MokoConsulting/MokoSuiteCross
1
0
Fork 0
Code Issues 44 Pull Requests Releases 2 Wiki Activity

Test: deep scan fixes — curl bugs, type errors, namespace, security hardening #147

New Issue
Open
opened 2026-06-21 23:04:08 +00:00 by jmiller · 0 comments
jmiller commented 2026-06-21 23:04:08 +00:00
Owner
Copy Link
Copy Source

Summary

Verify all fixes from the deep code scan (commits 3d20380 and 122b04f).

Test Checklist

Duplicate curl fixes (3 plugins)

  • ConvertKit: Create a service, test publish — should authenticate with $apiSecret correctly
  • Brevo: Create a service, test publish — should use api-key: header (not Bearer)
  • Constant Contact: Create a service, test publish — single curl call executes

Type/logic fixes

  • Medium: Publish with invalid token — should fail gracefully (no PHP type error)
  • Mailchimp: Create campaign with valid credentials — campaign creation succeeds (HTTP 201 now accepted)
  • Mailchimp: Set campaign content — still works (HTTP 200 check unchanged)

Security fixes

  • ServiceController: Test Connection with invalid credentials — error message shown without stack trace
  • Bluesky: Authenticate and publish — session cache still works (sha256 key)

XML namespace fixes (9 plugins)

  • Discord: Plugin loads in Extensions → Plugins, service type selectable
  • Facebook: Plugin loads, publish works
  • LinkedIn: Plugin loads, publish works
  • Mailchimp: Plugin loads, publish works
  • Mastodon: Plugin loads, publish works
  • Slack: Plugin loads, publish works
  • Telegram: Plugin loads in both default and custom mode
  • Twitter/X: Plugin loads, publish works
  • Bluesky: Plugin loads, publish works

Related

  • Closes #146 (deep scan bugs)
  • Related to #139 (original 4 duplicate curl fixes)
## Summary Verify all fixes from the deep code scan (commits `3d20380` and `122b04f`). ## Test Checklist ### Duplicate curl fixes (3 plugins) - [ ] **ConvertKit**: Create a service, test publish — should authenticate with `$apiSecret` correctly - [ ] **Brevo**: Create a service, test publish — should use `api-key:` header (not Bearer) - [ ] **Constant Contact**: Create a service, test publish — single curl call executes ### Type/logic fixes - [ ] **Medium**: Publish with invalid token — should fail gracefully (no PHP type error) - [ ] **Mailchimp**: Create campaign with valid credentials — campaign creation succeeds (HTTP 201 now accepted) - [ ] **Mailchimp**: Set campaign content — still works (HTTP 200 check unchanged) ### Security fixes - [ ] **ServiceController**: Test Connection with invalid credentials — error message shown without stack trace - [ ] **Bluesky**: Authenticate and publish — session cache still works (sha256 key) ### XML namespace fixes (9 plugins) - [ ] **Discord**: Plugin loads in Extensions → Plugins, service type selectable - [ ] **Facebook**: Plugin loads, publish works - [ ] **LinkedIn**: Plugin loads, publish works - [ ] **Mailchimp**: Plugin loads, publish works - [ ] **Mastodon**: Plugin loads, publish works - [ ] **Slack**: Plugin loads, publish works - [ ] **Telegram**: Plugin loads in both default and custom mode - [ ] **Twitter/X**: Plugin loads, publish works - [ ] **Bluesky**: Plugin loads, publish works ## Related - Closes #146 (deep scan bugs) - Related to #139 (original 4 duplicate curl fixes)
Sign in to join this conversation.
Labels
No items
No labels
Priority Medium
Type Feature
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoSuiteCross#147
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?