Check Add-On update [Deleted]

  • Thread starter Thread starter Deleted member 232995
  • Start date Start date
Finexes said:
Happens for every add-on I use. Example:

2:53AM: Alert, that there is an add-on update (in this case it was s9e Media Sites)
11:37AM: I update the add-on
12:13PM: Alert, that there is an add-on update (and no, there is none)
Click to expand...
i have just tried to reproduce this. Without success. Nevertheless, I make changes and hope that it will be better.
 
Finexes said:
A few things I noticed:
  • I get periodically logged out from xenforo.com and have to re-enter my login credentials
  • After updating an add-on, I get a second alert, that there is an update available (happens everytime)
Click to expand...

This is still ongoing for me @0815
 
Screenshots please, so we can see what add-ons this behavoir trigger.

I updated today add_ons from Xon - no problem, no double notifikations.:unsure:
 
This is a little bit weard. I have 3 forums on the same server, 2 have this "issue" and one nothing.

Maybe as a suggestion, let the admin have the option to enable/disable these alerts.
 
Excellent addon idea... Wondering why something like this is not part of the core XF functionality?

Some suggestions for improvement
  • Make the "Go to update"-button instead be "Download" and link directly to /download of the addon page
    • I'm assuming in 95% of the cases, the person doing this action already has an account on XF and is already logged in..
    • If there is "reason" to go to update page, maybe make it optional to swap the button with an addon option? :)
      • I would rather directly download than have to open a new tab to click download (lazy yep) :D
  • Option to hide the infobox asking for my XF credentials since I will never use something like that unless it is Oauth/SSO (Why do I even need to login???)
    1665319771584.png
    • What is the full functionality?
    • Very scary to give credentials to a 3rd party app to do a login...
      • How are these credentials stored? plain/encrypted?
      • Just an idea, would it be possible to instead utilize something like Oauth + https://xenforo.com/community/pages/api-endpoints/ to connect and limit the scope to the "resources" endpoint. Seems much safer? Also still don't know why I would need to login through 3rd party..
    • But again: why require login at all? You should be able to simply link to the /download endpoint of the addon (e.g. Like this ) and assume that the admin doing the update has access to that page..
      • Otherwise this also allows another admin to perform actions (download in this case) on another persons credentials.. This should clearly be noted somewhere.. It is benign in this case, but by storing my credentials there I would allow another admin on my site to "fake activity" on the XF site, which is probably not good from a Cyber Security POV.
  • Remove the 1665319784534.pngbutton, or make it optional to hide it from options
    • It is very "attention grabbing" with Orange button in UI, and I don't think the "Core ACP views" are the right place to beg for donation.. (Rather ask for it on the addon overview page...)
And again, nice addon! :) 👍
 
Fatih Ozcan said:
@0815 I get notifications from time to time even though there are no new addon updates.
Click to expand...
mcatze said:
@otto there is no update…
Click to expand...
Do you guys perhaps have "ignored addons" that might have possible update? (Thinking this could be a bug that those are not filitered out in the alert check?)

Another suggestion:
Only alert about new updates for addon(s) once..
Now it seems I get a notification from time to time, even though nothing has changed.. There are some that I still haven't updated, but that shouldn't keep alerting me :)
1665325676804.webp
 
Is there some way to quickly see which addons have been ignored? I ignored a few of mine, but will likely update them later.. Hard to know which since I can't see any indicator for which they are?
 
Last edited:
mazzly said:
Sehr beängstigend, einer Drittanbieter-App Anmeldeinformationen zu geben, um sich anzumelden ...
Click to expand...

All information remains on your server. This can be checked by anyone who understands PHP and is happy to confirm this here.


mazzly said:
Excellent addon idea...
Click to expand...
Thanks :)

mazzly said:
But again: why require login at all? You should be able to simply link to the /download endpoint of the addon (e.g. Like this ) and assume that the admin doing the update has access to that page..
Click to expand...
It's just to make it easier and faster and as already written, it doesn't have to be used. Those who do not store their login information must click on "Go to download" and do everything manually.

