chore: sync pre-release.yml from Template-Generic [skip ci]

.mokogitea/workflows/auto-bump.yml

@@ -22,7 +22,7 @@ on:
 
 env:
   FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 permissions:
   contents: write

.mokogitea/workflows/auto-release.yml

@@ -10,9 +10,9 @@
 # VERSION: 05.00.00
 # BRIEF: Universal build & release � detects platform from manifest.xml
 #
-# +========================================================================+
+# +=======================================================================+
 # |              UNIVERSAL BUILD & RELEASE PIPELINE                        |
-# +========================================================================+
+# +=======================================================================+
 # |                                                                        |
 # |  Reads manifest.xml (joomla|dolibarr|generic) to branch logic.       |
 # |                                                                        |
@@ -21,15 +21,24 @@
 # |    dolibarr: mod*.class.php, update.txt, dev version reset             |
 # |    generic:  README-only, no update stream                             |
 # |                                                                        |
-# +========================================================================+
+# +=======================================================================+
 
 name: "Universal: Build & Release"
 
 on:
   pull_request:
-    types: [opened, closed]
+    types: [opened, synchronize, closed]
     branches:
       - main
+    paths-ignore:
+      - '.mokogitea/workflows/**'
+      - '*.md'
+      - 'wiki/**'
+      - '.editorconfig'
+      - '.gitignore'
+      - '.gitattributes'
+      - '.gitmessage'
+      - 'LICENSE' 
   workflow_dispatch:
     inputs:
       action:
@@ -43,7 +52,7 @@ on:
 
 env:
   FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
   GITEA_ORG: ${{ vars.GITEA_ORG || github.repository_owner }}
   GITEA_REPO: ${{ vars.GITEA_REPO || github.event.repository.name }}
 
@@ -51,12 +60,13 @@ permissions:
   contents: write
 
 jobs:
-  # ── PR Opened → Rename branch to RC and build RC release ─────────────────────
+  # ── PR Opened → Rename branch to RC and build RC release ─────────────────────────
   promote-rc:
     name: Promote to RC
     runs-on: release
     if: >-
       (github.event.action == 'opened' && github.event.pull_request.merged != true) ||
+      (github.event.action == 'synchronize' && github.event.pull_request.merged != true) ||
       (github.event_name == 'workflow_dispatch' && inputs.action == 'promote-rc')
 
     steps:
@@ -92,7 +102,7 @@ jobs:
           php ${MOKO_CLI}/branch_rename.php \
             --from "${{ github.event.pull_request.head.ref || 'dev' }}" --to rc \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" \
-            --api-base "${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
+            --api-base "${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
             --pr "${{ github.event.pull_request.number }}"
 
       - name: Checkout rc and configure git
@@ -111,7 +121,7 @@ jobs:
 
       - name: Update RC release notes from CHANGELOG.md
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Extract [Unreleased] section from changelog
@@ -149,7 +159,7 @@ jobs:
           echo "## Promoted to Release Candidate" >> $GITHUB_STEP_SUMMARY
           echo "Branch renamed to rc, minor bump, RC release built" >> $GITHUB_STEP_SUMMARY
 
-  # ── Merged PR → Build & Release (or promote RC to stable) ────────────────────
+  # ── Merged PR → Build & Release (or promote RC to stable) ─────────────────────────
   release:
     name: Build & Release Pipeline
     runs-on: release
@@ -241,14 +251,50 @@ jobs:
           VERSION=$(echo "$VERSION" | sed 's/-\(dev\|alpha\|beta\|rc\)$//')
           [ -z "$VERSION" ] && VERSION="00.00.00" && echo "skip=true" >> "$GITHUB_OUTPUT"
           echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
+          PLATFORM="${{ steps.platform.outputs.platform }}"
+          if [[ "$PLATFORM" == joomla* ]]; then
             echo "tag=stable" >> "$GITHUB_OUTPUT"
             echo "release_tag=stable" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"
+            echo "release_tag=v${VERSION}" >> "$GITHUB_OUTPUT"
+          fi
           echo "branch=main" >> "$GITHUB_OUTPUT"
           echo "Published version: ${VERSION}"
 
+      - name: "Create semver tag for non-Joomla repos"
+        id: semver
+        if: |
+          steps.version.outputs.skip != 'true' &&
+          !startsWith(steps.platform.outputs.platform, 'joomla')
+        run: |
+          VERSION="${{ steps.version.outputs.version }}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
+          SEMVER_TAG="v${VERSION}"
+
+          echo "Creating semver tag: ${SEMVER_TAG}"
+
+          # Create the git tag via API
+          HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
+            -X POST -H "Authorization: token ${TOKEN}" \
+            -H "Content-Type: application/json" \
+            "${API_BASE}/tags" \
+            -d "{\"tag_name\":\"${SEMVER_TAG}\",\"target\":\"main\",\"message\":\"Release ${VERSION}\"}" 2>/dev/null || echo "000")
+
+          if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then
+            echo "Created semver tag: ${SEMVER_TAG}"
+          elif [ "$HTTP_CODE" = "409" ]; then
+            echo "Semver tag ${SEMVER_TAG} already exists (skipped)"
+          else
+            echo "::warning::Failed to create semver tag ${SEMVER_TAG} (HTTP ${HTTP_CODE})"
+          fi
+
+          echo "semver_tag=${SEMVER_TAG}" >> "$GITHUB_OUTPUT"
+
       - name: Update release notes and promote changelog
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Get the stable release info (version and ID)
@@ -317,7 +363,7 @@ jobs:
           VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
           RELEASE_TAG="${{ steps.version.outputs.release_tag }}"
           GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           php ${MOKO_CLI}/release_mirror.php \
             --version "$VERSION" --tag "$RELEASE_TAG" \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
@@ -346,7 +392,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
 
           # Delete rc branch (ephemeral — created by promote-rc)
@@ -370,7 +416,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
           VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
           BRANCH_NAME="version/${VERSION}"
@@ -391,7 +437,7 @@ jobs:
         if: steps.version.outputs.skip != 'true'
         continue-on-error: true
         run: |
-          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          API_BASE="${MOKOGITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
           php ${MOKO_CLI}/version_reset_dev.php \
             --token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "${API_BASE}" \
             --branch dev --path . 2>&1 || true
@@ -417,5 +463,5 @@ jobs:
             echo "| Version | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
             echo "| Branch | \`${{ steps.version.outputs.branch }}\` |" >> $GITHUB_STEP_SUMMARY
             echo "| Tag | \`${{ steps.version.outputs.tag }}\` |" >> $GITHUB_STEP_SUMMARY
-            echo "| Release | [View](${GITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
+            echo "| Release | [View](${MOKOGITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
           fi

.mokogitea/workflows/ci-issue-reporter.yml

@@ -0,0 +1,68 @@
+# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# FILE INFORMATION
+# DEFGROUP: Gitea.Workflow
+# INGROUP: mokocli.Universal
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
+# PATH: /.mokogitea/workflows/ci-issue-reporter.yml
+# VERSION: 01.00.00
+# BRIEF: Reusable workflow — creates/updates a Gitea issue when a CI gate fails.
+#        Clones MokoCLI and runs cli/ci_issue_reporter.sh.
+
+name: "Universal: CI Issue Reporter"
+
+on:
+  workflow_call:
+    inputs:
+      gate:
+        description: "CI gate name (e.g. PR Validation, Repository Health)"
+        required: true
+        type: string
+      details:
+        description: "Human-readable failure description"
+        required: true
+        type: string
+      severity:
+        description: "error or warning"
+        required: false
+        type: string
+        default: "error"
+      workflow:
+        description: "Workflow name for the issue title"
+        required: false
+        type: string
+        default: ""
+    secrets:
+      MOKOGITEA_TOKEN:
+        required: true
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  report:
+    name: "Report: ${{ inputs.gate }}"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Clone MokoCLI
+        env:
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+        run: |
+          MOKOGITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
+          git clone --depth 1 --filter=blob:none --sparse "${MOKOGITEA_URL}/MokoConsulting/MokoCLI.git" /tmp/mokocli
+          cd /tmp/mokocli && git sparse-checkout set cli/ci_issue_reporter.sh
+
+      - name: Report CI failure
+        env:
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+        run: |
+          chmod +x /tmp/mokocli/cli/ci_issue_reporter.sh
+          /tmp/mokocli/cli/ci_issue_reporter.sh \
+            --gate "${{ inputs.gate }}" \
+            --details "${{ inputs.details }}" \
+            --severity "${{ inputs.severity }}" \
+            --workflow "${{ inputs.workflow }}"

.mokogitea/workflows/cleanup.yml

@@ -21,7 +21,7 @@ permissions:
   contents: write
 
 env:
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 jobs:
   cleanup:
@@ -33,17 +33,17 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          token: ${{ secrets.GA_TOKEN }}
+          token: ${{ secrets.MOKOGITEA_TOKEN }}
 
       - name: Delete merged branches
         env:
-          GA_TOKEN: ${{ secrets.GA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
           echo "=== Merged Branch Cleanup ==="
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
 
           # List branches via API
-          BRANCHES=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
+          BRANCHES=$(curl -sS -H "Authorization: token ${MOKOGITEA_TOKEN}" \
             "${API}/branches?limit=50" | jq -r '.[].name')
 
           DELETED=0
@@ -56,7 +56,7 @@ jobs:
             # Check if branch is merged into main
             if git merge-base --is-ancestor "origin/${BRANCH}" origin/main 2>/dev/null; then
               echo "  Deleting merged branch: ${BRANCH}"
-              curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
+              curl -sS -X DELETE -H "Authorization: token ${MOKOGITEA_TOKEN}" \
                 "${API}/branches/${BRANCH}" 2>/dev/null || true
               DELETED=$((DELETED + 1))
             fi
@@ -66,20 +66,20 @@ jobs:
 
       - name: Clean old workflow runs
         env:
-          GA_TOKEN: ${{ secrets.GA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
           echo "=== Workflow Run Cleanup ==="
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
           CUTOFF=$(date -d "30 days ago" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null || date -v-30d +%Y-%m-%dT%H:%M:%SZ)
 
           # Get old completed runs
-          RUNS=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
+          RUNS=$(curl -sS -H "Authorization: token ${MOKOGITEA_TOKEN}" \
             "${API}/actions/runs?status=completed&limit=50" | \
             jq -r ".workflow_runs[] | select(.created_at < \"${CUTOFF}\") | .id" 2>/dev/null)
 
           DELETED=0
           for RUN_ID in $RUNS; do
-            curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
+            curl -sS -X DELETE -H "Authorization: token ${MOKOGITEA_TOKEN}" \
               "${API}/actions/runs/${RUN_ID}" 2>/dev/null || true
             DELETED=$((DELETED + 1))
           done

.mokogitea/workflows/deploy-manual.yml

@@ -42,10 +42,10 @@ jobs:
 
