4d74627720a4411bda3152d8ef930f0e8e493294
12 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Jonathan Miller
|
e5fb88e1a4 |
feat: auto-create default scheduled task on install, fix AkeebaImporter constants
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Create "Monthly Full Backup" scheduled task (30-day interval, profile 1, 03:00 execution) on fresh install via com_scheduler - Skips if any MokoJoomBackup task already exists - Failure notifications enabled to Super Users group by default - Replace hardcoded backup dir paths in AkeebaImporter with BackupDirectory::DEFAULT_RELATIVE constant |
||
|
Jonathan Miller
|
df44518611 |
fix: skip all postflight actions on uninstall, add install warnings
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 8s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Early return on uninstall to prevent license warning, menu sync, and default-dir check from running during package removal - Add warnDefaultBackupDir() — warns on install/update if any profile uses the default web-root backup directory - Add profile review reminder on fresh install with link to profiles view |
||
|
Jonathan Miller
|
814d1b147c |
refactor: extract BackupDirectory utility to eliminate code duplication
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 8s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Create BackupDirectory utility class with centralized: - DEFAULT_RELATIVE constant and PLACEHOLDER constant - resolve() — path resolution with [DEFAULT_DIR] and relative path handling - hasPlaceholders() — check for unresolved placeholder tokens - isWebAccessible() — web-root boundary check - protect() — .htaccess and index.html creation with error logging - ensureReady() — mkdir + protect in one call - parseNewlineList() — newline-separated text parsing - logPathFromArchive() — derive .log path from archive path - Remove duplicated methods from BackupEngine, SteppedBackupEngine, ProfileTable, AjaxController, and DashboardModel - All consumers now use BackupDirectory static methods - Net reduction: ~180 lines of duplicated code eliminated |
||
|
Jonathan Miller
|
41b481dbfe |
fix: address code review — Apache 2.4 htaccess, browseDir traversal, SQL cast
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 3s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 9s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 9s
Universal: PR Check / Validate PR (pull_request) Failing after 12s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || 'development' }}) (pull_request_target) Failing after 14s
Universal: Build & Release / Promote to RC (pull_request) Successful in 19s
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 7s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Update .htaccess content to support both Apache 2.4 (Require all denied) and Apache 2.2 (Order deny,allow) in all four locations - Guard browseDir parent navigation to prevent escaping allowed boundaries - Add explicit (int) cast on viewLog SQL query for defense-in-depth |
||
|
Jonathan Miller
|
e72a007041 |
fix: address PR review — error logging, ACL check, fetch error handling
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 7s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 10s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || 'development' }}) (pull_request_target) Failing after 10s
Universal: Build & Release / Promote to RC (pull_request) Successful in 14s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
- Log failures in protectBackupDir() and protectWebAccessibleDir() instead of silently suppressing with @ (security-critical .htaccess writes) - Add error_log() to empty catch blocks in boot() and syncMenuIcons() - Add core.manage ACL check to checkDir() AJAX endpoint - Surface opendir() failures in browseDir() with warning message - Add HTTP status check (r.ok) to JS fetch calls before parsing JSON - Log temp SQL file deletion failures in SteppedBackupEngine |
||
|
Jonathan Miller
|
6e18c77670 |
feat: add submenu icons via FA6 CSS injection and sync menu icons on install
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 7s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Inject Font Awesome 6 icons for Dashboard, Backups, and Profiles submenu items via MokoJoomBackupComponent::boot() using WebAssetManager - Add syncMenuIcons() to installer script to set img column in #__menu on both install and update (Joomla doesn't refresh icons on upgrade) - Add encryptionPassword property to SteppedSession for stepped backup encryption support |
||
|
Jonathan Miller
|
608aeb3641 |
feat: add dashboard menu, [DEFAULT_DIR] placeholder, live dir validation, and backup security
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 8s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Add Dashboard as first submenu entry in component manifest - Add [DEFAULT_DIR] placeholder to PlaceholderResolver for portable profiles - Add live AJAX directory permission checking on backup_dir field changes - Add web-accessible warning badge on backup download buttons - Auto-create .htaccess protection in web-accessible backup dirs on profile save - Auto-create .htaccess protection at backup time in both engines - Add checkDir AJAX endpoint for real-time directory validation - Fix script.php warnMissingLicenseKey running on uninstall |
||
|
Jonathan Miller
|
026b72deed |
fix: address all PR review findings — error handling, security, validation
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Failing after 15s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 6s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Generic: Repo Health / Release configuration (push) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Release configuration (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Security: - browseDir restricted to JPATH_ROOT and current user $HOME (not all /home/) - MokoRestore db_prefix validated with regex to prevent SQL injection - MokoRestore DB import returns failure when zero statements succeed Error handling (fatal — would produce corrupt backups): - BackupEngine/SteppedEngine mkdir() checked, returns error on failure - SteppedSession save() checked, throws on write failure - SteppedEngine SQL dump file_put_contents checked, throws on failure - MokoRestore configuration.php write checked, throws on failure Error handling (logged — secondary operations): - BackupEngine dispatchAfterRun catch block logs to error_log - BackupEngine/SteppedEngine log file write failures logged - NotificationSender user group email resolution logged - script.php download key save/restore logged Operational fixes: - Cleanup plugin: don't delete DB record if file unlink fails (prevents orphans) - BackupEngine: count and log skipped unreadable files - BackupEngine: handle MokoRestore rename failure gracefully - SteppedEngine: add S3Uploader to stepUpload match (feature parity) Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jonathan Miller
|
8338eabf81 | fix: replace showUpdateSiteNotice with warnMissingLicenseKey (MokoWaaS pattern) | ||
|
Jonathan Miller
|
67329507f4 |
feat: beforeunload warning during backup, placeholder-aware directory checks
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Generic: Repo Health / Release configuration (push) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
- Browser warns before closing/navigating while backup is in progress - FolderPickerField shows info status for paths with [placeholders] instead of "Directory not found" - Dashboard health check skips filesystem check when backup_dir uses placeholders (resolved at backup time by PlaceholderResolver) Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jonathan Miller
|
37d325f1ed |
chore: rename mokobackup to mokojoombackup throughout
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 3s
Generic: Repo Health / Release configuration (push) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Full rename of all extension elements, namespaces, language keys, database tables, file names, and directory names: - pkg_mokobackup → pkg_mokojoombackup - com_mokobackup → com_mokojoombackup - plg_*_mokobackup → plg_*_mokojoombackup - MokoBackup namespace → MokoJoomBackup - #__mokobackup_ tables → #__mokojoombackup_ - COM_MOKOBACKUP_ keys → COM_MOKOJOOMBACKUP_ Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jonathan Miller
|
a13f7ca6a6 |
chore: rename src/ to source/ per MokoStandards convention
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Failing after 3s
Generic: Repo Health / Release configuration (push) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Update all references in Makefile, manifest.xml, .gitignore, and CI workflows (ci-joomla, pr-check, repo-health) to use source/ as the primary directory with src/ as a fallback for compatibility. Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |