# Changelog All notable changes to the IGNY8 platform will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). --- ## 📋 Changelog Management **IMPORTANT**: This changelog is only updated after user confirmation that a fix or feature is complete and working. ### Changelog Structure Each entry follows this format: - **Version**: Semantic versioning (MAJOR.MINOR.PATCH) - **Date**: YYYY-MM-DD format - **Type**: Added, Changed, Fixed, Deprecated, Removed, Security - **Description**: Clear description of the change - **Affected Areas**: Modules, components, or features affected --- ## [1.0.1] - 2025-11-24 ### Changed #### WordPress Integration - Authentication Modernization - **Simplified authentication to API key only** across WordPress plugin and Django backend - Removed webhook secret/signature validation in favor of direct API key authentication - Updated `class-igny8-webhooks.php` to validate `X-IGNY8-API-KEY` or `Authorization: Bearer` headers - Modified Django `views.py` validator to require only `api_key` in `credentials_json` for new WordPress integrations - Files changed: - `igny8-wp-integration/includes/class-igny8-webhooks.php` - `igny8/backend/igny8_core/modules/integration/views.py` - **Implemented 3-state connection model** for clearer integration status tracking - States: `not_connected` (no API key), `configured` (API key + integration_id), `connected` (structure synced) - Added `igny8_get_connection_state()` helper function - Files changed: - `igny8-wp-integration/includes/functions.php` - `igny8-wp-integration/admin/settings.php` ### Added #### WordPress Integration - Enhanced Logging & Filtering - **Safe logging functions** that filter sensitive data (api_key, password, secret, token) - Added `igny8_log_connection_state()` for connection state transitions - Added `igny8_log_sync()` for sync operations with context tracking - Enhanced `igny8_sync_site_structure_to_backend()` with detailed operation logging - Files changed: - `igny8-wp-integration/includes/functions.php` - **Product attribute filtering** to sync only IGNY8-created WooCommerce attributes - Filters product attribute terms by `igny8_origin = 'igny8_app'` term meta - Applies to taxonomies starting with `pa_` prefix - Files changed: - `igny8-wp-integration/data/site-collection.php` ### Removed #### WordPress Integration - Legacy Authentication - **Removed webhook secret authentication** from WordPress plugin - Deleted `igny8_get_webhook_secret()` and `igny8_regenerate_webhook_secret()` functions - Removed webhook secret UI from admin settings page - Removed HMAC-SHA256 signature validation from webhook handler - Files changed: - `igny8-wp-integration/includes/functions.php` - `igny8-wp-integration/includes/class-igny8-webhooks.php` - `igny8-wp-integration/admin/settings.php` ### Security #### WordPress Integration - **Upgraded authentication security** by consolidating to single API key method - Eliminated webhook signature complexity and potential timing attack vectors - Implemented constant-time comparison for API key validation using `hash_equals()` - All incoming webhook requests now require valid API key in headers - Files affected: - `igny8-wp-integration/includes/class-igny8-webhooks.php` - `igny8-wp-integration/includes/class-igny8-rest-api.php` --- ## [1.0.0] - 2025-11-24 ### Added #### Backend Core - **Multi-Tenancy System** - Complete account isolation with Account → Site → Sector hierarchy - User roles: Developer, Owner, Admin, Editor, Viewer, System Bot - Automatic account filtering via `AccountContextMiddleware` - Base classes: `AccountModelViewSet` and `SiteSectorModelViewSet` - Account isolation at database level with ForeignKey relationships - **Authentication & Authorization** - JWT token authentication with PyJWT 2.8+ - 15-minute access token expiry - Refresh token support - API key authentication for WordPress integration - Permission classes: `IsAuthenticatedAndActive`, `HasTenantAccess`, `IsEditorOrAbove`, `IsAdminOrOwner` - Role-based access control matrix - **Planner Module** (`modules/planner/`) - Keywords model with search volume, difficulty, intent tracking - Clusters model with many-to-many