Snider
13670ebb34
Add dependency guards and PHPDoc documentation
...
Dependency guards for optional modules:
- Remove hard use statements for Core\Mod\*, Core\Plug\* classes
- Add class_exists() guards before using optional dependencies
- Change type hints to ?object with docblock annotations
- Add fallback behavior when optional modules not installed
Files with dependency guards added:
- Cdn/Console/CdnPurge.php (Workspace, Purge)
- Cdn/Console/PushAssetsToCdn.php (VBucket)
- Cdn/Boot.php (CdnManager, StorageManager)
- Cdn/Jobs/PushAssetToCdn.php (StorageManager)
- Front/Admin/AdminMenuRegistry.php (User, Workspace, EntitlementService)
- Front/Admin/Contracts/*.php (User, Workspace)
- Front/Admin/View/Components/Sidemenu.php (User, WorkspaceService)
- Front/Mcp/McpContext.php (AgentPlan)
Comprehensive PHPDoc documentation:
- ModuleScanner.php - Scanner mechanics and priority system
- ModuleRegistry.php - Registration flow and querying
- LazyModuleListener.php - Lazy loading mechanism
- LifecycleEventProvider.php - Lifecycle phases
- All Event classes - When fired, context, examples
- Service contracts - HealthCheckable, ServiceDefinition
- Admin contracts - AdminMenuProvider, DynamicMenuProvider
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-22 19:24:39 +00:00
Snider
c6993dbfca
Prepare for open-source release
...
Remove internal branding:
- Replace "Snide" codename with "Core" in documentation
- Remove "host-uk/core" package name check in Boot.php
- Remove company references from CDN service comments
- Remove hardcoded fallback domains
Improve generated code clarity:
- Add [USER] prefix to TODO comments in MakePlugCommand templates
- Add header comments explaining generated files need implementation
- Convert dashboard TODOs to placeholder UI sections
- Remove internal roadmap TODOs from route files
Add EUPL-1.2 license headers:
- Added license header to 231 PHP files
- Skipped 208 Blade templates (HTML, not PHP)
Update release documentation:
- Mark critical and high issues as fixed in RELEASE-BLOCKERS.md
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-22 18:45:52 +00:00
Snider
606176585c
Fix critical and high severity issues from code review
...
Security fixes:
- Fix XSS in JSON-LD output via JSON_HEX_TAG (Seo module)
- Fix SQL injection via LIKE wildcards (Config module)
- Fix regex injection in env updates (Console module)
- Fix weak token hashing with HMAC-SHA256 (CDN module)
- Mask database credentials in install output (Console module)
New features:
- Add MakeModCommand, MakePlugCommand, MakeWebsiteCommand scaffolds
- Add event prioritization via array syntax in $listens
- Add EventAuditLog for tracking handler execution and failures
- Add ServiceVersion with semver and deprecation support
- Add HealthCheckable interface with HealthCheckResult
- Add ServiceStatus enum for service health states
- Add DynamicMenuProvider for uncached menu items
- Add LangServiceProvider with auto-discovery and fallback chains
Improvements:
- Add retry logic with exponential backoff (CDN uploads)
- Add file size validation before uploads (100MB default)
- Add key rotation mechanism for LthnHash
- Add Unicode NFC normalization to Sanitiser
- Add configurable filter rules per field (Input)
- Add menu caching with configurable TTL (Admin)
- Add Redis fallback alerting via events (Storage)
- Add Predis support alongside phpredis (Storage)
- Add memory safety checks for image processing (Media)
- Add SchemaValidator for schema.org validation (SEO)
- Add translation key validation in dev environments
Bug fixes:
- Fix nested array filtering returning null (Sanitiser)
- Fix race condition in EmailShieldStat increment
- Fix stack overflow on deep JSON nesting (ConfigResolver)
- Fix missing table existence check (BlocklistService)
- Fix missing class_exists guards (Search, Media)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-21 20:20:14 +00:00
