MokoConsulting/MokoWaaS
1
1
Fork 0
Code Issues 7 Pull Requests Actions 16 Packages Releases 3 Wiki Activity

chore: merge dev to main #19

Merged
jmiller merged 13 commits from dev into main 2026-05-23 01:10:42 +00:00
Conversation 0 Commits 13 Files Changed 6
+266 -695

13 Commits

Author SHA1 Message Date
gitea-actions[bot] 8edced75d3 chore: update development channel 02.01.39 [skip ci]
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 25s
Details
2026-05-23 01:08:12 +00:00
gitea-actions[bot] 142ee2387e chore(version): bump to 02.01.39 [skip ci] 2026-05-23 01:08:10 +00:00
Jonathan Miller ea66ad4b4a security: hide MokoWaaS from plugin list for non-master users 
Injects JS on com_plugins that removes the MokoWaaS row from the
plugin table. Combined with the edit/save block, non-master users
cannot see, edit, or save the plugin settings.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-22 05:53:14 -05:00
Jonathan Miller 48cb040505 security: restrict plugin settings to master user + rename Gitea to MokoGitea 
- Non-master users blocked from editing MokoWaaS plugin config
- isOurPlugin() helper checks extension_id against our plugin
- Blocks both edit view and save task for non-master users
- Renamed bare 'Gitea' references to 'MokoGitea' in docs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-22 05:51:20 -05:00
gitea-actions[bot] aec849c9ae chore: update development channel 02.01.38 [skip ci] 2026-05-22 09:57:19 +00:00
gitea-actions[bot] d3281066dc chore(version): bump to 02.01.38 [skip ci] 2026-05-22 09:57:18 +00:00
Jonathan Miller b17b36e02e security: make plugin hard to disable + block uninstall 
- enforceLocked() runs every page load — re-enables, re-locks, re-protects
  if someone tampers with the database flags
- preflight() blocks uninstall attempts with error message
- Logs tampering attempts to mokowaas log category

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-22 04:56:48 -05:00
gitea-actions[bot] 5020b58da1 chore: update development channel 02.01.37 [skip ci] 2026-05-22 09:41:24 +00:00
gitea-actions[bot] c97432495b chore(version): bump to 02.01.37 [skip ci] 2026-05-22 09:41:23 +00:00
Jonathan Miller b22842f302 refactor: replace Grafana API with heartbeat receiver provisioning 
Remove all Grafana API code (630 lines), obfuscated tokens, SA tokens,
ensureGrafanaPlugin, provisionGrafanaDatasource, buildDashboardModel.

Replace with simple HTTP POST to heartbeat receiver on bench server.
Receiver writes Grafana provisioning YAML and restarts Grafana container.
No API tokens or RBAC permissions needed.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-22 04:40:51 -05:00
gitea-actions[bot] 42d530bfbf chore: update development channel 02.01.36 [skip ci] 2026-05-22 04:02:26 +00:00
gitea-actions[bot] 307dc37d47 chore(version): bump to 02.01.36 [skip ci] 2026-05-22 04:02:25 +00:00
Jonathan Miller 2e4fdcb07e fix: new Grafana SA token with datasource:create + visible heartbeat errors 
- New service account token with correct RBAC permissions
- script.php postflight now shows success/failure messages to admin
- Logs all heartbeat attempts with HTTP code and cURL errors

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-21 23:01:33 -05:00