Skip to content

Prepare for WordPress 7.0 and improve plugin robustness#10

Merged
wzul merged 13 commits into
mainfrom
wp-7.0-readiness
May 28, 2026
Merged

Prepare for WordPress 7.0 and improve plugin robustness#10
wzul merged 13 commits into
mainfrom
wp-7.0-readiness

Conversation

@wzul

@wzul wzul commented May 18, 2026

Copy link
Copy Markdown
Collaborator

What does this change?

This PR focuses on stabilizing the plugin for the WordPress 7.0 release cycle by addressing architectural flaws in the API client and significantly maturing the CI/CD pipeline.

Core Logic & Bug Fixes

  • API Instance Isolation: Refactored GF_CHIP_API::get_instance() to return instances keyed by a hash of credentials (md5(secret_key + brand_id)). This prevents "cross-talk" where credentials from one form might persist into an API call for a different form using different settings.
  • Centralized Credential Resolution: Introduced get_credentials_for_feed() to DRY up the logic used to determine whether to use Global or Form-specific settings. This refactor impacts redirect, callback, refund, and cancellation flows.
  • Hardened API Requests: Enhanced GF_CHIP_API::request() with is_wp_error() checks and HTTP status code validation (ensuring 2xx range) to handle malformed or unauthorized responses gracefully.
  • Improved Response Handling: Added explicit checks for null or empty strings in API responses before attempting json_decode.

DevOps & CI/CD Enhancements

  • Automated WordPress.org Deployment: Introduced deploy.yml to automate syncing the Git repository to the WordPress.org SVN repository (trunk, tags, and assets), replacing older, fragmented workflows.
  • Automated Release Preparation: Added prepare-release.yml which utilizes AI to generate changelogs from commit history and automates version bumping across project files.
  • Expanded Test Matrix: Updated plugin-check.yml to test across a wider range of PHP versions (7.4 through 8.5) and integrated PHPUnit into the CI flow.
  • PR Automation: Added pr-summary.yml to automatically maintain and update PR descriptions using AI.

Documentation & Standards

  • Developer Documentation: Added CLAUDE.md and CONTRIBUTING.md to provide comprehensive project context, architectural notes (locking mechanisms, credential resolution), and contribution guidelines.
  • Asset Management: Created a .wordpress-org/ directory for plugin banners and icons, ensuring they are excluded from the plugin zip but correctly deployed to the SVN assets/ folder.

How to test

  1. Unit Tests: Run ./vendor/bin/phpunit. New tests should cover the refactored get_credentials_for_feed logic.
  2. Credential Isolation: Configure Global settings with one set of keys and a specific form with another. Process a payment and verify that the API client correctly switches between instances based on the form configuration.
  3. API Error Handling: Mock a 401 or 500 error from the CHIP API and verify that GF_CHIP_API::request returns null and does not trigger PHP warnings.
  4. PHP Compatibility: Run phpcs --standard=PHPCompatibilityWP --runtime-set testVersion 7.4-8.5 . to ensure no regressions for supported PHP versions.

Potential Risks & Review Items

  • Credential Helper Refactor: Since get_credentials_for_feed is now used in every critical payment method, verify that the fallback logic (Global vs. Form) matches the previous implementation exactly to avoid breaking existing configurations.
  • API Client Return Types: The new status code checks in GF_CHIP_API return null on failure. Ensure all callers (like get_payment or create_payment) handle this null return to avoid "accessing property on non-object" errors.
  • SVN Sync Logic: The deploy.yml workflow uses a sparse-checkout and rsync strategy. The first live run against the WordPress.org SVN should be monitored closely to ensure the trunk and assets folders are updated as expected.

Is this PR safe for automatic approval?

No. It contains critical changes to the API client architecture and refactors the core credential resolution logic used for processing payments.

Images

New plugin assets (banners/icons/screenshots) have been added to the .wordpress-org/ folder for the WordPress.org plugin directory.

