New Release

Author: PDowney

CHANGELOG.md

@@ -1,5 +1,29 @@
 # Changelog for EngineScript: Simple Site Exporter
 
+## 1.6.0 - May 15, 2025
+### Major Security and Code Quality Improvements
+- **Enhanced Logging**: Replaced all direct `error_log()` calls with secure `sse_log()` function that respects WP_DEBUG settings, includes timestamps, and stores critical errors in database (limited to last 20 entries)
+- **Improved File Operations**: Replaced unsafe `@unlink()` calls with `sse_safely_delete_file()` function using WordPress Filesystem API with proper error handling
+- **Execution Time Safety**: Enhanced `set_time_limit()` usage with safety checks, reasonable 30-minute limits instead of unlimited execution, and proper logging
+- **Path Security**: Added `sse_validate_filepath()` function to prevent directory traversal attacks with comprehensive path validation
+- **Text Domain Standardization**: Updated all translatable strings to use consistent 'Simple-Site-Exporter' text domain across the entire plugin
+
+### GitHub Actions Security Updates
+- Pinned all GitHub Actions to specific commit hashes instead of version tags for improved security
+- Updated all workflow references from Simple-WP-Optimizer to Simple Site Exporter
+- Enhanced CI/CD pipeline security with version pinning and proper repository references
+
+### Code Structure Improvements
+- Fixed corrupted text domain line in plugin header
+- Corrected malformed comment sections
+- Enhanced code organization and readability
+- Added comprehensive security helper functions with WordPress-compatible logging
+
+### WordPress Compatibility
+- Created standard WordPress plugin `readme.txt` file with all required sections
+- Updated `composer.json` package information and license to GPL-3.0-or-later
+- Improved WordPress coding standards compliance throughout the plugin
+
 ## 1.5.9 - May 3, 2025
 ### Security Enhancements
 - Reduced export file auto-deletion time from 1 hour to 5 minutes for improved security

readme.txt

@@ -3,7 +3,7 @@ Contributors: enginescript
 Tags: backup, export, migration, site export, database export
 Requires at least: 5.8
 Tested up to: 6.8
-Stable tag: 1.5.9
+Stable tag: 1.6.0
 Requires PHP: 7.4
 License: GPLv3 or later
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
@@ -72,6 +72,19 @@ Yes, the plugin is designed to be compatible with most shared hosting environmen
 
 == Changelog ==
 
+= 1.6.0 =
+* Major security and code quality improvements
+* Enhanced logging system with WP_DEBUG integration and database storage for critical errors
+* Improved file operations using WordPress Filesystem API instead of direct file functions
+* Added execution time safety with reasonable limits and proper logging
+* Implemented comprehensive path validation to prevent directory traversal attacks
+* Standardized text domain across all translatable strings
+* Pinned GitHub Actions to specific commit hashes for improved security
+* Updated all repository references and workflow configurations
+* Created WordPress-compatible readme.txt file
+* Updated composer.json with correct package information and GPL-3.0-or-later license
+* Fixed code structure issues and improved WordPress coding standards compliance
+
 = 1.5.9 =
 * Reduced export file auto-deletion time from 1 hour to 5 minutes for improved security
 * Removed dependency on external systems for file security management
@@ -138,6 +151,9 @@ Yes, the plugin is designed to be compatible with most shared hosting environmen
 
 == Upgrade Notice ==
 
+= 1.6.0 =
+Major security and code quality update: Enhanced logging system, improved file operations with WordPress Filesystem API, execution time safety improvements, comprehensive path validation, standardized text domains, and GitHub Actions security updates. Recommended upgrade for all users.
+
 = 1.5.9 =
 This update improves security by reducing export file auto-deletion time from 1 hour to 5 minutes and enhances overall plugin security with simplified, self-contained security features.