0.5.2

• Cast meta keys to strings in SatisPress\Authentication\ApiKey\ApiKeyRepository::find_for_user() to prevent fatal errors in some situations #133.
• Fixed a fatal error when wp_parse_url() returned null #135. Props @danielbachhuber
• Moved functionality for determining excluded files to SatisPress\Archiver::get_excluded_files().

0.5.1

• Stopped throwing authentication exceptions when WP_DEBUG is enabled so HTTP challenge headers could be sent and allow clients to display a login prompt. #105.
• Prevented a fatal error in the authentication provider when URLs couldn't be parsed #122. Props @BrianHenryIE
• Handled cases when the server doesn't define the request method to prevent a notice #122. Props @BrianHenryIE
• Allowed settings to be saved when SatisPress is used in multisite mode #119.
• Removed a couple of dead or superfluous lines of code.

0.5.0

• Added the . (dot) character to the list of allowed characters for package slugs. See #108
• Removed the /coverage, /docs, /dist, and /tests directories from the default excludes. This is a breaking change in the sense that files in those directories will now be included unless they're configured to be excluded via a filter or .distignore. See #103
• Added a .distignore to exclude development files if SatisPress is added to the repository.
• Delegated the event handler for toggling plugins on the Manage Plugins screen to fix a bug preventing plugins from being toggled if the list of plugins had been filtered. See #107
• Removed internal array keys from the package repository classes to prevent an error when a theme and plugin have the same slug. See #109

0.4.1

• Added support for .distignore files to customize which files are excluded from generated artifacts (#100). Props @TimothyBJacobs
• Prevented a fatal error when the request path is null (#98). Props @danielbachhuber

0.4.0

• Packages names have been lowercased and invalid characters will be removed to prevent errors when Composer 2.0 is released (#90). This may require updates to composer.json if your project requires packages with uppercase characters.
• Refactored authentication servers to prevent conflicts with plugins that call determine_current_user earlier than expected (#94). This changes the server interface and will require code updates if you're using custom authentication server.
• Introduced a default logger implementation to surface issues in debug.log when debug mode is enabled. By default, only messages with a warning level or higher will be logged (#86).
• Updated the sanitization rules for custom vendor names to align more closely with Composer's rules.
• Introduced a testing suite and tests.
• Fixed the documented method for disabling authentication (#93). Props @rickard-berg
• Sorted releases just before building a package to ensure they're always in the expected order.
• Fixed the permalink for packages.json when rewrites aren't enabled.

0.3.2

• Improved the method for discovering package updates to make caching more reliable.

0.3.1

• Displayed an admin notice and prevented SatisPress from loading if required dependencies were missing (#76).
• Fixed a bug causing downloads to fail for plugins that have slugs with uppercase characters (#83).
• Assigned the injected logger to a local property in the Upgrade provider to prevent a fatal error when upgrades failed (#85).

0.3.0

This is a major rewrite that helps shift SatisPress from an experimental concept to a working solution for managing WordPress plugins and themes as Composer packages.

Major changes include:

• PHP 7.0 or later is required.
• Packages and endpoints require authentication by default.
• A random suffix is applied to the cache directory to prevent visitors from guessing its location.
• Earlier versions cached packages from source just before updating a plugin or theme. Plugins and themes are now immediately cached from source when they're whitelisted. If you're upgrading from an older version of SatisPress, artifacts should be automatically created for any uncached packages.
• Pending theme and plugin updates are downloaded directly from the vendor and exposed in packages.json, so updating is no longer required to expose new releases to Composer.
• Capabilities were added for viewing and downloading packages, as well as managing SatisPress options. Only administrators have access by default.
• The storage layer was abstracted to make it swappable.