Commit Graph

78 Commits

Author SHA1 Message Date
Vladimir Bryzgalov 4debe8287a wp-plugin-info.json: update for 1.2.1 2026-05-01 20:20:30 +05:00
Vladimir Bryzgalov 0cc1266912 release: 1.2.1 v1.2.1 2026-05-01 20:20:29 +05:00
Vladimir Bryzgalov f510ac484a fix(cron): self-heal scheduled events on every boot + on plugin upgrade
Pilot on washanyanya.ru lost the cf7stg_dispatch cron event somewhere
between 21.04 and 01.05 — wp_next_scheduled('cf7stg_dispatch') returned
NULL, queue had 6 pending rows, sent-24h=0, failed=0, no error trail.
Settings/token were intact. The most likely cause is the PUC self-update
to 1.2.0: WordPress plugin upgrades replace files but do NOT call
register_activation_hook, so Activator::activate() never re-ran and any
cron event Activator::deactivate() had cleared (or that was lost for any
other reason) stayed missing.

Two-part fix:

1. Activator::ensure_scheduled() — extracted from the old private
   schedule_events(), now public and idempotent. wp_next_scheduled()
   short-circuits when events are already queued, so it's safe to call
   on every request. Plugin::boot() invokes it on plugins_loaded — every
   admin or front-end hit auto-heals lost cron events.

2. Activator::on_upgrade_complete() bound to upgrader_process_complete.
   When WordPress finishes upgrading THIS plugin (matched via
   plugin_basename + $hook_extra['plugins']), we re-run install_table()
   (idempotent dbDelta), seed_silent_drop_options() (uses add_option,
   preserves user values), and ensure_scheduled(). guard_requirements
   is intentionally skipped — wp_die mid-upgrade would leave admin in
   a broken state, and the host obviously meets requirements since the
   old version is currently running.

Tests untouched (this is integration code wrapping WP-only APIs); full
suite still 126/126 green.

Changelog entry for 1.2.1 added to readme.txt.
Stable tag and CF7STG_VERSION will be bumped by release.sh.

Refs: cp-1lg

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 20:19:34 +05:00
Vladimir Bryzgalov ad14d0e6e3 docs: add deploy-to-sites guide for juniors
Installing/updating the plugin on client sites. Covers the two scenarios
(first-time manual install vs. auto-update after 1.2.0), SSH/admin install
paths, smoke tests, and common troubleshooting.
2026-04-22 00:12:18 +05:00
Vladimir Bryzgalov 1fd330fa0e refactor(release): use pretty download_url from /releases/{id} API
Gitea's POST /releases/{id}/assets endpoint returns an internal
/attachments/<uuid> URL. GET /releases/{id} returns the pretty
/<owner>/<repo>/releases/download/<tag>/<name> URL for the same asset.

Both resolve to the same bytes (verified: 207949 for 1.2.0 zip).
Pretty URL is preferred: filename is visible in the URL (better for
WP admin «View version details» and manual downloads), consistent
across Gitea instances (UUID format is git.netranking.ru-specific
Postgres attachment storage).

Also: switch `echo "$VAR" | jq` to `jq ... <<< "$VAR"`
herestring for CREATE_RESPONSE parsing — macOS /bin/echo can
interpret backslash-escapes in multi-line JSON bodies and corrupt
jq input.

wp-plugin-info.json for 1.2.0 patched in-place to use the pretty URL
for consistency with future releases. Both URLs continue to work;
domработница.рус's next PUC poll will refresh its local transient
to the pretty URL (version comparison stays 1.2.0 == 1.2.0, so no
update notice).

Closes cf7stg-pmf (T20).
2026-04-22 00:08:49 +05:00
Vladimir Bryzgalov 79e46ccf7e fix(release): post-mortem fixes discovered during 1.2.0 release
Issue 1: `unzip -l "$ZIP_PATH" | grep -q ...` combined with set -o
pipefail silently fails when grep -q exits on first match and SIGPIPEs
the upstream unzip (which has not yet finished streaming the long file
list). pipefail sees unzip's non-zero exit and fails the pipeline, so
the guard thinks the file is missing. Fix: capture unzip -l output to
a variable once, then grep the string via herestring. The first two
sanity checks using `unzip -p` (short output, tight race window) were
not affected.