       - name: Setup MokoStandards tools
         env:
-          GA_TOKEN: ${{ secrets.GA_TOKEN || secrets.GA_TOKEN || github.token }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
-          MOKO_CLONE_TOKEN: ${{ secrets.GA_TOKEN || secrets.GA_TOKEN || github.token }}
+          MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
-          MOKO_CLONE_HOST: ${{ secrets.GA_TOKEN && 'git.mokoconsulting.tech/MokoConsulting' || 'github.com/mokoconsulting-tech' }}
+          MOKO_CLONE_HOST: ${{ secrets.MOKOGITEA_TOKEN && 'git.mokoconsulting.tech/MokoConsulting' || 'github.com/mokoconsulting-tech' }}
-          COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.GA_TOKEN || github.token }}"}}'
+          COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.MOKOGITEA_TOKEN || github.token }}"}}'
         run: |
           git clone --depth 1 --branch main --quiet \
             "https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/MokoStandards-API.git" \

.mokogitea/workflows/issue-branch.yml

@@ -5,7 +5,7 @@
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: mokocli.Automation
-# VERSION: 02.26.01
+# VERSION: 01.00.00
 # BRIEF: Auto-create feature branch when an issue is opened
 
 name: "Universal: Issue Branch"
@@ -19,7 +19,7 @@ permissions:
   issues: write
 
 env:
-  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+  MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 
 jobs:
   create-branch:
@@ -28,8 +28,8 @@ jobs:
     steps:
       - name: Create branch and comment
         run: |
-          TOKEN="${{ secrets.GA_TOKEN }}"
+          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
-          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
+          API="${MOKOGITEA_URL}/api/v1/repos/${{ github.repository }}"
           ISSUE_NUM="${{ github.event.issue.number }}"
           ISSUE_TITLE="${{ github.event.issue.title }}"
 
@@ -58,7 +58,7 @@ jobs:
             echo "Created branch: ${BRANCH}"
 
             # Comment on issue with branch link
-            REPO_URL="${GITEA_URL}/${{ github.repository }}"
+            REPO_URL="${MOKOGITEA_URL}/${{ github.repository }}"
             BODY="Branch created: [\`${BRANCH}\`](${REPO_URL}/src/branch/${BRANCH})\n\n\`\`\`bash\ngit fetch origin\ngit checkout ${BRANCH}\n\`\`\`"
 
             curl -sf -X POST \

.mokogitea/workflows/pr-check.yml

@@ -496,39 +496,26 @@ jobs:
     steps:
       - name: Trigger RC pre-release
         env:
-          GA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
           REPO: ${{ github.repository }}
           BRANCH: ${{ github.head_ref }}
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+          MOKOGITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
         run: |
-          curl -s -X POST             "${GITEA_URL}/api/v1/repos/${REPO}/actions/workflows/pre-release.yml/dispatches"             -H "Authorization: token ${GITEA_TOKEN}"             -H "Content-Type: application/json"             -d "{\"ref\":\"${BRANCH}\",\"inputs\":{\"stability\":\"release-candidate\"}}"
+          curl -s -X POST             "${MOKOGITEA_URL}/api/v1/repos/${REPO}/actions/workflows/pre-release.yml/dispatches"             -H "Authorization: token ${MOKOGITEA_TOKEN}"             -H "Content-Type: application/json"             -d "{\"ref\":\"${BRANCH}\",\"inputs\":{\"stability\":\"release-candidate\"}}"
           echo "### Pre-Release" >> $GITHUB_STEP_SUMMARY
           echo "Triggered RC build on branch \`${BRANCH}\`" >> $GITHUB_STEP_SUMMARY
 
   # ── Issue Reporter ──────────────────────────────────────────────────────
   report-issues:
     name: Report Issues
-    runs-on: ubuntu-latest
     needs: [branch-policy, validate]
     if: >-
       always() &&
       needs.validate.result == 'failure'
-
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
     with:
-          sparse-checkout: automation/ci-issue-reporter.sh
+      gate: "PR Validation"
-          sparse-checkout-cone-mode: false
+      workflow: "PR Check"
-
+      severity: error
-      - name: "File issue for PR validation failure"
+      details: "PR validation failed (syntax, manifest, changelog, or source checks). See the CI run for the specific check that failed."
-        env:
+    secrets: inherit
-          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
-        run: |
-          chmod +x automation/ci-issue-reporter.sh
-          ./automation/ci-issue-reporter.sh \
-            --gate "PR Validation" \
-            --workflow "PR Check" \
-            --severity error \
-            --details "PR validation failed (syntax, manifest, changelog, or source checks). See the CI run for the specific check that failed."

.mokogitea/workflows/pre-release.yml

@@ -7,7 +7,7 @@
 # INGROUP: mokocli.Release
 # REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
 # PATH: /templates/workflows/universal/pre-release.yml.template
-# VERSION: 05.01.00
+# VERSION: 05.02.00
 # BRIEF: Auto pre-release on push to dev/alpha/beta/rc branches
 
 name: "Universal: Pre-Release"
@@ -59,6 +59,11 @@ jobs:
           fetch-depth: 0
           token: ${{ secrets.MOKOGITEA_TOKEN }}
           ref: ${{ github.ref_name }}
+          submodules: recursive
+
+      - name: Update submodules to main
+        run: |
+          git submodule foreach --quiet 'git checkout main && git pull --quiet origin main' 2>/dev/null || true
 
       - name: Setup mokocli tools
         env:
@@ -88,8 +93,20 @@ jobs:
           php ${MOKO_CLI}/platform_detect.php --path . --github-output 2>/dev/null || true
           php ${MOKO_CLI}/manifest_read.php --path . --github-output
 
