chore: promote changelog [Unreleased] → [01.44.00]

Claude-Session: https://claude.ai/code/session_01MbEjBtsSjPuTWhqqrMS2wG

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "source/packages/MokoSuiteClient"]
+	path = source/packages/MokoSuiteClient
+	url = https://git.mokoconsulting.tech/MokoConsulting/MokoSuiteClient.git

.mokogitea/workflows/auto-bump.yml

@@ -22,7 +22,7 @@ on:
 
 env:
   FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 permissions:
   contents: write

.mokogitea/workflows/auto-release.yml

@@ -52,7 +52,7 @@ on:
 
 env:
   FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
   GITEA_ORG: ${{ vars.GITEA_ORG || github.repository_owner }}
   GITEA_REPO: ${{ vars.GITEA_REPO || github.event.repository.name }}
 
@@ -102,7 +102,7 @@ jobs:
           php ${MOKO_CLI}/branch_rename.php \
             --from "${{ github.event.pull_request.head.ref || 'dev' }}" --to rc \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" \
-            --api-base "${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
+            --api-base "${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
             --pr "${{ github.event.pull_request.number }}"
 
       - name: Checkout rc and configure git
@@ -121,7 +121,7 @@ jobs:
 
       - name: Update RC release notes from CHANGELOG.md
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Extract [Unreleased] section from changelog
@@ -269,7 +269,7 @@ jobs:
           !startsWith(steps.platform.outputs.platform, 'joomla')
         run: |
           VERSION="${{ steps.version.outputs.version }}"
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
           SEMVER_TAG="v${VERSION}"
 
@@ -294,7 +294,7 @@ jobs:
 
       - name: Update release notes and promote changelog
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Get the stable release info (version and ID)
@@ -363,7 +363,7 @@ jobs:
           VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
           RELEASE_TAG="${{ steps.version.outputs.release_tag }}"
           GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           php ${MOKO_CLI}/release_mirror.php \
             --version "$VERSION" --tag "$RELEASE_TAG" \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
@@ -392,7 +392,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Delete rc branch (ephemeral — created by promote-rc)
@@ -416,7 +416,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
           VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
           BRANCH_NAME="version/${VERSION}"
@@ -437,7 +437,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           php ${MOKO_CLI}/version_reset_dev.php \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "${API_BASE}" \
             --branch dev --path . 2>&1 || true
@@ -463,5 +463,5 @@ jobs:
             echo "| Version | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
             echo "| Branch | \`${{ steps.version.outputs.branch }}\` |" >> $GITHUB_STEP_SUMMARY
             echo "| Tag | \`${{ steps.version.outputs.tag }}\` |" >> $GITHUB_STEP_SUMMARY
-            echo "| Release | [View](${GITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
+            echo "| Release | [View](${MOKOGITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
           fi

.mokogitea/workflows/ci-generic.yml

@@ -13,6 +13,12 @@
 name: "Generic: Project CI"
 
 on:
+  pull_request:
+    branches:
+      - main
+      - dev
+      - dev/**
+      - rc/**
   workflow_dispatch:
 
 permissions:

.mokogitea/workflows/ci-issue-reporter.yml

@@ -0,0 +1,68 @@
+# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# FILE INFORMATION
+# DEFGROUP: Gitea.Workflow
+# INGROUP: mokocli.Universal
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
+# PATH: /.mokogitea/workflows/ci-issue-reporter.yml
+# VERSION: 01.00.00
+# BRIEF: Reusable workflow — creates/updates a Gitea issue when a CI gate fails.
+#        Clones MokoCLI and runs cli/ci_issue_reporter.sh.
+
+name: "Universal: CI Issue Reporter"
+
+on:
+  workflow_call:
+    inputs:
+      gate:
+        description: "CI gate name (e.g. PR Validation, Repository Health)"
+        required: true
+        type: string
+      details:
+        description: "Human-readable failure description"
+        required: true
+        type: string
+      severity:
+        description: "error or warning"
+        required: false
+        type: string
+        default: "error"
+      workflow:
+        description: "Workflow name for the issue title"
+        required: false
+        type: string
+        default: ""
+    secrets:
+      MOKOGITEA_TOKEN:
+        required: true
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  report:
+    name: "Report: ${{ inputs.gate }}"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Clone MokoCLI
+        env:
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+        run: |
+          MOKOGITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
+          git clone --depth 1 --filter=blob:none --sparse "${MOKOGITEA_URL}/MokoConsulting/MokoCLI.git" /tmp/mokocli
+          cd /tmp/mokocli && git sparse-checkout set cli/ci_issue_reporter.sh
+
+      - name: Report CI failure
+        env:
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+        run: |
+          chmod +x /tmp/mokocli/cli/ci_issue_reporter.sh
+          /tmp/mokocli/cli/ci_issue_reporter.sh \
+            --gate "${{ inputs.gate }}" \
+            --details "${{ inputs.details }}" \
+            --severity "${{ inputs.severity }}" \
+            --workflow "${{ inputs.workflow }}"

.mokogitea/workflows/cleanup.yml

@@ -21,7 +21,7 @@ permissions:
   contents: write
 
 env:
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 jobs:
   cleanup:
@@ -33,17 +33,17 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          token: ${{ secrets.GA_TOKEN }}
+          token: ${{ secrets.MOKOGITEA_TOKEN }}
 
       - name: Delete merged branches
         env:
-          GA_TOKEN: ${{ secrets.GA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
           echo "=== Merged Branch Cleanup ==="
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
 
           # List branches via API
-          BRANCHES=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
+          BRANCHES=$(curl -sS -H "Authorization: token ${MOKOGITEA_TOKEN}" \
             "${API}/branches?limit=50" | jq -r '.[].name')
 
           DELETED=0
@@ -56,7 +56,7 @@ jobs:
             # Check if branch is merged into main
             if git merge-base --is-ancestor "origin/${BRANCH}" origin/main 2>/dev/null; then
               echo "  Deleting merged branch: ${BRANCH}"
-              curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
+              curl -sS -X DELETE -H "Authorization: token ${MOKOGITEA_TOKEN}" \
                 "${API}/branches/${BRANCH}" 2>/dev/null || true
               DELETED=$((DELETED + 1))
             fi
@@ -66,20 +66,20 @@ jobs:
 
       - name: Clean old workflow runs
         env:
-          GA_TOKEN: ${{ secrets.GA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
           echo "=== Workflow Run Cleanup ==="
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
           CUTOFF=$(date -d "30 days ago" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null || date -v-30d +%Y-%m-%dT%H:%M:%SZ)
 
           # Get old completed runs
-          RUNS=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
+          RUNS=$(curl -sS -H "Authorization: token ${MOKOGITEA_TOKEN}" \
             "${API}/actions/runs?status=completed&limit=50" | \
             jq -r ".workflow_runs[] | select(.created_at < \"${CUTOFF}\") | .id" 2>/dev/null)
 
           DELETED=0
           for RUN_ID in $RUNS; do
-            curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
+            curl -sS -X DELETE -H "Authorization: token ${MOKOGITEA_TOKEN}" \
               "${API}/actions/runs/${RUN_ID}" 2>/dev/null || true
             DELETED=$((DELETED + 1))
           done

