MokoSuiteBackup

Author	SHA1	Message	Date
Jonathan Miller	01bed8942c	feat: AJAX stepped restore engine for large sites (#62 ) Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions Details Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions Details Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions Details Universal: PR Check / Report Issues (pull_request) Blocked by required conditions Details Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions Details Generic: Repo Health / Repository health (pull_request) Blocked by required conditions Details Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions Details Universal: PR Check / Branch Policy (pull_request) Failing after 1s Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s Details Universal: PR Check / Validate PR (pull_request) Failing after 5s Details Universal: PR Check / Secret Scan (pull_request) Successful in 6s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 9s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 32s Details Branch Cleanup / Delete merged branch (pull_request) Successful in 3s Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s Details Break restore into phases (extract, files, database, config, cleanup) executed via AJAX steps to avoid PHP timeout on shared hosting. - SteppedRestoreEngine with session persistence - AjaxController restoreInit/restoreStep endpoints - Restore modal uses AJAX progress instead of synchronous submit - Files copied in batches of 200, SQL in batches of 500 Closes #62	2026-06-22 09:27:18 -05:00
Jonathan Miller	391047d8e5	feat: email/ntfy notifications for restore operations (#60 ) Send notifications when site restores and snapshot create/restore complete. Uses sendRestoreNotification() with type-specific subjects. All calls wrapped in try-catch to never break the actual operation. Closes #60	2026-06-22 09:27:16 -05:00
Jonathan Miller	5a672454ad	feat: scheduled task for automated content snapshots (#56 ) Add mokosuitebackup.snapshot task type for com_scheduler with params for content_types and description_format ([date]/[datetime] placeholders). Closes #56	2026-06-22 09:27:14 -05:00
jmiller	ed799217bf	chore: sync repo-health.yml from Template-Generic [skip ci]	2026-06-22 00:47:57 +00:00
jmiller	5f0f958aca	chore: sync pr-check.yml from Template-Generic [skip ci]	2026-06-22 00:47:56 +00:00
jmiller	7bf42f1a89	chore: sync issue-branch.yml from Template-Generic [skip ci]	2026-06-22 00:47:56 +00:00
jmiller	a919d52cf7	chore: sync auto-bump.yml from Template-Generic [skip ci]	2026-06-22 00:47:55 +00:00
gitea-actions[bot]	a7e94467ee	chore: promote changelog [Unreleased] → [01.31.00]	2026-06-22 00:47:07 +00:00
gitea-actions[bot]	01335ac70f	chore(release): build 01.31.00 [skip ci] Publish to Composer / Publish Package (release) Failing after 26s Details	2026-06-22 00:47:04 +00:00
jmiller	35b7e2a0b8	Merge pull request 'feat: CLI snapshots, auto-verify integrity, snapshot REST API (#55 , #65 , #54 )' (#90 ) from feat/batch-55-65-54 into main	2026-06-22 00:46:52 +00:00
Jonathan Miller	c72e950a25	feat: REST API endpoints for content snapshots (#54 ) Universal: PR Check / Branch Policy (pull_request) Failing after 2s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 6s Details Universal: PR Check / Validate PR (pull_request) Failing after 6s Details Universal: PR Check / Secret Scan (pull_request) Successful in 10s Details Generic: Repo Health / Access control (pull_request) Successful in 1s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 15s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Branch Cleanup / Delete merged branch (pull_request) Successful in 2s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 39s Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 17s Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 1m49s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details Add five endpoints matching the existing backup API pattern: - GET /snapshots — list with pagination - POST /snapshot — create (content_types, description) - POST /snapshot/:id/restore — restore (mode, content_types) - DELETE /snapshot/:id — delete record + file - GET /snapshot/:id/download — stream JSON file ACL: mokosuitebackup.snapshot.manage for write ops, core.manage for read. Routes registered in webservices plugin alongside backup routes. Closes #54	2026-06-21 19:46:07 -05:00
Jonathan Miller	5dcba6d8cb	feat: auto-verify backup integrity after creation (#65 ) After archive is created and checksum computed, automatically verify: - Archive opens without error - Contains at least one entry - database.sql present when backup type includes database - First entry is readable (spot-check) Applied to both BackupEngine and SteppedBackupEngine. Throws RuntimeException on verification failure (backup marked as failed). Closes #65	2026-06-21 19:45:46 -05:00
Jonathan Miller	0638c2cef6	feat: CLI command for content snapshots (#55 ) Add `mokosuitebackup:snapshot` command with four actions: - create: --types=articles,categories,modules --description="text" - restore: --id=N --mode=replace\|merge --types=articles - list: displays table of all snapshots - delete: --id=N removes file + DB record Closes #55	2026-06-21 19:45:09 -05:00
