PatchOn Agent
PatchOn is a SaaS service that automatically runs regression tests (VRT: Visual Regression Test) in a staging environment before applying plugin, theme, or core updates to your WordPress site. This plugin acts as the connector between your WordPress site and the PatchOn SaaS backend at patchon.jp.
This plugin requires the PatchOn SaaS service at patchon.jp and does not function on its own. No account is required to get started. Immediately after activation no external communication is performed, and a consent screen is shown in the admin area. Outbound communication with patchon.jp begins only after the user explicitly clicks the “Agree and Start” button on that consent screen, which registers the site anonymously. A patchon.jp account is needed only to view detailed inspection results in the dashboard or to upgrade to a paid plan.
Main Features
- Backup of site files and database before applying updates
- Pre-inspection that simulates updates in a staging environment, with results displayed in your dashboard
- Production rollout of updates that have passed inspection
This plugin (the free distribution on WordPress.org) does not write to your site files (wp-content, mu-plugins, theme directories, etc.). AI auto-repair, which involves writing patched code to mu-plugins or the active child theme, is provided by the separately distributed PatchOn Agent Pro extension plugin (available to Standard / Business plan subscribers at patchon.jp).
Data Sent
After the user has consented on the consent screen, when they run a “Pre-inspection” or “Apply update” operation, the plugin sends the following data to patchon.jp and related external services. See the Privacy Policy for full details.
- Site URL / WordPress version / PHP version / DB version
- List and versions of installed plugins, themes, and MU plugins
- Site files prior to update application (child theme / mu-plugins / wp-config.php, used for backup)
- Contents of WordPress debug.log (used to detect issues)
- Lightweight database dump (only at pre-inspection time; tables and columns containing personal information are excluded)
External services
This plugin depends on the following external services. No external communication is performed merely by activating the plugin. Communication starts only after the user explicitly clicks the “Agree and Start” button on the consent screen shown on first use.
PatchOn API (https://patchon.jp and its subdomains)
The backend for all inspection, repair, update, and database-dump operations. Two host names are used, both operated by Rocketa Inc. and routed to PatchOn’s infrastructure:
https://patchon.jp/api/*— site registration, pre-inspection control, apply-update control, billinghttps://dump.patchon.jp/*— database-dump control endpoints and signed-URL chunk uploads used during pre-inspection (the database dump is excluded from the data sent overpatchon.jp/api/*)
Provider: Rocketa Inc. (rocketa.co.jp)
When data is sent: * On click of the “Agree and Start” consent button (one-time): anonymous site registration and UUID issuance * When the user runs a “Pre-inspection”: list of plugins / themes, debug.log, lightweight database dump * When the user runs an “Apply update”: backup files, application result
What is sent: see the “Data Sent” section above
- Terms of Service: https://patchon.jp/terms
- Privacy Policy: https://patchon.jp/privacy-policy
- Subprocessors: https://patchon.jp/subprocessors
AWS S3 (Tokyo region, accessed via PatchOn)
Storage destination for the pre-update full-site backup (tar.gz). File uploads are performed only against pre-signed URLs issued by https://patchon.jp/api/* on a per-request basis. The customer site does not hold any S3 credentials.
- Provider: Amazon Web Services, Inc.
- Endpoint: https://*.s3.ap-northeast-1.amazonaws.com (pre-signed URLs only)
- When data is sent: when the user runs an “Apply update”
- What is sent: pre-update site files (tar.gz)
- AWS Privacy: https://aws.amazon.com/privacy/