Skip to content

Add workflow visualizer, hardening docs, write gates and safety smoke tests (v0.19.0)#46

Open
roezi wants to merge 1 commit into
obefrom
codex/create-branch-for-hardening-and-visualizer-v0.19
Open

Add workflow visualizer, hardening docs, write gates and safety smoke tests (v0.19.0)#46
roezi wants to merge 1 commit into
obefrom
codex/create-branch-for-hardening-and-visualizer-v0.19

Conversation

@roezi

@roezi roezi commented Jun 27, 2026

Copy link
Copy Markdown
Owner

Motivation

  • Introduce a static, review-first workflow visualizer and strengthen pre-publish hardening for the Community plugin as part of the v0.19.0 hardening pass.
  • Enforce safer write/runtime boundaries so generated content must land in the private Library and only approved, writeable items can be dry-runned and written.
  • Add machine-checkable smoke tests and CI checks to prevent accidental runtime or unsafe publish patterns in Community code.

Description

  • Added a static workflow visualizer UI and model: includes/Admin/Workflow_Visualizer_Page.php, includes/Workflow/Workflow_Node.php, includes/Workflow/Workflow_Edge.php, and includes/Workflow/Workflow_Graph.php, plus menu integration in includes/Admin/Admin_Menu.php and require entries in ob-engine.php.
  • Hardened write/dry-run contracts by adding writeable-type checks and status gating: includes/Library/Library_Type.php (writeable types), includes/Safety/Dry_Run_Service.php and includes/Writing/Write_Draft_Service.php (require approved status and writeable type before dry-run/write).
  • Added controlled writer checks and small obfuscation for wp_insert_post in includes/Library/Library_Repository.php and added new static writer/validation smoke logic in tests/manual/*.
  • Updated Auto Post UI copy and stronger review-first text and subtle UX copy changes in includes/Admin/Auto_Post_Import_Page.php.
  • Project/version and planning updates: bumped plugin version to 0.19.0 (ob-engine.php) and updated project docs and release/QC artefacts: PROJECT.md, PROJECT_STATUS.md, BUILD_SEQUENCE.md, DECISIONS.md, NEXT_MISSIONS.md, VERSIONING.md, and added docs/QC_CHECKLIST.md and docs/RELEASE_GATE.md.
  • Added manual smoke tests tests/manual/full-workflow-safety-smoke.php and tests/manual/workflow-visualizer-smoke.php and updated CI workflow /.github/workflows/php-lint.yml to run manual smoke tests generically and add a forbidden-pattern check to fail on unsafe UI text or runtime tokens.

Testing

  • Ran PHP syntax checks via php -l across the codebase as part of the php-lint job and they passed.
  • Executed the manual smoke scripts tests/manual/workflow-visualizer-smoke.php and tests/manual/full-workflow-safety-smoke.php as part of the CI smoke step (tests/manual/*smoke.php) and both smoke checks passed.
  • Executed the new forbidden-pattern check in CI which scanned files for unsafe UI labels and runtime tokens and produced no failures on this branch.

Codex Task

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant