Changelog

All notable additions and fixes to the Genius Checkout platform and its public-facing surface (/api/v1, webhooks, hosted checkout, storefront plugins, integration apps). Reverse-chronological. Dates are commit dates in UTC.

2026-05-22

• Added Subscriptions, Payment Tokens, Zapier, Rate Limits, Pagination, Versioning, Currencies, and Decline Codes pages.
• Added platform-plugin docs for PrestaShop, OpenCart, Magento 2, Wix, Give, and Odoo.
• Brought the Spanish and French translations of webhooks.md and woocommerce-plugin.md to parity with English.

2026-05-20

• GHL config page redesign — two-column guided layout with inline screenshot mockups of the signup + API-keys steps; disconnect button with confirm dialog; new POST /lc/configuration/disconnect clears stored keys for the verified location. +24 bilingual strings (en/es/fr/pt-BR).
• GHL iframe i18n + test/live safety — setup and detect-location views fully translated. queryUrl handlers derive mode from the API-key prefix; a gc_test_ key can never read or charge a live token (or vice versa).
• GHL connected merchant card — name, business, email, country, merchant id, key-mode badges, last-updated timestamp.
• GHL multi-tenant isolation (security) — /lc/configuration derives location_id only from a verified GHL SSO session; the cross-tenant location picker was removed.
• Transaction emails + receipt — added "Paid at" with timezone, Transaction # and Order # to receipt, declined, and merchant-alert emails. Brand-green button styling. Shipped 4 missing card SVGs (Diners, Dankort, UnionPay, Maestro).
• TransactionDetail panel — full card-data section (brand icon + masked PAN, expiry/funding/issuer/country, linked saved-token).
• Gateway Appearance feature — per-gateway display name, logo, supported card brands, and custom card icons.
• Customer Saved Payment Methods — merchant customer detail lists every PaymentToken for the customer with per-token captured/refunded vs declined/failed counts. ReportController::transactions accepts a payment_method_token_id filter.
• Design polish across the platform — unified status-badge palette, branded toggles, masked webhook secrets, right-aligned button pairs, tabular numerics, consistent date formatting, "secure-checkout" footer on the buyer flow.
• PhoneInput component — country flag + dial-code chip, E.164 emit, inputId prop for tests / autofocus.
• MPGS split into two gateways — mpgs_direct (direct API) and mpgs_hpp (Hosted Checkout). Mirrors the PowerTranz Direct + HPP split. Existing mpgs configs auto-migrate to mpgs_direct. capture_method gateway-option override added for banks that block PAY (defaults to manual AUTHORIZE).
• MPGS Test Connection button — mints a session via authenticated POST and surfaces gateway errors.
• Plans page — Plan model accessor heals legacy malformed features data.
• Saved cards — picker filters to the selected gateway; cross-gateway charges rejected server-side.

2026-05-18

• Branded email layout — header/footer/button color driven by per-merchant platform branding.
• Platform branding admin — name + 5 logo variants + email logo + brand color + PDF wiring.
• P0 production-readiness — webhook fail-closed, readiness command, multi-stage Docker build, MPGS allowlist.

2026-05-16

• MPGS bank-agnostic refactor — direct-API 3DS authentication with graceful fallback, capture-later production-ready, Hosted Checkout E2E live-verified. force_operation removed; capture/refund/void use the gateway_options schema.
• payment_gateways seed idempotent — survives the new MPGS migration.

2026-05-15

• i18n ticks 7–14 — Merchant Settings, Transactions, TransactionDetail, PaymentLinks, PaymentLinkDetail, Customers, CustomerDetail, Subscriptions, SubscriptionDetail, Disputes, DisputeDetail, ApiKeys, ApiLogs translated to ES/FR/pt-BR (42 of 62 views wired).
• Sagicor MPGS sandbox wired — fixed checkout.js URL, added config schema, Hosted Checkout controller, smoke command.

2026-05-14

• Saved-card receipt email translated in 4 locales (en/es/fr/pt-BR).
• Decline email fully translated; locale plumbed through dispatchers.
• Receipt text-view translates per locale + uses mb_strtoupper.
• Magento / OpenCart / Odoo / PrestaShop translation files aligned with source.

2026-05-13

• Module audit — see storefront-plugins/AUDIT-2026-05-13.md.
• SECURITY (CRITICAL) — Odoo /return tampering closed; /payment/geniuscheckout/return now re-fetches the GC session and trusts only the API's status.
• SECURITY (MEDIUM) — Ecwid replay window enforced (±300 s on eventCreated); Magento Savedcards uses Authorization: Bearer … (not X-Api-Key); Odoo webhook rejects empty / <16-char secrets.
• Wix Velo Service Plugin SDK shipped — currency-aware units in the REST controller.
• OpenCart handles payment.refunded + payment.partially_refunded events.
• Currency-aware minor units + Ecwid refund + Magento MIT scaffolding + PrestaShop pending-state work.
• P0 logo fixes — PrestaShop PNG, Odoo provider icon, Magento ConfigProvider::logo_url, OpenCart catalog template, Give gc-badge.svg, WC block-checkout label icon.

2026-05-12

• Transactions enrichment — source, origin, IP, UA, geo, risk signals captured at create-time.
• CSRF — exempted 6 server-to-server webhook receivers (eliminates 419s in prod).
• 3DS callback — persists Customer record on the 3DS-completion path.
• Ecwid — explicit test/live mode toggle; settings save no longer 422s on resubmit; iframe save covers merchant swap.
• GHL checkout-session — honours the test_mode flag (was always live).
• Orchestration — capture / refund / void resilient to gateway exceptions.

2026-05-11

• checkout.cancelled webhook emitted when a donor cancels at the hosted page.
• payment.refunded payload — forwards the merchant's order_id (not the GC session id) and includes the original metadata.
• payment.completed payload — includes token_id so storefront plugins can save the card without an extra fetch.
• Give plugin released — WordPress plugin using only public GC APIs.
• PowerTranz Direct declares supportsTokenCharge.

2026-05-10

• Webhook webhook:replay ops command — replay any failed delivery from CLI.
• Tiendanube webhook receiver + lifecycle hooks.
• VTEX real lifecycle implementation.
• Shared TokenRefresher across 4 OAuth integrations.
• Wix refund + Wave cron integration.
• OpenCart + PrestaShop plugins completed end-to-end; Shopify refunds routed via public API.
• Audit log surfaces integration events on the connected-stores portal page.
• Per-connection activity timeline added to the portal integrations page.

2026-05-09

• Zapier API — REST-hook subscribe/unsubscribe/sample-payments endpoints shipped (see Zapier).
• Shopify Payments App + 7 more integration scaffolds.
• QuickBooks Online module — shared OAuth + HMAC primitives.
• Ecwid Payment App integration shipped.
• WooCommerce plugin extracted to a dedicated repo with Appsero SDK namespacing.
• Decline / $0 tokenization receipt email fixes; currency rendering corrected.

2026-05-08

• Full ES/FR docs translations ship.
• PHPStan baseline committed, CI re-enabled.
• PayPal webhook config seeded in tests so the signature flow runs.

Earlier history

For changes prior to 2026-05-08, see the project repository commit log.