PHP Classes

File: Changelog-v1.txt

Recommend this page to a friend!
  Classes of Caleb  >  PHP Mussel  >  Changelog-v1.txt  >  Download  
File: Changelog-v1.txt
Role: Documentation
Content type: text/plain
Description: Documentation
Class: PHP Mussel
PHP file virus scanner to detect malware
Author: By
Last change:
Date: 3 years ago
Size: 49,955 bytes
 

Contents

Class file image Download
Changelog for phpMussel (>= v1.0.0, < v2.0.0), "Changelog-v1.txt".

=== VERSIONING GUIDELINES ===
phpMussel adheres to the SemVer guidelines for versioning.

Versioning guidelines for SemVer can be found at: https://semver.org/

=== Changes made since last versioned release ===

(none)

=== Version/Release 1.10.0 ===
MINOR RELEASE.

- [2019.04.02; Maikuolan]: Changed a misleading variable name.

- [2019.04.02-07; NEW FEATURE; Maikuolan]: Implemented a new, unified caching
  system to the package, optionally allowing package users to choose from a
  range of different caching mechanisms supported by the new caching system,
  currently consisting of APCu, Memcached, Redis, and PDO-based caching,
  alternatively deferring back to the package's existing flatfile caching
  mechanism when no other mechanisms are otherwise chosen.

- [2019.04.09; Maikuolan]: Slightly adjusted the file reading part of the cache
  handler to account for some potential edge-case problems on some servers.

- [2019.04.17; Maikuolan]: The front-end homepage now checks and displays
  whether various extensions that can be used by phpMussel are installed and
  available (APCu, Memcached, Redis, PDO, PCRE, cURL, etc).

- [2019.04.19; Maikuolan]: Slightly refactored the front-end updater and made
  some changes to the executor (needed for a smooth v2 transition).

- [2019.04.21; Bug-fix; Maikuolan]: Found a small bug affecting RTL users that
  could potentially cause text to align incorrectly in some cases; Fixed.

- [2019.04.28; Maikuolan]: Implemented a new class, "Demojibakefier", to give
  phpMussel the ability to detect whether data conforms to a specific character
  encoding.

- [2019.04.29; Maikuolan]: Added some colours to the "fancy formatting" mode of
  the front-end logs page, to make it a little fancier (it was looking kind of
  boring before).

Caleb M (Maikuolan),
April 30, 2019.

=== Version/Release 1.9.1 ===
PATCH RELEASE.

- [2019.03.02; Bug-fix; Maikuolan]: The loader would sometimes fail to
  correctly distinguish between direct requests and indirect requests, an
  ability currently needed to be able to access the front-end; Fixed.

- [2019.03.06; Maikuolan]: Slightly improved the front-end updates page
  component verification feature. The distinction between failed integrity
  checks and failed sanity checks should be a little more obvious now.

- [2019.03.19; Maikuolan]: Added a number of new plugin hooks:
  "ArchiveRecursor_start", "before_chameleon_detections",
  "before_domains_api_lookup", "before_vt", "DataHandler_start",
  "MetaDataScan_start", "new_sigfile", "new_sigfile_type", "Recursor_start".
  Refer to the v1 plugin boilerplate for more information about where these
  hooks are executed.

- [2019.03.22; Maikuolan]: Added a new malware type shorthand entry (Miner).

- [2019.03.29; Maikuolan]: Redesigned the front-end cache data page. It should
  now be a little easier to navigate the page and to interpret its data.

Caleb M (Maikuolan),
March 31, 2019.

=== Version/Release 1.9.0 ===
MINOR RELEASE.

- [2019.02.06; Maikuolan]: Completely overhauled the way that L10N data is
  processed and handled. A new class has been written to handle all L10N data,
  and L10N data is now processed and handled in an entirely object-oriented
  way. L10N data isn't stored as PHP files anymore, to be required into the
  package. Instead, L10N data is now stored entirely as YAML files. Using YAML
  instead of PHP should theoretically be a little safer in certain, edge-case
  scenarios, and should be much easier to work with for when introducing new
  translations into the package in the future (i.e., for translators which
  aren't familiar or aren't comfortable working with PHP). This overhaul also
  serves as a small stepping stone towards a future, more object-oriented major
  version release.

- [2019.02.07; Maikuolan]: Added suggested values for ipaddr as selectable
  options to the front-end configuration page.

- [2019.02.11; Maikuolan]: Slightly refactored the loader.

- [2019.02.14; Bug-fix; Maikuolan]: A mechanism on the front-end updates page
  to ensure that interdependent components updated simultaneously sometimes
  wouldn't trigger properly; Fixed.

- [2019.02.24; Maikuolan]: Added a new vendor shorthand entry (Malware.Expert).

- [2019.02.24; Maikuolan]: Added SHA1 and SHA256 support to the code for
  processing hash signatures (there wasn't anything other than MD5 signatures
  to process prior to now, so there wasn't any need to add support for other
  hash algos; some SHA1 and SHA256 hash signatures were recently added to some
  signatures files though, warranting that this support now be added).

- [2019.02.25; Maikuolan]: Reorganised the "some useful links" list on the
  front-end homepage a little (should look a little nicer now). Added a generic
  "hash" command to CLI-mode in favour of the various former individual hash
  commands, in order to be able to properly leverage all algos available to PHP
  at any time without the need to implement support for specific algos in the
  future (these various former individual hash commands will still work, but
  should be considered deprecated, and will be dropped when v2 is released).

- [2019.02.26-27; NEW FEATURE; Maikuolan]: Added the ability to flag or block
  archives that contain a number of files exceeding a specified limit. This
  limit can be specified using a newly added configuration directive,
  "max_files_in_archives".

Caleb M (Maikuolan),
February 28, 2019.

