mirror of
https://gh.wpcy.net/https://github.com/SilverAssist/wp-github-updater.git
synced 2026-05-01 22:11:19 +08:00
0b20058812
* Initial plan * Add JavaScript asset and PHP methods for built-in check-updates functionality Co-authored-by: miguelcolmenares <1714344+miguelcolmenares@users.noreply.github.com> * Update documentation and version to 1.3.0 for check-updates feature Co-authored-by: miguelcolmenares <1714344+miguelcolmenares@users.noreply.github.com> * Add v1.3.0 usage examples to integration guide Co-authored-by: miguelcolmenares <1714344+miguelcolmenares@users.noreply.github.com> * fix: Address all 7 Copilot PR review comments - Fix XSS vulnerability in showAdminNotice() using DOM construction instead of template string interpolation (#discussion_r2873337739) - Add 'dismissNotice' to i18n strings making dismiss button text translatable (#discussion_r2873337786) - Replace deprecated assertRegExp()/assertNotRegExp() with assertMatchesRegularExpression()/assertDoesNotMatchRegularExpression() for PHPUnit 9.6 (#discussion_r2873337810, #discussion_r2873337822) - Fix site_url() mock fatal error: change parameter type from 'string' to '?string' for nullable default (#discussion_r2873337870) - Rewrite getPackageAssetUrl() to use plugin_dir_url() instead of ABSPATH replacement, supporting subdirectory WP installs (#discussion_r2873337887) - Mark getPackageAssetUrl()/sanitizeJsVarName() as @internal in PHPDoc to clarify they are not public API (#discussion_r2873337845) - Add plugin_dir_url() mock for test compatibility --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: miguelcolmenares <1714344+miguelcolmenares@users.noreply.github.com> Co-authored-by: Miguel Colmenares <me@miguelcolmenares.com>
13 KiB
13 KiB
Changelog
[1.3.0] - 2026-03-02
Added
- Built-in "Check Updates" JavaScript: New
enqueueCheckUpdatesScript()method that provides a complete update check solution without requiring consuming plugins to maintain their own JavaScript files - Asset Management: New
getPackageAssetUrl()method to resolve URLs for package assets in vendor directory - JavaScript Variable Sanitization: New
sanitizeJsVarName()method to create valid JavaScript variable names from plugin basenames - Multi-Plugin Support: Unique global variable names per plugin prevent conflicts when multiple plugins using the updater are active on the same page
- Centralized i18n Strings: Built-in translatable strings for update check messages with override capability
- WordPress Admin Notices: Automatic admin notice display for update check results (checking, available, up-to-date, errors)
- Auto-Redirect: Automatic redirect to WordPress Updates page when updates are available
Changed
- Simplified Integration: Consuming plugins can now use a single method call (
enqueueCheckUpdatesScript()) instead of maintaining ~40 lines of PHP and ~120 lines of JavaScript - Consistent Behavior: Standardized update check behavior across all plugins using the package
- Documentation: Comprehensive README updates with usage examples, migration guide, and multi-plugin support details
Benefits
- Eliminates Code Duplication: No need for per-plugin JavaScript files and AJAX handling code
- Prevents Conflicts: Unique data keys ensure multiple plugins can coexist without interference
- Easier Maintenance: Bug fixes and improvements are centralized in the package
- Better UX: Consistent, polished update check experience across all consuming plugins
[1.2.1] - 2025-10-11
Changed
- PHP Version Requirement: Lowered minimum PHP version from 8.3 to 8.2 for broader compatibility
- Documentation Updates: Updated all documentation, examples, and tests to reflect PHP 8.2 requirement
- Workflow Updates: Updated GitHub Actions workflow to reflect PHP 8.2 requirement
Testing
- 51 Tests Passing: All tests verified with PHP 8.2 compatibility
- Test Fixtures Updated: Updated all test fixtures and expectations for PHP 8.2
[1.2.0] - 2025-10-10
Changed
- Documentation Consolidation: Centralized all documentation into README.md, CHANGELOG.md, and .github/copilot-instructions.md
- Removed Separate Documentation Files: Eliminated
docs/directory to maintain simpler, more maintainable documentation structure - Testing Documentation: Moved comprehensive testing guide to README.md Development section
- Troubleshooting Guide: Integrated troubleshooting information directly into README.md
Testing
- 51 Tests, 130 Assertions: Complete test suite with 100% pass rate
- Real GitHub API Integration Tests: 9 tests making actual HTTP requests to production repositories
- Test Coverage: Unit tests (3), Integration tests (22), WordPress tests (26)