keyword relationships - ContentIdeas model linked to clusters - AI-powered keyword clustering via `auto_cluster` function - AI-powered content idea generation via `generate_ideas` function - Bulk keyword import (CSV and manual) - ViewSets: `KeywordViewSet`, `ClusterViewSet`, `ContentIdeasViewSet` - **Writer Module** (`modules/writer/`) - Tasks model for content creation workflow - Content model with HTML/plain text support and unified taxonomy structure - Images model with featured/in-article image support - AI content generation via GPT-4 (`generate_content` function) - AI image generation via DALL-E 3 and Runware (`generate_images` function) - Content taxonomies (`ContentTaxonomy`) and attributes (unified JSON structure) - ViewSets: `TasksViewSet`, `ContentViewSet`, `ImagesViewSet`, `ContentTaxonomyViewSet`, `ContentAttributeViewSet` - **Linker Module** (`modules/linker/`) - Internal linking recommendations - Link graph analysis - `LinkerViewSet` for link operations - **Optimizer Module** (`modules/optimizer/`) - Content quality scoring - SEO optimization suggestions - `OptimizerViewSet` for optimization operations - **Publisher Module** (`modules/publisher/`) - Publishing records tracking (`PublishingRecord` model) - Deployment records (`DeploymentRecord` model) - `PublisherViewSet`, `PublishingRecordViewSet`, `DeploymentRecordViewSet` - **Site Builder Module** (`modules/site_builder/`) - Site blueprint management (`SiteBlueprint` model) - Page blueprint creation (`PageBlueprint` model) - Site structure planning with clusters and taxonomies - `SiteBlueprintViewSet`, `PageBlueprintViewSet`, `SiteAssetView`, `SiteBuilderMetadataView` - **Automation Module** (`modules/automation/`) - Automation rules engine (`AutomationRule` model) - Scheduled tasks (`ScheduledTask` model) - Rule execution via Celery beat - `AutomationRuleViewSet`, `ScheduledTaskViewSet` - **Integration Module** (`modules/integration/`) - WordPress integration support via `SiteIntegration` model - Connection testing: `POST /integrations/test-connection/` - Structure update: `POST /integrations/{id}/update-structure/` - Content type summary: `GET /integrations/{id}/content-types/` - Bidirectional sync support with sync status and logs - Integration services: `IntegrationService`, `SyncService`, `ContentSyncService`, `SyncHealthService` - Site-level sync endpoints: `/sites/{id}/sync/status/`, `/sites/{id}/sync/run/` - `IntegrationViewSet` with comprehensive sync management - **System Module** (`modules/system/`) - AI prompt management (`AIPrompt` model with types: cluster, ideas, content, image_prompts) - Integration settings (`IntegrationSettings` model for OpenAI/Runware config) - Author profiles for content style (`AuthorProfile` model) - Content strategies (`Strategy` model) - System and account settings endpoints - ViewSets: `AIPromptViewSet`, `AuthorProfileViewSet`, `StrategyViewSet` - Settings ViewSets: `SystemSettingsViewSet`, `AccountSettingsViewSet`, `UserSettingsViewSet`, `ModuleSettingsViewSet`, `AISettingsViewSet` - **Billing Module** (`modules/billing/`) - Credit-based usage system - Credit transactions tracking (`CreditTransaction` model) - Usage analytics (`CreditUsageLog` model) - `CreditService` for credit operations - Monthly credit replenishment via Celery beat task - ViewSets: `CreditBalanceViewSet`, `CreditUsageViewSet`, `CreditTransactionViewSet` - **AI Framework** (`ai/`) - `AIEngine` - Central orchestrator for all AI operations with progress tracking - `AICore` - Unified API client for OpenAI/Runware with rate calculation - `BaseAIFunction` - Abstract interface for AI function implementations - AI function registry system with 5 core functions - Progress tracking with Celery task state updates - Cost tracking (token usage and pricing) - Console step tracker for debugging (`ConsoleStepTracker`) - Prompt registry system (`PromptRegistry`) - Model configuration per account via `IntegrationSettings` - Validators for payload validation - Celery task wrapper: `run_ai_task` - **AI Functions** (`ai/functions/`) - `auto_cluster.py` - Semantic keyword clustering - `generate_ideas.py` - Content idea generation from