=== Version/Release 1.8.0 ===
MINOR RELEASE.

- [2018.10.22; Maikuolan]: Slightly refactored and a new safety check added.

- [2018.11.04; Documentation; Maikuolan]: Added some missing information to the
  Composer installation instructions.

- [2018.11.15; Sub-minor code change; Maikuolan]: Slightly improved quine
  detection.

- [2018.12.12; Maikuolan]: Added Crx (Chrome Extension Package) support and
  slightly refactored again.

- [2018.12.19; Sub-minor code change; Maikuolan]: Split apart the YAML handler
  a little more (doesn't change anything functionally, but should help to
  slightly reduce complaints sometimes made by certain code quality checkers
  and such). It's also less messy now to use an integer value of zero as a key.

- [2019.01.05; Sub-minor code change; Maikuolan]: Changed the default value of
  "pseudonymise_ip_addresses" from "false" to "true" in order to strengthen
  GDPR compliance.

- [2019.01.07; Sub-minor code change; Maikuolan]: Improved the front-end file
  manager, making items in the components list clickable, to display further
  relevant information.

- [2019.01.19; Sub-minor code change; Maikuolan]: Refactored logging to provide
  slightly better L10N, plus various other minor refactoring done elsewhere.
  Updated the minimum safe PHP version fallback information.

- [2019.01.25; Maikuolan]: The YAML handler has been migrated away from the
  main functions file and into its own, dedicated class file (this class file
  will also be released as part of a separate package in the near future).
  Improved the UI for the front-end updates page verification feature.

- [2019.01.29; Bug-fix; Maikuolan]: For some configuration directives where
  predefined multiple choices are available, the front-end configuration page
  was ignoring custom defined values; Fixed.

Caleb M (Maikuolan),
January 29, 2019.

=== Version/Release 1.7.0 ===
MINOR RELEASE.

- [2018.10.12-17; Maikuolan]: Completely dropped all support for scanning phar
  files with phpMussel, due to vulnerabilities discovered in the way that the
  phar wrapper was implemented in phpMussel (with no safer, more secure
  alternative known at this time for handling phar files, I neither plan nor
  anticipate ever reintroducing phar support in the future). Deprecated and
  completely removed the allow_symlinks configuration directive (we don't need
  this anymore, because it was intended to address a problem in phar, which we
  won't be using anymore anyway). Dropped the max_recursion default value from
  10 down to 3 as a means to tighten security and improve safety for when
  handling archives. Completely overhauled the way that phpMussel deals with
  archives during a scan event, ditching almost all code associated with the
  archive phase of scanning, and implementing a separate, newly created archive
  handler, compression handler, and temporarily file handler. phpMussel now
  partially utilises OOP for handling archives, and includes a small number of
  classes in its codebase (a possible stepping stone towards a future v2.0.0).
  File decompression is now implicit, rather than explicit. Slightly improved
  the aesthetic for displayed scan results in CLI where archives are concerned.
  The recursor closure isn't responsible for the code associated with the
  archive phase of scanning anymore. Instead, a new, separate archive recursor
  closure has been created to deal with the code associated with the archive
  phase of scanning. Zip archive scanning is now fully recursive. Rar archive
  scanning is now fully supported (can scan recursively, can detect encryption,
  etc). Added quine detection. Added a table to the documentation to clarify
  which compression and archive formats are and aren't supported, and removed
  some otherwise ambiguous wording about it from the documentation and L10N
  data. Refactored all chameleon attack detection code.

- [2018.10.20; Bug-fix; Maikuolan]: Missing filename extension information in
  archive recursor prevented detection of OLE objects; Fixed.

Caleb M (Maikuolan),
October 20, 2018.

=== Version/Release 1.6.0 ===
MINOR RELEASE.

- [2018.08.08; Maikuolan]: Performed some early legwork for future email
  functionality and future two-factor authentication functionality (neither
  things are prime-time ready yet though). A handful of new configuration
  directives have been added (currently marked as experimental/unstable) which
  won't do anything yet, but which are related to this future functionality.

- [2018.08.09; Sub-minor code change; Maikuolan]: Slightly improved front-end
  logging.

- [2018.08.10; Bug-fixes; Maikuolan]: Fixed a weakness in the fallback for
  fetching the IP address of inbound requests. Fixed some wrong variables used.

- [2018.08.11-12; NEW FEATURE; Maikuolan]: Added support for two-factor
  authentication by email for when logging into the front-end! It is strongly
  recommended that all users using the front-end should use this new feature
  for improved front-end security (documentation explaining how to use this
  properly will be available in the near future).

- [2018.09.12; Sub-minor code change; Maikuolan]: Replaced some real typecasts
  with float due to the anticipated deprecation of the real type for PHP 7.4.

- [2018.09.19; Sub-minor code change; Maikuolan]: Added a new safety mechanism
  for when dealing with the front-end database.

- [2018.09.21; Bug-fix; Maikuolan]: Webfont cleanup procedure removed wrong
  part from template files when webfonts not clearly marked; Fixed.

- [2018.09.22; Sub-minor code change; Maikuolan]: Slightly refactored all the
  HTML template files, slightly reducing indenting and improving readability.

- [2018.09.23; Sub-minor code change; Maikuolan]: Removed capitalisation from
  front-end username display (doesn't always play nice with non-ANSI data).

- [2018.09.26; Sub-minor code change; Maikuolan]: Front-end L10N slightly
  refactored (1.6.0-DEV+18268592).

- [2018.10.01; Sub-minor code change; Maikuolan]: Slightly improved the
  interface for the front-end upload test page (1.6.0-DEV+18273100).

