docs: comprehensive CHANGELOG consolidation for v01.41.00
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Consolidated all fragmented changelog entries from the session into a single clean v01.41.00 release entry organized by feature area. Covers: multi-remote, snapshots, SFTP, MokoRestore, sanitization, engine improvements, admin UI, CLI/API, notifications, security.
This commit is contained in:
Jonathan Miller
+110
-25
@@ -1,38 +1,123 @@
|
||||
# Changelog
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
## [01.41.00] --- 2026-06-23
|
||||
## [01.41.00] — 2026-06-23
|
||||
|
||||
## [01.41.00] --- 2026-06-23
|
||||
### Added — Multi-Remote Storage
|
||||
- New `#__mokosuitebackup_remotes` table for multiple destinations per profile
|
||||
- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit
|
||||
- Engine uploads to ALL enabled destinations (BackupEngine + SteppedBackupEngine)
|
||||
- Migration auto-converts existing SFTP/S3/GDrive/FTP profile columns to new table
|
||||
- Backward compatibility: falls back to legacy single-remote columns if table empty
|
||||
- Secrets masked in API responses, merged from DB on save
|
||||
|
||||
### Added
|
||||
- Multi-remote storage: new `#__mokosuitebackup_remotes` table for multiple destinations per profile (#97)
|
||||
- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit view
|
||||
- Engine integration: BackupEngine and SteppedBackupEngine upload to all enabled destinations
|
||||
- Migration SQL: auto-migrates existing SFTP/S3/GDrive/FTP configs to new table
|
||||
- Backward compatibility: falls back to legacy single-remote columns if remotes table is empty
|
||||
- Secrets masked in API responses, merged from DB on save to prevent leakage
|
||||
### Added — Content Snapshots
|
||||
- Lightweight JSON snapshots of articles, categories, and modules
|
||||
- Includes tags, custom fields, workflow associations, field values
|
||||
- Restore modes: Replace (clean slate), Merge (upsert), Selective (per-article)
|
||||
- Snapshot retention: max count + max age with automatic cleanup
|
||||
- Scheduled snapshot task via com_scheduler
|
||||
- CLI: `mokosuitebackup:snapshot create|restore|list|delete`
|
||||
- REST API: create, list, restore, delete, download snapshots
|
||||
- Tabbed browse modal: Articles / Categories / Modules with item counts
|
||||
|
||||
## [01.40.00] --- 2026-06-23
|
||||
### Added — SFTP Remote Storage
|
||||
- SFTP support with SSH key file authentication (key stored base64 in database)
|
||||
- Auth type dropdown: Password / Key File / Key File + Passphrase
|
||||
- SshKeyField: file upload via FileReader, key never exposed in HTML
|
||||
- SFTP remote directory browser for path selection
|
||||
- `__KEEP_EXISTING__` sentinel preserves key on profile re-save
|
||||
|
||||
### Added — MokoRestore Wizard (9 steps)
|
||||
- Per-table conflict resolution: Replace / Skip / Merge / Data Only
|
||||
- Preset buttons: "All Replace", "All Skip", "Everything except users"
|
||||
- Post-restore actions: reset passwords, hits, versions, sessions, cache
|
||||
- Auto-detect sanitized passwords and prompt for reset (random temp password)
|
||||
- Standalone mode: restore.php scans directory for ZIP files
|
||||
- Wrapped mode: restore.php bundled inside backup ZIP
|
||||
- Security gate with filesystem verification + path traversal protection
|
||||
|
||||
## [01.40.00] --- 2026-06-23
|
||||
### Added — Data Sanitization
|
||||
- Sanitize user passwords: replace hashes with invalid sentinel
|
||||
- Sanitize user emails: replace with dummy values
|
||||
- Clear session data: exclude `#__session` table
|
||||
- Preserve super admin credentials (optional)
|
||||
- GDPR-friendly backup sharing for demos and staging sites
|
||||
|
||||
## [01.39.01] --- 2026-06-23
|
||||
### Added — Backup Engine
|
||||
- Pre-flight validation: directory, disk space, extensions, credentials, running backups
|
||||
- Auto-verify archive integrity after creation (ZIP, tar.gz, 7z)
|
||||
- 7z archive format via system 7za/7z CLI binary with native encryption
|
||||
- Streaming database dump to temp file (prevents OOM on large sites)
|
||||
- S3 streaming upload via CURLOPT_PUT (prevents OOM)
|
||||
- Graceful remote degradation: local backup preserved if upload fails
|
||||
- DatabaseDumper::dumpToFile() for memory-efficient operation
|
||||
|
||||
## [01.39.01] --- 2026-06-23
|
||||
### Added — Admin UI
|
||||
- Dashboard: snapshot widget, 30-day backup trend chart, per-profile storage breakdown
|
||||
- CPanel admin dashboard module (mod_mokosuitebackup_cpanel) with quick actions
|
||||
- Backup type filter dropdown in backups list
|
||||
- Backup comparison: select two backups for side-by-side diff
|
||||
- Archive browser: view files inside backup without extracting
|
||||
- Manual purge: delete backups older than a date with count preview
|
||||
- Run Backup button on profile list and edit views with backup count badges
|
||||
- "Do not navigate away" warning in backup/restore progress modals
|
||||
- Clickable placeholder pills for backup directory and archive name fields
|
||||
- Comprehensive help modal with absolute/relative/placeholder path documentation
|
||||
- Placeholder resolution display with EXAMPLE prefix
|
||||
- All placeholders UPPERCASE: [HOST], [SITE_NAME], [DATE], [DATETIME], etc.
