Skip to content

Releases: WebTigers/TigerCore

v0.12.1-beta — drop deprecated curl_close()

Choose a tag to compare

@WebTigers WebTigers released this 17 Jul 06:16

Fixed

  • Tiger_Module_Github: dropped the deprecated curl_close(). On PHP 8+ the CurlHandle is GC-freed when the handle leaves scope, so the call was already a no-op — and PHP 8.5 emits E_DEPRECATED for it (which the update checker's GitHub fetches were tripping). No behavior change on 8.1–8.5.

v0.12.0-beta — Updates screen shows what's new

Choose a tag to compare

@WebTigers WebTigers released this 17 Jul 06:10

Added

  • Update screen — "What's new" per update. The Updates screen now shows each offered version's changelog section beside the version bump. Tiger_Update_Checker::notes() fetches the target's CHANGELOG.md from its repo at the new release ref (not the installed copy) and slices out the ## [<version>] section; the view renders it in a collapsible "What's new in x.y.z". Tries the tag first, then the default branch (main/master) — a tag's tree can predate its changelog entry — and is file-cached, fail-soft to version-numbers-only. One source of truth: the CHANGELOG.md every Tiger repo already keeps (no separate release-notes file).

Housekeeping

  • Backfilled the core changelog for 0.7.0 → 0.11.1 (it had fallen behind the shipped tags), and pushed the missing v0.10.0-beta tag so the tag run is contiguous again.

v0.11.1-beta — module registry points at renamed repos

Choose a tag to compare

@WebTigers WebTigers released this 16 Jul 18:43

Fixed

  • Module Manager registry URLs follow the repo renames: the Vendor Registry repo is now WebTigers/TigerVendors (and its sponsor overlay WebTigers/TigerSponsors). Tiger_Module_Registry::DEFAULT_INDEX / DEFAULT_SPONSORS point at the new raw URLs. GitHub redirected the old URLs, but this makes it direct.

v0.11.0-beta — dashboard widgets + Location settings

Choose a tag to compare

@WebTigers WebTigers released this 16 Jul 18:23

Added — Dashboard widgets

  • Module-registered dashboard widgets (Tiger_Dashboard::registerWidget) — the wp_add_dashboard_widget analog. The /admin dashboard is now a Muuri masonry grid (up to 4 responsive columns) with shell-owned card chrome (whole-header drag handle, TigerDOM-animated collapse). Per-user layout (order + collapsed) persists.
  • The lazy option storeTiger_Model_Option + the option table (migration 0031): the config-discipline sibling of config, read on demand (never boot-merged). Where per-user dashboard layout lives.
  • System_Service_Dashboard::saveLayout + Tiger_Model_Login::topFailures() (most-targeted-accounts analytics).

Added — System → Location tab

  • A Location settings tab: selectable IP + address providers, each configuring itself, plus a live Test button (geolocate an IP to verify a key/endpoint).
  • Adapters surface their own settingslabel() + fields() on the adapter, so a new provider (MaxMind, a file-DB, …) drops in with zero UI code. Secret keys encrypted at rest (Tiger_Crypto).
  • Tiger_Location gains adapters()/settings()/saveSettings()/test().

Changed / Security

  • Tiger_Location::ip() now caches per provider+IP (APCu, tiger.location.cache_ttl, default 24h) — no consumer hits the geolocation provider on the request path.
  • Default IP provider stays ip-api.com (free/dev); the tab flags its non-commercial + HTTP-only caveat and the Pro-key upgrade path.

v0.9.0-beta — reCAPTCHA settings screen + shared writer

Choose a tag to compare

@WebTigers WebTigers released this 16 Jul 15:10

Added

  • System settings is now tabbed — Session & Security · Email SMTP (stub) · reCAPTCHA.
  • reCAPTCHA admin screen (previously config-file only): enabled, version (v2 checkbox / v3 score), site key, secret key, min score, fail-open, and a hide-the-v3-badge toggle that injects the badge-hiding CSS plus the reCAPTCHA legal notice Google requires in its place.
  • Tiger_Recaptcha shared reader/writersettings() (secret masked) and saveSettings(): writes tiger.recaptcha.* to the config tier, with the secret encrypted at rest (Tiger_Crypto; blank keeps the current one). secretKey() falls back to the encrypted value, so a no-shell operator can set it in the UI without a plaintext DB row. badgeCss() / legalNotice() centralize badge-hide behavior; Tiger_View_Helper_FormRecaptcha emits them on v3.

Notes

  • Email SMTP settings remain config-driven (mail.*, read by Tiger_Mail) — the admin screen for them is stubbed "under construction."
  • The same reCAPTCHA controls are surfaced by the TigerShield Security screen via the shared writer.

TigerCore v0.8.1-beta

Choose a tag to compare

@WebTigers WebTigers released this 16 Jul 09:22

TigerCore v0.8.1-beta.

What's new

  • Updates page now APPLIES core updates, not just advises: runs Composer where it can, atomically swaps a pre-resolved vendored vendor/ where it can't (this release's ZIP).
  • /login + /logout aliases and a signed-out confirmation page.
  • Module-update backups moved out of the scanned modules dir (a stray backup can no longer brick boot).
  • Bundles paragonie/sodium_compat (installs without ext-sodium).

No-shell platform self-update

tiger-core-vendored-0.8.1-beta.zip is the pre-resolved vendor/ tree the one-click updater (Tiger_Update_Core) downloads, verifies, and atomically swaps — no Composer, no shell.

  • sha256: 29ef5e8e536f7ae93c0adeb5f10b09660285d9ae9310566cc1b534e269404f13

Composer users: composer update webtigers/tiger-core.

TigerCore v0.7.0-beta

Choose a tag to compare

@WebTigers WebTigers released this 15 Jul 14:26

Minor beta on top of v0.6.0-beta.

Highlights

  • TigerUpload — a headless, framework-agnostic upload engine (own repo, vendored); one upload broadcasts to N renderers.
  • Media Manager rebuilt on TigerUpload — two-view live upload (list + portfolio), masonry, shared Edit modal, Copy-URL, and per-org filename obfuscation (readable vs. random, download name follows).
  • Code Area — module-snippet importer: an installed code module's snippets/ surface in the Code Area (files stay the source of truth, never copied to the DB).
  • CMS — surface the active theme's page templates + fork-on-edit (customize a theme page → an editable DB row that overrides the file); Pages/Theme-Templates tabs.
  • Page builder — Image/Video blocks wired to the media picker, Tiger-palette reskin, CodeMirror find bar / reformat / resizable editor.
  • /api — transparent base64 field decode (a WAF shim so managed rules stop 403-ing legitimate admin HTML/PHP).

Install: composer create-project webtigers/tiger my-app --stability=beta

TigerCore 0.6.0-beta

Choose a tag to compare

@WebTigers WebTigers released this 12 Jul 10:39

The first vendored release — this tag ships a pre-resolved vendor/ ZIP (attached by CI below) that the no-shell core self-updater swaps in atomically.

Highlights: API discovery (OpenAPI/Swagger), stateless /api token auth, no-Composer module dependency provisioning, a one-click Updates screen + core self-update, and an ACL Simulator. See the CHANGELOG.

composer require webtigers/tiger-core:^0.6@beta

v0.1.0-beta.2

v0.1.0-beta.2 Pre-release
Pre-release

Choose a tag to compare

@WebTigers WebTigers released this 09 Jul 15:04

The Tiger platform framework — the Tiger_* kernel + multi-tenant substrate (org / user / org_user / ACL) on TigerZF. Installable from Packagist.

Beta. Functional and dogfooded on tiger-dev; the @api surface may still shift between beta releases.

Install

# a new app (skeleton + framework, from Packagist)
composer create-project webtigers/tiger my-app --stability=beta

# or add the framework to an existing app
composer require webtigers/tiger-core:^0.1.0-beta

What's new since beta.1

Module lifecycle — assets + dependencies

  • make:module now scaffolds optional layouts/, assets/, and configs/dependency.ini stubs (a module can be theme-agnostic or pure /api).
  • Assets on activate — a module's assets/ (if it has one) is symlinked into public/_modules/<slug> on module:activate and removed on module:deactivate. No copy, failsafe (Tiger_Module_Installer::publishAssets / unpublishAssets).
  • Dependency alertsTiger_Module_Dependency reads configs/dependency.ini lazily (zero boot cost, only when toggling): activate warns of required modules that aren't active ("requires X, Y to activate"); deactivate surfaces modules that depend on this one. Convenience alerts — never a hard block. Wired into bin/tiger module:activate|deactivate and the admin module manager.

Failsafe asset wiring (cPanel-ready)

  • bin/tiger link:assets + Tiger_Install::linkPublicAssets() — (re)create the webroot's _theme/_tiger symlinks with absolute targets computed from the app root. Idempotent, won't clobber a real directory, and --webroot handles the cPanel split layout (~/public_html above the app). The recommended way to wire assets on any host.

The companion skeleton change (public/index.php self-locates the app root for cPanel) ships in webtigers/tiger v0.1.0-beta.2+.

Links