From fd33c86157b0529b805e54017aca3719b4743131 Mon Sep 17 00:00:00 2001 From: "gitea-actions[bot]" Date: Sun, 28 Jun 2026 18:52:07 +0000 Subject: [PATCH 1/3] chore(release): build 01.44.00 [skip ci] --- .mokogitea/workflows/issue-branch.yml | 2 +- CHANGELOG.md | 127 +----------------- SECURITY.md | 2 +- .../com_mokosuitebackup/mokosuitebackup.xml | 2 +- .../sql/updates/mysql/01.44.00.sql | 1 + .../mod_mokosuitebackup_cpanel.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- .../mokosuitebackup.xml | 2 +- source/pkg_mokosuitebackup.xml | 2 +- 14 files changed, 16 insertions(+), 136 deletions(-) create mode 100644 source/packages/com_mokosuitebackup/sql/updates/mysql/01.44.00.sql diff --git a/.mokogitea/workflows/issue-branch.yml b/.mokogitea/workflows/issue-branch.yml index 11958bd..99c44e1 100644 --- a/.mokogitea/workflows/issue-branch.yml +++ b/.mokogitea/workflows/issue-branch.yml @@ -5,7 +5,7 @@ # FILE INFORMATION # DEFGROUP: Gitea.Workflow # INGROUP: mokocli.Automation -# VERSION: 01.00.00 +# VERSION: 01.44.00 # BRIEF: Auto-create feature branch when an issue is opened name: "Universal: Issue Branch" diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d8435f..e75359d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,9 @@ # Changelog - ## [Unreleased] + +## [01.44.00] --- 2026-06-28 + ### Added - Customizable restore script filename per backup profile (reduces discoverability on remote servers) - MokoRestore standalone mode: multi-ZIP selector when multiple backup archives are present @@ -33,126 +35,3 @@ ## [01.42.00] --- 2026-06-23 - -## [01.41.00] — 2026-06-23 - -### Added — Multi-Remote Storage -- New `#__mokosuitebackup_remotes` table for multiple destinations per profile -- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit -- Engine uploads to ALL enabled destinations (BackupEngine + SteppedBackupEngine) -- Migration auto-converts existing SFTP/S3/GDrive/FTP profile columns to new table -- Backward compatibility: falls back to legacy single-remote columns if table empty -- Secrets masked in API responses, merged from DB on save - -### Added — Content Snapshots -- Lightweight JSON snapshots of articles, categories, and modules -- Includes tags, custom fields, workflow associations, field values -- Restore modes: Replace (clean slate), Merge (upsert), Selective (per-article) -- Snapshot retention: max count + max age with automatic cleanup -- Scheduled snapshot task via com_scheduler -- CLI: `mokosuitebackup:snapshot create|restore|list|delete` -- REST API: create, list, restore, delete, download snapshots -- Tabbed browse modal: Articles / Categories / Modules with item counts - -### Added — SFTP Remote Storage -- SFTP support with SSH key file authentication (key stored base64 in database) -- Auth type dropdown: Password / Key File / Key File + Passphrase -- SshKeyField: file upload via FileReader, key never exposed in HTML -- SFTP remote directory browser for path selection -- `__KEEP_EXISTING__` sentinel preserves key on profile re-save - -### Added — MokoRestore Wizard (9 steps) -- Per-table conflict resolution: Replace / Skip / Merge / Data Only -- Preset buttons: "All Replace", "All Skip", "Everything except users" -- Post-restore actions: reset passwords, hits, versions, sessions, cache -- Auto-detect sanitized passwords and prompt for reset (random temp password) -- Standalone mode: restore.php scans directory for ZIP files -- Wrapped mode: restore.php bundled inside backup ZIP -- Security gate with filesystem verification + path traversal protection - -### Added — Data Sanitization -- Sanitize user passwords: replace hashes with invalid sentinel -- Sanitize user emails: replace with dummy values -- Clear session data: exclude `#__session` table -- Preserve super admin credentials (optional) -- GDPR-friendly backup sharing for demos and staging sites - -### Added — Backup Engine -- Pre-flight validation: directory, disk space, extensions, credentials, running backups -- Auto-verify archive integrity after creation (ZIP, tar.gz, 7z) -- 7z archive format via system 7za/7z CLI binary with native encryption -- Streaming database dump to temp file (prevents OOM on large sites) -- S3 streaming upload via CURLOPT_PUT (prevents OOM) -- Graceful remote degradation: local backup preserved if upload fails -- DatabaseDumper::dumpToFile() for memory-efficient operation - -### Added — Admin UI -- Dashboard: snapshot widget, 30-day backup trend chart, per-profile storage breakdown -- CPanel admin dashboard module (mod_mokosuitebackup_cpanel) with quick actions -- Backup type filter dropdown in backups list -- Backup comparison: select two backups for side-by-side diff -- Archive browser: view files inside backup without extracting -- Manual purge: delete backups older than a date with count preview -- Backup count badges on profile list -- "Do not navigate away" warning in backup/restore progress modals -- Clickable placeholder pills for backup directory and archive name fields -- Comprehensive help modal with absolute/relative/placeholder path documentation -- Placeholder resolution display with EXAMPLE prefix -- All placeholders UPPERCASE: [HOST], [SITE_NAME], [DATE], [DATETIME], etc. - -### Added — CLI & API -- `mokosuitebackup:restore` with --files-only, --db-only, --password options -- `mokosuitebackup:snapshot` with create, restore, list, delete actions -- REST API for snapshots: create, list, restore, delete, download -- Profile credentials masked in API responses - -### Added — Notifications & Logging -- Email/ntfy notifications for site restore, snapshot create/restore -- Joomla Action Logs for restore, snapshot, and snapshot restore events -- Global ntfy server/topic/token settings (fallback for profiles) - -### Added — Security & Configuration -- Webcron secret field with CSPRNG generator + strength meter -- IP whitelist field with current IP detection + one-click "Add my IP" -- 10 ACL permissions with full enforcement audit across all controllers -- Config defaults: archive format, MokoRestore mode, sanitization settings -- Path traversal protection on all archive extraction (ZIP, tar.gz, JPA) - -### Fixed -- CLI RestoreCommand passed wrong arguments (filepath instead of record ID) -- JPA path traversal: reject `../` in archive entry paths -- S3Uploader OOM: streaming upload instead of file_get_contents -- DatabaseDumper OOM: streaming to file instead of in-memory string -- AkeebaImporter: removed unserialize() (PHP object injection risk) -- BackupTable: delete DB row before file (prevents data loss) -- RestoreEngine: staging path sanitized with preg_replace -- API profiles: sensitive fields masked with `***` -- Webcron: missing return after sendJsonResponse on auth failure -- loadFormData(): cast array to object (PHP 8.x TypeError fix) -- MokoRestore data-only mode: uses REPLACE INTO for existing rows -- Plaintext archive deleted on encryption failure -- TarGzArchiver: intermediate .tar cleaned in finally block -- Install script: single-line comments converted to block comments -- Orphaned root-level webservices plugin files removed -- include_mokorestore column: TINYINT changed to VARCHAR(20) -- Snapshot fields_values: scoped dump and restore to com_content.article (previously destroyed values for contacts, users, etc.) -- Run Backup button: accept CSRF token from GET (fixes "token did not match" on profile edit) -- SFTP fields: moved into remote fieldset for showon visibility; removed required attr that blocked non-SFTP saves -- Script.php merge conflict markers resolved - -## [01.24.00] — 2026-06-02 - -### Added -- Initial release: full-site backup and restore for Joomla 6 -- Database, files, and configuration backup -- ZIP and tar.gz archive formats with AES-256 encryption -- Differential backups based on file manifests -- FTP/FTPS, S3, Google Drive remote storage -- MokoRestore standalone restore wizard -- CLI backup and restore commands -- REST API for remote management -- Scheduled tasks via com_scheduler -- Email and ntfy push notifications -- Per-profile retention, exclusions, and notifications -- Akeeba Backup migration tool -- Admin dashboard with system health checks diff --git a/SECURITY.md b/SECURITY.md index c15d68b..abcf806 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -23,7 +23,7 @@ DEFGROUP: Template-Joomla INGROUP: Template-Joomla.Documentation REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla PATH: /SECURITY.md -VERSION: 01.43.35 +VERSION: 01.44.00 BRIEF: Security vulnerability reporting and handling policy --> diff --git a/source/packages/com_mokosuitebackup/mokosuitebackup.xml b/source/packages/com_mokosuitebackup/mokosuitebackup.xml index e01585b..81687eb 100644 --- a/source/packages/com_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/com_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/com_mokosuitebackup/sql/updates/mysql/01.44.00.sql b/source/packages/com_mokosuitebackup/sql/updates/mysql/01.44.00.sql new file mode 100644 index 0000000..ac85f57 --- /dev/null +++ b/source/packages/com_mokosuitebackup/sql/updates/mysql/01.44.00.sql @@ -0,0 +1 @@ +/* 01.44.00 — no schema changes */ diff --git a/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml b/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml index b7ec6da..bb9d8e2 100644 --- a/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml +++ b/source/packages/mod_mokosuitebackup_cpanel/mod_mokosuitebackup_cpanel.xml @@ -8,7 +8,7 @@ --> mod_mokosuitebackup_cpanel - 01.43.35 + 01.44.00 2026-06-23 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml index d44b643..63c15d4 100644 --- a/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_actionlog_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Action Log - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml index c1d20e8..959fc39 100644 --- a/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_console_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Console - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml index 3672f40..3447338 100644 --- a/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_content_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Content - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-04 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml index 4fdec8e..fd79855 100644 --- a/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_quickicon_mokosuitebackup/mokosuitebackup.xml @@ -1,7 +1,7 @@ Quick Icon - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml index a6b9da9..5978715 100644 --- a/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_system_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> System - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml index a2654cf..83cadcf 100644 --- a/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_task_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Task - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml b/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml index 3a6edf2..53214e8 100644 --- a/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml +++ b/source/packages/plg_webservices_mokosuitebackup/mokosuitebackup.xml @@ -7,7 +7,7 @@ --> Web Services - MokoSuiteBackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech diff --git a/source/pkg_mokosuitebackup.xml b/source/pkg_mokosuitebackup.xml index 5248fbe..70759bc 100644 --- a/source/pkg_mokosuitebackup.xml +++ b/source/pkg_mokosuitebackup.xml @@ -8,7 +8,7 @@ Package - MokoSuiteBackup mokosuitebackup - 01.43.35 + 01.44.00 2026-06-02 Moko Consulting hello@mokoconsulting.tech From 51c4db5115da169d6beb8f405b65766963343f26 Mon Sep 17 00:00:00 2001 From: "gitea-actions[bot]" Date: Sun, 28 Jun 2026 18:52:14 +0000 Subject: [PATCH 2/3] =?UTF-8?q?chore:=20promote=20changelog=20[Unreleased]?= =?UTF-8?q?=20=E2=86=92=20[01.44.00]?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e75359d..92664e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,8 @@ # Changelog ## [Unreleased] +## [01.44.00] --- 2026-06-28 + ## [01.44.00] --- 2026-06-28 From 330cfa9dc50bed5f0aa160bf6690a28aa430a5d0 Mon Sep 17 00:00:00 2001 From: Jonathan Miller <1+jmiller@noreply.git.mokoconsulting.tech> Date: Sun, 28 Jun 2026 18:56:20 +0000 Subject: [PATCH 3/3] chore: sync issue-branch.yml from Template-Generic [skip ci] --- .mokogitea/workflows/issue-branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.mokogitea/workflows/issue-branch.yml b/.mokogitea/workflows/issue-branch.yml index 99c44e1..11958bd 100644 --- a/.mokogitea/workflows/issue-branch.yml +++ b/.mokogitea/workflows/issue-branch.yml @@ -5,7 +5,7 @@ # FILE INFORMATION # DEFGROUP: Gitea.Workflow # INGROUP: mokocli.Automation -# VERSION: 01.44.00 +# VERSION: 01.00.00 # BRIEF: Auto-create feature branch when an issue is opened name: "Universal: Issue Branch"