Add --exclude=<file>,<file> argument to skip files

[kwbtdisk]

https://wordpress.slack.com/archives/C02RP4T41/p1557867276075100
I will make a PR if this would be useful for everyone 😎

Purpose

• (In my case) I wanted to ignore ./readme.html file cos we have always deleted the file
• And other cases like some files/dirs are moved by the security or management reason

An option

# Proposal
wp core verify-checksums --ignore-files='readme.html wp-includes/some-filename.php'

I would be happy if someone kindly suggests it should be --ignore-files or --skip-files or --excludes.

[R33D3M33R]

Hello,

I think this is a great idea, but I would wish it would be implemented more universally for verify-checksums. So, not only for core, but also for plugins and any other thing which uses this command.

Thus the argument should be more universally named (--exclude?) and it should IMHO follow the current coding style: a comma separated list of items (file names or plugin slugs).

Best regards,
Andrej

[Austinb]

Any chance someone has already worked on this? Helping a client manage their wordpress installations more automatically and they want to reinstall wordpress installs that fail verification. Since the readme.html is either deleted or renamed this check almost always fails and results in extra work reinstalling the wordpress core. Would like to be able to ignore readme.html from being verified.

I can give it a shot if no one has time. Seems pretty simple to add another arg to the core command and then add the necessary logic during the file loop.

[kwbtdisk]

Woops sorry I didn't check this thread. @Austinb Have you started working on this? If not, let me take this 😃

[Austinb]

@kwbtdisk Please feel free if you have the time. I have not had any block of time to sit down and hammer it out. The issue is not a big one right now but will be for my client once we have other aspects completed.

[austinginder]

+1 highly agree. Would like to schedule wp core verify-checksums as part of regular security scans however I'd prefer to ignore if readme.html and wp-config-sample.php files are deleted.

Current behavior is:

wp core verify-checksums
Warning: File doesn't exist: wp-config-sample.php
Error: WordPress installation doesn't verify against checksums.

Maybe something like this with a repeatable argument for many files?

wp core verify-checksums --skip-files=wp-config-sample.php --skip-files=readme.html
Success: WordPress installation verifies against checksums.

[danielbachhuber]

I guess I'd be fine with an --exclude= argument that accepts one or more comma-separated files, as long as there aren't any security issues associated with it.

[iDschepe]

Would like to work on it.