Conversation
phpstan-bootstrap.php (placeholder constants for static analysis) was shipping in the build: the .distignore *.dist glob catches phpstan.neon.dist and phpcs.xml.dist, but this file ends in .php so it slipped through. It is dev-only (referenced solely by phpstan.neon.dist's bootstrapFiles, never loaded at runtime), so list it explicitly. .distignore is the single source of truth for both the CircleCI and GitHub Actions packaging paths, so this fixes both.
CircleCI's build_package_release owns releases (build + sign + announce to the
Release Manager, which updates EDD), as it did through 2.0.0. The GitHub Actions
'Create tag + release for the new version' step (added after 2.0.1) created the
v{version} tag/release on the main merge, racing CircleCI's create_release —
the collision aborted CircleCI before its announce, so EDD never updated (2.0.1
and 2.0.2 both stuck until pushed manually).
Restore build-plugin-zip.yml to its v2.0.1 shape: it still builds the zip,
uploads the artifact, updates the rolling 'latest' prerelease, and keeps the
'Tagged release' backstop that fires AFTER CircleCI pushes the v* tag (no race).
Only the v{version}-on-merge creation is removed, so CircleCI is the sole
creator of the version tag + release and its announce runs every release.
… null] The yoast_update_seo / yoast_bulk_update_seo input schema advertised noindex as type: ['boolean', 'null']. Anthropic's tool-schema validator rejects a 'null' member in a JSON Schema type array and returns a 400 for the ENTIRE tools/list request, which takes every tool on the server offline for Claude / Anthropic API clients, not just this field. Schema now advertises type: 'boolean'. The runtime handler is unchanged and still accepts an explicit null (tri-state true/false/null is preserved; covered by the existing 'noindex tri-state: null is preserved' test). Added a regression test asserting no field in the shared Yoast property set uses a type array containing 'null'. dist/ is a build artifact (npm run build / prepare) and is intentionally left out of this PR. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…undle; credit contributor Builds on @dallinchase's noindex scalar-type change. Verified the type-array rejection reproduces on Google Gemini's functionDeclarations (HTTP 400 "Proto field is not repeating, cannot start list"), NOT the Anthropic API (accepts ["boolean","null"] on stable 2023-06-01 + tool betas) or OpenAI (strict and non-strict). Re-attributes the field description to Gemini and corrects the tri-state wording: null resets to the post-type default (delete_post_meta), omit leaves the current value unchanged. Also: - Regenerate the git-tracked embedded bundle (CI verifies it byte-for-byte via .github/workflows/tests.yml + tests/packaging.test.ts). - Fix a TS2352 in the regression test (cast through unknown; tsconfig.build.json excludes tests so CI missed it, but tsc -p tsconfig.json flags it). - Credit Dallin Chase in the changelog for the original fix. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
npm audit: 0 vulnerabilities (clears the open Dependabot alerts).
Runtime (bundled into the shipped MCP server):
- axios ^1.7.9 -> ^1.16.0 (resolves several high/medium advisories)
- form-data and qs/hono refresh to patched versions via the lockfile
Dev:
- esbuild ^0.27.3 -> ^0.28.1; vitest ^3.2.4 -> ^3.2.6 (critical)
- vite refreshes to a patched 7.3.5 via the lockfile
- overrides: { esbuild: "$esbuild" } forces vite's nested esbuild to the patched
0.28.1, clearing the dev-server advisories without a major vitest bump
Bumps the MCP server (package.json) 2.0.1 -> 2.0.2 — 2.0.1 is already published,
and npm-publish.yml only ships when the version is new, so without the bump the
patched bundle would never reach npx users. The server versions independently of
the plugin.
Rebuilt the bundle (handshake version + patched axios/form-data) on top of the
current develop tree, so the committed embedded copy keeps the Yoast/Gemini fix
and gains the dependency patches. Verified: npm run build, tsc, the full vitest
suite (724 tests), and npm audit (0) all pass. Changelog entry added under
= develop =.
The Settings → Block MCP block-score and replacement tables stored a lossy
subset of preferences, and the first-ever save lost everything:
- Render and sanitize read the raw stored option instead of layering over
Preferences::get_defaults(), so the shipped defaults vanished from the tables
once any custom entry was stored (the runtime kept merging them, so the UI
contradicted enforcement).
