Changelog

Added

• Category system with hierarchical organization and dedicated admin UI
• Event reminder emails with configurable timing and cron scheduling
• GDPR privacy tools (WordPress privacy exporter/eraser integration)
• Activity logging with OWASP A09 compliant audit trail
• HPOS (High-Performance Order Storage) compatibility for WooCommerce
• Distribution packaging for WordPress.org submission
• Shadow post type for WordPress search and Gutenberg link integration
• Open Graph and Twitter Card meta tags for social sharing
• Core sitemap provider for event and occurrence URLs
• Dependency injection container replacing static facades
• Waitlist infrastructure (table, model, repository, service)
• 12 Architecture Decision Records documenting design choices
• Infection mutation testing in pre-push hooks

Changed

• Test suite expanded to over 5,500 unit tests, mutation-tested with Infection
• PHPStan upgraded to Level 7
• God class decomposition across 8 major components into focused single-responsibility modules
• CSS custom properties for themeable colors
• 12px minimum font floor enforced across all frontend components

Fixed

• Event time saving, AJAX pagination, category filtering, ticket quantity controls
• PHP 8.3 DateMalformedStringException compatibility
• Gutenberg block editor implementations

Security

• 100% nonce coverage on all AJAX/form/REST handlers
• All error_log calls guarded by WP_DEBUG checks

Requirements

• WordPress 6.4+
• PHP 8.2+
• WooCommerce 8.5+ (for ticketing)

Remediation patch responding to WordPress.org plugin-review feedback. The reviewer flagged the nte prefix as too short (under 4 characters); this release renames every prefixed identifier in the plugin and bundles the corresponding database migration. Substantial diff for a patch release — treated as a remediation patch within the same review cycle rather than a feature release; no new functionality.

Changed

• All nte_* prefixed identifiers renamed to nettertech_events_* (or nettertech-events-* for kebab-case): hooks, options, post/user/order-item meta keys (_nte_* → _nettertech_events_*), transients, AJAX action strings, nonces, $_POST keys, JS-localized variables, custom database table prefixes, cron hooks, and shortcodes ([nte_list] → [nettertech_events_list], etc.)
• Custom post type slug: nte_event → nettertech_event (16 characters; the originally-planned 23-character slug exceeded WordPress core’s register_post_type() limit)
• Taxonomy slugs: nte_event_category → nettertech_event_category; nte_event_tag → nettertech_event_tag
• REST base: nte-events → nettertech-events (/wp-json/nettertech-events/...)
• Style handle: nte-public-ticket → nettertech-events-public-ticket

Added

• PrefixMigrationManager — automatic Step 2 migration runs on plugin upgrade. Renames database tables (with conflict detection), updates wp_posts.post_type and wp_term_taxonomy.taxonomy, migrates options and meta keys, classifies transients (cache vs stateful), reschedules cron hooks while preserving cadence, and rewrites shortcodes inside wp_posts.post_content
• Read-only preflight_inventory() dry-run reporter and verify() post-migration straggler check (admin diagnostic)
• Block source files (blocks/*/src/index.jsx) now ship alongside their compiled output (blocks/*/build/index.js) for WP.org guideline 4 compliance; readme.txt has a new “Source Code & Build” section pointing to the source files and giving the rebuild command (npm install && npm run build)

Fixed

• 13 sanitization sites across the addon plugins flagged by WordPress.Security.ValidatedSanitizedInput (Rentals: 11; Seating: 2) — added explicit wp_unslash() and sanitize_text_field() chains at the access point
• uninstall.php was filtering shadow posts by a 23-char post-type slug that was never a live slug; now reads from the canonical ShadowPostType::POST_TYPE constant so the filter stays in sync with the registered slug
• uninstall.php transient cleanup was matching the pre-rename _transient_nte_% prefix and would have orphaned every post-1.0.1 transient on uninstall; pattern updated to match the post-migration prefix

Breaking

• Yoast SEO title-template variables renamed. The three custom variables registered via wpseo_register_var_replacement() were updated from %%nte_event_date%% / %%nte_event_venue%% / %%nte_event_organizer%% to %%nettertech_events_event_date%% / %%nettertech_events_event_venue%% / %%nettertech_events_event_organizer%%. Sites with the legacy variable names in their Yoast title templates need to update those templates after the upgrade — the old names no longer resolve and Yoast renders the literal string. Rank Math equivalents were already on the new prefix and are unaffected.

Migration notes

• Migration runs automatically on plugin upgrade. Idempotent and lock-protected (600-second transient lock prevents parallel runs across admin/REST/cron processes).
• If both the old and new tables exist for any artifact, the migration logs the conflict and aborts rather than auto-merging — operators must resolve the conflict manually before re-running.
• MySQL DDL (RENAME TABLE) is auto-commit; take a wp db export snapshot before running on production data.
• A site that has already migrated and wants to re-run can clear the completion flag with wp option update nettertech_events_prefix_migration_complete '' before triggering the upgrade hook.

Requirements

• WordPress 6.5+
• PHP 8.2+
• WooCommerce 8.5+ (for ticketing)

The first public release on WordPress.org. Version 1.0.2 closes out the WordPress.org plugin review with a second round of compliance remediation on top of the 1.0.1 prefix rename. Every item landed as a focused root-cause refactor rather than an inline suppression. No new functionality.

Changed

• Output escaping refactored across blocks, Beaver Builder modules, frontend shortcodes, admin/repository/service classes, and templates. A custom wp_kses allowlist helper preserves the SVG, ARIA, and data-* attributes that wp_kses_post would otherwise strip.
• Service classes (RecurrenceRuleBuilder, TicketTypeSaver, CheckInEmailSaver, AttendeeFieldsSaveHandler) no longer read $_POST directly. Callers pass verified data after nonce and capability checks, and bulk-action handlers extract input only after nonce verification.
• SecurityHeaders re-anchored to the current_screen and WP_Screen API instead of reading $_GET early in admin_init.
• Calendar shortcode URL parameters moved to registered query vars (nettertech_events_calendar_month and ..._date). Legacy ?month= and ?date= URLs 301-redirect to the prefixed format.
• Dynamic hook patterns replaced with fixed Hooks::* constants; what was previously encoded in the hook-name suffix now arrives as an action argument. Backward-compatible bridges fire the deprecated names alongside the canonical ones and will be removed in 2.0.
• Template loader now passes a typed TemplateContext (or EmailContext for email templates) as a single $context parameter. Thirty-two templates refactored to property-style access.

Fixed

• Settings input, the ticket-cart JSON payload, and bulk actions now sanitize at the request boundary.
• EventTemplateResolver::can_preview_event() closed a gap where a malformed ?preview= value could skip nonce verification.

Packaging

• Vendor documentation (per-library licenses, notices, changelogs, tests, and examples) excluded from the distribution zip. Bundled-library attribution is consolidated in readme.txt. The dual-licensed chillerlan/php-qrcode dependency is used under MIT, which is GPL-2.0 compatible.
• Readable block source (blocks/*/src/index.jsx) ships alongside the compiled output, with a “Source Code & Build” section in readme.txt and the rebuild command.

Requirements

• WordPress 6.5+
• PHP 8.2+
• WooCommerce 8.5+ (for ticketing)

Added

• Initial beta release
• Event creation with custom database tables
• RFC 5545 recurring events with pre-computed occurrences
• WooCommerce ticketing integration
• QR code check-in
• REST API endpoints for headless use
• Beaver Builder modules
• Theme-overridable templates

Requirements

• WordPress 6.4+
• PHP 8.2+
• WooCommerce 8.5+ (for ticketing)