- Performance Verification: Caching performance tests confirm < 10ms for cached API calls
[1.1.5] - 2025-10-10
Fixed
- PCLZIP_ERR_MISSING_FILE (-4) Resolution: Complete rewrite of
upgrader_pre_downloadfilter to properly handle all download scenarios - Download Filter Return Values: Fixed critical issue where filter could return invalid types causing WordPress to fail with PCLZIP errors
- Better Plugin Detection: Added robust verification to ensure filter only intercepts downloads for the correct plugin
- Enhanced Error Handling: Comprehensive error messages for all failure points in the download process
- File Verification: Added multiple validation checks (file size, readability, existence) before returning downloaded file to WordPress
Changed
- Stricter Filter Logic:
maybeFixDownload()now returnsfalseto let WordPress handle downloads that aren't for our plugin - Safety Checks: Added verification of
hook_extradata to ensure we only process downloads for our specific plugin - Improved Documentation: Enhanced PHPDoc comments explaining critical return value requirements for WordPress compatibility
- Download Process: Better handling of HTTP response codes and empty responses with descriptive error messages
Technical Improvements
- Return Type Enforcement: Strict enforcement of
string|WP_Error|falsereturn types (nevertrueor other types) - Multi-line Conditionals: Improved code formatting to meet WordPress Coding Standards (120 character line limit)
- Defensive Programming: Added early returns for edge cases where previous filters have already handled the download
- Minimum File Size Check: Validates downloaded file is at least 100 bytes before considering it valid
[1.1.4] - 2025-08-29
Added
- WordPress Admin Notices: Integrated admin notification system that displays update availability after manual version checks
- Dismissible Update Notices: Users can dismiss update notifications with built-in AJAX functionality
- Admin Notice Management: New
showUpdateNotice()method creates WordPress-compliant admin notices with proper styling - AJAX Notice Dismissal: New
dismissUpdateNotice()AJAX handler for seamless notice management - Transient-Based Notifications: Update notices persist for the same duration as version cache (configurable via
cache_duration)
Changed
- Improved Manual Version Checks: Enhanced
manualVersionCheck()method now sets admin notices for immediate user feedback - Code Refactoring: Centralized update availability logic using
isUpdateAvailable()method to eliminate code duplication - Better WordPress Integration: Manual version checks now properly clear WordPress update transients for immediate admin interface updates
- Enhanced User Experience: Update checks provide both AJAX responses and persistent admin notifications
Fixed
- WordPress Admin Sync: Manual version checks now immediately reflect in WordPress admin plugins page
- Transient Cache Management: Proper clearing of both plugin-specific and WordPress update caches
- Admin Interface Updates: Resolved disconnect between manual checks and WordPress admin display
Technical Improvements
- DRY Principle: Replaced duplicate version comparison logic with centralized
isUpdateAvailable()method calls - AJAX Security: Enhanced nonce verification and sanitization for all AJAX endpoints
- WordPress Standards: All admin notices follow WordPress UI/UX guidelines with proper escaping and styling
- JavaScript Integration: Inline JavaScript for notice dismissal with jQuery compatibility
Documentation
- API Documentation: Added comprehensive Public API Methods section to README
- Integration Examples: Updated all examples to demonstrate new admin notice features
- Configuration Guide: Enhanced advanced configuration examples with new capabilities
- Code Examples: Programmatic version checking examples for developers
[1.1.3] - 2025-08-29
Added
- Enhanced Temporary File Handling: Implemented multiple fallback strategies for temporary file creation to resolve
PCLZIP_ERR_MISSING_FILE (-4)errors - Custom Temporary Directory Support: New
custom_temp_dirconfiguration option in UpdaterConfig for specifying alternative temporary directories - Automatic Directory Creation: The updater now attempts to create temporary directories if they don't exist
- Comprehensive File Verification: Added file existence and readability checks after download to prevent installation failures
Changed
- Improved Download Reliability: Enhanced
maybeFixDownload()method with better error handling and multiple fallback strategies - Robust Temporary File Strategy: Six-tier fallback system for temporary file creation:
- Custom temporary directory (if configured)
- WordPress uploads directory