.mokogitea/workflows/deploy-manual.yml

@@ -0,0 +1,126 @@
+# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# FILE INFORMATION
+# DEFGROUP: Gitea.Workflow
+# INGROUP: MokoStandards.Deploy
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards-API
+# PATH: /templates/workflows/joomla/deploy-manual.yml.template
+# VERSION: 04.07.00
+# BRIEF: Manual SFTP deploy to dev server for Joomla repos
+
+name: "Universal: Deploy to Dev (Manual)"
+
+on:
+  workflow_dispatch:
+    inputs:
+      clear_remote:
+        description: 'Delete all remote files before uploading'
+        required: false
+        default: 'false'
+        type: boolean
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+permissions:
+  contents: read
+
+jobs:
+  deploy:
+    name: SFTP Deploy to Dev
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
+      - name: Setup PHP
+        run: |
+          php -v && composer --version
+
+      - name: Setup MokoStandards tools
+        env:
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
+          MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
+          MOKO_CLONE_HOST: ${{ secrets.MOKOGITEA_TOKEN && 'git.mokoconsulting.tech/MokoConsulting' || 'github.com/mokoconsulting-tech' }}
+          COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.MOKOGITEA_TOKEN || github.token }}"}}'
+        run: |
+          git clone --depth 1 --branch main --quiet \
+            "https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/MokoStandards-API.git" \
+            /tmp/mokostandards-api 2>/dev/null || true
+          if [ -d "/tmp/mokostandards-api" ] && [ -f "/tmp/mokostandards-api/composer.json" ]; then
+            cd /tmp/mokostandards-api && composer install --no-dev --no-interaction --quiet 2>/dev/null || true
+          fi
+
+      - name: Check FTP configuration
+        id: check
+        env:
+          HOST: ${{ vars.DEV_FTP_HOST }}
+          PATH_VAR: ${{ vars.DEV_FTP_PATH }}
+          PORT: ${{ vars.DEV_FTP_PORT }}
+        run: |
+          if [ -z "$HOST" ] || [ -z "$PATH_VAR" ]; then
+            echo "DEV_FTP_HOST or DEV_FTP_PATH not configured -- cannot deploy"
+            echo "skip=true" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
+          echo "skip=false" >> "$GITHUB_OUTPUT"
+          echo "host=$HOST" >> "$GITHUB_OUTPUT"
+
+          REMOTE="${PATH_VAR%/}"
+          echo "remote=$REMOTE" >> "$GITHUB_OUTPUT"
+
+          [ -z "$PORT" ] && PORT="22"
+          echo "port=$PORT" >> "$GITHUB_OUTPUT"
+
+      - name: Deploy via SFTP
+        if: steps.check.outputs.skip != 'true'
+        env:
+          SFTP_KEY: ${{ secrets.DEV_FTP_KEY }}
+          SFTP_PASS: ${{ secrets.DEV_FTP_PASSWORD }}
+          SFTP_USER: ${{ vars.DEV_FTP_USERNAME }}
+        run: |
+          SOURCE_DIR="src"
+          [ ! -d "$SOURCE_DIR" ] && SOURCE_DIR="htdocs"
+          [ ! -d "$SOURCE_DIR" ] && { echo "No src/ or htdocs/ -- nothing to deploy"; exit 0; }
+
+          printf '{"host":"%s","port":%s,"username":"%s","remotePath":"%s"' \
+            "${{ steps.check.outputs.host }}" "${{ steps.check.outputs.port }}" "$SFTP_USER" "${{ steps.check.outputs.remote }}" \
+            > /tmp/sftp-config.json
+
+          if [ -n "$SFTP_KEY" ]; then
+            echo "$SFTP_KEY" > /tmp/deploy_key
+            chmod 600 /tmp/deploy_key
+            printf ',"privateKeyPath":"/tmp/deploy_key"}' >> /tmp/sftp-config.json
+          else
+            printf ',"password":"%s"}' "$SFTP_PASS" >> /tmp/sftp-config.json
+          fi
+
+          DEPLOY_ARGS=(--path . --src-dir "$SOURCE_DIR" --config /tmp/sftp-config.json)
+          [ "${{ inputs.clear_remote }}" = "true" ] && DEPLOY_ARGS+=(--clear-remote)
+
+          PLATFORM=$(php /tmp/mokostandards-api/cli/platform_detect.php --path . 2>/dev/null || true)
+          if [ "$PLATFORM" = "waas-component" ] && [ -f "/tmp/mokostandards-api/deploy/deploy-joomla.php" ]; then
+            php /tmp/mokostandards-api/deploy/deploy-joomla.php "${DEPLOY_ARGS[@]}"
+          else
+            php /tmp/mokostandards-api/deploy/deploy-sftp.php "${DEPLOY_ARGS[@]}"
+          fi
+
+          rm -f /tmp/deploy_key /tmp/sftp-config.json
+
+      - name: Summary
+        if: always()
+        run: |
+          if [ "${{ steps.check.outputs.skip }}" = "true" ]; then
+            echo "### Deploy Skipped -- FTP not configured" >> $GITHUB_STEP_SUMMARY
+          else
+            echo "### Manual Dev Deploy Complete" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "| Field | Value |" >> $GITHUB_STEP_SUMMARY
+            echo "|-------|-------|" >> $GITHUB_STEP_SUMMARY
+            echo "| Host | \`${{ steps.check.outputs.host }}\` |" >> $GITHUB_STEP_SUMMARY
+            echo "| Remote | \`${{ steps.check.outputs.remote }}\` |" >> $GITHUB_STEP_SUMMARY
+            echo "| Clear | ${{ inputs.clear_remote }} |" >> $GITHUB_STEP_SUMMARY
+          fi

.mokogitea/workflows/issue-branch.yml

@@ -5,7 +5,7 @@
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: mokocli.Automation
-# VERSION: 01.43.16
+# VERSION: 01.44.00
 # BRIEF: Auto-create feature branch when an issue is opened
 
 name: "Universal: Issue Branch"
@@ -19,7 +19,7 @@ permissions:
   issues: write
 
 env:
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 jobs:
   create-branch:
@@ -28,8 +28,8 @@ jobs:
     steps:
       - name: Create branch and comment
         run: |
-          TOKEN="${{ secrets.GA_TOKEN }}"
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
           ISSUE_NUM="${{ github.event.issue.number }}"
           ISSUE_TITLE="${{ github.event.issue.title }}"
 
@@ -58,7 +58,7 @@ jobs:
             echo "Created branch: ${BRANCH}"
 
             # Comment on issue with branch link
-            REPO_URL="${GITEA_URL}/${{ github.repository }}"
+            REPO_URL="${MOKOGITEA_URL}/${{ github.repository }}"
             BODY="Branch created: [\`${BRANCH}\`](${REPO_URL}/src/branch/${BRANCH})\n\n\`\`\`bash\ngit fetch origin\ngit checkout ${BRANCH}\n\`\`\`"
 
             curl -sf -X POST \

.mokogitea/workflows/pr-check.yml

@@ -496,39 +496,26 @@ jobs:
     steps:
       - name: Trigger RC pre-release
         env:
-          GA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
           REPO: ${{ github.repository }}
           BRANCH: ${{ github.head_ref }}
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+          MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
         run: |
-          curl -s -X POST             "${GITEA_URL}/api/v1/repos/${REPO}/actions/workflows/pre-release.yml/dispatches"             -H "Authorization: token ${GITEA_TOKEN}"             -H "Content-Type: application/json"             -d "{\"ref\":\"${BRANCH}\",\"inputs\":{\"stability\":\"release-candidate\"}}"
+          curl -s -X POST             "${MOKOGITEA_URL}/api/v1/repos/${REPO}/actions/workflows/pre-release.yml/dispatches"             -H "Authorization: token ${MOKOGITEA_TOKEN}"             -H "Content-Type: application/json"             -d "{\"ref\":\"${BRANCH}\",\"inputs\":{\"stability\":\"release-candidate\"}}"
           echo "### Pre-Release" >> $GITHUB_STEP_SUMMARY
           echo "Triggered RC build on branch \`${BRANCH}\`" >> $GITHUB_STEP_SUMMARY
 
   # ── Issue Reporter ──────────────────────────────────────────────────────
   report-issues:
     name: Report Issues
-    runs-on: ubuntu-latest
     needs: [branch-policy, validate]
     if: >-
       always() &&
       needs.validate.result == 'failure'
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          sparse-checkout: automation/ci-issue-reporter.sh
-          sparse-checkout-cone-mode: false
-
-      - name: "File issue for PR validation failure"
-        env:
-          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
-        run: |
-          chmod +x automation/ci-issue-reporter.sh
-          ./automation/ci-issue-reporter.sh \
-            --gate "PR Validation" \
-            --workflow "PR Check" \
-            --severity error \
-            --details "PR validation failed (syntax, manifest, changelog, or source checks). See the CI run for the specific check that failed."
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
+    with:
+      gate: "PR Validation"
+      workflow: "PR Check"
+      severity: error
+      details: "PR validation failed (syntax, manifest, changelog, or source checks). See the CI run for the specific check that failed."
+    secrets: inherit

.mokogitea/workflows/pre-release.yml

@@ -7,7 +7,7 @@
 # INGROUP: mokocli.Release
 # REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
 # PATH: /templates/workflows/universal/pre-release.yml.template
-# VERSION: 05.01.00
+# VERSION: 05.02.00
 # BRIEF: Auto pre-release on push to dev/alpha/beta/rc branches
 
 name: "Universal: Pre-Release"
@@ -59,6 +59,11 @@ jobs:
           fetch-depth: 0
           token: ${{ secrets.MOKOGITEA_TOKEN }}
           ref: ${{ github.ref_name }}
+          submodules: recursive
+
+      - name: Update submodules to main
+        run: |
+          git submodule foreach --quiet 'git checkout main && git pull --quiet origin main' 2>/dev/null || true
 
       - name: Setup mokocli tools
         env:

.mokogitea/workflows/rc-revert.yml

@@ -29,12 +29,20 @@ jobs:
 
     steps:
       - name: Rename branch
+        env:
+          BRANCH: ${{ github.event.pull_request.head.ref }}
+          REPO: ${{ github.repository }}
+          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+          TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
-          BRANCH="${{ github.event.pull_request.head.ref }}"
+          set -euo pipefail
+          # BRANCH is attacker-controlled (PR head ref). Strict allowlist before ANY use.
+          if ! printf '%s' "$BRANCH" | grep -Eq '^rc/[A-Za-z0-9._/-]+$'; then
+            echo "::error::Refusing unsafe branch name: $BRANCH"; exit 1
+          fi
           SUFFIX="${BRANCH#rc/}"
           DEV_BRANCH="dev/${SUFFIX}"
-          API="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}/api/v1/repos/${{ github.repository }}/branches"
-          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
+          API="${GITEA_URL}/api/v1/repos/${REPO}/branches"
 
           # Create dev/ branch from rc/ branch
           STATUS=$(curl -sf -o /dev/null -w "%{http_code}" -X POST \
@@ -42,25 +50,22 @@ jobs:
             -H "Content-Type: application/json" \
             -d "{\"new_branch_name\": \"${DEV_BRANCH}\", \"old_branch_name\": \"${BRANCH}\"}" \
             "${API}" 2>/dev/null || true)
-
           if [ "$STATUS" = "201" ]; then
-            echo "Created branch: ${DEV_BRANCH}" >> $GITHUB_STEP_SUMMARY
+            echo "Created branch: ${DEV_BRANCH}" >> "$GITHUB_STEP_SUMMARY"
           else
-            echo "::error::Failed to create ${DEV_BRANCH} from ${BRANCH} (HTTP ${STATUS})"
-            exit 1
+            echo "::error::Failed to create ${DEV_BRANCH} from ${BRANCH} (HTTP ${STATUS})"; exit 1
           fi
 
-          # Delete rc/ branch
-          ENCODED=$(php -r "echo rawurlencode('${BRANCH}');")
+          # Read BRANCH from the environment inside PHP (getenv, no string interpolation -> no PHP injection)
+          ENCODED=$(php -r 'echo rawurlencode(getenv("BRANCH"));')
           STATUS=$(curl -sf -o /dev/null -w "%{http_code}" -X DELETE \
             -H "Authorization: token ${TOKEN}" \
             "${API}/${ENCODED}" 2>/dev/null || true)
-
           if [ "$STATUS" = "204" ]; then
-            echo "Deleted branch: ${BRANCH}" >> $GITHUB_STEP_SUMMARY
+            echo "Deleted branch: ${BRANCH}" >> "$GITHUB_STEP_SUMMARY"
           else
             echo "::warning::Failed to delete ${BRANCH} (HTTP ${STATUS})"
           fi
 
-          echo "### RC Reverted" >> $GITHUB_STEP_SUMMARY
-          echo "${BRANCH} → ${DEV_BRANCH}" >> $GITHUB_STEP_SUMMARY
+          echo "### RC Reverted" >> "$GITHUB_STEP_SUMMARY"
+          echo "${BRANCH} → ${DEV_BRANCH}" >> "$GITHUB_STEP_SUMMARY"

.mokogitea/workflows/repo-health.yml

@@ -77,7 +77,7 @@ jobs:
       - name: Check actor permission (admin only)
         id: perm
         env:
-          TOKEN: ${{ secrets.MOKOGITEA_TOKEN || secrets.MOKOGITEA_TOKEN || github.token }}
+          TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
           REPO: ${{ github.repository }}
           ACTOR: ${{ github.actor }}
         run: |
@@ -671,42 +671,30 @@ jobs:
   # ═══════════════════════════════════════════════════════════════════════
   # Issue Reporter — file issues for failed gates
   # ═══════════════════════════════════════════════════════════════════════
-  report-issues:
-    name: "Report Issues"
-    runs-on: ubuntu-latest
-    needs: [access_check, scripts_governance, repo_health]
+  report-scripts:
+    name: "Report: Scripts Governance"
+    needs: [access_check, scripts_governance]
     if: >-
       always() &&
-      (needs.scripts_governance.result == 'failure' ||
-       needs.repo_health.result == 'failure')
+      needs.scripts_governance.result == 'failure'
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
+    with:
+      gate: "Scripts Governance"
+      workflow: "Repo Health"
+      severity: error
+      details: "Scripts directory policy violations detected. Review required and allowed directories."
+    secrets: inherit
 
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          sparse-checkout: automation/ci-issue-reporter.sh
-          sparse-checkout-cone-mode: false
-
-      - name: "File issues for failed gates"
-        env:
-          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
-        run: |
-          chmod +x automation/ci-issue-reporter.sh
-          REPORTER="./automation/ci-issue-reporter.sh"
-          WF="Repo Health"
-
-          report_gate() {
-            local gate="$1" result="$2" details="$3"
-            if [ "$result" = "failure" ]; then
-              "$REPORTER" --gate "$gate" --details "$details" --workflow "$WF" --severity error
-            fi
-          }
-
-          report_gate "Scripts Governance" \
-            "${{ needs.scripts_governance.result }}" \
-            "Scripts directory policy violations detected. Review required and allowed directories."
-
-          report_gate "Repository Health" \
-            "${{ needs.repo_health.result }}" \
-            "Repository health checks failed — missing required artifacts, disallowed files, or content warnings. Check the CI run summary."
+  report-health:
+    name: "Report: Repository Health"
+    needs: [access_check, repo_health]
+    if: >-
+      always() &&
+      needs.repo_health.result == 'failure'
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
+    with:
+      gate: "Repository Health"
+      workflow: "Repo Health"
+      severity: error
+      details: "Repository health checks failed — missing required artifacts, disallowed files, or content warnings. Check the CI run summary."
+    secrets: inherit

.mokogitea/workflows/version-set.yml

@@ -0,0 +1,130 @@
+# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# FILE INFORMATION
+# DEFGROUP: Gitea.Workflow.Template
+# INGROUP: MokoStandards.CI
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla
+# PATH: /.mokogitea/workflows/version-set.yml
+# VERSION: 01.00.00
+# BRIEF: Set or reset the extension version across all version-bearing files
+
+name: "Joomla: Set Version"
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: "Version number (e.g. 01.00.00)"
+        required: true
+        type: string
+      branch:
+        description: "Branch to update (default: current)"
+        required: false
+        type: string
+
+permissions:
+  contents: write
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  set-version:
+    name: Set Version to ${{ inputs.version }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Validate version format
+        run: |
+          VERSION="${{ inputs.version }}"
+          if ! echo "$VERSION" | grep -qP '^\d{2}\.\d{2}\.\d{2}$'; then
+            echo "::error::Invalid version format '${VERSION}' — expected XX.YY.ZZ (e.g. 01.00.00)"
+            exit 1
+          fi
+          echo "VERSION=${VERSION}" >> "$GITHUB_ENV"
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
+          ref: ${{ inputs.branch || github.ref }}
+          fetch-depth: 1
+
+      - name: Update manifest version
+        run: |
+          MANIFEST=""
+          for XML_FILE in $(find . -maxdepth 3 -name "*.xml" -not -path "./.git/*" -not -path "./vendor/*"); do
+            if grep -q "<extension" "$XML_FILE" 2>/dev/null; then
+              MANIFEST="$XML_FILE"
+              break
+            fi
+          done
+
+          if [ -z "$MANIFEST" ]; then
+            echo "::warning::No Joomla extension manifest found — skipping manifest update"
+          else
+            OLD_VER=$(grep -oP '<version>\K[^<]+' "$MANIFEST" | head -1)
+            sed -i "s|<version>${OLD_VER}</version>|<version>${VERSION}</version>|" "$MANIFEST"
+            echo "Manifest: ${OLD_VER} → ${VERSION} (${MANIFEST})"
+          fi
+
+      - name: Update README.md version
+        run: |
+          if [ -f "README.md" ]; then
+            if grep -qP '^\s*VERSION:\s*\d' README.md; then
+              sed -i -E "s/(VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" README.md
+              echo "README.md version updated to ${VERSION}"
+            else
+              echo "::warning::No VERSION line found in README.md — skipping"
+            fi
+          fi
+
+      - name: Update CHANGELOG.md
+        run: |
+          if [ -f "CHANGELOG.md" ]; then
+            DATE=$(date +%Y-%m-%d)
+            # Check if this version already has an entry
+            if grep -q "^\#\# \[${VERSION}\]" CHANGELOG.md; then
+              echo "CHANGELOG.md already has entry for ${VERSION} — skipping"
+            else
+              # Insert new version entry after [Unreleased] or at the top after header
+              if grep -q '^\#\# \[Unreleased\]' CHANGELOG.md; then
+                sed -i "/^\#\# \[Unreleased\]/a\\\\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
+              else
+                sed -i "/^\# Changelog/a\\\\n## [Unreleased]\n\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
+              fi
+              echo "CHANGELOG.md: added entry for ${VERSION}"
+            fi
+          else
+            echo "::warning::No CHANGELOG.md found — skipping"
+          fi
+
+      - name: Update FILE INFORMATION blocks
+        run: |
+          # Update VERSION in file header blocks (# VERSION: XX.YY.ZZ)
+          find . -maxdepth 1 -type f \( -name "*.yml" -o -name "*.yaml" -o -name "*.php" -o -name "*.md" \) \
+            -not -path "./.git/*" -not -path "./vendor/*" -print0 2>/dev/null | \
+          while IFS= read -r -d '' FILE; do
+            if head -20 "$FILE" | grep -qP '^\s*#?\s*VERSION:\s*\d{2}\.\d{2}\.\d{2}'; then
+              sed -i -E "s/(#?\s*VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" "$FILE"
+              echo "Updated FILE INFORMATION VERSION in ${FILE}"
+            fi
+          done
+
+      - name: Commit and push
+        run: |
+          git config user.name "Moko Consulting [bot]"
+          git config user.email "hello@mokoconsulting.tech"
+          git add -A
+          if git diff --cached --quiet; then
+            echo "No version changes detected — nothing to commit"
+          else
+            git commit -m "chore: set version to ${VERSION} [skip bump]
+
+Authored-by: Moko Consulting"
+            git push
+            echo "### Version Set" >> $GITHUB_STEP_SUMMARY
+            echo "Version updated to \`${VERSION}\` on branch \`${GITHUB_REF_NAME}\`" >> $GITHUB_STEP_SUMMARY
+          fi

.mokogitea/workflows/workflow-sync-trigger.yml

@@ -13,6 +13,7 @@
 name: "Universal: Workflow Sync Trigger"
 
 on:
+  workflow_dispatch:
   pull_request:
     types: [closed]
     branches:
@@ -26,8 +27,9 @@ jobs:
     name: Sync workflows to live repos
     runs-on: ubuntu-latest
     if: >-
-      github.event.pull_request.merged == true &&
-      !contains(github.event.pull_request.title, '[skip sync]')
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.pull_request.merged == true &&
+      !contains(github.event.pull_request.title, '[skip sync]'))
 
     steps:
       - name: Determine platform from repo name
@@ -49,8 +51,14 @@ jobs:
         env:
           MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
-          GITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
-          git clone --depth 1 "${GITEA_URL}/MokoConsulting/mokocli.git" /tmp/mokocli
+          MOKOGITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
+          git clone --depth 1 "${MOKOGITEA_URL}/MokoConsulting/mokocli.git" /tmp/mokocli
+
+      - name: Install PHP
+        run: |
+          if ! command -v php &> /dev/null; then
+            apt-get update -qq && apt-get install -y -qq php-cli php-json php-curl > /dev/null 2>&1
+          fi
 
       - name: Install dependencies
         run: |

CHANGELOG.md

@@ -1,7 +1,11 @@
 # Changelog
-
 ## [Unreleased]
 
+## [01.44.00] --- 2026-06-28
+
+
+## [01.44.00] --- 2026-06-28
+
 ### Added
 - Customizable restore script filename per backup profile (reduces discoverability on remote servers)
 - MokoRestore standalone mode: multi-ZIP selector when multiple backup archives are present
@@ -33,126 +37,3 @@
 
 
 ## [01.42.00] --- 2026-06-23
-
-## [01.41.00] — 2026-06-23
-
-### Added — Multi-Remote Storage
-- New `#__mokosuitebackup_remotes` table for multiple destinations per profile
-- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit
-- Engine uploads to ALL enabled destinations (BackupEngine + SteppedBackupEngine)
-- Migration auto-converts existing SFTP/S3/GDrive/FTP profile columns to new table
-- Backward compatibility: falls back to legacy single-remote columns if table empty
-- Secrets masked in API responses, merged from DB on save
-
-### Added — Content Snapshots
-- Lightweight JSON snapshots of articles, categories, and modules
-- Includes tags, custom fields, workflow associations, field values
-- Restore modes: Replace (clean slate), Merge (upsert), Selective (per-article)
-- Snapshot retention: max count + max age with automatic cleanup
-- Scheduled snapshot task via com_scheduler
-- CLI: `mokosuitebackup:snapshot create|restore|list|delete`
-- REST API: create, list, restore, delete, download snapshots
-- Tabbed browse modal: Articles / Categories / Modules with item counts
-
-### Added — SFTP Remote Storage
-- SFTP support with SSH key file authentication (key stored base64 in database)
-- Auth type dropdown: Password / Key File / Key File + Passphrase
-- SshKeyField: file upload via FileReader, key never exposed in HTML
-- SFTP remote directory browser for path selection
-- `__KEEP_EXISTING__` sentinel preserves key on profile re-save
-
-### Added — MokoRestore Wizard (9 steps)
-- Per-table conflict resolution: Replace / Skip / Merge / Data Only
-- Preset buttons: "All Replace", "All Skip", "Everything except users"
-- Post-restore actions: reset passwords, hits, versions, sessions, cache
-- Auto-detect sanitized passwords and prompt for reset (random temp password)
-- Standalone mode: restore.php scans directory for ZIP files
-- Wrapped mode: restore.php bundled inside backup ZIP
-- Security gate with filesystem verification + path traversal protection
-
-### Added — Data Sanitization
-- Sanitize user passwords: replace hashes with invalid sentinel
-- Sanitize user emails: replace with dummy values
-- Clear session data: exclude `#__session` table
-- Preserve super admin credentials (optional)
-- GDPR-friendly backup sharing for demos and staging sites
-
-### Added — Backup Engine
-- Pre-flight validation: directory, disk space, extensions, credentials, running backups
-- Auto-verify archive integrity after creation (ZIP, tar.gz, 7z)
-- 7z archive format via system 7za/7z CLI binary with native encryption
-- Streaming database dump to temp file (prevents OOM on large sites)
-- S3 streaming upload via CURLOPT_PUT (prevents OOM)
-- Graceful remote degradation: local backup preserved if upload fails
-- DatabaseDumper::dumpToFile() for memory-efficient operation
-
-### Added — Admin UI
-- Dashboard: snapshot widget, 30-day backup trend chart, per-profile storage breakdown
-- CPanel admin dashboard module (mod_mokosuitebackup_cpanel) with quick actions
-- Backup type filter dropdown in backups list
-- Backup comparison: select two backups for side-by-side diff
-- Archive browser: view files inside backup without extracting
-- Manual purge: delete backups older than a date with count preview
-- Backup count badges on profile list
-- "Do not navigate away" warning in backup/restore progress modals
-- Clickable placeholder pills for backup directory and archive name fields
-- Comprehensive help modal with absolute/relative/placeholder path documentation
-- Placeholder resolution display with EXAMPLE prefix
-- All placeholders UPPERCASE: [HOST], [SITE_NAME], [DATE], [DATETIME], etc.
-
-### Added — CLI & API
-- `mokosuitebackup:restore` with --files-only, --db-only, --password options
-- `mokosuitebackup:snapshot` with create, restore, list, delete actions
-- REST API for snapshots: create, list, restore, delete, download
-- Profile credentials masked in API responses
-
-### Added — Notifications & Logging
-- Email/ntfy notifications for site restore, snapshot create/restore
-- Joomla Action Logs for restore, snapshot, and snapshot restore events
-- Global ntfy server/topic/token settings (fallback for profiles)
-
-### Added — Security & Configuration
-- Webcron secret field with CSPRNG generator + strength meter
-- IP whitelist field with current IP detection + one-click "Add my IP"
-- 10 ACL permissions with full enforcement audit across all controllers
-- Config defaults: archive format, MokoRestore mode, sanitization settings
-- Path traversal protection on all archive extraction (ZIP, tar.gz, JPA)
-
-### Fixed
-- CLI RestoreCommand passed wrong arguments (filepath instead of record ID)
-- JPA path traversal: reject `../` in archive entry paths
-- S3Uploader OOM: streaming upload instead of file_get_contents
-- DatabaseDumper OOM: streaming to file instead of in-memory string
-- AkeebaImporter: removed unserialize() (PHP object injection risk)
-- BackupTable: delete DB row before file (prevents data loss)
-- RestoreEngine: staging path sanitized with preg_replace
-- API profiles: sensitive fields masked with `***`
-- Webcron: missing return after sendJsonResponse on auth failure
-- loadFormData(): cast array to object (PHP 8.x TypeError fix)
-- MokoRestore data-only mode: uses REPLACE INTO for existing rows
-- Plaintext archive deleted on encryption failure
-- TarGzArchiver: intermediate .tar cleaned in finally block
-- Install script: single-line comments converted to block comments
-- Orphaned root-level webservices plugin files removed
-- include_mokorestore column: TINYINT changed to VARCHAR(20)
-- Snapshot fields_values: scoped dump and restore to com_content.article (previously destroyed values for contacts, users, etc.)
-- Run Backup button: accept CSRF token from GET (fixes "token did not match" on profile edit)
-- SFTP fields: moved into remote fieldset for showon visibility; removed required attr that blocked non-SFTP saves
-- Script.php merge conflict markers resolved
-
-## [01.24.00] — 2026-06-02
-
-### Added
-- Initial release: full-site backup and restore for Joomla 6
-- Database, files, and configuration backup
-- ZIP and tar.gz archive formats with AES-256 encryption
-- Differential backups based on file manifests
-- FTP/FTPS, S3, Google Drive remote storage
-- MokoRestore standalone restore wizard
-- CLI backup and restore commands
-- REST API for remote management
-- Scheduled tasks via com_scheduler
-- Email and ntfy push notifications
-- Per-profile retention, exclusions, and notifications
-- Akeeba Backup migration tool
-- Admin dashboard with system health checks

README.md

@@ -5,7 +5,7 @@ Full-site backup and restore for Joomla — database, files, and configuration.
 | Field | Value |
 |---|---|
 | **Package** | `pkg_mokosuitebackup` |
-| **Type** | Joomla Package (8 sub-extensions) |
+| **Type** | Joomla Package (9 sub-extensions + MokoSuiteClient) |
 | **Joomla** | 6.x+ |
 | **PHP** | 8.1+ |
 | **License** | GPL-3.0-or-later |
@@ -30,7 +30,8 @@ Full-site backup and restore for Joomla — database, files, and configuration.
 - Scheduled snapshot task via com_scheduler
 
 ### Remote Storage
-- SFTP with SSH key file authentication (key stored base64-encoded in database)
+- Multi-remote — upload to multiple destinations per profile simultaneously
+- SFTP with SSH key file auth + remote directory browser
 - Amazon S3 and S3-compatible (DigitalOcean Spaces, Wasabi, MinIO)
 - Google Drive with OAuth2 and resumable uploads
 - Graceful degradation — local backup preserved if upload fails
@@ -66,6 +67,10 @@ Full-site backup and restore for Joomla — database, files, and configuration.
 - Snapshots: create, list, restore, delete, download
 - Profile credentials masked in API responses
 
+### Bundled: MokoSuiteClient
+- Full MokoSuiteClient package installed automatically alongside MokoSuiteBackup
+- Provides admin dashboard, security firewall, tenant management, and developer tools
+
 ## Installation
 
 1. Download from [Releases](https://git.mokoconsulting.tech/MokoConsulting/MokoSuiteBackup/releases)

SECURITY.md

@@ -0,0 +1,241 @@
+<!--
+Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+
+This file is part of a Moko Consulting project.
+
+SPDX-License-Identifier: GPL-3.0-or-later
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+# FILE INFORMATION
+DEFGROUP: Template-Joomla
+INGROUP: Template-Joomla.Documentation
+REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla
+PATH: /SECURITY.md
+VERSION: 01.44.00
+BRIEF: Security vulnerability reporting and handling policy
+-->
+
+# Security Policy
+
+## Purpose and Scope
+
+This document defines the security vulnerability reporting, response, and disclosure policy for this Joomla Plugin template repository. It establishes the authoritative process for responsible disclosure, assessment, remediation, and communication of security issues.
+
+## Supported Versions
+
+Security updates are provided for the following versions:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 01.x.x  | :white_check_mark: |
+| < 01.0  | :x:                |
+
+Only the current major version receives security updates. Users should upgrade to the latest supported version to receive security patches.
+
+## Reporting a Vulnerability
+
+### Where to Report
+
+**DO NOT** create public GitHub issues for security vulnerabilities.
+
+Report security vulnerabilities privately to:
+
+**Email**: `security@mokoconsulting.tech`
+
+**Subject Line**: `[SECURITY] Template-Joomla - Brief Description`
+
+### What to Include
+
+A complete vulnerability report should include:
+
+1. **Description**: Clear explanation of the vulnerability
+2. **Impact**: Potential security impact and severity assessment
+3. **Affected Versions**: Which versions are vulnerable
+4. **Reproduction Steps**: Detailed steps to reproduce the issue
+5. **Proof of Concept**: Code, configuration, or demonstration (if applicable)
+6. **Suggested Fix**: Proposed remediation (if known)
+7. **Disclosure Timeline**: Your expectations for public disclosure
+
+### Response Timeline
+
+* **Initial Response**: Within 3 business days
+* **Assessment Complete**: Within 7 business days
+* **Fix Timeline**: Depends on severity (see below)
+* **Disclosure**: Coordinated with reporter
+
+## Severity Classification
+
+Vulnerabilities are classified using the following severity levels:
+
+### Critical
+* Remote code execution
+* Authentication bypass
+* Data breach or exposure of sensitive information
+* **Fix Timeline**: 7 days
+
+### High
+* Privilege escalation
+* SQL injection or command injection
+* Cross-site scripting (XSS) with significant impact
+* **Fix Timeline**: 14 days
+
+### Medium
+* Information disclosure (limited scope)
+* Denial of service
+* Security misconfigurations with moderate impact
+* **Fix Timeline**: 30 days
+
+### Low
+* Security best practice violations
+* Minor information leaks
+* Issues requiring user interaction or complex preconditions
+* **Fix Timeline**: 60 days or next release
+
+## Remediation Process
+
+1. **Acknowledgment**: Security team confirms receipt and begins investigation
+2. **Assessment**: Vulnerability is validated, severity assigned, and impact analyzed
+3. **Development**: Security patch is developed and tested
+4. **Review**: Patch undergoes security review and validation
+5. **Release**: Fixed version is released with security advisory
+6. **Disclosure**: Public disclosure follows coordinated timeline
+
+## Security Advisories
+
+Security advisories are published via:
+
+* GitHub Security Advisories
+* Release notes and CHANGELOG.md
+* Email notification to project users (if mailing list is established)
+
+Advisories include:
+
+* CVE identifier (if applicable)
+* Severity rating
+* Affected versions
+* Fixed versions
+* Mitigation steps
+* Attribution (with reporter consent)
+
+## Security Best Practices
+
+For projects using this template:
+
+### Required Controls
+
+* Enable GitHub security features (Dependabot, code scanning)
+* Implement branch protection on `main`
+* Require code review for all changes
+* Enforce signed commits (recommended)
+* Use secrets management (never commit credentials)
+* Maintain security documentation
+* Follow secure coding standards defined in MokoStandards
+
+### Joomla Plugin Security
+
+* Follow Joomla security best practices
+* Validate and sanitize all user input
+* Use Joomla's database API to prevent SQL injection
+* Properly escape output to prevent XSS
+* Implement proper access control checks
+* Use Joomla's session and authentication APIs
+* Keep Joomla and dependencies up to date
+
+### CI/CD Security
+
+* Validate all inputs
+* Sanitize outputs
+* Use least privilege access
+* Pin dependencies with hash verification
+* Scan for vulnerabilities in dependencies
+* Audit third-party actions and tools
+
+#### Automated Security Scanning
+
+All repositories SHOULD implement:
+
+**CodeQL Analysis**:
+* Enabled for PHP and other supported languages
+* Runs on: push to main, pull requests, weekly schedule
+* Query sets: `security-extended` and `security-and-quality`
+* Configuration: `.github/workflows/codeql-analysis.yml`
+
+**Dependabot Security Updates**:
+* Weekly scans for vulnerable dependencies
+* Automated pull requests for security patches
+* Configuration: `.github/dependabot.yml`
+
+**Secret Scanning**:
+* Enabled by default with push protection
+* Prevents accidental credential commits
+
+### Dependency Management
+
+* Keep dependencies up to date
+* Monitor security advisories for dependencies
+* Remove unused dependencies
+* Audit new dependencies before adoption
+* Document security-critical dependencies
+
+## Compliance and Governance
+
+This security policy is aligned with MokoStandards. Deviations require documented justification.
+
+Security policies are reviewed and updated at least annually or following significant security incidents.
+
+## Attribution and Recognition
+
+We acknowledge and appreciate responsible disclosure. With your permission, we will:
+
+* Credit you in security advisories
+* List you in CHANGELOG.md for the fix release
+* Recognize your contribution publicly (if desired)
+
+## Contact and Escalation
+
+* **Security Team**: security@mokoconsulting.tech
+* **Primary Contact**: hello@mokoconsulting.tech
+* **Escalation**: For urgent matters requiring immediate attention, contact the maintainer directly via GitHub
+
+## Out of Scope
+
+The following are explicitly out of scope:
+
+* Issues in third-party dependencies (report directly to maintainers)
+* Social engineering attacks
+* Physical security issues
+* Denial of service via resource exhaustion without amplification
+* Issues requiring physical access to systems
+* Theoretical vulnerabilities without proof of exploitability
+
+---
+
+## Metadata
+
+| Field        | Value                                                                                                        |
+| ------------ | ------------------------------------------------------------------------------------------------------------ |
+| Document     | Security Policy                                                                                              |
+| Path         | /SECURITY.md                                                                                                 |
+| Repository   | [https://github.com/mokoconsulting-tech/Template-Joomla](https://github.com/mokoconsulting-tech/Template-Joomla) |
+| Owner        | Moko Consulting                                                                                              |
+| Scope        | Security vulnerability handling                                                                              |
+| Status       | Active                                                                                                       |
+| Effective    | 2026-01-16                                                                                                   |
+
+## Revision History
+
+| Date       | Change Description                                | Author          |
+| ---------- | ------------------------------------------------- | --------------- |
+| 2026-01-16 | Initial creation for template repository          | Moko Consulting |

source/packages/com_mokosuitebackup/config.xml

@@ -21,7 +21,7 @@
 			type="sql"
 			label="COM_MOKOJOOMBACKUP_CONFIG_DEFAULT_PROFILE"
 			description="COM_MOKOJOOMBACKUP_CONFIG_DEFAULT_PROFILE_DESC"
-			query="SELECT id AS value, CONCAT(title, ' (#', id, ')') AS text FROM #__mokosuitebackup_profiles WHERE published = 1 ORDER BY ordering ASC"
+			query="SELECT id AS value, CONCAT(title, ' (#', id, ')') AS text FROM #__mokosuitebackup_profiles WHERE published = 1 ORDER BY id ASC"
 			default="1"
 		>
 			<option value="1">Default Backup Profile (#1)</option>

source/packages/com_mokosuitebackup/language/en-GB/com_mokosuitebackup.ini

@@ -42,6 +42,8 @@ COM_MOKOJOOMBACKUP_DASHBOARD_STORAGE_BREAKDOWN="Storage by Profile"
 COM_MOKOJOOMBACKUP_DASHBOARD_BACKUP_TREND="Backup Trend (30 days)"
 
 ; Backups view
+COM_MOKOJOOMBACKUP_BACKUPS_N_ITEMS_DELETED="%d backup records deleted."
+COM_MOKOJOOMBACKUP_BACKUPS_N_ITEMS_DELETED_1="%d backup record deleted."
 COM_MOKOJOOMBACKUP_BACKUPS_TITLE="Backup Records"
 COM_MOKOJOOMBACKUP_BACKUPS_TABLE_CAPTION="Table of backup records"
 COM_MOKOJOOMBACKUP_NO_BACKUPS="No backups found. Click 'Backup Now' to create your first backup."

source/packages/com_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="component" method="upgrade">
 	<name>MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/com_mokosuitebackup/sql/install.mysql.sql

@@ -40,6 +40,7 @@ CREATE TABLE IF NOT EXISTS `#__mokosuitebackup_profiles` (
 	`remote_keep_local`    TINYINT(1) NOT NULL DEFAULT 1 COMMENT 'Keep local copy after upload',
 	`encryption_password`  VARCHAR(255) NOT NULL DEFAULT '' COMMENT 'AES-256 archive encryption password (blank = no encryption)',
 	`include_mokorestore`    VARCHAR(20) NOT NULL DEFAULT '0' COMMENT 'MokoRestore mode: 0=none, 1=wrapped, standalone',
+	`restore_script_name`   VARCHAR(100) NOT NULL DEFAULT 'restore.php' COMMENT 'Custom restore script filename',
 	`sanitize_passwords`    TINYINT(1) NOT NULL DEFAULT 0 COMMENT 'Replace user password hashes with invalid value',
 	`preserve_super_admin`  TINYINT(1) NOT NULL DEFAULT 1 COMMENT 'Keep super admin password when sanitizing',
 	`sanitize_emails`       TINYINT(1) NOT NULL DEFAULT 0 COMMENT 'Replace user emails with dummy values',
@@ -54,7 +55,6 @@ CREATE TABLE IF NOT EXISTS `#__mokosuitebackup_profiles` (
 	`ntfy_server`          VARCHAR(512) NOT NULL DEFAULT 'https://ntfy.sh' COMMENT 'ntfy server URL',
 	`ntfy_token`           VARCHAR(255) NOT NULL DEFAULT '' COMMENT 'ntfy access token (optional)',
 	`published`         TINYINT(1) NOT NULL DEFAULT 1,
-	`ordering`          INT(11) NOT NULL DEFAULT 0,
 	`created`           DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
 	`modified`          DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
 	PRIMARY KEY (`id`),
@@ -113,14 +113,13 @@ CREATE TABLE IF NOT EXISTS `#__mokosuitebackup_remotes` (
 	`title`            VARCHAR(255) NOT NULL DEFAULT '',
 	`type`             VARCHAR(20) NOT NULL DEFAULT 'sftp' COMMENT 'sftp, s3, google_drive',
 	`enabled`          TINYINT(1) NOT NULL DEFAULT 1,
-	`keep_local`       TINYINT(1) NOT NULL DEFAULT 1 COMMENT 'Keep local copy after upload',
-	`config`           MEDIUMTEXT NOT NULL COMMENT 'JSON — type-specific settings',
+	`params`           MEDIUMTEXT COMMENT 'JSON: type-specific settings',
 	`ordering`         INT(11) NOT NULL DEFAULT 0,
 	`created`          DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
 	`modified`         DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
 	PRIMARY KEY (`id`),
 	KEY `idx_profile` (`profile_id`),
-	KEY `idx_enabled` (`enabled`)
+	KEY `idx_enabled` (`profile_id`, `enabled`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
 
 -- Insert default backup profile (IGNORE prevents duplicate key error on update)
@@ -128,12 +127,12 @@ INSERT IGNORE INTO `#__mokosuitebackup_profiles` (
 	`id`, `title`, `description`, `backup_type`,
 	`archive_format`, `compression_level`, `split_size`, `backup_dir`,
 	`exclude_dirs`, `exclude_files`, `exclude_tables`,
-	`published`, `ordering`, `created`, `modified`
+	`published`, `created`, `modified`
 ) VALUES (
 	1, 'Default Backup Profile', 'Full site backup with default settings', 'full',
 	'zip', 5, 0, '[DEFAULT_DIR]',
 	'administrator/components/com_mokosuitebackup/backups\ntmp\ncache\nlogs\nadministrator/logs',
 	'.gitignore\n.htaccess.bak',
 	'#__session',
-	1, 1, NOW(), NOW()
+	1, NOW(), NOW()
 );

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.19.sql

@@ -0,0 +1 @@
+/* 01.43.19 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.20.sql

@@ -0,0 +1 @@
+/* 01.43.20 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.21.sql

@@ -0,0 +1 @@
+/* 01.43.21 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.22.sql

@@ -0,0 +1,5 @@
+-- 01.43.22 — Add restore_script_name to profiles, align remotes schema
+
+ALTER TABLE `#__mokosuitebackup_profiles`
+  ADD COLUMN `restore_script_name` VARCHAR(100) NOT NULL DEFAULT 'restore.php' COMMENT 'Custom restore script filename'
+  AFTER `include_mokorestore`;

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.23.sql

@@ -0,0 +1 @@
+/* 01.43.23 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.24.sql

@@ -0,0 +1 @@
+/* 01.43.24 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.25.sql

@@ -0,0 +1 @@
+/* 01.43.25 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.26.sql

@@ -0,0 +1 @@
+/* 01.43.26 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.29.sql

@@ -0,0 +1 @@
+/* 01.43.29 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.30.sql

@@ -0,0 +1 @@
+/* 01.43.30 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.31.sql

@@ -0,0 +1 @@
+/* 01.43.31 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.32.sql

@@ -0,0 +1 @@
+/* 01.43.32 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.33.sql

@@ -0,0 +1 @@
+ALTER TABLE `#__mokosuitebackup_profiles` DROP COLUMN `ordering`;

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.34.sql

@@ -0,0 +1 @@
+/* 01.43.34 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.43.35.sql

@@ -0,0 +1 @@
+/* 01.43.35 — no schema changes */

source/packages/com_mokosuitebackup/sql/updates/mysql/01.44.00.sql

@@ -0,0 +1 @@
+/* 01.44.00 — no schema changes */

source/packages/com_mokosuitebackup/src/Controller/AjaxController.php

@@ -924,11 +924,11 @@ class AjaxController extends BaseController
 			return;
 		}
 
-		// Decode JSON config and mask secrets
+		// Decode JSON params and mask secrets
 		$items = [];
 
 		foreach ($rows as $row) {
-			$config = json_decode($row->config, true) ?: [];
+			$config = json_decode($row->params, true) ?: [];
 
 			// Mask sensitive fields so they never leave the server in list views
 			$masked = $this->maskSecrets($config, $row->type);
@@ -939,8 +939,7 @@ class AjaxController extends BaseController
 				'title'      => $row->title,
 				'type'       => $row->type,
 				'enabled'    => (int) $row->enabled,
-				'keep_local' => (int) $row->keep_local,
-				'config'     => $masked,
+				'params'     => $masked,
 				'ordering'   => (int) $row->ordering,
 			];
 		}
@@ -971,7 +970,6 @@ class AjaxController extends BaseController
 		$title     = trim($this->input->getString('remote_title', ''));
 		$type      = $this->input->getCmd('remote_type', 'sftp');
 		$enabled   = $this->input->getInt('remote_enabled', 1);
-		$keepLocal = $this->input->getInt('remote_keep_local', 1);
 		$configRaw = $this->input->getString('remote_config', '{}');
 
 		if (!$profileId) {
@@ -1019,9 +1017,7 @@ class AjaxController extends BaseController
 			$table->title      = $title;
 			$table->type       = $type;
 			$table->enabled    = $enabled ? 1 : 0;
-			$table->keep_local = $keepLocal ? 1 : 0;
-			$table->config     = json_encode($config);
-
+			$table->params     = json_encode($config);
 			if (!$table->check() || !$table->store()) {
 				$this->sendJson(['error' => true, 'message' => $table->getError() ?: 'Save failed']);
 
@@ -1190,7 +1186,7 @@ class AjaxController extends BaseController
 		try {
 			$db    = Factory::getDbo();
 			$query = $db->getQuery(true)
-				->select($db->quoteName('config'))
+				->select($db->quoteName('params'))
 				->from($db->quoteName('#__mokosuitebackup_remotes'))
 				->where($db->quoteName('id') . ' = ' . $id);
 			$db->setQuery($query);

source/packages/com_mokosuitebackup/src/Engine/AkeebaImporter.php

@@ -249,7 +249,6 @@ class AkeebaImporter
 			'remote_keep_local'    => 1,
 			'include_mokorestore'    => (int) (($config['akeeba.advanced.embedded_installer'] ?? 'none') !== 'none'),
 			'published'         => 1,
-			'ordering'          => (int) $akProfile->id,
 			'created'           => $now,
 			'modified'          => $now,
 		];

source/packages/com_mokosuitebackup/src/Engine/SteppedBackupEngine.php

@@ -394,8 +394,14 @@ class SteppedBackupEngine
 			$restoreScriptName = MokoRestore::sanitizeScriptName($restoreScriptName);
 			$restoreDir = dirname($session->archivePath);
 			$session->restoreScriptPath = $restoreDir . '/' . $restoreScriptName;
-			MokoRestore::generateStandalone($session->restoreScriptPath);
-			$session->log('Standalone ' . $restoreScriptName . ' generated');
+
+			try {
+				MokoRestore::generateStandalone($session->restoreScriptPath);
+				$session->log('Standalone ' . $restoreScriptName . ' generated');
+			} catch (\Throwable $e) {
+				$session->log('MokoRestore error: ' . $e->getMessage() . ' in ' . $e->getFile() . ':' . $e->getLine());
+				$session->log('Stack trace: ' . $e->getTraceAsString());
+			}
 		}
 
 		// Update record

source/packages/com_mokosuitebackup/src/Field/SshKeyField.php

@@ -29,7 +29,10 @@ class SshKeyField extends FormField
 		$id    = $this->id;
 		$name  = $this->name;
 
-		$hasKey = !empty($value) && str_contains($value, 'PRIVATE KEY');
+		$decoded = !empty($value) ? (base64_decode($value, true) ?: '') : '';
+		$hasKey = !empty($value) && ($value === '__KEEP_EXISTING__'
+			|| str_contains($value, 'PRIVATE KEY')
+			|| str_contains($decoded, 'PRIVATE KEY'));
 
 		$html = '<div id="' . htmlspecialchars($id) . '-wrapper">';
 

source/packages/com_mokosuitebackup/src/Model/DashboardModel.php

@@ -294,7 +294,7 @@ class DashboardModel extends BaseDatabaseModel
 			->select($db->quoteName(['id', 'title', 'backup_type']))
 			->from($db->quoteName('#__mokosuitebackup_profiles'))
 			->where($db->quoteName('published') . ' = 1')
-			->order($db->quoteName('ordering') . ' ASC');
+			->order($db->quoteName('id') . ' ASC');
 		$db->setQuery($query);
 
 		return $db->loadObjectList() ?: [];

source/packages/com_mokosuitebackup/src/Model/ProfilesModel.php

@@ -25,7 +25,6 @@ class ProfilesModel extends ListModel
 				'title', 'a.title',
 				'backup_type', 'a.backup_type',
 				'published', 'a.published',
-				'ordering', 'a.ordering',
 			];
 		}
 

source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml

@@ -8,8 +8,7 @@
  -->
 <extension type="module" client="administrator" method="upgrade">
 	<name>mod_mokosuitebackup_cpanel</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-23</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="actionlog" method="upgrade">
 	<name>Action Log - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-04</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="console" method="upgrade">
 	<name>Console - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-04</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="content" method="upgrade">
 	<name>Content - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-04</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml

@@ -1,8 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <extension type="plugin" group="quickicon" method="upgrade">
 	<name>Quick Icon - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="system" method="upgrade">
 	<name>System - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="task" method="upgrade">
 	<name>Task - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml

@@ -7,8 +7,7 @@
  -->
 <extension type="plugin" group="webservices" method="upgrade">
 	<name>Web Services - MokoSuiteBackup</name>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>

source/pkg_mokosuitebackup.xml

@@ -8,8 +8,7 @@
 <extension type="package" method="upgrade">
 	<name>Package - MokoSuiteBackup</name>
 	<packagename>mokosuitebackup</packagename>
-	<version>01.43.16</version>
-	<version>01.43.16</version>
+	<version>01.44.00</version>
 	<creationDate>2026-06-02</creationDate>
 	<author>Moko Consulting</author>
 	<authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -30,6 +29,7 @@
 		<file type="plugin" id="mokosuitebackup" group="content">plg_content_mokosuitebackup.zip</file>
 		<file type="plugin" id="mokosuitebackup" group="actionlog">plg_actionlog_mokosuitebackup.zip</file>
 		<file type="module" id="mod_mokosuitebackup_cpanel" client="administrator">mod_mokosuitebackup_cpanel.zip</file>
+		<file type="package" id="pkg_mokosuiteclient">MokoSuiteClient.zip</file>
 	</files>
 
 	<languages>