-
v1.1.0 Stable
javier released this
2026-03-28 15:38:49 +00:00 | 0 commits to main since this release1.1.0
Release date: 2026-03-28
Highlights
- Editor-level access: editors can now manage documentation mappings without administrator privileges
- Full PHPStan level 9 compliance — zero errors across all plugin files
- Security patch for two CVEs in league/commonmark
target_order(menu_order) field fully implemented end-to-end
Security
- Patched CVE-2026-33347 and CVE-2026-30838 by upgrading league/commonmark to 2.8.2
Changed
- Access level changed from
manage_options(administrator) toedit_pages(editor) across all admin pages, form handlers, and debug functions robotstxt_docmd_debug_run_cron()now has a typedint $mapping_idparameter
Fixed
- PHPStan level 9: replaced all implicit
mixedcasts with proper type-narrowing viais_string(),is_int(), andis_numeric()guards - New
robotstxt_docmd_input_string()androbotstxt_docmd_input_int()helpers used for all superglobal ($_POST,$_GET) access MappingDataandMappingInputglobal type aliases defined inphpstan.neon— file-level@phpstan-typealiases do not propagate between files in PHPStan 2.x procedural codetarget_orderfield was rendered in the form UI but never saved to post meta or applied during sync — now fully implementedopenssl_decrypt()false return properly handled in token decryptionget_edit_post_link()null return handled safely in debug run-cron output- Redundant
isset()guards removed on statically-typed array shapes - Uninstall handler narrows
get_option()mixed return before array access size_format()false return handled in discover-page file list- Settings and debug functions use
is_array()narrowing onget_option()before accessing keys json_decode()results in GitHub debug functions fully type-narrowed before key access
Developer Features
- PHPStan level 9: 0 errors (down from 104 in v1.0.0)
phpstan.neonnow includes globalMappingDataandMappingInputtype aliasesrobotstxt-updater.phpmoved tobootstrapFilesin PHPStan config to avoid strict analysis of shared utility$defaultparameter renamed to$fallbackin helpers (reserved keyword warning)- Short ternary (
?:) replaced with explicitfalse !==check (PHPCS rule)
Compatibility
- WordPress: 6.7 - 7.0
- PHP: 8.2 - 8.4 (verified on PHP 8.4.x)
- MariaDB: 10.6 or newer
Dependencies
league/commonmark: 2.8.0 → 2.8.2 (security patch)eduardovillao/wp-since: 1.3.0 → 1.4.0phpunit/phpunitheld at ^10.5 (v13.x available; pending test suite migration)squizlabs/php_codesnifferheld at ^3.13 (v4.x available; pending WPCS 4.x confirmation)
Tests
- PHP Coding Standards: PHPCS 3.x with WordPress-Extra ruleset — 0 errors, 0 warnings
- WordPress Coding Standards: WPCS 3.3
- PHPStan: level 9, 0 errors (szepeviktor/phpstan-wordpress extension)
- PHPCompatibility: PHP 8.2 - 8.4 validated
- Manual testing: WordPress 6.8, 7.0
Downloads
-
robotstxt-documentation-markdown-1.1.0.zip
0 downloads ·
2026-03-28 15:37:48 +00:00 · 523 KiB
-
v1.0.0 Stable
2026-01-30 18:51:44 +00:00 | 1 commits to main since this release1.0.0
Release date: 2026-01-26
Highlights
- Initial release of Documentation Markdown plugin
- Automatic synchronization of Markdown files from GitHub to WordPress
- Full support for GitHub Flavored Markdown
- Encrypted GitHub token storage
- Flexible mapping system for multiple repositories
Added
- Core synchronization functionality between GitHub and WordPress
- Automatic scheduled sync (hourly, twice daily, daily)
- Manual on-demand sync via admin interface
- Markdown to HTML conversion using CommonMark (league/commonmark)
- Flexible file-to-content mapping system
- Custom Post Type (robotstxt_map) for mapping management
- Encrypted GitHub token storage (AES-256-CBC)
- Full internationalization support (i18n/l10n ready)
- Multi-repository support
- Clean admin interface with status badges
- Support for pages, posts, and custom post types as sync targets
- Configurable post author and parent page
- Page order (menu_order) support
- Debug tools for troubleshooting (visible when WP_DEBUG enabled)
- Cron job management and repair tools
- Clean uninstall with optional data deletion
- Settings page for GitHub configuration
- Mappings management interface (list, add, edit, delete)
- Sync status monitoring with timestamps
- Rate limiting awareness for GitHub API
- Cache system using WordPress Transients API
Security
- All user input sanitized using WordPress functions
- All output escaped (esc_html, esc_attr, esc_url)
- Nonce verification on all forms and actions
- Capability checks for all admin actions (manage_options)
- Prepared statements for all database queries
- GitHub tokens encrypted at rest using AES-256-CBC
- OWASP Top 10 mitigation implemented
- Direct access prevention on all PHP files
- CSRF protection on all state-changing operations
- XSS prevention through proper escaping
- SQL injection prevention through prepared statements
Developer Features
- Procedural PHP architecture following KISS principles
- PHP 8.2+ modern features (typed parameters, match expressions)
- Complete PHPDoc documentation on all functions
- WordPress Coding Standards (WPCS) compliant
- PHPCS/WPBF validated (0 errors, 0 warnings)
- Extensible architecture with WordPress hooks
- Clean, well-documented codebase
- Composer-based dependency management
- Production-optimized deployment script (bin/deploy.sh)
Compatibility
- WordPress: 6.7 - 6.9
- PHP: 8.2 - 8.5
- MariaDB: 10.6 or newer
Tests
- PHP Coding Standards: PHPCS 3.x with WordPress-Extra ruleset
- WordPress Coding Standards: WPCS 3.3
- PHPCompatibility: PHP 8.2 - 8.5 validated
- Security Audit: Complete OWASP Top 10 coverage
- Manual testing: WordPress 6.7, 6.8, 6.9
Downloads
-
robotstxt-documentation-markdown-1.0.0.zip
8 downloads ·
2026-01-30 18:47:58 +00:00 · 520 KiB