- [2018.10.02; Bug-fix; Maikuolan]: Wrong variable used in a foreach loop
  belonging to the URL scanner, preventing it from correcting catching URLs;
  Fixed (1.6.0-DEV+18273842). Thanks to nemiq for identifying this bug. :-)
  Refer github.com/phpMussel/phpMussel/issues/171

IMPORTANT: Archive checking has been temporarily forcibly disabled for this
release in response to a security vulnerability. However, archive checking will
be completely overhauled in the near future as a more permanent solution to
this problem, at which point it should be safe to reenable archive checking.

Caleb M (Maikuolan),
October 6, 2018.

=== Version/Release 1.5.0 ===
MINOR RELEASE.

- [2018.06.02; Sub-minor code change; Maikuolan]: Added some additional safety
  and sanity checks to the updater. Improved the display order of logfiles
  listed on the logs page.

- [2018.06.06; Sub-minor code change; Maikuolan]: Updated the front-end
  homepage to include some links to repository backup locations.

- [2018.06.07; Bug-fix; Maikuolan]: Fixed a possible "undefined index" error
  that could occur when updating phpMussel via Cronable.

- [2018.06.08; Bug-fix; Maikuolan]: Discovered an aesthetic bug whereby the
  logs page would stretch sometimes because of non-breaking log entries; Fixed.

- [2018.06.10; Sub-minor code change; Maikuolan]: The logs page now displays
  the total processing time required for the request. Added the ability to
  generate hash tables to the front-end updates page (useful mostly for when
  verifying the integrity of components or for when preparing for future
  updates).

- [2018.06.13; Sub-minor code change; Maikuolan]: Refactoring again.

- [2018.06.17; NEW FEATURE; Maikuolan]: Added a new page to the front-end for
  viewing some basic information about an installation's currently active
  signatures such as the number of signatures from specific vendors, what
  they're targeting, the type of malware they correspond to, etc.

- [2018.06.20; Sub-minor code change; Maikuolan]: Split shorthand data out to
  its own file to improve logic and reduce duplication.

- [2018.06.26; NEW FEATURE; Maikuolan]: Added an optional directive to specify
  the maximum number of files allowed to exist in the quarantine.

- [2018.06.28; Bug-fix; Maikuolan]: Found a small typo in one of the JavaScript
  functions on the front-end accounts page; Fixed.

- [2018.07.01; Sub-minor code change; Maikuolan]: It's now possible for users
  to specify their own sort order for when the updater activates or deactivates
  signature files.

- [2018.07.11; Bug-fix; Maikuolan]: Wrong vendor name shown for some detections
  due to a missing check (non-critical); Fixed.

- [2018.07.12; Minor code change; Maikuolan]: Removed an unnecessary check that
  was being performed on the names of files in archives. Added a new
  configuration directive to optionally enable/disable that same check
  elsewhere.

- [2018.07.19; Minor code change; Maikuolan]: Added a configuration directive
  allowing users to specify which file extensions should be accepted as PHP
  files during a scan. Also performed some subtle refactoring of various parts
  of the codebase.

- [2018.07.31; NEW FEATURE; Maikuolan]: Added the ability to block files that
  contain macros and a new corresponding directive. Refactored various parts of
  the codebase. Removed an old closure that wasn't needed anymore. Updated the
  OLE testfile.

Caleb M (Maikuolan),
August 1, 2018.

=== Version/Release 1.4.0 ===
MINOR RELEASE.

- [2018.05.07-09; NEW FEATURE; Maikuolan]: Added log rotation to phpMussel.
  With log rotation, it's possible to specify a maximum number of logfiles that
  should exist in the vault, and optionally delete or archive them when that
  limit is exceeded.

- [2018.05.09; Bug-fix; Maikuolan]: Attempting to log into the front-end via
  ports other than port 80 would fail due to the way that cookies were being
  set; Fixed.

- [2018.05.14; Sub-minor code change; Maikuolan]: Logs page can now access
  GZ-compressed logfiles.

- [2018.05.16; Sub-minor code change; Maikuolan]: Changed the default value of
  the "disable_webfonts" directive from "false" to "true" (meaning they should
  now be disabled by default).

- [2018.05.16; NEW FEATURES; Maikuolan]: Added support for pseudonymising IP
  addresses when logging. Added the ability to include a privacy policy link
  in the footer of the Access Denied page.

- [2018.05.18; Minor code change; Maikuolan]: Refactored most of the procedures
  for the front-end updates page, splitting some large closures and slightly
  reducing filesize footprint. Added some new internal executor abilities for
  components metadata to the front-end updates page, allowing for theoretical
  smoother transitions when update channels change.

- [2018.05.19; Sub-minor code change; Maikuolan]: Added some basic confirmation
  prompts to some of the "clear all" and "delete all" buttons on some front-end
  pages (may expand this in the future).

- [2018.05.24; Documentation; Maikuolan]: Added a "legal information" section
  to the documentation to address the collection and processing of PII, and how
  it relates to users, third parties, logging, etc, including some basic
  information about GDPR/DSGVO and some related links for further information.
  Refer github.com/CIDRAM/CIDRAM/issues/66

- [Supported Versions] Because this release contains changes which may improve
  the legal compliancy of the package for some users, all previous versions of
  the package are hereby marked EoL/unsupported on the "compatibility charts".
  Refer maikuolan.github.io/Compatibility-Charts/

Caleb M (Maikuolan),
May 25, 2018.

=== Version/Release 1.3.1 ===
PATCH RELEASE.

- [2018.04.16; Sub-minor code change; Maikuolan]: Slightly refactored some of
  the front-end code.

- [2018.04.25; Bug-fix; Maikuolan]: Found a problem whereby the way that the
  data handler split signatures into their constituent parts (signature name,
  detection criteria, etc) during the scan process could result in expression
  compilation failures and an inability to utilise the affected signatures;
  Fixed. Refer github.com/phpMussel/phpMussel/issues/157

Caleb M (Maikuolan),
Apr 25, 2018.

