09bac755a9d0cd34d00a43172e9e897d55d2daae
200 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 gitea-actions[bot]
|
09bac755a9 |
chore(release): build 01.39.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 7s
|
||
|
Jonathan Miller
|
5698c074da |
feat: data sanitization — passwords, emails, sessions (#129)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 7s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 9s
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 54s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 33s
New "Data Sanitization" fieldset on profile form with four options: - Sanitize User Passwords: replaces all bcrypt hashes with invalid sentinel - Preserve Super Admin: keeps Super Users group passwords intact - Sanitize User Emails: replaces with user123@sanitized.example.com - Clear Session Data: excludes #__session table data (default: on) DatabaseDumper sanitizes rows inline during dump — both in-memory and file-streaming paths. Super admin detection uses group_id=8 from #__user_usergroup_map with static caching. Use cases: sharing backups, creating demo/staging sites, GDPR compliance. Partial #129 (Part 2 — restore script password reset — tracked separately) |
||
|
gitea-actions[bot]
|
5a0cd51df6 |
chore(version): pre-release bump to 01.38.05-dev [skip ci]
Publish to Composer / Publish Package (release) Failing after 4s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 33s
|
||
|
Jonathan Miller
|
12c832d7fe |
feat: comprehensive help modal for backup directory field
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 11s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 5s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Universal: PR Check / Secret Scan (pull_request) Successful in 4s
Universal: Build & Release / Promote to RC (pull_request) Failing after 8s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 43s
Expanded the help modal with: - Absolute paths: starts with / or drive letter, used as-is - Relative paths: ./backups, ../backups, ../../backups with table showing URL-style conventions and resolved examples - Placeholder paths: detailed descriptions of each placeholder with current server values - Recommended configurations table: single site, multi-site, date-organized, per-profile, shared hosting - Security warnings for web-root-accessible paths - Help button uses JS click handler with Bootstrap 5 fallback (fixes non-working tooltip icon) |
||
|
gitea-actions[bot]
|
fb99afbeba |
chore(version): pre-release bump to 01.38.04-dev [skip ci]
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 17s
Publish to Composer / Publish Package (release) Failing after 33s
|
||
|
Jonathan Miller
|
de632e9c5c |
feat: uppercase all placeholders + EXAMPLE prefix in resolution display
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 20s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 10s
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Universal: PR Check / Secret Scan (pull_request) Successful in 12s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 14s
Universal: Build & Release / Promote to RC (pull_request) Failing after 10s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 47s
All placeholders changed from lowercase to UPPERCASE: [host] → [HOST], [site_name] → [SITE_NAME], [date] → [DATE], [datetime] → [DATETIME], [profile_id] → [PROFILE_ID], etc. [HOME] and [DEFAULT_DIR] were already uppercase — now consistent. SQL migration 01.39.01 updates existing profile data in the database. Resolution display prefixed with "EXAMPLE:" to clarify these are example values resolved at backup time. 13 files updated across engines, fields, forms, templates, and SQL. |
||
|
gitea-actions[bot]
|
cbff40d04c |
chore(version): pre-release bump to 01.38.03-dev [skip ci]
Publish to Composer / Publish Package (release) Failing after 7s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 21s
|
||
|
Jonathan Miller
|
e415e701cd |
fix: resolve [site_name] and other placeholders in checkDir AJAX
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 15s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 8s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Universal: Build & Release / Promote to RC (pull_request) Failing after 15s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 46s
BackupDirectory::resolve() only handles [HOME] and [DEFAULT_DIR]. The checkDir AJAX endpoint now uses PlaceholderResolver to also resolve [site_name], [host], [profile_id], [date], etc. before checking if the directory exists. This makes the "Resolves to" display accurate for all placeholder types. |
||
|
gitea-actions[bot]
|
e7f165ac96 |
chore(version): pre-release bump to 01.38.02-dev [skip ci]
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 13s
Universal: PR Check / Secret Scan (pull_request) Successful in 12s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Publish to Composer / Publish Package (release) Failing after 45s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 48s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 31s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3m46s
|
||
|
Jonathan Miller
|
fc41e1801a |
fix: placeholder resolution display + CSRF token on Run Backup button
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 26s
FolderPickerField: shows resolved placeholder values below input as badges (e.g. [HOME]=/home/user, [host]=example.com), plus full resolved path. Updates live as user types. BackupsController::start(): accept CSRF token from both GET and POST so the "Run Backup Now" link button on profile edit works without triggering "security token did not match" error. |
||
|
gitea-actions[bot]
|
e8d7d1d421 |
chore(version): pre-release bump to 01.38.01-dev [skip ci]
Publish to Composer / Publish Package (release) Failing after 4s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 7s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 29s
|
||
|
Jonathan Miller
|
cd31617e21 |
fix: change include_mokorestore column from TINYINT to VARCHAR(20)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Secret Scan (pull_request) Successful in 7s
Universal: Build & Release / Promote to RC (pull_request) Failing after 10s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 45s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 50s
The column was TINYINT(1) which can only store 0/1. The new 'standalone' mode value causes MySQL to truncate the string to 0, breaking profile save. Changed to VARCHAR(20) to support all three modes: '0' (none), '1' (wrapped), 'standalone'. |
||
|
gitea-actions[bot]
|
18b65d30ac |
chore(release): build 01.38.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 34s
|
||
|
Jonathan Miller
|
e62dba8f40 |
feat: standalone restore script — separate file that scans for ZIPs (#107)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Universal: PR Check / Branch Policy (pull_request) Failing after 3s
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 16s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 53s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 31s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 8m41s
New MokoRestore mode: 'standalone' generates restore.php as a separate file that scans its directory for ZIP backup archives and lets the user choose which one to restore. Unlike 'wrapped' mode which bundles restore.php inside the backup ZIP, standalone mode keeps both files separate — ideal for remote servers where you SCP the backup. Changes: - MokoRestore::generateStandalone() — writes restore.php with ZIP scanner - Profile form: include_mokorestore now a dropdown (none/wrapped/standalone) - BackupEngine: standalone mode writes restore.php + uploads to remote - Restore script uses safe DOM methods (no innerHTML with user data) Closes #107 |
||
|
gitea-actions[bot]
|
13c251196b |
chore(release): build 01.37.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 4s
|
||
|
Jonathan Miller
|
64ffbb9d61 |
feat: profiles UI, snapshot detail, progress warning, action logs (#100, #104, #108, #110)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 10s
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 39s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 18s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 4m10s
#100: Run Backup button on profiles list (per-row) and edit toolbar, backup count badge linking to filtered backups view, View Backups toolbar button on profile edit. #101: Profile → filtered backup list link (included in #100). #104: Snapshot browse modal now shows tabbed view (Articles, Categories, Modules) with item counts. AjaxController returns all content types. Categories show indented hierarchy. #108: "Do not navigate away or close this window" warning banner added to both backup and restore progress modals. #110: Joomla Action Logs integration — RestoreEngine, SnapshotEngine, and SnapshotRestoreEngine now dispatch events that the actionlog plugin logs to #__action_logs. Closes #100, closes #101, closes #104, closes #108, closes #110 |
||
|
gitea-actions[bot]
|
089ec69595 |
chore(release): build 01.36.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 7s
|
||
|
Jonathan Miller
|
456e744d81 |
feat: clickable placeholder pills for backup dir and archive name fields
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 6s
Universal: PR Check / Branch Policy (pull_request) Failing after 4s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 12s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 10s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 14s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 26s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 9m59s
Both Backup Directory and Archive Name Format fields now show clickable placeholder tags below the input. Clicking a tag inserts the placeholder at the current cursor position using selectionStart/End. - FolderPickerField: pills for [HOME], [DEFAULT_DIR], [host], [site_name], [date], [profile_id], [profile_name], [type] - PlaceholderTextField: new custom field type used by archive_name_format, configurable placeholders via XML attribute - Cursor position preserved after insert, input event dispatched for live status updates |
||
|
gitea-actions[bot]
|
00e7963988 |
chore(release): build 01.35.04 [skip ci]
Publish to Composer / Publish Package (release) Failing after 4s
|
||
|
Jonathan Miller
|
5b9351e5f0 | Merge remote-tracking branch 'origin/main' into fix/sftp-key-upload | ||
|
Jonathan Miller
|
1e9c8d54f4 |
fix: remove required attr from SFTP showon fields — blocks save when not SFTP
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 22s