- WP_CONTENT_DIR/temp (auto-created)
- WP_TEMP_DIR (if defined in wp-config.php)
- System temporary directory
- Manual file creation as last resort
Fixed
- PCLZIP Error Resolution: Addresses
PCLZIP_ERR_MISSING_FILE (-4)errors caused by restrictive /tmp directory permissions - File Write Verification: Added byte-level verification to ensure complete file downloads
- Permission Issues: Better handling of directory permission problems during plugin updates
Documentation
- Integration Examples: Added examples for handling PCLZIP errors in integration guide
- WordPress Configuration: Documented wp-config.php approach for setting custom temporary directories
- Troubleshooting Guide: Comprehensive examples for different temporary directory configuration strategies
[1.1.2] - 2025-08-19
Changed
- API Accessibility: Changed
getLatestVersion()method visibility fromprivatetopublicto allow external access from consuming plugins
[1.1.1] - 2025-08-14
Changed
- License Migration: Updated from GPL v2.0+ to PolyForm Noncommercial 1.0.0
- License References: Updated all references in composer.json, README.md, source files, and GitHub Actions workflow
- License Documentation: Updated license badges and documentation to reflect noncommercial licensing
[1.1.0] - 2025-08-12
Added
- Configurable text domain support: New
text_domainoption inUpdaterConfigconstructor for internationalization flexibility - Translation wrapper methods: Added
__()andesc_html__()methods for package-aware translations - Translatable user-facing messages: All changelog and error messages now support internationalization
- Centralized HTTP header management: Added
getApiHeaders()andgetDownloadHeaders()methods for consistent API communication - Comprehensive PHP coding standards: Implemented phpcs.xml with WordPress and PSR-12 standards enforcement
- String quotation standardization: All strings now consistently use double quotes as per project standards
- Enhanced type declarations: Full PHP 8+ type hint coverage with union types and nullable parameters
- Enhanced PHPDoc documentation: Comprehensive descriptions and
@sinceannotations throughout codebase - GitHub Actions workflow: Automated release creation when tags are pushed
- Automated testing in CI: PHPUnit and PHPCS validation in release pipeline
- Release documentation: Automated generation of release notes from CHANGELOG.md
- Package validation: Automated structure validation and version consistency checks
Changed
- Improved internationalization architecture: Text domain now configurable per consuming plugin instead of hardcoded
- Centralized translation system: All user-facing strings now use configurable text domain with fallback support
- Refactored HTTP request configurations: Eliminated code duplication through centralized header management patterns
- Code quality enforcement: Added automated coding standards checking with phpcs and WordPress security rules
- Documentation standards: Enhanced PHPDoc blocks with complete parameter and return type documentation
- Updated User-Agent headers: Now include version information (WP-GitHub-Updater/1.1.0)
Fixed
- Backward compatibility: Existing code without
text_domainspecification continues working withwp-github-updaterfallback - String consistency: Eliminated mixed quote usage throughout codebase for improved maintainability
- Security compliance: Enhanced input sanitization and output escaping validation
- GitHub API request reliability: Improved through consistent header usage
- Download stability: Optimized headers for GitHub asset downloads
Technical Improvements
- Updated User-Agent headers to version 1.1.0
- Added Composer dev dependencies:
wp-coding-standards/wpcsandslevomat/coding-standard - Implemented comprehensive test coverage for new translation features
- Enhanced error handling with proper WordPress i18n integration
- Improved code maintainability through centralized header management patterns
[1.0.1] - 2025-08-07
Added
- Markdown to HTML parser for changelog display
- Support for headers (#, ##, ###, ####), bold text (text), italic text (text), inline code (
code), lists (- item), and links (text) - Improved changelog readability in WordPress plugin update modal
Changed
- Enhanced changelog formatting from raw markdown to formatted HTML
[1.0.0] - 2025-08-07
Added
- Initial release
- WordPress plugin GitHub updater functionality
- Configurable updater with UpdaterConfig class
- Automatic update integration with WordPress
- Manual AJAX version checking
- Changelog fetching from GitHub releases
- Transient caching for performance
- PSR-4 autoloading
- Comprehensive documentation
- AJAX nonce verification
- WordPress capability checks
