Merge branch '4.3' into 4

2019-02-19 08:41:05 +07:00 · 2019-02-19 08:41:05 +07:00 · 3e90fdf42f
parent 09c539e1c3 ed74549c4f
commit 3e90fdf42f
22 changed files with 486 additions and 78 deletions
--- a/.upgrade.yml
+++ b/.upgrade.yml
@ -1390,3 +1390,130 @@ warnings:
      replacement: 'RESOURCES_DIR'
 renameWarnings:
  - Form
+visibilities:
+  'SilverStripe\ORM\DataObject::db':
+    visibility: private
+  'SilverStripe\ORM\DataObject::singular_name':
+    visibility: private
+  'SilverStripe\ORM\DataObject::plural_name':
+    visibility: private
+  'SilverStripe\ORM\DataObject::api_access':
+    visibility: private
+  'SilverStripe\ORM\DataObject::default_classname':
+    visibility: private
+  'SilverStripe\ORM\DataObject->destroyed':
+    visibility: public
+  'SilverStripe\ORM\DataObject->record':
+    visibility: protected
+  'SilverStripe\ORM\DataObject->joinRecord':
+    visibility: protected
+  'SilverStripe\ORM\DataObject->changed':
+    visibility: private
+  'SilverStripe\ORM\DataObject->changeForced':
+    visibility: private
+  'SilverStripe\ORM\DataObject->original':
+    visibility: protected
+  'SilverStripe\ORM\DataObject->brokenOnDelete':
+    visibility: protected
+  'SilverStripe\ORM\DataObject->brokenOnWrite':
+    visibility: protected
+  'SilverStripe\ORM\DataObject::validation_enabled':
+    visibility: private
+  'SilverStripe\ORM\DataObject::_cache_get_one':
+    visibility: protected
+  'SilverStripe\ORM\DataObject::_cache_field_labels':
+    visibility: protected
+  'SilverStripe\ORM\DataObject::fixed_fields':
+    visibility: private
+  'SilverStripe\ORM\DataObject::table_name':
+    visibility: private
+  'SilverStripe\ORM\DataObject->components':
+    visibility: protected
+  'SilverStripe\ORM\DataObject->unsavedRelations':
+    visibility: protected
+  'SilverStripe\ORM\DataObject::cascade_deletes':
+    visibility: private
+  'SilverStripe\ORM\DataObject::cascade_duplicates':
+    visibility: private
+  'SilverStripe\ORM\DataObject::sourceQueryParams':
+    visibility: private
+  'SilverStripe\ORM\DataObject::subclass_access':
+    visibility: private
+  'SilverStripe\ORM\DataObject::casting':
+    visibility: private
+  'SilverStripe\ORM\DataObject::create_table_options':
+    visibility: private
+  'SilverStripe\ORM\DataObject::indexes':
+    visibility: private
+  'SilverStripe\ORM\DataObject::defaults':
+    visibility: private
+  'SilverStripe\ORM\DataObject::default_records':
+    visibility: private
+  'SilverStripe\ORM\DataObject::has_one':
+    visibility: private
+  'SilverStripe\ORM\DataObject::belongs_to':
+    visibility: private
+  'SilverStripe\ORM\DataObject::has_many':
+    visibility: private
+  'SilverStripe\ORM\DataObject::many_many':
+    visibility: private
+  'SilverStripe\ORM\DataObject::many_many_extraFields':
+    visibility: private
+  'SilverStripe\ORM\DataObject::belongs_many_many':
+    visibility: private
+  'SilverStripe\ORM\DataObject::default_sort':
+    visibility: private
+  'SilverStripe\ORM\DataObject::searchable_fields':
+    visibility: private
+  'SilverStripe\ORM\DataObject::field_labels':
+    visibility: private
+  'SilverStripe\ORM\DataObject::summary_fields':
+    visibility: private
+  'SilverStripe\Control\Director::rules':
+    visibility: private
+  'SilverStripe\Control\Director::current_page':
+    visibility: private
+  'SilverStripe\Control\Director::alternate_base_folder':
+    visibility: private
+  'SilverStripe\Control\Director::alternate_public_dir':
+    visibility: private
+  'SilverStripe\Control\Director::default_base_url':
+    visibility: private
+  'SilverStripe\Forms\GridField\GridFieldPaginator::default_items_per_page':
+    visibility: private
+  'SilverStripe\View\SSViewer::themes':
+    visibility: private
+  'SilverStripe\View\SSViewer::current_themes':
+    visibility: protected
+  'SilverStripe\View\SSViewer::theme':
+    visibility: private
+  'SilverStripe\View\SSViewer::theme_enabled':
+    visibility: private
+  'SilverStripe\View\SSViewer::global_key':
+    visibility: private
+  'SilverStripe\View\SSViewer::source_file_comments':
+    visibility: private
+  'SilverStripe\View\SSViewer::rewrite_hash_links':
+    visibility: private
+  'SilverStripe\View\SSViewer::current_rewrite_hash_links':
+    visibility: protected
+  'SilverStripe\View\SSViewer::rewriteHashlinks':
+    visibility: protected
+  'SilverStripe\View\SSViewer::template_cache_flushed':
+    visibility: private
+  'SilverStripe\View\SSViewer::cacheblock_cache_flushed':
+    visibility: private
+  'SilverStripe\View\SSViewer::topLevel':
+    visibility: protected
+  'SilverStripe\View\SSViewer::templates':
+    visibility: protected
+  'SilverStripe\View\SSViewer::chosen':
+    visibility: protected
+  'SilverStripe\View\SSViewer::subTemplates':
+    visibility: protected
+  'SilverStripe\View\SSViewer::includeRequirements':
+    visibility: protected
+  'SilverStripe\View\SSViewer::parser':
+    visibility: protected
+  'SilverStripe\View\SSViewer::partialCacheStore':
+    visibility: protected
--- a/_config/cache.yml
+++ b/_config/cache.yml
@ -18,20 +18,17 @@ SilverStripe\Core\Injector\Injector:
    factory: SilverStripe\Core\Cache\CacheFactory
    constructor:
      namespace: "VersionProvider_composerlock"
-      args:
-        disable-container: true
+      disable-container: true
  Psr\SimpleCache\CacheInterface.RateLimiter:
    factory: SilverStripe\Core\Cache\CacheFactory
    constructor:
      namespace: 'ratelimiter'
-      args:
-        disable-container: true
+      disable-container: true
  Psr\SimpleCache\CacheInterface.InheritedPermissions:
    factory: SilverStripe\Core\Cache\CacheFactory
    constructor:
      namespace: "InheritedPermissions"
-      args:
-        disable-container: true
+      disable-container: true
  Psr\SimpleCache\CacheInterface.ThemeResourceLoader:
    factory: SilverStripe\Core\Cache\CacheFactory
    constructor:
--- a/docs/en/01_Lessons/index.md
+++ b/docs/en/01_Lessons/index.md
@ -2,24 +2,27 @@ title: Lessons
 introduction: The lessons take a step by step look at how to build a SilverStripe application.

