Introduction
TYPO3 updates are critical for security and stability – yet time-consuming and error-prone, especially with multiple instances. Our TYPO3 Updater automates the entire process: from analysis and updating to visual quality assurance and documentation.
The solution is aimed at agencies and IT departments that professionally manage multiple TYPO3 instances and want to implement updates efficiently, securely, and transparently.
Table of Contents
Practical Scenarios
Security Update, Extension Rollout, QA
Technical Requirements
System Requirements, Installation
Best Practices
Update Strategy, Maintenance
Summary
Core Benefits, Target Audience
Why TYPO3 Updater?
Typical Challenges
For agencies with multiple TYPO3 projects:
- Manual updates consume time – with 20+ projects, it takes several working days per minor release
- Inconsistent documentation makes traceability difficult
- A lack of visual testing leads to overlooked layout issues
- Manual time tracking and ticket creation are often neglected
For IT departments:
- Security updates must be rolled out quickly across all instances
- Extension updates (e.g., new Powermail) require a systematic approach
- Compliance demands complete documentation
- Quality assurance must be reproducible and verifiable
The Solution
The TYPO3 Updater automates the entire update pipeline:
Central Management
All DDEV projects are automatically detected and filtered by age, TYPO3 type, and deployment configuration.
Quality Assurance
Visual screenshot tests run before and after every update – layout issues become instantly visible.
Complete Documentation
Every update automatically creates a Redmine ticket with test reports, screenshot comparisons, and time tracking.
Architecture and Functionality
Technical Foundations
The TYPO3 Updater is based on a well-thought-out architecture that combines proven tools and modern technologies:
Base Stack:
- DDEV as the local development environment (detects all projects automatically)
- Deployer for structured deployment (
.hosts.yamldefines target servers) - Composer for TYPO3 Core and extension updates
- Playwright for visual screenshot testing
- Next.js as a modern web interface using shadcn/ui
TYPO3 Updater Workflow: From Detection to Documentation
Automatic Project Detection
The Updater scans the configured projects directory and filters intelligently:
- Detect DDEV projects: Scans all folders for
.ddev/config.yamlto identify active DDEV environments. - Verify TYPO3 installation: Analyses the
composer.jsonfortypo3/cms-coredependencies and validates the installation. - Validate
.hosts.yaml: Checks whether a valid Deployer configuration exists and if all required server definitions are present. - Analyse last update date: Reads Git commits and
composer.locktimestamps to determine when the last update occurred.
Important: The Updater does not use AI/LLM – detection is based on structured checks of the file system and Composer configuration. This guarantees reliability and performance.
The User Interface
Dashboard: Project Overview
The central hub displays all update-eligible TYPO3 instances at a glance:
Overview Features:
- Intelligent Filtering: By project name, last update date, TYPO3 version
- Status Indicators: Deployer status, Git branches, latest commits
- Batch Selection: Select multiple projects for simultaneous updating
- Sorting: By date, project name, or update priority
The interface is deliberately kept clean and functional – optimised for quick decisions and efficient workflows.
Command Generator: Maximum Control
For anyone who prefers to control the update process via the shell:
The generator creates precise shell commands with all relevant parameters:
Available Options:
| Parameter | Description | Default |
|---|---|---|
| --batch-mode | Batch processing of multiple projects | ✓ |
| --dry-run | Simulation without actual updates | ✓ |
| --skip-upload | Skip deployment | ✕ |
| --skip-redmine | No ticket creation | ✕ |
| --skip-visual-tests | Disable screenshot testing | ✕ |
| --verbose-output | Detailed logging output | ✕ |
You can copy the generated command directly and execute it in the terminal – ideal for CI/CD integration or advanced workflows.
Configuration: Centralised Settings Management
You configure everything via the web interface:
Click the image to enlarge and view in full
Configuration Areas:
Each setting includes inline documentation with best practices and real-time validation.
The Update Process
1. Execution with Live Monitoring
Once projects are selected, the update process begins with detailed status feedback:
Process Steps:
Environment Setup
Pre-Update Tests
Composer Updates
Post-Update Tests
Documentation
Status Codes:
- 🟢 [SUCCESS]: Step successfully completed
- 🟡 [WARNING]: Warning, process continues
- 🔴 [ERROR]: Critical error, process aborted
- 🔵 [INFO]: Informational output
2. Visual Comparison Report
A comprehensive test report is generated after each update:
Report Contents:
Screenshot Matches
Number of unchanged pages – ideally the majority of the tested URLs.
Screenshot Differences
Detected visual changes with diff visualisation. Shows exactly which pixels have changed.
Screenshot Errors
Failed comparisons (e.g., timeout, missing page) that require manual review.
Pages Visited
Number of tested URLs – configurable via the project configuration.
The Updater saves the report in a hash-based directory (unguessable) and links to it in the Redmine ticket.
3. Redmine Integration
Automated ticket creation with complete documentation:
Ticket Structure:
# TYPO3 UPDATE - [Projekt-Name]
## Ticket-Typ
Minor Update (Automatisch generiert)
## Projekt
[Projekt-ID aus Custom Field Matching]
## Website
https://www.beispiel-projekt.at
## Status
TYPO3 Update erfolgreich abgeschlossen. Version von 12.4.36 auf 12.4.37 aktualisiert.
Detaillierter Test-Bericht verfügbar.
