Polski for WooCommerce

لاگ تبدیل ڪريو

1.17.0

• Store health monitor: new optional module (off by default) for continuous, passive monitoring of store operations. Three sensors run every 5 minutes via WP-Cron: front-end fatal errors (shutdown handler, storefront only), the checkout failure rate (observes woocommerce_checkout_order_processed, the Store API equivalent, and woocommerce_order_status_failed over a rolling 2-hour window), and a sales anomaly check (previous full hour vs the typical order count for the same weekday/hour over the past 8 weeks, evaluated at most once per hour). No synthetic orders are ever placed. Alerts go out by email and optional JSON webhook (Slack/Discord-compatible) with a configurable cooldown; a hard outage also records an entry in the security incident log when that module is enabled. Health dashboard under Reports & Tools with a manual “Run check now”, an admin notice when status is not OK, and a read-only REST endpoint GET /polski/v1/store-health. Block checkout is covered through the Store API hook. Settings: alert email/webhook, failure-rate threshold and minimum sample, sales anomaly threshold, and alert cooldown.

1.15.0

• B2B fields: optional “Potrzebuję faktury VAT” toggle, separate from the existing “Buying as a company” checkbox. Polish e-commerce convention treats invoice-need as orthogonal to company-vs-consumer (paragon vs faktura), so the field is its own opt-in. Saves to _polski_needs_invoice order meta. Wired through both classic checkout and the WC 8.6+ additional-fields API. New setting polski_b2b.show_needs_invoice_toggle (default off).
• Compare: sticky bottom drawer (polski_compare.show_sticky_bar, default off) showing thumbnails of compared products with a “Porównaj (N)” CTA and a clear-all button. Hidden on the compare page itself; auto-suppressed when the list is empty. Mobile-responsive CSS.
• Compare: new shortcode [polski_compare_count] for the header counter, with template, class, and hide_when_empty attributes. Renders an anchor to the compare page with a data-polski-compare-count attribute that the existing AJAX layer can update live.
• AJAX filters: named presets. [polski_filters preset="b2b"] shortcode argument loads overrides from the new polski_filter_presets option ([name => array<setting, value>]); the inner array is merged over the global filter settings before render. Archives can map to a preset via the polski/filters/archive_preset filter. Per-preset runtime tweaks via polski/filters/preset (preset, name).

1.14.1

• B2B fields: full IBAN validation. B2BCheckoutService::isPlausibleIban() now performs the ISO 13616 mod-97 checksum and a country-code length lookup (PL=28, DE=22, GB=22, FR=27, IT=27, plus 25 more EU/CH/GB markets). Replaces the previous structural-only sanity check.
• DSA: per-IP rate limiting on the report submission handler. Default 5 reports per hour per IP; window and limit are filterable via polski/dsa/rate_limit_window_seconds and polski/dsa/rate_limit_max_attempts. Source IP is filterable via polski/dsa/rate_limit_ip for sites behind a reverse proxy.
• Code quality: tighter Plugin Check compliance in pre-existing modules. CRA IncidentRepository now uses %i placeholders instead of interpolated {$table} queries; FilterService documents the read-only GET-based filter context with a scoped phpcs:disable/enable block instead of leaving a Recommended warning open; CRAIncidentsPage adds wp_unslash() + sanitize_key() before passing $_POST['kind'] and $_POST['severity'] to IncidentKind::tryFrom() and Severity::tryFrom(); templates/forms/ajax-filters.php sanitises single-string $_GET[$key] reads.

1.14.0

• B2B checkout fields: Block-checkout support via woocommerce_register_additional_checkout_field (WC 8.6+). NIP, REGON, and IBAN now appear in both classic and Block checkouts from a single registration. Values written by the WC additional-fields API are mirrored to legacy _billing_nip, _billing_regon, _billing_iban order meta on save (woocommerce_set_additional_field_value) so the existing KSeF and invoice modules pick them up unchanged. The classic-only woocommerce_billing_fields path is automatically skipped when the modern API is available, preventing duplicate billing rows. Stores on WC < 8.6 continue to use the classic-only path with the company toggle.
• DSA module: per-product report widget. Optional collapsible “Zgłoś nielegalne treści (DSA)” section on single product pages with the report form prefilled with the product permalink and human-readable name. The form posts to the existing polski_dsa_report admin-post handler, so reports flow into the same admin queue as shortcode submissions. Configurable position (after product summary or in product meta block). New filter polski/dsa/product_widget_enabled. Defaults polski_dsa.product_widget_enabled (off) and polski_dsa.product_widget_position (after_summary).
• DSA module: defaults populated for polski_dsa (contact_email, form_title, form_intro, plus the new widget keys) so admins see seeded values on first activation instead of empty strings.

