php-framework/docs/changelog.md

# Changelog

All notable changes to Core PHP Framework will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

### Added
- Comprehensive documentation for all core packages
- Usage alert system for workspace quota monitoring
- Tool analytics and performance tracking for MCP

### Changed
- Improved workspace context validation
- Enhanced security headers configuration

## [1.0.0] - 2026-01-26

Initial public release of Core PHP Framework.

### Added

#### Core Package
- Event-driven module system with lazy loading
- Multi-tenancy with Workspaces and Namespaces
- CDN integration (BunnyCDN, FluxCDN support)
- Actions pattern for business logic
- Configuration management with profiles and versioning
- Activity logging with GDPR compliance
- Media processing with image optimization
- Unified search with analytics
- SEO tools (metadata, sitemaps, structured data)
- Security headers middleware
- Email validation with disposable domain detection
- Privacy helpers (IP hashing, data anonymization)

#### Admin Package
- HLCRF layout system (Hierarchical Layout Component Rendering Framework)
- Form components with authorization props
- Full-page Livewire modals with file uploads
- Global search with providers and analytics
- Admin menu registry with badges and authorization
- UI components (cards, stats, tables, badges, alerts)
- Authorization integration with Gates and Policies

#### API Package
- RESTful API with OpenAPI documentation
- API key management with bcrypt hashing
- Scope-based permissions system
- Webhook delivery with HMAC signatures
- Rate limiting with tier-based quotas
- Automatic retry logic with exponential backoff
- OpenAPI 3.0 spec generation
- Multiple documentation viewers (Swagger, Scalar, ReDoc)

#### MCP Package
- Query Database tool with SQL validation
- Workspace context isolation
- Tool analytics and usage tracking
- Tier-based usage quotas
- SQL injection prevention
- Workspace boundary enforcement
- Performance metrics (P95, P99 latency)
- Error tracking and alerting

#### Multi-Tenancy
- Workspace isolation with automatic scoping
- Namespace support for agencies/white-label
- Workspace invitations system
- Entitlements and feature gating
- Usage tracking per workspace
- Member management

### Security

#### Initial Security Measures
- SQL injection prevention in MCP tools
- Workspace context validation
- API key hashing with bcrypt
- Webhook signature verification (HMAC-SHA256)
- IP address hashing for GDPR
- Security headers (CSP, HSTS, X-Frame-Options)
- Rate limiting per workspace tier
- Scope-based API permissions
- Action Gate for route-level authorization

## Version History

### Versioning Scheme

Core PHP Framework follows [Semantic Versioning](https://semver.org/):

- **MAJOR** version for incompatible API changes
- **MINOR** version for backwards-compatible functionality
- **PATCH** version for backwards-compatible bug fixes

### Upgrade Guides

When upgrading between major versions, refer to the upgrade guide:

- [Upgrading to 2.0](#) (coming soon)

### Package Changelogs

Detailed changelogs for individual packages:

- [Core Package](/packages/core-php/changelog/)
- [Admin Package](/packages/core-admin/changelog/)
- [API Package](/packages/core-api/changelog/)
- [MCP Package](/packages/core-mcp/changelog/)

## Release Schedule

- **Major releases:** Annually
- **Minor releases:** Quarterly
- **Patch releases:** As needed for bug fixes and security

## Support Policy

| Version | PHP Version | Laravel Version | Support Until |
|---------|-------------|-----------------|---------------|
| 1.x     | 8.2+        | 11.x            | 2027-01-26    |

### Security Updates

Security updates are provided for:
- Current major version: Full support
- Previous major version: Security fixes only (12 months)

## Notable Changes by Category

### Breaking Changes

None yet! This is the initial release.

### Deprecations

None yet! This is the initial release.

### New Features

See [1.0.0](#100---2026-01-26) release notes above.

### Bug Fixes

This is the initial release, so no bug fixes yet.

## Migration Guides

### From Host Hub Internal

If you're migrating from the internal Host Hub codebase:

1. **Namespace changes:**
   - `App\` → `Core\`, `Mod\`, `Website\`
   - Update imports throughout

2. **Module registration:**
   - Remove manual service provider registration
   - Modules auto-discovered via `Boot.php`

3. **Event names:**
   - `RouteRegistering` → `WebRoutesRegistering`
   - `AdminBooting` → `AdminPanelBooting`

4. **Configuration:**
   - Move config to database with ConfigService
   - Use profiles for environment-specific values

5. **Multi-tenancy:**
   - Add `BelongsToWorkspace` trait to models
   - Update queries to respect workspace scope

## Contributing

See [Contributing Guide](/contributing) for how to contribute to Core PHP Framework.

## License

Core PHP Framework is open-source software licensed under the [EUPL-1.2](https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12).

## Credits

### Core Team

- [Host UK](https://host.uk) - Original development

### Contributors

Thank you to all contributors who have helped shape Core PHP Framework!

See [Contributors](https://github.com/host-uk/core-php/graphs/contributors) on GitHub.

### Acknowledgments

Built with:
- [Laravel](https://laravel.com) - The PHP framework
- [Livewire](https://livewire.laravel.com) - Full-stack framework for Laravel
- [Alpine.js](https://alpinejs.dev) - Lightweight JavaScript framework
- [Tailwind CSS](https://tailwindcss.com) - Utility-first CSS framework

Special thanks to the open-source community!

---

For more information, visit:
- [Documentation](https://core.help/)
- [GitHub Repository](https://github.com/host-uk/core-php)
- [Issue Tracker](https://github.com/host-uk/core-php/issues)