I've also suggested a note to an existing Chrome lazy-loading bug
88 KiB
Overview
A full list of module versions included in CMS Recipe 4.9.0 is provided below. We recommend referencing recipes in your dependencies, rather than individual modules, to simplify version tracking. See Recipes.
Core module versions
Module | Version |
---|---|
silverstripe/admin | 1.9.0 |
silverstripe/asset-admin | 1.9.0 |
silverstripe/assets | 1.9.0 |
silverstripe/campaign-admin | 1.9.0 |
silverstripe/cms | 4.9.0 |
silverstripe/config | 1.2.0 |
silverstripe/errorpage | 1.9.0 |
silverstripe/framework | 4.9.0 |
silverstripe/graphql | 3.6.0 |
silverstripe/login-forms | 4.5.0 |
silverstripe/mimevalidator | 2.2.0 |
silverstripe/reports | 4.9.0 |
silverstripe/session-manager | 1.1.0 |
silverstripe/siteconfig | 4.9.0 |
silverstripe/versioned | 1.9.0 |
silverstripe/versioned-admin | 1.9.0 |
Supported module versions
Module | Version |
---|---|
bringyourownideas/silverstripe-composer-update-checker | 2.0.3 |
bringyourownideas/silverstripe-maintenance | 2.3.1 |
cwp/agency-extensions | 2.5.0 |
cwp/cwp | 2.8.0 |
cwp/cwp-core | 2.8.0 |
cwp/cwp-pdfexport | 1.2.0 |
cwp/cwp-search | 1.5.0 |
cwp/starter-theme | 3.2.0 |
cwp/watea-theme | 3.1.0 |
dnadesign/silverstripe-elemental | 4.7.0 |
dnadesign/silverstripe-elemental-userforms | 3.0.0 |
silverstripe/akismet | 4.1.0 |
silverstripe/auditor | 2.3.0 |
silverstripe/blog | 3.8.0 |
silverstripe/ckan-registry | 1.3.0 |
silverstripe/comment-notifications | 2.1.0 |
silverstripe/comments | 3.6.0 |
silverstripe/content-widget | 2.2.0 |
silverstripe/contentreview | 4.3.0 |
silverstripe/controllerpolicy | 2.2.0 |
silverstripe/crontask | 2.3.0 |
silverstripe/documentconverter | 2.1.1 |
silverstripe/elemental-bannerblock | 2.3.0 |
silverstripe/elemental-fileblock | 2.2.0 |
silverstripe/environmentcheck | 2.3.0 |
silverstripe/externallinks | 2.1.1 |
silverstripe/fulltextsearch | 3.8.0 |
silverstripe/gridfieldqueuedexport | 2.5.0 |
silverstripe/html5 | 2.1.0 |
silverstripe/hybridsessions | 2.3.0 |
silverstripe/iframe | 2.1.0 |
silverstripe/ldap | 1.2.1 |
silverstripe/mfa | 4.4.0 |
silverstripe/realme | 4.1.1 |
silverstripe/registry | 2.3.0 |
silverstripe/restfulserver | 2.3.0 |
silverstripe/security-extensions | 4.1.0 |
silverstripe/securityreport | 2.3.0 |
silverstripe/segment-field | 2.4.0 |
silverstripe/sharedraftcontent | 2.5.0 |
silverstripe/sitewidecontent-report | 3.1.0 |
silverstripe/spamprotection | 3.1.0 |
silverstripe/spellcheck | 2.2.1 |
silverstripe/subsites | 2.4.0 |
silverstripe/tagfield | 2.7.0 |
silverstripe/taxonomy | 2.2.0 |
silverstripe/textextraction | 3.2.0 |
silverstripe/totp-authenticator | 4.2.0 |
silverstripe/userforms | 5.10.0 |
silverstripe/versionfeed | 2.1.0 |
silverstripe/webauthn-authenticator | 4.3.0 |
silverstripe/widgets | 2.1.1 |
symbiote/silverstripe-advancedworkflow | 5.5.0 |
symbiote/silverstripe-multivaluefield | 5.1.0 |
symbiote/silverstripe-queuedjobs | 4.8.0 |
tractorcow/silverstripe-fluent | 4.5.1 |
Upgrading to Silverstripe CMS Recipe 4.9.0 is recommended for all sites. This upgrade can be carried out by any development team familiar with Silverstripe.
