[support] drupal upgrades? automated?

Dave Stevens geek at uniserve.com
Sat Feb 4 20:56:02 UTC 2012 

Quoting Ursula Pieper <dramamezzo at gmail.com>:

> Automated updates are a tricky thing, because they might break things in
> contributed modules. I have a development and a production site of each of
> my sites. I first update the development site, run a few pre-defined
> checks, and then update the production site. And if something broke on the
> development site, I first look for a fix. And yes, things do break.

Thanks for this. I am not a developer of contributed modules, so I am  
not sure about such issues. But it makes me wonder about the state of  
documentation for modules. It seems it would be very useful to have  
clear statements about coding standards and perhaps some automated  
verification of the module. I mean apart from 'run it and see how hard  
it breaks.' Static programming languages have long faced the issues of  
clear definitions of the actions evoked by statements and have an  
elaborate structure of checking to improve confidence in the results.  
Of course, from my newbie perspective, I have no way to know if the  
internal structure and design of the core is sufficiently stable and  
clear to form an adequate basis for such an effort. Is it? And are  
standards in the browser and server ecosystem clear enough?

Dave

>
> I use drush for backup and updates, just a couple of commands, no
> time-consuming pointy-clicky business.
>
> Ursula
>
> On Sat, Feb 4, 2012 at 10:28 AM, Dave Stevens <geek at uniserve.com> wrote:
>
>> Dear All,
>>
>> Recently I got an email from my drupal 7.10 site informing me that
>> there was an update available to version 7.12. The link took me to a
>> pink hued page where I was told that it was advisable to correct a
>> security problem by upgrading to 7.12. I am then informed that there
>> is no automated upgrade, but that instructions are available to
>> manually back up files and databases then carry on with a manual
>> upgrade.
>>
>> I see this as a real issue with the design of Drupal. It is all very
>> well to find vulnerabilities and announce them, with fixes, but if
>> there is no simple, automated way to apply the fixes there will
>> inevitably be a lot of unpatched cms's out there running outdated and
>> known-vulnerable versions of Drupal.
>>
>> The developers may, for all I know, be working hard on an automated
>> update and patch mechanism. Can anyone tell me if this is the case? Am
>> I doomed to continue manually applying security fixes as long as I
>> persist with Drupal? I dumped Win95 a long time ago and have really no
>> wish to regress this way.
>>
>> Dave
>>
>>
>> --
>> It is told that such are the aerodynamics and wing loading of the
>> bumblebee that, in principle, it cannot fly...if all this be
>> true...life among bumblebees must bear a remarkable resemblance to
>> life in the United States.
>>
>> -- John Kenneth Galbraith, in American Capitalism: The Concept of
>> Countervailing Power
>>
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
>



-- 
It is told that such are the aerodynamics and wing loading of the  
bumblebee that, in principle, it cannot fly...if all this be  
true...life among bumblebees must bear a remarkable resemblance to  
life in the United States.

-- John Kenneth Galbraith, in American Capitalism: The Concept of  
Countervailing Power

More information about the support mailing list