Skip to content

Port bug fixes from dev branch to version-3#147

Open
zhyian wants to merge 4 commits intowecodemore:version-3from
zhyian:port/bugfixes-from-dev
Open

Port bug fixes from dev branch to version-3#147
zhyian wants to merge 4 commits intowecodemore:version-3from
zhyian:port/bugfixes-from-dev

Conversation

@zhyian
Copy link

@zhyian zhyian commented Mar 18, 2026
edited
Loading

Description

Ports bug fixes from the dev branch that also affect version-3. Each fix was manually adapted to version-3 codebase (PHP 7.4+ typed properties, PHPStan, restructured classes).

How has this been tested?

  • Existing unit and integration tests updated to reflect the changes
  • Verified that each fix addresses the same root cause present in version-3
  • Tested with projects on my local setup

Types of changes

Bug fixes

  • Env-example step not respecting ENV_DIR configuration (dev commit 1c7c3c6): EnvExampleStep::allowed() and targetPath() now resolve paths using the configured ENV_DIR instead of always using the project root. Added Filesystem::normalizePath() public method to support this.
  • Question forcing lowercase on all answers (dev commit 3b92c56): Moved answer filtering logic from Io into Question::filterAnswer(), so strtolower is only applied for standard answer-key matching - not unconditionally on all input.
  • Raw string filter for environment variables (dev PR Add a "Raw string" filter, Fix possible inconsistency between constants and environment variables in the generated cache #136): Passwords, secret keys, and salts containing special characters (&, <, ') were corrupted by FILTER_STRING (which runs htmlspecialchars/strip_tags). Added FILTER_RAW_STRING using addslashes() instead, applied to DB_PASSWORD, FTP_PASS, WP_PROXY_PASSWORD, and all AUTH/NONCE/SECRET keys and salts.
  • MU plugins loader edge cases (dev commit 48d4844): MU plugins installed via installer-paths (e.g. from wp.org, which can't use the wordpress-muplugin type) were not being loaded. Now scans mu-plugins subdirectories for plugins not covered by known packages, with dropin filtering to avoid double-loading.

New feature

  • N/A

Breaking change

  • N/A

Issues

Checklist:

  • My code is tested
  • My code follows the project code style
  • My code has documentation (for new features or changed behavior)

zhyian added 4 commits March 17, 2026 16:15
@zhyian
Port bug fixes from dev branch to version-3
3608235 
- Fix env-example step not respecting ENV_DIR configuration for env directory (dev commit 1c7c3c6).

- Move answer filtering logic from Io into Question::filterAnswer() (dev commit 3b92c56).

- Add public Filesystem::normalizePath() to expose the underlying Composer Filesystem method.
@zhyian
fix: drop blocked composer/composer 2.7.x and 2.8.x from CI matrix
15a2ba6
@zhyian
Port raw string filter for env variables from dev (PR wecodemore#136)
ba23ce5 
 - Add FILTER_RAW_STRING that uses addslashes() instead of htmlspecialchars()/strip_tags(), preventing corruption of special characters in passwords and secret keys.

 - Apply FILTER_RAW_STRING to DB_PASSWORD, FTP_PASS, WP_PROXY_PASSWORD, and all AUTH/NONCE/SECRET keys and salts.
@zhyian
Port MU plugins loader edge case fix from dev (commit 48d4844)
071e3c6 
- Scan mu-plugins subdirectories that aren't from known wordpress-muplugin packages, so MU plugins installed via installer-paths (e.g. from wp.org, which can't use the wordpress-muplugin type) are properly loaded.

- Also filter out dropin files from the scan to avoid loading them twice.
@zhyian zhyian marked this pull request as ready for review March 18, 2026 12:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zhyian