a515ba8761c8c20629f731ef35c3bf53e61afb23
7 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
68605ffc05 |
refactor(remote): remove legacy single-remote storage in favor of remotes table
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 25s
Drops the per-profile remote_storage column and all legacy FTP/SFTP/S3/ Google Drive credential columns. Remote destinations are now sourced exclusively from #__mokosuitebackup_remotes (multi-remote), which is created at install time — so the backward-compat fallback branches in BackupEngine, SteppedBackupEngine and loadRemoteDestinations are removed. - sql: drop 26 legacy columns (install.mysql.sql + 02.52.25.sql migration) - forms/profile.xml: remove legacy remote fields and ftp/gdrive/s3 fieldsets - tmpl/profile/edit.php: drop legacy UI, add save-first prompt, use getOrCreateInstance for the modal, read item.params (was item.config) - PreflightCheck: validate credentials from the remotes table; curl warning now applies to ntfy only - SteppedSession: drop remoteStorage property - language: add backup-record delete-count strings - script.php: simplify postflight license-key prompt |
||
|
|
aefa46e0c4 |
fix: use warning status when backup succeeds but remote upload fails
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 19s
Previously a successful backup with a failed remote upload was marked as "complete", hiding the upload failure. Now these records get a "warning" status with a yellow badge so operators can see at a glance which backups didn't reach their remote destination. Warning-status records are treated as usable backups throughout: - Downloadable, browsable, and restorable (the archive is intact) - Counted in dashboard stats, storage totals, and success streaks - Included in purge operations and differential base lookups - Shown with yellow "warning" badge in list, detail, and cpanel module - Filterable via the status dropdown on Backup Records Claude-Session: https://claude.ai/code/session_01MbEjBtsSjPuTWhqqrMS2wG |
||
|
|
b26a21820b |
fix: auto-cancel stalled backups after 30 min timeout
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 29s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Failing after 14s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 43s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 47s
Generic: Project CI / Tests (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
PreflightCheck now auto-cancels "running" backup records that have exceeded 30 minutes, treating them as stalled. Partial archive files are cleaned up. The auto-cancelled records are surfaced as warnings so the user knows what happened. Records younger than 30 minutes are assumed to be legitimately running and still block new backups for the same profile. Claude-Session: https://claude.ai/code/session_01MbEjBtsSjPuTWhqqrMS2wG |
||
|
|
1eb1c18bdf |
fix: add cancel stalled backup action with ACL permission
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 18s
Backups stuck in "running" status block all future backups for the same profile via the preflight check. Previously the only fix was a manual DB update. Adds a toolbar button and AJAX endpoint to cancel stalled backups: - New ACL permission: mokosuitebackup.backup.cancel - BackupsController::cancelStalled() for toolbar (multi-select) - AjaxController::cancelBackup() for AJAX/API use - Sets status to "fail", cleans up partial archive files - Updated preflight error message to mention the cancel action - Language keys for en-GB and en-US Claude-Session: https://claude.ai/code/session_01MbEjBtsSjPuTWhqqrMS2wG |
||
|
|
f66100f74f |
feat: SFTP remote storage with key file auth + CLI restore options
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 13s
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 34s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 27s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
SFTP support: - SftpUploader uses system scp/ssh binaries with key file auth - Private key stored as MEDIUMTEXT in profile table (sftp_key_data) - Key written to temp file (0600) at upload time, deleted after - Profile form: host, port, username, password, key textarea, passphrase, remote path — all with showon="remote_storage:sftp" - SQL migration for 7 new SFTP columns - Wired into BackupEngine, SteppedBackupEngine, PreflightCheck - API credential masking includes SFTP fields CLI restore options: - --files-only: restore files without touching database - --db-only: restore database without touching files - --no-preserve-config: overwrite configuration.php - --password: decryption password for encrypted archives |
||
|
|
2395a4eabc |
fix: critical and high audit findings (#81)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 5s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 9s
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 17s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 7m48s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Fixes all critical and high severity issues from the codebase audit: CRITICAL: - #71: RestoreCommand passed wrong args to RestoreEngine (filepath instead of record ID) — CLI restore was completely broken - #72: JpaUnarchiver path traversal — added traversal rejection and realpath boundary check to prevent writes outside staging dir - #77: RestoreEngine staging path sanitized — $record->tag stripped of non-alphanumeric characters HIGH: - #75: (noted, AkeebaImporter unserialize needs separate refactor) - #76: BackupTable now deletes DB row before file — prevents data loss if DB delete fails - #78: API profiles endpoint now masks sensitive fields (passwords, keys, tokens) with '***' - #79: Webcron handler adds return after sendJsonResponse — prevents execution falling through on non-terminal close() - #80: BackupModel/ProfileModel loadFormData() now casts array to object — prevents TypeError on PHP 8.x form state restore PREFLIGHT HARDENING: - PreflightCheck::run() wrapped in try-catch for DB exceptions - mkdir() failure now includes actual error reason - Unresolved placeholders generate a warning instead of silent return Closes #71, closes #76, closes #77, closes #78, closes #79, closes #80 Ref #72, ref #81 |
||
|
|
edb202071c |
feat: add pre-flight checks before backup starts (#67)
Universal: Auto Version Bump / Version Bump (push) Successful in 9s
Validate backup prerequisites before creating any record, catching common issues early with clear messages instead of failing mid-backup. Pre-flight checks: - Required PHP extensions (zip, pdo, pdo_mysql, mbstring, curl) - Backup directory exists and is writable - Sufficient disk space (last backup size + 20% buffer, skipped if no previous backup exists) - No other backup already running for this profile - Excluded tables exist in database (warns on missing) - Remote storage credentials minimally configured (FTP/S3/GDrive) Errors block the backup; warnings are logged and displayed but allow the backup to proceed. Integrated into both BackupEngine::run() and SteppedBackupEngine::init() before any record is inserted. UI: AJAX init response includes warnings array, displayed in the stepped backup progress modal. Closes #67 |