[5.4] Implement autoupdate plugin events

[SniperSister]

Summary of Changes

This PR adds a new plugin event that allows 3rd party extensions to stop automatted updates. This allows 3rd party developers to i.e. enforce special conditions like "only perform auto updates if a backup using my backup extension has been performed in the last 24h".

Furthermore, this PR also fixed the version number in the "failed update" notfication that is sent when an update is blocked by a plugin.

Side note: A new "after update" event is not required, as the default after update event will be called.

Testing Instructions

• Prepare a publicly accessible Joomla 5.4 installation
• Apply the patch
• Install and enable the demo plugin plg_autoupdatepreventer.zip - this plugin will stop any automatted updates
• Allow auto updates for your test site by following the instructions in Testing Automated Updates for 5.4.0 and 6.0.0 pre stable release #45540

Actual result BEFORE applying this Pull Request / or after disabling the plugin

• Auto updates are performed in within the first 24 hours

Expected result AFTER applying this Pull Request

• No auto updates are performed
• The "failed update" notifications contains correct version numbers.

Link to documentations

Please select:

• Documentation link for docs.joomla.org:

• No documentation changes for docs.joomla.org needed

• Pull Request link for manual.joomla.org:

• No documentation changes for manual.joomla.org needed

[laoneo]

I clearly see the use case for this. But might it not be against the whole idea of automated updates when a plugin can stop it. I see this problematic when a high security release is shipped and a plugin blocks the update. Leaves a site vulnerable for an amount of time. Not saying this is a bad idea, but needs probably also some way to ignore it in emergency cases.

[SniperSister]

But might it not be against the whole idea of automated updates when a plugin can stop it

Allowing users to disable automated updates is also aginst the whole idea ;)

At the end of the day, we can only offer the service as an option, it's up to the users to decide if and how they use it.

[Fedik]

In my opinion the feature should be fully transparent.
User must be able to look the configuration and clearly say "is it enabled" or "is it disabled", nothing in between.

Because for example when I enable autoupdate, and it suddenly stop working because some extension decided to stop it, what should I do, how I find a reason? I will go to Joomla and complain "your stuff is broken".
It going to be a negative experience for end User.

[SniperSister]

User must be able to look the configuration and clearly say "is it enabled" or "is it disabled", nothing in between.

So, how would that work with the mentioned example of a backup extension enforcing a backup created within the last x hours? It's a pretty obvious usecase. Should that extension disable the respective parameter in the config of com_joomlaupdate?

[Fedik]

I think some kind of lock file, method that is often used for avoiding such conflicts.
User also can check for they present in case of misbehavior.

Probably 2:
update.lock for active update process, when it is present then the backup extension do not start;
backup.lock for active backup process, when it is present then the update (and autoupdate) do not start;

[SniperSister]

But we would need a lockfile per extension to avoid locks of extension A being cleared by extension B, so that quickly becomes complex. It would also require extensions to do periodic checks if the update conditions are still met to write that lockfile upfront, leading to potential race-condition-like situations where an update could be installed now, but the extension has not cleared the lock yet.

I'm not necessarily against it, just trying to weight effort (for initial implementation and maintenance) against the extra benefit.

[Fedik]

But we would need a lockfile per extension to avoid locks of extension A being cleared by extension B, so that quickly becomes complex.

Hm, why? we just need one, for common agreement the backup extension will use the one. it could hold timestamp, and extension name when needed, but could work just empty.

upd: I mean, internally each backup extension could use anything, own lock file etc. But for Joomla they have to provide the lock file that we agree.

[Fedik]

hm, but if the following message is logged somewhere

joomla-cms/administrator/components/com_joomlaupdate/src/Model/UpdateModel.php

Line 561 in b4db17b

throw new \Exception(Text::_('COM_JOOMLAUPDATE_VIEW_UPDATE_STOPPED_BY_PLUGIN'), 503);

Then use the event is probably fine

[SniperSister]

hm, but if the following message is logged somewhere

You mean logfile-like logging? Or something that's UI-accessible?

[Fedik]

You mean logfile-like logging? Or something that's UI-accessible?

Log file.
Could also be something in our Actionlog. Similar as we have for update.