In addition to the below, have a read of the CMS 4.9 release announcement.
- Security considerations
- Security audit and regression test
- For development teams of Common Web Platform projects
- Dropping support for Internet Explorer 11
- Features and enhancements
- Bugfixes
Security considerations
This release includes security fixes. Review the individual vulnerability disclosure for more detailed descriptions of each security fix. We highly encourage upgrading your project to include the latest security patches.
We have provided a high-level severity rating of the vulnerabilities below based on the CVSS score. Note that the impact of each vulnerability could vary based on the specifics of each project. You can read the severity rating definitions in the Silverstripe CMS release process.
- CVE-2021-28661 Default GraphQL permission checker not inherited by query subclass Severity: Low
- CVE-2021-36150 Insert from files link text - Reflective (self) Cross Site Scripting Severity: Medium
Note for CVE-2021-28661 Default GraphQL permission checker not inherited by query subclass
If your site has a custom GraphQL 3 ItemQuery/ListQuery Scaffolder implementation that relies on having no permission check, you will need to add a custom permission checker to bypass the canView()
check. See the security announcement for implementation details.
Regression test and Security audit
This release has been comprehensively regression tested and passed to a third party for a security-focused audit.
While it is still advised that you perform your own due diligence when upgrading your project, this work is performed to ensure a safe and secure upgrade with each recipe release.
For development teams of Common Web Platform projects
This release marks the first release for Common Web Platform projects to eject out of managing projects in the CWP 2.x version line and to begin following the standard CMS 4.x version line, by adopting the CMS Recipe.
Review the Migrate your project off the Common Web Platform CMS recipe guidance to learn how to transition from CWP.
Dropping support for Internet Explorer 11
Silverstripe CMS 4.9.0 is the last release of Silverstripe CMS that supports Internet Explorer 11. Silverstripe CMS 4.10.0 will not support Internet Explorer 11.
Microsoft has announced the end-of-life for Internet Explorer 11 on June 15, 2022. It has already dropped Internet Explorer support in many other products including Microsoft Teams and Microsoft 365. In this context, any development time dedicated to maintianing Internet Explorer support could be better use improving other areas of Silverstripe CMS.
While the Silverstripe CMS UI might not allow content authors to manage content in Internet Explorer, this does not preclude Silverstripe CMS project from outputting an a frontend site that is compatible with Internet Explorer.
Features and enhancements
Changes to our release process
This change log has historically focused on noting changes as part of the CMS modules contained in what's referred to as the CMS Recipe (see recipes).
This release brings a new approach to the way we shipped code and communicate its release. These changes are aimed at making it easier for developers to keep their project up to date and to understand what has been released in popular modules outside of the CMS Recipe.
Unified release for Core and Supported modules
Until recently, we shipped core modules and supported modules in two different releases. From now on, we will shipped core modules and supported modules in one go.
The main difference is that changelogs will now contain entries for all supported modules. This does not require Silverstripe CMS project to install any additianal modules when upgrading.
Looser constraints allow easier adoption of patch releases
The CMS Recipe is the recommended way that all CMS projects manage the core repositories that are required to run a standard Silverstripe CMS project. Previously, Silverstripe CMS recipes were lockstep with exact constraints. This precluded projects using recipes from installing patch releases of individual modules until a subsequent release of a recipe (often 3+ months later). Now, the CMS recipe and other recipes used to bundle module combinations have looser constraints.