=== Version/Release 1.3.0 ===
MINOR RELEASE.

- [2018.02.06; Maikuolan]: The support forum for the project hosted by Spambot
  Security has effectively become inoperable and defunct due to unmitigable
  circumstances concerning its server. Accordingly, the project support forum
  is hereby deprecated, and all references to the project support forum and to
  Spambot Security have been removed from the codebase and all documentation.
  The issues page for the project at GitHub remains as the uncontested primary
  support endpoint for the project.

- [2018.02.14; Sub-minor code change; Maikuolan]: Some very subtle front-end UI
  improvements; Support for asynchronous requests added to some front-end
  pages.

- [2018.02.15; Sub-minor code change; Maikuolan]: Component update/installation
  via Cronable should fail if unit tests fail; Added code for this accordingly.

- [2018.02.20; Bug-fix; Maikuolan]: The closures for activating and
  deactivating components via the front-end updates page would fail if non-CRLF
  linebreaks were used by the configuration file (thanks to senky for reporting
  this bug); Fixed.
  Refer github.com/phpMussel/phpMussel/issues/151

- [2018.02.27; Sub-minor code change; Maikuolan]: Added internal language
  support for Bangla (20 language localisations now completed and available).
  Translation is very fuzzy though (auditing/checking is invited/encouraged).

- [2018.02.27; Sub-minor code change; senky]: Added a new plugin hook,
  "frontend_before", executed towards the beginning of the front-end handler.

- [2018.02.28; Minor code change; Maikuolan]: Added a new front-end page,
  "Cache Data", enabling users to review the contents of their cache.

- [2018.03.25; Partial bug-fix; Maikuolan]: Coded a workaround to partially
  address the dotless phar file bug, allowing users to scan dotless ZIP files.
  Refer github.com/phpMussel/phpMussel/issues/155

- [2018.03.25; Bug-fix; Maikuolan]: "VersionCompare" function gave incorrect
  results when comparing against certain, specific Ubuntu builds of PHP; Fixed.

- [2018.04.02; Documentation; Maikuolan]: Added an index to the FAQ. Added some
  information to the FAQ regarding the issue described by #61.

- [2018.04.03; Sub-minor code change; Maikuolan]: Various small improvements to
  L10N data and its representation by the package in output.

- [2018.04.05; NEW FEATURE; Maikuolan]: Added the ability for phpMussel to
  access files indirectly via symlinks, which could assist phpMussel in being
  able to read files when doing so directly isn't possible (this feature is
  disabled by default, but can be enabled via configuration).
  Refer github.com/phpMussel/phpMussel/issues/156

- [2018.04.05; Sub-minor code change; Maikuolan]: Added "client information" to
  the front-end homepage (currently just lists your IP address and user agent).

- [2018.04.06; Sub-minor code change; Maikuolan]: Modified logging mechanisms
  as so that new directories will now be automatically generated when necessary
  when writing new log data.

- [2018.04.12; Documentation; Maikuolan]: Added information to the FAQ to add
  some clarity regarding blacklists, whitelists, and greylists (may build on
  this later, but it should be adequate for now).

Caleb M (Maikuolan),
Apr 12, 2018.

=== Version/Release 1.2.0 ===
MINOR RELEASE.

- [2017.10.30; Bug-fix; Maikuolan]: Cancelled or pending CI tests sometimes
  wouldn't display correctly on the updates page; Fixed.

- [2017.12.01; Bug-fix; Maikuolan]: PHP version warnings on the front-end
  homepage weren't always displaying correctly; Fixed.

- [2017.12.05; Minor code change; Maikuolan]: Improved Cronable API, allowing
  updates to occur without sending external requests (uses different methods).
  Shifted a number of update closures from the front-end handler to the
  front-end functions file for slightly improved efficiency.

- [2017.12.06; Bug-fix; Maikuolan]: Fixed a CRITICAL bug introduced yesterday
  that could result in the updates page deleting files pertinent to components
  being updated, thus corrupting those components and potentially rendering
  the package inoperable.

- [2017.12.06; Sub-minor code change; Maikuolan]: Added a component file
  verification option to the updates page. Removed the hotfixes file (this
  file was intended to fix a number of older problems from previous versions of
  the package that aren't relevant anymore).

- [2018.01.16; Bug-fix; Maikuolan]: Direct closure sometimes produced errors
  when running phpMussel via Cron (e.g., via Cronable) due to SCRIPT_FILENAME
  sometimes not being defined in that context; Fixed via isset check.

- [2018.01.17; Sub-minor code change; Maikuolan]: Performed some minor
  refactoring. Added checks for whether there's been any changes to the list of
  active signature files, or for whether they've been updated, which clears out
  the hash cache if found to be the case.

Caleb M (Maikuolan),
Jan 20, 2018.

=== Version/Release 1.1.0 ===
MINOR RELEASE.

- [2017.08.22; Minor code change; Maikuolan]: Improved ability to scan within
  specific PE sections (can identify PE sections intended for being scanned and
  confine source data to the associated offsets). Added new options for offsets
  in signatures.

- [2017.08.26; Sub-minor code change; Maikuolan]: The front-end updates page
  now reports the number of added/removed bytes and the total time required for
  when updating/installing/uninstalling components.

- [2017.09.01; Minor code change; Maikuolan]: Added an optional directive to
  determine whether to detect and block encrypted files ("detect_encryption").

- [2017.09.01; Bug-fix; Maikuolan]: Found and fixed a bug introduced on
  2017.08.22 relating to signature offsets.