Joomla validates required fields server-side regardless of showon visibility. SFTP fields with required="true" block saving when remote_storage is set to None or S3/GDrive because the hidden fields submit empty values. Validation should be done in ProfileTable::check() conditionally instead. |
||
|
gitea-actions[bot]
|
e329dbd99b |
chore(version): pre-release bump to 01.35.03-dev [skip ci]
Publish to Composer / Publish Package (release) Failing after 7s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 20s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 2m33s
|
||
|
Jonathan Miller
|
d6b3e8cff0 |
feat: SFTP key file upload, auth type dropdown, security hardening
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 6s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 23s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 13s
Universal: Build & Release / Promote to RC (pull_request) Failing after 11s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 34s
SFTP UX improvements: - SshKeyField: file upload button (FileReader → base64 → hidden field), key never displayed as readable text, __KEEP_EXISTING__ sentinel preserves DB value on re-save without re-uploading - Auth type dropdown: password / key file / key file + passphrase with conditional field visibility via showon - Required field markers on host, username, path, password - Remove insecure FTP option from remote storage dropdown Security: - Private key stored base64-encoded in database - SftpUploader decodes base64 before writing temp file - ProfileTable::store() handles sentinel to prevent key leakage - Key content never rendered in HTML form output |
||
|
gitea-actions[bot]
|
e465dfa6ee |
chore(version): pre-release bump to 01.35.01-dev [skip ci]
Publish to Composer / Publish Package (release) Failing after 42s
|
||
|
Jonathan Miller
|
3ac0318ba3 |
fix: move SFTP fields into remote fieldset for showon to work
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 7s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Universal: Build & Release / Promote to RC (pull_request) Failing after 12s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 49s
Joomla's showon JS only finds the controlling field (remote_storage) within the same rendered fieldset/tab. SFTP fields were in a separate fieldset so they were never shown. Moved into the remote fieldset alongside the dropdown. |
||
|
Jonathan Miller
|
f66100f74f |
feat: SFTP remote storage with key file auth + CLI restore options
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 13s
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 34s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 27s
SFTP support: - SftpUploader uses system scp/ssh binaries with key file auth - Private key stored as MEDIUMTEXT in profile table (sftp_key_data) - Key written to temp file (0600) at upload time, deleted after - Profile form: host, port, username, password, key textarea, passphrase, remote path — all with showon="remote_storage:sftp" - SQL migration for 7 new SFTP columns - Wired into BackupEngine, SteppedBackupEngine, PreflightCheck - API credential masking includes SFTP fields CLI restore options: - --files-only: restore files without touching database - --db-only: restore database without touching files - --no-preserve-config: overwrite configuration.php - --password: decryption password for encrypted archives |
||
|
gitea-actions[bot]
|
a27ec0f0b9 |
chore(release): build 01.34.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 6s
|
||
|
Jonathan Miller
|
ee21f7a373 |
feat: dashboard snapshot widget, backup trend chart, storage breakdown (#61)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 15s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 42s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 25s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3m18s
Add three new dashboard widgets: - Snapshot widget: latest snapshot info, type badges, item counts, link to snapshots view, total count - Backup trend: CSS bar chart showing daily backup sizes over 30 days, red bars for days with failures, tooltips with details - Storage breakdown: horizontal bars showing space used per profile with color coding and backup counts Closes #61 |
||
|
gitea-actions[bot]
|
50c016d707 |
chore(release): build 01.33.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 4s
|
||
|
Jonathan Miller
|
8c66fd3260 |
feat: backup comparison — diff two backup records (#64)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Failing after 3s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 8s
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 13s
Universal: PR Check / Secret Scan (pull_request) Successful in 10s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 16s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 1s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 14s
Select two backups and compare side-by-side: - AjaxController::compareBackups() returns metadata + deltas - Compare toolbar button (requires 2 checkboxes) - Modal shows size, files, tables, duration differences Closes #64 |
||
|
Jonathan Miller
|
4213def0ad |
feat: backup archive browser — view files without extracting (#59)
AJAX-powered file browser in backups list and detail views: - AjaxController::browseArchive() reads ZIP/tar.gz entries - Browse button on each backup row + detail view - Modal shows file list with names and sizes (first 500 entries) Closes #59 |
||
|
Jonathan Miller