[ChristineWk]

I have one: currently: 5.4.0-alpha3-dev
I did the following:
Update Server: Standard

Autoupdatepreventer Zip installed & activated.
Automated Updates: activated.
I also received an update token after saving the second time.
Patch activated (= OK?)
I don't know (yet) whether my steps were/are OK or whether they were successful.
(I just didn't understand the last few posts).

[muhme]

Update Server: Standard

@ChristineWk Did you install Alpha Update Server plugin from 45540? If you install it, then you are using the Alpha Joomla Update Server:

After installation of the plugin, you can try Joomla check for (manual) update and version 5.4.110 will be offered. Do not install manually! Enable automated updates and within 24 hours the update should be done and you will receive an email like I did last night. Good luck

[ChristineWk]

@muhme Thank you for your information!

• I installed Alpha Update Server and it was automatically activated. It was not visible in Update Source.

• After (re)enabling Automated Updates:

• Error while registering to automated update service: cURL error 28: Failed to connect to my site port 443 after 5001 ms: Timeout was reached (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://my site /api/index.php/v1/joomlaupdate/healthcheck (500).

• I tried again and now it appears hurray:

• Should I do Start update? I haven't done it yet.
• I haven't activated Patch Tester. Should I do now?
  Because: It should prevent the update via the Autoupdatepreventer zip. Correct?
  Sorry if I'm doing something wrong.

[SniperSister]

@ChristineWk I assume it's a publicly available site, not a local instance, correct?

[ChristineWk]

@ChristineWk I assume it's a publicly available site, not a local instance, correct?

Yes (sorry) it's a public test-site.

[muhme]

@ChristineWk

It was not visible in Update Source.

It is visible if you go to System > Plugins > System - Alpha Update Server

Should I do Start update?

No, this is the manual Joomla update. You have to wait 24 hours for automated update happens.

Once the Automated Update was successul, then you have verified Automated Update is working without this PR. Next step is to install again fresh, this time from full package build (see All checks passed > Download > Joomla_5.4.0-alpha3-dev+pr.45696-Development-Full_Package.zip or having standard 5.4-dev installation and install Patch Tester and Apply Patch 45696. Then you install and enable the demo plugin plg_autoupdatepreventer.zip. No automatic update should take place within the next 24 hours. You can also test that with this PR and without plg_autoupdatepreventer the Automated Update is still working.

[SniperSister]

@ChristineWk your webhost is blocking incoming connections from the update server

[richard67]

@SniperSister We have PHPstan errors here: https://github.com/joomla/joomla-cms/actions/runs/16826769169/job/47665049300?pr=45696

[muhme]

Another attempt to test: Installed from Joomla_5.4.0-alpha4-dev+pr.45696-Development-Full_Package.zip two times joomla-test.heikol.de and joomla-test2.heikol.de

• Unregistered from Automated Updates
• Only on joomla-test.heikol.de installed additional plg_system_autoupdatepreventer and enabled it
• Log Almost Everything enabled
• Installed 'System - Alpha Update Server' plugin
• Checked with manual update 'Joomla Update to Joomla! 5.4.112 is available
  • This step took some hours for first site, unknown what was the reason, even reinstalling didn't help and it states: 'Update not possible because the offered update has expired.', expired timestamp on alpha tuf needs to be fixed
  • For 2nd site, first check gave 'Update not possible because the offered update has expired.', second check is working and offering 5.4.112
  • Updated 'Database Table Structure Up to Date' as this is mandatory requirement for update
• Enabled Automated Update
• 10 Aug 11:46 UTC 1st site (with enabled plg_system_autoupdatepreventer)
• 10 Aug 11:56 UTC 2nd site is updated to 5.4.110 and email was sent

Results after > 24 hours

• ✅ 1st site (with enabled plg_system_autoupdatepreventer) is not updated

  • ✅ 1st site email was sent (and 24 hours later again, assume this will continue)
  • ❌ email and log file give no indication of the reason
    • email contains 'Your site could not be updated from 5.4.0-alpha4-dev+pr.45696 to 5.4.0-alpha4-dev+pr.45696. Please check the logfile '/administrator/logs/joomla_update.php' for further debugging information.'
    • Logfile contains only four times 'Downloading update file', no logging of failed update or the reason
    • Could we give the correct numbers (not be updated from 5.4.0-alpha4-dev+pr.45696)? And could we give the reason e.g. blocked by plugin, or other times seen preconditions are not fullfilled in either the email or the log file, or both?
    • ❌ administrator/logs/everything.php contains, starting every 15 minutes:

