diff --git a/core/assets/scaffold/files/default.settings.php b/core/assets/scaffold/files/default.settings.php
index 666a39643736c9ef6cc5036de8242077c9872024..d4ba8a91829a7466599160d70b3dad0386971d65 100644
--- a/core/assets/scaffold/files/default.settings.php
+++ b/core/assets/scaffold/files/default.settings.php
@@ -475,30 +475,6 @@
*/
# $settings['class_loader_auto_detect'] = FALSE;
-/**
- * Authorized file system operations:
- *
- * The Update Manager module included with Drupal provides a mechanism for
- * site administrators to securely install missing updates for the site
- * directly through the web user interface. On securely-configured servers,
- * the Update manager will require the administrator to provide SSH or FTP
- * credentials before allowing the installation to proceed; this allows the
- * site to update the new files as the user who owns all the Drupal files,
- * instead of as the user the webserver is running as. On servers where the
- * webserver user is itself the owner of the Drupal files, the administrator
- * will not be prompted for SSH or FTP credentials (note that these server
- * setups are common on shared hosting, but are inherently insecure).
- *
- * Some sites might wish to disable the above functionality, and only update
- * the code directly via SSH or FTP themselves. This setting completely
- * disables all functionality related to these authorized file operations.
- *
- * @see https://www.drupal.org/node/244924
- *
- * Remove the leading hash signs to disable.
- */
-# $settings['allow_authorize_operations'] = FALSE;
-
/**
* Default mode for directories and files written by Drupal.
*
diff --git a/core/includes/theme.maintenance.inc b/core/includes/theme.maintenance.inc
index 2a37fbc9ffdc25500ec15956999287dfa0bef6e3..4438d058499bc6547da518cbf7ef31ede0ebcc91 100644
--- a/core/includes/theme.maintenance.inc
+++ b/core/includes/theme.maintenance.inc
@@ -108,8 +108,14 @@ function _drupal_maintenance_theme(): void {
* @param array $variables
* An associative array containing:
* - messages: An array of result messages.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function template_preprocess_authorize_report(&$variables): void {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
$messages = [];
if (!empty($variables['messages'])) {
foreach ($variables['messages'] as $heading => $logs) {
diff --git a/core/lib/Drupal/Core/Theme/ThemeCommonElements.php b/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
index 03e1436625586589a0a6d204f811380b1e9182ab..5ddf58fd6f2265a63874970ae59f25cf9dbf3732 100644
--- a/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
+++ b/core/lib/Drupal/Core/Theme/ThemeCommonElements.php
@@ -176,6 +176,7 @@ public static function commonElements(): array {
],
'includes' => ['core/includes/theme.maintenance.inc'],
'template' => 'authorize-report',
+ 'deprecated' => 'The "authorize-report" template is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119',
],
'pager' => [
'render element' => 'pager',
diff --git a/core/modules/system/templates/authorize-report.html.twig b/core/modules/system/templates/authorize-report.html.twig
index 914458684775426c1b56fe4e3e7f7c39dda98b5a..f6f443c58075497ef7c9546e02eb0d2ced1a903c 100644
--- a/core/modules/system/templates/authorize-report.html.twig
+++ b/core/modules/system/templates/authorize-report.html.twig
@@ -12,6 +12,11 @@
* @see template_preprocess_authorize_report()
*
* @ingroup themeable
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
#}
{% if messages %}
diff --git a/core/modules/update/src/Hook/UpdateHooks.php b/core/modules/update/src/Hook/UpdateHooks.php
index 293882f012464087abd147fdba3679b72f8bde00..49cb455a8430ffda690799570532211afff52be5 100644
--- a/core/modules/update/src/Hook/UpdateHooks.php
+++ b/core/modules/update/src/Hook/UpdateHooks.php
@@ -178,8 +178,6 @@ public function cron(): void {
\Drupal::moduleHandler()->loadInclude('update', 'inc', 'update.fetch');
_update_cron_notify();
}
- // Clear garbage from disk.
