Cronheart

add_action( 'plugins_loaded', function () {
    cronheart_monitor( 'my_nightly_report', 'xxxxxxxx-…' );
}, 1 );

Changelog

0.4.0

• Per-event monitoring UI. A new Settings → Cronheart Events screen lists the site’s recurring WP-Cron events and lets you, per event, assign one of your monitors from a dropdown or auto-create an interval monitor for it in one click — the point-and-click alternative to the cronheart_monitor() helper and CRONHEART_EVENT_<HOOK>_UUID constants (both still work and still take precedence).
• Auto-create. “Auto-create & assign” derives an interval monitor from the event’s WP-Cron schedule — name from the hook, interval in seconds, site timezone, and a grace period — within cronheart.com’s accepted ranges, and is offered only for unmapped, recurring events. It is idempotency-keyed so a double click is safe.
• The assign / auto-create actions go through the same admin-AJAX contract as 0.3.0 (nonce, manage_options, boundary validation, no public endpoint); the request hook is always validated against the discovered event set, and assigning a monitor is a local option write that needs no token. The live controls are token-gated like the heartbeat picker; without a token the screen is a read-only view.
• The “External services” disclosure now also covers the create call (POST /api/v1/monitors), sent only when you click “Auto-create & assign”.

0.3.0

• Account overview. With a cronheart.com API token configured, Settings → Cronheart now shows your plan, monitor budget (used / limit / remaining), and API rate-limit standing, with an upgrade nudge when you are near your monitor limit.
• Monitor management from wp-admin. A new “Your monitors” table lists each monitor with its status and any active snooze, and lets you pause, resume, snooze (1 hour / 4 hours / 1 day / 1 week), or unsnooze it — applied on cronheart.com immediately. This is the plugin’s first admin-AJAX surface: every action is nonce-checked, capability-gated (manage_options), validated at the boundary, and degrades to a readable message rather than a fatal if the API call fails. No public (nopriv) endpoint is registered.
• Monitor status in the picker. The heartbeat dropdown now shows each monitor’s status alongside its name.
• Upgraded the bundled cron-monitor/php-sdk to ^1.1, which adds the account and monitor-lifecycle endpoints these features use.
• The “External services” disclosure has been rewritten to cover the new read (GET /api/v1/account) and write (POST /api/v1/monitors/<uuid>/{pause,resume,snooze,unsnooze}) calls; all remain wp-admin-only, token-gated, and triggered by an administrator’s explicit action.

0.2.1

• Documentation and screenshots for the monitor picker. No functional change from 0.2.0 — the plugin code is identical; this release refreshes the readme (“What it does”, external-services disclosure, FAQ) and adds an updated settings-page screenshot showing the picker.

0.2.0

• Monitor picker. Save a cronheart.com API token under Settings → Cronheart and the heartbeat field becomes a dropdown of your monitors instead of a free-text UUID box. The selection still saves to the same cronheart_heartbeat_uuid option, so nothing changes about how pings are sent — only how you fill in the UUID.
• Write-only API token field. The token is never echoed back into the page; it can be set in the database or, preferred for production, via a new CRONHEART_API_TOKEN constant in wp-config.php.
• wp-admin-only API call. Listing your monitors happens only on the settings page, only when a token is configured, and never on the front end or during WP-Cron. The runtime ping path is unchanged and carries no account credential. See the updated “External services” disclosure.
• Graceful fallback. If the listing fails — no API access on your plan, an invalid token, a rate limit, or a network error — the page shows a notice and falls back to manual UUID entry. The admin page never fatals.
• Upgraded the bundled cron-monitor/php-sdk to ^1.0, which adds the authenticated management-API client the picker uses.

0.1.9

• Plugin Directory review round 2 fix. Contributors: changed from cronmonitor to cronheart — the reviewer’s static analysis pointed out that the WordPress.org account that actually owns the cronheart plugin slug (and uploaded every version including v0.1.8) is cronheart, not cronmonitor. v0.1.7’s switch to cronmonitor was a wrong guess at the right owner identity; v0.1.9 puts the actual slug owner in the contributors line.
• No code changes.

0.1.8

• Bump “Tested up to” from 6.9 to 7.0. The v0.1.7 re-upload was rejected by WP.org’s automated scan because WordPress 7.0 had shipped between our v0.1.5 submission and the v0.1.7 re-upload, and the “Tested up to” header now lagged again. Devstack also moved to wordpress:7.0-php8.2-apache; smoke run + Plugin Check re-verified green on 7.0.
• No code changes.

0.1.7

• Restored Terms of Service / Privacy policy links in the readme. The URLs the WP.org reviewer flagged as HTTP 404 in v0.1.5 (cronheart.com/legal/terms, cronheart.com/legal/privacy) were wrong paths — the live pages have always been at cronheart.com/terms and cronheart.com/privacy. v0.1.6 removed the links entirely as the most cautious response to the review feedback; v0.1.7 puts them back, pointing at the correct URLs (both return HTTP 200).
• No code changes.

0.1.6

• Plugin Directory review round 1 fixes. No behaviour changes — pings, hooks, admin UI all identical to 0.1.5.
• Removed two cronheart.com/legal/* links from the readme that responded with HTTP 404. The “External services” section in this readme already provides a full data-flow disclosure; stand-alone Terms / Privacy pages will be linked back when the corresponding cronheart.com URLs are live.
• Contributors: set to cronmonitor (the WordPress.org account that submitted the plugin); previously held a stale GitHub handle (alexanderpo) that did not match any WP.org user.
• Release zip no longer ships vendor/bin/cron-monitor or vendor/cron-monitor/php-sdk/bin/cron-monitor — those CLI binaries are part of the SDK’s local-dev tooling and have no use inside a WordPress plugin. bin/build-release.sh now strips every vendor/*/bin/ directory at zip time. PSR-4 autoload of the SDK’s runtime classes is unaffected.

0.1.5

• Bump “Tested up to” from 6.7 to 6.9. WordPress.org’s automated scan blocks submission when the readme’s “Tested up to” lags the current stable WordPress release, even when the underlying code is unchanged — the field is treated as a freshness signal for the Plugin Directory search. Devstack also moved to wordpress:6.9-php8.2-apache; smoke run + Plugin Check re-verified green on 6.9.
• No code changes.

0.1.4

• Pre-submission cleanup before the WordPress.org Plugin Directory review. No behaviour changes — pings, hooks, and admin UI all identical to 0.1.3.
• Release zip no longer ships CLAUDE.md and similar contributor-only docs from vendored packages; the bundled tree is now scoped to what the runtime actually needs.
• LICENSE gained an explicit project copyright header (cronheart-wp — Copyright (C) 2026 Alexander Palazok); the GPL-2.0 preamble follows unchanged.
• CHANGELOG.md hygiene: missing [0.1.1] section header restored; internal sprint-tracking term (“Sprint D”) removed from the public 0.1.3 entry; stale “deferred to v0.1.1+” notes on vendor namespace prefixing rewritten to reflect the current “deferred pending first reported collision” stance.

0.1.3

• WordPress.org Plugin Check fixes: added defined('ABSPATH') direct-access guards to every PHP file the static analyser reaches; refactored the monitored-events table render so the escape calls are direct printf arguments (the previous pre-assigned variable was flagged by EscapeOutput); shipped composer.json / composer.lock alongside vendor/ in the release zip so the bundled dependencies are reproducible.
• No behaviour changes — pings, hooks, and admin UI all identical to 0.1.2.

0.1.2

• WordPress.org submission readiness: full readme.txt (Description, FAQ, Screenshots, External-services disclosure), version bump from 0.1.1.
• No code changes — pure metadata polish for the Plugin Directory submission.

0.1.1

• Endpoint override: CRONHEART_ENDPOINT constant and cronheart_endpoint option for pointing the plugin at a non-production cronheart deployment (staging, private VPC, local backend).
• CRONHEART_ALLOW_INSECURE_ENDPOINT constant / cronheart_allow_insecure_endpoint option to opt into plain http:// endpoints (required for local backends behind host.docker.internal or TLS-less private VPNs; default false).
• Local end-to-end smoke harness under devstack/ for verifying the plugin against either production cronheart.com (public contributors) or a local cron-monitor backend (maintainers).
• No breaking changes — installs without the new constants keep the v0.1.0 behaviour.

0.1.0

• Initial scaffold (GitHub-only release; WP.org submission deferred to v0.1.2+).
• Site-wide heartbeat layer with a 5-minute custom schedule.
• Per-event monitoring with cronheart_monitor() helper and cronheart_monitor_map filter.
• CRONHEART_HEARTBEAT_UUID and CRONHEART_EVENT_<HOOK>_UUID constants for sourcing UUIDs from wp-config.php.
• Admin page at Settings → Cronheart for sites without wp-config.php access.
• PHP fatal-error capture for the fail-ping body.