 * [How to set up a local development environment in SilverStripe](https://vimeo.com/108861537)
-* [Lesson 1: Creating your first theme](http://www.silverstripe.org/learn/lessons/creating-your-first-theme)
-* [Lesson 2: Migrating static templates into your theme](http://www.silverstripe.org/learn/lessons/migrating-static-templates-into-your-theme)
-* [Lesson 3: Adding dynamic content](http://www.silverstripe.org/learn/lessons/adding-dynamic-content)
-* [Lesson 4: Working with multiple templates](http://www.silverstripe.org/learn/lessons/working-with-multiple-templates)
-* [Lesson 5: The holder/page pattern](http://www.silverstripe.org/learn/lessons/the-holderpage-pattern)
-* [Lesson 6: Adding Custom Fields to a Page](http://www.silverstripe.org/learn/lessons/adding-custom-fields-to-a-page)
-* [Lesson 7: Working with Files and Images](http://www.silverstripe.org/learn/lessons/working-with-files-and-images)
-* [Lesson 8: Introduction to the ORM](http://www.silverstripe.org/learn/lessons/introduction-to-the-orm)
-* [Lesson 9: Data Relationships - $has_many](http://www.silverstripe.org/learn/lessons/working-with-data-relationships-has-many)
-* [Lesson 10: Introduction to the ORM](http://www.silverstripe.org/learn/lessons/working-with-data-relationships-many-many)
-* [Lesson 11: Introduction to frontend forms](http://www.silverstripe.org/learn/lessons/introduction-to-frontend-forms)
-* [Lesson 12: Data Extensions and SiteConfig](http://www.silverstripe.org/learn/lessons/data-extensions-and-siteconfig)
-* [Lesson 13: Introduction to ModelAdmin](http://www.silverstripe.org/learn/lessons/introduction-to-modeladmin)
-* [Lesson 14: Controller Actions/DataObjects as Pages](http://www.silverstripe.org/learn/lessons/controller-actions-dataobjects-as-pages)
-* [Lesson 15: Building a Search Form](http://www.silverstripe.org/learn/lessons/building-a-search-form)
-* [Lesson 16: Lists and Pagination](http://www.silverstripe.org/learn/lessons/lists-and-pagination)
-* [Lesson 17: Ajax Behaviour and Viewable Data](http://www.silverstripe.org/learn/lessons/ajax-behaviour-and-viewabledata)
-* [Lesson 18: Dealing with Arbitrary Template Data](http://www.silverstripe.org/learn/lessons/dealing-with-arbitrary-template-data)
+* [Lesson 1: Creating your first project](https://www.silverstripe.org/learn/lessons/v4/creating-your-first-project)
+* [Lesson 2: Migrating static templates into your theme](https://www.silverstripe.org/learn/lessons/v4/migrating-static-templates-into-your-theme-1)
+* [Lesson 3: Adding dynamic content](https://www.silverstripe.org/learn/lessons/v4/adding-dynamic-content-1)
+* [Lesson 4: Working with multiple templates](https://www.silverstripe.org/learn/lessons/v4/working-with-multiple-templates-1)
+* [Lesson 5: The holder/page pattern](https://www.silverstripe.org/learn/lessons/v4/the-holderpage-pattern-1)
+* [Lesson 6: Adding Custom Fields to a Page](https://www.silverstripe.org/learn/lessons/v4/adding-custom-fields-to-a-page-1)
+* [Lesson 7: Working with Files and Images](https://www.silverstripe.org/learn/lessons/v4/working-with-files-and-images-1)
+* [Lesson 8: Introduction to the ORM](https://www.silverstripe.org/learn/lessons/v4/introduction-to-the-orm-1)
+* [Lesson 9: Data Relationships - $has_many](https://www.silverstripe.org/learn/lessons/v4/working-with-data-relationships-has-many-1)
+* [Lesson 10: Data Relationships - $many_many](https://www.silverstripe.org/learn/lessons/v4/working-with-data-relationships-many-many-1)
+* [Lesson 11: Introduction to frontend forms](https://www.silverstripe.org/learn/lessons/v4/introduction-to-frontend-forms-1)
+* [Lesson 12: Data Extensions and SiteConfig](https://www.silverstripe.org/learn/lessons/v4/data-extensions-and-siteconfig-1)
+* [Lesson 13: Introduction to ModelAdmin](https://www.silverstripe.org/learn/lessons/v4/introduction-to-modeladmin-1)
+* [Lesson 14: Controller Actions/DataObjects as Pages](https://www.silverstripe.org/learn/lessons/v4/controller-actions-dataobjects-as-pages-1)
+* [Lesson 15: Building a Search Form](https://www.silverstripe.org/learn/lessons/v4/building-a-search-form-1)
+* [Lesson 16: Lists and Pagination](https://www.silverstripe.org/learn/lessons/v4/lists-and-pagination-1)
+* [Lesson 17: Ajax Behaviour and Viewable Data](https://www.silverstripe.org/learn/lessons/v4/ajax-behaviour-and-viewabledata-1)
+* [Lesson 18: Dealing with Arbitrary Template Data](https://www.silverstripe.org/learn/lessons/v4/dealing-with-arbitrary-template-data-1)
+* [Lesson 19: Creating Filtered Views](https://www.silverstripe.org/learn/lessons/v4/creating-filtered-views-1)
+* [Lesson 20: Beyond the ORM: Building Custom SQL](https://www.silverstripe.org/learn/lessons/v4/beyond-the-orm-building-custom-sql-1)
+* [Lesson 21: Advanced Environment Configuration](https://www.silverstripe.org/learn/lessons/v4/advanced-environment-configuration-1)

 ## Help: If you get stuck

--- a/docs/en/02_Developer_Guides/08_Performance/01_Caching.md
+++ b/docs/en/02_Developer_Guides/08_Performance/01_Caching.md
@ -39,6 +39,13 @@ SilverStripe\Core\Injector\Injector:
      namespace: "myCache"
 ```

+<div class="alert" markdown="1">
+Please note that if you have the `silverstripe/versioned` module installed (automatically installed by the
+`silverstripe/cms` module), caches will automatically be segmented by current “stage”. This ensures that
+any content written to the cache in the _draft_ reading mode isn’t accidentally exposed in the _live_ reading mode.
+Please read the [versioned cache segmentation](#versioned-cache-segmentation) section for more information.
+</div>
+
 Cache objects are instantiated through a [CacheFactory](SilverStripe\Core\Cache\CacheFactory),
 which determines which cache adapter is used (see "Adapters" below for details).
 This factory allows us you to globally define an adapter for all cache instances.  
@ -209,6 +216,42 @@ SilverStripe\Core\Injector\Injector:
  SilverStripe\Core\Cache\CacheFactory: '%$MemcachedCacheFactory'
 ```

+## Versioned cache segmentation
+
+`SilverStripe\Core\Cache\CacheFactory` now maintains separate cache pools for each versioned stage (if you have the
+`silverstripe/versioned` module installed). This prevents developers from caching draft data and then
+accidentally exposing it on the live stage without potentially required authorisation checks. Unless you
+rely on caching across stages, you don't need to change your own code for this change to take effect. Note
+that cache keys will be internally rewritten, causing any existing cache items to become invalid when this
+change is deployed.
+
+```php
+// Before:
+$cache = Injector::inst()->get(CacheInterface::class . '.myapp');
+Versioned::set_stage(Versioned::DRAFT);
+$cache->set('my_key', 'Some draft content. Not for public viewing yet.');
+Versioned::set_stage(Versioned::LIVE);
+$cache->get('my_key'); // 'Some draft content. Not for public viewing yet'
+
+// After:
+$cache = Injector::inst()->get(CacheInterface::class . '.myapp');
+Versioned::set_stage(Versioned::DRAFT);
+$cache->set('my_key', 'Some draft content. Not for public viewing yet.');
+Versioned::set_stage(Versioned::LIVE);
+$cache->get('my_key'); // null
+```
+Data that is not content sensitive can be cached across stages by simply opting out of the segmented cache
+with the `disable-container` argument.
+
+```yaml
+SilverStripe\Core\Injector\Injector:
+  Psr\SimpleCache\CacheInterface.myapp:
+    factory: SilverStripe\Core\Cache\CacheFactory     
+    constructor:
+      namespace: "MyInsensitiveData"
+      disable-container: true 
+``` 
+
 ## Additional Caches

 Unfortunately not all caches are configurable via cache adapters.