- update_clear_update_disk_cache();
}
/**
diff --git a/core/modules/update/src/UpdateRoot.php b/core/modules/update/src/UpdateRoot.php
index a2f1619d6ea6312e064d2a8a6871acb8f394164e..abcf499d5b4b0a999d5233f18152fc3a0f162822 100644
--- a/core/modules/update/src/UpdateRoot.php
+++ b/core/modules/update/src/UpdateRoot.php
@@ -6,7 +6,12 @@
use Symfony\Component\HttpFoundation\RequestStack;
/**
- * Gets the root path used by the Update Manager to install or update projects.
+ * Gets the root path used by the legacy Update Manager to install or update projects.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
class UpdateRoot {
@@ -32,7 +37,7 @@ class UpdateRoot {
protected $updateRoot;
/**
- * Constructs an UpdateRootFactory instance.
+ * Constructs an UpdateRoot instance.
*
* @param \Drupal\Core\DrupalKernelInterface $drupal_kernel
* The Drupal kernel.
@@ -40,6 +45,7 @@ class UpdateRoot {
* The request stack.
*/
public function __construct(DrupalKernelInterface $drupal_kernel, RequestStack $request_stack) {
+ @trigger_error(__CLASS__ . ' is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
$this->drupalKernel = $drupal_kernel;
$this->requestStack = $request_stack;
}
diff --git a/core/modules/update/tests/src/Functional/UpdateManagerTest.php b/core/modules/update/tests/src/Functional/UpdateManagerTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..a69e06a72fdd0218dc68c339c630883992c420c0
--- /dev/null
+++ b/core/modules/update/tests/src/Functional/UpdateManagerTest.php
@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Drupal\Tests\update\Functional;
+
+/**
+ * Tests legacy Update Manager functionality of the Update Status module.
+ *
+ * @group legacy
+ * @group update
+ */
+class UpdateManagerTest extends UpdateTestBase {
+
+ /**
+ * {@inheritdoc}
+ */
+ protected $defaultTheme = 'stark';
+
+ /**
+ * Checks that clearing the disk cache works.
+ */
+ public function testClearDiskCache(): void {
+ $directories = [
+ _update_manager_cache_directory(FALSE),
+ _update_manager_extract_directory(FALSE),
+ ];
+ // Check that update directories does not exists.
+ foreach ($directories as $directory) {
+ $this->assertDirectoryDoesNotExist($directory);
+ }
+
+ // Method must not fail if update directories do not exists.
+ update_clear_update_disk_cache();
+ }
+
+}
diff --git a/core/modules/update/tests/src/Functional/UpdateMiscTest.php b/core/modules/update/tests/src/Functional/UpdateMiscTest.php
index 5b544ea36b0ee984bb5b3b5ef068e3c39f2d8c83..3a06d965ee5ed45504885a9231d3bfbab8c59345 100644
--- a/core/modules/update/tests/src/Functional/UpdateMiscTest.php
+++ b/core/modules/update/tests/src/Functional/UpdateMiscTest.php
@@ -40,23 +40,6 @@ protected function setUp(): void {
$this->drupalPlaceBlock('local_actions_block');
}
- /**
- * Checks that clearing the disk cache works.
- */
- public function testClearDiskCache(): void {
- $directories = [
- _update_manager_cache_directory(FALSE),
- _update_manager_extract_directory(FALSE),
- ];
- // Check that update directories does not exists.
- foreach ($directories as $directory) {
- $this->assertDirectoryDoesNotExist($directory);
- }
-
- // Method must not fail if update directories do not exists.
- update_clear_update_disk_cache();
- }
-
/**
* Tests the Update Status module when the update server returns 503 errors.
*/
diff --git a/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php b/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php
index ff5a8b02d457fbe846decb5acf503685e04490b7..1e33d81d61414bd5295feecd7ddabc8f7b74aac6 100644
--- a/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php
+++ b/core/modules/update/tests/src/Kernel/UpdateDeleteFileIfStaleTest.php
@@ -10,6 +10,7 @@
* Tests the update_delete_file_if_stale() function.