- [2017.09.08; NEW FEATURE; Maikuolan]: Added support for Argon2 hashing for
  passwords and sessions (requires PHP => 7.2.0; updating from older versions
  of the package won't affect compatibility with older PHP versions, but the
  option for using Argon2 simply won't be provided for versions < 7.2.0). A
  new configuration directive ("default_algo") has been added, to allow users
  to switch between the defined PHP default password hashing algorithm, BCRYPT,
  and Argon2 (all options are still considered cryptographically secure at this
  time and remain safe to use, but adding this additional support provides
  additional choice and control to the end-user regarding encryption). Also
  rewrote the code for the front-end accounts page accordingly.

- [2017.09.25; Sub-minor code change; Maikuolan]: Added rollback capability to
  the front-end updates page for failed updates/installs (this should help to
  prevent any corruption or broken installs from occurring due to unforeseen
  problems, failed connectivity, etc). Added disk space/usage information to
  the front-end file manager. Added links to vulnerability and compatibility
  charts onto the front-end homepage.

- [2017.09.27; Minor code change; Maikuolan]: Added a pie chart to the file
  manager, allowing users to visually interpret the footprint imposed by the
  various files attributed to phpMussel and its components (requires installing
  Chart.js via the front-end updates page). Also did some general refactoring
  of the front-end code.

- [2017.09.27; Bug-fix; Maikuolan]: See issue #138 (update bug preventing some
  specific components from updating at all).

- [2017.10.02; Sub-minor code change; Maikuolan]: Slightly improved the way
  that the front-end logs page behaves.

- [2017.10.03; NEW FEATURE; Maikuolan]: Added a new page to the front-end for
  viewing phpMussel usage statistics, and a corresponding configuration
  directive to enable/disable tracking phpMussel usage statistics.

- [2017.10.07; Sub-minor code change; Maikuolan]: Added a simple metadata
  cleanup routine to the front-end updates page.

- [2017.10.09; Sub-minor code change; Maikuolan]: Added the ability to fetch
  component names and extended descriptions from the L10N data.

- [2017.10.15; Sub-minor code change; Maikuolan]: Improved L10N pluralisation.

- [2017.10.16; NEW FEATURE; Maikuolan]: Added a new page to the front-end for
  viewing and handling quarantined files.

- [2017.10.26; Sub-minor code change; Maikuolan]: Added CI reports/tests to the
  front-end updates page. Split the functions file into two distinct files (one
  containing closures specifically intended for the front-end, and one for
  everything else; this should increase code maintainability and make things
  less confusing for future contributors).

- [2017.10.27; Sub-minor code change; Maikuolan]: Removed old PHP < 5.4.0 array
  syntax in favour of newer, short array syntax.

- [2017.10.28; Sub-minor code change; Maikuolan]: Added cookie notice to the
  front-end login page. Made the categories on the front-end configuration page
  collapsable/expandable (this should help to make the page look less cluttered
  and easier to navigate).

- [2017.10.28; Bug-fix; Maikuolan]: Bug found preventing the activation or
  deactivation of components via the front-end updates page for multi-domain
  installations when certain specific conditions were met; Fixed.

- [2017.10.29; NEW FEATURE; Maikuolan]: Added an API for Cronable, allowing
  phpMussel to be updated automatically via cron.

Caleb M (Maikuolan),
29th October 2017.

=== Version/Release 1.0.0 ===
MAJOR RELEASE (BACKWARDS INCOMPATIBLE).

IMPORTANT NOTICE FOR THOSE UPDATING FROM A PREVIOUS VERSION: THIS RELEASE IS
NOT BACKWARDS COMPATIBLE WITH THE PREVIOUS RELEASE! PLEASE CAREFULLY REVIEW
THE DOCUMENTATION TO KNOW WHAT HAS CHANGED, IMPORTANT DIFFERENCES, ETC.

- [2016.03.18; Documentation]: Deleted the version zero changelog and created
  a new changelog for our new major version one, "Changelog-v1.txt".

- [2016.03.18; Minor code change; Maikuolan]: Renamed all "INC" files to "PHP"
  files and changed all references to them accordingly.

- [2016.03.18; MAJOR CODE CHANGE; Maikuolan]: Removed all deprecated < v1.0.0
  functions.

- [2016.03.19; MAJOR CODE CHANGE; Maikuolan]: Converted all functions to
  closures to help towards a fat-free implementation of phpMussel. Removed the
  old "phpMussel_mail()" function from phpMussel entirely (this function would
  make more sense as a plugin or an extension, rather than as part of the core
  of phpMussel). Removed the update handler and all of its associated
  components from phpMussel. Abandoned the use of globals entirely in favour of
  using "use" for closures to reference our former globals.

- [2016.03.21; Sub-minor code change; Maikuolan]: Improved the way in which we
  can detect whether we're in CLI-mode.

- [2016.03.22; Minor code change; Maikuolan]: Added an obfuscation closure in
  order to avoid needing to directly call some certain potentially blocked
  in-built PHP functions that are known to sometimes trigger false positives
  for some certain potentially overzealous server-based security solutions.
  Modified our normalisation closure to make use of our new obfuscation closure
  in favour of using problematic falsing in-built functions as was previously
  the case.
  Refer github.com/phpMussel/phpMussel/issues/87

- [2016.03.24; Sub-minor code change; Maikuolan]: Removed references to the
  "package" tag from all phpDoc page blocks in the package (we don't need
  these, because we already have README documentation and don't use api-docs).
  Refer github.com/phpMussel/phpMussel/issues/85

- [2016.03.24; Minor code change; Maikuolan]: Updated the plugin system as so
  that hooks can now be registered for closures as well as functions (whereas
  previously, they could only be registered for functions; note that this
  partially reintroduces the use of globals, which in this case is used purely
  for destructing unrequired closures when phpMussel terminates). This allows
  the use of both functions and closures together (and to that extent, is
  backwards-compatible); However, the prior change of the function for
  registering hooks from being a function to being closure means that at least
  that part of pre-v1 plugins must be modified to function correctly post-v1.