clusters - `generate_content.py` - Full blog post generation with HTML - `generate_image_prompts.py` - Extract image prompts from content - `generate_images.py` - Image generation via DALL-E 3 / Runware - **API Infrastructure** (`api/`) - Unified response format: `{success, data, message, request_id}` - Response helpers: `success_response()`, `error_response()`, `paginated_response()` - Request ID tracking via `RequestIDMiddleware` - Resource tracking via `ResourceTrackingMiddleware` - Rate limiting with `DebugScopedRateThrottle` (bypass in DEBUG mode) - Custom pagination: `CustomPageNumberPagination` (default: 10, max: 100) - OpenAPI 3.0 schema via drf-spectacular - Swagger UI at `/api/docs/` - ReDoc at `/api/redoc/` - Centralized exception handling with unified error format - **Celery Integration** (`celery.py`) - Async task processing for AI operations - Celery beat for scheduled tasks - Beat schedule: monthly credit replenishment, automation rule execution (every 5 min) - Task autodiscovery from all installed apps #### Frontend Core - **React 19 Application** (`frontend/`) - Vite 6.1.0 build system with fast HMR - TypeScript 5.7.2 for type safety - React Router v7.9.5 for client-side routing - Zustand 5.0.8 state management with localStorage persistence - Lazy loading for all module pages (code splitting) - Tailwind CSS 4.0.8 for styling - **Authentication** (`pages/AuthPages/`, `store/authStore.ts`) - JWT-based authentication with automatic token refresh - Login/signup pages - Protected routes with `ProtectedRoute` component - Auth store with Zustand (user, token, refreshToken state) - Auto token refresh on 401 errors - **Module Pages** - **Planner** (`pages/Planner/`): Keywords list, Clusters view, Ideas dashboard, Keyword opportunities - **Writer** (`pages/Writer/`): Tasks dashboard, Content viewer with HTML preview, Drafts, Published list, Images gallery - **Linker** (`pages/Linker/`): Link analysis dashboard, Content list with link suggestions - **Optimizer** (`pages/Optimizer/`): Optimization dashboard, Content selector, Analysis preview - **Thinker** (`pages/Thinker/`): AI prompts editor, Author profiles, Strategies, Image testing - **Billing** (`pages/Billing/`): Credit balance, Transaction history, Usage analytics - **Automation** (`pages/Automation/`): Rules management, Scheduled tasks list - **Settings** (`pages/Settings/`): General, Users, Subscriptions, System, AI settings, API monitor - **UI Components** (`components/`) - Reusable components library - ApexCharts for data visualization - Heroicons for icons - Responsive layouts with Tailwind - Form components with validation - Modal system - Loading states and skeletons - **API Integration** (`api/`, `services/`) - Axios client with automatic token injection - Request/response interceptors - Automatic token refresh on 401 - Module-specific API clients (planner, writer, linker, etc.) - `fetchAPI` wrapper with unified format handling - Error handling with toast notifications - **State Management** (`store/`) - `authStore` - User authentication state - `siteStore` - Site and sector context - Module-specific stores (plannerStore, writerStore, etc.) - Global app state (loading, errors, notifications) - Zustand persist middleware for localStorage #### WordPress Plugin - **Core Plugin** (`igny8-wp-integration/`) - Plugin version 1.0.0 - WordPress 5.0+ compatibility - PHP 7.4+ requirement - Main file: `igny8-bridge.php` - Uninstall cleanup: `uninstall.php` - **API Client** (`includes/class-igny8-api.php`) - `Igny8API` class for backend communication - API key authentication (primary method) - JWT token authentication support (fallback) - Automatic retry on 401 errors - Request/response parsing with unified format support - Methods: `connect()`, `get()`, `post()`, `put()`, `delete()`, `parse_response()` - **REST API Endpoints** (`includes/class-igny8-rest-api.php`) - `GET /wp-json/igny8/v1/site-metadata/` - Export site structure - `GET /wp-json/igny8/v1/post-by-task-id/{id}` - Lookup by task ID - `GET /wp-json/igny8/v1/post-by-content-id/{id}` - Lookup by content ID - `POST /wp-json/igny8/v1/posts/` - Create post from IGNY8 - `PUT /wp-json/igny8/v1/posts/{id}` - Update post from IGNY8 - API key authentication via `X-IGNY8-API-Key` header - **Synchronization** (`sync/`) - **WP → IGNY8** (`post-sync.php`): Post status sync on `save_post` hook - **IGNY8 → WP** (`igny8-to-wp.php`): Content publishing via REST API - **Taxonomy Sync** (`taxonomy-sync.php`): Taxonomy term synchronization - **Hooks** (`hooks.php`): WordPress action/filter hook registration - Bidirectional sync with status mapping - Post meta tracking: `_igny8_task_id`, `_igny8_content_id`, `_igny8_wordpress_status`, `_igny8_last_synced`, `_igny8_managed` - **Admin Interface** (`admin/`) - Settings page at Settings → IGNY8 API (`settings.php`) - API key, email, password configuration - Connection testing button - Post columns showing IGNY8 status (`class-admin-columns.php`) - Post meta boxes in editor (`class-post-meta-boxes.php`) - Admin class: `Igny8Admin` (`class-admin.php`) - **Data Collection** (`data/`) - Full site metadata collection (`site-collection.php`) - Post type discovery with counts - Taxonomy discovery with counts - Link graph extraction (`link-graph.php`) - Semantic mapping (`semantic-mapping.php`) - WooCommerce integration support (`woocommerce.php`) - **Supporting Classes** (`includes/`) - `Igny8Site` - Site data collection and export - `Igny8Webhooks` - Webhook handlers (legacy) - `Igny8WebhookLogs` - Webhook logging - `Igny8LinkQueue` - Link processing queue - Helper functions in `functions.php` #### Infrastructure - **Docker Deployment** (`docker-compose.app.yml`) - Multi-container setup for development - Services: PostgreSQL, Redis, Django backend, Celery worker, Celery beat - Volume persistence for database and media - Network isolation - **Database** (PostgreSQL 14+) - Multi-tenant data model with account isolation - Optimized indexes for common queries - JSON fields for flexible configuration storage - Database migrations system - **Task Queue** (Celery + Redis) - Redis as message broker - Celery worker for async tasks - Celery beat for scheduled tasks - Progress tracking with task state updates ### Documentation - **Master Documentation** (`master-docs/`) - Complete architecture documentation - API reference with endpoint details - Frontend and backend implementation guides - WordPress plugin integration guide - **Project Documentation** - `MASTER_REFERENCE.md` - Complete system architecture and navigation - `README.md` - Quick start and setup guide - `CHANGELOG.md` - This file ### Changed - N/A (Initial release) ### Deprecated - N/A (Initial release) ### Removed - N/A (Initial release) ### Fixed - N/A (Initial release) ### Security - JWT token authentication with 15-minute expiry and refresh tokens - Secure API key storage in WordPress using encryption helpers - CSRF protection on all forms - SQL injection prevention via Django ORM - XSS protection via Django template escaping - HTTPS enforcement in production - Account isolation at database level with automatic filtering - Permission-based access control with role matrix - Rate limiting to prevent abuse - Request ID tracking for audit trails --- ## Version History - **1.0.0** (2025-11-24) - Initial release with complete feature set --- ## Versioning Strategy - **Major version** (X.0.0) - Breaking changes, major architectural changes - **Minor version** (1.X.0) - New features, new modules, backward compatible - **Patch version** (1.0.X) - Bug fixes, minor improvements, documentation updates --- ## Upgrade Notes ### Upgrading to 1.0.0 This is the initial release. No upgrade path required. Future upgrade notes will be documented here for each version. --- ## Future Roadmap Planned features and improvements (subject to change): - Enhanced analytics and reporting - Additional AI model integrations - Stripe payment integration - Advanced automation workflows - Mobile app support - API webhooks - Collaborative editing features - Multi-language support See project board for current priorities and development status. --- **Note:** This changelog is maintained according to [Keep a Changelog](https://keepachangelog.com/) principles and only updated after user confirmation of completed features and fixes.