Skip to content

Releases: PSA-Corporate-Learning-Branch/moodle-local_githubsync

v0.5.0

07 Feb 03:37
@allanhaggett allanhaggett
v0.5.0
82dfe6f

Choose a tag to compare

View all tags
v0.5.0 Latest
Latest

What's New

Project Quality & CI/CD

  • Moodle Coding Standards: All PHP files pass phpcs --standard=moodle with zero errors/warnings
  • PHPStan Level 6: Full static analysis covering type safety, return types, and dead code
  • Semgrep OWASP Security Scan: 8 community rulesets + 10 custom Moodle-specific rules
  • Branch protection: All 3 CI checks must pass before merging to main
  • Dependabot: Automated weekly updates for composer and GitHub Actions dependencies

Security Hardening (23 vulnerabilities fixed)

  • Webhook HMAC-SHA256 signature verification
  • HTML sanitization via purify_html() on all GitHub content
  • Sodium-only PAT encryption (no insecure fallback)
  • Asset type allowlist, URL validation, generic error messages
  • Full details in SECURITY.md

Project Hygiene

  • GPL v3 LICENSE file
  • .editorconfig for consistent formatting
  • PR template with test plan checklist
  • Issue templates (bug report, feature request)
  • CHANGELOG.md

Core Features (from earlier releases)

  • One-click sync from GitHub repo to Moodle course
  • Page, Label, and URL activities from HTML files with YAML front matter
  • Asset management (CSS, JS, images) with automatic URL rewriting
  • Incremental sync with content hash tracking
  • Delete detection (hides removed activities)
  • Scheduled hourly auto-sync task
  • GitHub webhook for instant sync on push
  • CLI bulk sync tool
  • PAT encryption at rest
Assets 2
Loading