Releases: infinum/eightshift-forms
Releases · infinum/eightshift-forms
Release list
9.9.0
Added
- Added object caching to
GeneralHelpers::getBlockLocations()to avoid repeated direct database queries for block locations. - Added a
locationsbulk type toBulkRouteand theviewTypestate attribute, so locations are loaded and rendered inline without a full page reload.
Changed
- Updated location loading to run through the unified bulk operation flow (
BulkRouteandbulk.js) instead of a dedicated route and asset.
Removed
- Removed the standalone
LocationsRouteREST endpoint andlocations.jsadmin asset, merging their functionality intoBulkRouteandbulk.js.
9.8.0
Added
- Added a Cron Jobs global settings page (under Troubleshooting) to manage scheduled tasks and manually run each job from the admin.
- Added
CronRunRouteREST endpoint to trigger an individual cron job on demand. - Added
CronJobsSchedulesservice that centralizes the custom WP-Cron intervals (every 15 minutes, every hour, once a day). - Added
cron.jsadmin asset to trigger cron runs from the settings UI. - Added
cronRunSuccessandcronRunNotFoundlabels.
Changed
- Updated all cron jobs to use the centralized
CronJobsSchedulesinterval constants instead of each registering its own schedule. - Updated
OauthCleanupJobto run once a day instead of every hour.
9.7.1
9.7.0
Added
- Added Pardot integration with full Salesforce OAuth 2.0 flow, admin settings, and field mapper.
- Added Pardot Gutenberg block for embedding Pardot forms in the block editor.
- Added Pardot REST routes: OAuth callback, integration items, form submit, and API test.
- Added
OauthCleanupJobcron job to remove expired OAuth tokens. - Added Pardot variables, labels, filters, and fallback flag to the cross-cutting integration setup.
9.6.0
Added
- Added Friendly Captcha widget mode settings with
Smart,Zero-click, andOne-clickoptions.
Fixed
- Fixed Friendly Captcha token handling so
One-clickmode reads and resets the correct widget per form. - Fixed Friendly Captcha v2 siteverify handling so HTTP 200 responses with
success=falseare treated as failed captcha checks.
9.5.3
9.5.2
Added
- Added a
wpml-config.xmlso WPML's Advanced Translation Editor can translate Gutenberg form field strings (labels, help, placeholders, button text, step labels) without duplicating forms per language.
Changed
- Updated the submit button so its default "Submit" label is provided as a translatable PHP fallback instead of a hardcoded manifest default.
- Updated the form
methodattribute default to uppercasePOST.
Fixed
- Fixed an incorrect
uploadFile()return-type annotation inUploadHelpersthat triggered PHPStan errors.
9.5.1
Added
- An accessible name to rendered forms so Safari / VoiceOver exposes them as landmarks.
- live-region semantics for global form messages and alert semantics for notices so screen readers announce status changes.
- Preserved accessible labels when fields use placeholder mode by keeping a visually hidden label in the DOM.
- An accessible label to the phone country-code select so screen readers announce its purpose.
9.5.0
Added
- Added a file upload security scanner stack covering archive, CSV, image, Office (both Office Open XML
.docx/.xlsx/.pptxand legacy.doc/.xls/.pptCompound File Binary Format), PDF, and text files. Scanners run on every upload regardless of the field'sacceptconfiguration, closing the gap where a field with no allow-list received no content validation. - Added a "File security" settings tab under Validation that reports the availability of
qpdf,proc_open(), and the required PHP extensions (fileinfo,zip,dom,gd/imagick). - Added
fileSecurityDenyExtensionsfilter to extend or override the built-in deny list of executable, scriptable, and server-interpreted extensions. - Added
fileSecurityPdfUseQpdfandfileSecurityPdfQpdfBinaryfilters to toggle and configure the QPDF integration used for deep PDF inspection. - Added validation labels for each scanner outcome:
validationFileExtensionDenied,validationFileMimeMismatch,validationFileMimeNotAllowed,validationFileScanFailed,validationFilePdfUnsafe,validationFileImageUnsafe,validationFileOfficeUnsafe,validationFileCsvUnsafe,validationFileArchiveUnsafe,validationFileTextUnsafe.validationFileMimeNotAllowedis surfaced when the detected MIME is valid but the site has not registered it (e.g..xmlon a default WordPress install), instead of the misleading "contents do not match extension" message. - Added
errorFileUploadFailedSecurityScanupload error so the security scanner runs again immediately before a file leaves PHP's managed tmp area.
Changed
AbstractValidation::isMimeTypeValid()now detects MIME from the file contents via libmagic (finfo), falling back tomime_content_type. The client-supplied$file['type']is no longer trusted.
Removed
- Removed the
forceMimetypeFromFsfilter. MIME type is now always determined from file contents, so the filter is no longer needed.