+      - name: Check platform eligibility (Joomla only)
+        id: eligibility
+        run: |
+          PLATFORM="${{ steps.platform.outputs.platform }}"
+          if [[ "$PLATFORM" == joomla* ]] || [[ "$PLATFORM" == "joomla" ]]; then
+            echo "proceed=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "proceed=false" >> "$GITHUB_OUTPUT"
+            echo "::notice::Platform '$PLATFORM' — non-Joomla, skipping pre-release auto-bump"
+          fi
+
       - name: Resolve metadata and bump version
         id: meta
+        if: steps.eligibility.outputs.proceed == 'true'
         run: |
           # Auto-detect stability from branch name on push, or use input on dispatch
           if [ "${{ github.event_name }}" = "push" ]; then
@@ -166,6 +183,7 @@ jobs:
 
       - name: Create release
         id: release
+        if: steps.eligibility.outputs.proceed == 'true'
         run: |
           TAG="${{ steps.meta.outputs.tag }}"
           VERSION="${{ steps.meta.outputs.version }}"
@@ -176,6 +194,7 @@ jobs:
             --repo "${GITEA_REPO}" --branch "${{ github.ref_name }}" --prerelease
 
       - name: Update release notes from CHANGELOG.md
+        if: steps.eligibility.outputs.proceed == 'true'
         run: |
           TAG="${{ steps.meta.outputs.tag }}"
           VERSION="${{ steps.meta.outputs.version }}"
@@ -212,6 +231,7 @@ jobs:
 
       - name: Build package and upload
         id: package
+        if: steps.eligibility.outputs.proceed == 'true'
         run: |
           VERSION="${{ steps.meta.outputs.version }}"
           TAG="${{ steps.meta.outputs.tag }}"
@@ -225,6 +245,7 @@ jobs:
       # No need to build, commit, or sync updates.xml from workflows
 
       - name: "Delete lesser pre-release channels (cascade)"
+        if: steps.eligibility.outputs.proceed == 'true'
         continue-on-error: true
         run: |
           API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"

.mokogitea/workflows/repo-health.yml

@@ -77,7 +77,7 @@ jobs:
       - name: Check actor permission (admin only)
         id: perm
         env:
-          TOKEN: ${{ secrets.MOKOGITEA_TOKEN || secrets.MOKOGITEA_TOKEN || github.token }}
+          TOKEN: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
           REPO: ${{ github.repository }}
           ACTOR: ${{ github.actor }}
         run: |
@@ -671,42 +671,30 @@ jobs:
   # ═══════════════════════════════════════════════════════════════════════
   # Issue Reporter — file issues for failed gates
   # ═══════════════════════════════════════════════════════════════════════
-  report-issues:
+  report-scripts:
-    name: "Report Issues"
+    name: "Report: Scripts Governance"
-    runs-on: ubuntu-latest
+    needs: [access_check, scripts_governance]
-    needs: [access_check, scripts_governance, repo_health]
     if: >-
       always() &&
-      (needs.scripts_governance.result == 'failure' ||
+      needs.scripts_governance.result == 'failure'
-       needs.repo_health.result == 'failure')
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
     with:
-          sparse-checkout: automation/ci-issue-reporter.sh
+      gate: "Scripts Governance"
-          sparse-checkout-cone-mode: false
+      workflow: "Repo Health"
+      severity: error
+      details: "Scripts directory policy violations detected. Review required and allowed directories."
+    secrets: inherit
 
-      - name: "File issues for failed gates"
+  report-health:
-        env:
+    name: "Report: Repository Health"
-          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+    needs: [access_check, repo_health]
-          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
+    if: >-
-        run: |
+      always() &&
-          chmod +x automation/ci-issue-reporter.sh
+      needs.repo_health.result == 'failure'
-          REPORTER="./automation/ci-issue-reporter.sh"
+    uses: ./.mokogitea/workflows/ci-issue-reporter.yml
-          WF="Repo Health"
+    with:
-
+      gate: "Repository Health"
-          report_gate() {
+      workflow: "Repo Health"
-            local gate="$1" result="$2" details="$3"
+      severity: error
-            if [ "$result" = "failure" ]; then
+      details: "Repository health checks failed — missing required artifacts, disallowed files, or content warnings. Check the CI run summary."
-              "$REPORTER" --gate "$gate" --details "$details" --workflow "$WF" --severity error
+    secrets: inherit
-            fi
-          }
-
-          report_gate "Scripts Governance" \
-            "${{ needs.scripts_governance.result }}" \
-            "Scripts directory policy violations detected. Review required and allowed directories."
-
-          report_gate "Repository Health" \
-            "${{ needs.repo_health.result }}" \
-            "Repository health checks failed — missing required artifacts, disallowed files, or content warnings. Check the CI run summary."