Apart from that, since it is not the XF account but the forum account - you could also - if you are "afraid" to create a 2nd account and use this...


mcatze said:
Maybe as a suggestion, let the admin have the option to enable/disable these alerts.
Click to expand...
mazzly said:
but that shouldn't keep alerting me :)
Click to expand...
I will continue to make improvements here.


mazzly said:
Is there some way to quickly see which addons have been ignored? I ignored a few of mine, but will likely update them later.. Hard to know which since I can't see any indicator for which they are?
Click to expand...
Here, too, I will make improvements.


mazzly said:
Remove the
1665319784534.png
button, or make it optional to hide it from options
  • It is very "attention grabbing" with Orange button in UI, and I don't think the "Core ACP views" are the right place to beg for donation.. (Rather ask for it on the addon overview page...)
Click to expand...
All my add-ons follow this design line.
Honestly, I don't see any significant problems there, unfortunately, and you are also the first to be bothered by it. Should not mean that it is therefore less of my attention. If there are other users who are bothered by it - I am quite ready to change it.


mazzly said:
Otherwise this also allows another admin to perform actions (download in this case) on another persons credentials.. This should clearly be noted somewhere.. It is benign in this case, but by storing my credentials there I would allow another admin on my site to "fake activity" on the XF site, which is probably not good from a Cyber Security POV.
Click to expand...
I oriented myself with the idea with the login the Add-On of ChrisD. The link was given to me in connection with the suggestion to include this.
xenforo.com

Add-on Install & Upgrade

Chris Deeming submitted a new resource: Automatic Add-On Installer and Upgrader (version 0.1) - Install and Upgrade add-ons. No FTP required. Please consider donating if you find this add-on useful. I am on a mission. Hopefully, not an impossible one :) My mission is to simplify the...
xenforo.com xenforo.com

to offer this I have 2 options.
a) like ChrisD did - to store username and PW.
b) or my idea - a cookie stored on the server without storing the username/PW.

Both can be abused.... But then this applies to everything. You should already know which add-ons you install.



mazzly said:
And again, nice addon! :) 👍
Click to expand...
THANKS!😍🥰
 
0815 said:
All my add-ons follow this design line.
Honestly, I don't see any significant problems there, unfortunately, and you are also the first to be bothered by it. Should not mean that it is therefore less of my attention. If there are other users who are bothered by it - I am quite ready to change it.
Click to expand...
Well the option to hide the nagging infobox should probably be added, because many people likely won't be using the login functionality (as it can be a security risk), so while you are adding the option to hide the infobox, you can in the same release add the "Show donate button"-option, it will take 30s extra of your time to add that + the template <xf:if="$xf.options.ShowDonateButton">....</xf:if> :)
 
0815 said:
All my add-ons follow this design line.
Honestly, I don't see any significant problems there, unfortunately, and you are also the first to be bothered by it. Should not mean that it is therefore less of my attention. If there are other users who are bothered by it - I am quite ready to change it.
Click to expand...
IMHO it is perfectly fine how it is, especially as this is a free add-on. Everyone can hide the button themselves by disabling the respective template modification in their ACP.
 
mazzly said:
Except for this one this doesn't seem possible? 🤔 (maybe because it is an admin:*-template modification..
Click to expand...
It is, you just have to enable deleveloper mode. Afterwards, there is a new tab on your template modifications page called "Admin" where you can disable it.
 
Finexes said:
It is, you just have to enable deleveloper mode. Afterwards, there is a new tab on your template modifications page called "Admin" where you can disable it.
Click to expand...
Oh boy, enabling developer mode in production site doesn't sound like a good idea :rolleyes:...

Also this should really be optional, as well as hiding the infobox nag about a feature that we don't want to use.. It is not good UI/UX to tell users that they have to enable "here be dragons"-mode just to hide something that doesn't need to be there in the first place..
 
You must log in or register to reply here.

Similar threads

Ozzy47
Check Add-On update Thread
2
Replies
39
Views
4K
mazzly
mazzly
U
  • Question Question
XF 2.2 What makes an add-on upgradeable?
Replies
3
Views
721
Jeremy P
Jeremy P
mazzly
Add-on Update Notifier
20 21 22
Replies
438
Views
24K
mazzly
mazzly
M
  • Question Question
XF 2.2 Something has gone very wrong with installing an add-on update
Replies
12
Views
952
MBJ86
M
Bethk84
Add-on Switch Accounts request
Replies
1
Views
401
siONtI
S
Top Bottom