jmiller	fc0c1b05a6	chore: sync repo-health.yml from Template-Generic [skip ci]	2026-06-22 00:35:41 +00:00
jmiller	3547667158	chore: sync pr-check.yml from Template-Generic [skip ci]	2026-06-22 00:35:40 +00:00
jmiller	b882e8ba90	chore: sync issue-branch.yml from Template-Generic [skip ci]	2026-06-22 00:35:39 +00:00
jmiller	db2beef189	chore: sync auto-release.yml from Template-Generic [skip ci]	2026-06-22 00:35:37 +00:00
jmiller	b0629f9f30	chore: sync auto-bump.yml from Template-Generic [skip ci]	2026-06-22 00:35:37 +00:00
gitea-actions[bot]	b3d955e1a8	chore: promote changelog [Unreleased] → [01.30.00]	2026-06-22 00:34:05 +00:00
gitea-actions[bot]	f5e8d0fe03	chore(release): build 01.30.00 [skip ci] Publish to Composer / Publish Package (release) Failing after 34s Details	2026-06-22 00:34:02 +00:00
jmiller	5815a65a39	Merge pull request 'feat: Snapshot retention, extended snapshots, graceful remote degradation (#63 , #57 , #66 )' (#89 ) from feat/batch-63-57-66 into main	2026-06-22 00:33:51 +00:00
Jonathan Miller	ad1c0cf349	fix: scope #__fields_values dump and restore to com_content.article Universal: PR Check / Branch Policy (pull_request) Failing after 1s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Universal: PR Check / Validate PR (pull_request) Failing after 5s Details Universal: PR Check / Secret Scan (pull_request) Successful in 7s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 11s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 28s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Branch Cleanup / Delete merged branch (pull_request) Successful in 1s Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 17s Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 2m55s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details The fields_values table is shared across all Joomla extensions. Previously, dump captured ALL field values and restore deleted ALL field values, destroying data for contacts, users, and other extensions. Now scoped via subquery on field_id WHERE context = 'com_content.article'.	2026-06-21 19:32:23 -05:00
Jonathan Miller	8b6e260b28	fix: graceful degradation when remote upload fails (#66 ) Universal: PR Check / Branch Policy (pull_request) Failing after 2s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Universal: PR Check / Validate PR (pull_request) Failing after 9s Details Universal: PR Check / Secret Scan (pull_request) Successful in 11s Details Branch Cleanup / Delete merged branch (pull_request) Has been skipped Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Has been skipped Details Universal: Auto Version Bump / Version Bump (push) Successful in 11s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 44s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 47s Details Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Successful in 17s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details Remote upload failure (S3/FTP/GDrive) no longer marks the entire backup as failed. The local archive is preserved with status 'complete' and the upload failure is logged as a warning. Applies to both BackupEngine and SteppedBackupEngine. Closes #66	2026-06-21 19:09:20 -05:00
Jonathan Miller	eb7f48d3a2	feat: extend snapshots to include custom fields and tags (#57 ) When articles are included in a snapshot, now also captures: - #__tags (tag definitions) - #__fields (custom field definitions for com_content.article) - #__fields_values (custom field values) - #__fields_categories (field-to-category mappings) Restore correctly scopes deletes to avoid touching non-content fields. Closes #57	2026-06-21 19:08:53 -05:00
Jonathan Miller	974b971340	feat: snapshot retention and automatic cleanup (#63 ) Add retention settings for content snapshots (max count, max age days) in component options. System plugin runs cleanupOldSnapshots() alongside existing backup cleanup, deleting JSON files and DB records. Closes #63	2026-06-21 19:08:27 -05:00
gitea-actions[bot]	c299798542	chore: promote changelog [Unreleased] → [01.27.03] Universal: Auto Version Bump / Version Bump (push) Successful in 14s Details Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Successful in 14s Details Publish to Composer / Publish Package (release) Failing after 28s Details alpha beta	2026-06-21 23:57:36 +00:00
gitea-actions[bot]	612dc4acd5	chore(release): build 01.27.03 [skip ci] Publish to Composer / Publish Package (release) Failing after 6s Details	2026-06-21 23:57:32 +00:00
jmiller	cdb54f6a3e	Merge pull request 'fix: Remove orphaned root-level webservices plugin files' (#87 ) from fix/remove-orphaned-root-files into main	2026-06-21 23:56:04 +00:00
jmiller	6fbc91527e	chore: remove unused Makefile - builds handled by CI auto-release	2026-06-21 23:55:32 +00:00