|
||||
|
||||
### Added
|
||||
- MokoRestore: post-restore reset options — passwords, hits, versions, sessions, cache (#131)
|
||||
- MokoRestore: per-table conflict resolution — replace, skip, merge, data-only per table (#132)
|
||||
- MokoRestore: preset buttons — "All Replace", "All Skip", "Everything except users"
|
||||
- MokoRestore: auto-detect sanitized passwords and prompt for reset
|
||||
- Data sanitization: passwords, emails, sessions in backup profile settings (#129)
|
||||
- Manual purge: delete all backups older than a selected date with count preview (#119)
|
||||
- CPanel admin dashboard module with backup status, quick actions, and profile buttons (#105)
|
||||
- 7z archive format via system 7za/7z binary with optional password encryption (#122)
|
||||
- SFTP remote file browser: browse remote server directories to select backup path (#98)
|
||||
### Added — CLI & API
|
||||
- `mokosuitebackup:restore` with --files-only, --db-only, --password options
|
||||
- `mokosuitebackup:snapshot` with create, restore, list, delete actions
|
||||
- REST API for snapshots: create, list, restore, delete, download
|
||||
- Profile credentials masked in API responses
|
||||
|
||||
### Added — Notifications & Logging
|
||||
- Email/ntfy notifications for site restore, snapshot create/restore
|
||||
- Joomla Action Logs for restore, snapshot, and snapshot restore events
|
||||
- Global ntfy server/topic/token settings (fallback for profiles)
|
||||
|
||||
### Added — Security & Configuration
|
||||
- Webcron secret field with CSPRNG generator + strength meter
|
||||
- IP whitelist field with current IP detection + one-click "Add my IP"
|
||||
- 10 ACL permissions with full enforcement audit across all controllers
|
||||
- Config defaults: archive format, MokoRestore mode, sanitization settings
|
||||
- Path traversal protection on all archive extraction (ZIP, tar.gz, JPA)
|
||||
|
||||
### Fixed
|
||||
- MokoRestore: data-only mode now uses REPLACE INTO to handle existing rows
|
||||
- MokoRestore: temporary password is now randomly generated (not hardcoded "changeme")
|
||||
- CLI RestoreCommand passed wrong arguments (filepath instead of record ID)
|
||||
- JPA path traversal: reject `../` in archive entry paths
|
||||
- S3Uploader OOM: streaming upload instead of file_get_contents
|
||||
- DatabaseDumper OOM: streaming to file instead of in-memory string
|
||||
- AkeebaImporter: removed unserialize() (PHP object injection risk)
|
||||
- BackupTable: delete DB row before file (prevents data loss)
|
||||
- RestoreEngine: staging path sanitized with preg_replace
|
||||
- API profiles: sensitive fields masked with `***`
|
||||
- Webcron: missing return after sendJsonResponse on auth failure
|
||||
- loadFormData(): cast array to object (PHP 8.x TypeError fix)
|
||||
- MokoRestore data-only mode: uses REPLACE INTO for existing rows
|
||||
- Plaintext archive deleted on encryption failure
|
||||
- TarGzArchiver: intermediate .tar cleaned in finally block
|
||||
- Install script: single-line comments converted to block comments
|
||||
- Orphaned root-level webservices plugin files removed
|
||||
- include_mokorestore column: TINYINT changed to VARCHAR(20)
|
||||
- Script.php merge conflict markers resolved
|
||||
|
||||
## [01.24.00] — 2026-06-02
|
||||
|
||||
### Added
|
||||
- Initial release: full-site backup and restore for Joomla 6
|
||||
- Database, files, and configuration backup
|
||||
- ZIP and tar.gz archive formats with AES-256 encryption
|
||||
- Differential backups based on file manifests
|
||||
- FTP/FTPS, S3, Google Drive remote storage
|
||||
- MokoRestore standalone restore wizard
|
||||
- CLI backup and restore commands
|
||||
- REST API for remote management
|
||||
- Scheduled tasks via com_scheduler
|
||||
- Email and ntfy push notifications
|
||||
- Per-profile retention, exclusions, and notifications
|
||||
- Akeeba Backup migration tool
|
||||
- Admin dashboard with system health checks
|
||||
|
||||
Reference in New Issue
Block a user