Skip to content

1.2.1

Latest
Latest

Choose a tag to compare

View all tags
@juanmaguitar juanmaguitar released this 09 Dec 10:23
· 23 commits to main since this release
1.2.1
a4f22bd

Version 1.2.1 addresses all issues identified in the WordPress.org plugin review: the missing composer.json file has been included to support transparency in dependency management, JavaScript and CSS are now properly enqueued using WordPress's built-in wp_enqueue_script() and wp_enqueue_style() functions instead of inline code, and all function names, classes, and constants have been refactored to use the unique prefix "juanma_jwt_auth_pro" or "JUANMA_JWT_AUTH_PRO" to prevent conflicts with other plugins while maintaining backward compatibility through deprecated wrappers.

Security

  • Database Security Enhancements:
    • Replaced esc_sql() with proper table name validation for database identifiers
    • Enhanced database query security with prepared statements throughout the codebase
    • Added proper validation for table names to prevent SQL injection vulnerabilities
    • Refactored database queries for refresh tokens with improved security measures

Fixed

  • Plugin Review Fixes (merged from branch fix/plugin-review-nov-9):
    • Fixed table name validation in deactivate() method to remove unnecessary whitespace
    • Corrected inline script and style enqueuing to use WordPress best practices
    • Moved inline JavaScript and CSS to external files (assets/admin.js and assets/admin.css)
    • Fixed nonce verification and security checks in admin settings

Changed

  • Code Quality Improvements:
    • Replaced hardcoded version strings with JMJAP_VERSION constant for consistency
    • Refactored plugin class names from generic naming to JuanMa JWT Auth Pro branding
    • Updated all constant references throughout the codebase (e.g., JWT_AUTH_PRO_* to JMJAP_*)
    • Updated .wp-env.json configuration with new constant names
    • Updated PHPStan configuration to include new constants
    • Improved test suite with updated constant references

Improved

  • Admin Interface:
    • Extracted inline styles and scripts to dedicated asset files for better maintainability
    • Enhanced admin settings page with proper WordPress script/style enqueueing
    • Improved tab navigation with proper nonce verification

Developer Experience

  • Removed unnecessary files from .distignore
  • Updated bootstrap files for unit and integration tests with new constants
  • Improved helper functions with updated constant references
Assets 3
Loading