klevze/UploadShied
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename project to UploadShield: update runtime, configs, docs, and provisioning; run lint/tests

Browse Source
This commit is contained in:
Gregor Klevže
2026-02-12 14:48:07 +01:00
parent d1310e0844
commit 7c8bccc911
20 changed files with 95 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/release-checklist.md
View File

@@ -1,10 +1,10 @@
# Release & Deploy Checklist
This checklist helps you deploy UploadShield's primary script (`upload-logger.php`) to production safely.
This checklist helps you deploy UploadShield's primary script (`uploadshield.php`) to production safely.
## Pre-release
- [ ] Review and pin configuration in `upload-logger.json` (see `examples/upload-logger.json`).
- [ ] Review and pin configuration in `uploadshield.json` (see `examples/uploadshield.json`).
- [ ] Ensure unit tests pass and CI workflows are green for the release branch.
- [ ] Run static analysis (`vendor/bin/phpstan analyse`) and fix any new issues.
- [ ] Run `composer audit` to confirm no advisories remain.
@@ -28,7 +28,7 @@ This checklist helps you deploy UploadShield's primary script (`upload-logger.ph
## Configuration
- [ ] Create `upload-logger.json` from `examples/upload-logger.json` and adjust values:
- [ ] Create `uploadshield.json` from `examples/uploadshield.json` and adjust values:
- `paths.quarantine_dir` — absolute path to `quarantine/`.
- `paths.state_dir` — absolute path to `state/`.
- `paths.allowlist_file` — path to `allowlist.json`.
@@ -37,7 +37,7 @@ This checklist helps you deploy UploadShield's primary script (`upload-logger.ph
## Deployment
- [ ] Ensure `php_admin_value[auto_prepend_file]` is configured in the site pool for PHP-FPM to include `upload-logger.php` (UploadShield).
- [ ] Ensure `php_admin_value[auto_prepend_file]` is configured in the site pool for PHP-FPM to include `uploadshield.php` (UploadShield).
- [ ] Reload or restart PHP-FPM gracefully after changing pool settings.
- [ ] Verify the web server denies direct access to `logs/` and `quarantine/`.
@@ -50,7 +50,7 @@ This checklist helps you deploy UploadShield's primary script (`upload-logger.ph
## Post-release
- [ ] Configure log rotation (see `examples/logrotate.d/upload-logger`).
- [ ] Configure log rotation (see `examples/logrotate.d/uploadshield`).
- [ ] Set up monitoring/alerting on log file growth, error events, and flood alerts.
- [ ] Schedule periodic dependency checks (Dependabot and weekly `composer audit`).
- [ ] Periodically review `allowlist.json` and detector tuning to reduce false positives.