1.13.0

• New module: B2B checkout fields. Adds an optional “Buying as a company” toggle plus NIP, REGON, and IBAN fields to WooCommerce classic checkout, with conditional show/hide tied to the toggle. NIP is validated on submit using the official Polish checksum algorithm and saved to standard _billing_nip meta so the existing KSeF and invoice modules pick it up without changes. REGON accepts 9- or 14-digit numbers; IBAN passes a structural sanity check (country prefix + 13-32 alphanumeric body, length 15-34). Settings group polski_b2b (enabled, show_company_toggle, nip, regon, iban). New static utility Polski\Util\NipValidator (isValid, normalize, format). When polski-pro’s NipValidator is active, free skips its own NIP registration to avoid a duplicate field.

1.12.0

• AI Feed: /llms.txt manifest at the site root following the open standard at https://llmstxt.org. AI agents that look for the well-known file at /llms.txt now get a Markdown index of the site – title, description, legal pages with ?output_format=md links, the WooCommerce shop page, and the top product categories. Filters: polski/ai_feed/llms_txt_enabled, polski/ai_feed/llms_txt_sections, polski/ai_feed/llms_txt_category_limit. Setting polski_ai_feed.llms_txt_enabled (default true).

1.11.0

• New module: AI Feed. Serves singular posts, pages, and WooCommerce products as Markdown via content negotiation so AI agents and LLM crawlers can ingest store content without scraping HTML. Triggered by Accept: text/markdown header or ?output_format=md query argument. Adds <link rel="alternate" type="text/markdown"> to single views for discovery and a “View AI Version” row action on the Posts, Pages, and Products list screens.
• AI Feed: product Markdown enriched with Polish-market data – SKU, GTIN/EAN, gross/regular/sale price, currency, tax class, Omnibus lowest price (last 30 days), delivery time, stock quantity and availability, weight, dimensions, brand, manufacturer, GPSR responsible person, and product categories. Front matter exposes the same fields as YAML for structured ingestion.
• AI Feed: filters polski/ai_feed/enabled, polski/ai_feed/post_types, polski/ai_feed/post_markdown, polski/ai_feed/product_markdown, polski/ai_feed/product_facts, polski/ai_feed/password_required. Settings group polski_ai_feed (enabled, post_types). Default post types: post, page, product.

1.10.0

• New module: OSS observer. Tracks the EU intra-community €10,000 B2C delivery threshold by integrating with the standalone One Stop Shop plugin. One-click install + activation directly from the module row. WooCommerce admin note prompts install when the observer is toggled on without the external plugin present. Exposes the filter polski_tax_oss_enabled so polski-pro and third-party code can branch tax logic on OSS state.
• Modules page: redesigned as a WP list-table (Name / Enabled / Description / Edit) with MoSCoW-prioritised grouping – Legal & Compliance, Tax & Pricing, Checkout & Orders, Content & Trust, Advanced & Tools. Pencil icon opens a dedicated settings subpage per bucket (admin.php?page=polski-group-<bucket>#polski-module-<id>) registered dynamically for every module with settings, enabled or not.
• Setup wizard: rewritten as a 5-step guided flow (Company > Legal > Tax & OSS > Checkout > Finish). Each step uses toggle rows with inline description panels; optional steps have Skip Step + Continue; OSS toggle on the Tax step triggers One Stop Shop plugin install on Finish.
• Dashboard: “Relaunch setup wizard” button for merchants who want to rerun the guided setup after completion.