- [2016.04.18; Sub-minor code change; Maikuolan]: Slightly improved the error
  handling for the configuration file.

- [2016.05.06; NEW FEATURE; Maikuolan]: Support for performing lookups to the
  Google Safe Browsing API has now been implemented to a functional state;
  Lookups to the Google Safe Browsing API can be enabled by including an API
  key in the phpMussel configuration file (cURL is required in order for it to
  work correctly).
  Refer github.com/phpMussel/phpMussel/issues/65

- [2016.05.12; Sub-minor code change; DanielRuf/Maikuolan]: Improved the
  "ReadFile" closure; It's now possible for developers/users to specify custom
  block sizes for file reading.
  Refer github.com/phpMussel/phpMussel/issues/89

- [2016.05.15; Sub-minor code change; DanielRuf/Maikuolan]: Improved the
  "implode_bits" and "explode_bits" closures; Both these closures now return
  strings rather than arrays (although these strings are still manipulated in
  the same ways as before) and both these closures now execute about ~2.5-~2.7
  times faster than they did before.
  Refer github.com/phpMussel/phpMussel/issues/91

- [2016.05.18-22; MAJOR CODE CHANGE; Maikuolan]: Removed "compressor" as a
  possible value for "$container". Completely rewrote the way that archives
  are handled and processed by phpMussel (phpMussel will now attempt to parse
  archives using in-built PHAR support prior to doing any further processing of
  them; as a result, PHAR files are now supported by phpMussel). The code for
  handling ZIP files has been removed in favour of simply using in-built PHAR
  support, which also already supports ZIP files, TAR files and PHAR files (but
  unfortunately, not recursively). The code for handling TAR files has been
  heavily modified, but not removed (due to that this code could already handle
  and process TAR files recursively; in-built PHAR support will be favoured for
  handling these types of files, but the code for handling TAR files will be
  used nonetheless when dealing with recursive TARs). Two new closures have
  been added to the functions file [/vault/functions.php]; "BuildPharList" for
  generating lists of the contents of files processed using the in-built PHAR
  support, and "MetaDataScan", which will act as an intermediary wrapper for
  the Data Handler whenever called from within the Recursor during the archive
  scan phase. Some minor refactoring has occurred, removing some unrequired
  error suppression and cleaning up duplicated code. Calls to "die" from within
  closures have been removed in favour of using exceptions.

- [2016.05.25; Documentation; Nadeen Shawa / Maikuolan]: Completed translation
  of the documentation to Arabic (documentation prep and markdown formatting by
  Maikuolan/Caleb, but the actual translations were done by Nadeen Shawa). With
  this translation completed, the phpMussel documentation is now available in
  12 fully completed translations with 1 other translation near to completion.

- [2016.05.31; Documentation; m7mdtiger]: Completed audit/review/rewrite for
  the Arabic translation of the README documentation.

- [2016.06.02; Minor code change; Maikuolan]: Added the ability to use dated
  logfiles! Now, some simple variables ({dd}, {mm}, {yyyy}/{yy}, {hh}) can be
  included when specifying the names to use for logfiles in order to organise
  logfiles by date/time. Added a new directive ("timeOffset") to account for
  the possibility of discrepancies between servers and the local time of those
  using phpMussel.

- [2016.06.11; Documentation; Maikuolan/Vy]: Completed translation of the
  documentation to Vietnamese. With this translation completed, the phpMussel
  documentation is now available in 13 fully completed translations.

- [2016.06.13; Minor code change; Maikuolan]: Updated the Google Safe Browsing
  API from v3.1 to v4; Did some more phpDoc work.

- [2016.06.22; Bug-fix; Maikuolan]: Incorrect language data entry used for some
  upload errors; Fixed. Thanks to mtrefzer for spotting this. :-)
  Refer github.com/phpMussel/phpMussel/issues/98

- [2016.06.24; Sub-minor code change; Maikuolan]: Changed the default value for
  "forbid_on_block" from false to true (this should improve compatibility with
  PJAX-based frameworks and systems).

- [2016.06.27; Bug-fix; Maikuolan]: Key value was being fetched from an
  incorrect array for $HookID by the plugin hooks (affected all hooks); Fixed.
  Thanks to mtrefzer for spotting this. :-)
  Refer github.com/phpMussel/phpMussel/issues/99

- [2016.08.02; Documentation; Mie Shinohara]: Completed translation of the
  documentation to Japanese. With this translation completed, the phpMussel
  documentation is now available in 14 fully completed translations.

- [2016.08.07; Sub-minor code change; Maikuolan]: Slightly improved RTL text
  support. Slightly improved/optimised the template file.

- [2016.12.02; Sub-minor code change; Maikuolan]: Added some polyfills to
  extend compatibility with phpMussel to PHP 5.4.x (the newly introduced
  front-end feature for phpMussel makes use of the password_hash and
  password_verify functions, of which are only available natively to PHP
  versions 5.5.0 and above).

- [2016.12.03; Sub-minor code change; Maikuolan]: Improved mechanism for making
  determinations between requests via direct access and requests via hooks.

