Asteris for WordPress — Changelog

Reverse-chronological. One entry per shipped version. Updated the same day a release goes out.

The current branch is v1.0.0-alpha.243+ — pre-launch QA. The 1.0.0 release is the public launch; the alpha numbers are the build cadence as we sign off each module against the Tier 1 + Tier 2 gap analyses.

For what’s coming next, see the roadmap.

v1.0.0-alpha.243 — 2026-06-11

Insights v2 — UTMs, Search Console keywords, AI assistant traffic, custom events. 14 new analytics features on top of the v1 pipeline shipped earlier the same day.

• Persistent UTM attribution on log_visit. 5 UTM columns (source / medium / campaign / term / content) plus 3 first-touch columns (utm_first_*) that stay locked across return visits, so a Twitter campaign that drove the original landing still gets credit when the visitor returns three weeks later and converts.
• Search Console keyword dimension. Daily sync now also pulls (query, page) — populates a new 🔑 Top search queries tile + a 🎯 Page-level keyword opportunity finder (pages ≥200 impressions, <4% CTR, position ≤20 — content optimization candidates surfaced automatically).
• AI assistant traffic classification. ChatGPT, Claude, Perplexity, Gemini, Copilot, You.com, Phind, and Meta AI referrers are detected and bucketed as a dedicated “AI Search” channel — nothing else in the WP analytics category does this. New 🤖 dashboard tile + AI traffic spike annotation when ≥10 AI visits land in 24h.
• WP internal site search capture. ?s=foo queries logged with optional result count. New 🔎 Top searches tile + zero-result spike annotation (content-gap signal).
• UTM channel auto-classification. Channel_Rules.php — GA4-aligned, filter-extensible. t.co, twitter.com, x.com all roll up to “Organic Social”.
• UTM Builder UI — paste destination, fill source/medium/campaign, copy a well-formed URL. Settings page section.
• Campaign A/B compare — pick two campaigns from dropdowns, side-by-side metrics. Settings page section.
• Cohort retention by first-touch campaign — 7-day + 30-day return rates per cohort.
• Custom event tracking — window.asterisInsights.trackEvent(name, props) JS API. Events automatically inherit the current visit’s UTMs.
• Schema migrations: Insights schema v1→v2 (log_visit columns + new log_search_internal table); SEO_AI schema v2→v3 (new gsc_keyword_metrics table).
• 14 features, 12 PHP files lint clean.

v1.0.0-alpha.242 — 2026-06-11

Asteris Insights ships as module #13. First-party, cookieless WordPress analytics with cross-module annotations from Activity Log / Security / SEO. Bundle module count is now 13.

• Asteris Insights v1 — 19 files, ~3,500 LOC of analytics pipeline. Sub-1KB beacon, 24-hour-rotating salt visitor hash, hourly buffer→log promotion cron, daily retention prune, CSV export, Cloudflare + MaxMind GeoIP, WooCommerce server-side conversion tracking, weekly email digest.
• “Why numbers moved” annotation panel — reads Activity Log for cross-module signals. WAF block spikes from Security, plugin/theme updates from Activity Log, Search Console click drops from SEO+AI all surface as automatic annotations on the time-series chart. Nothing else in the WP analytics category does this.
• Search Console integration moved from SEO+AI module to Analytics + Pixels → Data sources tab. The CONFIG belongs with the trackers; the DISPLAY belongs in Insights.
• Analytics + Pixels Settings → CSS-only tabs. Pixels tab (existing 5 cards — GA4, GTM, Meta, TikTok, LinkedIn) and Data sources tab (Search Console live, Bing Webmaster + GA4 Data API coming-soon cards). New Data_Source_Interface contract so future two-way integrations plug in identically.
• Sidebar order corrected — Analytics + Pixels → 📊 Insights → ⚙ Insights Settings now sit consecutively under ★ Asteris.
• SEO+AI shared AI response parser — alpha.231’s robust JSON extractor (handles fenced code, prose-wrapped JSON, alternate wrapper keys, line-by-line lists) now powers Keyword Research + Keyword Explorer + Bulk Editor + Content Brief + Meta Box via the shared AI_Response_Parser class. One place to fix future AI quirks across all 5 consumers.
• CSV export of log_visit + log_link_visit_action from Insights Settings — GDPR data portability, external reporting, migration.
• MaxMind GeoLite2 vendored at src/Vendor/MaxMind/Db/ (Apache 2.0). Customer uploads their .mmdb once for non-Cloudflare GeoIP.

v1.0.0-alpha.222 — 2026-06-09

Canonical Updater.php Server_URL P0 fix + Diagnostic auto-invalidation.