.mokogitea/workflows/security-audit.yml

@@ -1,82 +0,0 @@
-# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# FILE INFORMATION
-# DEFGROUP: Gitea.Workflow
-# INGROUP: MokoStandards.Security
-# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
-# PATH: /.gitea/workflows/security-audit.yml
-# VERSION: 01.00.00
-# BRIEF: Dependency vulnerability scanning for composer and npm packages
-
-name: "Universal: Security Audit"
-
-on:
-  schedule:
-    - cron: '0 6 * * 1'  # Weekly on Monday at 06:00 UTC
-  pull_request:
-    branches:
-      - main
-    paths:
-      - 'composer.json'
-      - 'composer.lock'
-      - 'package.json'
-      - 'package-lock.json'
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-env:
-  NTFY_URL: ${{ vars.NTFY_URL || 'https://ntfy.mokoconsulting.tech' }}
-  NTFY_TOPIC: ${{ vars.NTFY_TOPIC || 'gitea-security' }}
-
-jobs:
-  audit:
-    name: Dependency Audit
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Composer audit
-        if: hashFiles('composer.lock') != ''
-        run: |
-          echo "=== Composer Security Audit ==="
-          if ! command -v composer &> /dev/null; then
-            sudo apt-get update -qq
-            sudo apt-get install -y -qq php-cli composer >/dev/null 2>&1
-          fi
-          composer audit --format=plain 2>&1 | tee /tmp/composer-audit.txt
-          RESULT=$?
-          if [ $RESULT -ne 0 ]; then
-            echo "::warning::Composer vulnerabilities found"
-            echo "composer_vulnerable=true" >> "$GITHUB_ENV"
-          else
-            echo "No known vulnerabilities in composer dependencies"
-          fi
-
-      - name: NPM audit
-        if: hashFiles('package-lock.json') != ''
-        run: |
-          echo "=== NPM Security Audit ==="
-          npm audit --production 2>&1 | tee /tmp/npm-audit.txt || true
-          if npm audit --production 2>&1 | grep -q "found 0 vulnerabilities"; then
-            echo "No known vulnerabilities in npm dependencies"
-          else
-            echo "::warning::NPM vulnerabilities found"
-            echo "npm_vulnerable=true" >> "$GITHUB_ENV"
-          fi
-
-      - name: Notify on vulnerabilities
-        if: env.composer_vulnerable == 'true' || env.npm_vulnerable == 'true'
-        run: |
-          REPO="${{ github.event.repository.name }}"
-          curl -sS \
-            -H "Title: ${REPO} has vulnerable dependencies" \
-            -H "Tags: lock,warning" \
-            -H "Priority: high" \
-            -d "Security audit found vulnerabilities. Review dependency updates." \
-            "${NTFY_URL}/${NTFY_TOPIC}" || true

.mokogitea/workflows/version-set.yml

@@ -0,0 +1,130 @@
+# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# FILE INFORMATION
+# DEFGROUP: Gitea.Workflow.Template
+# INGROUP: MokoStandards.CI
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla
+# PATH: /.mokogitea/workflows/version-set.yml
+# VERSION: 01.00.00
+# BRIEF: Set or reset the extension version across all version-bearing files
+
+name: "Joomla: Set Version"
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: "Version number (e.g. 01.00.00)"
+        required: true
+        type: string
+      branch:
+        description: "Branch to update (default: current)"
+        required: false
+        type: string
+
+permissions:
+  contents: write
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  set-version:
+    name: Set Version to ${{ inputs.version }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Validate version format
+        run: |
+          VERSION="${{ inputs.version }}"
+          if ! echo "$VERSION" | grep -qP '^\d{2}\.\d{2}\.\d{2}$'; then
+            echo "::error::Invalid version format '${VERSION}' — expected XX.YY.ZZ (e.g. 01.00.00)"
+            exit 1
+          fi
+          echo "VERSION=${VERSION}" >> "$GITHUB_ENV"
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.MOKOGITEA_TOKEN || github.token }}
+          ref: ${{ inputs.branch || github.ref }}
+          fetch-depth: 1
+
+      - name: Update manifest version
+        run: |
+          MANIFEST=""
+          for XML_FILE in $(find . -maxdepth 3 -name "*.xml" -not -path "./.git/*" -not -path "./vendor/*"); do
+            if grep -q "<extension" "$XML_FILE" 2>/dev/null; then
+              MANIFEST="$XML_FILE"
+              break
+            fi
+          done
+
+          if [ -z "$MANIFEST" ]; then
+            echo "::warning::No Joomla extension manifest found — skipping manifest update"
+          else
+            OLD_VER=$(grep -oP '<version>\K[^<]+' "$MANIFEST" | head -1)
+            sed -i "s|<version>${OLD_VER}</version>|<version>${VERSION}</version>|" "$MANIFEST"
+            echo "Manifest: ${OLD_VER} → ${VERSION} (${MANIFEST})"
+          fi
+
+      - name: Update README.md version
+        run: |
+          if [ -f "README.md" ]; then
+            if grep -qP '^\s*VERSION:\s*\d' README.md; then
+              sed -i -E "s/(VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" README.md
+              echo "README.md version updated to ${VERSION}"
+            else
+              echo "::warning::No VERSION line found in README.md — skipping"
+            fi
+          fi
+
+      - name: Update CHANGELOG.md
+        run: |
+          if [ -f "CHANGELOG.md" ]; then
+            DATE=$(date +%Y-%m-%d)
+            # Check if this version already has an entry
+            if grep -q "^\#\# \[${VERSION}\]" CHANGELOG.md; then
+              echo "CHANGELOG.md already has entry for ${VERSION} — skipping"
+            else
+              # Insert new version entry after [Unreleased] or at the top after header
+              if grep -q '^\#\# \[Unreleased\]' CHANGELOG.md; then
+                sed -i "/^\#\# \[Unreleased\]/a\\\\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
+              else
+                sed -i "/^\# Changelog/a\\\\n## [Unreleased]\n\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
+              fi
+              echo "CHANGELOG.md: added entry for ${VERSION}"
+            fi
+          else
+            echo "::warning::No CHANGELOG.md found — skipping"
+          fi
+
+      - name: Update FILE INFORMATION blocks
+        run: |
+          # Update VERSION in file header blocks (# VERSION: XX.YY.ZZ)
+          find . -maxdepth 1 -type f \( -name "*.yml" -o -name "*.yaml" -o -name "*.php" -o -name "*.md" \) \
+            -not -path "./.git/*" -not -path "./vendor/*" -print0 2>/dev/null | \
+          while IFS= read -r -d '' FILE; do
+            if head -20 "$FILE" | grep -qP '^\s*#?\s*VERSION:\s*\d{2}\.\d{2}\.\d{2}'; then
+              sed -i -E "s/(#?\s*VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" "$FILE"
+              echo "Updated FILE INFORMATION VERSION in ${FILE}"
+            fi
+          done
+
+      - name: Commit and push
+        run: |
+          git config user.name "Moko Consulting [bot]"
+          git config user.email "hello@mokoconsulting.tech"
+          git add -A
+          if git diff --cached --quiet; then
+            echo "No version changes detected — nothing to commit"
+          else
+            git commit -m "chore: set version to ${VERSION} [skip bump]
+
+Authored-by: Moko Consulting"
+            git push
+            echo "### Version Set" >> $GITHUB_STEP_SUMMARY
+            echo "Version updated to \`${VERSION}\` on branch \`${GITHUB_REF_NAME}\`" >> $GITHUB_STEP_SUMMARY
+          fi

