Changelog - WP Freighter

Dark Mode Support: Added full support for dark mode. The interface now automatically respects system preferences (prefers-color-scheme) and includes a manual toggle in the toolbar to switch between light and dark themes.
Vue 3 & Vuetify 3: Completely upgraded the admin dashboard dependencies to Vue.js 3.5.22 and Vuetify 3.10.5. This modernization improves rendering performance and ensures long-term compatibility.
Self-Healing Logic: Implemented Site::ensure_freighter(), which automatically restores the plugin files and forces activation on a tenant site before context switching. This prevents errors if the plugin was manually deleted or deactivated in a child environment.
New CLI Command: Added wp freighter regenerate. This utility allows administrators to manually trigger a refresh of the wp-content/freighter.php bootstrap file and wp-config.php adjustments via the command line.

Terminology: Updated UI and CLI text to refer to sites as "Tenant Sites" instead of "Stacked Sites" for better clarity.
UI Visuals: Refined input fields, tables, and overlays to use transparent backgrounds, allowing the plugin interface to blend seamlessly with the native WordPress Admin color scheme.
Cache Busting: Introduced WP_FREIGHTER_VERSION constant to ensure admin assets are properly refreshed in browser caches immediately after an update.

Bootstrap Location: Updated the detection logic for freighter.php to use ABSPATH instead of WP_CONTENT_DIR, resolving path resolution issues on specific hosting configurations.

Bootstrap Architecture: Introduced wp-content/freighter.php to handle site loading logic. This significantly reduces the footprint within wp-config.php to a single require_once line, making the configuration more robust and easier to read.
Local Dependencies: Removed reliance on external CDNs (delivr.net) for frontend assets. Vue.js, Vuetify, and Axios are now bundled locally within the plugin, improving privacy, compliance (GDPR), and offline development capabilities.
Manual Configuration UI: Added a dedicated interface for environments with strict file permissions. If the plugin cannot write to wp-config.php or create the bootstrap file, it now provides the exact code snippets and a "Copy to Clipboard" feature for manual installation.
Session Gatekeeper: Implemented stricter security logic for cookie-based context switching. The plugin now actively verifies that a user is authenticated or in the process of logging in before allowing access to a tenant site via cookies.
"Login to Main" Button: Added a quick-access button in the toolbar to return to the main parent site dashboard when viewing a tenant site with domain mapping enabled.

Context Switching: Refactored the context switching logic to force an immediate header reload when setting the stacked_site_id cookie. This resolves issues where the context switch would occasionally fail on the first attempt.
Asset Management: Added a developer utility (WPFreighter\Dev\AssetFetcher) to programmatically fetch and update frontend vendor libraries.

Cookie Reliability: Fixed an issue where the site ID cookie wasn't being set early enough during the request lifecycle for specific hosting configurations.

Hybrid Mode: Introduced a new "Hybrid" file mode that shares plugins and themes across all sites while keeping the uploads folder unique for each site. Perfect for agencies managing standardized stacks with different media libraries.
WP-CLI Integration: Added robust CLI commands (wp freighter) to manage sites, clone environments, toggle file modes, and handle domain mapping via the terminal.
Developer API: Introduced the WPFreighter\Site class, allowing developers to programmatically create, clone, login, and delete tenant sites.
Environment Support: Added support for the STACKED_SITE_ID environment variable to enable context switching in CLI and server environments.
Object Cache Compatibility: Now modifies WP_CACHE_KEY_SALT in wp-config.php to ensure unique object caching for every tenant site.
Storage Stats: Added directory size calculation to the delete site dialog, providing warnings for dedicated content deletion.

Architecture Refactor: Moved core logic from Run.php into dedicated Site and CLI models for better maintainability.
Admin Assets: Migrated inline Vue.js logic from the PHP template to a dedicated admin-app.js file.
Kinsta Compatibility: Enhanced support for copying Kinsta-specific mu-plugins when creating sites in dedicated mode.

Database Hardening: Implemented $wpdb->prepare() across all database write operations to prevent SQL injection vulnerabilities.
Input Sanitization: Added strict input sanitization (sanitize_text_field, sanitize_user) to all REST API endpoints.

REST API Implementation: Completely replaced legacy admin-ajax calls with secure WordPress REST API endpoints (wp-freighter/v1) for better stability and permission handling.
Clone Specific Sites: Added functionality to clone any specific tenant site directly from the site list, not just the main site.
Enhanced Clone Dialog: New UI dialog allowing users to define the Label or Domain immediately when cloning a site.
Smart Defaults: The "New Site" form now pre-fills the current user's email and username, and automatically generates a secure random password.
Manifest Support: Added manifest.json for standardized update checking.

Frontend Dependencies: Updated Vue.js to v2.7.16, Vuetify to v2.6.13, and Axios to v1.13.2.
Updater Logic: Migrated the update checker to pull release data directly from the GitHub repository (raw.githubusercontent.com) instead of the previous proprietary endpoint.
Admin Bar: The "Exit WP Freighter" button now utilizes a Javascript-based REST API call for a smoother exit transition.

Theme Upgrader Noise: Implemented a silent skin for the Theme_Upgrader to prevent HTML output from breaking JSON responses when installing default themes on new sites.
Fallback Logic: The updater now falls back to a local manifest file if the remote check fails.

Site cloning will copy current source content folder over to new /content/<id>/.
Refresh WP Freighter configs on plugin update.