🐞 Bug Report: Every FAIR-enabled plugin or theme results in a new Updater instance adding its hooks #427
Description
A new instance of the Updater class gets instantiated for every FAIR-enabled plugin or theme in place on a site. This causes all of the hooks in the load_hooks() method to be added and executed once per plugin and theme, instead of once globally.
Detailed Description
This causes hooks such as upgrader_source_selection, plugins_api, site_transient_update_plugins, wp_prepare_themes_for_js, and upgrader_pre_download to be run n times instead of once.
This causes a few effects, including:
Updater::upgrader_source_selection()attempts to rename and move every plugin and thementimes instead of once.verify_signature_on_download()downloads and verifies every packagentimes instead of once. As far as I can tell, there is no poisoning of the trusted key logic between plugins but I think this is by luck rather than by design.Updater::repo_api_details()runsntimes instead of once, although this does contain a guard condition so it doesn't re-fetch package datantimes, although it does parse and recalculate the DID hashntimes instead of once.Updater::customize_theme_update_html()runsntimes instead of once, which callsUpdater::append_theme_actions_content()ntimes instead of once. I don't have any FAIR-enabled themes installed, but if I had more than one I anticipate that this would cause duplicate update messages to appear for a theme with a pending update.
The other effect this has is that I am unable to propose some enhancements that I want to make to verify_signature_on_download() because it unexpectedly runs with the incorrect DID context n-1 times out of n.
Expected Behavior
The hooks that the Updater class hooks into and handles should only be instantiated once. I think this means that the Updater class needs to be rearchitected so it acts as a registry and dispatches any plugin- or theme-specific logic as necessary.