The loose constraints will allow your project to take advantage of any subsequent patch releases of containing modules with a simple composer update, respecting commitments to SemVer versioning and not introducing any breaking changes. This allows projects to make more immediate use of bugfix releases, while giving module maintainers the incentive to release patch versions more frequently.
For projects that are more weary of frequent patch releases and would prefer to retain tighter module version constraints, it is recommended that you either:
- eject out of the CMS recipe
- record each module individually in the
composer.json
file
Image lazy loading
Most modern browsers support the ability to "lazy load" images. When an image is configured to be lazy loaded, browsers only request the image once it's about to be visible to the users. This reduces the initial rendering time for pages.
From v4.9, Silverstripe CMS lazy loads most images by default. You have the options to opt-out of this behaviour globally or on specific image instances.
This feature was implemented in partnership with Google.
Read Browser-level image lazy-loading for the web on web.dev more information.
How developers can interact with image lazy loading
Most images get the loading="lazy"
attribute added to them. This includes:
- images added via the HTML Editor's insert media button
- image DataObjects added to templates.
To disable lazy loading for an individual image in a template, use $MyImage.LazyLoad(false)
.
Image HTML tags (<img>
) added in templates are not lazy loaded by default. Developers
can manually lazy load these images by adding a loading="lazy"
attribute.
Read the Image Lazy Loading Silverstripe CMS developer documentation for more details and code examples.
Opting out of image lazy loading globally
There's some scenarios where you might not want to use the native Silverstripe CMS lazy loading. For example, you might already have a custom lazy loading implementation.
To opt out of lazy loading globally, use the following yml config:
SilverStripe\Assets\Image:
lazy_loading_enabled: false
How content authors can interact with image lazy loading
Content authors can disable lazy loading on images added via the HTML editor field in the Insert media dialog by setting the Loading field to Eager.
Consult the Insert images article in the Silverstripe CMS user help for detailed instructions.
Also note: There is a long-standing bug in Google Chrome that will prevent images that have not yet been in view (and loaded) from being included if a user chooses to print the page. This is something that site owners should be made aware of.
Manage your CMS sessions across devices
The session manager module is a new security focused feature which allows a CMS user to view and manage their active sessions in the CMS within the "My profile" section of the CMS (/admin/myprofile). They can see the device details behind each session and have the ability to revoke these sessions. This new module has been added to silverstripe/recipe-cms
which is the recommended method of managing Silverstripe CMS dependencies in a project.
Projects that have silverstripe/recipe-cms
as a requirement in their composer.json
will automatically get silverstripe/session-manager
when you run composer update
. If your project does not use silverstripe/recipe-cms
, it's recommended that you require silverstripe/session-manager
in your composer file as a security enhancement. The session manager module requires no configuration and works out-of-the-box.
If your site has the symbiote/silverstripe-queuedjobs module installed, then a job will automatically be created that will periodically remove old database records created by the session manager module.
CMS users can review the Session Manager user help for more information on managing their sessions.
FuntionalTest's should not use Security::setCurrentUser($member)
when mocking an HTTP request
When writing an automated test using FuntionalTest
the methods $this->get()
and $this->post()
are available to mock HTTP requests. Previously, developers could use the method Security::setCurrentUser($member)
to define which member those mocked requests would run against.
Because Security::setCurrentUser()
is stateless, its effect only last for the current request. When mocking an HTTP request, session-manager logs out the mocked user if it was defined with Security::setCurrentUser()
.
Functional tests should use $this->logInAs($member)
and $this->logOut()
when mocking HTTP requests. It is still appropriate to use Security::setCurrentUser()
when testing stateless logic. e.g.: Testing that a DataObject
's canView()
method returns the correct value for the current user.
Review the Functional Testing developer documentation for more details on logInAs()
and logOut()
.
Upgrade to Swiftmailer version 6
Silverstripe CMS provides an API over the top of the SwiftMailer PHP library which comes with an extensive list of "transports" for sending mail via different services. Silverstripe CMS 4.9.0 upgrades to Swiftmailer version 6 from version 5.