*
* @group update
+ * @group legacy
*/
class UpdateDeleteFileIfStaleTest extends KernelTestBase {
diff --git a/core/modules/update/update.authorize.inc b/core/modules/update/update.authorize.inc
index 8a2ba55d667f0801d805ea990b2c1cc42badb3cc..b3f148ac7493c49f327b72c865bbcd6898fce3cc 100644
--- a/core/modules/update/update.authorize.inc
+++ b/core/modules/update/update.authorize.inc
@@ -107,6 +107,7 @@ function update_authorize_batch_copy_project($project, $updater_name, $local_url
return;
}
+ // @phpstan-ignore getDeprecatedService.deprecated
$updater = new $updater_name($local_url, \Drupal::getContainer()->get('update.root'));
try {
diff --git a/core/modules/update/update.manager.inc b/core/modules/update/update.manager.inc
index 46611f85cd874632bb2e6cdc82eb43db5ff1844d..bbe29684df03da03e250ce5aed7cd95401114750 100644
--- a/core/modules/update/update.manager.inc
+++ b/core/modules/update/update.manager.inc
@@ -172,9 +172,11 @@ function update_manager_file_get($url) {
}
// Check the cache and download the file if needed.
+ // @phpstan-ignore function.deprecated
$cache_directory = _update_manager_cache_directory();
$local = $cache_directory . '/' . \Drupal::service('file_system')->basename($parsed_url['path']);
+ // @phpstan-ignore function.deprecated
if (!file_exists($local) || update_delete_file_if_stale($local)) {
try {
$data = (string) \Drupal::httpClient()->get($url)->getBody();
@@ -229,6 +231,7 @@ function update_manager_batch_project_get($project, $url, &$context): void {
}
// Extract it.
+ // @phpstan-ignore function.deprecated
$extract_directory = _update_manager_extract_directory();
try {
update_manager_archive_extract($local_cache, $extract_directory);
diff --git a/core/modules/update/update.module b/core/modules/update/update.module
index c4366293a059d9a7d4ddc1fa56a0f15fc9805750..9f7df5e7cf78c619fa054b3e164f88233dcdabcc 100644
--- a/core/modules/update/update.module
+++ b/core/modules/update/update.module
@@ -276,8 +276,15 @@ function update_storage_clear(): void {
*
* @return string
* An eight character string uniquely identifying this Drupal installation.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function _update_manager_unique_identifier() {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
+
static $id;
if (!isset($id)) {
$id = substr(hash('sha256', Settings::getHashSalt()), 0, 8);
@@ -295,8 +302,15 @@ function _update_manager_unique_identifier() {
* @return string
* The full path to the temporary directory where update file archives should
* be extracted.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function _update_manager_extract_directory($create = TRUE) {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
+
static $directory;
if (!isset($directory)) {
$directory = 'temporary://update-extraction-' . _update_manager_unique_identifier();
@@ -317,8 +331,15 @@ function _update_manager_extract_directory($create = TRUE) {
* @return string
* The full path to the temporary directory where update file archives should
* be cached.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function _update_manager_cache_directory($create = TRUE) {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
+
static $directory;
if (!isset($directory)) {
$directory = 'temporary://update-cache-' . _update_manager_unique_identifier();
@@ -331,8 +352,15 @@ function _update_manager_cache_directory($create = TRUE) {
/**
* Clears the temporary files and directories based on file age from disk.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function update_clear_update_disk_cache(): void {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
+
// List of update module cache directories. Do not create the directories if
// they do not exist.
$directories = [
@@ -368,8 +396,15 @@ function update_clear_update_disk_cache(): void {
*
* @return bool
* TRUE if the file is stale and deleted successfully, FALSE otherwise.
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
function update_delete_file_if_stale($path) {
+ @trigger_error(__FUNCTION__ . '() is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119', E_USER_DEPRECATED);
+
if (file_exists($path)) {
$filectime = filectime($path);
$max_age = \Drupal::config('system.file')->get('temporary_maximum_age');
diff --git a/core/modules/update/update.post_update.php b/core/modules/update/update.post_update.php
index 3462899d989b3c67eca89e7e91addae00991f9e6..34ddba396858fd8e867a3fa9f4a2f8f7fcd5af0a 100644
--- a/core/modules/update/update.post_update.php
+++ b/core/modules/update/update.post_update.php
@@ -5,6 +5,8 @@
* Post update functions for Update Status.