.mokogitea/workflows/workflow-sync-trigger.yml

@@ -13,6 +13,7 @@
 name: "Universal: Workflow Sync Trigger"
 
 on:
+  workflow_dispatch:
   pull_request:
     types: [closed]
     branches:
@@ -26,8 +27,9 @@ jobs:
     name: Sync workflows to live repos
     runs-on: ubuntu-latest
     if: >-
-      github.event.pull_request.merged == true &&
+      github.event_name == 'workflow_dispatch' ||
-      !contains(github.event.pull_request.title, '[skip sync]')
+      (github.event.pull_request.merged == true &&
+      !contains(github.event.pull_request.title, '[skip sync]'))
 
     steps:
       - name: Determine platform from repo name
@@ -49,8 +51,14 @@ jobs:
         env:
           MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
         run: |
-          GITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
+          MOKOGITEA_URL="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}"
-          git clone --depth 1 "${GITEA_URL}/MokoConsulting/mokocli.git" /tmp/mokocli
+          git clone --depth 1 "${MOKOGITEA_URL}/MokoConsulting/mokocli.git" /tmp/mokocli
+
+      - name: Install PHP
+        run: |
+          if ! command -v php &> /dev/null; then
+            apt-get update -qq && apt-get install -y -qq php-cli php-json php-curl > /dev/null 2>&1
+          fi
 
       - name: Install dependencies
         run: |

CHANGELOG.md

@@ -8,13 +8,17 @@
  DEFGROUP: Joomla.Template.Site
  INGROUP: MokoOnyx.Documentation
  PATH: ./CHANGELOG.md
- VERSION: 02.26.01
+ VERSION: 02.27.00
  BRIEF: Changelog file documenting version history of MokoOnyx
  -->
 
-# Changelog — MokoOnyx (VERSION: 02.26.01)
+# Changelog — MokoOnyx (VERSION: 02.27.00)
 ## [Unreleased]
 
+## [02.27.00] --- 2026-06-21
+
+## [02.27.00] --- 2026-06-21
+
 ### Added
 - Collapsible floating social bar with toggle button and localStorage persistence
 - Bootstrap tooltips on all social icon links showing platform name on hover
@@ -30,5 +34,3 @@
 ## [02.25.00] --- 2026-06-20
 
