From 13a526d6bec24710f25976cd9f025bfba8d9d91f Mon Sep 17 00:00:00 2001 From: "gitea-actions[bot]" Date: Sun, 28 Jun 2026 19:31:21 +0000 Subject: [PATCH] chore(release): build 01.45.00 [skip ci] --- .mokogitea/workflows/issue-branch.yml | 2 +- CHANGELOG.md | 127 +----------------- SECURITY.md | 2 +- .../com_mokosuitebackup/mokosuitebackup.xml | 2 +- .../sql/updates/mysql/01.45.00.sql | 1 + .../mod_mokosuitebackup_cpanel.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- source/pkg_mokosuitebackup.xml | 2 +- 14 files changed, 16 insertions(+), 136 deletions(-) create mode 100644 source/packages/com_mokosuitebackup/sql/updates/mysql/01.45.00.sql diff --git a/.mokogitea/workflows/issue-branch.yml b/.mokogitea/workflows/issue-branch.yml index 11958bd..cf5cb9a 100644 --- a/.mokogitea/workflows/issue-branch.yml +++ b/.mokogitea/workflows/issue-branch.yml @@ -5,7 +5,7 @@ # FILE INFORMATION # DEFGROUP: Gitea.Workflow # INGROUP: mokocli.Automation -# VERSION: 01.00.00 +# VERSION: 01.45.00 # BRIEF: Auto-create feature branch when an issue is opened name: "Universal: Issue Branch" diff --git a/CHANGELOG.md b/CHANGELOG.md index f6e78b0..864eb00 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,9 @@ # Changelog - ## [Unreleased] + +## [01.45.00] --- 2026-06-28 + ## [01.43.35] --- 2026-06-28 ### Added @@ -33,126 +35,3 @@ ## [01.42.00] --- 2026-06-23 - -## [01.41.00] — 2026-06-23 - -### Added — Multi-Remote Storage -- New `#__mokosuitebackup_remotes` table for multiple destinations per profile -- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit -- Engine uploads to ALL enabled destinations (BackupEngine + SteppedBackupEngine) -- Migration auto-converts existing SFTP/S3/GDrive/FTP profile columns to new table -- Backward compatibility: falls back to legacy single-remote columns if table empty -- Secrets masked in API responses, merged from DB on save - -### Added — Content Snapshots -- Lightweight JSON snapshots of articles, categories, and modules -- Includes tags, custom fields, workflow associations, field values -- Restore modes: Replace (clean slate), Merge (upsert), Selective (per-article) -- Snapshot retention: max count + max age with automatic cleanup -- Scheduled snapshot task via com_scheduler -- CLI: `mokosuitebackup:snapshot create|restore|list|delete` -- REST API: create, list, restore, delete, download snapshots -- Tabbed browse modal: Articles / Categories / Modules with item counts - -### Added — SFTP Remote Storage -- SFTP support with SSH key file authentication (key stored base64 in database) -- Auth type dropdown: Password / Key File / Key File + Passphrase -- SshKeyField: file upload via FileReader, key never exposed in HTML -- SFTP remote directory browser for path selection -- `__KEEP_EXISTING__` sentinel preserves key on profile re-save - -### Added — MokoRestore Wizard (9 steps) -- Per-table conflict resolution: Replace / Skip / Merge / Data Only -- Preset buttons: "All Replace", "All Skip", "Everything except users" -- Post-restore actions: reset passwords, hits, versions, sessions, cache -- Auto-detect sanitized passwords and prompt for reset (random temp password) -- Standalone mode: restore.php scans directory for ZIP files -- Wrapped mode: restore.php bundled inside backup ZIP -- Security gate with filesystem verification + path traversal protection - -### Added — Data Sanitization -- Sanitize user passwords: replace hashes with invalid sentinel -- Sanitize user emails: replace with dummy values -- Clear session data: exclude `#__session` table -- Preserve super admin credentials (optional) -- GDPR-friendly backup sharing for demos and staging sites - -### Added — Backup Engine -- Pre-flight validation: directory, disk space, extensions, credentials, running backups -- Auto-verify archive integrity after creation (ZIP, tar.gz, 7z) -- 7z archive format via system 7za/7z CLI binary with native encryption -- Streaming database dump to temp file (prevents OOM on large sites) -- S3 streaming upload via CURLOPT_PUT (prevents OOM) -- Graceful remote degradation: local backup preserved if upload fails -- DatabaseDumper::dumpToFile() for memory-efficient operation - -### Added — Admin UI -- Dashboard: snapshot widget, 30-day backup trend chart, per-profile storage breakdown -- CPanel admin dashboard module (mod_mokosuitebackup_cpanel) with quick actions -- Backup type filter dropdown in backups list -- Backup comparison: select two backups for side-by-side diff -- Archive browser: view files inside backup without extracting -- Manual purge: delete backups older than a date with count preview -- Backup count badges on profile list -- "Do not navigate away" warning in backup/restore progress modals -- Clickable placeholder pills for backup directory and archive name fields -- Comprehensive help modal with absolute/relative/placeholder path documentation -- Placeholder resolution display with EXAMPLE prefix -- All placeholders UPPERCASE: [HOST], [SITE_NAME], [DATE], [DATETIME], etc. - -### Added — CLI & API -- `mokosuitebackup:restore` with --files-only, --db-only, --password options -- `mokosuitebackup:snapshot` with create, restore, list, delete actions -- REST API for snapshots: create, list, restore, delete, download -- Profile credentials masked in API responses - -### Added — Notifications & Logging -- Email/ntfy notifications for site restore, snapshot