AST-5032 - Security Fix: Added capability and admin checks to prevent unauthorized font deletion.

[yssambare12]

• Security Fix: Added capability and admin checks to prevent unauthorized font deletion

[Copilot]

Pull request overview

This pull request implements a security fix to prevent unauthorized font deletion by adding capability and admin area checks to the BCF_Google_Fonts_Compatibility class constructor. The PR also bumps the plugin version from 2.1.16 to 2.1.17.

Changes:

• Added security checks (is_admin() and current_user_can('manage_options')) before destructive font operations
• Updated version number across multiple files to 2.1.17
• Reorganized dependency structures in package-lock.json files

Reviewed changes

Copilot reviewed 5 out of 7 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
includes/class-bcf-google-fonts-compatibility.php	Added capability and admin area checks to prevent unauthorized font deletion in constructor
custom-fonts.php	Updated plugin version to 2.1.17
package.json	Updated version to 2.1.17
package-lock.json	Updated version (inconsistently) and reorganized prettier dependency location
admin/dashboard/package-lock.json	Reorganized string-width-cjs, strip-ansi-cjs, and wrap-ansi-cjs dependencies from nested to root level
README.md	Updated stable tag to 2.1.17 and removed trailing spaces from metadata lines

Files not reviewed (1)

• admin/dashboard/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.