- The sanitize callback only understood the form's indexed-row shape. Core
double-sanitizes an option on its first write — update_option() delegates to
add_option(), which sanitizes again — so the second pass received the
callback's own {namespace_scores, replacement_map} output, found no rows, and
collapsed the option to []. The first save silently wiped everything.
Render now uses the merged Preferences::get_preferences() view; sanitize layers
posted rows over the defaults and is idempotent (it accepts its own canonical
output, so a second pass is a no-op). The racy type-to-grow auto-row is replaced
with an explicit "Add row" button, and a score entered without a block-family
name now warns on save instead of being dropped silently.
# Conflicts: # wordpress-plugin/gk-block-mcp/readme.txt
…Add row PHPUnit (tests/Connect/SettingsPagePreferencesTest.php): render and sanitize layer over the shipped defaults; sanitize is idempotent; the first save of a brand-new option survives core's update_option()->add_option() double-sanitize via the real mechanism; a scored row with no name surfaces a settings error while a fully blank trailing row does not. Adds a committed admin-UI regression e2e harness (tests/e2e/, npm run test:e2e) that drives the live settings page: a namespace added via the Add row button persists across save, and a score with no name warns instead of vanishing.
- e2e: replace waitForLoadState('networkidle') (discouraged by Playwright) with
deterministic waits — wait for the settings-updated redirect before reloading,
and let the visible-warning assertion auto-wait across the form-submit
navigation.
- readme: move the "Add row" entry from Fixed to a new Improved section (a UI
enhancement, not a bug fix).
- tests: rewrite docblocks to present-tense contract language, dropping the
"before the fix" history per the comment guideline.
Skipped CodeRabbit's "@SInCE on new members": no PHPUnit test method in the
suite carries @SInCE — it's a production-API convention, not a test one.
chore(deps): patch npm security advisories (clears all 20 Dependabot alerts)
WalkthroughThis PR delivers the 2.0.3 plugin release: ChangesSettings Page Overhaul
Yoast noindex Schema Fix
CI Simplification, Dependency Updates, and Docs
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
…ent-discard fix (Fixed)
fix(settings): keep block-preference defaults and persist the first save
Stamps the queued develop work as 2.0.3: turns the = develop = changelog into = 2.0.3 on June 17, 2026 = with a release summary, and bumps the plugin Version header, GK_BLOCK_MCP_VERSION, and readme Stable tag from 2.0.2 to 2.0.3. The MCP server (package.json) stays 2.0.2 — it versions independently and has no new change this release; the 2.0.2 server publishes when this reaches main.
…nt attribution Addresses CodeRabbit on PR #34: - AGENTS.md: drop "== Upgrade Notice ==" from the version-bump list (four places, not five). Releases now source notes from the Changelog entry (per the earlier ci(release) change), and the plugin updates through Foundation, so the section is never surfaced. Scope @SInCE to shipped public members, with test files explicitly exempt — the whole suite leaves them un-annotated. - Correct the yoast_update_seo test comment to attribute the null-in-type-array rejection to AI clients like Gemini, matching the implementation comment. Skips CodeRabbit's "add Upgrade Notice" and "add @SInCE to the test class" — both contradict the established practice the guidance now documents.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Promotes the queued
developwork tomainfor the next release. Opened per thebranch → develop → mainflow.Included now
noindexschema type no longer takes the assistant's tool list offline on Gemini clients. (Thanks @dallinchase.)phpstan-bootstrap.phpexcluded from the plugin zip.mainso the delete-by-ref hotfix and its changelog entry rejoin thedevelopline (no longer diverged).Rolling in before merge
Two PRs are in review against
developand will appear here automatically once merged:npm audit0).Before merging
= develop =into= X.Y.Z on <date> =inreadme.txt, and update the pluginVersion/Stable tag(and the serverpackage.jsonif releasing it together).Hold until #32 and #33 land in
develop.💾 Build file (ce7f2e8).
Summary by CodeRabbit
Release Notes
New Features
Bug Fixes
Improvements
Chores