--- a/docs/en/04_Changelogs/3.6.7.md
+++ b/docs/en/04_Changelogs/3.6.7.md
@ -0,0 +1,21 @@
+# 3.6.7
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2019-01-10 [c44f06cdf](https://github.com/silverstripe/silverstripe-framework/commit/c44f06cdf10387a987e4efb096ff06b3bb4495ef) Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields (Aaron Carlino) - See [ss-2018-021](https://www.silverstripe.org/download/security-releases/ss-2018-021)
+ * 2018-09-26 [598edd913](https://github.com/silverstripe/silverstripe-framework/commit/598edd91341f389d7b919ec1201e03d2aba4d284) Add confirmation token to dev/build (Loz Calver) - See [ss-2018-019](https://www.silverstripe.org/download/security-releases/ss-2018-019)
+
+### Bugfixes
+
+ * 2019-01-23 [746c0679a](https://github.com/silverstripe/silverstripe-framework/commit/746c0679ad1d6ceac03d2adf167367f0ca2259cd) Injector may instantiate prototypes as if they're singletons (fixes #8567) (Loz Calver)
+ * 2018-11-15 [86701b8cd](https://github.com/silverstripe/silverstripe-framework/commit/86701b8cd0cd5f8de813a7c9347e7c8055d878f4) Redirect loop with multiple URL tokens (fixes #8607) (Loz Calver)
+ * 2018-06-04 [41e601a03](https://github.com/silverstripe/silverstripe-framework/commit/41e601a036307065d9ea2ba8862f67be738d402f) Regression from #8009 (Daniel Hensby)
+ * 2018-05-29 [1cbf27e0f](https://github.com/silverstripe/silverstripe-framework/commit/1cbf27e0f47c3547914b03193d0f5f77c87ff8d5) PHP 5.3 compat for referencing $this in closure, and make method public for same reason (Robbie Averill)
+ * 2018-04-17 [af3a9f3ec](https://github.com/silverstripe/silverstripe-framework/commit/af3a9f3ec8a5465f841c5aa8ee1faf40c1b76bf4) Duplicating many_many relationships looses the extra fields (fixes #7973) (UndefinedOffset)
+ * 2018-03-15 [d17d93f7](https://github.com/silverstripe/silverstripe-cms/commit/d17d93f784a6e01f3d396c55adc623d69a90261a) Remove SearchForm results() function from allowed_actions (Steve Dixon)
+ * 2018-02-16 [86addea1d](https://github.com/silverstripe/silverstripe-framework/commit/86addea1d2a7b2e28ae8115279ae358bcb46648a) Split HTML manipulation to onadd, so elements are not accidentally duplicated (Christopher Joe)
+ * 2018-02-13 [c767e472d](https://github.com/silverstripe/silverstripe-framework/commit/c767e472dc494408460ef47c27b8d34475da4ac6) DataObject singleton creation (Jonathon Menz)
--- a/docs/en/04_Changelogs/3.7.3.md
+++ b/docs/en/04_Changelogs/3.7.3.md
@ -0,0 +1,16 @@
+# 3.7.3
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2019-01-10 [6bf9542d6](https://github.com/silverstripe/silverstripe-framework/commit/6bf9542d664ac7935691c8055505b7ad8ea26e9a) Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields (Maxime Rainville) - See [ss-2018-021](https://www.silverstripe.org/download/security-releases/ss-2018-021)
+
+### Bugfixes
+
+ * 2019-01-30 [8e6e70335](https://github.com/silverstripe/silverstripe-framework/commit/8e6e70335895063c6e6cfd99cfcfb50c6f9c2ad9) Block Manifest of the compatibility class Object and lean on model/fieldtypes/compat/autoload.php (UndefinedOffset)
+ * 2019-01-23 [746c0679a](https://github.com/silverstripe/silverstripe-framework/commit/746c0679ad1d6ceac03d2adf167367f0ca2259cd) Injector may instantiate prototypes as if they're singletons (fixes #8567) (Loz Calver)
+ * 2019-01-11 [16a837d6a](https://github.com/silverstripe/silverstripe-framework/commit/16a837d6a093115755cd821c63be1e3be088645b) fix [Warning] on count() with PHP &gt;= 7.2 (lerni)
+ * 2018-11-15 [86701b8cd](https://github.com/silverstripe/silverstripe-framework/commit/86701b8cd0cd5f8de813a7c9347e7c8055d878f4) Redirect loop with multiple URL tokens (fixes #8607) (Loz Calver)
--- a/docs/en/04_Changelogs/4.0.7.md
+++ b/docs/en/04_Changelogs/4.0.7.md
@ -0,0 +1,24 @@
+# 4.0.7
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2018-12-18 [95505db7d](https://github.com/silverstripe/silverstripe-framework/commit/95505db7d666a75f249f65cb1af74dca01d39add) Fix potential SQL vulnerability in non-scalar value hyrdation (Maxime Rainville) - See [ss-2018-021](https://www.silverstripe.org/download/security-releases/ss-2018-021)
+
+### Features and Enhancements
+
+ * 2018-11-27 [a8f4f23c6](https://github.com/silverstripe/silverstripe-framework/commit/a8f4f23c660474e965b510ba1bb04bf7a145d5b0) Add visibility updates to `upgrade.yml`. (bergice)
+
+### Bugfixes
+
+ * 2019-01-31 [cda9eef](https://github.com/silverstripe/silverstripe-assets/commit/cda9eef992b70fd46377be6d4459260d31ea2215) Fix for issue #212 (Joe Madden)
+ * 2019-01-29 [f918dcd36](https://github.com/silverstripe/silverstripe-framework/commit/f918dcd36a177adb8abee751d27a809f25a0afab) Escape wildcard characters when matching database name in databaseExists (Guy Marriott)
+ * 2019-01-28 [dc9d1b9cc](https://github.com/silverstripe/silverstripe-framework/commit/dc9d1b9cc0d3b14929fe2675282980a2750fb4cf) GridFieldPrintButton no longer assumes that children of GridField would implement their own print template (Robbie Averill)
+ * 2019-01-25 [0797ab7](https://github.com/silverstripe/silverstripe-asset-admin/commit/0797ab7762a4a64f2dc89c754a6bb04216b96fe1) Fix GraphQL FolderTypeCreator::resolveChildrenConnection on PostgreSQL (#901) (Serge Latyntcev)
+ * 2019-01-24 [d530bc2fb](https://github.com/silverstripe/silverstripe-framework/commit/d530bc2fb6c8c290f1f75f39bc4ec898cc326cf1) fix user feedback when jquery could not be loaded (Benedikt Seidl)
+ * 2019-01-13 [5c3b95ac](https://github.com/silverstripe/silverstripe-cms/commit/5c3b95ac8977f77e7d95d4da6333ca12b5ef465f) Multibyte URL routing (Ingo Schommer)
+ * 2019-01-11 [2cb49ea](https://github.com/silverstripe/silverstripe-versioned/commit/2cb49ea79d6babb80289f170dc6102c82f5b0d69) [Warning] on count() with PHP &gt;= 7.2 (Lukas)
+ * 2018-12-12 [0491ca03c](https://github.com/silverstripe/silverstripe-framework/commit/0491ca03cfcbd81690c54cc00f6234675978ef39) prevent death on urls with querystrings & anchors (mikeyc7m)
--- a/docs/en/04_Changelogs/4.1.5.md
+++ b/docs/en/04_Changelogs/4.1.5.md
@ -0,0 +1,18 @@
+# 4.1.5
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2018-12-18 [fd90cf6ce](https://github.com/silverstripe/silverstripe-framework/commit/fd90cf6ceb346142eee6ba620599ab36c2d18cbb) Fix potential SQL vulnerability in non-scalar value hyrdation (Maxime Rainville) - See [ss-2018-021](https://www.silverstripe.org/download/security-releases/ss-2018-021)
+s
+### Bugfixes
+
+ * 2019-01-31 [cda9eef](https://github.com/silverstripe/silverstripe-assets/commit/cda9eef992b70fd46377be6d4459260d31ea2215) Fix for issue #212 (Joe Madden)
+ * 2019-01-25 [0797ab7](https://github.com/silverstripe/silverstripe-asset-admin/commit/0797ab7762a4a64f2dc89c754a6bb04216b96fe1) Fix GraphQL FolderTypeCreator::resolveChildrenConnection on PostgreSQL (#901) (Serge Latyntcev)
+ * 2019-01-13 [5c3b95ac](https://github.com/silverstripe/silverstripe-cms/commit/5c3b95ac8977f77e7d95d4da6333ca12b5ef465f) Multibyte URL routing (Ingo Schommer)
+ * 2019-01-11 [2cb49ea](https://github.com/silverstripe/silverstripe-versioned/commit/2cb49ea79d6babb80289f170dc6102c82f5b0d69) [Warning] on count() with PHP &gt;= 7.2 (Lukas)
+ * 2018-12-18 [3d841a4](https://github.com/silverstripe/silverstripe-installer/commit/3d841a409c43752a8192afea5ebc48327e2ac3d3) / Behat tests (Serge Latyntcev)
+ * 2018-12-13 [c4a0d5f0](https://github.com/silverstripe/silverstripe-cms/commit/c4a0d5f0831f0f27022905700a0ffb86cc56aceb) Publish button text merge regression (Aaron Carlino)
--- a/docs/en/04_Changelogs/4.2.0.md
+++ b/docs/en/04_Changelogs/4.2.0.md
@ -204,8 +204,7 @@ SilverStripe\Core\Injector\Injector:
    factory: SilverStripe\Core\Cache\CacheFactory     
    constructor:
      namespace: "MyInsensitiveData"
-      args:
-        disable-container: true 
+      disable-container: true 
 ``` 

 ### HTTP Cache Header changes
--- a/docs/en/04_Changelogs/4.2.4.md
+++ b/docs/en/04_Changelogs/4.2.4.md
@ -0,0 +1,24 @@
+# 4.2.4
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2018-12-18 [7cc40fe39](https://github.com/silverstripe/silverstripe-framework/commit/7cc40fe392ed907be8fbfc73579b4888840c39e6) Fix potential SQL vulnerability in non-scalar value hyrdation (Maxime Rainville) - See [ss-2018-021](https://www.silverstripe.org/download/security-releases/ss-2018-021)
+
+### Bugfixes
+
+ * 2019-01-31 [cda9eef](https://github.com/silverstripe/silverstripe-assets/commit/cda9eef992b70fd46377be6d4459260d31ea2215) Fix for issue #212 (Joe Madden)
+ * 2019-01-25 [568be8e29](https://github.com/silverstripe/silverstripe-framework/commit/568be8e29b9a6f9205dd28a823ed5294cc95a590) Misconfiguration for versioned cache segmentation (fixes #8754) (Loz Calver)
+ * 2019-01-25 [0797ab7](https://github.com/silverstripe/silverstripe-asset-admin/commit/0797ab7762a4a64f2dc89c754a6bb04216b96fe1) Fix GraphQL FolderTypeCreator::resolveChildrenConnection on PostgreSQL (#901) (Serge Latyntcev)
+ * 2019-01-24 [d00c59c38](https://github.com/silverstripe/silverstripe-framework/commit/d00c59c383dee270c9c1753dd8b64b8cd1b15489) Fix tests not loading fixtures and loading themes in CWP recipe kitchen sink (Robbie Averill)
+ * 2019-01-17 [9ced2347](https://github.com/silverstripe/silverstripe-cms/commit/9ced23473f2f102de5b6d828d093be1102f8d570) Don't convert datalist to arraylist when filtering pages (Damian Mooyman)
+ * 2019-01-13 [5c3b95ac](https://github.com/silverstripe/silverstripe-cms/commit/5c3b95ac8977f77e7d95d4da6333ca12b5ef465f) Multibyte URL routing (Ingo Schommer)
+ * 2019-01-11 [2cb49ea](https://github.com/silverstripe/silverstripe-versioned/commit/2cb49ea79d6babb80289f170dc6102c82f5b0d69) [Warning] on count() with PHP &gt;= 7.2 (Lukas)
+ * 2019-01-10 [34ac22802](https://github.com/silverstripe/silverstripe-framework/commit/34ac228029a4609d993e8604aad16e72bd52ac9c) Fix issue with assertListEquals() ignoring field getters (Damian Mooyman)
+ * 2019-01-08 [c43f4e0](https://github.com/silverstripe/silverstripe-graphql/commit/c43f4e0708fd86e8078ef3326d963005d626baf4) Ensure queries are sorted before limiting (Damian Mooyman)
+ * 2018-12-18 [3d841a4](https://github.com/silverstripe/silverstripe-installer/commit/3d841a409c43752a8192afea5ebc48327e2ac3d3) / Behat tests (Serge Latyntcev)
+ * 2018-12-13 [c4a0d5f0](https://github.com/silverstripe/silverstripe-cms/commit/c4a0d5f0831f0f27022905700a0ffb86cc56aceb) Publish button text merge regression (Aaron Carlino)
+ * 2018-09-27 [ce3a1ce9](https://github.com/silverstripe/silverstripe-cms/commit/ce3a1ce91307424f643a15f0c292e16b35f35873) Use correct subsites namespace in SiteTree and test classes (Robbie Averill)
--- a/lang/da.yml
+++ b/lang/da.yml
@ -84,7 +84,6 @@ da:
    RelationSearch: Relationssøgning
    ResetFilter: Nulstil
  SilverStripe\Forms\GridField\GridFieldDeleteAction:
-    DELETE_DESCRIPTION: Slet
    Delete: Slet
    DeletePermissionsFailure: 'Ingen slette rettigheder'
    EditPermissionsFailure: 'Ingen rettighed til at fjerne emnet'
@ -96,23 +95,12 @@ da:
    DeletePermissionsFailure: 'Ingen slette rettigheder'
    Deleted: 'Slet {type} {name}'
    Save: Gem
-  SilverStripe\Forms\GridField\GridFieldEditButton_ss:
-    EDIT: Rediger
  SilverStripe\Forms\GridField\GridFieldGroupDeleteAction:
    UnlinkSelfFailure: 'Kan ikke fjerne dig selv fra denne gruppe, du vil miste administrator rettigheder'
  SilverStripe\Forms\GridField\GridFieldPaginator:
    OF: af
    Page: Side
    View: Vis
-  SilverStripe\Forms\GridField\GridFieldVersionedState:
-    ADDEDTODRAFTHELP: 'Elementet er endnu ikke udgivet'
-    ADDEDTODRAFTSHORT: Kladde
-    ARCHIVEDPAGEHELP: 'Elementet er fjernet fra kladde og udgivet version'
-    ARCHIVEDPAGESHORT: Arkiveret
-    MODIFIEDONDRAFTHELP: 'Elementet har ikke udgivne ændringer'
-    MODIFIEDONDRAFTSHORT: Ændret
-    ONLIVEONLYSHORT: 'Kun på udgivet version'
-    ONLIVEONLYSHORTHELP: 'Elementet er udgivet, men er slette fra kladde'
  SilverStripe\Forms\MoneyField:
    FIELDLABELAMOUNT: Beløb
    FIELDLABELCURRENCY: Valuta
@ -331,7 +319,4 @@ da:
    LOGOUT: 'Log ud'
    LOSTPASSWORDHEADER: 'Glemt kodeord'
    NOTEPAGESECURED: 'Denne side er beskyttet. Indtast dine loginoplysninger herunder for at få adgang.'