Jonathan Miller	57bfb37be1	fix: remove orphaned root-level webservices plugin files Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Failing after 5s Details Universal: PR Check / Branch Policy (pull_request) Failing after 2s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 8s Details Universal: PR Check / Validate PR (pull_request) Failing after 4s Details Universal: PR Check / Secret Scan (pull_request) Successful in 8s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Branch Cleanup / Delete merged branch (pull_request) Failing after 2s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 8s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 14s Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 26s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details The root mokosuitebackup.xml and mokosuitebackup.php are stale copies from before the code was restructured into source/packages/. The webservices plugin lives at source/packages/plg_webservices_mokosuitebackup/ with its own manifest and src/ directory. The root manifest still referenced <folder>src</folder> but that directory was removed in PR #82, causing Joomla installer to fail with "File does not exist [ROOT][TMP]/.../mokosuitebackup/src".	2026-06-21 18:54:45 -05:00
Jonathan Miller	3328d7cf19	feat: backup type filter + path traversal protection (#68 , #72 ) Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Successful in 25s Details Universal: Build & Release / Promote to RC (pull_request) Successful in 28s Details Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s Details Universal: PR Check / Branch Policy (pull_request) Failing after 1s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 7s Details Universal: PR Check / Secret Scan (pull_request) Successful in 5s Details Universal: PR Check / Validate PR (pull_request) Failing after 4s Details Generic: Repo Health / Access control (pull_request) Successful in 1s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 11s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details #68: Add backup type filter dropdown to backups list view - filter_backups.xml: full/database/files/differential options - BackupsModel: backup_type filter in getListQuery() - Language string: COM_MOKOJOOMBACKUP_FILTER_TYPE_ALL #72: Path traversal protection in RestoreEngine and MokoRestore - RestoreEngine::extractArchive(): validate ZIP entries before extractTo() - RestoreEngine::extractTarGz(): validate PharData entries before extractTo() - MokoRestore standalone script: same validation in generated PHP code - Rejects entries containing ../ or starting with / or \ Closes #68, closes #72	2026-06-21 18:50:07 -05:00
jmiller	c410c02487	chore: sync repo-health.yml from Template-Generic [skip ci]	2026-06-21 23:38:38 +00:00
jmiller	93879c8118	chore: sync pr-check.yml from Template-Generic [skip ci]	2026-06-21 23:38:37 +00:00
jmiller	e4329c9fc6	chore: sync auto-bump.yml from Template-Generic [skip ci]	2026-06-21 23:38:34 +00:00
gitea-actions[bot]	0fa58daa12	chore: promote changelog [Unreleased] → [01.27.00] Universal: Auto Version Bump / Version Bump (push) Successful in 12s Details Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Successful in 21s Details Publish to Composer / Publish Package (release) Failing after 1m46s Details	2026-06-21 23:24:27 +00:00
gitea-actions[bot]	f8591ed15c	chore(release): build 01.27.00 [skip ci] Publish to Composer / Publish Package (release) Failing after 48s Details	2026-06-21 23:24:24 +00:00
jmiller	cbc7004d18	chore: sync repo-health.yml from Template-Generic [skip ci]	2026-06-21 23:24:11 +00:00
jmiller	a33a585b98	chore: sync pr-check.yml from Template-Generic [skip ci]	2026-06-21 23:24:10 +00:00
jmiller	2573ba8599	chore: sync issue-branch.yml from Template-Generic [skip ci]	2026-06-21 23:24:09 +00:00
jmiller	f0d506bbb1	chore: sync auto-bump.yml from Template-Generic [skip ci]	2026-06-21 23:24:06 +00:00
jmiller	a26343a76e	Merge pull request 'fix: Remaining audit findings — OOM, security, error handling (#81 )' (#85 ) from fix/audit-remaining into main	2026-06-21 23:17:56 +00:00
Jonathan Miller	9990240d2d	fix: remaining audit findings — OOM, security, error handling (#81 ) Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Failing after 5s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 22s Details Universal: PR Check / Branch Policy (pull_request) Failing after 1s Details Universal: PR Check / Secret Scan (pull_request) Successful in 7s Details Universal: PR Check / Validate PR (pull_request) Failing after 5s Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 49s Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Branch Cleanup / Delete merged branch (pull_request) Failing after 2s Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 46s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 2m32s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details CRITICAL: - #73: S3Uploader now streams file via CURLOPT_PUT/INFILE instead of loading entire file into RAM with file_get_contents - #74: DatabaseDumper gains dumpToFile() that streams SQL to disk; BackupEngine uses addFile() instead of addFromString() to avoid holding the entire dump in memory - #75: AkeebaImporter removes unserialize() — only uses json_decode, skips legacy serialized filter data to prevent object injection MEDIUM (also fixed): - BackupEngine: $archiveName initialized before try block (prevents undefined variable in catch) - BackupEngine: plaintext archive deleted on encryption failure - BackupEngine: temp SQL file cleaned up in both success and failure - BackupEngine: createArchiver() throws on unknown format instead of silently falling back to ZIP - TarGzArchiver: intermediate .tar cleaned up in finally block Closes #73, closes #74, closes #75 Ref #81	2026-06-21 18:16:46 -05:00
