v1.1.0
LatestVerified SafeReleased 649.3 KB
Added
- Query Logger - Real-time database query monitoring with slow query detection and performance metrics
- Query Statistics Dashboard - Visual insights into query performance and component-level breakdowns
- N+1 Query Detection - Automatically identifies and highlights repeated queries with aggregate statistics
- Database query error logging with detailed error messages and filtering
- Query export to CSV, JSON, and TSV formats with accurate component attribution
- Dynamic query statistics that recalculate based on active filters
- WP-CLI commands for license activation, debug toggling, viewer setup, and log management (wp dbtk)
- Email notification system for error alerts with customizable templates
- Automatic log cleanup with delete/archive/truncate methods, size limits, and age-based rotation
- Viewer permissions health check with repair button in Site Health
- Viewer settings for query dashboard limit, tail scan MB, max entry MB
- PHP memory limit management (writes to wp-config.php)
- Upload limit controls via WordPress filters
- Settings UI redesign with modern tabbed interface
- Modular licensing system with grandfathered benefits for early adopters
- Custom file paths configuration (DBTK_CONFIG_PATH, DBTK_LOG_PATH constants)
- Error level selection in Settings (Debug, Info, Warning, Error)
- Cache busting in Admin and Viewer apps
- WordPress internationalization (wp-i18n) support
- Psalm static analysis with type hints
- Partner discounts page
Other
- Security: Query logs encrypted at rest
- Security: Password protection now mandatory for viewer (8-character minimum)
- Security: SQLite-based rate limiting with progressive brute-force protection
- Security: Enhanced session security with 30-minute timeout and IP binding
- Security: Strengthened path traversal prevention with expanded blocklist
- Security: Replaced exec() with token_get_all() for PHP syntax validation
- Security: Fixed wp-config.php case-sensitivity bypass vulnerability in viewer
- Security: Added protection for secure-debug.php (GridPane compatibility)
- Security: Scoped CORS headers to plugin endpoints only
- Security: Restricted wp-config backup file permissions
- Security: Hardened viewer config and auth files against direct access
Improved
- Production and performance warnings in setup wizard for debug mode and query logging
- “Install without tools” option to set up the viewer without enabling debugging tools
- Setup wizard defaults tools to disabled — users opt in consciously
- Viewer installer wizard with step-by-step guidance
- Redesigned crash recovery system with cleaner UI and granular plugin/theme controls
- License management moved to Settings page
- Targeted cache clearing (plugin-specific transients only)
- Enhanced output buffer management
- Better type safety and code quality across PHP and React code
Fixed
- Query Viewer tail reader no longer returns 0 entries on huge final log line
- Viewer auth rate limiter fallback when PDO SQLite is unavailable
- Directory permission issues on restrictive servers (umask handling)
- Viewer installation on hosts where WordPress files are in subfolders
- Path validation now supports relative paths securely
- Health check now properly loads WordPress admin functions
- Admin CSS isolation prevents conflicts with other plugins
- Compatibility with UiPress Lite and WP Dark Mode
- wp-config.php duplicate constants when reinstalling viewer