDIT HERE
        $my_addon = get_plugin_data(  __FILE__ );   // or path to your main plugin file, we expect it to have standard header with plugin info  
        $my_addon['callback'] = 'my_update_callback'; // Provide the callback function which will force an update check for your plugin

        array_push($update, $my_addon);

        return $update;
    }
}


/**********************************************

        Integration for Premium THEMES 

*********************************************/


// mwp_premium_update_notification filter (REQUIRED)
//
// Hook to this filter to provide the new version of your plugin if available
//
// input: $premium_updates array
// output: modified array, containing the current version number of your plugin
//
/

add_filter('mwp_premium_update_notification',  'mytheme_mwp_update_notification' );

if(!function_exists('mytheme_mwp_update_notification')) {
    function mytheme_mwp_update_notification( $premium_update ){

        if( !function_exists( 'get_theme_data' ) )
            include_once( ABSPATH.'wp-admin/includes/theme.php');


        $mytheme['type'] = 'theme'; 

        // EDIT HERE
        $mytheme = get_theme_data( dirname( __FILE__ ).'/style.css' ); // or path to your main css file, we expect it to have standard header with theme info
        $mytheme['new_version'] = '1.6'; // your theme's new version

        array_push($premium_update, $mytheme);
        return $premium_update;
    }
}


// mwp_premium_perform_update filter (REQUIRED)
//
// Hook to this filter to instruct ManageWP How to upgrade your theme
//

add_filter('mwp_premium_perform_update', 'mytheme_mwp_perform_update');

if( !function_exists('mytheme_mwp_perform_update') ) {
    function mytheme_mwp_perform_update( $update ){

        if( !function_exists( 'get_theme_data' ) )
            include_once( ABSPATH.'wp-admin/includes/theme.php');


        $my_addon['type'] = 'theme';

        // EDIT HERE
        $my_addon = get_theme_data( dirname( __FILE__ ).'/style.css' ); // or path to your main css file, we expect it to have standard header with theme info


        $my_addon['url'] = 'http://mysite.com/file.zip';    // Provide URL to the archive file with the new version of your theme (easiest)
        $my_addon['callback'] = 'my_update_callback';       // *OR* Provide your own callback function that will perform the update when called (we will simply call when the user select to upgrade)
        $my_addon['slug'] = 'twentyeleven';                             // *OR* Provide the plugin slug if you hook on to WordPress upgrade transients for your plugin upgrade


        array_push($update, $my_addon);

        return $update;
    }
}


// mwp_premium_update_check filter (OPTIONAL)
//
// Hook to this filter if you want ManageWP to be able to force check for updates
//
// We call this when the user clicks "Refresh" in their ManageWP Dashboard

add_filter('mwp_premium_update_check', 'mytheme_mwp_update_check');

if( !function_exists('mytheme_mwp_update_check') ) {
    function mytheme_mwp_update_check( $update ){

        if( !function_exists( 'get_theme_data' ) )
            include_once( ABSPATH.'wp-admin/includes/theme.php');


        // EDIT HERE
        $my_addon = get_theme_data( dirname( __FILE__ ).'/style.css' ); // or path to your main css file, we expect it to have standard header with theme info
        $my_addon['callback'] = 'my_update_callback';  // provide your callback function which will refresh transient or check for your internal update system when called

        array_push($update, $my_addon);

        return $update;
    }
}

When I update plugin I get "Update!" message. But new version getting blank. So updated version is not coming immediately. It comes when we refresh page.

This code is not working for the private repo . then what is the benefit of adding access token ?

_doing_it_wrong( __CLASS__, $message , self::VERSION );

Should the message not be there? Now it has '' and it's not clear why it is called.

I'm having troubles getting this working with a private repo. Does anyone know of any examples of this where it works? I'm hoping that if I can compare with another plugin, then maybe I can see where I went wrong.

Thanks :)

When the WordPress updater calls the update information when a user clicks on "version info", it displays an error, and does not allow for the viewing of the whats new info from the ready.

For the next release, I'd like to do a code review and make sure the plugin:

• is secure; make sure it sanitizes, escapes everything properly
• uses proper WordPress coding standards
• code is as optimized as possible

When do you think you might release 1.7?

I need some kind of token_access or I'll get penalized on API attempts - Any idea which I should be choosing for a PUBLIC REPO ?

repo
repo:status
repo_deployment
public_repo
delete_repo
user
user:email
user:follow
admin:org
write:org
read:org
admin:public_key
write:public_key
read:public_key
admin:repo_hook
write:repo_hook
read:repo_hook
admin:org_hook
gist
notifications

Configured as described, and also tried tagging the releases, but no avail. Seems the private repo features still needs some work.

Added @jkudish to my private repo so he can test it.

