bozdoz
commented
1 year ago Hey thanks! :)
Closed frerghost closed 4 months ago
bozdoz
commented
1 year ago Hey thanks! :)
frerghost
commented
11 months ago Are there any updates or timeline on this?
Thanks!
bozdoz
commented
11 months ago I don't really understand the issue. Could you explain your expectations and how they differ from what you experienced?
frerghost
commented
11 months ago Not to be rude, but the Issue was pretty self explanatory. You submitted a plugin to WordPress - and thank you - however it does not announce updates. That is a pretty static rule in WordPress. Second, it uses a far outdated version of Leaflet. Now, to you perhaps no big deal. To the WordPress community it is pretty serious because I as a consumer have no idea when to update. In the extrapolation of that, if I run insecure products not only could I pay the price for security issues, it could present with a potential for botnet hacking. In essence, you created a plugin for the moment and not for the long haul. That lapse in security, as well as features, creates a significant problem. SMH
I could go a lot deeper, but certainly that alone should make sense.
bozdoz
commented
11 months ago Doesn't.
This plug-in is semi regularly updated.
In fact, the only reason you saw the version warning is because we try to keep it up to date.
frerghost
commented
11 months ago I would normally agree and will document but it never updates in the WordPress. Below is the same message I got and still happens today. Current version: https://leafletjs.com/ 1.93.4
Not splitting hairs, but running WordPress v 6.2.2 I have NEVER received any Plugin notification to update and did it manually because the code did not jive. And now even the message is wrong.
And from WordPress,
Info: your leaflet version may be out-of-sync with the latest default version: 1.9.3
Screenshot from what displays: https://imgur.com/a/y4gQR9V
Not trying to bust your balls, but I like the plugin; however it is a security issue now. Would appear that when I first reported this as an Issue earlier, there has been no upgrade even from the code you had back some months ago.
See generally the last time I manually updated on 16 May 2023 only which triggered my Issue Notice on this.
bozdoz
commented
11 months ago I still don't understand this concept of busting my balls. What is the issue here? I'm the one who added that leaflet version out of date message. Not Wordpress. So from my perspective, this is working great. And yes, I don't usually work on side projects in the summer, so it's been a while since my last update.
hupe13
commented
11 months ago The plugin uses the leafletjs library. This is downloaded from external site by default and the url can be changed in the settings by the user. The message indicates that the version of the default setting is no longer up to date and should be changed. This has nothing to do with the updates of WordPress and the plugin.
So, saw "Info: your leaflet version may be out-of-sync with the latest default version: 1.9.3" when I opened the WP plugin today. That got me to thinking that I ought to check the version of Leaflet Map (LM). When I did, I found out it was WAY old. I downloaded the zip from the Code, extracted and installed in cPanel. Kicked off an error. Realized that now I had to rename the file installed back to leaflet-map.
The issue here is that a) WordPress never advised me there was an update; and b) the issue with renaming (I figured it out, but might consider doing the flip in the installer). The Info issue is probably a deal as it is now v1.9.4 located here (#8967):
https://github.com/Leaflet/Leaflet
Not sure if that is the issue with the Info notice that appears as I haven't really dug much. Just FYI
Thanks for a great product and have a great day!
WP v6.2.2 Leaflet Map v3.3.0