Skript: Improve Skript updater

Created on 18 Nov 2016  路  6Comments  路  Source: SkriptLang/Skript
  • [ ] Add an option to flag versions as "unstable", since there are ones that are
  • [ ] Re-implement jar downloading
enhancement low
Source
picture bensku

Most helpful comment

The config option for automatic downloads should be false by default as we can't release exactly stable versions yet, but a command to download (already exists) the new release is good.

picture Blueyescat on 19 Nov 2018
👍2

All 6 comments

Just to suggest a thing, I have a class to download from Github and replace the jar when the server is shutting down. It always worked nice and so far, no one reported a issue with it. GitHubUpdater.class (Not the best code and I also didn't know about GitHub API).

It is a little outdated but the idea works.

@Override
public void onDisable() {
    HandlerList.unregisterAll(this);
    Bukkit.getScheduler().cancelTasks(this); //It's better to remove all tasks and event handlers
    if(updater.hasDownloadReady(true)){ //It checks if there is a downloaded file at plugin's folder
        updater.updatePlugin(); //It will delete the current jar and move the downloaded one to plugins' folder
    }
}

I can help you to improve the current one from Skript. What I'm not sure is how would we detect a unstable version? we could use the option "pre_release" for example.

Tuke-Nuke picture Tuke-Nuke on 20 Mar 2017
1

Well, the thing is, normally I flag everything as pre-releases, but sometimes I have highly experimental builds. Pre-release will ask user to update to later pre-releases, and stable (not pre-release) will only ask to update to stable versions. However, not everything I throw into Github should be updated, ever...

bensku picture bensku on 3 Apr 2017

Updater rewrite is probably going to be ready this fall. Now, it is time to ask an important question.

Do we want automatic Skript jar downloads?
If yes, we would have to at least sign all releases and verify signatures when downloading, for security reasons. Doing this wrong would be a serious security issue.

So, what do you think? Is some convenience for users worth the time to make autoupdates secure? Would it make people update Skript faster? And even if the answers are 'yes' and 'yes', can we make it safe enough?

bensku picture bensku on 19 Nov 2018

I think it's a good idea to improve Skript updater, but, I don't have the experience required for security. I cannot therefore comment on this subject.
As for my positive point of view, if a user wants to test the latest news to find possible bugs and be able to report them to us, it's very interesting. This will also avoid using the github to download the latest version.

Olyno picture Olyno on 19 Nov 2018

The config option for automatic downloads should be false by default as we can't release exactly stable versions yet, but a command to download (already exists) the new release is good.

Blueyescat picture Blueyescat on 19 Nov 2018
👍2

Was done for 2.3 beta releases.

bensku picture bensku on 2 Feb 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Anoniempje1234 picture Anoniempje1234  路  3Comments
TheClassic36 picture TheClassic36  路  3Comments
ghost picture ghost  路  3Comments
jaylawl picture jaylawl  路  3Comments
TrademarkTM picture TrademarkTM  路  4Comments