Issue 2: test_wp_plugin_info_json_download_url_contains_expected_asset_name
assumed Gitea asset URLs always contain the asset filename. This is
not true on git.netranking.ru, which returns /attachments/<uuid> — a
UUID-only URL. Relaxed the test to assert the URL is an HTTPS Gitea
URL; freshness of download_url is enforced indirectly via the
version-match test.

Post-mortem: 1.2.0 release was completed via a manual recovery script
after release.sh failed at the zip-sanity step. State on main is
consistent: tag v1.2.0 -> release commit, JSON commit directly on top
of release commit, JSON points to the live Gitea asset.
2026-04-21 23:55:16 +05:00
Vladimir Bryzgalov 1a15f0c872 wp-plugin-info.json: update for 1.2.0 2026-04-21 23:53:53 +05:00
Vladimir Bryzgalov b0fb5c8e3d release: 1.2.0 v1.2.0 2026-04-21 23:50:23 +05:00
Vladimir Bryzgalov 34e5571fea fix(release): replace \s with [[:space:]] in bump sed (BSD compat)
Critical: macOS BSD sed does not support \s character class.
The two substitutions in the version-bump step silently no-oped, the
grep fail-fast guard caught it (no remote damage), but release.sh
couldn't complete. Using POSIX [[:space:]] works on both BSD and GNU sed.

Also: extend test_git_archive_excludes_dev_files to cover .phpunit.result.cache,
.beads/, .claude/, dist/, .DS_Store — the test now fully enforces .gitattributes
export-ignore invariant.
2026-04-21 21:21:06 +05:00
Vladimir Bryzgalov 42b98e5438 feat(release): release.sh for one-shot releases to Gitea
Covers all 9 steps: validate (semver, tools, token, branch, clean tree,
tag not exists, readme changelog block) → bump (cf7-spam-to-telegram.php
header + CF7STG_VERSION, readme.txt Stable tag) → release commit + push →
build zip via git archive --worktree-attributes + sanity checks → Gitea
POST /releases with target_commitish=RELEASE_SHA → POST /releases/{id}/assets
→ regenerate wp-plugin-info.json (jq for version/download_url/last_updated,
awk for Changelog-to-HTML conversion) → JSON commit + push → summary echo.

Two fast-forward commits per release, no force-push. See
docs/superpowers/specs/2026-04-21-cf7stg-self-hosted-updates-design.md for
rationale.
2026-04-21 21:16:15 +05:00
Vladimir Bryzgalov 73045a1f0c docs(readme): add 1.2.0 changelog entry
Release body that release.sh will extract and POST to Gitea /releases API.
2026-04-21 21:11:07 +05:00
Vladimir Bryzgalov e71cb4e15f test(archive): git archive includes runtime files, excludes dev files 2026-04-21 21:10:49 +05:00
Vladimir Bryzgalov 6422f1bf98 chore: extend .gitattributes export-ignore to cover all dev files 2026-04-21 21:10:31 +05:00
Vladimir Bryzgalov ee5bf2a3c5 chore: ignore dist/ (release.sh build artifact) 2026-04-21 21:10:22 +05:00
Vladimir Bryzgalov 5b8eeffecb feat(updates): wire PUC v5 registration into Plugin::boot()
register_update_checker() guards on is_file + class_exists so the plugin
degrades cleanly on installs that ship without the vendored lib (no update
notices, but plugin core remains functional).
2026-04-21 21:08:34 +05:00
Vladimir Bryzgalov e4c31e3c40 test(update-checker): wp-plugin-info.json validity + version/download_url invariants 2026-04-21 21:06:29 +05:00
Vladimir Bryzgalov 3ec9b488dd feat(updates): add wp-plugin-info.json skeleton for PUC Generic JSON source 2026-04-21 21:06:02 +05:00
Vladimir Bryzgalov a5082da0da test(update-checker): invariants for vendored PUC loader and factory class 2026-04-21 21:05:45 +05:00
Vladimir Bryzgalov 05aa819608 chore(deps): vendor plugin-update-checker v5.6
Source: https://github.com/YahnisElsts/plugin-update-checker/releases/tag/v5.6
Used in 1.2.0 for self-hosted updates from Gitea (Generic JSON mode).
2026-04-21 21:03:37 +05:00
Vladimir Bryzgalov c0ff5a9227 docs: finalize self-hosted updates spec + implementation plan (1.2.0)
Spec finalized after brainstorm + pre-impl verification: PUC v5.6 pinned,
Gitea raw URL cache headers verified, release.sh uses browser_download_url
from API response (not guessed format), changelog-to-HTML conversion via awk,
two fast-forward commits per release (no force-push).

