=== MCP for WooCommerce Plugin Changelog ===

= Version 1.2.2 - Release #000017 - April 22, 2026 @ CET =

**BUGFIX: JWT AUTH REST ROUTE COLLISION**

* #000030 - Fix "Unable to generate new token" error (GitHub issue #3)
  Date: April 22, 2026
  - FIXED: Token generation from admin UI no longer fails with "The username field is empty" error when the popular `jwt-authentication-for-wp-rest-api` plugin is also active.
  - ROOT CAUSE: Both plugins previously registered REST routes under the generic `jwt-auth/v1` namespace, causing the other plugin's handler to intercept our requests and reject them for missing credentials.
  - CHANGED: All auth REST routes moved from `jwt-auth/v1/*` to plugin-specific `mcpfowo/v1/auth/*` namespace (e.g. `/mcpfowo/v1/auth/token`, `/mcpfowo/v1/auth/tokens`, `/mcpfowo/v1/auth/revoke`, `/mcpfowo/v1/auth/register`, `/mcpfowo/v1/auth/authorize`, `/mcpfowo/v1/auth/authorize-submit`).
  - UPDATED: OAuth 2.0 discovery document now advertises the new endpoint URLs. MCP clients relying on discovery will pick up the change automatically on the next connect.
  - UPDATED: React admin UI now calls the new endpoint paths.
  - NOTE: External integrations that hard-coded `/wp-json/jwt-auth/v1/*` URLs must update them to `/wp-json/mcpfowo/v1/auth/*`.

= Version 1.2.1 - Release #000016 - November 13, 2025 @ CET =

**OAUTH 2.0 AUTHENTICATION & CLAUDE.AI WEB SUPPORT**

* #000029 - Implement OAuth 2.0 Authorization Code Flow with PKCE support
  Date: November 13, 2025
  - ADDED: Full OAuth 2.0 Authorization Code Flow with PKCE (RFC 7636)
  - ADDED: Dynamic client registration endpoint (RFC 7591)
  - ADDED: Custom authorization form for seamless OAuth flow without WordPress login
  - ADDED: OAuth discovery endpoint (/.well-known/oauth-authorization-server)
  - ADDED: Support for claude.ai web version authentication
  - ENHANCED: JWT authentication to accept tokens with or without Bearer prefix
  - IMPROVED: Claude Code compatibility with OAuth-compliant error responses
  - IMPROVED: Token endpoint returns OAuth-standard response format (access_token, token_type)
  - ADDED: Activation/deactivation hooks for automatic OAuth discovery file management
  - SECURITY: PKCE code challenge methods supported (S256, plain)
  - COMPATIBILITY: Works with Claude Code, Claude.ai web, and any MCP client supporting OAuth 2.0

= Version 1.2.0 - Release #000015 - November 11, 2025 @ CET =

**CRITICAL AUTOLOADER FIX & DOCUMENTATION**

* #000027 - Fix incorrect PSR-4 namespace in composer.json causing fatal errors
  Date: November 11, 2025
  - FIXED: Changed autoloader namespace from "Automattic\WordpressMcp" to "McpForWoo"
  - FIXED: JWT token generation now works correctly (was causing critical WordPress errors)
  - FIXED: Autoloader now loads 65 classes instead of 9
  - FIXED: "Class McpForWoo\Core\WpMcp not found" fatal error resolved
  - IMPACT: This was preventing JWT authentication and causing site-wide errors
  - RESOLVED: Production deployment now requires `composer install` to be run on server

* #000028 - Remove broken GitHub Actions docs badge from README
  Date: November 11, 2025
  - REMOVED: Broken GitHub Actions docs badge that showed "Unable to select next GitHub token from pool"
  - CAUSE: Badge referenced deleted gh-pages.yml workflow file (removed in commit 5f86a4cf1)
  - RESOLVED: README now displays correctly without error messages

= Version 1.1.9 - Release #000014 - October 25, 2025 @ CET =

**BUILD FILES DISTRIBUTION FIX**

* #000026 - Fix missing build files in WordPress.org distribution
  Date: October 25, 2025
  - FIXED: Ensure build/ directory included in SVN tag for WordPress.org
  - FIXED: React admin UI loading correctly after plugin installation
  - VERIFIED: All build files (index.js, index.asset.php, CSS) present in distribution
  - RESOLVED: Empty settings page issue on fresh installations from WordPress.org

= Version 1.1.8 - Release #000013 - October 15, 2025 @ CET =

**WORDPRESS.ORG COMPLIANCE & BOOLEAN STORAGE FIXES**

* #000025 - Apply WordPress.org review requirements
  Date: October 15, 2025
  - FIXED: Text domain changed from 'wordpress-mcp' to 'mcp-for-woocommerce' in all JS files
  - FIXED: CSS class prefixes changed from 'wordpress-mcp-' to 'mcpfowo-' for uniqueness
  - ADDED: .wordpress-org folder exclusion to release ZIP script
  - VERIFIED: Requires Plugins header (woocommerce) already present
  - VERIFIED: composer.json included in ZIP package
  - VERIFIED: Using WordPress functions (plugin_dir_path, plugin_dir_url, wp_upload_dir)
  - VERIFIED: Using wp_remote_get() instead of file_get_contents() for remote requests
  - VERIFIED: Using wp_json_encode() instead of json_encode() for output escaping
  - VERIFIED: ABSPATH check present in main plugin file
  - VERIFIED: MCPFOWO_* constants used throughout for uniqueness

* #000024 - Improve boolean settings storage consistency
  Date: October 15, 2025
  - FIXED: Store all boolean settings as integers (0 or 1) instead of mixed types
  - ADDED: Robust boolean conversion when reading settings to handle '', '0', 0, '1', 1
  - FIXED: Enable MCP functionality setting storage (Settings.php)
  - FIXED: JWT required setting storage (Settings.php, JwtAuth.php)
  - FIXED: Individual tools toggle states storage (WpMcp.php)
  - RESOLVED: WordPress cache inconsistencies with boolean values
  - IMPROVED: Settings reliability across plugin activation/deactivation cycles

= Version 1.1.7 - Release #000012 - September 24, 2025 @ CET =

**COMMUNITY PLUGIN REBRANDING & VERSION BUMP**

* #000023 - Rebrand as community plugin independent from Automattic
  Date: September 24, 2025
  - UPDATED: Plugin description with community plugin disclaimer
  - UPDATED: Author information to Filip Dvoran only
  - UPDATED: All repository links to community GitHub repo
  - ADDED: Community plugin disclaimers throughout documentation
  - CLARIFIED: Plugin independence in README and plugin headers
  - UPDATED: Composer and package.json with correct author and repository info

= Version 1.1.6 - Release #000011 - August 18, 2025 @ CET =

**SMART SYSTEM REQUIREMENTS MONITORING & USER EXPERIENCE IMPROVEMENTS**

* #000021 - Add intelligent system requirements warnings in admin interface
  Date: August 18, 2025
  - ADDED: Smart WordPress REST API status detection with conditional warnings
  - ADDED: Permalinks configuration validation (Post name structure required)
  - ENHANCED: General Settings tab with contextual system health notifications
  - IMPROVED: User experience with actionable configuration guidance

* #000022 - Implement conditional warning system for optimal performance
  Date: August 18, 2025
  - ADDED: PHP-based system status detection methods (is_rest_api_enabled, are_permalinks_correct)
  - ENHANCED: React components with intelligent warning display logic
  - OPTIMIZED: Admin interface to show warnings only when configuration issues exist
  - REFINED: Warning messages with specific problem identification and resolution steps

* #000023 - Plugin directory path correction and documentation reorganization
  Date: August 18, 2025
  - FIXED: McpProxyGenerator plugin directory path resolution
  - REORGANIZED: Documentation structure for better maintainability
  - CLEANED: Repository structure and improved development guidelines

= Version 1.1.5 - Release #000010 - August 13, 2025 @ CET =

**JWT AUTHENTICATION SYSTEM ENHANCEMENTS & MAJOR FIXES**

* #000017 - Fix TypeError in JWT authentication system
  Date: August 13, 2025
  - FIXED: TypeError in JWT token verification process
  - RESOLVED: Authentication system stability issues
  - IMPROVED: Error handling in JWT validation flow

* #000018 - Fix fatal error: check WordPress functions availability before calling get_option
  Date: August 13, 2025  
  - FIXED: Fatal error when WordPress functions not available during initialization
  - ADDED: Function availability checks before calling get_option()
  - ENHANCED: Plugin loading safety and graceful degradation

* #000019 - Add debug logging and JWT option initialization
  Date: August 13, 2025
  - ADDED: Comprehensive debug logging for JWT authentication flow
  - IMPROVED: JWT option initialization process
  - ENHANCED: Troubleshooting capabilities for authentication issues

* #000020 - Fix streamable and stdio transport authentication consistency
  Date: August 13, 2025
  - FIXED: Authentication inconsistencies between streamable and stdio transports
  - UNIFIED: Authentication handling across different transport methods
  - STABILIZED: Cross-transport authentication reliability

* #000021 - Fix JWT authentication 500 error by removing Settings class dependency
  Date: August 13, 2025
  - FIXED: 500 error caused by Settings class dependency in JWT authentication
  - REMOVED: Problematic Settings class coupling from authentication flow
  - IMPROVED: Authentication system independence and reliability

* #000022 - Add Webtalkbot integration note to JWT authentication settings
  Date: August 13, 2025
  - ADDED: Integration documentation for Webtalkbot platform
  - ENHANCED: User guidance for JWT authentication setup
  - IMPROVED: Settings UI with integration examples

* #000023 - Disable Authentication Tokens tab when JWT is disabled  
  Date: August 13, 2025
  - IMPROVED: UI logic to hide tokens tab when JWT authentication is disabled
  - ENHANCED: User experience by preventing confusion
  - STREAMLINED: Settings interface based on authentication method

* #000024 - Add JWT authentication toggle feature
  Date: August 13, 2025
  - ADDED: Toggle switch for enabling/disabling JWT authentication
  - IMPLEMENTED: Dynamic authentication method switching
  - ENHANCED: Flexible authentication configuration options

= Version 1.0.2 - beta - Release #000008 - August 2, 2025 @ 22:00 CET =

**CRITICAL FIXES AND TOOL PRIORITY REORDERING**

* #000015 - Fix critical PHP Fatal Error in WooCommerce product search tools
  Date: August 2, 2025 @ 22:00 CET
  - FIXED: Replaced undefined esc_like() function with sanitize_text_field()
  - RESOLVED: PHP Fatal Error that was causing "Internal error: Failed to execute tool"
  - TESTED: German product search queries now work correctly (e.g., "Gläser unter 100 Euro")
  - RESTORED: Proper product search functionality with links

* #000016 - Reorder MCP tool priority for optimal search workflow
  Date: August 2, 2025 @ 22:00 CET
  - CHANGED: wc_products_search is now PRIMARY PRODUCT SEARCH TOOL (highest priority)
  - CHANGED: wc_get_product is now SECONDARY TOOL (use after search for details)  
  - CHANGED: wc_intelligent_search is now FALLBACK SEARCH TOOL (lowest priority)
  - IMPROVED: Tool descriptions and annotations guide proper usage sequence
  - OPTIMIZED: Better search results by using basic tools first, advanced tools as fallback

= Version 1.0.1 - beta - Release #000007 - August 2, 2025 @ 21:00 CET =

**MAJOR RELEASE - COMPREHENSIVE PRODUCT LINKS IMPLEMENTATION**

* #000014 - Complete permalink implementation across all WooCommerce product tools
  Date: August 2, 2025 @ 21:00 CET
  - COMPLETED: Full product link support for all basic WooCommerce tools
  - CONVERTED: All tools from REST API aliases to custom callbacks with permalink support
  - ADDED: permission_callback: '__return_true' for proper authorization
  - ENHANCED: Complete inputSchema definitions for all tool parameters
  - IMPLEMENTED: Safety checks for WooCommerce function availability
  - STRENGTHENED: AI instructions for mandatory product link display
  - ADDED: Error handling in convert_product_to_array method
  - UNIFIED: All tools now return permalink field with direct product/variation links
  - TOOLS UPDATED: wc_products_search, wc_get_product, wc_get_product_variations, wc_get_product_variation
  - RESOLVED: Critical admin context errors that prevented tool loading
  - TESTED: Full functionality verified on production server
  - STABILIZED: WordPress admin tools interface now loads correctly

= Version 0.2.8 - Release #000006 - August 2, 2025 @ 12:00 CET =

**PRODUCT LINKS ENHANCEMENT**

* #000013 - Implement consistent product links across all WooCommerce tools
  Date: August 2, 2025 @ 12:00 CET
  - ENHANCED: All product-related tools now include permalink field with direct product links
  - UPDATED: wc_products_search - now includes product permalinks in search results
  - UPDATED: wc_get_product - now includes permalink field for single product retrieval
  - UPDATED: wc_get_product_variations - now includes permalinks for all product variations
  - UPDATED: wc_get_product_variation - now includes permalink for specific variation
  - IMPROVED: Consistent product link generation using convert_product_to_array() method
  - ADDED: Clear AI instructions to always include product links when presenting products
  - PREVENTED: Duplicate link generation across different tools
  - STANDARDIZED: Product data format with permalink field across all WooCommerce tools
  - ENHANCED: User experience with direct access to product pages from search results

= Version 0.2.7 - Release #000005 - July 30, 2025 @ 14:30 CET =

**DEPLOYMENT & INFRASTRUCTURE UPDATES**

* #000012 - Update deployment workflow and composer dependencies
  Date: July 30, 2025 @ 14:30 CET
  - UPDATED: Composer dependency management and version tracking
  - IMPROVED: Branch reference tracking from trunk to main
  - ENHANCED: Deployment workflow with debugging and force refresh capabilities
  - FIXED: Git reference synchronization between local and remote repositories
  - MAINTAINED: Production safety with read-only security model intact

= Version 0.2.6 - Release #000004 - July 30, 2025 @ 12:00 CET =

**CRITICAL SECURITY FIX - READ-ONLY MODE ENFORCED**

* #000011 - CRITICAL SECURITY: Remove all write/delete operations for production safety
  Date: July 30, 2025 @ 12:00 CET
  - REMOVED: All create/update/delete operations from MCP tools for security
  - FIXED: Critical authentication bypass in McpRestApiCrud.php (permission_callback: '__return_true')
  - FIXED: Dangerous CORS configuration allowing all origins ('*') 
  - SECURED: REST API access now requires user authentication ('is_user_logged_in')
  - RESTRICTED: McpRestApiCrud now supports only GET operations (read-only)
  - REMOVED: User management tools (wp_add_user, wp_update_user, wp_delete_user)
  - REMOVED: Content modification tools (wp_add_post, wp_update_post, wp_delete_post)
  - REMOVED: Category/tag modification tools (wp_add_category, wp_update_category, wp_delete_category)
  - REMOVED: Custom post type modification tools (wp_add_cpt, wp_update_cpt, wp_delete_cpt)
  - REMOVED: Settings modification tools (wp_update_general_settings)
  - REMOVED: Page modification tools (wp_add_page, wp_update_page, wp_delete_page)
  - REMOVED: Media upload/modification tools (wp_upload_media, wp_update_media, wp_delete_media)
  - MAINTAINED: All read-only functionality intact (search, retrieve, view operations)
  - SECURITY: Plugin now 100% safe for customer installations

= Version 0.2.5 - Release #000003 - July 19, 2025 @ 17:45 CET =

**CRITICAL JSON-RPC PROTOCOL FIX**

* #000010 - CRITICAL FIX: Resolve JSON-RPC validation errors in streamable transport
  Date: July 19, 2025 @ 17:45 CET
  - FIXED: JSON-RPC validation errors causing "5 validation errors for JSONRPCMessage" 
  - FIXED: Malformed error responses in create_method_not_found_error() and handle_exception()
  - FIXED: Error response formatting inconsistencies in McpStreamableTransport.php
  - ADDED: Comprehensive validation logging for incoming and outgoing JSON-RPC messages
  - ENHANCED: Error response validation with proper field checking (code, message)
  - PREVENTS: Client-side JSON parsing failures during agent execution step 2
  - RESOLVES: Agent failures when calling wc_get_shipping_zone and other tools

= Version 0.2.4 - Release #000002 - July 19, 2025 @ 16:30 CET =

**CRITICAL FIXES & AI AGENT IMPROVEMENTS**

* #000009 - Fix AI agent product search workflow and JSON-RPC protocol errors
  Date: July 19, 2025 @ 16:30 CET
  - FIXED: AI agents using hardcoded product ID 42 instead of correct product IDs
  - FIXED: JSON-RPC protocol errors causing client parsing failures
  - ADDED: Universal store type support (electronics, food, pets, pharmacy, automotive, etc.)
  - ADDED: Comprehensive product variations workflow in search guide
  - IMPROVED: Tool descriptions with critical workflow warnings
  - ENHANCED: Multiple product handling (Men/Women versions)
  - UPDATED: Search guide with step-by-step product variations workflow
  - PREVENTED: Hardcoded product ID usage with explicit AI agent warnings

= Version 0.2.3 - Release #000001 - July 19, 2025 @ 14:45 CET =

**CRITICAL FIXES & EMERGENCY PATCHES**

* #000008 - Update plugin branding to Woo - MCP
  Date: July 19, 2025 @ 15:25 CET
  - Updated plugin name from "WooCommerce MCP" to "Woo - MCP"
  - Updated server name to "Woo - MCP Server"
  - Updated server instructions and package documentation
  - Simplified branding for better recognition

* #000007 - Update plugin branding to WooCommerce MCP  
  Date: July 19, 2025 @ 15:10 CET
  - Updated server name from "WordPress MCP Server" to "WooCommerce MCP Server"
  - Updated server instructions to reference "WooCommerce store" instead of "WordPress site"
  - Enhanced branding consistency across MCP server identification

* #000006 - CRITICAL FIX: Add function checks to prevent fatal errors in McpWooIntelligentSearch
  Date: July 19, 2025 @ 14:30 CET
  - Fixed fatal "Call to undefined function" errors during plugin initialization
  - Added function_exists() checks for wc_get_products() and get_terms()
  - Ensures graceful degradation when WooCommerce/WordPress functions not available
  - Resolves "Critical error on this website" message

* #000005 - EMERGENCY FIX: Resolve plugin 500 errors and restore functionality  
  Date: July 19, 2025 @ 13:15 CET
  - Added function check before calling rest_get_server() in RegisterMcpTool.php
  - Removed problematic test files that caused WordPress loading errors
  - Updated deployment workflow to re-enable plugin after fixes applied
  - Prevents fatal errors when REST API not fully initialized

**DEPLOYMENT & INFRASTRUCTURE**

* #000004 - Add GitHub Actions deployment workflow - Updated
  Date: July 19, 2025 @ 13:00 CET
  - Enhanced deployment workflow with emergency recovery features
  - Added git stash for local changes handling
  - Implemented plugin re-enabling after fixes
  - Added PHP OPcache clearing and WordPress cache flushing
  - Improved error handling and recovery mechanisms

**FEATURES & ENHANCEMENTS**

* #000003 - Fix JSON-RPC validation errors in shipping tools
  Date: July 19, 2025 @ 12:45 CET
  - Enhanced error response formatting for JSON-RPC 2.0 compliance
  - Added result validation to prevent malformed responses
  - Improved shipping zone tools with required parameter validation
  - All shipping tools now use callback methods for better error handling
  - Fixed parameter requirements for wc_get_shipping_zone, wc_get_shipping_methods, wc_get_shipping_locations

* #000002 - Uncommented intelligent search
  Date: July 19, 2025 @ 12:30 CET
  - Enabled McpWooIntelligentSearch tool for AI-powered product search
  - Provides advanced search capabilities with relevance scoring
  - Supports intent analysis and category/tag matching

**AI AGENT WORKFLOW FIXES**

* Product Search Workflow Improvements
  - Enforces proper search sequence: wc_products_search → wc_get_product_variations
  - Prevents AI agents from skipping search step and using wrong product IDs
  - Clear workflow guidance for finding products with multiple variations
  - Explicit warnings against common AI agent mistakes

* JSON-RPC Error Response Standardization
  - Fixed 6 malformed error responses in McpWooIntelligentSearch.php
  - All errors now follow JSON-RPC 2.0 specification with proper error codes
  - Prevents client-side JSON parsing errors and protocol violations
  - Improved error codes: -32001 (MISSING_PARAMETER), -32002 (RESOURCE_NOT_FOUND)

* Universal Store Type Support
  - Enhanced descriptions to support ANY WooCommerce store type
  - Works across electronics, food, pets, pharmacy, automotive, clothing, books, etc.
  - Universal product search patterns and examples for all industries
  - Scalable architecture for diverse product catalogs

* Product Variations Workflow
  - Step-by-step guidance for getting product colors, sizes, and attributes
  - Clear differentiation between global attributes and product-specific variations
  - Examples for clothing, electronics, food, and automotive industries
  - Prevents confusion between wc_get_product_attributes and wc_get_product_variations

**TECHNICAL IMPROVEMENTS**

* Enhanced error handling across all tools
  - Added comprehensive function existence checks
  - Improved graceful degradation when dependencies unavailable
  - Better error logging and debugging capabilities
  - Consistent error response formatting

* Shipping tools enhancements
  - Safe callback methods for zone validation
  - Support for zone ID 0 (default zone) handling
  - Comprehensive country shipping availability checker
  - Dynamic shipping method detection using WooCommerce settings

* Plugin architecture improvements
  - Better initialization timing and dependency management
  - Enhanced REST API route validation
  - Improved tool registration safety checks
  - More robust error recovery mechanisms

**BUG FIXES**

* Fixed AI agent product ID confusion preventing correct product variations lookup
* Fixed JSON-RPC protocol validation errors causing client communication failures
* Fixed tool descriptions leading to incorrect AI agent workflow sequences
* Fixed REST API initialization timing issues
* Removed debug files that could cause production errors
* Fixed WooCommerce dependency checking
* Improved plugin activation and deactivation handling
* Enhanced compatibility with WordPress core functions

**SECURITY & STABILITY**

* Added comprehensive input validation
* Enhanced error boundaries to prevent fatal crashes
* Improved plugin isolation and error containment
* Better handling of edge cases and malformed requests
* Strengthened plugin recovery mechanisms

**DEVELOPER EXPERIENCE**

* Enhanced AI agent development workflow with clear tool usage patterns
* Comprehensive search guide with universal examples for all store types
* Detailed product variations workflow documentation
* Improved error logging and debugging information
* Better documentation of critical functions
* Enhanced development workflow with emergency recovery
* Comprehensive testing patterns for shipping functionality
* Clear separation of concerns in tool architecture

---

**Emergency Deployment History:**
- 4e39c3c: FIX: AI agent product search workflow and JSON-RPC error handling
- 5a3dc06: EMERGENCY: Disable plugin permanently due to 500 errors
- aca2771: EMERGENCY: Add plugin disable/enable to deployment  
- b95e749: HOTFIX: Remove WordPress commands causing site crash
- c74503f: EMERGENCY FIX: Resolve plugin 500 errors and restore functionality
- 24f5713: CRITICAL FIX: Add function checks to prevent fatal errors in McpWooIntelligentSearch

**Plugin Status:** Stable and fully functional with comprehensive error handling
**WordPress Compatibility:** 6.4+
**WooCommerce Compatibility:** 3.0+
**PHP Requirements:** 8.0+