Moving away from Swift_MailTransport
Prior to 4.9.0, Silverstripe CMS 4 defaulted to using the built-in PHP mail()
command via a deprecated class Swift_MailTransport
. However, the Swiftmailer maintainers have decided to remove this class because of some inherent security flaw in the way the PHP mail function handles the from
header.
Read this GitHub comment by a SwiftMailer maintainer for a detailed explanation of the weakness of the PHP mail function.
We have included the deprecated Swift_MailTransport
class in the silverstripe/framework
codebase to ensure backward compatibility for project upgrading to Silverstripe Recipe CMS 4.9.0. However, using this layer is less secure and is strongly discouraged.
New Silverstripe CMS project created from silverstripe/installer
4.9.0 or greater will default to using the more secure class Swift_SendmailTransport
which uses a sendmail
binary.
It's highly recommended that existing Silverstripe CMS installation using Swift_MailTransport
upgrade to Swift_SendmailTransport
or another available transport, such as Swift_SmtpTransport
. Details on how to use these classes are available in the email section of the developer docs.
Other new features
- New title tip component allowing you to provide extra context on the purpose of a field
- Dot notation support in form fields: Save directly into nested has_one relationships (see docs).
Bugfixes
This release includes a number of bug fixes to improve a broad range of areas. Check the change logs for full details of these fixes split by module. Thank you to the community members that helped contribute these fixes as part of the release!
## Change LogSecurity
-
silverstripe/admin (1.8.0 -> 1.9.0)
- 2021-09-01 e125ed4 Escape html tag characters in link text (Steve Boyd) - See cve-2021-36150
-
silverstripe/graphql (3.5.0 -> 3.6.0)
- 2021-08-11 d391399 Add a CanViewPermissionChecker if permission checker is null (Steve Boyd) - See cve-2021-28661
Features and Enhancements
-
silverstripe/installer (4.8.0 -> 4.9.0)
- 2021-08-18 be9d875 Use Swift_SendmailTransport for new projects (Steve Boyd)
-
silverstripe/assets (1.8.0 -> 1.9.0)
-
silverstripe/config (1.1.0 -> 1.2.0)
- 2018-02-26 e0e4013 New alias for 1.x-dev (Daniel Hensby)
-
silverstripe/framework (4.8.0 -> 4.9.0)
- 2021-08-08 f99ba5d71 Add extension point to DataObject-&gt;hydrate() (Matt Peel)
- 2021-07-31 a90d46dbc Title tips for form fields (Steve Boyd)
- 2021-07-18 4cd6b1434 Reduce duplication of code in GridField view and edit buttons. (#9953) (GuySartorelli)
- 2021-06-29 e4e4b0924 Use text field's title for validation messages. (GuySartorelli)
- 2021-06-25 d710990e1 Provide onBeforeRenderHolder extension hook. (GuySartorelli)
- 2021-06-17 b625ba99b Remove wording for authenticated devices being manageable (Steve Boyd)
- 2021-05-23 9dd69c40e Add DBText-&gt;Summary tests (Michal Kleiner)
- 2021-05-10 f8a943115 Add extension point to Director::is_site_url (Michal Kleiner)
- 2020-08-26 8883413ba Add GridFieldDetailForm::setRedirectMissingRecords() (Sam Minnee)
- 2019-08-24 02fb7c3b1 Support dot syntax in form field names (Sam Minnee)
-
silverstripe/mimevalidator (2.1.1 -> 2.2.0)
-
silverstripe/admin (1.8.0 -> 1.9.0)
-
silverstripe/asset-admin (1.8.0 -> 1.9.0)
-
silverstripe/session-manager (0.1.1 -> 1.1.0)
-
silverstripe/userforms (5.9.0 -> 5.10.0)
- 2021-05-31 3fbccea Avoid use of 'new' keyword on injectable classes from this module. (GuySartorelli)
-
dnadesign/silverstripe-elemental (4.6.0 -> 4.7.0)
- 2021-06-27 eae0ff9 Top Page enhancements. (#832) (Mojmir Fendek)
-
silverstripe/mfa (4.3.0 -> 4.4.0)
- 2021-06-16 51d6094 Increase rate limit (Steve Boyd)
Bugfixes
-
silverstripe/installer (4.8.0 -> 4.9.0)
- 2021-06-21 9487628 Fix typo (Seno)
-
silverstripe/framework (4.8.0 -> 4.9.0)
- 2021-08-23 de87d91d2 Trim email addresses to comply with RFC 2822, 3.6.2 (Steve Boyd)
- 2021-08-06 9a7c99fc4 Take current request protocol into account when deleting session cookie (Florian Thoma)
- 2021-08-05 ecb233012 Fix error when executing method SSViewer::templates() when $subTemplates is still null (Bram de Leeuw)
- 2021-07-27 e436e13df Fix link typo in 01_Caching.md (Vlad Mencl)
- 2021-07-07 b2a85e7a0 BASE_PATH fallback assumed wrong file location (#9977) (Ingo Schommer)
- 2021-07-06 87d076faa Cast DBInt value to int (Steve Boyd)
- 2021-07-01 8e803bbcf Parse Enums with dots in their values (Steve Boyd)
- 2021-06-29 0b979dc34 Cache duplicate embeds separately (Steve Boyd)
- 2021-06-17 7ed7ad025 Ensure changing a password to blank is validated (Steve Boyd)
- 2021-06-05 28b5b803b Defensively copy mocked datetime (David Peck)
- 2021-05-31 472fc4ebb Update DataQuery::exists to return false when limit causes no result to be returned (#9946) (Maxime Rainville)
- 2021-05-20 5e2ca7f0a Tidy extension and cli fix for tests (Ingo Schommer)
- 2021-05-14 7024af541 Fix typos in 04_Data_Types_and_Casting.md (Manuel Thalmann)
- 2021-05-14 6e499b73a Fix typos in 03_Lists.md (Manuel Thalmann)
- 2021-05-13 a5e4a5c97 Fix typos in 02_Relations.md (Manuel Thalmann)
- 2021-05-13 f44119ff5 Fix typos in 01_Data_Model_and_ORM.md (Manuel Thalmann)
- 2020-09-16 2017a2043 Use empty array as a fallback for preg_split within dbtext summary (Michal Kleiner)
- 2020-08-04 9d03a6856 Retain custom sort on custom lists in GridFieldAddExistingAutoCompleter (Ingo Schommer)
- 2019-08-26 5dcf5197d Make the ./_ substitution optional. (Sam Minnee)
- 2019-08-26 c7c6bdebd Allow join-object to be referenced as a component (Sam Minnee)
- 2019-08-24 6ba7bf7b2 Replace ‘.’s with ‘_’s in HTML IDs (Sam Minnee)
-
silverstripe/admin (1.8.0 -> 1.9.0)
- 2021-07-01 e361ae2 Unload previous preview when new URL is not available (Steve Boyd)
- 2021-06-17 c18402a Treedropdown css (Steve Boyd)
- 2021-06-04 ec80b60 Fix broken ModelAdmin test (Maxime Rainville)