Plan decomposes into 19 tasks: vendor PUC → tests → JSON skeleton → boot
wiring → gitignore/gitattributes → release.sh incrementally (validate, bump,
commit+push, zip, Gitea release, upload, regenerate JSON, JSON commit) →
changelog body → actual release run → deploy to домработница.рус.
2026-04-21 20:59:52 +05:00
Vladimir Bryzgalov 995131371d chore: ignore .worktrees/ (feature worktree workspaces) 2026-04-21 20:59:33 +05:00
Vladimir Bryzgalov f7d81a4517 docs(spec): DRAFT design for self-hosted updates from Gitea (1.2.0)
Brainstorm session ran out of context — saving fully-formed design as
DRAFT so the next session can resume from spec self-review + finalize +
writing-plans without redoing the brainstorm.

Beads epic: cf7stg-5wy.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 18:46:35 +05:00
Vladimir Bryzgalov 4dbf3a6ded Merge feat/silent-drop: silent drop label + dry-run + counters (1.1.0)
Adds Classifier label 'drop' via hard-rule (no positive signals + short
latin name OR ≥3 placeholder fields) or score ≤ -5. Drop submissions are
silently skipped from the TG queue (or marked [БЫЛО БЫ DROPPED] when
dry-run mode is on, default after install). Settings page block + dashboard
widget counter. New filters: cf7stg_should_enqueue, cf7stg_hard_drop_rules.

Tests: 53 → 118 (+65). Spec: docs/superpowers/specs/2026-04-21-cf7stg-silent-drop-design.md.
Plan: docs/superpowers/plans/2026-04-21-cf7stg-silent-drop.md.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 18:14:40 +05:00
Vladimir Bryzgalov 714b4712ad fix: wire is_hard_drop_enabled + drop_score_threshold settings into Classifier filter chain
Settings::register_classifier_filters() registers priority-5 callbacks on
cf7stg_classifier_thresholds and cf7stg_hard_drop_rules so the UI options
actually influence Classifier behaviour. Called from Plugin::boot(). User
filters at priority 10 override these defaults as expected. Adds 4 tests
covering the wired behaviour and override priority. Also adds dry_run_drop?
to MessageFormatter::build() @param docblock.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 17:25:20 +05:00
Vladimir Bryzgalov 030eaca408 chore: bump version to 1.1.0 with silent-drop changelog 2026-04-21 17:18:14 +05:00
Vladimir Bryzgalov 22722ae9e9 feat(admin): silent-drop counter line in dashboard widget 2026-04-21 17:16:34 +05:00
Vladimir Bryzgalov ea5666318b feat(admin): silent-drop block in settings page (dry-run, hard-rule, threshold, stats, reset) 2026-04-21 17:14:56 +05:00
Vladimir Bryzgalov 2fcebcc756 feat(formatter): [БЫЛО БЫ DROPPED] header + triggered-rule line in dry-run mode 2026-04-21 17:12:16 +05:00
Vladimir Bryzgalov 42e311c05a feat(source): drop label → skip enqueue (or marked enqueue in dry-run); cf7stg_should_enqueue filter
Also extends test bootstrap autoloader to resolve classes in includes/sources/ and admin/ subdirectories.
2026-04-21 16:30:07 +05:00
Vladimir Bryzgalov 24367c1ccb feat(activator): seed silent-drop options (dry-run on by default) on activate 2026-04-21 16:26:38 +05:00
Vladimir Bryzgalov 0034531a3a fix(settings): wp_date() respects WP timezone; clarify counter is not atomic
- Replace date('Y-m-d') with wp_date('Y-m-d') in increment_drop_counter and
  default_drop_counters to respect WordPress timezone settings.
- Update corresponding test assertions to use wp_date() for consistency.
- Clarify in docblock that increment_drop_counter is not atomic under concurrent
  submissions; read-modify-write pattern via update_option is acceptable for
  low-volume dashboard counters.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 16:25:30 +05:00
Vladimir Bryzgalov ae70b42dcb feat(settings): silent-drop options + counter with rolling today→yesterday
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 16:22:57 +05:00
Vladimir Bryzgalov f415f429ed refactor(classifier): single-pass hard-drop trigger; cleaner drop reason rendering
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 16:20:28 +05:00
Vladimir Bryzgalov a70785beca feat(classifier): label 'drop' via hard-rule + score threshold (-5 default)
- Add DEFAULT_THRESHOLDS['drop'] = -5 and DEFAULT_HARD_DROP_RULES const
- Add evaluate_hard_drop(): fires when no positive signals + short latin name OR ≥3 placeholder fields
- Wire into classify(): drop overrides all other labels; synthetic reason explains trigger
- Add drop_reason_label() and 'drop' => ' авто-дроп' to MessageFormatter::LABEL_MAP
- Update ClassifierTest/MessageFormatterTest to extend Cf7stgTestCase (filter isolation)
- Adjust pre-existing assertions that now correctly yield 'drop' instead of 'spam'
2026-04-21 16:14:49 +05:00
Vladimir Bryzgalov 18a07c9b1b test(classifier): exact-count assertions for placeholder fixture; document SERVICE_FIELD_KEYS prefix semantics
Fixes issues from code review in commit 249f195:

1. Tighten fixture assertions to exact counts (assertSame instead of assertGreaterThanOrEqual):
   - test_count_placeholder_fields_screenshot_1_exact_count: expect 5 placeholders
   - test_count_placeholder_fields_screenshot_2_exact_count: expect 5 placeholders
   - test_count_placeholder_fields_screenshot_3_exact_count: expect 1 placeholder

2. Document SERVICE_FIELD_KEYS prefix-matching semantics in comment:
   clarify that keys starting with _wpcf7 are skipped via strpos prefix match,
   so explicit enumeration of every _wpcf7_* variant is unnecessary.

Test results: 75/75 green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 16:08:57 +05:00
Vladimir Bryzgalov 249f195257 feat(classifier): count_placeholder_fields() helper for drop-logic
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 16:06:32 +05:00
Vladimir Bryzgalov 1168a733a4 test(classifier): boundary + array-value tests for has_short_latin_name; @return tags
- Add @return bool to has_valid_email_anywhere docblock
- Add @return bool to has_short_latin_name docblock
- Add Cyrillic note to has_short_latin_name docblock
- Add test_has_short_latin_name_true_for_single_letter_boundary (lower bound)
- Add test_has_short_latin_name_false_for_four_letters_boundary (upper bound)
- Add test_has_short_latin_name_false_for_array_value_with_space_join (regression)

Addresses code review feedback from commit 660a0d2.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 16:04:18 +05:00
Vladimir Bryzgalov 660a0d2b7c feat(classifier): has_short_latin_name() helper for drop-logic 2026-04-21 16:01:58 +05:00
Vladimir Bryzgalov b5c939e9e4 fix(classifier): iterate all email candidates per field; document method contract
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 15:59:12 +05:00
Vladimir Bryzgalov eae8fafb32 feat(classifier): has_valid_email_anywhere() helper for drop-logic 2026-04-21 15:56:14 +05:00
Vladimir Bryzgalov 1d2586e290 test(fixtures): real spam submissions from TG screenshots (3 cases) 2026-04-21 15:53:54 +05:00
Vladimir Bryzgalov bd45e84634 test: stable filter ordering, base TestCase reset, priority-aware remove_all_filters
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 15:51:46 +05:00
Vladimir Bryzgalov 40d5a2c23d test: stateful WP shims (add_filter/get_option/is_email) for upcoming silent-drop tests 2026-04-21 15:48:07 +05:00
Vladimir Bryzgalov 9a55404918 docs: implementation plan for silent drop (1.1.0) — 14 tasks, TDD
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 15:37:42 +05:00
Vladimir Bryzgalov 287d313f1b docs(spec): drop skull emoji, clarify dry-run default on fresh install + upgrade
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 15:30:38 +05:00
Vladimir Bryzgalov ee6a791867 docs: design for silent drop (1.1.0) — hard-rule, score threshold, dry-run, counters
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 15:27:15 +05:00
Vladimir Bryzgalov 0cdfde9529 chore: bump version to 1.0.4 with changelog of pilot fixes
Header 'Version: 1.0.0' in the main plugin file was never bumped
while pilot fixes piled up (1.0.1 → 1.0.4 existed only in zip file
names). wp-admin → Plugins screen therefore kept showing 1.0.0
regardless of what was deployed.