• Fixed canonical Updater.php calling Server_URL::get (does not exist) — should have been ::resolve. Customers running v1.9.6+ updaters would have seen update checks silently fail; this fix restores update visibility.
• Diagnostic results now auto-invalidate when the schema version bumps so stale “no issues found” claims don’t persist across plugin updates.

v1.0.0-alpha.220 — 2026-06-08

P0 Schema.php fatal fix.

• Plugin activation was throwing a fatal in src/Modules/SEO_AI/Schema.php for sites that had upgraded from very early alpha builds (pre alpha.180). Fix back-fills a renamed option key on activation so the new code path can read it.

v1.0.0-alpha.218 — 2026-06-07

Asteris Links ships as module #12. Ported from the WC plugin’s Links module. Bundle module count is now 12.

• Branded short links at yourdomain.com/go/whatever with click tracking, UTM auto-stitch (incoming and outgoing), and per-link analytics.
• Plugs into the Activity Log for audit trail of link create / update / delete.
• Sister-plugin guards in place so installing both Asteris for WC and Asteris for WordPress on the same site doesn’t double-register the Links menu.
• Fixed initial menu label + dashboard tile “Open” button alignment in alpha.218 patch.

v1.0.0-alpha.215 — 2026-06-06

Diagnostic apply-fix UI.

• Diagnostic results page in the admin now offers per-finding “Fix” buttons that auto-resolve common configuration issues — orphaned cron events, schema option-key drift, stale transients, missing capability assignments. Maps each finding to the safest auto-correction; if no safe fix exists, the row shows manual guidance instead.

v1.0.0-alpha.213 — 2026-06-06

Activity Log shared-module wrapper.

• src/Modules/Activity_Log/Module.php rewritten as a thin wrapper that delegates to the canonical implementation in src/shared/Modules/Activity_Log/. Both plugins (WordPress + WooCommerce) now use the same underlying code — same event types, same UI, same data shape.

v1.0.0-alpha.212 — 2026-06-05

Self-hosted plugin updater shipped.

• Vendored canonical Updater.php into src/shared/License/. Adds a License::boot_updater() static that hooks into WordPress’s plugin update screen so customers see “Update available” on Asteris exactly the way they do for WordPress.org plugins. Customers can one-click upgrade from wp-admin/plugins.php — no more zip-and-FTP cycles between versions.
• Free build correctly strips the updater (only paid customers get update delivery).

v1.0.0-alpha.209 — 2026-06-05

Licence platform switched: Lemon Squeezy → Stripe direct via Asteris Licence Server.

• New shared module: AsterisShared\License\* (Client + Cron + Server_URL) vendored from ~/CLAUDE_CODE/ASTERIS_SHARED/License/. 6th truly-shared module across WC/WP/Cart.
• src/Core/License.php rewritten as a thin wrapper around the shared client. Preserves WP-specific FREE_MODULES (6) + TIER_MODULES (flat — every paid tier unlocks every module; site count and SLA are the only tier differentiators).
• Daily revalidation cron scheduled on every boot (asteris_wp_license_revalidate).
• Dev-bypass refined: .local / .test / localhost hostnames bypass licence enforcement when no key is entered; once a key is pasted, validation proceeds normally so the real activation flow can be tested locally.
• Founder cohort cap unified across all three Asteris products at 120 (100 paid + 20 competition winners), enforced server-side. Was 500 in earlier plans — see /founder-500 and /pricing for the new mechanics.

v1.0.0-alpha.208 — 2026-06-04

Accessibility module v1 ships.

• New module: WCAG 2.1 AA scanner (DOMDocument + XPath, 13 checks)
• On-save scan with in-editor metabox showing issues + line numbers
• Site-wide audit dashboard with worst-offenders report
• EAA-compliant accessibility statement generator
• Scheduled site-wide rescans
• REST endpoint for CI integration

Closes the 11th v1.0 module. All v1.0 modules now built; entering pre-launch QA.

v1.0.0-alpha.205 — 2026-06-03

Performance module locked to v2 spec.

