Increasing Security by showing current extensions version in backend

[dirk80]

Hi!

To keep the Joomla installation secure one main point is to keep all extensions updated. At the moment it is taking a lot of time to make sure that every extention is having the latest version. You have to browse to all the different sites and have deep look in the details to find the current version.

To raise the security of Joomla the way of getting informed about extension updates should be easier. I propose to add in the backend at the extension installer next to the installed extension version the current available version. This information could be taken from the database from "http://extensions.joomla.org/". If there is a newer version available this could be marked red.

Does somebody know if it is possible to get those information from extensions.joomla.org already?

Is somebody able to add this information to the backend?

What do you think about this?

Dirk

[RussW]

This type of discussion has been around for quite sometime Dirk, many of the extension developers have implemented their own version checking systems, CB is one that comes to mind immediately.

Although, a centralised repository is a useful and good idea, maintenance of the revisions and data integrity is extremely troublesome and time consuming unfortunately and, to date, has not been accomplished, even within JED, also JED does not contain all extensions that are available.

The Joomla! Tools Suite, "may" help yu more providing an audit facility, however it has no automated functions for version checking.

[dirk80]

Yes some extensions have their own version checking system. But to raise the security of Joomla it has to be easy to use (centralised) for the admins.

maintenance of the revisions and data integrity is extremely troublesome and time consuming unfortunately

Compared to the developing of the extensions it is only small work to keep the Version at JED updated and could be expected of every extensions developer. I think the time admins use for checking for new version in total is way more than the time the developer needs for keeping the JED updated.
The integrity of the data would be given if the developer adds the path to version at JED in the xml install file.

Of course not all extensions are available at JED - but most are - and users will ask the developer to add it for having a complete list. Until it is added this information could be empty.

This might not be implemented very quick but on the long term (1 or 2 years) this would be a very important step to raise the security of Joomla in general.