Bumped:
- cf7-spam-to-telegram.php header Version 1.0.0 → 1.0.4
- CF7STG_VERSION constant 1.0.0 → 1.0.4
- readme.txt Stable tag 1.0.0 → 1.0.4
- readme.txt Changelog: entries for 1.0.2 / 1.0.3 / 1.0.4

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 00:39:11 +05:00
Vladimir Bryzgalov 8efb82ca43 fix: phone leak, field-by-value detection, strict Flamingo email fallback
Three pilot-surfaced issues in one pass:

1. PhoneParser regex used '\s' in the candidate character class, so a
   digit on a following flattened line bled into the phone. '+7977
   6277470\n1' (phone + trailing checkbox value) parsed as 12 digits,
   producing '+797762774701'. Replaced '\s' with a literal space so
   newlines/tabs stop the candidate.

2. Custom-themed forms don't use 'your-name' / 'your-email' keys
   (washanyanya.ru has text-211 / text-212 / name_user). Added
   FieldDetector::find_name + find_email as fallbacks. Classifier
   and MessageFormatter now call them if no standard key matches,
   so 'Александр' in text-211 is recognised as a cyrillic name and
   scored / displayed accordingly.

3. FlamingoHelper copied '_from_email' into 'your-email' without
   validating it. Flamingo derives that meta from whatever field it
   considers "first"; on phone-first forms it ends up holding the
   phone number. Now we only copy _from_email if it contains '@',
   and dropped the _from_name shortcut entirely — FieldDetector
   handles the name via the actual field values.

Tests: +1 FieldDetectorTest (13 cases); +2 PhoneParserTest cases for
newline/tab bleeds; +1 ClassifierTest case; +1 MessageFormatterTest
case for custom field keys. Full suite 53/53 green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 00:22:39 +05:00
Vladimir Bryzgalov dbdfc9afa9 feat(admin): always-on dashboard widget + default retro days = 0
- Dashboard widget is now registered unconditionally. Header + content
  adapt: shows '⚠️ ошибки доставки' only when failed > 0, otherwise
  plain title with queue state (pending / sent-24h / failed).
  Pilot feedback: the conditional widget felt like the plugin was
  missing — users expect a persistent status readout.
- Retro default window changed from 7 days to 0 (no limit). Most
  pilot uses were 'dump everything since install', so 0 is the more
  useful default. User can still narrow to N days in the form.
- Spec §10 + §14 updated.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 00:12:45 +05:00
Vladimir Bryzgalov 2de8f0be57 fix(formatter+telegram): drop tel: inline button, mark all 4xx as permanent
Pilot on washanyanya.ru exposed that Telegram Bot API rejects tel:
URLs in inline_keyboard with HTTP 400 "Wrong port number specified
in the URL". Queue was stuck on 5 items retrying the same failure
4 times each.

- MessageFormatter: always returns reply_markup = null. The phone
  number is already rendered in the '📱 ...' line, and mobile
  Telegram clients linkify it automatically.
- TelegramClient::is_permanent: treat all 4xx except 429 as permanent
  client-side errors, so future payload-shape bugs surface in the
  dashboard widget immediately instead of burning five retry cycles.
- MessageFormatterTest updated: the old test asserting tel: in
  reply_markup is replaced with one asserting reply_markup is null
  and the phone still appears in the text body.
- Spec §9 + §19 updated, §19's open question closed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-17 23:55:06 +05:00