• Re-scoped after deep-research workflow against WP Rocket, NitroPack, Perfmatters, LiteSpeed Cache
• Positioning locked: “WordPress-safe by default”
• Added: fetchpriority on LCP, Speculation Rules (prerender on hover), Early Hints, host/APO detect, field-data CWV monitor
• New: features that will never auto-enable (combine CSS, async CSS, delay JS, link preload on logged-in pages) — opt-in only with conflict warnings
• WC-aware purge rules when Asteris for WooCommerce is co-installed

See memory/project_performance_v2_locked.md for the full re-scoping.

v1.0.0-alpha.199 — 2026-06-04

SEO + AI Suite Sprint 1 ports from Asteris for WooCommerce.

• Keyword Research (prompt-based tool with admin page + 4 REST endpoints)
• Keyword Coverage analyser
• Keyword Weave (internal-link suggestions)
• Keyword Explorer
• Builder_Sidebar shared class
• Docked SEO sidebars in Elementor, Bricks, Beaver Builder, Divi
• Gutenberg PluginSidebar
• Classic editor metabox

This is an interim port (~3,700 LOC). Full consolidation to the shared AsterisShared\Modules\SEO_AI\* namespace lands at v1.0 per the dual-plugin architecture.

v1.0.0-alpha.180 — 2026-06-03

SMTP + Email Logs module ships.

• 6 provider presets (Gmail / Microsoft 365 OAuth / SendGrid / Mailgun / Amazon SES / generic SMTP)
• Full email logs with body capture + headers
• Retention cron
• Deliverability alerts
• Resend + bulk + CSV export
• New: shared Util/Crypto.php (AES-256-CBC at-rest encryption for credentials)
• New: asteris_activity_log_redact_value filter (also closes the Forms integration-secret leak)

4th of 13 v1.0 modules locked.

v1.0.0-alpha.165 — 2026-06-03

Forms module ships.

• Drag-and-drop form builder
• 20 field types
• Anti-spam: honeypot + Cloudflare Turnstile + hCaptcha
• 5 integrations: Mailchimp, ConvertKit, MailerLite, Slack, Zapier webhook
• Conditional logic per field
• Multi-step forms with progress bar
• Activity Log + Site Health + Performance module integration as competitive differentiator

3rd of 13 v1.0 modules locked.

v1.0.0-alpha.163 — 2026-06-03

SEO + AI Suite 2nd-pass features ship.

After deep-research workflow against Yoast/RankMath/AIOSEO/SEOPress in their current 2026 state:

• llms.txt generator
• IndexNow auto-submit
• AI bot blocker (per-page meta + robots.txt)
• AI traffic tracker (who’s reading the site)
• Schema import URL
• SEO revisions per field
• Author E-E-A-T metadata
• Headline analyzer
• Yoast → Asteris one-click importer

Sprint 2 (RankMath / AIOSEO / SEOPress importers + admin UI polish) banked for v1.0 sign-off.

v1.0.0-alpha.100 — 2026-05-28

Security + Login + 2FA module ships.

• Brute-force protection with progressive lockout
• TOTP + WebAuthn (passkey) 2FA
• Per-role 2FA enforcement
• Hide / rename wp-login.php
• XML-RPC kill switch
• File-change monitoring with daily scan
• IP allow/block lists with country geofence
• Application Passwords audit

The wedge module. 1st of 13 v1.0 modules locked.

v1.0.0-alpha.83 — 2026-05-15

Initial plugin scaffold.

• Asteris for WordPress plugin bootstrapped from the shared engineering base
• Module loader, settings panel, licence manager (stub — switched to Stripe direct via Asteris Licence Server in alpha.209)
• Shared AsterisShared\* namespace stubbed
• Dual-plugin architecture committed (Path B locked)

Older versions

Pre-alpha.83 development happened in the Asteris for WooCommerce monorepo as the shared modules were being defined. The Asteris for WordPress changelog starts at alpha.83.

See also

• Roadmap →
• Modules →