 ## [02.24.00] --- 2026-06-20
-
-## [02.24.00] --- 2026-06-20

Makefile

@@ -1,213 +0,0 @@
-# Makefile for MokoOnyx Joomla Template
-# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# Build and validation powered by MokoStandards Enterprise API
-# Install: composer install
-
-# ==============================================================================
-# CONFIGURATION
-# ==============================================================================
-
-EXTENSION_NAME    := mokoonyx
-EXTENSION_TYPE    := template
-EXTENSION_VERSION := $(shell grep -oP 'VERSION:\s*\K[0-9.]+' README.md 2>/dev/null || echo "0.0.0")
-
-SRC_DIR   := src
-BUILD_DIR := build
-DIST_DIR  := dist
-
-PHP      := php
-COMPOSER := composer
-MOKO     := vendor/bin/moko
-
-# Colors
-COLOR_RESET  := \033[0m
-COLOR_GREEN  := \033[32m
-COLOR_YELLOW := \033[33m
-COLOR_BLUE   := \033[34m
-COLOR_RED    := \033[31m
-
-# ==============================================================================
-# TARGETS
-# ==============================================================================
-
-.PHONY: help
-help: ## Show this help message
-	@echo "$(COLOR_BLUE)╔════════════════════════════════════════════════════════════╗$(COLOR_RESET)"
-	@echo "$(COLOR_BLUE)║         MokoOnyx Template Build                     ║$(COLOR_RESET)"
-	@echo "$(COLOR_BLUE)╚════════════════════════════════════════════════════════════╝$(COLOR_RESET)"
-	@echo ""
-	@echo "Extension: $(EXTENSION_NAME) ($(EXTENSION_TYPE)) v$(EXTENSION_VERSION)"
-	@echo "Powered by: MokoStandards Enterprise API"
-	@echo ""
-	@echo "$(COLOR_GREEN)Available targets:$(COLOR_RESET)"
-	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "  $(COLOR_BLUE)%-20s$(COLOR_RESET) %s\n", $$1, $$2}'
-	@echo ""
-
-# ── Dependencies ──────────────────────────────────────────────────────────────
-
-.PHONY: install-deps
-install-deps: ## Install Composer dependencies (includes MokoStandards API)
-	@echo "$(COLOR_BLUE)Installing dependencies...$(COLOR_RESET)"
-	@$(COMPOSER) install
-	@echo "$(COLOR_GREEN)✓ Dependencies installed$(COLOR_RESET)"
-
-.PHONY: update-deps
-update-deps: ## Update Composer dependencies
-	@echo "$(COLOR_BLUE)Updating dependencies...$(COLOR_RESET)"
-	@$(COMPOSER) update
-	@echo "$(COLOR_GREEN)✓ Dependencies updated$(COLOR_RESET)"
-
-# ── Validation (MokoStandards API) ────────────────────────────────────────────
-
-.PHONY: check-moko
-check-moko:
-	@if [ ! -f "$(MOKO)" ]; then \
-		echo "$(COLOR_RED)✗ MokoStandards CLI not found. Run: make install-deps$(COLOR_RESET)"; \
-		exit 1; \
-	fi
-
-.PHONY: lint
-lint: check-moko ## PHP syntax check via MokoStandards
-	@echo "$(COLOR_BLUE)Running PHP syntax check...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:syntax -- --path .
-	@echo "$(COLOR_GREEN)✓ PHP syntax OK$(COLOR_RESET)"
-
-.PHONY: check-joomla
-check-joomla: check-moko ## Validate Joomla manifest via MokoStandards
-	@echo "$(COLOR_BLUE)Validating Joomla manifest...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:joomla -- --path .
-	@echo "$(COLOR_GREEN)✓ Joomla manifest valid$(COLOR_RESET)"
-
-.PHONY: check-version
-check-version: check-moko ## Verify version consistency across files
-	@echo "$(COLOR_BLUE)Checking version consistency...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:version -- --path .
-	@echo "$(COLOR_GREEN)✓ Versions consistent$(COLOR_RESET)"
-
-.PHONY: check-headers
-check-headers: check-moko ## Check license headers on source files
-	@echo "$(COLOR_BLUE)Checking license headers...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:headers -- --path .
-	@echo "$(COLOR_GREEN)✓ Headers OK$(COLOR_RESET)"
-
-.PHONY: check-secrets
-check-secrets: check-moko ## Scan for leaked credentials
-	@echo "$(COLOR_BLUE)Scanning for secrets...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:secrets -- --path .
-	@echo "$(COLOR_GREEN)✓ No secrets found$(COLOR_RESET)"
-
-.PHONY: check-xml
-check-xml: check-moko ## Validate XML files are well-formed
-	@echo "$(COLOR_BLUE)Checking XML files...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) check:xml -- --path .
-	@echo "$(COLOR_GREEN)✓ XML well-formed$(COLOR_RESET)"
-
-.PHONY: validate
-validate: lint check-joomla check-version check-xml check-headers check-secrets ## Run all MokoStandards validation checks
-	@echo "$(COLOR_GREEN)✓ All validation checks passed$(COLOR_RESET)"
-
-.PHONY: health
-health: check-moko ## Full repository health check via MokoStandards
-	@echo "$(COLOR_BLUE)Running full health check...$(COLOR_RESET)"
-	@$(PHP) $(MOKO) health -- --path .
-
-# ── Build ─────────────────────────────────────────────────────────────────────
-
-.PHONY: clean
-clean: ## Clean build artifacts
-	@echo "$(COLOR_BLUE)Cleaning build artifacts...$(COLOR_RESET)"
-	@rm -rf $(BUILD_DIR) $(DIST_DIR)
-	@echo "$(COLOR_GREEN)✓ Build artifacts cleaned$(COLOR_RESET)"
-
-MOKO_PLATFORM ?= $(or $(wildcard ../moko-platform),$(wildcard $(HOME)/moko-platform),$(wildcard /opt/moko-platform))
-MINIFY_SCRIPT := $(MOKO_PLATFORM)/build/minify.js
-
-.PHONY: minify
-minify: ## Minify CSS/JS assets (requires terser + clean-css)
-	@echo "$(COLOR_BLUE)Minifying assets...$(COLOR_RESET)"
-	@if [ -f "$(MINIFY_SCRIPT)" ]; then \
-		node "$(MINIFY_SCRIPT)" $(SRC_DIR); \
-	elif [ -f "scripts/minify.js" ]; then \
-		node scripts/minify.js; \
-	else \
-		echo "$(COLOR_YELLOW)⚠ No minify script found$(COLOR_RESET)"; \
-	fi
-
-.PHONY: build
-build: clean minify ## Build template installable ZIP from src/
-	@echo "$(COLOR_BLUE)Building $(EXTENSION_NAME) v$(EXTENSION_VERSION)...$(COLOR_RESET)"
-	@mkdir -p $(BUILD_DIR)/package $(DIST_DIR)
-	@cp -r $(SRC_DIR)/* $(BUILD_DIR)/package/
-	@cd $(BUILD_DIR)/package && \
-		if command -v zip >/dev/null 2>&1; then \
-			zip -r "../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION).zip" .; \
-		elif command -v pwsh >/dev/null 2>&1; then \
-			pwsh -Command "Compress-Archive -Path '*' -DestinationPath '../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION).zip' -Force"; \
-		elif command -v powershell >/dev/null 2>&1; then \
-			powershell -Command "Compress-Archive -Path '*' -DestinationPath '../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION).zip' -Force"; \
-		else \
-			echo "$(COLOR_RED)✗ No zip tool found (zip, pwsh, powershell)$(COLOR_RESET)"; \
-			exit 1; \
-		fi
-	@echo "$(COLOR_GREEN)✓ Package: $(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION).zip$(COLOR_RESET)"
-
-.PHONY: build-beta
-build-beta: clean ## Build beta release ZIP
-	@echo "$(COLOR_BLUE)Building $(EXTENSION_NAME) v$(EXTENSION_VERSION)-beta...$(COLOR_RESET)"
-	@mkdir -p $(BUILD_DIR)/package $(DIST_DIR)
-	@cp -r $(SRC_DIR)/* $(BUILD_DIR)/package/
-	@cd $(BUILD_DIR)/package && \
-		if command -v zip >/dev/null 2>&1; then \
-			zip -r "../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION)-beta.zip" .; \
-		elif command -v pwsh >/dev/null 2>&1; then \
-			pwsh -Command "Compress-Archive -Path '*' -DestinationPath '../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION)-beta.zip' -Force"; \
-		elif command -v powershell >/dev/null 2>&1; then \
-			powershell -Command "Compress-Archive -Path '*' -DestinationPath '../../$(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION)-beta.zip' -Force"; \
-		else \
-			echo "$(COLOR_RED)✗ No zip tool found$(COLOR_RESET)"; \
-			exit 1; \
-		fi
-	@echo "$(COLOR_GREEN)✓ Package: $(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION)-beta.zip$(COLOR_RESET)"
-
-.PHONY: checksum
-checksum: ## Generate SHA-256 checksums for dist packages
-	@echo "$(COLOR_BLUE)Generating checksums...$(COLOR_RESET)"
-	@for f in $(DIST_DIR)/*.zip; do \
-		sha256sum "$$f" | tee "$${f}.sha256"; \
-	done
-	@echo "$(COLOR_GREEN)✓ Checksums generated$(COLOR_RESET)"
-
-# ── Release ───────────────────────────────────────────────────────────────────
-
-.PHONY: release
-release: validate build checksum ## Full release pipeline (validate + build + checksum)
-	@echo "$(COLOR_GREEN)✓ Release package ready$(COLOR_RESET)"
-	@echo ""
-	@echo "$(COLOR_BLUE)Next steps:$(COLOR_RESET)"
-	@echo "  1. Tag: git tag $(EXTENSION_VERSION)"
-	@echo "  2. Push: git push origin --tags"
-	@echo "  3. Create Gitea release and attach $(DIST_DIR)/$(EXTENSION_NAME)-$(EXTENSION_VERSION).zip"
-	@echo ""
-
-# ── Info ──────────────────────────────────────────────────────────────────────
-
-.PHONY: version
-version: ## Display version and extension info
-	@echo "$(COLOR_BLUE)Extension Information:$(COLOR_RESET)"
-	@echo "  Name:    $(EXTENSION_NAME)"
-	@echo "  Type:    $(EXTENSION_TYPE)"
-	@echo "  Version: $(EXTENSION_VERSION)"
-
-.PHONY: security-check
-security-check: ## Run Composer security audit
-	@echo "$(COLOR_BLUE)Running security checks...$(COLOR_RESET)"
-	@$(COMPOSER) audit
-	@echo "$(COLOR_GREEN)✓ Security check complete$(COLOR_RESET)"
-
-.PHONY: all
-all: install-deps validate build checksum ## Full pipeline: deps → validate → build → checksum
-	@echo "$(COLOR_GREEN)✓ Complete build pipeline finished$(COLOR_RESET)"
-
-.DEFAULT_GOAL := help