jmiller	418db394a4	Merge pull request 'chore: remove automation directory' (#82 ) from fix/remove-automation into main	2026-06-21 23:10:42 +00:00
jmiller	d939d8c9d7	Merge pull request 'fix: Critical and high audit findings (#81 )' (#83 ) from fix/audit-critical-high into main	2026-06-21 23:10:19 +00:00
gitea-actions[bot]	6383e9b111	chore(version): pre-release bump to 01.27.03-dev [skip ci] Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 21s Details Publish to Composer / Publish Package (release) Failing after 44s Details Branch Cleanup / Delete merged branch (pull_request) Failing after 2s Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s Details	2026-06-21 23:10:10 +00:00
Jonathan Miller	2395a4eabc	fix: critical and high audit findings (#81 ) Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Failing after 5s Details Universal: Build & Release / Promote to RC (pull_request) Has been skipped Details Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 9s Details Universal: PR Check / Branch Policy (pull_request) Failing after 2s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Universal: PR Check / Secret Scan (pull_request) Successful in 6s Details Universal: PR Check / Validate PR (pull_request) Failing after 5s Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 17s Details Branch Cleanup / Delete merged branch (pull_request) Successful in 2s Details RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped Details Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 7m48s Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details Fixes all critical and high severity issues from the codebase audit: CRITICAL: - #71: RestoreCommand passed wrong args to RestoreEngine (filepath instead of record ID) — CLI restore was completely broken - #72: JpaUnarchiver path traversal — added traversal rejection and realpath boundary check to prevent writes outside staging dir - #77: RestoreEngine staging path sanitized — $record->tag stripped of non-alphanumeric characters HIGH: - #75: (noted, AkeebaImporter unserialize needs separate refactor) - #76: BackupTable now deletes DB row before file — prevents data loss if DB delete fails - #78: API profiles endpoint now masks sensitive fields (passwords, keys, tokens) with '***' - #79: Webcron handler adds return after sendJsonResponse — prevents execution falling through on non-terminal close() - #80: BackupModel/ProfileModel loadFormData() now casts array to object — prevents TypeError on PHP 8.x form state restore PREFLIGHT HARDENING: - PreflightCheck::run() wrapped in try-catch for DB exceptions - mkdir() failure now includes actual error reason - Unresolved placeholders generate a warning instead of silent return Closes #71, closes #76, closes #77, closes #78, closes #79, closes #80 Ref #72, ref #81	2026-06-21 18:08:58 -05:00
Jonathan Miller	1ec8ec8f6d	chore: remove automation directory Universal: Pre-Release / Build Pre-Release (${{ inputs.stability \|\| github.ref_name }}) (push) Successful in 20s Details Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 6s Details Universal: PR Check / Branch Policy (pull_request) Failing after 2s Details Joomla: Extension CI / Lint & Validate (pull_request) Failing after 10s Details Universal: PR Check / Secret Scan (pull_request) Successful in 6s Details Universal: PR Check / Validate PR (pull_request) Failing after 5s Details Generic: Repo Health / Access control (pull_request) Successful in 2s Details Generic: Repo Health / Site Health (pull_request) Has been skipped Details Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 52s Details Universal: Build & Release / Promote to RC (pull_request) Failing after 14s Details Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped Details Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled Details Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled Details Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled Details Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Universal: PR Check / Report Issues (pull_request) Has been cancelled Details Generic: Repo Health / Scripts governance (pull_request) Has been cancelled Details Generic: Repo Health / Repository health (pull_request) Has been cancelled Details Generic: Repo Health / Report Issues (pull_request) Has been cancelled Details	2026-06-21 18:03:55 -05:00
jmiller	8df630c529	chore: sync repo-health.yml from Template-Generic [skip ci]	2026-06-21 22:56:04 +00:00
jmiller	5c8503e79e	chore: sync pr-check.yml from Template-Generic [skip ci]	2026-06-21 22:56:02 +00:00
jmiller	3a087d7859	chore: sync issue-branch.yml from Template-Generic [skip ci]	2026-06-21 22:56:01 +00:00

1 2 3 4 5 ...

397 Commits