Home / Product Reviews / Automatic Updates for Joomla 
Product Reviews
Aug
26
2008
Automatic Updates for Joomla
Written by Steve Burge   
Avatar

If you subscribe to the Joomla Extensions Directory RSS feed, you can see the future of Joomla pass before your eyes. Sure, there are a lot of "me-too" listings but at least once a week there's something new and exciting.


The latest extension to catch my eye is an automatic installer and updater. Its key selling point? It allows you to install just one extension and use that install and updates dozens of others. No more registering, downloading, uploading and looking out for updates.

updater.png

Potential Upsides?

  • You don't need to keep an eye out for updates to your favorite extensions.
  • This makes running a Joomla site much, much easier and more secure for non-technical users.
  • So far, they've made wise choices, recommending some very good extensions.

Potential Downsides?

  • You need to have complete trust in whoever is delivering the updates. A mistake or virus in their files could corrupt your site.
  • I'm not 100% sure of the legality of distrubiting some extensions such as JCE that need a subscription.
  • It only supports a small percentage of all the extensions you might use.
  • You won't be able to edit any extension files as they'd be overwritten by the next update.

Overall, I don't know the Intellispire developers so I don't know if they have the business and marketing ability to make this product succeed. However if they don't, I'm sure someone will. This looks like the future of Joomla.

 

Read more articles by this author:

Comments  

 
#1 Copes Flavio 2008-08-26 09:36
That's something I've always wanted for Joomla.

Being a WordPress user it's nice to upgrade the plugins via the automatic built-in interface.
They've done it using a central repository for the extensions.

That's something interesting that I've always wanted to talk about, as Joomla has tons of extensions but it's a tedious thing to upgrade each extension separately: notice that there's a new version, download, uninstall the old version, reinstall it.. well, we've got so little time

:-)

WP notifies plugin upgrades and lets you upgrade them in a click! Fantastic!

I wish that one day this will be a normal task in Joomla, but how to do that?

- create a central repository (joomlacode is just fine)
- adopt a standard way to upgrade the extensions
- enable only the extensions that follow the standard to upgrade themselves automagically
- perform some sort of control over the automatic updates to ensure everything is going the right way and not compromise 1000s of websites in one click because of a sniffed joomlacode password.

If the above mentioned extension works, maybe this this should be integrated in Joomla! Why not? :D
Quote
 
 
#2 Rick Russell 2008-08-26 10:36
Finally! Good god I hope the developers look over this and make an Official Component. I think this will keep a lot of users from going to Wordpress. This is one feature that many people ask me about when I tell/teach them about Joomla.
Quote
 
 
#3 Kesepian Loneliest 2008-08-26 14:40
I wish they could do this for Joomla 1.0.x. too.
Quote
 
 
#4 Brian Teeman 2008-08-26 14:40
I really cant say I like this.

1. You dont get to check the code before you install
2. Its not direct from the developer so may have been changed
3. Its not direct from the developer so may have been changed
4. Its not direct from the developer so may have been changed

From a security perspective this is a potential nightmare.
If the intellispire server was hacked (and it does happen) and a file changed then the hacker is able to inject all the users site with his infected code.

Sorry but unless each developer individually pgp signs their extension that you can check on the developers own site this is a big NO NO for me.

Nice idea but not quite there.
Quote
 
 
#5 Klaus Nitsche 2008-08-27 09:15
Careful with that axe, Eugene.

To me, it sounded good initially, but the more you think about it, the more difficult points arise.

Brian mentions a major security concern that I agree with. Sound security mechanisms are an absolute necessity for this process to work.

My other concern is code quality. I don't know to which extent Intellispire tests new releases before sending them downstream. As nice as a point-and-click update is for many users, you run the risk of having a dead website if a major error is contained in the update.

I'm rather on the conservative side here: Run an update on the local install, test thoroughly, and then do the same process on the production site, that's how I'm doing things.

Kind regards,
Zorro
Quote
 
 
#6 guysmiley 2008-08-27 19:39
Mmmmm... I've waited for this for a long time.

When Ubuntu ships an update, do I investigate the code before installing? I don't know anyone who has this kind of time. Same goes for Azrul's code, Ryan Demmer's, Joomla! core, etc. The bottom line: I only run applications (in Joomla! and on my OS) that originates from a provider I trust (as much as possible) and has a history of solid work.

I agree, Steve. This is the future of Joomla (notice I dropped the '!'). I'm not convinced that a 3rd party like Intellispire should be the entity governing updates to all 3rdparty apps, but it sure is easy. And, as we know from watching the way the world works, the world sure loves easy... Not hard to see where this is going.
Quote
 
 
#7 Brian Teeman 2008-08-28 08:31
Guysmiley you make a very valid point
Quote:
: I only run applications (in Joomla! and on my OS) that originates from a provider I trust (as much as possible) and has a history of solid work


Whilst I trust the developers of JCE explicitly as they have shown over time to be worthy of that trust how do I trust intellispire. Remember that they are not just taking the download from JCE and offering it to you, they have to modify it first to work with their updater
Quote
 
 
#8 Debo Ogunrinde 2008-08-28 13:01
I have used this component and love it... IMO, this is the future of Joomla as it will revolutionize the use of Joomla...While all the comments about security etc are kind of valid, the truth however is that the same comments can be said of "all" open source projects including joomla and its components/plugins etc...whenever, I see a new component I like at Joomla extension, I usually install in a test site first, before live site..Last but not least...for newbies like myself using/learning Joomla...this is a NO BRAINER...
Quote
 
 
#9 Nick Temple 2008-08-28 21:40
Lots of good discussion. There are two points I'd like to clear up: first, the Updater doesn't change a typical backup, install, test locally; backup, install on production, test cycle.

It just makes it faster and easier.

Quote:
Remember that they are not just taking the download from JCE and offering it to you....


Actually, that's exactly what we're doing.

As a general rule we do NOT modify extensions (though sometimes the installers have to be modified).
We just package them, using an updated format as documented here:

http://www.intellispire.com/web/developers/jooml-package-manager.html
(a little outdated but basically correct)

I'd like to get to the point we can apply patches as well: simple things to fix like sh404SEF breaking VirtueMart is really annoying and can take ages for the developers to release new fixes.

The goal is to use "virgin sources", just like RedHat does with its RPM packaging system. Joomla makes that difficult for a variety of reasons.

To have technical "trust", joomla is going to need some sort of public key infrastructure - there's no technical way outside of running a diff on the files you can verify what I said is true.

To trust the company, you're just going have to use the software and participate in the process - put in a support ticket, ask people who have used our services, etc.

Finally, the Updater is in addition to the standard installer, not a complete replacement for it. Since we _do_ test everything that goes through, you won't find all extensions available in it: but the ones you do find will be tested, pretty much stable and actually supported.

We're always looking for suggestions on how to improve the service, I look forward to further conversations.

Nick Temple, Founder
Intellispire
Quote
 
 
#10 Ulas ALKAN 2008-08-29 02:51
i will try this extension now but a dream for a every joomla web site owner comes to real world ;-)
Quote
 

Add comment


Security code
Refresh