create/restore -- Joomla Action Logs for restore, snapshot, and snapshot restore events -- Global ntfy server/topic/token settings (fallback for profiles) - -### Added — Security & Configuration -- Webcron secret field with CSPRNG generator + strength meter -- IP whitelist field with current IP detection + one-click "Add my IP" -- 10 ACL permissions with full enforcement audit across all controllers -- Config defaults: archive format, MokoRestore mode, sanitization settings -- Path traversal protection on all archive extraction (ZIP, tar.gz, JPA) - -### Fixed -- CLI RestoreCommand passed wrong arguments (filepath instead of record ID) -- JPA path traversal: reject `../` in archive entry paths -- S3Uploader OOM: streaming upload instead of file_get_contents -- DatabaseDumper OOM: streaming to file instead of in-memory string -- AkeebaImporter: removed unserialize() (PHP object injection risk) -- BackupTable: delete DB row before file (prevents data loss) -- RestoreEngine: staging path sanitized with preg_replace -- API profiles: sensitive fields masked with `***` -- Webcron: missing return after sendJsonResponse on auth failure -- loadFormData(): cast array to object (PHP 8.x TypeError fix) -- MokoRestore data-only mode: uses REPLACE INTO for existing rows -- Plaintext archive deleted on encryption failure -- TarGzArchiver: intermediate .tar cleaned in finally block -- Install script: single-line comments converted to block comments -- Orphaned root-level webservices plugin files removed -- include_mokorestore column: TINYINT changed to VARCHAR(20) -- Snapshot fields_values: scoped dump and restore to com_content.article (previously destroyed values for contacts, users, etc.) -- Run Backup button: accept CSRF token from GET (fixes "token did not match" on profile edit) -- SFTP fields: moved into remote fieldset for showon visibility; removed required attr that blocked non-SFTP saves -- Script.php merge conflict markers resolved - -## [01.24.00] — 2026-06-02 - -### Added -- Initial release: full-site backup and restore for Joomla 6 -- Database, files, and configuration backup -- ZIP and tar.gz archive formats with AES-256 encryption -- Differential backups based on file manifests -- FTP/FTPS, S3, Google Drive remote storage -- MokoRestore standalone restore wizard -- CLI backup and restore commands -- REST API for remote management -- Scheduled tasks via com_scheduler -- Email and ntfy push notifications -- Per-profile retention, exclusions, and notifications -- Akeeba Backup migration tool -- Admin dashboard with system health checks diff --git a/SECURITY.md b/SECURITY.md index d6dc672..2286acd 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -23,7 +23,7 @@ DEFGROUP: Template-Joomla INGROUP: Template-Joomla.Documentation REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla PATH: /SECURITY.md -VERSION: 01.44.01 +VERSION: 01.45.00 BRIEF: Security vulnerability reporting and handling policy --> diff --git a/source/packages/com_mokosuitebackup/mokosuitebackup.xml b/source/packages/com_mokosuitebackup/mokosuitebackup.xml index d426355..1bba702 100644 --- a/source/packages/com_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/com_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/com_mokosuitebackup/sql/updates/mysql/01.45.00.sql b/source/packages/com_mokosuitebackup/sql/updates/mysql/01.45.00.sql new file mode 100644 index 0000000..2865b45 --- /dev/null +++ b/source/packages/com_mokosuitebackup/sql/updates/mysql/01.45.00.sql @@ -0,0 +1 @@ +/* 01.45.00 — no schema changes */ diff --git a/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml b/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml index 98faafe..e6eb337 100644 --- a/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml +++ b/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml @@ -8,7 +8,7 @@ --> mod_mokosuitebackup_cpanel - 01.44.01 + 01.45.00 2026-06-23 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml index b6153a0..22bb14b 100644 --- a/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Action Log - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml index 8406be3..5b1fe35 100644 --- a/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Console - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml index 11b81ef..44f4a47 100644 --- a/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Content - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml index 660403e..345b8bd 100644 --- a/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml @@ -1,7 +1,7 @@ Quick Icon - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml index 024e237..9d0f954 100644 --- a/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> System - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml index 3b86900..d9a104f 100644 --- a/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Task - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml index eab68d5..cb64b0d 100644 --- a/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Web Services - MokoSuiteBackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/pkg_mokosuitebackup.xml b/source/pkg_mokosuitebackup.xml index ac0f65d..a88829b 100644 --- a/source/pkg_mokosuitebackup.xml +++ b/source/pkg_mokosuitebackup.xml @@ -8,7 +8,7 @@ Package - MokoSuiteBackup mokosuitebackup - 01.44.01 + 01.45.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech