MokoConsulting/MokoWaaS
1
1
Fork 0
Code Issues Pull Requests Actions 41 Packages Releases 1 Wiki Activity
Files
dev
MokoWaaS/CHANGELOG.md
T
Jonathan Miller 17fd3d6b0e
Joomla: Repo Health / Release configuration (push) Blocked by required conditions
Details
Joomla: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Joomla: Repo Health / Repository health (push) Blocked by required conditions
Details
Joomla: Repo Health / Access control (push) Successful in 1s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 6s
Details
Update Server / Update Server (push) Failing after 14s
Details
feat: add Perfect Publisher web services API plugin 
New plg_webservices_perfectpublisher provides REST API for Perfect
Publisher (com_autotweet):

- GET  /v1/perfectpublisher/channels      List social channels
- GET  /v1/perfectpublisher/channels/:id   Channel detail (OAuth redacted)
- GET  /v1/perfectpublisher/posts          List posts (filter by status/channel)
- GET  /v1/perfectpublisher/posts/:id      Post detail
- GET  /v1/perfectpublisher/requests       Pending publish requests
- POST /v1/perfectpublisher/requests       Create publish request
- GET  /v1/perfectpublisher/rules          Publishing rules
- GET  /v1/perfectpublisher/feeds          RSS feeds
- GET  /v1/perfectpublisher/channeltypes   Channel type definitions
- GET  /v1/perfectpublisher/stats          Dashboard statistics

Added to pkg_mokowaas.xml package manifest.

Authored-by: Moko Consulting
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-28 12:24:33 -05:00

18 KiB
Raw Permalink Blame History

Changelog

All notable changes to the MokoWaaS plugin will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Changed

  • Migrated all workflow and template paths from .github/ to .mokogitea/
  • Template source paths updated: templates/gitea/ to templates/mokogitea/
  • HCL definition files removed -- Template repos are now the canonical source

Added

  • branch-cleanup.yml: auto-delete merged feature branches after PR merge
  • plg_webservices_perfectpublisher: REST API for Perfect Publisher (com_autotweet) — channels, posts, requests, rules, feeds, and stats

Planned

  • License/subscription check
  • System email template branding (DB approach)

Added

  • Trusted IPs: configurable repeatable rows of IP addresses, CIDR ranges, and wildcards that bypass admin session timeout
  • Supports exact IPs (192.168.1.100), CIDR (10.0.0.0/24), and wildcards (192.168.1.*)
  • Each entry has a label and enabled toggle for easy management
  • Current IP display above trusted IPs table so admins can easily add their own IP

Fixed

  • Trusted IP session bypass: moved from onAfterInitialise to boot() so Joomla's session lifetime is extended before the session handler validates it (was too late, Joomla expired the session first)
  • updates.xml: removed stale pre-release entries pointing to non-existent dev artifacts, legacy plugin update entry that caused stable sites to attempt dev downloads
  • Removed duplicate <updateservers> from inner plugin manifest — only the package-level manifest should register the update server
  • Auto-cleanup of stale plugin-level update site entries on install/update (cleans #__update_sites and #__update_sites_extensions)

[02.06.00] - 2026-05-25

Added

  • Alias offline bypass: aliases with offline=No override Joomla's global offline setting, allowing access via alias domain while main site is down
  • Block non-master users from viewing or editing MokoWaaS plugin settings
  • Master user bypasses ALL tenant restrictions (install from URL, global config, sysinfo, installer, templates)
  • Admin Help menu redirected to configured support URL (replaces help.joomla.org)

Fixed

  • Install API endpoint: extract ZIP to temp directory before passing to Joomla Installer (was passing ZIP path directly)
  • Clean up extracted temp directory on success or failure
  • Update site disabled by Joomla when protected=1 — ensureProtectedFlag() now re-enables it
  • CI: auto-release fetches updates.xml from main before building (preserves all channels)
  • CI: version_check.php --fix runs after version bump in both workflows
  • CI: checksums attached as [filename].sha256 files instead of in release body
  • CI: auto-release cleaned up — removed duplicate asset loops, inline Python updater, dead code
  • CI: Step 8b uses release_body_update.php CLI instead of inline Python
  • CI: Step 6 tag creation no longer gated by is_minor (was never set)

Changed

  • CI: auto-release uses stream tag stable instead of version tag vXX
  • CI: pre-release package build uses absolute paths (fixes relative path zip error)

[02.05.00] - 2026-05-24

Added

  • Joomla protected=1 flag on all MokoWaaS extensions (framework-level disable/uninstall prevention)
  • Self-healing protected flag — restored each admin session if cleared
  • Block non-master disable via plugin list toggle (plugins.publish)
  • Package script sets protected=1, locked=0 on every install/update
  • Legacy plugin entry in updates.xml for sites upgrading from standalone plugin

Fixed

  • CI: auto-release workflow pkg_pkg_ duplication in release names, ZIP filenames, and SHA256 paths
  • CI: auto-release now strips existing type prefix and uses <packagename> for packages
  • CI: updates_xml_build was cascading entries for all lower channels on stable release — now writes only current channel
  • CI: targetplatform regex ((5.[0-9])|(6.[0-9])) caused Gitea 500 on XML render — simplified to (5|6)\..*
  • updates.xml stable entry now has correct <tag>stable</tag> and download URL
  • README slimmed to overview, detailed content moved to wiki

[02.03.10] - 2026-05-24

Added

  • Canonical URL injection for alias domains (prevents SEO duplication)
  • Primary Domain config field in Site Aliases tab
  • Heartbeat registration for alias domains (each alias gets Grafana datasource)
  • Plugin protection: hidden from non-master users, disable/uninstall blocked
  • Dynamic plugin version read from manifest XML (no more hardcoded strings)
  • Package structure: pkg_mokowaas with system plugin, webservices plugin, and component

Changed

  • Alias offline mode uses Joomla's native template offline.php (not custom HTML)
  • Alias detection simplified: direct lookup in aliases list (no primary host comparison)
  • handleSiteAlias() moved to onAfterRoute (client type resolved at that point)
  • Package script.php enables plugins on every install/update and sends heartbeat

Fixed

  • Alias domain matching: strip trailing slashes, handle Joomla subform stdClass format
  • Backend redirect: use primary_domain setting instead of Uri::root() (returned alias domain on mirrors)
  • CI: version_bump reads manifest XML with priority over README.md VERSION header
  • CI: version bump occurs after release build, not before
  • CI: pipefail disabled during element detection (SIGPIPE on find|head)
  • CI: pkg_pkg_ prefix duplication in zip names and updates.xml URLs
  • CI: updates_xml_build preserves existing channel entries (stable not wiped by dev releases)

Removed

  • deploy-manual.yml workflow — using Joomla update server for distribution
  • Accidentally committed profile.ps1 and TODO.md

[02.01.43] - 2026-05-23

Added

  • Site Aliases tab with Joomla subform repeatable-table UI
  • Per-alias offline toggle with custom maintenance message (503 response)
  • Per-alias robots meta directive (index/noindex/follow/nofollow/none)
  • Per-alias backend redirect (admin panel redirects to primary domain)
  • 6 MokoWaaS API endpoints: health, install, update, cache, backup, info
  • Remote plugin install via /?mokowaas=install endpoint
  • Remote update trigger via /?mokowaas=update endpoint
  • Remote cache clear via /?mokowaas=cache endpoint (site + admin + opcache)
  • Remote Akeeba Backup trigger via /?mokowaas=backup endpoint
  • Compact site info via /?mokowaas=info endpoint

Changed

  • Site aliases moved from comma-separated text field to structured subform
  • Each alias now stores domain, offline, offline_message, robots, redirect_backend
  • Heartbeat provisioning updated for subform alias format
  • Grafana datasource names use domain-only (removed "MokoWaaS - " prefix)

Fixed

  • Heartbeat receiver accepts any 200 status (registered/updated/ok)
  • script.php uses heartbeat receiver instead of Grafana API (fixes 403 RBAC)

[02.01.37] - 2026-05-23

Added

  • Health check endpoint at /?mokowaas=health with 16 diagnostic checks (#54)
  • Core checks: database latency, filesystem writability/size, cache, extensions
  • Backup checks: Akeeba Backup last backup date/status/size, days since, frequency
  • Security checks: Admin Tools WAF status, blocked requests 24h/7d
  • SSL certificate: expiry date, days left, issuer (degraded <30d, error <7d)
  • Scheduled tasks: Joomla task scheduler status, failed tasks 24h
  • Error log: PHP error log size, recent errors, last error message
  • Database size: total MB, table count, top 5 largest tables
  • Content stats: articles, categories, menu items, modules
  • User activity: total users, active sessions, failed logins 24h, last login
  • Mail system: mailer type, from address, SMTP host, queue count
  • SEO health: robots.txt, sitemap, htaccess, SEF status
  • Template info: site/admin template names, override count
  • Configuration drift: debug mode, error reporting, force SSL, caching
  • Human-readable reason field explaining degraded/error status
  • Site size reporting (images, media, tmp, cache, logs directories)
  • Heartbeat provisioning via receiver at bench.mokoconsulting.tech
  • Grafana datasource auto-provisioning via YAML (no API token needed)
  • ntfy notifications on heartbeat registration (mokowaas-heartbeat topic)
  • Grafana dashboard with 9 rows covering all 16 health checks
  • Auto-generated health API token (separate from Joomla user tokens)

Changed

  • Health endpoint always enabled — no config toggle needed
  • Grafana provisioning uses heartbeat receiver pattern (replaces direct API)
  • Removed config fields: enable_health_endpoint, grafana_url, grafana_api_key
  • Migrated .gitea/ to .mokogitea/ directory standard
  • Updated all references from MokoStandards to moko-platform
  • Renamed Gitea references to MokoGitea in docs

Fixed

  • SSL verification disabled for Grafana cURL calls (shared hosting)
  • cURL follow redirects enabled
  • updates.xml download URL uses correct development tag

Security

  • Plugin hidden from plugin list for non-master users
  • Plugin settings restricted to master user only
  • Self-healing lock (enforceLocked) runs every page load
  • Uninstall blocked in preflight
  • Health endpoint requires HTTPS + bearer token
  • Heartbeat shared secret for receiver authentication

[02.01.08] - 2026-04-07

Added

  • Template-based language overrides with {{BRAND_NAME}}, {{COMPANY_NAME}}, {{SUPPORT_URL}} placeholders
  • Configurable brand name, company name, and support URL via plugin params
  • Sentinel-block merge pattern that preserves existing site overrides
  • Install respects user-defined overrides (non-overwrite)
  • ~50 override keys across admin and frontend
  • Powered by links with anchor tag to support URL
  • Login support URL enforcement (mokoconsulting.tech/support, /kb, /news)
  • Atum template branding via params (logoBrandLarge, logoBrandSmall, loginLogo)
  • Shipped media assets: logo.png, favicon.ico, favicon.svg, favicon_256.png
  • Favicon injection (SVG + ICO + Apple touch icon)
  • Admin color scheme via Atum template style params (hue, link-color, special-color)
  • Custom CSS textarea injection
  • Master user enforcement (persistent super admin — "Webmaster")
  • Emergency access (DB password + file verification two-factor)
  • IP whitelist via configuration.php (empty blocks access)
  • IP whitelist display in plugin config (shows current IPs + your IP)
  • All emergency access attempts logged to Joomla Action Logs
  • Email notification on successful emergency login
  • Tenant restrictions: Extension Installer, System Info, Global Configuration, Template code editor
  • Dynamic admin menu hiding via onPreprocessMenuItems
  • Disable install-from-URL for all users
  • Force HTTPS redirect (supports reverse proxy)
  • Admin session idle timeout (default 60 min, master user exempt)
  • Password policy (min length, uppercase, number, special character)
  • Upload type and size restrictions (default 100MB)
  • Maintenance actions: reset all hits, delete all versions
  • Auto-enable plugin on first install
  • Action log extension registration in #__action_logs_extensions and #__action_log_config
  • Custom AllowedIpsField form field for IP whitelist display
  • Joomla 5.x and 6.x compatibility

Fixed

  • Column heading overrides removed (broke module/plugin list views)
  • RegularLabs Position column workaround
  • Nested <a> tags in login support overrides
  • Emergency access moved from onUserAuthenticate to onAfterInitialise (Joomla uses isolated auth dispatcher)
  • Session created directly for emergency login (bypasses auth dispatcher)
  • Auto-complete emergency login after verify file deletion (no re-entering credentials)

Changed

  • Version bumped to 02.01.08 across all files
  • Configuration guide fully rewritten with all fieldsets documented
  • Testing guide with 17 test suites
  • README updated with Usage section, new features, Joomla 5/6 badges

[01.04.00] - 2026-02-22

Added

  • Complete Joomla 5.x system plugin implementation with modern architecture
  • Main plugin class (src/mokowaas.php) with event handlers:
    • onAfterInitialise event hook for framework initialization
    • onAfterRoute event hook for routing integration
  • Plugin manifest (src/mokowaas.xml) with Joomla 5.x namespace support
    • Namespace: Moko\Plugin\System\MokoWaaS
    • Configuration parameter for enabling/disabling branding
  • Dependency injection service provider (src/services/provider.php)
    • DI container registration for Joomla 5.x compatibility
  • Plugin language files in src/language/en-GB/:
    • plg_system_mokowaas.ini - Plugin UI strings
    • plg_system_mokowaas.sys.ini - System/installation strings
  • Enhanced language overrides (57+ strings):
    • Installation sample data branding
    • Site name labels
    • Admin-specific UI elements
    • Version and About sections
  • Security index.html files throughout directory structure
  • Comprehensive README.md with:
    • Badges for version, license, Joomla, and PHP compatibility
    • Table of contents with 12+ major sections
    • Detailed installation instructions (2 methods)
    • Technical implementation documentation
    • Repository structure overview
    • Development and build instructions