Related Tasks / PRs

  • WordPress 7.0 Compatibility Audit
  • Ref: Claude Code generated summary

Checklist

  • Unit tests provided?
  • All tests passing?
  • Tested in staging?
  • Task link provided?

wzul and others added 13 commits May 19, 2026 06:03
Changes:
- Bump Tested up to 7.0 in readme.txt
- Fix rgar() argument order in complete_payment() that broke delayed feeds
- Fix API singleton to key instances by credentials hash, preventing
cross-contamination when global and form configs use different keys
- Add WP_Error and HTTP status code checking in API client request()
- Extract repeated credential resolution into get_credentials_for_feed() helper
- Sync package.json version with plugin version
- Update PHPCS testVersion to 7.4-8.4
- Add unit tests for GF_Chip core logic (credentials, callback actions, timezone)
- Add GF framework stubs in bootstrap.php so GF_Chip can be unit tested
- Add CLAUDE.md with project context and notes
- Add CLAUDE.md to .gitattributes export-ignore

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Changes:
- plugin-check.yml: add concurrency, PHP matrix testing (7.4/8.0/8.2/8.4),
  modern action versions, simplified job dependencies
- Add pr-summary.yml: auto-generate PR descriptions with AI
- Add prepare-release.yml: AI-powered changelog + automated version bump + PR
- Add deploy.yml: consolidated SVN deployment with trunk/release stages,
  sparse checkout, automatic GitHub release creation
- Remove old gravity-forms.release.yml and gravity-forms.upload.yml (replaced)
- Add bump-version.sh, generate_release_notes.py, generate_pr_summary.py

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Downloaded existing assets from SVN:
- banner-1544x500.png, banner-772x250.png
- icon-128x128.png, icon-256x256.png
- screenshot-1.png through screenshot-5.png

Added .wordpress-org/ to .gitignore since these are deployed to SVN
separately via deploy.yml and should not be tracked in git.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Restructure with required CLAUDE.md header
- Add common development commands (phpunit single test/class, phpcs, plugin-check)
- Expand architecture section with credential resolution, webhook verification,
  and per-payment locking details
- Add CI/CD workflow descriptions
- Add .claude/ to .gitattributes export-ignore

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Create CONTRIBUTING.md with dev setup, coding standards, release process,
  and version bump instructions adapted from chip-for-woocommerce
- Add .wordpress-org/ to .gitattributes export-ignore
- Add .phpunit.result.cache to .gitattributes export-ignore

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- plugin-check.yml: add 8.5 to PHP compatibility matrix
- phpcs.xml: update testVersion to 7.4-8.5
- CLAUDE.md: update PHP compatibility references to 8.5

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Replace gravity-forms-upload-vX.Y.Z with vX.Y.Z across all workflows,
scripts, and documentation for consistency with standard semver tagging.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Remove composer.lock from git tracking (was causing merge conflicts)
- Add composer.lock, ci-build/, diff.txt, changelog_entry.md to .gitignore

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Document WordPress.org asset naming conventions and deploy sync process,
maintaining parity with chip-for-woocommerce project structure.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Replace WP_Mock\Tools\TestCase extends with PHPUnit\Framework\TestCase
  to fix "Cannot override final method run()" fatal on PHPUnit 9.6+
- Add tearDown() calling WP_Mock::tearDown() in all test classes
- Fix equals sign alignment in class-gf-chip.php lines 1132-1133

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add is_wp_error(), wp_remote_retrieve_response_code(), and WP_Error class
stubs to tests/bootstrap.php so the new API error handling tests pass.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Update GF_CHIP_APITest::setUp() to reset $instances array property
  instead of the old $instance property
- Fix json_decode(null) deprecation in class-gf-chip-api.php by adding
  a guard for null/empty response before calling json_decode()

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Update run-wp-plugin-check.sh to build a clean directory via git archive
  before running plugin check, matching the CI workflow behavior
- Use absolute path in .wp-env.json mapping so wp-env mounts the clean
  build instead of the source repo (which contains dev files)
- This eliminates hidden_files and application_detected errors from
  dev-only files that are already export-ignored in releases

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@github-actions

Copy link
Copy Markdown
Contributor

✅ WordPress Plugin Check Report

✅ Status: Passed

📊 Report

All checks passed! No errors or warnings found.


🤖 Generated by WordPress Plugin Check Action • Learn more about Plugin Check

@wzul
wzul merged commit 4f2ae5b into main May 28, 2026
10 checks passed
@wzul
wzul deleted the wp-7.0-readiness branch May 28, 2026 09:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant