== Changelog ==

Full version history for GoldenRetriever AI Chat. The WordPress.org readme.txt
keeps only the most recent releases (to stay within the recommended size); this
file is the complete record.

= 0.9.7 =
* New: Claude Opus 4.8 is now the selectable "most capable" model (replaces Opus 4.6 in the dropdown); Claude Sonnet 4.6 remains the recommended default.
* Privacy: the "Email me this chat" consent checkbox now defaults to unticked, so transcript opt-in is always an explicit, affirmative action.
* Compliance: admin JavaScript that was previously inline is now enqueued via wp_enqueue_script (Settings API-key toggle, Appearance colour-picker sync) per WordPress.org guidelines.
* Docs: corrected the Plugin URI to the plugin's home page and clarified that Cloudflare edge IP ranges are bundled, not fetched remotely.

= 0.9.6 =
* New: Advanced prompt editing — edit the system prompt in the admin, inject important links (booking URL, contact page, support email) automatically, and reset to the shipped default with one click.
* New: Email me this chat with consent-aware lead capture — visitors can email themselves the conversation transcript; their email address is stored in your own database (table grchat_leads) only when they explicitly opt in. Administrators can view and export leads from the new Leads tab (CSV download). The lead table is registered with WordPress's built-in privacy exporter and personal-data eraser so your site handles subject-access and erasure requests without custom code.
* New: Refer a friend — the Support tab includes a one-click pre-filled email draft so you can recommend the plugin to colleagues.
* New: Optional widget attribution link — a small "Get your own GoldenRetriever" link in the widget footer. This feature is opt-in and off by default; enable it from the Appearance tab. When enabled it links to the product site with UTM attribution parameters so you can measure word-of-mouth conversions.
* New: Support tab — send a pre-filled diagnostics bug report via your own email client (no data leaves your server until you click Send in your mail app).
* New: refreshed default look — the GoldenRetriever mark on the chat bubble and a friendlier default button label ("Ask our AI"). Both remain fully customisable under Appearance.
* Security: prompt-injection hardening — all site content, document text, and visitor messages are framed as data, and important-links are injected via a delimited block the model is instructed to treat as configuration, not instructions.
* Fixed: posting the unmodified default system prompt back from the admin no longer pins it as a custom override.

= 0.9.5 =
* Security: trusted-proxy ranges are validated (a malformed range can no longer make every visitor a trusted proxy), and a missing openssl extension fails safely instead of crashing the settings save.
* Fixed: streaming is more robust end to end — provider responses with Windows line endings parse correctly, the final event of a stream is never dropped, a stalled connection times out instead of hanging, and long replies are no longer cut off at two minutes.
* Fixed: sites behind an outbound proxy or with an outdated system certificate store can now reach the AI provider (the plugin uses WordPress's own certificate bundle and proxy settings).
* Fixed: non-English content indexes correctly on hosts without the mbstring or iconv PHP extensions (passages and whole documents no longer silently vanish).
* Fixed: vague questions made of only common words ("who are you") no longer ground the assistant in unrelated recent pages.
* Fixed: a rejected settings save no longer half-applies (the model is not changed when the system prompt is rejected), and a retired model id stored from an older version heals itself instead of silently failing requests.
* Fixed: the "Media" option is no longer offered as a searchable type (it could never be indexed), and re-index counting no longer loads every post ID into memory.
* Fixed: chat history saved in the browser is validated before rendering, so one corrupted entry can't disable every chat widget on the page.
* Fixed: the floating chat takes over the full screen on short landscape phone screens instead of rendering its close button off-screen.
* Accessibility: error messages no longer announce twice to screen readers.
* Misc: more translatable strings, an unconfigured provider now logs a clear diagnostic, and the admin Test-chat panel gains a stall timeout.