-    NOTERESETLINKINVALID: '<p>Kodeordets nulstillingslink er ugyldigt eller udløbet.</p><p>Du kan anmode om et nyt link <a href="{link1}">her</a> eller skifte dit kodeord efter du er <a href="{link2}">logget ind</a>.</p>'
    NOTERESETPASSWORD: 'Indtast din email adresse, så sender vi dig et link som du kan nulstille dit kodeord med'
-    PASSWORDSENTHEADER: 'Link til nulstilling af kodeord er sendt til ''{email}'''
-    PASSWORDSENTTEXT: 'Tak for det! Et link til at nulstille kodeordet er sendt til ''{email}'', forudsat at en konto eksisterer med denne email adresse.'
--- a/lang/de.yml
+++ b/lang/de.yml
@ -1,10 +1,35 @@
 de:
+  SilverStripe\Admin\LeftAndMain:
+    VersionUnknown: unbekannt
+  SilverStripe\AssetAdmin\Forms\UploadField:
+    Dimensions: Dimensionen
+    EDIT: Bearbeiten
+    EDITINFO: 'Diese Datei bearbeiten'
+    REMOVE: Entfernen
+  SilverStripe\Control\ChangePasswordEmail_ss:
+    CHANGEPASSWORDTEXT1: 'Sie haben Ihr Passwort geändert für'
+    CHANGEPASSWORDTEXT3: 'Passwort ändern'
+    HELLO: Hallo
+  SilverStripe\Control\Email\ForgotPasswordEmail_ss:
+    HELLO: Hallo
+    TEXT1: 'Hier ist Ihr'
+    TEXT2: 'Link zum Zurücksetzen des Passworts'
+    TEXT3: für
+  SilverStripe\Control\RequestProcessor:
+    INVALID_REQUEST: 'Ungültige Anfrage'
+    REQUEST_ABORTED: 'Anfrage abgebrochen'
+  SilverStripe\Core\Manifest\VersionProvider:
+    VERSIONUNKNOWN: Unbekannt
  SilverStripe\Forms\CheckboxField:
    NOANSWER: Nein
    YESANSWER: Ja
+  SilverStripe\Forms\CheckboxSetField_ss:
+    NOOPTIONSAVAILABLE: 'Keine Optionen verfügbar'
  SilverStripe\Forms\ConfirmedPasswordField:
    ATLEAST: 'Passwörter müssen mindestens {min} Zeichen lang sein.'
    BETWEEN: 'Passwörter müssen zwischen {min} und {max} Zeichen lang sein.'
+    CURRENT_PASSWORD_ERROR: 'Das derzeitige Passwort ist nicht richtig.'
+    CURRENT_PASSWORD_MISSING: 'Bitte geben Sie Ihr derzeitiges Passwort ein.'
    LOGGED_IN_ERROR: 'Sie müssen eingeloggt sein, um Ihr Passwort ändern zu können!'
    MAXIMUM: 'Passwörter dürfen maximal {max} Zeichen lang sein.'
    SHOWONCLICKTITLE: 'Passwort ändern'
@ -14,12 +39,18 @@ de:
    VALIDDATEFORMAT2: 'Bitte geben sie das Datum im korrekten Format ein ({format})'
    VALIDDATEMAXDATE: 'Ihr Datum muss vor dem erlaubtem Datum ({date}) liegen oder gleich sein'
    VALIDDATEMINDATE: 'Ihr Datum muss nach dem erlaubtem Datum ({date}) liegen oder gleich sein'
+  SilverStripe\Forms\DatetimeField:
+    VALIDDATEMAXDATETIME: 'Ihr Datum muss vor dem erlaubtem Datum ({datetime}) liegen oder gleich sein'
+    VALIDDATETIMEFORMAT: 'Bitte geben Sie ein gültiges Datums- und Zeitformat ein  ({format})'
+    VALIDDATETIMEMINDATE: 'Ihr Datum muss nach dem erlaubtem Datum ({datetime}) liegen oder gleich sein'
  SilverStripe\Forms\DropdownField:
    CHOOSE: (Auswahl)
    CHOOSE_MODEL: '({name} auswählen)'
    SOURCE_VALIDATION: 'Bitte wählen Sie aus der Liste. {value} ist kein gültiger Wert'
  SilverStripe\Forms\EmailField:
    VALIDATION: 'Bitte geben Sie eine E-Mail-Adresse ein'
+  SilverStripe\Forms\FileUploadReceiver:
+    FIELDNOTSET: 'Dateiinformation nicht gefunden'
  SilverStripe\Forms\Form:
    CSRF_EXPIRED_MESSAGE: 'Ihre Sitzung ist abgelaufen. Bitte schicken Sie das Formular erneut ab.'
    CSRF_FAILED_MESSAGE: 'Es gab ein technisches Problem. Bitte versuchen Sie es erneut, nachdem sie die vorherige Seite neu geladen haben.'
@ -29,10 +60,14 @@ de:
    VALIDATOR: Prüfer
    VALIDCURRENCY: 'Bitte geben Sie einen korrekten Betrag ein'
  SilverStripe\Forms\FormField:
+    EXAMPLE: 'z.B. {format}'
    NONE: keine
+  SilverStripe\Forms\FormScaffolder:
+    TABMAIN: Hauptteil
  SilverStripe\Forms\GridField\GridField:
    Add: '{name} hinzufügen'
    CSVEXPORT: 'Als CSV-Datei exportieren'
+    CSVIMPORT: 'CSV importieren'
    Filter: Filter
    FilterBy: 'Filtern nach'
    Find: Suchen
@ -58,9 +93,18 @@ de:
    DeletePermissionsFailure: 'Keine Berechtigungen zum löschen'
    Deleted: 'Gelöscht {type} {name}'
    Save: Speichern
+  SilverStripe\Forms\GridField\GridFieldEditButton:
+    EDIT: Bearbeiten
+  SilverStripe\Forms\GridField\GridFieldPaginator:
+    OF: von
+    Page: Seite
+    View: Anzeigen
  SilverStripe\Forms\MoneyField:
    FIELDLABELAMOUNT: Betrag
    FIELDLABELCURRENCY: Währung
+    INVALID_CURRENCY: 'Währung {currency} ist nicht in der Liste der erlaubten Währungen'
+  SilverStripe\Forms\MultiSelectField:
+    SOURCE_VALIDATION: 'Bitte wählen Sie aus der Liste. {value} ist ungültig.'
