> I don't know why they go about it in such a manual way.
Because I don't generally give the code permission to modify itself. Principle of least privilege and all that.
Outside of this one specific situation (upgrades) it's not needed, the rest of the time it's just one more layer of security in the way of various forms of exploit. (Maybe it's just trauma from dealing with the 8,000 forms of wordpress exploits back in the day and dealing with finding half of wordpress having random code added to it to persist exploits/randomly redirect people to scam sites/etc)
In the end it adds like 5 minutes of inconvenience to my upgrade process.
Because I don't generally give the code permission to modify itself. Principle of least privilege and all that.
Outside of this one specific situation (upgrades) it's not needed, the rest of the time it's just one more layer of security in the way of various forms of exploit. (Maybe it's just trauma from dealing with the 8,000 forms of wordpress exploits back in the day and dealing with finding half of wordpress having random code added to it to persist exploits/randomly redirect people to scam sites/etc)
In the end it adds like 5 minutes of inconvenience to my upgrade process.