Test Report (included in the ticket):
- Screenshot comparisons (Before/After)
- Functionality tests sorted by key areas
- Performance metrics (Lighthouse Score)
- Composer Audit Report (Security vulnerabilities)
- Next steps and recommendations
Automatically generated documentation:
- All TYPO3 Core components updated
- Extension compatibility verified
- Database schema validated
- Caches cleared and rebuilt
- Configuration files checked
Composer Audit Report
An essential part of the documentation is the integrated Composer security check:
Security Analysis:
- No security vulnerabilities found
- Bestfixes packages: None found
- Complete report is documented in the ticket
Next Steps:
- Verification of website functionality
- Monitoring of performance metrics
- Documentation of changes
Practical Scenarios
Scenario 1: Security Update for all Instances
Situation: TYPO3 Security Advisory – critical update available
Solution with TYPO3 Updater:
Security Advisory Received
Project Selection
Start Batch Update
Completion and Documentation
Time Saved: Instead of 2-3 working days for manual updates → 2.5 hours automated
Scenario 2: Extension Rollout across all Projects
Situation: New Powermail version with important features needs to be installed across all instances
Workflow:
- Adjust configuration: Add the extra Composer package
in2code/powermail:*in the config - Filter projects: Select only instances with an existing Powermail installation
- Staged Rollout: First on 3 test instances, upon success, roll out to all others
- Documentation: Every instance receives a ticket with a changelog and test report
Scenario 3: Quality-Assured Updates
Situation: IT department requires demonstrable QA for compliance
TYPO3 Updater delivers:
- Reproducible Tests: Every update goes through the identical test pipeline
- Visual Documentation: Before/after screenshots serve as proof
- Timestamps and Audit Trail: Complete traceability
- Ticket System Integration: Seamless documentation in Redmine
- Secure Key Management: SSH keys are stored encrypted
The TYPO3 Updater requires SSH keys for Deployer access. These are stored encrypted within the configuration. If no key is provided, the update process is aborted with a clear error message – no insecure fallbacks.
Technical Requirements
System Requirements
Server Environment:
- DDEV installed and configured
- Node.js 18+ (for Next.js GUI)
- Composer 2.x
- SSH access to deployment targets
Optional for advanced features:
- Redmine instance with API access
- Deployer configuration (
.hosts.yaml) - Playwright for Visual Tests
Installation
# Clone repository
git clone https://github.com/your-org/typo3-updater.git
cd typo3-updater
# Install dependencies
npm install
cd test/playwright && npm install
# Create configuration
cp .env.example .env
# Start GUI
npm run dev
# Open browserThe GUI is then accessible at http://localhost:3000.
Best Practices
Update Strategy
| Feature | Recommended | Not Recommended |
|---|---|---|
| Staged Rollout | ✓ | ✕ |
| Dry-run first | ✓ | ✕ |
| Enable Visual Tests | ✓ | ✕ |
| All instances simultaneously | ✕ | ✓ |
| Updates without tests | ✕ | ✓ |
| Manual documentation | ✕ | ✓ |
Maintenance and Monitoring
Regular Tasks:
- Clean up screenshot archive (automatically after 30 days)
- Renew Redmine token (rotate API keys every 90 days)
- Monitor log files (check Warning Log)
- Update SSH keys (upon team changes)
Performance Optimisation:
- Run visual tests in parallel (max. 3 browser instances)
- Limit screenshot resolution to 1920x1080
- Automatically archive old test reports
- Restart DDEV containers after update
Cost Savings and ROI
Time and Cost Analysis
| Task | Manual | Automated | Savings |
|---|---|---|---|
| Single TYPO3 Update | 45 min | 5 min | -89% |
| Visual QA Testing | 30 min | 2 min | -93% |
| Documentation | 20 min | 1 min | -95% |
| Redmine Ticket | 15 min | 0 min | -100% |
| Total per Update | 110 min | 8 min | -93% |
Visualisation of Time Saved
Average time required per update step in minutes
Projection for an agency with 20 TYPO3 projects:
- 8 TYPO3 Core minor updates per year (every 6-8 weeks)
- 9 major extension updates per year (Powermail, News, etc.)
- = 17 updates per year × 20 projects = 340 updates in total
- Manual execution: 340 × 110 min = 623 hours
- With TYPO3 Updater: 340 × 8 min = 45 hours
- Time saved: 578 hours per year
At an hourly rate of EUR 150:
- Cost savings: EUR 86,700 per year
- ROI achieved within just a few weeks of active use
Scaling: Cost Savings by Number of Projects
Annual costs in Euro – The more projects, the higher the savings
Time Distribution: Manual Update Process
Where is time lost during manual updates? (110 minutes total)
ROI Development over 12 Months
Break-even after just 3-4 weeks – followed by pure cost savings
In addition to saving time, you increase quality through consistent testing, reduce human error, and create comprehensive documentation for compliance and client reporting.
Summary
The TYPO3 Updater is more than just an automation tool – it is a complete update management solution for professional TYPO3 environments:
Core Benefits:
Efficiency
93% time saved per update by automating routine tasks
Quality
Visual regression tests guarantee layout integrity after every update
Transparency
Complete documentation in Redmine with test reports and screenshots
Security
Encrypted key management and reproducible security checks
Scalability
Batch updates for any number of instances with consistent quality
Control
Dry-run mode and staged rollouts for risk-free testing
Who is the TYPO3 Updater for?
Ideal for:
- Agencies with 5+ TYPO3 projects
- IT departments with multi-site environments
- Managed hosting providers
- DevOps teams with a focus on automation
Technical Profile:
-
Experience with DDEV and Composer
-
Basic knowledge of Bash/Shell scripting
-
Optional: Deployer knowledge for advanced features
-
Optional: Redmine admin access for ticket integration
-
Training for your team
-
Managed service options
This article was last updated on 2025-10-04. The TYPO3 Updater is actively being developed – features and screenshots are subject to change.