SECURITY.md

@@ -10,7 +10,7 @@
  INGROUP: MokoOnyx.Governance
  REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoOnyx
  FILE: SECURITY.md
- VERSION: 02.26.01
+ VERSION: 02.27.00
  BRIEF: Security policy and vulnerability reporting process for MokoOnyx.
  PATH: /SECURITY.md
  NOTE: This policy is process oriented and does not replace secure engineering practices.

source/html/layouts/joomla/module/card.php

@@ -10,7 +10,7 @@
  * INGROUP: MokoOnyx
  * REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoOnyx
  * PATH: /html/layouts/joomla/module/card.php
- * VERSION: 02.26.01
+ * VERSION: 02.27.00
  * BRIEF: Custom card module chrome — renders module titles for all modules
  */
 

source/html/layouts/mokoonyx/article-metadata.php

@@ -11,7 +11,7 @@
  * INGROUP: MokoOnyx.Layouts
  * REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoOnyx
  * PATH: /src/html/layouts/mokoonyx/article-metadata.php
- * VERSION: 02.26.01
+ * VERSION: 02.27.00
  * BRIEF: Article metadata footer layout -- renders jcfields grouped by field group
  */
 

source/media/css/a11y-high-contrast.css

@@ -10,7 +10,7 @@
  * INGROUP: MokoOnyx.Accessibility
  * REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoOnyx
  * PATH: ./media/css/a11y-high-contrast.css
- * VERSION: 02.26.01
+ * VERSION: 02.27.00
  * BRIEF: High-contrast stylesheet for accessibility toolbar
  */
 

source/templateDetails.xml

@@ -35,7 +35,7 @@
 	</updateservers>
 	<dlid prefix="dlid=" suffix=""/>
 	<name>mokoonyx</name>
-	<version>02.26.01</version>
+	<version>02.27.00</version>
 	<scriptfile>script.php</scriptfile>
 	<creationDate>2026-05-16</creationDate>
 	<author>Jonathan Miller || Moko Consulting</author>