1.9.1

• Compliance checklist: Accessibility (WCAG) section – 9 heuristic rules scanned against the static homepage HTML (html lang, skip link, h1, viewport meta, main landmark, search role, focus outline, autoplay sound, missing img alt). REST: GET /polski/v1/compliance/accessibility.
• Compliance checklist: Cookie banner now includes a push-notification prompt detector – flags Notification.requestPermission, PushManager.subscribe and common third-party push SDKs triggered without user interaction.
• New module: RODO training documentation generator. Admin page Polski > RODO training docs downloads three printable HTML templates (training logbook, principles summary, data-breach response playbook). Pre-branded with shop data from the setup wizard.

1.9.0

• New module: Complaint template generator. Ready-to-print complaint form (formularz reklamacyjny) auto-populated with seller data. Admin page Polski > Complaint template with preview + download as standalone HTML. [polski_complaint_template] shortcode to embed on customer pages.
• New module: Copyright / license notice helpers. [polski_copyright] shortcode + polski/copyright block with year, owner and optional license. [polski_image_credit] shortcode for per-image credits with source link and license.

1.8.2

• New module: Business identification. Renders the shop’s business data (name, address, NIP, REGON, email, phone) as a [polski_business_info] shortcode and a dynamic Gutenberg block polski/business-info. Reads values set in the setup wizard (polski_general option). Block and inline formats with configurable separator.

1.8.1

• New module: SBOM generator. Emits a CycloneDX 1.4 JSON document listing PHP (composer.lock) and JS (package-lock.json) dependencies plus plugin metadata. Admin page Polski > SBOM with one-click download for FREE and (when installed) PRO. Content-Type application/vnd.cyclonedx+json — ready for Dependency-Track / Trivy.

1.8.0

• New module: CRA incident reporting. Records actively-exploited vulnerabilities and security incidents with a CRA Article 14 early-warning deadline (24h for incidents/exploits, 72h for near misses). Admin page Polski > CRA incidents to record, dispatch (webhook + email) and mark resolved. JSON export per ENISA SRP draft schema. Hourly cron checks for deadlines approaching. Action hooks polski_cra_incident_recorded and polski_cra_incident_deadline_approaching. Migration 2.1.0 creates polski_cra_incidents.

1.7.2

• Site audit: four new dark-pattern checks. Forced account creation (EU Directive 2023/2673), stale/fake sale countdowns (products still on-sale after date_to passed), misleading “from” price on variable products with >50% min/max spread, false urgency via oversized low-stock threshold (>5).

1.7.1

• Compliance checklist: added Cookie banner (active consent) section. Scans the homepage HTML with a 1h transient cache and reports 9 rules (banner presence, Accept, Reject with equal prominence, granular settings, Analytics/Marketing categories, privacy-policy link, withdrawal hint, implied-consent phrase trap).
• REST API: GET /polski/v1/compliance/cookie-banner?url= returns the cookie-banner checklist as JSON.
• 5 new unit tests.

1.7.0

• New module: Compliance checklist for Privacy Policy (RODO Art. 13) and Regulamin (Ustawa o swiadczeniu uslug / Ustawa o prawach konsumenta). Structural heuristic scanner with 17 + 15 rules, severity levels (Required/Recommended/Optional), and a WP-admin checklist page showing score and per-element pass/fail.
• REST API: GET /polski/v1/compliance/page/{privacy|terms} returns the full checklist as JSON.
• Admin: new submenu Polski > Compliance checklist.
• 12 unit tests covering normalization (HTML + diacritic strip), rule evaluation, score math and default rule sets.

1.6.3

• Fixed: Added per-line phpcs:ignore annotations with justifications on all $wpdb custom-table calls (repositories, Migrator, DSAService, uninstall.php)
• Fixed: Added phpcs:ignore annotations on meta_key / meta_value / meta_query / tax_query lookups in service classes (ExpertReview, DoubleOptIn, SocialLogin, ReviewRequest, Faq)
• Fixed: Added phpcs:ignore on WooCommerce email header/footer do_action() invocations in email templates
• Result: Plugin Check now reports 0 errors and 0 warnings on the built release package

1.6.2

• Fixed: Softened plugin description and FAQ wording to avoid implying legal compliance or legal guarantees
• Fixed: Documented Google OAuth, Facebook OAuth, and Google Tag Manager / Google Analytics in External Services
• Fixed: Removed broken GitHub support links from the admin sidebar and deactivation modal
• Fixed: Hardened remaining $_GET and $_POST handling in admin and storefront flows
• Fixed: Replaced internal wp_redirect() calls with wp_safe_redirect() where the target stays on-site
• Fixed: Removed HEREDOC usage from review request emails for better Plugin Check compatibility
• Fixed: Replaced all remaining inline <script> tags (DataLayer events, JSON-LD schema) with wp_print_inline_script_tag() / wp_print_script_tag()
• Fixed: Refactored repository queries to use $wpdb->prepare() with %i table-name placeholder (eliminates table-name interpolation suppressions)
• Fixed: Replaced raw echo $html in Elementor widgets with wp_kses_post()
• Fixed: Prefixed all template variables with polski_ to satisfy WordPress.org naming conventions
• Fixed: Removed dozens of phpcs:ignore suppressions in favour of real fixes

1.6.1

• Fixed: Moved inline admin CSS and JS to enqueued asset files (wp_enqueue_style / wp_enqueue_script)
• Fixed: Sanitized $_GET inputs in the AJAX product filters template
• Fixed: Removed manual load_plugin_textdomain() call (WordPress.org auto-loads translations since WP 4.6)
• Fixed: Hardened nonce verification by sanitizing $_POST values before passing to wp_verify_nonce()
• Fixed: Added missing wp_unslash() and capability check in expert review and product meta save flows
• Fixed: Updated readme.txt Contributors username and removed broken donate / GitHub repository links

1.6.0

• Added Social Login module (Google + Facebook OAuth2 with auto-registration)
• Added Product Authors taxonomy for bookstores and publishers
• Added Expert Reviews custom post type with ratings and Schema.org markup
• Added Order Export module (CSV with 30+ configurable fields)
• Added FAQ module with categories, accordion shortcode, and Schema.org FAQPage
• Enhanced Custom Checkout Fields with 5 conditional logic types (field value, shipping, payment, category, cart total)

1.5.0

• Added Auto Restore Stock module – automatically restores product stock on order cancellation, refund or failure
• Added AJAX Add to Cart module – add products to cart without page reload, including variable products
• Added Custom Checkout Fields module – add, modify and reorder checkout fields with multiple field types and validation
• New “Stock & Cart” and “Checkout” module groups in the admin panel

1.4.0

• Added “From price” display for variable products (shows “from XX PLN” instead of price range)
• Added minimum order value and quantity rules with cart validation
• Added automated review request emails after order completion
• Added opt-out support for review request emails
• Improved localization: all __() fallback strings now use English source language

1.3.0

• Added GPSR module: 8 product fields, CSV bulk import/export, status column in product list, product page display
• Added customer withdrawal request flow in My Account (EU Directive 2023/2673)
• Added DSA Toolkit: report form shortcode, admin reports page, email notifications
• Added KSeF-ready module: NIP-based auto-detection, integration hooks, order list column
• Added Security incidents module: CRA-oriented incident log with status tracking and CSV export
• Added verified purchase badge for product reviews
• Expanded Site Audit with DPA, DSA, KSeF-ready, anti-greenwashing, verified review, and security incident checks
• Added anti-greenwashing product fields (eco claim basis, certificate, expiry)
• Added dynamic per-module settings pages in WordPress admin menu
• Fixed GPSR rendering on WooCommerce Blocks single product pages
• Streamlined free version for WordPress.org submission
• 5 language packs: Polish, German, Czech, Slovak, Ukrainian

1.1.0

• Added storefront modules (compare, quick view, badges, tabs, video, zoom, slider, infinite scroll, popups)
• Added configurable admin and email copy
• Added customer flows for withdrawal and waitlist
• Improved WooCommerce Blocks checkout support

1.0.0

• Initial release
• GDPR checkboxes, Omnibus Directive, withdrawal forms
• Shopmarks: unit prices, delivery times, tax notices
• Wishlist, waitlist features
• Food product information fields
• REST API, WP-CLI, CSV import/export
• Full Polish translation