|
8a4ebe1bde |
feat: selective article restore from snapshot (#58)
Browse articles inside a snapshot and restore individual items: - SnapshotRestoreEngine::restoreSelectedArticles() merges by ID - AjaxController::browseSnapshot() returns article list as JSON - SnapshotsController::restoreSelected() handles selective restore - Browse modal with checkboxes + Restore Selected button Closes #58 |
||
|
gitea-actions[bot]
|
29c7e974b5 |
chore(release): build 01.32.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 22s
|
||
|
Jonathan Miller
|
01bed8942c |
feat: AJAX stepped restore engine for large sites (#62)
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 9s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 32s
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Break restore into phases (extract, files, database, config, cleanup) executed via AJAX steps to avoid PHP timeout on shared hosting. - SteppedRestoreEngine with session persistence - AjaxController restoreInit/restoreStep endpoints - Restore modal uses AJAX progress instead of synchronous submit - Files copied in batches of 200, SQL in batches of 500 Closes #62 |
||
|
Jonathan Miller
|
391047d8e5 |
feat: email/ntfy notifications for restore operations (#60)
Send notifications when site restores and snapshot create/restore complete. Uses sendRestoreNotification() with type-specific subjects. All calls wrapped in try-catch to never break the actual operation. Closes #60 |
||
|
Jonathan Miller
|
5a672454ad |
feat: scheduled task for automated content snapshots (#56)
Add mokosuitebackup.snapshot task type for com_scheduler with params for content_types and description_format ([date]/[datetime] placeholders). Closes #56 |
||
|
gitea-actions[bot]
|
01335ac70f |
chore(release): build 01.31.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 26s
|
||
|
Jonathan Miller
|
c72e950a25 |
feat: REST API endpoints for content snapshots (#54)
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 6s
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Universal: PR Check / Secret Scan (pull_request) Successful in 10s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 15s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 39s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 17s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 1m49s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Add five endpoints matching the existing backup API pattern: - GET /snapshots — list with pagination - POST /snapshot — create (content_types, description) - POST /snapshot/:id/restore — restore (mode, content_types) - DELETE /snapshot/:id — delete record + file - GET /snapshot/:id/download — stream JSON file ACL: mokosuitebackup.snapshot.manage for write ops, core.manage for read. Routes registered in webservices plugin alongside backup routes. Closes #54 |
||
|
Jonathan Miller
|
5dcba6d8cb |
feat: auto-verify backup integrity after creation (#65)
After archive is created and checksum computed, automatically verify: - Archive opens without error - Contains at least one entry - database.sql present when backup type includes database - First entry is readable (spot-check) Applied to both BackupEngine and SteppedBackupEngine. Throws RuntimeException on verification failure (backup marked as failed). Closes #65 |
||
|
Jonathan Miller
|
0638c2cef6 |
feat: CLI command for content snapshots (#55)
Add `mokosuitebackup:snapshot` command with four actions: - create: --types=articles,categories,modules --description="text" - restore: --id=N --mode=replace|merge --types=articles - list: displays table of all snapshots - delete: --id=N removes file + DB record Closes #55 |
||
|
gitea-actions[bot]
|
f5e8d0fe03 |
chore(release): build 01.30.00 [skip ci]
Publish to Composer / Publish Package (release) Failing after 34s
|
||
|
Jonathan Miller
|
ad1c0cf349 |
fix: scope #__fields_values dump and restore to com_content.article
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Universal: PR Check / Secret Scan (pull_request) Successful in 7s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 11s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 28s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 17s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 2m55s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
The fields_values table is shared across all Joomla extensions. Previously, dump captured ALL field values and restore deleted ALL field values, destroying data for contacts, users, and other extensions. Now scoped via subquery on field_id WHERE context = 'com_content.article'. |
||
|
Jonathan Miller
|
8b6e260b28 |
fix: graceful degradation when remote upload fails (#66)
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Universal: PR Check / Secret Scan (pull_request) Successful in 11s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Has been skipped
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 44s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 47s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 17s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Remote upload failure (S3/FTP/GDrive) no longer marks the entire backup as failed. The local archive is preserved with status 'complete' and the upload failure is logged as a warning. Applies to both BackupEngine and SteppedBackupEngine. Closes #66 |