  SilverStripe\Forms\NullableField:
    IsNullLabel: 'ist NULL'
  SilverStripe\Forms\NumericField:
@ -69,19 +113,45 @@ de:
    VALIDATEFORMAT: 'Bitte geben Sie die Uhrzeit im korrekten Format ein ({format})'
  SilverStripe\ORM\DataObject:
    PLURALNAME: DatenObjekte
+    PLURALS:
+      one: 'Ein DatenObjekt'
+      other: '{count} DatenObjekte'
    SINGULARNAME: DatenObjekt
  SilverStripe\ORM\FieldType\DBBoolean:
    ANY: alle
    NOANSWER: Nein
    YESANSWER: Ja
  SilverStripe\ORM\FieldType\DBDate:
+    DAYS_SHORT_PLURALS:
+      one: '{count} Tag'
+      other: '{count} Tage'
+    HOURS_SHORT_PLURALS:
+      one: '{count} Stunde'
+      other: '{count} Stunden'
    LessThanMinuteAgo: 'weniger als eine Minute'
+    MINUTES_SHORT_PLURALS:
+      one: '{count} Minute'
+      other: '{count} Minuten'
+    MONTHS_SHORT_PLURALS:
+      one: '{count} Monat'
+      other: '{count} Monate'
+    SECONDS_SHORT_PLURALS:
+      one: '{count} Sekunde'
+      other: '{count} Sekunden'
    TIMEDIFFAGO: 'vor {difference}'
    TIMEDIFFIN: 'in {difference}'
+    YEARS_SHORT_PLURALS:
+      one: '{count} Jahr'
+      other: '{count} Jahre'
  SilverStripe\ORM\FieldType\DBEnum:
    ANY: alle
+  SilverStripe\ORM\Hierarchy:
+    LIMITED_TITLE: 'Zu viele Kindelemente ({count})'
  SilverStripe\ORM\Hierarchy\Hierarchy:
    InfiniteLoopNotAllowed: 'Es wurde eine Endlosschleife innerhalb der "{type}"-Hierarchie gefunden. Bitte ändern Sie die übergeordnete Seite, um den Fehler zu beheben'
+    LIMITED_TITLE: 'Zu viele Kindelemente ({count})'
+  SilverStripe\ORM\ValidationException:
+    DEFAULT_ERROR: Validierungsfehler
  SilverStripe\Security\BasicAuth:
    ENTERINFO: 'Bitte geben Sie einen Nutzernamen und ein Passwort ein'
    ERRORNOTADMIN: 'Dieser Nutzer ist kein Administrator'
@ -90,28 +160,46 @@ de:
    PASSWORDEXPIRED: '<p>Ihr Passwort ist abgelaufen. <a target="_top" href="{link}">Bitte wählen Sie ein neues Passwort.</a></p>'
  SilverStripe\Security\CMSSecurity:
    INVALIDUSER: '<p>Ungültiger Benutzer. <a target="_top" href="{link}">Bitte melden Sie sich hier an</a> um fortzufahren.</p>'
+    LOGIN_MESSAGE: '<p>Ihre Sitzung ist wegen Inaktivität abgelaufen.</p>'
    SUCCESS: Erfolg
    SUCCESSCONTENT: '<p>Login erfolgreich. Falls Sie nicht automatisch weitergeleitet werden, bitte <a target="_top" href="{link}">hier klicken</a></p>'
+    SUCCESS_TITLE: 'Login erfolgreich'
+  SilverStripe\Security\DefaultAdminService:
+    DefaultAdminFirstname: Standardadmin
  SilverStripe\Security\Group:
    AddRole: 'Rolle zur Gruppe hinzufügen'
    Code: 'Gruppen Code'
    DefaultGroupTitleAdministrators: Administratoren
    DefaultGroupTitleContentAuthors: Inhaltsautoren
    Description: Beschreibung
+    GROUPNAME: Gruppenname
    GroupReminder: 'Diese Gruppe übernimmt automatisch die Rollen der Elterngruppe'
    HierarchyPermsError: 'Kann Berechtigungen der Eltern-Gruppe "{group}" nicht hinzufügen (erfordert Administratorrechte)'
    Locked: 'Gesperrt?'
+    MEMBERS: Mitglieder
+    NEWGROUP: 'Neue Gruppe'
    NoRoles: 'Keine Rollen gefunden'
+    PERMISSIONS: Berechtigungen
    PLURALNAME: Gruppen
+    PLURALS:
+      one: 'Eine Gruppe'
+      other: '{count} Gruppen'
    Parent: Elterngruppe
+    ROLES: Rollen
+    ROLESDESCRIPTION: 'Hier können Sie der Gruppe Rollen zuweisen.<br />Rollen sind logische Gruppierungen von Berechtigungen.'
    RolesAddEditLink: 'Rollen hinzufügen/editieren'
    SINGULARNAME: Gruppe
    Sort: Sortierreihenfolge
    has_many_Permissions: Berechtigungen
    many_many_Members: Mitglieder
  SilverStripe\Security\LoginAttempt:
+    Email: E-Mail-Adresse
+    EmailHashed: 'E-Mail-Adresse (gehashed)'
    IP: IP-Adresse
    PLURALNAME: Loginversuche
+    PLURALS:
+      one: 'Ein Loginversuch'
+      other: '{count} Loginversuche'
    SINGULARNAME: Loginversuch
    Status: Status
  SilverStripe\Security\Member:
@ -119,6 +207,7 @@ de:
    BUTTONCHANGEPASSWORD: 'Passwort ändern'
    BUTTONLOGIN: Einloggen
    BUTTONLOGINOTHER: 'Als jemand anderes einloggen'
+    BUTTONLOGOUT: Abmelden
    BUTTONLOSTPASSWORD: 'Ich habe mein Passwort vergessen'
    CONFIRMNEWPASSWORD: 'Neues Passwort bestätigen'
    CONFIRMPASSWORD: 'Passwort bestätigen'
@ -139,6 +228,10 @@ de:
    PASSWORD: Passwort
    PASSWORDEXPIRED: 'Ihr Passwort ist abgelaufen. Bitte wählen Sie ein neues Passwort.'
    PLURALNAME: Benutzer
+    PLURALS:
+      one: 'Ein Mitglied'
+      other: '{count}  Mitglieder'
+    REMEMBERME: 'Für das nächste Mal merken? (für {count} Tage auf diesem Gerät)'
    SINGULARNAME: Benutzer
    SUBJECTPASSWORDCHANGED: 'Ihr Passwort wurde geändert'
    SUBJECTPASSWORDRESET: 'Ihr Link zur Passwortrücksetzung'
@ -151,8 +244,21 @@ de:
    db_LockedOutUntil: 'Gesperrt bis'
    db_Password: Passwort
    db_PasswordExpiry: 'Ablaufdatum des Passworts'
+  SilverStripe\Security\MemberAuthenticator\CMSMemberLoginForm:
+    AUTHENTICATORNAME: 'CMS Benutzer Login Formular'
+    BUTTONFORGOTPASSWORD: 'Passwort vergessen'
+    BUTTONLOGIN: 'Wieder einloggen'
+    BUTTONLOGOUT: Abmelden
+  SilverStripe\Security\MemberAuthenticator\MemberAuthenticator:
+    ERRORWRONGCRED: 'Ihre Eingaben scheinen nicht richtig zu sein. Bitte versuchen Sie es erneut.'
+    NoPassword: 'Dieser Benutzer hat kein Passwort.'
+  SilverStripe\Security\MemberAuthenticator\MemberLoginForm:
+    AUTHENTICATORNAME: 'E-Mail & Passwort'
  SilverStripe\Security\MemberPassword:
    PLURALNAME: Benutzerpasswörter
+    PLURALS:
+      one: 'Ein Benutzerpasswort'
+      other: '{count} Benutzerpasswörter'
    SINGULARNAME: Benutzerpasswort
  SilverStripe\Security\PasswordValidator:
    LOWCHARSTRENGTH: 'Bitte erhöhen Sie die Sicherheit des Passworts, indem Sie auch einige der folgenden Zeichen verwenden: {chars}'
@ -160,10 +266,15 @@ de:
    TOOSHORT: 'Das Passwort ist zu kurz, es muss mindestens {minimum} Zeichen lang sein'
  SilverStripe\Security\Permission:
    AdminGroup: Administrator
+    CMS_ACCESS_CATEGORY: 'CMS Zugriff'
    CONTENT_CATEGORY: Inhaltsberechtigungen
    FULLADMINRIGHTS: 'Unbeschränkte Administratorenrechte'
    FULLADMINRIGHTS_HELP: 'Schließt alle anderen verfügbaren Berechtigungen ein'
+    PERMISSIONS_CATEGORY: 'Rollen und Zugriffsberechtigungen'
    PLURALNAME: Berechtigungen
+    PLURALS:
+      one: 'Eine Berechtigung'
+      other: '{count} Berechtigungen'
    SINGULARNAME: Zugriffsberechtigung
    UserPermissionsIntro: 'Durch das Hinzufügen von Benutzern zu Gruppen, werden dessen Rechte angepasst. Mehr Informationen über die Berechtigungen der einzelnen Gruppen erhältst Du im Abschnitt Gruppen.'
  SilverStripe\Security\PermissionCheckboxSetField:
@ -174,12 +285,24 @@ de:
  SilverStripe\Security\PermissionRole:
    OnlyAdminCanApply: 'Nur Adminstratoren können beitreten'
    PLURALNAME: Rollen
+    PLURALS:
+      one: 'Eine Rolle'
+      other: '{count} Rollen'
    SINGULARNAME: Rolle
    Title: Titel
  SilverStripe\Security\PermissionRoleCode:
    PLURALNAME: Berechtigungsrollencodes
+    PLURALS:
+      one: 'Ein Berechtigungsrollencode'
+      other: '{count} Berechtigungsrollencodes'
    PermsError: 'Kann Berechtigungen dem Code "{code}" nicht hinzufügen (erfordert Administratorrechte)'
    SINGULARNAME: Berechtigungsrollencode
+  SilverStripe\Security\RememberLoginHash:
+    PLURALNAME: 'Login Hashes'
+    PLURALS:
+      one: 'Ein Login Hash'
+      other: '{count} Login Hashes'
+    SINGULARNAME: 'Login Hash'
  SilverStripe\Security\Security:
    ALREADYLOGGEDIN: 'Sie haben keinen Zugriff auf diese Seite. Wenn Sie ein anderes Konto besitzen, mit dem Sie auf diese Seite zugreifen können, melden Sie sich bitte unten an.'
    BUTTONSEND: 'Senden Sie mir den Link zur Passwortrücksetzung'
@ -188,6 +311,10 @@ de:
    ENTERNEWPASSWORD: 'Bitte geben Sie ein neues Passwort ein'
    ERRORPASSWORDPERMISSION: 'Sie müssen eingeloggt sein, um Ihr Passwort ändern zu können!'
    LOGIN: Anmelden
+    LOGOUT: Abmelden
    LOSTPASSWORDHEADER: 'Passwort vergessen'
    NOTEPAGESECURED: 'Diese Seite ist geschützt. Bitte melden Sie sich an und Sie werden sofort weitergeleitet.'
+    NOTERESETLINKINVALID: '<p>Der Link zum Zurücksetzen des Passworts ist entweder nicht korrekt oder abgelaufen</p><p>Sie können <a href="{link1}">einen neuen Link anfordern</a> oder Ihr Passwort nach dem <a href="{link2}">einloggen</a> ändern.</p>'
    NOTERESETPASSWORD: 'Geben Sie Ihre E-Mail-Adresse ein und wir werden Ihnen einen Link zuschicken, mit dem Sie Ihr Passwort zurücksetzen können.'
+    PASSWORDRESETSENTHEADER: 'Der Link zum Zurücksetzen des Passworts wurde gesendet'
+    PASSWORDRESETSENTTEXT: 'Vielen Dank! Wenn ein Account zu der E-Mail Adresse existiert, wurde eine E-Mail mit dem Link zum Zurücksetzen des Passworts verschickt.'
--- a/lang/eo.yml
+++ b/lang/eo.yml
@ -84,7 +84,6 @@ eo:
    RelationSearch: 'Serĉi rilatojn'
    ResetFilter: Restartigi
  SilverStripe\Forms\GridField\GridFieldDeleteAction:
-    DELETE_DESCRIPTION: Forigi
    Delete: Forigi
    DeletePermissionsFailure: 'Mankas permeso forigi'
    EditPermissionsFailure: 'Mankas permeso malligi rikordon'
@ -96,23 +95,12 @@ eo:
    DeletePermissionsFailure: 'Mankas permeso forigi'
    Deleted: 'Forigita {type} {name}'
    Save: Konservi
-  SilverStripe\Forms\GridField\GridFieldEditButton_ss:
-    EDIT: Redakti
  SilverStripe\Forms\GridField\GridFieldGroupDeleteAction:
    UnlinkSelfFailure: 'Ne povas forigi vin el ĉi tiu grupo; vi perdus administrajn rajtojn'
  SilverStripe\Forms\GridField\GridFieldPaginator:
    OF: de
    Page: Paĝo
    View: Vido
-  SilverStripe\Forms\GridField\GridFieldVersionedState:
-    ADDEDTODRAFTHELP: 'Ero ankoraŭ estas ne publikigita'
-    ADDEDTODRAFTSHORT: Malneto
-    ARCHIVEDPAGEHELP: 'Ero estas forigita el malneta kaj publika'
-    ARCHIVEDPAGESHORT: Enarkivigita
-    MODIFIEDONDRAFTHELP: 'Ero enhavas nepublikigitajn ŝanĝojn'
-    MODIFIEDONDRAFTSHORT: Ŝanĝita
-    ONLIVEONLYSHORT: 'Nur ĉe publika'
-    ONLIVEONLYSHORTHELP: 'Ero estas publikigita, sed ĝi estas forigita el malneto'
  SilverStripe\Forms\MoneyField:
    FIELDLABELAMOUNT: Kvanto
    FIELDLABELCURRENCY: Kurzo
@ -331,7 +319,4 @@ eo:
    LOGOUT: Elsaluti
    LOSTPASSWORDHEADER: 'Perdis pasvorton'
    NOTEPAGESECURED: 'Tiu paĝo estas sekurigita.  Enigu viajn akreditaĵojn sube kaj vi aliros pluen.'
-    NOTERESETLINKINVALID: '<p>La pasvorta reagorda ligilo estas malvalida aŭ finiĝis.</p><p>Vi povas peti novan <a href="{link1}">ĉi tie</a> aŭ ŝanĝi vian pasvorton post <a href="{link2}">vi ensalutis</a>.</p>'
    NOTERESETPASSWORD: 'Enigu vian retpoŝtan adreson kaj ni sendos al vi ligilon per kiu vi povas reagordi vian pasvorton'
-    PASSWORDSENTHEADER: 'Pasvorta reagorda ligilo sendiĝis al ''{email}'''
-    PASSWORDSENTTEXT: 'Dankon! Reagordita ligilo sendiĝis al ''{email}'', kondiĉe ke konto ekzistas por tiu retadreso.'
--- a/lang/nl.yml
+++ b/lang/nl.yml
@ -84,7 +84,6 @@ nl:
    RelationSearch: 'Zoek relatie'
    ResetFilter: Resetten
  SilverStripe\Forms\GridField\GridFieldDeleteAction:
-    DELETE_DESCRIPTION: Verwijder
    Delete: Verwijder
    DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen'
    EditPermissionsFailure: 'Geen toelating om te ontkoppelen'
@ -96,23 +95,12 @@ nl:
    DeletePermissionsFailure: 'Onvoldoende rechten om te verwijderen'
    Deleted: '{type} {name} verwijderd'
    Save: Opslaan
-  SilverStripe\Forms\GridField\GridFieldEditButton_ss:
-    EDIT: Edit
  SilverStripe\Forms\GridField\GridFieldGroupDeleteAction:
    UnlinkSelfFailure: 'U kunt uzelf niet verwijderen van deze groep, omdat u dan geen admin-rechten meer heeft.'