    2025-08-10T18:15:06+00:00       CRITICAL 52.14.131.139  error   Uncaught Throwable of type
        Tobscure\JsonApi\Exception\InvalidParameterException thrown with message "Invalid token". Stack trace: #0 [ROOT]/api/components/com_joomlaupdate/src/Controller/HealthcheckController.php(52): Joomla\Component\Joomlaupdate\Api\Controller\BaseController->validateUpdateToken()
    #1 [ROOT]/libraries/src/MVC/Controller/BaseController.php(730): Joomla\Component\Joomlaupdate\Api\Controller\HealthcheckController->show()
    #2 [ROOT]/libraries/src/Dispatcher/ApiDispatcher.php(61): Joomla\CMS\MVC\Controller\BaseController->execute()
    #3 [ROOT]/libraries/src/Component/ComponentHelper.php(361): Joomla\CMS\Dispatcher\ApiDispatcher->dispatch()
    #4 [ROOT]/libraries/src/Application/ApiApplication.php(433): Joomla\CMS\Component\ComponentHelper::renderComponent()
    #5 [ROOT]/libraries/src/Application/ApiApplication.php(116): Joomla\CMS\Application\ApiApplication->dispatch()
    #6 [ROOT]/libraries/src/Application/CMSApplication.php(304): Joomla\CMS\Application\ApiApplication->doExecute()
    #7 [ROOT]/api/includes/app.php(50): Joomla\CMS\Application\CMSApplication->execute()
    #8 [ROOT]/api/index.php(31): require_once('...')
    #9 {main}
    

• ✅ 2nd site is updated to 5.4.112

  • ❌ Only one email with 'our site could not be updated from 5.4.0-alpha4-dev+pr.45696 to 5.4.112. Please check the logfile '/administrator/logs/joomla_update.php' for further debugging information.' was received, Successful update email is missing
  • ✅ administrator/logs/verything.php contains:

  2025-08-10T11:56:45+00:00       INFO 52.14.131.139      update  Update to version 5.4.112 is complete.
  

  • ❌ but also the same exception every 15 minutes
  • ✅ administrator/logs/joomla_update.php contains:

  ...
  2025-08-10T11:56:45+00:00       INFO 52.14.131.139      update  Update to version 5.4.112 is complete.
  

  If email or log file content is helpful I can upload or send.

[SniperSister]

@muhme

❌ administrator/logs/everything.php contains, starting every 15 minutes:
❌ but also the same exception every 15 minutes

As mentioned before:

Expected behavior: your test sites are currently registered twice in the update server, with both the old and the new update token; the update server will re-try "unconnected" sites with the old token for a grace period and then remove them if the connection can not be restored

Could we give the correct numbers (not be updated from 5.4.0-alpha4-dev+pr.45696)? A

Unrelated from this PR.

And could we give the reason e.g. blocked by plugin, or other times seen preconditions are not fullfilled in either the email or the log file,

Added to the log file

✅ 2nd site is updated to 5.4.112

The frontend has an error message, please double check: https://joomla-test2.heikol.de/ - for the same reason no information message could be sent to you, the site returned an exception

[muhme]

Thank you @SniperSister and my summary after our discussion:

• The missing success email is caused by the automatic update with the outdated build package and leads to a partially defective instance in this current development status
• InvalidParameterException "Invalid token" is caused by registering the domain multiple times for Automated Updates, they are unavoidable and will end after grace period (currently 7 days)
• Out of scope of this PR created [5.4] Automated Updates – Email with wrong version number #45895
• Out of scope of this PR created [5.4] Automated Updates – Misunderstandable log messages #45897
• Missing reason for failed update is added to the email and can be tested
• As soon as we have created a new update package we can repeat the test

[SniperSister]

@muhme I included the fix for #45895 in this PR too as it otherwise would have been complicated to reliably create "failed" update attempts without the block mechanism implemented here

[exlemor]

