Support the --ssl and --skip-ssl flags in wp db import#332
Conversation
`wp db import` (and other commands that build their MySQL invocation via `DB_Command::get_mysql_args()`, such as `wp db query`) run the associative arguments through an allow-list of valid MySQL client options. That list already contained `ssl-mode` and every `ssl-*` certificate option, but was missing the plain on/off toggles `ssl` and `skip-ssl`. As a result, `wp db import --ssl` silently dropped the flag and connected without SSL, while `wp db cli --ssl` worked because it passes the arguments straight through. This produced confusing failures such as "Error: Failed to get current SQL modes. Reason: ERROR 1045 (28000): Access denied" against servers that require SSL. Add `ssl` and `skip-ssl` to the allow-list so both are forwarded to the MySQL/MariaDB client, matching `wp db cli` behaviour. A Behat scenario asserts the flag now appears in the final MySQL command. Fixes wp-cli#218. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
Hello! 👋 Thanks for opening this pull request! Please check out our contributing guidelines. We appreciate you taking the initiative to contribute to this project. Contributing isn't limited to just code. We encourage you to contribute in the way that best fits your abilities, by writing tutorials, giving a demo at your local meetup, helping other users with their support questions, or revising our documentation. Here are some useful Composer commands to get you started:
To run a single Behat test, you can use the following command: # Run all tests in a single file
composer behat features/some-feature.feature
# Run only a specific scenario (where 123 is the line number of the "Scenario:" title)
composer behat features/some-feature.feature:123You can find a list of all available Behat steps in our handbook. |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Pull request overview
This PR fixes wp db import --ssl (and --skip-ssl) being silently ignored by ensuring these flags are forwarded through the DB_Command::get_mysql_args() allow-list, bringing wp db import / wp db query behavior in line with wp db cli.
Changes:
- Added
sslandskip-sslto the MySQL client option allow-list used byget_mysql_args(). - Added a Behat regression scenario to assert
--sslis present in the final MySQL command debug output forwp db import.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
src/DB_Command.php |
Extends the allowed MySQL client options to include the --ssl / --skip-ssl toggles so they are not filtered out. |
features/db-import.feature |
Adds a MySQL/MariaDB-only regression scenario validating the --ssl flag is forwarded (visible via --debug output). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Fixes #218
Problem
wp db import --sslsilently ignores the flag and connects without SSL, producing confusing errors such as:whereas
wp db cli --sslconnects correctly.Root cause
Commands that build their MySQL invocation via
DB_Command::get_mysql_args()(wp db import,wp db query) filter their associative arguments against an allow-list of valid MySQL client options.wp db cliinstead passes arguments straight through, which is why it already honours--ssl.The allow-list already contains
ssl-modeand everyssl-*certificate option but is missing the plain on/off togglessslandskip-ssl, so those flags are dropped before reaching the client. (Diagnosis matches @danielbachhuber's earlier comment on the issue.)Fix
Add
sslandskip-sslto$allowed_mysql_optionsso both are forwarded to the MySQL/MariaDB client, givingwp db import/wp db queryparity withwp db cli.--skip-sslis included because it is the direct disable counterpart, is likewise missing, and was requested by multiple users in the issue thread.Testing
Adds a Behat scenario asserting the
--sslflag now appears in the final MySQL command emitted bywp db import. (Requires the MySQL/MariaDB test environment.) Also verified directly via reflection against the patchedget_mysql_args(): before the changessl/skip-sslare dropped, after they pass through while a bogus flag is still filtered;phpcsclean.Disclosure: this change was prepared with the assistance of an AI coding agent (Claude) and reviewed before submission.