- 2021-06-02 56c3a8f Refactor HeaderField to be a functional component (Maxime Rainville)
- 2021-05-28 a0a3701 managed_models slugs can't have hyphens (#1220) (Andrew Aitken-Fincham)
-
silverstripe/asset-admin (1.8.0 -> 1.9.0)
- 2021-08-12 f3065b6f Update unit test to use TestSession for session (Steve Boyd)
- 2021-07-16 b7061ce8 Update Editor to fetch file info directly from GraphQL so the editor works even when viewing a file not on the current page (Maxime Rainville)
- 2021-07-15 5db5c6cc Always sort by folders first (Steve Boyd)
- 2021-06-20 91d59457 Update overrides url when file is selected (Steve Boyd)
-
silverstripe/versioned-admin (1.8.0 -> 1.9.0)
- 2021-06-10 789e52c Update broken translations (Maxime Rainville)
-
silverstripe/cms (4.8.0 -> 4.9.0)
-
silverstripe/session-manager (0.1.1 -> 1.1.0)
-
silverstripe/login-forms (4.4.1 -> 4.5.0)
- 2021-06-24 c554983 Add Darkmod style for popover (#98) (Maxime Rainville)
-
silverstripe/spellcheck (2.2.0 -> 2.2.1)
- 2021-05-30 1a54396 Add namespaces back to translation files (Steve Boyd)
-
silverstripe/tagfield (2.6.0 -> 2.7.0)
-
silverstripe/widgets (2.1.0 -> 2.1.1)
- 2021-05-30 d4ae7ff Add namespaces back to translation files (Steve Boyd)
-
silverstripe/contentreview (4.2.0 -> 4.3.0)
- 2020-10-29 ebcfc48 Clear non-recurring custom date when reviewing (Jules)
-
silverstripe/sharedraftcontent (2.4.0 -> 2.5.0)
-
silverstripe/userforms (5.9.0 -> 5.10.0)
- 2021-07-08 69b397f Fix bad lang merge (Daniel Hensby)
- 2021-06-22 18eccb6 Log any email exceptions gracefully (Will Rossiter)
- 2021-06-20 02c15f3 Fix: Allow removing the Versioned extension from EditableFormField (GuySartorelli)
- 2021-05-31 b13cb73 Add namespaces back to translation files, use EditibleFileField class (Steve Boyd)
- 2021-04-12 4a883f1 fix for testing EmailRecipients (Bauke Zwaan)
- 2021-03-31 beaf901 When deleting form submission, delete linked file (Will Rossiter)
- 2021-03-22 e925aa1 Uploaded files not appearing in emails (Will Rossiter)
-
dnadesign/silverstripe-elemental (4.6.0 -> 4.7.0)
API Changes
-
silverstripe/assets (1.8.0 -> 1.9.0)
- 2021-06-24 46e11eb Add image lazy load config (Steve Boyd)
-
silverstripe/framework (4.8.0 -> 4.9.0)
- 2021-08-18 92f47da08 Update SwiftMailer from v5 to v6 (#10048) (Steve Boyd)
Dependencies
-
silverstripe/recipe-kitchen-sink (4.8.0 -> 4.9.0)
-
silverstripe/recipe-cms (4.8.0 -> 4.9.0)
-
silverstripe/recipe-core (4.8.0 -> 4.9.0)
- 2021-05-17 05c5042 Update dependencies for CMS 4.8 (Steve Boyd)
-
silverstripe/admin (1.8.0 -> 1.9.0)
-
silverstripe/asset-admin (1.8.0 -> 1.9.0)
-
silverstripe/campaign-admin (1.8.0 -> 1.9.0)
-
silverstripe/versioned-admin (1.8.0 -> 1.9.0)
- 2021-08-05 913781c Bump hosted-git-info from 2.8.5 to 2.8.9 (dependabot[bot])
- 2021-05-14 b014432 Bump elliptic from 6.5.1 to 6.5.4 (dependabot[bot])
- 2021-05-07 f9c0c1c Bump url-parse from 1.4.7 to 1.5.1 (dependabot[bot])
- 2021-05-07 6e411b5 Bump handlebars from 4.7.6 to 4.7.7 (dependabot[bot])
- 2021-05-06 c168356 Bump ua-parser-js from 0.7.20 to 0.7.28 (dependabot[bot])
- 2021-03-30 e58a8c0 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2020-12-31 2f728b2 Bump npm from 6.13.7 to 6.14.10 (dependabot[bot])
-
silverstripe/cms (4.8.0 -> 4.9.0)
-
silverstripe/versioned (1.8.0 -> 1.9.0)
- 2021-05-24 04d339b Require-dev graphql ^3.5 or ^4 (Steve Boyd)
-
silverstripe/session-manager (0.1.1 -> 1.1.0)
-
silverstripe/login-forms (4.4.1 -> 4.5.0)
-
silverstripe/recipe-authoring-tools (1.8.0 -> 1.9.0)
-
silverstripe/tagfield (2.6.0 -> 2.7.0)
- 2021-08-05 068df7e Bump ini from 1.3.5 to 1.3.8 (dependabot[bot])
- 2021-08-05 f996bba Bump ws from 5.2.2 to 5.2.3 (dependabot[bot])
- 2021-08-05 1273c72 Bump https-proxy-agent from 2.2.2 to 2.2.4 (dependabot[bot])
- 2021-05-10 bb59a75 Bump hosted-git-info from 2.8.8 to 2.8.9 (dependabot[bot])
- 2021-05-09 7b289cc Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-05-08 f685681 Bump url-parse from 1.4.7 to 1.5.1 (dependabot[bot])
- 2021-05-07 476e657 Bump handlebars from 4.5.3 to 4.7.7 (dependabot[bot])
- 2021-05-07 281e237 Bump ua-parser-js from 0.7.20 to 0.7.28 (dependabot[bot])
- 2021-03-30 6406f21 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 b11b434 Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
- 2020-10-16 3427bd4 Bump npm-user-validate from 1.0.0 to 1.0.1 (dependabot[bot])
-
silverstripe/recipe-blog (1.8.0 -> 1.9.0)
-
silverstripe/blog (3.7.0 -> 3.8.0)
- 2021-06-06 3a11155 Bump ws from 6.2.1 to 6.2.2 (dependabot[bot])
- 2021-05-15 5e90a4a Bump npm from 6.13.0 to 6.14.13 (dependabot[bot])
- 2021-05-14 fde34fe Bump hosted-git-info from 2.8.5 to 2.8.9 (dependabot[bot])
- 2021-05-14 8f507d6 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-05-14 a5d1bb9 Bump npm-registry-fetch from 4.0.2 to 4.0.7 (dependabot[bot])
- 2021-05-14 04e2d42 Bump node-sass from 4.13.0 to 4.14.1 (dependabot[bot])
- 2021-04-07 d7c4ad9 Bump ini from 1.3.5 to 1.3.8 (dependabot[bot])
- 2021-04-07 0a98ad2 Bump bin-links from 1.1.3 to 1.1.8 (dependabot[bot])
- 2021-04-07 b85e65b Bump dot-prop from 4.2.0 to 4.2.1 (dependabot[bot])
- 2021-04-07 5ecb37f Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
-
silverstripe/comments (3.5.0 -> 3.6.0)
-
silverstripe/recipe-collaboration (1.8.0 -> 1.9.0)
- 2021-08-29 61a51a7 Update dependency versions (Steve Boyd)
-
silverstripe/contentreview (4.2.0 -> 4.3.0)
- 2021-08-08 53209b9 Bump tar from 2.2.1 to 2.2.2 (dependabot[bot])
- 2021-08-05 21aebc4 Bump node-sass from 4.5.3 to 4.14.1 (dependabot[bot])
- 2021-08-05 aa019ea Bump ini from 1.3.4 to 1.3.8 (dependabot[bot])
- 2021-05-14 63e500e Bump is-my-json-valid from 2.16.1 to 2.20.5 (dependabot[bot])
- 2021-05-12 ce9ae1d Bump merge from 1.2.0 to 1.2.1 (dependabot[bot])
- 2021-05-10 497e8eb Bump hosted-git-info from 2.5.0 to 2.8.9 (dependabot[bot])
- 2021-05-07 9c4b558 Bump ua-parser-js from 0.7.14 to 0.7.28 (dependabot[bot])
