= 2.3 - 2026-06-09 =
*   Fixed - Resolved "Undefined array key email_confirm" PHP warning by guarding the honeypot field check when the field is absent from the submission
*   Fixed - Comment form token (sj5) now attaches to themes with custom comment form IDs via a broadened, filterable selector (spamjam_comment_form_selector), preventing false "Form validation failed" blocks
*   Enhancement - sj5 token validation now tolerates longer page dwell time by accepting the current plus the last three hourly windows (filterable via spamjam_token_window_tolerance); still verified with hash_equals()

= 2.2.2 - 2026-05-29 =
*   Fixed - Wrapped all plugin functions inside the Freemius function_exists guard to prevent "Cannot redeclare" fatals when free and premium builds load together during an upgrade switch (F1)
*   Fixed - Comment form action now sets the sj5 token on DOMContentLoaded instead of on scroll, so legitimate commenters who never scroll are no longer blocked with "Form validation failed" (F2)
*   Security - sj5 HMAC token is now time-boxed and rotates hourly (accepts current and previous window) to prevent indefinite token replay; validated with hash_equals() (S1)
*   Fixed - Empty/missing HTTP referer is no longer hard-blocked, eliminating false positives for privacy browsers, Referrer-Policy: no-referrer, and proxies (S2)
*   Enhancement - WooCommerce: comment protection script no longer loads on product pages for users who cannot leave a verified-purchase review

= 2.2.0 - 2026-03-27 =
*   Enhancement - Added WooCommerce HPOS (custom_order_tables) compatibility declaration
*   Security - Final pre-release hardening pass; all F-series audit findings resolved
*   Performance - Premium feature files now conditionally loaded per enabled setting and plan tier

= 2.1.0 - 2025-02-12 =
*   UI - Consolidated 7 tabs into 3 clear tabs: Dashboard, Settings, Upgrade/Account
*   UI - Settings tab uses collapsible sections grouped by function with inline upgrade nudges
*   UI - Upgrade tab shows feature comparison table and contextual CTAs per plan tier
*   UI - Dashboard shows contextual upsells based on actual spam data for free users
*   Fixed - Migration: blocklist migration never ran due to version stamp logic bug
*   Security - Migration: added manage_options capability check
*   Performance - Migration: early-return when db_version is current (skips work on every admin load)
*   WP VIP - Migration: replaced file_exists() with $wp_filesystem->exists()
*   Performance - Migration: disabled autoload on large premium blocklist option

= 2.0.0 - 2025-02-10 =
*   Security - Removed all error_log() calls that could leak sensitive data (S5/V6)
*   Security - Replaced predictable SHA256 hash with HMAC using wp_salt() secret (S8)
*   Performance - Consolidated 17 get_option() calls into batch lookup on dashboard (P1)
*   Performance - Added early POST method check to comment_field_swap(), skips 99% of requests (P4)
*   Performance - Cached get_settings_schema() with static variable (P6)
*   WP VIP - Switched geographic IP API to HTTPS with failure caching (V7/S10)
*   WP VIP - Refactored multisite sync to async via wp_schedule_single_event() (V8)
*   WP VIP - All remaining superglobal access sanitized and annotated (V5)
*   WPCS - Converted all files from spaces to tabs indentation (W2)
*   New - Spam logging and dashboard stats now available to all users (moved from Business-only)
*   New - Freemius uninstall hook for complete data cleanup on plugin deletion (A4)

= 1.1.0 - 2025-02-10 =
*   Security - Fixed SQL injection risk: all database queries now use $wpdb->prepare() with %i/%s placeholders
*   Security - Fixed email confirmation auth flaw: replaced expiring nonce with persistent hashed token
*   Security - Fixed premium plan bypass via HTTP Host header spoofing
*   Security - Sanitized all $_SERVER['REMOTE_ADDR'] usage via centralized get_client_ip() helper
*   Security - Added wp_unslash() to all raw $_POST accesses and nonce verifications
*   Security - Escaped all admin notice output with esc_html__() in multisite sync
*   WP VIP - Replaced file_get_contents(), rename(), unlink() with WP_Filesystem API in migration
*   WPCS - Replaced all _e() with esc_html_e() in admin templates
*   WPCS - Escaped $disabled output with esc_attr() in all form fields
*   WPCS - Replaced date() with gmdate() in advanced reporting
*   WPCS - Replaced deprecated current_time('timestamp') with time()
*   Enhancement - Added WooCommerce product_instance_caching compatibility
*   Enhancement - Added WooCommerce cart_checkout_blocks compatibility

= 1.0.7 - 2025-12-27 =
*   Fixed - Field swap hook changed from pre_comment_on_post to init for better compatibility
*   Enhancement - Debug logging now conditional on WP_DEBUG constant
*   Enhancement - Corrected SHA256 hash validation comment

= 1.0.6 - 2025-12-26 =
* Enhancement - all enabled features now display on the dashboard.
* Enhancement - fix comment protection detection for logged-in users.

= 1.0.5 - 2025-12-26 =
*   New - Email Blocking feature (Business tier)
*   New - Premium Blocklist UI for Agency tier users
*   Enhancement - Block specific email addresses or domains from commenting and registering
*   Enhancement - Support for exact email, @domain, and domain blocking formats
*   Enhancement - Email blocking integrated with spam logging
*   Enhancement - Contact Form 7 email blocking support
*   Fixed - Plan detection now properly recognizes Agency license for all features
*   Fixed - Logged-in users can now comment without spam validation errors

= 1.0.0 - 2025-12-03 =
*   Improved - Blocklist caching for better performance (24-hour cache)
*   Improved - Script loading optimization (no jQuery dependency)
*   Fixed - User deletion now works properly for expired registrations
*   Fixed - Namespace issues in API functionality
*   Fixed - Consistent branding throughout admin interface
*   Performance - Eliminated file I/O on every comment submission
*   Performance - Scripts only load when comments are open

= 0.5.2 - 2025-01-28 =
*   Update - latest FS.

= 0.5.1 - 2024-05-28 =
*   Add - WooCommerce HPOS support
*   Enhancement - optimize the main function to reduce plugin load.
*   Enhancement - PHPCS fixes.
*   Update - latest FS.

= 0.5 - 2024-04-10 =
*   Add - more nonces
*   Add - use sha256 instead of MD5
*   Add - blocklist spam checker
*   Add - blocklist updater
*   Add - registration spam checker
*   Enhancement - prune unused code
*   Enhancement - PHPCS fixes
*   Update - latest FS

= 0.4.1 - 2023-09-08 =
*   Update - latest FS

= 0.4.0 - 2023-07-03 =
*   Add - Javascript event to make sure the content has been read prior to commenting
*   Add - settings page
*   Add - error code(s) to message when spam is detected
*   Add - CSS styling for the labels
*   Add - latest FS
*   Enhancement - code refactor
*   Enhancement - only load JS code where comments sections are displayed
*   Enhancement - modularize antispam for registration
*   Fix - Correct callback name for main function
*   Update - POT file and translations

= 0.3.1 - 2023-07-03 =
*   Add - Javascript event to make sure the content has been read prior to commenting
*   Add - settings page
*   Add - error code(s) to message when spam is detected
*   Add - CSS styling for the labels
*   Enhancement - modularize antispam for registration
*   Enhancement - add FS
*   Update - POT file and translations

= 0.2.2 - 2022-08-05 =
*   Enhancement - ensure logged-in users can comment safely

= 0.2.1 - 2022-08-02 =
*   Enhancement - add nonce field check
*   Fix - remove debug logs

= 0.2.0 - 2022-08-01 =
*   Enhancement - make sure empty comments cannot be posted

= 0.1.1 - 2022-07-26 =
*   Enhancement - more escaping and sanitizing
*   Enhancement - improve field management logic

= 0.1 - 2022-07-24 =
*   First public release