@muhme I included the fix for #45895 in this PR too as it otherwise would have been complicated to reliably create "failed" update attempts without the block mechanism implemented here

Hi @SniperSister, I have just tested this and I have this in my joomla_update.php, is that a successful test in your mind? (just unsure if that is what I am supposed to get)

#Fields: datetime priority clientip category message
2025-08-15T09:30:11+00:00 INFO 52.14.131.139 update Downloading update file from https://downloads.joomla.org/cms/joomla5/5-4-113/Joomla_5.4.113-Stable-Update_Package.zip.
2025-08-15T09:30:11+00:00 INFO 52.14.131.139 update Downloading update file from https://downloads.joomla.org/cms/joomla5/5-4-113/Joomla_5.4.113-Stable-Update_Package.zip.
2025-08-15T09:30:11+00:00 INFO 52.14.131.139 update Downloading update file from https://github.com/joomla/joomla-cms/releases/download/5.4.113/Joomla_5.4.113-Stable-Update_Package.zip.
2025-08-15T09:30:12+00:00 INFO 52.14.131.139 update Downloading update file from https://update.joomla.org/releases/5.4.113/Joomla_5.4.113-Stable-Update_Package.zip.
2025-08-15T09:30:13+00:00 ERROR 52.14.131.139 update Update stopped by plugin.
2025-08-15T10:45:11+00:00 ERROR 52.14.131.139 update Update stopped by plugin.
2025-08-15T12:15:12+00:00 ERROR 52.14.131.139 update Update stopped by plugin.
2025-08-15T13:30:12+00:00 ERROR 52.14.131.139 update Update stopped by plugin.

[SniperSister]

@exlemor looks good to me! I assume you also received notification mails?

[exlemor]

I have tested this item ✅ successfully on 63998ca

I have successfully tested this. Thanks @SniperSister!

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/45696.}

[exlemor]

@exlemor looks good to me! I assume you also received notification mails?

yes :)

[muhme]

I have tested this item ✅ successfully on 012d44f

Installed manually from Joomla_5.4.0-beta2-dev+pr.45696-Development-Full_Package.zip two times joomla-test.heikol.de and joomla-test2.heikol.de

• Disable Automated Updates and delete Installation folder
• Only on joomla-test.heikol.de installed additional plg_system_autoupdatepreventer and enabled it
• 'Log Almost Everything' and 'Debug System' enabled
• Installed 'System - Alpha Update Server' 0.6.1 plugin
• Checked with manual update 'Joomla Update to Joomla! 5.4.113 is available (needed twice)
  • Fixed Database structure
• Enabled Automated Update
  • ✅ 10:50 EST 1st site (with enabled plg_system_autoupdatepreventer) is not updated
    • Emails (every 75 minutes): Your site could not be updated from 5.4.0-beta2-dev+pr.45696 to 5.4.113.
  • ✅ 10:53 EST 2nd site is updated to 5.4.113 and email was sent:
    • Email: Your site has been successfully automatically updated from 5.4.0-beta2-dev+pr.45696 to 5.4.113.

Observations

1. With everything an exception is logged, this is the current API behaviour:

   2025-08-25T08:50:45+00:00       ERROR 52.14.131.139     update  Update stopped by plugin.
   2025-08-25T08:50:45+00:00       CRITICAL 52.14.131.139  error   Uncaught Throwable of type Joomla\CMS\MVC\Controller\Exception\CheckinCheckout thrown with message "Update stopped by plugin.". Stack trace: #0 [ROOT]/api/components/com_joomlaupdate/src/View/Updates/JsonapiView.php(84): Joomla\Component\Joomlaupdate\Administrator\Model\UpdateModel->prepareAutoUpdate()
   #1 [ROOT]/api/components/com_joomlaupdate/src/Controller/UpdatesController.php(85): Joomla\Component\Joomlaupdate\Api\View\Updates\JsonapiView->prepareUpdate()

2. If Automated Updates are deactivated via plugin, the package will be downloaded again and again on the next attempts.
3. PHP warning found, see [5.4] PHP Warning: Array to string conversion in HTMLHelper.php #45977

   ---

   _{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/45696.}

[muhme]

RTC

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/45696.}

[richard67]

Thanks all (author, reviewers and testers).