Update Manager 1.0.1 is out!

Update Manager 1.0.1 is out!

The Update Manager plugin allows you to painlessly push updates to your ClassicPress plugin users! Serve updates from GitHub, your own site, or somewhere in the cloud. 100% integrated with the ClassicPress update process; super-slim and performant. Incredibly easy! Learn more :arrow_upper_right:

General Information

Even though I think most of us are already using Update Manager RC 2 in production, this is the stable release! Check your dashboard for the update! This release contains several minor bugfixes and improvements and brings us up to an official release. :partying_face:

Upgrade Notice

The Update Client file UpdateClient.class.php has minor changes to facilitate custom image locations. If you are in need of this feature, you’ll need to push the new client file out in your next update to those plugins. If you find any issues of think of awesome features, you can do that here.


Download Update Manager 1.0.1 to manually install or check your dashboard for updates.

Can I get some :star::star::star::star::star: reviews?

It would be awesome to get some feedback that I can use to help promote the plugin. Even just a sentence or two would great! You can leave it here or DM me. Pretty please… with :cherries: on top!


Yay! :partying_face:

I have a number of custom plugins that I use on all my sites. Previously, updating these was a laborious job that required me to manually upload the new files to every site. Since I started using the Update Manager by @codepotent this has become a one-click, 10-second job. The set-up process is clear, easy and logical, and it works perfectly. 5 stars!


Done :smiley:


You used my “Yay” as a review? :grin:

OK, give me a minute and I’ll come up with something slightly longer.

What happened with the images location enhancement? The docs still say:

You can use your own plugin banner and icon images to improve the end user experience. If you have these images, create an /images/ directory in your plugin and drop them there.

Edit: see above for review.


I mean, I’ll take what I can get. :smiley: Thanks for the great review!

This is documented under filters.


Excellent! Filters, and example code. :+1:


Great, time to dig in. I’ll post a review immediately I get it up and running.


I will probably need to take some time to add this to my plugin soon, haha.


Maybe I’m wrong, but it’s changed (filters and text domain) added.
But I think better waiting before changing it in other plugins. Why?


You are correct! …and this is a good reason why I shouldn’t try to draft a post as I go…better to do it all at the end. I see you have just submitted a PR to fix this issue while I was in the process of making the new release’s docs/endpoint; Nonetheless, I appreciate your speedy response to this!

Version 1.0.1 has been pushed…and the original post updated with the new version.


You’ve been faster than me :rofl:


Probably only by seconds. :slight_smile:


Using the Update Manager to update itself feel’s sort of… meta.



Thank you very much! Shield Security identifies the plugin as a potential malware. I assume that I can safely ignore the warning and mark it as accepted plugin, but could you please check first, just in case? See the warning below:

[Path: wp-content/plugins/codepotent-update-manager/includes/]

Potential Malware Detected

  • Pattern Detected: VjaG
  • Affected line numbers: 154

See below the explanation by Shield Security about their scans for potential malware:


Ah, it’s my SVG logo… I’ll update them to use normal png images. Sorry for the inconvenience.


Hi @jfmayer, thanks very much for this report. Yes, you can safely ignore the warnings on that file. I base64 encoded some SVG images so they could be served inline and save a page request. Apparently, that wasn’t the fantastic idea I thought it was. :slight_smile: I’ve opened an issue for this and it will be resolved expeditiously.


@Paul might also be interested in taking a look at the above issue (false positive with Shield Security in Update Manager plugin).


@james @jfmayer @CodePotent just a quick comment on false positives - they’re quite common, and we filter the vast majority out before they appear, but the system is designed to “learn”, so the more that admins flag them, they’ll eventually disappear from results. But always worth checking a file result, as @jfmayer did, before doing so.


Good point, @james…and thanks for the additional insights on this, @paul. As noted, @jfmayer did exactly the right thing here.

In this case, I’ll go ahead and use traditional images for the logo files instead of base64 encoded strings. since it will be much more readily apparent what those lines actually are. …'course, I have those lines in a bunch of plugins by now, so, it will be a day or three. :slight_smile:

Appreciate the follow-up, thanks!


Thank you very much for the answers, I will mark the warning as “ignore” then.