||
|
Jonathan Miller
|
eb7f48d3a2 |
feat: extend snapshots to include custom fields and tags (#57)
When articles are included in a snapshot, now also captures: - #__tags (tag definitions) - #__fields (custom field definitions for com_content.article) - #__fields_values (custom field values) - #__fields_categories (field-to-category mappings) Restore correctly scopes deletes to avoid touching non-content fields. Closes #57 |
||
|
Jonathan Miller
|
974b971340 |
feat: snapshot retention and automatic cleanup (#63)
Add retention settings for content snapshots (max count, max age days) in component options. System plugin runs cleanupOldSnapshots() alongside existing backup cleanup, deleting JSON files and DB records. Closes #63 |
||
|
Jonathan Miller
|
3328d7cf19 |
feat: backup type filter + path traversal protection (#68, #72)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 25s
Universal: Build & Release / Promote to RC (pull_request) Successful in 28s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 7s
Universal: PR Check / Secret Scan (pull_request) Successful in 5s
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 11s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
#68: Add backup type filter dropdown to backups list view - filter_backups.xml: full/database/files/differential options - BackupsModel: backup_type filter in getListQuery() - Language string: COM_MOKOJOOMBACKUP_FILTER_TYPE_ALL #72: Path traversal protection in RestoreEngine and MokoRestore - RestoreEngine::extractArchive(): validate ZIP entries before extractTo() - RestoreEngine::extractTarGz(): validate PharData entries before extractTo() - MokoRestore standalone script: same validation in generated PHP code - Rejects entries containing ../ or starting with / or \ Closes #68, closes #72 |
||
|
Jonathan Miller
|
9990240d2d |
fix: remaining audit findings — OOM, security, error handling (#81)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 5s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 22s
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Universal: PR Check / Secret Scan (pull_request) Successful in 7s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 49s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 2s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 46s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 2m32s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
CRITICAL: - #73: S3Uploader now streams file via CURLOPT_PUT/INFILE instead of loading entire file into RAM with file_get_contents - #74: DatabaseDumper gains dumpToFile() that streams SQL to disk; BackupEngine uses addFile() instead of addFromString() to avoid holding the entire dump in memory - #75: AkeebaImporter removes unserialize() — only uses json_decode, skips legacy serialized filter data to prevent object injection MEDIUM (also fixed): - BackupEngine: $archiveName initialized before try block (prevents undefined variable in catch) - BackupEngine: plaintext archive deleted on encryption failure - BackupEngine: temp SQL file cleaned up in both success and failure - BackupEngine: createArchiver() throws on unknown format instead of silently falling back to ZIP - TarGzArchiver: intermediate .tar cleaned up in finally block Closes #73, closes #74, closes #75 Ref #81 |
||
 jmiller
|
418db394a4 | Merge pull request 'chore: remove automation directory' (#82) from fix/remove-automation into main | ||
|
gitea-actions[bot]
|
6383e9b111 |
chore(version): pre-release bump to 01.27.03-dev [skip ci]
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 21s
Publish to Composer / Publish Package (release) Failing after 44s
Branch Cleanup / Delete merged branch (pull_request) Failing after 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s
|
||
|
Jonathan Miller
|
2395a4eabc |
fix: critical and high audit findings (#81)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 5s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 9s
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 17s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 7m48s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Fixes all critical and high severity issues from the codebase audit: CRITICAL: - #71: RestoreCommand passed wrong args to RestoreEngine (filepath instead of record ID) — CLI restore was completely broken - #72: JpaUnarchiver path traversal — added traversal rejection and realpath boundary check to prevent writes outside staging dir - #77: RestoreEngine staging path sanitized — $record->tag stripped of non-alphanumeric characters HIGH: - #75: (noted, AkeebaImporter unserialize needs separate refactor) - #76: BackupTable now deletes DB row before file — prevents data loss if DB delete fails - #78: API profiles endpoint now masks sensitive fields (passwords, keys, tokens) with '***' - #79: Webcron handler adds return after sendJsonResponse — prevents execution falling through on non-terminal close() - #80: BackupModel/ProfileModel loadFormData() now casts array to object — prevents TypeError on PHP 8.x form state restore PREFLIGHT HARDENING: - PreflightCheck::run() wrapped in try-catch for DB exceptions - mkdir() failure now includes actual error reason - Unresolved placeholders generate a warning instead of silent return Closes #71, closes #76, closes #77, closes #78, closes #79, closes #80 Ref #72, ref #81 |