**Security hardening + CI signing fix.** The five \`/wp-json/customer-map/v1/*\` endpoints (status, test-geocode, run-batch, clear-failures, retry-failed) are gone. All admin-only, but each was extra inbound attack surface. Equivalent functionality is unchanged in the admin UI: - **Customer Map → Geocode Now** — run batch, retry failed, re-geocode all - **Customer Map → Debug Log** — status report, Nominatim probe, clear failures If you relied on the REST API for remote monitoring you'll need to switch to scraping the admin pages or to a dedicated monitoring plugin. v2.4.3 was meant to be the first signed release but the CI build silently skipped signing because \`RELEASE_SIGNING_KEY\` was set as a Variable-type CI variable (value = the secret string) while the script tested for it as a File-type variable (\`[ -f ]\`). v2.4.4 accepts both. This release itself ships unsigned (CI was still using the v2.4.3 .gitlab-ci.yml at build time). v2.4.5 will be the first verifiably signed release.