Merge branch 'release/1.7.50.7'

.gitattributes

@@ -0,0 +1,8 @@
+# Exclude development and CI/CD files from release archives
+/.github export-ignore
+/.phan export-ignore
+/tests export-ignore
+/codeception.yml export-ignore
+/.travis.yml export-ignore
+/.dependencies export-ignore
+/.editorconfig export-ignore

CHANGELOG.md

@@ -1,3 +1,12 @@
+# v1.7.50.7
+## 11/05/2025
+
+1. [](#improved)
+    * Exclude dev files from exports
+1. [](#bugfix)
+    * Ignore .github and .phan folders during self-upgrade
+    * Fixed path check in self-upgrade
+
 # v1.7.50.6
 ## 11/05/2025
 

system/defines.php

@@ -9,7 +9,7 @@
 
 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.7.50.6');
+define('GRAV_VERSION', '1.7.50.7');
 define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
 define('GRAV_TESTING', false);
 

system/src/Grav/Common/Upgrade/SafeUpgradeService.php

@@ -84,6 +84,8 @@ class SafeUpgradeService
         'tmp',
         'cache',
         'user',
+        '.github',
+        '.phan',
     ];
     /** @var callable|null */
     private $progressCallback = null;
@@ -913,10 +915,14 @@ class SafeUpgradeService
             $stage = $packagePath . '/' . $relative;
 
             // Only delete from staging area, NEVER from live installation
-            if (strpos($stage, $this->rootPath . DIRECTORY_SEPARATOR) === 0) {
+            // Check if stage path is directly under root (e.g., /home/grav/user)
+            // but allow subdirectories (e.g., /home/grav/tmp/.../package/user)
+            $realStage = realpath(dirname($stage));
+            $realRoot = realpath($this->rootPath);
+            if ($realStage === $realRoot) {
                 throw new RuntimeException(
                     'SAFETY VIOLATION: Attempted to delete directory from live installation during hydration. ' .
-                    'Stage path appears to be within live root. This should never happen.'
+                    'Stage path appears to be directly in live root. This should never happen.'
                 );
             }