- [2017.02.11; MAJOR CODE CHANGE; Maikuolan]: Successfully completed building
  the front-end for phpMussel! Using the phpMussel front-end, you can update
  phpMussel directly from your browser, install/uninstall/update components,
  signature files, and language packs, and more; You can modify core phpMussel
  files, upload new files to your vault, view and download logfiles, and via
  the accounts page, selectively grant access to others either to administrate
  phpMussel on your behalf, or to a more limited degree, to access the
  phpMussel logfiles directly from their browser; And you can update the
  phpMussel configuration directly from your browser, too. Front-end access is
  disabled by default for security reasons, but you can enable it via the
  relevant newly created configuration directives pertaining to it. Completely
  rewrote the configuration handler: Fallbacks aren't hardcoded with PHP at the
  time of loading the configuration file anymore; Fallbacks are now determined
  via a separate configuration defaults file written using YAML. Completely
  dropped support for users overriding the default language specification until
  further notice, and dropped the "lang_override" configuration directive (too
  buggy at the moment; may reintroduce this feature back again later). Slightly
  improved the template files. Completely removed support for archive metadata
  signatures; This was long overdue, seeing as they'd already long since been
  deprecated and removed from the ClamAV signatures set. Any relevant
  signatures, where still applicable, have been converted to CoEx signatures.
  Completely removed support for XML/XDP chunk signatures; They were unlikely
  to be developed any further and were essentially irrelevant at this point
  anyhow (associated vulnerabilities since patched, nothing new emerging, etc).
  Testfiles for removed signature formats removed from the main repository (not
  relevant anymore). Components files added/modified in order to better support
  the newly completed front-end and to better accommodate changes to the
  updates feature. Completely rewrote the scan process and completely rewrote
  how all signatures are interpreted/read/used/etc. Major refactoring. Improved
  future compatibility with PHP >= 8 ("each" function has been identified as
  targetted for deprecation as of PHP 7.2.0). Temporarily dropped support for
  whitelist signatures (this will be reintroduced again later). This update is
  NOT backwards compatible with previous versions/commits for phpMussel.

- [2017.02.11; Signatures; Maikuolan]: IMPORTANT! Henceforth, phpMussel
  signature files won't be included in the main repository nor in the package
  downloads. In the future, phpMussel signature files can be installed either
  via the front-end updates page, or via downloading from a separate, newly
  created repository, located at "github.com/phpMussel/Signatures", manually
  installing/uploading to the vault, and assigning the name of the signature
  files to the relevant configuration directive.

- [2017.03.04; Documentation; Maikuolan]: Added front-end documentation.

- [2017.03.06-11; Sub-minor code change; Maikuolan]: Refactoring again.

- [2017.03.14; Documentation; Maikuolan]: Removed "future goals" from the
  changelog.

- [2017.03.17; Documentation; Maikuolan]: New additions to the FAQ.

- [2017.03.24; Signatures; Maikuolan]: "General command detections" now
  regarded in the same way as simply another type of signature file ("CSV").
  Associated configuration directive removed. Functionality can be returned by
  installing/enabling the relevant signature file for general command
  detections.

- [2017.03.25; Documentation; Maikuolan]: Completed translation of the
  documentation to Korean (very fuzzy though). With this translation completed,
  the phpMussel documentation is now available in 15 different translations.

- [2017.03.26; Sub-minor code change; Maikuolan]: Added internal language
  support for Korean (15 language options now supported in total). Implemented
  some of Google's webfonts and slightly increased the text size for both the
  front-end and the blocked upload template; This should significantly improve
  text readability for phpMussel (previously, in some situations, it was very
  difficult to properly read on-screen text produced by phpMussel). Also
  implemented some other very small design tweaks in order to improve text
  readability.

- [2017.03.27; Minor code change; Maikuolan]: Added a directive to optionally
  enable/disable webfonts.

- [2017.03.28; Minor code change; Maikuolan]: Added the ability to install and
  uninstall plugins via the front-end updater.

- [2017.03.30; Sub-minor code change; Maikuolan]: Some small, aesethetic
  improvements done to the front-end.

- [2017.04.05; Sub-minor code change; Furqan Akbar]: Added internal language
  support for Urdu (16 language localisations now completed and available).

- [2017.04.11; Minor code change; Maikuolan]: Added a new directive,
  "timeFormat", to specify the date/time notation format used by phpMussel.

- [2017.04.12; Sub-minor code change; Maikuolan]: Temporarily removed donate
  buttons from all project files (possibly may reinstate at a later date).
  Made some subtle aesthetic improvements to the front-end.

- [2017.04.12; Documentation; Furqan Akbar]: Completed translation for the
  phpMussel README documentation into Urdu. This totals 16 different language
  versions of the README documentation now available.

- [2017.04.17; Sub-minor code change; Maikuolan]: Added internal language
  support for Thai (17 language localisations now completed and available).

- [2017.04.21; Sub-minor code change; Maikuolan]: Improved support for
  fractions/floats/reals/decimals/etc for configuration directives. Added some
  basic system information to the front-end homepage, to help with debugging.

- [2017.04.22; NEW FEATURE; Maikuolan]: Added the ability to truncate logfiles
  after they reached a certain size, specified by the newly added "truncate"
  directive.

- [2017.04.22; Bug-fix; Maikuolan]: Fixed a bug whereby version information for
  certain PHP release candidates would be compared incorrectly when using the
  front-end updates page (only affects a small number of users).

- [2017.04.23; Sub-minor code change; Maikuolan]: Added "previewers" to the
  front-end configuration page in order to make it easier for users to handle
  configuration directives that deal with time and byte measurements.

- [2017.04.24; NEW FEATURE; Maikuolan]: Added a new configuration directive
  allowing users to override the default timezone set by PHP. Changed the way
  that configuration directives dealing with byte measurements are handled as
  such that the unit now may be specified alongside the directive value (i.e.,
  byte measurements are no longer locked to predefined units); These byte
  measurements will default to kilobytes when no unit has been specified.

- [2017.04.27; NEW FEATURE; Maikuolan]: Added the ability to optionally
  override configuration directive values on the basis of HTTP_HOST. This
  should be useful for users running multi-domains installations as a way of
  enforcing different values for different configuration directives for
  different domains and sub-domains when necessary.

