* chore: add wp-cli.yml and local dev environment docs
Point wp-cli at shared WordPress 7.0-RC2 multisite dev install at
../wordpress (wordpress.local:8080). Documents reset workflow and
WP-CLI usage in AGENTS.md.
* feat(paypal): add comprehensive logging to PayPal Connect proxy
Previously only the deauthorize endpoint logged anything. All other
endpoints (oauth/init, oauth/verify, partner-token) were silent, making
it impossible to debug failed PayPal API calls in production.
This commit adds:
- Protected log() helper with consistent '[PayPal Connect]' prefix and
JSON-encoded context data
- get_debug_id() helper to extract the PayPal-Debug-Id response header
from every PayPal API call (the key value PayPal support and the
integration review team ask for by name)
- Request-received and outcome log entries on all handlers
- Error logging with PayPal-Debug-Id on all failed PayPal API calls:
- /v1/oauth2/token (partner access token)
- /v2/customer/partner-referrals
- /v1/customer/partners/{partner_id}/merchant-integrations/{merchant_id}
- Success logging with debug ID and key response fields
Sensitive values (access tokens, client secrets) are never logged.
Context: the PayPal integration review requires debug IDs from test
API calls. Without server-side logging, the only way to get them was
to instrument the plugin side, which misses proxy-side failures entirely.
4.4 KiB
AGENTS.md — Ultimate Update Server Plugin
Project Overview
WordPress plugin that creates an update server for distributing Ultimate Multisite plugins and addons via WooCommerce downloadable products. Handles update checks, telemetry collection, site discovery, Composer repository, Stripe/PayPal analytics, and release notifications. Runs on the marketplace site (multisiteultimate.com).
Build Commands
composer install # Install PHP dependencies
# No npm build step — no compiled frontend assets
Project Structure
ultimate-update-server-plugin/
├── wp-update-server-plugin.php # Plugin entry point
├── inc/
│ ├── class-update-server.php # Core update server logic
│ ├── class-request-endpoint.php # Update request handling
│ ├── class-product-icon.php # Product icon management
│ ├── class-store-api.php # Store REST API
│ ├── class-telemetry-table.php # Telemetry DB table
│ ├── class-telemetry-receiver.php # Telemetry data ingestion
│ ├── class-telemetry-admin.php # Telemetry dashboard
│ ├── class-passive-installs-table.php # Install tracking table
│ ├── class-passive-install-tracker.php # Passive install detection
│ ├── class-site-discovery-table.php # Site health DB table
│ ├── class-site-discovery-scraper.php # Background site scraper
│ ├── class-site-discovery-admin.php # Discovery dashboard
│ ├── class-composer-token-table.php # Composer auth tokens
│ ├── class-composer-token.php # Token management
│ ├── class-product-versions.php # Version tracking
│ ├── class-composer-repository.php # Composer packages.json endpoint
│ ├── class-downloads-page.php # Customer downloads page
│ ├── class-changelog-manager.php # Changelog tracking
│ ├── class-release-notifier.php # Email notifications (WooCommerce)
│ ├── class-stripe-analytics*.php # Stripe Connect analytics
│ ├── class-paypal-*.php # PayPal Connect + transaction sync
│ └── ...
├── assets/ # Admin CSS/JS
├── templates/ # Admin page templates
├── vendor/ # Composer dependencies
├── composer.json
└── README.md
Code Style & Conventions
- PHP version: >= 7.4 (inferred)
- Namespace:
WP_Update_Server_Plugin\for all classes ininc/ - File naming:
class-{name}.phpininc/ - No autoloader: All files manually
require_once'd in main plugin file - No PHPCS config — follow WordPress Coding Standards
- Relies on:
yahnis-elsts/wp-update-serverlibrary
Key Patterns
- Classes instantiated at load time (global variables in main plugin file)
- WooCommerce-dependent classes loaded inside
woocommerce_loadedhook - Custom database tables for telemetry, installs, site discovery, tokens, analytics
- Site discovery scraper: daily WP-Cron, processes 20 domains/batch, respects robots.txt
- Composer repository endpoint serves
packages.jsonforcomposer require - Stripe and PayPal analytics track payment provider data
Important Notes
- Requires WooCommerce and WP OAuth Server
- Runs only on the marketplace server, not on customer sites
- Telemetry is opt-in from Ultimate Multisite installations
- Site discovery respects
robots.txt(User-Agent:UltimateMultisiteBot) - Product name is "Ultimate Multisite" in user-facing text
Local Development Environment
The shared WordPress dev install for testing this plugin is at ../wordpress (relative to this repo root).
- URL: http://wordpress.local:8080
- Admin: http://wordpress.local:8080/wp-admin —
admin/admin - WordPress version: 7.0-RC2
- This plugin: symlinked into
../wordpress/wp-content/plugins/$(basename $PWD) - Reset to clean state:
cd ../wordpress && ./reset.sh
WP-CLI is configured via wp-cli.yml in this repo root — run wp commands directly from here without specifying --path.
wp plugin activate $(basename $PWD) # activate this plugin
wp plugin deactivate $(basename $PWD) # deactivate
wp db reset --yes && cd ../wordpress && ./reset.sh # full reset