Removed reference to a Foreground terms URL that did not resolve. The plugin’s readme now lists only the Foreground privacy policy URL (which exists and is current). No code change.
2.1.7
WordPress.org review compliance pass.
Added == External services == section to the readme disclosing the single self-audit HTTP request and clarifying that all third-party mentions (Meta endpoints, third-party WP plugins, foreground.agency) are documentation references — the plugin does not connect to any of them.
Wrapped the two internal SVG renderers (score gauge, score history sparkline) in wp_kses() with an explicit SVG element/attribute allowlist instead of phpcs:ignore suppression. No visible UI change.
2.1.6
Detect Pixel installations behind cookie-consent gates (Cookiebot, CookieYes, Iubenda, etc.). The Pixel-installed and events-firing checks now also recognize: noscript fallback img tags (facebook.com/tr?id=X), and known plugin signatures (PixelYourSite, Meta for WordPress, CAPI Suite). Previously the audit returned a false “no Pixel found” for any consent-deferred install — common on EU/UK sites.
Pixel ID extraction now reads from noscript fallback when inline init is unavailable.
2.1.5
Cache-bust on audit fetch. Appends ?fcapi_audit={timestamp} to the home URL so Cloudflare / Varnish / WP-Rocket / other reverse-proxies serve fresh origin HTML rather than a stale cached page. Prevents the “no Pixel found” false-negative when a user installs a Pixel but forgets to purge their CDN cache.
2.1.4
Plugin Check compliance pass for WordPress.org submission.
Added /* translators: */ comments to every sprintf/__() with placeholders (10 spots across audit-runner and admin-page).
Fixed unordered placeholders in the “events detected” string (now uses %1$d %2$s positional).
Swapped parse_url() for wp_parse_url() per WordPress coding standards.
Removed Domain Path: /languages header (no translation folder shipped yet).
Suppressed false-positive escape-output flag on internal SVG renderers (render_score_gauge, render_sparkline) with phpcs:ignore + audit comments.
Trimmed plugin tags from 9 to 5 (WP.org max) and short description under 150 chars.
2.1.2
Brand: replaced the CSS-rendered “F” placeholder in the dashboard header and About card with the official Foreground icon PNG. Visual identity now matches the rest of foreground.agency exactly.
2.1.1
Security hardening pass before WP.org submission.
Replaced double-escape pattern (inner esc_html before sprintf into translation) with sanitize_text_field() for remote-derived strings — prevents render-time over-escaping.
SVG attributes in score gauge wrapped in esc_attr() (defense-in-depth, values were already integers).
SSRF surface locked: audit-runner now ALWAYS fetches home_url(), ignores any passed target_url. Prevents future contributors accidentally creating a generic URL-fetcher.
2.1.0
Added “About this plugin” sidebar card to fill the empty space in the score hero. Single contextual CTA: “Get the Pixel Fix” when score < 85, “Visit foreground.agency” when score 85+.
3-column hero layout (score gauge / status panel / about card). Responsive: collapses to 2-col then 1-col on smaller screens.
2.0.0
Complete UI redesign with branded dashboard header, circular score gauge, and 5 stat cards (Pass / Warn / Fail / Est. loss / Total).
Checks are now grouped into 5 categories: Foundation, Match Quality, Reliability, Compliance, Optional.
Removed all per-row “Fix it for me” buttons. Each failing check now expands inline to show DIY fix steps with difficulty rating (Easy / Medium / Hard).
Removed the prominent CTA banner. Foreground branding moved to a single discrete footer line.
Improved empty state with helpful onboarding text.
Sparkline graph in score history now uses the brand orange and has an area fill gradient.
1.0.3
UX: Score history panel now auto-expands at 2+ runs (was 3+). Iteration feedback is visible immediately on the second audit.
1.0.2
NEW: Score history with delta indicator. Each re-run shows +/- vs the previous score plus a 20-run sparkline graph so you can visually track improvements as you fix issues.
NEW: “Best ever” badge so you can see your historical peak.
Detailed run history table with timestamps, pass/warn/fail breakdown, and estimated attribution loss per run.
1.0.1
FIX: Audit now surfaces fetch errors (SSL, firewall, loopback issues) instead of silently failing.
Added SSL fallback chain — retries with sslverify=false then falls back to HTTP if needed.