*/
+use Drupal\Core\Site\Settings;
+
/**
* Implements hook_removed_post_updates().
*/
@@ -14,3 +16,24 @@ function update_remove_post_updates() {
'update_post_update_set_blank_fetch_url_to_null' => '11.0.0',
];
}
+
+/**
+ * Removes the legacy 'Update Manager' disk cache.
+ */
+function update_post_update_clear_disk_cache(): void {
+ // @see _update_manager_unique_id()
+ $id = substr(hash('sha256', Settings::getHashSalt()), 0, 8);
+ // List of legacy 'Update Manager' cache directories.
+ $directories = [
+ // @see _update_manager_cache_directory()
+ "temporary://update-cache-$id",
+ // @see _update_manager_extract_directory()
+ "temporary://update-extraction-$id",
+ ];
+ foreach ($directories as $directory) {
+ if (is_dir($directory)) {
+ \Drupal::service('file_system')->deleteRecursive($directory);
+ }
+ }
+
+}
diff --git a/core/modules/update/update.services.yml b/core/modules/update/update.services.yml
index 465df135529a0e8e332285a2e30ee40cee48a64b..bebf0398151c944d63a65b8d25003338336bffb2 100644
--- a/core/modules/update/update.services.yml
+++ b/core/modules/update/update.services.yml
@@ -21,6 +21,7 @@ services:
update.root:
class: Drupal\update\UpdateRoot
arguments: ['@kernel', '@request_stack']
+ deprecated: The "%service_id%" service is deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no replacement. Use composer to manage the code for your site. See https://www.drupal.org/node/3522119
logger.channel.update:
parent: logger.channel_base
arguments: [ 'update' ]
diff --git a/core/themes/stable9/templates/admin/authorize-report.html.twig b/core/themes/stable9/templates/admin/authorize-report.html.twig
index 2e5a59c0c03bc093c0ac61fc80b0b03febea0eb7..8784ca30cd89ee405ff4b8cde16cf1fdc4613178 100644
--- a/core/themes/stable9/templates/admin/authorize-report.html.twig
+++ b/core/themes/stable9/templates/admin/authorize-report.html.twig
@@ -10,6 +10,11 @@
* - attributes: HTML attributes for the element.
*
* @see template_preprocess_authorize_report()
+ *
+ * @deprecated in drupal:11.2.0 and is removed from drupal:12.0.0. There is no
+ * replacement. Use composer to manage the code for your site.
+ *
+ * @see https://www.drupal.org/node/3522119
*/
#}
{% if messages %}
diff --git a/sites/default/default.settings.php b/sites/default/default.settings.php
index 666a39643736c9ef6cc5036de8242077c9872024..d4ba8a91829a7466599160d70b3dad0386971d65 100644
--- a/sites/default/default.settings.php
+++ b/sites/default/default.settings.php
@@ -475,30 +475,6 @@
*/
# $settings['class_loader_auto_detect'] = FALSE;
-/**
- * Authorized file system operations:
- *
- * The Update Manager module included with Drupal provides a mechanism for
- * site administrators to securely install missing updates for the site
- * directly through the web user interface. On securely-configured servers,
- * the Update manager will require the administrator to provide SSH or FTP
- * credentials before allowing the installation to proceed; this allows the
- * site to update the new files as the user who owns all the Drupal files,
- * instead of as the user the webserver is running as. On servers where the
- * webserver user is itself the owner of the Drupal files, the administrator
- * will not be prompted for SSH or FTP credentials (note that these server
- * setups are common on shared hosting, but are inherently insecure).
- *
- * Some sites might wish to disable the above functionality, and only update
- * the code directly via SSH or FTP themselves. This setting completely
- * disables all functionality related to these authorized file operations.
- *
- * @see https://www.drupal.org/node/244924
- *
- * Remove the leading hash signs to disable.
- */
-# $settings['allow_authorize_operations'] = FALSE;
-
/**
* Default mode for directories and files written by Drupal.
*