- [2017.04.29; Minor code change; Maikuolan]: Added filtering to the
  configuration defaults, in order to allow the front-end configuration page to
  omit any problematic value choices (for example; attempting to switch to a
  new default language after having deleted its associated language files).

- [2017.05.01; Sub-minor code change; Maikuolan]: Subtle improvements for
  mobile display ("responsiveness").

- [2017.05.19; NEW FEATURE; Maikuolan]: Added full support for custom themes!
  This expands upon the theme support already previously provided which allowed
  users to specify custom CSS files to use for the "Upload Denied" page, by way
  of adding full support for custom themes which will now also apply to the
  front-end, allowing a richer level of customisation, and can be installed via
  the front-end updates page.

- [2017.05.24; Sub-minor code change; Maikuolan]: Slightly improved caching for
  front-end assets (CSS files, images, etc).

- [2017.05.27; Minor code change; Maikuolan]: Added the ability to the
  front-end updates page to update all components at once, with a single click.

- [2017.05.29; Sub-minor code change; Maikuolan]: Added internal language
  support for Hindi (18 language localisations now completed and available).

- [2017.06.09]: Repository migrated from "Maikuolan/phpMussel" to
  "phpMussel/phpMussel". All files, documentation, etc, updated accordingly. No
  disruptions are anticipated as a result of this migration, but if you
  encounter any, please let us know.

- [2017.06.18; Sub-minor code change; Maikuolan]: Improved debugging
  functionality; Added a new method of debugging scan problems to phpMussel.

- [2017.06.22; Sub-minor code change; Maikuolan]: Slightly improved L10N
  support (rendering numbers correctly, some punctuation fixes, etc).

- [2016.06.30; Bug-fix; Maikuolan]: Bug found whereby the URL scanner failed to
  perform any API lookups when there weren't any active/installed/enabled URL
  scanner signature files; Fixed.

- [2017.07.05; Sub-minor code change; Maikuolan]: Removed ini_get()/ini_set()
  calls from the package (the loader). SensioLabs rating raised to "silver".
  Alternative solutions for preventing uncontrolled PCRE backticking will be
  sought and implemented prior to the v1.0.0 release.

- [2017.07.01-07; Sub-minor code change; Maikuolan]: More refactoring.

- [2017.07.09; Sub-minor code change; Maikuolan]: Added internal language
  support for Turkish (19 language localisations now completed and available).

- [2017.07.13; MAJOR CODE CHANGE; Maikuolan]: Rewrote the way that plugin hooks
  are handled by the package. The optional third parameter previously provided
  with the hook register closure is now deprecated and no longer available (can
  reference globally available variables via the "use" keyword when writing
  closures to call variables between scopes when necessary, as an alternative).
  A dedicated executor closure is now provided for executing hooks at
  designated points in the codebase.

- [2017.07.14; Bug-fix; Maikuolan]: Bug found whereby some files would be
  incorrectly processed by the switch file; Fixed.

- [2017.07.23; Sub-minor code change; Maikuolan]: The front-end homepage now
  warns users if they're using a PHP version with known severe vulnerabilities
  and exploits ("severe", in this context, defined as vulnerabilities and
  exploits with a CVSS >= 9.0) and/or a PHP version that isn't actively
  supported anymore (as determined by the php.net Supported Versions page). The
  associated code for this is hardcoded manually, and therefore only updates
  when the package updates (meaning that lack of warning should not necessarily
  be perceived as a lack of vulnerabilities/exploits nor as an indication of
  continued active support).

- [2017.07.29; NEW FEATURES; Maikuolan]: Added the ability to execute closures
  and specific commands when specific conditions are met when using the
  front-end updates page (installing, uninstalling components, etc). Added a
  configuration directive to modify the font magnification for the front-end
  and the Upload Denied page. Added information to the front-end homepage about
  latest stable, unstable, and branch versions for phpMussel and PHP.

- [2017.07.30; Minor code change; Maikuolan]: Added a configuration directive
  for specifying the preferred way to localise numbers when displaying numeric
  information via the front-end and any other relevant means. Number L10N is
  now independent of language choice, and has also been improved upon somewhat.

- [2017.08.09; Documentation; Maikuolan]: Instructions for installing phpMussel
  have been slightly modified, and new information has been added to the
  documentation regarding signature formats, signature file magic numbers,
  information about SigTool, etc. Users performing fresh installs or updating
  to v1.0.0 from older versions should re-read the installation instructions as
  to be familiar with the changes.

- [2017.08.12; Sub-minor code change; Maikuolan]: Serialised logging now works
  in CLI-mode (details about specific detections aren't listed yet, but
  timestamps can be cross-referenced against standard logfiles to obtain this
  information if required; plan to improve this in the future when possible).

- [2017.08.13; Bug-fix; Maikuolan]: Bug found whereby benign files would be
  falsely identified as malicious if scanned within a period of time whereby
  related cache entries exist due to the falsely identified file being
  previously scanned alongside other files correctly identified as malicious
  and thus collectively blocked; Fixed.

- [2017.08.17; Minor code change; Maikuolan]: Added a configuration directive
  for temporarily disabling everything except the front-end
  ("maintenance_mode"). Might be useful in some situations when updating CMS,
  frameworks, forum systems, etc.

Caleb M (Maikuolan),
20th August 2017.

======

"Changelog-v1.txt" contains changelog notes for versions => 1.0.0 < 2.0.0.

Changelog notes for versions => 2.0.0 < 3.0.0 can be found in the
"Changelog-v2.txt" file included with any relevant, corresponding releases.

Changelog notes for versions < 1.0.0 can be found in the "Changelog-v0.txt"
file or in the "_docs/change_log.txt" file included with any relevant,
corresponding releases.
For more information send a message to info at phpclasses dot org.