Changed

  • Updated all documentation to version 01.04.00
  • Enhanced language overrides with more comprehensive coverage
  • Improved plugin configuration options

Fixed

  • Typo in language override: "ERROR OCCURED" → "ERROR OCCURRED"
  • Repository references updated from placeholders to actual GitHub URLs

Technical

  • Integrates with Joomla's native language override system
  • No programmatic string loading (performance optimization)
  • Event-driven architecture for minimal overhead
  • PSR-4 autoloading through service provider

[01.03.00] - 2025-12-11

Changed

  • General cleanup and code organization
  • Documentation structure improvements

[01.02.01] - 2025-12-11

Changed

  • Version bump for release alignment

[01.02.00] - 2025-12-11

Added

  • Documentation directory (/docs/) with comprehensive guides:
    • Installation guide
    • Configuration guide
    • Build guide
    • Operations guide
    • Troubleshooting guide
    • Upgrade and versioning guide
    • Rollback and recovery guide
  • GitHub workflow for automated builds (.github/workflows/build.yml)
  • Image and favicon replacement feature for complete branding

Changed

  • Improved documentation structure and organization

[01.01.05] - 2025-12-11

Changed

  • Version bump for release coordination

[01.01.04] - 2025-12-11

Fixed

  • Plugin manifest corrections and validation fixes

[01.01.03] - 2025-12-11

Fixed

  • Administrator language file location corrected
  • Language override path alignment with Joomla standards

[01.01.02] - 2025-12-11

Changed

  • Moved plugin code to /src/ directory for better organization
  • Aligned repository structure with release deployment pipeline
  • Improved packaging workflow

Added

  • Release deployment pipeline integration
  • Automated build and validation scripts

[1.0.0] - 2025-12-11

Added

  • Initial release of MokoWaaS plugin
  • Basic language override system for Joomla rebranding
  • Frontend language overrides (en-GB, en-US)
  • Administrator language overrides (en-GB, en-US)
  • Core branding replacements:
    • Footer "Powered by" text
    • Control panel welcome messages
    • Help and documentation links
    • Generic Joomla→MokoWaaS replacements
  • Basic plugin structure and manifest
  • License (GPL-3.0-or-later)
  • Contributing guidelines
  • Code of conduct

Technical Details

  • Joomla 5.x compatible
  • PHP 8.1+ requirement
  • Language override mechanism using Joomla's native system

Version History Summary

Version Date Type Summary
01.04.00 2026-02-22 Major Complete plugin implementation & enhanced docs
01.03.00 2025-12-11 Minor Cleanup and organization
01.02.01 2025-12-11 Patch Version alignment
01.02.00 2025-12-11 Minor Documentation and build system
01.01.05 2025-12-11 Patch Version coordination
01.01.04 2025-12-11 Patch Manifest fixes
01.01.03 2025-12-11 Patch Language location fix
01.01.02 2025-12-11 Patch Repository restructuring
1.0.0 2025-12-11 Major Initial release

Upgrade Notes

Upgrading to 01.04.00

Breaking Changes: None

New Features:

  • Complete Joomla 5.x plugin implementation
  • Dependency injection support
  • Enhanced language overrides (14+ new strings)

Installation:

  1. Backup your current installation
  2. Download the latest release package
  3. Install via Joomla Extension Manager
  4. Clear Joomla cache
  5. Verify branding appears correctly

Upgrading to 01.02.00

New Features:

  • Comprehensive documentation in /docs/
  • Automated build workflows

Notes:

  • Review new documentation for operational guidance
  • Check GitHub workflows for automated builds

Contributing

Please read CONTRIBUTING.md for details on our code of conduct and the process for submitting pull requests.

When adding entries to this changelog:

  1. Add new changes under [Unreleased] section
  2. Use categories: Added, Changed, Deprecated, Removed, Fixed, Security
  3. Include clear, concise descriptions
  4. Reference issue numbers where applicable
  5. Move items from Unreleased to versioned section upon release

Links

Note: For detailed technical documentation, see the /docs/ directory and README.md.

Reference in New Issue View Git Blame Copy Permalink