In my plugin I am testing this on, I've got my root directory with a README.md with the proper format version and a folder with the plugin files in with the WordPress readme.txt. Should I move the version format in there and the update variables pointing to the subfolder?

When I delpoy a new update the Wordpress system detects it and shows the update Icon in Admin bar as expected,
but wp-admin/update-core.php shows

Plugins Your plugins are all up to date

WP Version 3.6.1

if (!class_exists('github_updater')) : class wp_github_updater {

Shouldn't that be class_exists('wp_github_updater')?

1. It still says it doesn't work with private repos
2. The instruction says new WPGitHubUpdater but the class is called WP_GitHub_Updater

With this plugin activated, whatever third party plugin I install will take the folder name defined in proper_folder_name

Hey,
I opened an issue about 2 months ago, about it not working for Private Repositories. After long consideration, I've decided to change my mind about that ticket (its #39) for reference.

I've got a working Private Repo updater. I stripped out the stuff used for public repositories, and I'm sure the codebase has changed since I did it, but if someone can help me reintegrate it, this script would work for both public and private repos on Github.

I just don't have the time to maintain it, and I really hate to see good code go to waste, so if anyone's up for helping me I guess just comment below.

Thanks,
Chris

Hello there,

I added this excellent feature to one of my plugins and I actually didn't notice it, but a user did.
Jeradin/acf-website-field#14

After reading this issue I did the same, commented out the updater code and instantly my admin speed improved, I hadn't even noticed it was an issue!

Any thoughts on this? Here is my includes text:

include_once('updater.php');


if (is_admin()) { // note the use of is_admin() to double check that this is happening in the admin
    $config = array(
        'slug' => plugin_basename(__FILE__), // this is the slug of your plugin
        'proper_folder_name' => 'acf-website-field', // this is the name of the folder your plugin lives in
        'api_url' => 'https://github.com/Jeradin/acf-website-field', // the github API url of your github repo
        'raw_url' => 'https://raw.github.com/Jeradin/acf-website-field/master', // the github raw url of your github repo
        'github_url' => 'https://github.com/Jeradin/acf-website-field', // the github url of your github repo
        'zip_url' => 'https://github.com/Jeradin/acf-website-field/zipball/master', // the zip url of the github repo
        'sslverify' => true, // wether WP should check the validity of the SSL cert when getting an update, see https://github.com/jkudish/WordPress-GitHub-Plugin-Updater/issues/2 and https://github.com/jkudish/WordPress-GitHub-Plugin-Updater/issues/4 for details
        'requires' => '3.0', // which version of WordPress does your plugin require?
        'tested' => '3.3', // which version of WordPress is your plugin tested up to?
        'readme' => 'README.md', // which file to use as the readme for the version number
        'access_token' => '', // Access private repositories by authorizing under Appearance > Github Updates when this example plugin is installed
    );
    new WP_GitHub_Updater($config);
}

When I click on the link (either from the plugins.php or the update-core.php pages) for the details of the update, I get this error in the thickbox:

An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.

Any idea how to override/fix this?

Hi,

I have to admit I came across this bug when amending my own plugin code to use your class_exists syntax - previously I had wrapped the class in the else also e.g:

if ( class_exists( 'WPGitHubUpdater' )  ) return;

After doing this I started getting random class redeclaration errors. After a lot of investigation I realised it was because xcache was causing the class to be loaded before the return statement. In essence it incorrectly scopes the class outside the return statement.

There are youtube videos demonstrating the problem at stackoverflow:
http://stackoverflow.com/questions/17603403/php-cannot-redeclare-class-error-after-return

It caused me a massive headache trying to work out what was going on. As xcache is used a lot in the wild I thought you might like to know. I would recommend setting up a autoloader or wrapping the class in else tags e.g.

if ( class_exists( 'WPGitHubUpdater' )  ) return;
else {
    class WPGitHubUpdater {
        ...
    }
}

Hey guys,

any ideas if it would work with Gitlab? If not, any ideas of alternatives for Gitlab?

Thanks in advance, great work!
Juan

if ( ! empty( $this->config['access_token'] ) )
    $query = add_query_arg( array( 'access_token' => $this->config['access_token'] ), $query );

Why not check for an access token? This can cause bad requests I believe.
Also, why not make a function to build your queries? They are redundant now.

Concept:

function do_request( $query ) {

if ( ! empty( $this->config['access_token'] ) )
    $query = add_query_arg( array( 'access_token' => $this->config['access_token'] ), $query );

$request = wp_remote_get( $query, array( 'sslverify' => $this->config['sslverify'] ) );

// check wp_error? or return it directly

return $request

}

I get this error here: wp-admin/plugins.php?page=github-updater

Warning: call_user_func() expects parameter 1 to be a valid callback, no array or string given in /home/ds2601/public_html/wp-admin/includes/template.php on line 1297