This talk is about automatic updates of WordPress. They are brilliant for security and as far as I know core updates are really well tested and they don’t introduce breaking changes.
For plugins and themes it’s quite different story. Many of them are abandoned or completely changed over the years. This is the breaking point for so many users and inexperienced developers and they will just disable the updates. They are scared of breaking their sites just as we were. But if the updates are turned off the sites will get heavily exploited. So what should we do?
This is our story of how we disabled all automatic updates last year. Why we did it and the struggle we had. In the end we learned a few things about testing, automation and security.
We will visit topics like package management with composer, integration testing and continuous integration.
Don’t try this at home.