v1.1.0

Added

• Self-update system: automatic version checks via GitHub Releases API every 3 hours (web cron)
• Admin panel "Updates" tab with version status, release notes, system checks, update history, and backup management
• Auto-update toggle (enabled by default) with manual "Check Now" and "Update Now" buttons
• CLI commands: check-update (query GitHub for new versions) and update / update --rollback
• Automatic backup before each update with rollback on failure (max 3 backups retained)
• Protected paths: config/config.php, data/, and vendor/ are never overwritten during updates
• VERSION file for tracking the current application version
• App version displayed in admin dashboard System Information section
• Update notification badge in admin sidebar when a new version is available
• Config options: auto_update (bool) and update_check_interval (seconds)
• 11 new tests for UpdateChecker and UpdateManager (325 total)

Security

• Download URLs validated: HTTPS only, GitHub domains only
• Lock mechanism with 10-minute stale timeout prevents concurrent updates
• Sanity check: extracted archive must contain src/Core/App.php, VERSION, public/index.php
• All admin update actions protected by CSRF tokens
• Backup name input sanitized against path traversal

Fixed

• Auto-update toggle in admin panel now correctly controls auto-update behavior
• VERSION file matches release tag for proper self-update verification