WHOISDIG v3.0.0 - Serverless Migration & Intelligent UI Features 🚀

We are proud to announce the release of v3.0.0, representing a monumental architectural upgrade and a suite of new intelligent UI features to supercharge your domain intelligence lookups!

⚡ 1. Modern Serverless Architecture Migration

We have completely migrated the primary deployment pipeline from legacy systems to a high-performance Docker + Google Cloud Run and Firebase Hosting hybrid serverless stack:

• Google Cloud Run (Compute): Runs our hybrid PHP resolution engine with fast, dynamic auto-scaling and full outbound TCP port 43 access for legacy lookups.
• Firebase Hosting (Edge Proxy): Acts as the edge gateway to map the custom domain (https://whoisdig.web.app) and serve static assets (CSS/JS) globally with ultra-low latency, while seamlessly proxying dynamic requests to Cloud Run.
• Secure CI/CD: Set up a robust, secure GitHub Actions workflow that deploys new versions with zero downtime using Least-Privilege IAM Service Accounts.

🎨 2. Smart Front-End UI Upgrades

A collection of incredible new interactive tools have been integrated directly into your domain cards:

• 🔑 DNSSEC Badging: Real-time checking and display of DNSSEC status (Signed / Unsigned) with custom shield badges.
• 📋 Copy Summary: Extract perfectly aligned, monospaced ASCII summaries of domain or IP status in a single click—formatted beautifully for sharing in chats, Slack, or emails.
• 🌐 Extension Availability Check (TLD Check): Quickly check if a domain name is available on other major extensions (.com, .net, .org, .id, .co.id) right from the card. Includes interactive lookup links.
• 📍 Resolved Server IP: When a domain lookup is performed, the server IP address is resolved and neatly displayed inside the grid cell.

🐛 3. Critical Stability Fixes & Enhancements

• Security Hardening: Discovered and patched a potential exposure risk by ensuring the Service Account private key (sa-key.json) is strictly ignored by both Git (.gitignore) and Docker builds (.dockerignore).
• WHOIS Empty State Fix: Resolved a front-end rendering bug where empty WHOIS responses (unregistered domains) failed to trigger the "available" state, aligning legacy lookups with the RDAP visual state.
• Cleanup: Purged obsolete Wasmer app configurations to optimize code weight and keep the repository clean.

This release focuses on the core infrastructure reliability of WhoisDig, ensuring flawless execution across multiple operating systems without vulnerability to Race Conditions, Corrupted Data, or Zombie Processes.

🔥 Critical Fix: RDAP Resolution for Modern TLDs

Modern TLDs like .app, .dev, .page, and .cloud were returning "All resolution methods failed" due to three overlapping bugs:

1. IANA WHOIS Regex Bug: The \s+ regex pattern crossed newline boundaries, causing an empty whois: field to match status: from the next line as a WHOIS server hostname.
2. Hardcoded RDAP Dependency: All RDAP queries were routed through rdap.org, which is unreliable and frequently times out.
3. Protocol Confusion: RDAP URLs from IANA Bootstrap were being passed into the WHOIS TCP (Port 43) client, causing immediate connection failures.

Resolution

• Introduced Protocol-Aware Discovery Chain in IanaResolver with strict isWhoisHost() and isRdapUrl() validators
• Implemented Dynamic RDAP Server Discovery via the official IANA RDAP Bootstrap JSON registry (data.iana.org/rdap/dns.json)
• Added Protocol Guards in WhoisService that guarantee WHOIS client only receives hostnames and RDAP client only receives HTTP(S) URLs
• Fixed regex to use horizontal whitespace [ \t]+ instead of \s+ to prevent cross-line matching

✨ New Features & Infrastructure

• Cross-Platform System Helper: Introduced SystemHelper (src/Utils/SystemHelper.php) to universally normalize file path formatting (slashes vs. backslashes) across Windows and Linux.
• Fail-Safe Atomic File Locking: Implemented acquireLock() to resolve fatal fopen failures on Windows when another process holds a LOCK_EX. This prevents "Fail-Open" vulnerabilities in the Rate Limiter under high-concurrency burst traffic.

🛠️ Improvements & Fixes

• Secure File Writing: Refactored all write operations (file_put_contents and fwrite) in Cache, CircuitBreaker, and Metrics using a robust Try-Finally lifecycle, ensuring files are always properly unlocked and closed even if Exceptions occur.
• Cache Storage Isolation: All local file storage operations now dynamically respect the TEST_STORAGE_DIR constant, completely eliminating the risk of production data corruption during testing workflows.
• RDAP Timeout Optimization: Reduced RDAP HTTP timeout from 10s to 3s for faster fallback cascading.

🧪 Deterministic Test Suite

• 24 Comprehensive Automated Tests: Built a standalone, dependency-free testing framework validating cache stability, API Mocks, RDAP Mocks, and the rate limiter system.
• Anti-Zombie Process Runner: The new tests/ProcessRunner.php ensures that high-concurrency load testing (proc_open) securely terminates processes and closes pipes, preventing Zombie Processes and Memory Leaks.

🚀 Current Deployment

• Self-Hosted Transition: The application is now fully stable on a dedicated VM environment https://apps.nizen.my.id/whoisdig/.
• Unrestricted WHOIS: Native Port 43 support is now fully operational, enabling support for .id, .co, and other TLDs that were previously restricted on sandbox platforms.

✨ Key Features

• Hybrid Resolution: Intelligent WHOIS + RDAP fallback with automatic server discovery.
• IP Intelligence: Complete network details with GeoIP enrichment and ASN tracking.
• Smart SWR Cache: High-performance caching system for rapid subsequent lookups.
• TLD Preference Memory: The engine learns and remembers which TLDs prefer RDAP to optimize speed.

🛠️ Improvements & Fixes

• Parser Guard: Fixed an issue where RDAP 404 responses were incorrectly parsed as empty records.
• I/O Optimization: Removed POSIX file locking to ensure maximum compatibility across different filesystem volumes.
• Clean Slate: Git history has been squashed into a single stable production commit for a professional repository state.