  SilverStripe\Forms\GridField\GridFieldPaginator:
    OF: van
    Page: Pagina
    View: Bekijk
-  SilverStripe\Forms\GridField\GridFieldVersionedState:
-    ADDEDTODRAFTHELP: 'Item is nog niet gepubliceerd'
-    ADDEDTODRAFTSHORT: Concept
-    ARCHIVEDPAGEHELP: 'Het item is verwijderd van de concept- en de live site'
-    ARCHIVEDPAGESHORT: Gearchiveerd
-    MODIFIEDONDRAFTHELP: 'Item heeft wijzigingen die nog niet gepubliceerd zijn'
-    MODIFIEDONDRAFTSHORT: Aangepast
-    ONLIVEONLYSHORT: 'Alleen op de live site'
-    ONLIVEONLYSHORTHELP: 'Item is gepubliceerd, maar verwijderd van de concept site'
  SilverStripe\Forms\MoneyField:
    FIELDLABELAMOUNT: Aantal
    FIELDLABELCURRENCY: Munteenheid
@ -174,8 +162,8 @@ nl:
    PASSWORDEXPIRED: '<p>Uw wachtwoord is verlopen. <a target="_top" href="{link}">Kies een nieuw wachtwoord.</a></p>'
  SilverStripe\Security\CMSSecurity:
    INVALIDUSER: '<p>Ongeldige gebruiker <a target="_top" href="{link}">Log hier opnieuw in</a> om verder te gaan.</p>'
-    LOGIN_MESSAGE: 'Sessie is verlopen'
-    LOGIN_TITLE: '<p>U kunt verder met wat u aan het doen was, door opnieuw in te loggen.</p>'
+    LOGIN_MESSAGE: '<p>De browsersessie is verlopen wegens inactiviteit</p>'
+    LOGIN_TITLE: 'Log opnieuw in om verder te gaan.'
    SUCCESS: Succes
    SUCCESSCONTENT: '<p>U bent ingelogd. <a target="_top" href="{link}">Klik hier</a> als u niet automatisch wordt doorgestuurd.</p>'
    SUCCESS_TITLE: 'Inloggen is gelukt'
@ -331,7 +319,4 @@ nl:
    LOGOUT: Uitloggen
    LOSTPASSWORDHEADER: 'Wachtwoord vergeten'
    NOTEPAGESECURED: 'Deze pagina is beveiligd. Voer uw gegevens in en u wordt automatisch doorgestuurd.'
-    NOTERESETLINKINVALID: '<p>De link om uw wachtwoord te kunnen wijzigen is niet meer geldig.</p><p>U kunt <a href="{link1}">een nieuwe link aanvragen</a> of uw wachtwoord aanpassen door <a href="{link2}">in te loggen</a>.</p>'
    NOTERESETPASSWORD: 'Voer uw e-mailadres in en we sturen een link waarmee u een nieuw wachtwoord kunt instellen.'
-    PASSWORDSENTHEADER: 'Wachtwoord herstel link verzonden naar {email}'
-    PASSWORDSENTTEXT: 'Bedankt! Er is een link verstuurd naar {email} om uw wachtwoord opnieuw in te stellen, in de veronderstelling dat er een account bestaat voor dit e-mailadres.'
--- a/src/Dev/Constraint/ViewableDataContains.php
+++ b/src/Dev/Constraint/ViewableDataContains.php
@ -64,7 +64,7 @@ class ViewableDataContains extends PHPUnit_Framework_Constraint implements TestO
        $success = true;

        foreach ($this->match as $fieldName => $value) {
-            if ($other->getField($fieldName) != $value) {
+            if ($other->$fieldName != $value) {
                $success = false;
                break;
            }
--- a/src/Dev/Install/Installer.php
+++ b/src/Dev/Install/Installer.php
@ -611,7 +611,7 @@ TEXT;
 <li id="ModRewriteResult">Testing...</li>
 <script>
    if (typeof $ == 'undefined') {
-        document.getElemenyById('ModeRewriteResult').innerHTML = "I can't run jQuery ajax to set rewriting; I will redirect you to the homepage to see if everything is working.";
+        document.getElementById('ModeRewriteResult').innerHTML = "I can't run jQuery ajax to set rewriting; I will redirect you to the homepage to see if everything is working.";
        setTimeout(function() {
            window.location = "$destinationURL";
        }, 10000);
--- a/src/Forms/GridField/GridFieldPrintButton.php
+++ b/src/Forms/GridField/GridFieldPrintButton.php
@ -133,7 +133,10 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
        $this->extend('updatePrintData', $data);

        if ($data) {
-            return $data->renderWith(get_class($gridField) . "_print");
+            return $data->renderWith([
+                get_class($gridField) . '_print',
+                GridField::class . '_print',
+            ]);
        }

        return null;
--- a/src/ORM/Connect/MySQLSchemaManager.php
+++ b/src/ORM/Connect/MySQLSchemaManager.php
@ -220,7 +220,7 @@ class MySQLSchemaManager extends DBSchemaManager
    public function databaseExists($name)
    {
        // MySQLi doesn't like parameterised queries for some queries
-        $sqlName = $this->database->quoteString($name);
+        $sqlName = addcslashes($this->database->quoteString($name), '%_');
        return !!($this->query("SHOW DATABASES LIKE $sqlName")->value());
    }

--- a/src/View/Parsers/ShortcodeParser.php
+++ b/src/View/Parsers/ShortcodeParser.php
@ -476,7 +476,7 @@ class ShortcodeParser

            if ($tags) {
                $node->nodeValue = $this->replaceTagsWithText(
-                    $node->nodeValue,
+                    htmlspecialchars($node->nodeValue),
                    $tags,
                    function ($idx, $tag) use ($parser, $extra) {
                        return $parser->getShortcodeReplacementText($tag, $extra, false);
--- a/tests/php/Dev/ViewableDataContainsTest.php
+++ b/tests/php/Dev/ViewableDataContainsTest.php
@ -4,6 +4,7 @@ namespace SilverStripe\Dev\Tests;

 use SilverStripe\Dev\Constraint\ViewableDataContains;
 use SilverStripe\Dev\SapphireTest;
+use SilverStripe\Dev\Tests\ViewableDataContainsTest\TestObject;
 use SilverStripe\Security\Member;
 use SilverStripe\View\ArrayData;

@ -100,4 +101,14 @@ class ViewableDataContainsTest extends SapphireTest

        $this->assertFalse($constraint->evaluate($item, '', true));
    }
+
+    public function testFieldAccess()
+    {
+        $data = new TestObject(['name' => 'Damian']);
+        $constraint = new ViewableDataContains(['name' => 'Damian', 'Something' => 'something']);
+        $this->assertTrue($constraint->evaluate($data, '', true));
+
+        $constraint = new ViewableDataContains(['name' => 'Damian', 'Something' => 'notthing']);
+        $this->assertFalse($constraint->evaluate($data, '', true));
+    }
 }
--- a/tests/php/Dev/ViewableDataContainsTest/TestObject.php
+++ b/tests/php/Dev/ViewableDataContainsTest/TestObject.php
@ -0,0 +1,31 @@
+<?php
+
+namespace SilverStripe\Dev\Tests\ViewableDataContainsTest;
+
+use SilverStripe\Dev\TestOnly;
+use SilverStripe\View\ViewableData;
+
+class TestObject extends ViewableData implements TestOnly
+{
+    protected $data = null;
+
+    public function __construct($data)
+    {
+        $this->data = $data;
+    }
+
+    public function hasField($name)
+    {
+        return isset($this->data[$name]);
+    }
+
+    public function getField($name)
+    {
+        return isset($this->data[$name]) ?: null;
+    }
+
+    public function getSomething()
+    {
+        return 'something';
+    }
+}
--- a/tests/php/View/Parsers/ShortcodeParserTest.php
+++ b/tests/php/View/Parsers/ShortcodeParserTest.php
@ -311,6 +311,15 @@ class ShortcodeParserTest extends SapphireTest
        $this->assertEquals($this->extra['element']->tagName, 'a');
    }

+    public function testShortcodeWithAnchorAndQuerystring()
+    {
+        $result = $this->parser->parse('<a href="[test_shortcode]?my-string=this&thing=2#my-anchor">Link</a>');
+
+        $this->assertContains('my-string=this', $result);
+        $this->assertContains('thing=2', $result);
+        $this->assertContains('my-anchor', $result);
+    }
+
    public function testNoParseAttemptIfNoCode()
    {
        $stub = $this->getMockBuilder(ShortcodeParser::class)->setMethods(array('replaceElementTagsWithMarkers'))