Plugin Directory: Block SVN commits if someone uses the Update URI

[Ipstenu]

While we do check for those things on submission, people are silly and forget and add things back in (this is also to answer to: "How did THAT make it past a review!?!").

Can we search the 'main' PHP file for

Update URI:

in the plugin headers? It may have a false positive down the line, but I can't think of who would legit use it in a plugin hosted on .org

[alanfuller]

According to the docs - unless I misunderstand ( in which case they need to be clarified), then it is valid to have Update URI containing ​https://wordpress.org/plugins/{$slug}/ or ​https://w.org/plugin/{$slug} uploaded to the repo so these would need to be parsed ( or change the documentation )

​https://developer.wordpress.org/plugins/plugin-basics/header-requirements/

​https://make.wordpress.org/core/2021/06/29/introducing-update-uri-plugin-header-in-wordpress-5-8/

[Ipstenu]

@alanfuller You can, yes, but honestly given the potential for problems (someone just had an issue where their plugin won't update because they put it in) and the difficulty in programmatically checking if the URL is valid, it seems more sensible to just say "No, not here please."

[alanfuller]

So ideally remove mention of wordpress.org {slug} from the docs?

[dd32]

#5747