= 0.9.4 =
* Security: error details from the AI provider (billing status, configuration hints) are no longer shown to site visitors — visitors see a generic message while the full details go to the server log and admin screens.
* Security: content that was deleted, unpublished, or password-protected while the plugin was inactive is now removed from the search index when "Reindex all content" completes.
* Security: rate limiting moved to atomic database counters, so simultaneous requests can no longer slip past the per-visitor and site-wide caps that bound your API spend; if counter storage is ever unavailable the plugin blocks rather than running unmetered.
* Security: URL knowledge sources now re-check every redirect hop and pin the verified address, closing request-forgery paths via redirects or DNS tricks.
* Security: chat conversations must start and end with a visitor message, blocking prompt-prefill abuse.
* Fixed: removing the API key no longer erases a customised system prompt.
* Fixed: the chat widget recovers automatically when a cached page holds an expired session token (previously dead until the cache was purged).
* Fixed: sites served through "flexible SSL" proxies no longer block every visitor with a cross-origin error, and Cloudflare visitors now get their own rate-limit allowance instead of sharing one per edge server.
* Fixed: a caching/optimisation plugin with a non-removable output buffer can no longer pin the server CPU on every chat request.
* Fixed: re-indexing survives a post that crashes mid-render — progress is saved per post and the next run resumes instead of restarting from zero.
* Fixed: the content index can no longer hold duplicate copies of a post when an editor saves during a reindex (database version 5; existing duplicates are cleaned up automatically on update).
* Fixed: unticking every post type on the Knowledge tab is now respected — uploaded files and URLs stay searchable while post content is excluded.
* Fixed: the chat input no longer loses keyboard focus (and the mobile keyboard no longer closes) on every message, and starting a new conversation mid-reply no longer shows a stray error from the cancelled request.
* Fixed: a blank reply caused by a proxy rewriting the response now shows an error with a retry instead of silently swallowing the message.
* Fixed: the custom logo SVG is capped at 64 KB so an oversized paste cannot slow down every page of the site.
* Fixed: on networks with more than 100 sites, activation and uninstall now cover every site, and new subsites get their tables at creation time.
* Developer: CI now activates the plugin against WordPress latest and latest-1 across PHP 7.4/8.1/8.2, and PHP cross-version scanning (PHPCompatibilityWP) is enforced.

= 0.9.3 =
* Security: password-protected posts are never added to the content index and are removed when a password is set on a published post.
* Security: the plugin no longer adds (and now removes) a database index on the WordPress core posts table.
* Security: stricter rate limiting — request windows can no longer be extended by repeated traffic, and proxy headers can no longer be spoofed to bypass the per-visitor limit.
* Fixed: long conversations no longer stop working after ten exchanges — the widget now keeps the most recent messages within the server's limit.
* Fixed: clear error messages in the chat widget when a cached page holds an expired session token (previously a generic error with a retry that could never succeed).
* Fixed: pressing Enter in the settings form no longer triggers "Remove key"; a failed key save no longer deletes the previously working key.
* Fixed: knowledge-source problems (bad URL, oversized or unsupported file, failed fetch) now show a visible error instead of failing silently.
* Fixed: posts containing invalid characters are cleaned and indexed instead of silently disappearing from the index.
* Fixed: searches with short words (like "AI") and languages without spaces (Japanese, Chinese, Korean) now find content via a keyword fallback.
* Fixed: retrying a failed message no longer duplicates it; a stalled response no longer locks the chat input; starting a new conversation cancels the previous reply.
* Fixed: multisite networks — activation and uninstall now cover every site, and uninstall removes all subsite data.
* Improved: screen-reader behaviour (replies announced once, keyboard focus stays in the open chat panel), iPhone Safari layout, dark-theme readability, and the widget no longer sits under the admin bar.
* Improved: the Knowledge tab's "Test retrieval" panel now tells you when results came from the keyword fallback.
* Developer: internal restructuring (single indexability policy, extracted reindex job and SSE emitter, admin page base class) with expanded test coverage (293 PHP + 21 JS tests).

= 0.9.2 =
* First public release candidate.
* AI chat grounded in your site's own content (Anthropic Claude), streamed live over Server-Sent Events.
* Bring-your-own Anthropic API key, stored encrypted (AES-256-GCM); never displayed after saving.
* Front-end chat: floating bubble, Gutenberg block, and shortcode; inherits your theme's colours and fonts.
* Rendered, chunked content index (MySQL FULLTEXT), incremental updates on save, and a resumable "Reindex all content" job with progress UI.
* Knowledge sources: add a URL (SSRF-guarded) or upload .txt/.md files to ground answers.
* Configurable maximum response length.
* Anonymous public chat endpoint protected by a signed request token plus per-IP and global rate limiting.
* Full uninstall cleanup of all plugin tables and options.

= 0.1.0-alpha =
* Initial development release. Anonymous chat widget, admin Test Chat, Connection Test, Knowledge tab with FULLTEXT retrieval, Appearance customisation, encrypted Anthropic API key storage, per-IP and global rate limiting, Gutenberg block and shortcode.