- 2021-03-30 30cf99e Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 4944a14 Bump elliptic from 6.4.0 to 6.5.4 (dependabot[bot])
-
silverstripe/sharedraftcontent (2.4.0 -> 2.5.0)
- 2021-08-08 a9858b5 Bump node-sass from 4.13.0 to 4.14.1 (dependabot[bot])
- 2021-08-08 3906f66 Bump url-parse from 1.4.7 to 1.5.3 (dependabot[bot])
- 2021-08-08 a2d44cd Bump ua-parser-js from 0.7.20 to 0.7.28 (dependabot[bot])
- 2021-08-05 be19319 Bump npm from 6.13.4 to 6.14.14 (dependabot[bot])
- 2021-06-06 a5ab724 Bump ws from 6.2.1 to 6.2.2 (dependabot[bot])
- 2021-05-10 ac34e5b Bump hosted-git-info from 2.8.5 to 2.8.9 (dependabot[bot])
- 2021-05-09 00e7219 Bump lodash from 4.17.15 to 4.17.21 (dependabot[bot])
- 2021-03-30 6372b33 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 bafecb1 Bump elliptic from 6.5.1 to 6.5.4 (dependabot[bot])
-
symbiote/silverstripe-advancedworkflow (5.4.0 -> 5.5.0)
-
silverstripe/recipe-form-building (1.8.0 -> 1.9.0)
-
silverstripe/segment-field (2.3.0 -> 2.4.0)
- 2021-06-05 bbadba6 Bump ws from 6.2.1 to 6.2.2 (dependabot[bot])
- 2021-05-10 b073ad0 Bump hosted-git-info from 2.8.8 to 2.8.9 (dependabot[bot])
- 2021-05-09 8c9484b Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-04-30 b771e34 Bump ssri from 6.0.1 to 6.0.2 (dependabot[bot])
- 2021-03-30 e834d80 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 f710cbd Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
-
silverstripe/userforms (5.9.0 -> 5.10.0)
- 2021-06-05 9c1f935 Bump ws from 6.2.1 to 6.2.2 (dependabot[bot])
- 2021-05-14 19a185d Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-05-14 e866b09 Bump hosted-git-info from 2.8.5 to 2.8.9 (dependabot[bot])
- 2021-05-14 9fcfe23 Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
- 2021-03-30 78a49b9 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-11 f1fb087 Bump npm from 6.13.4 to 6.14.11 (dependabot[bot])
-
silverstripe/recipe-reporting-tools (1.8.0 -> 1.9.0)
- 2021-08-29 67a9cfd Update dependency versions (Steve Boyd)
-
silverstripe/recipe-services (1.8.0 -> 1.9.0)
- 2021-08-29 c370c86 Update dependency versions (Steve Boyd)
-
silverstripe/recipe-content-blocks (2.8.0 -> 2.9.0)
-
dnadesign/silverstripe-elemental (4.6.0 -> 4.7.0)
-
silverstripe/elemental-fileblock (2.1.2 -> 2.2.0)
- 2021-01-26 1958c77 PHP8 Support, remove branch alias (Steve Boyd)
-
silverstripe/elemental-bannerblock (2.2.1 -> 2.3.0)
- 2021-03-30 56d3784 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
-
silverstripe/recipe-solr-search (2.8.0 -> 2.9.0)
-
silverstripe/totp-authenticator (4.1.1 -> 4.2.0)
- 2021-08-05 0b08f28 Bump ws from 5.2.2 to 5.2.3 (dependabot[bot])
- 2021-05-14 c4f4fe1 Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-05-10 58cfa12 Bump hosted-git-info from 2.8.8 to 2.8.9 (dependabot[bot])
- 2021-05-07 4568894 Bump handlebars from 4.5.1 to 4.7.7 (dependabot[bot])
- 2021-03-30 8b13f4a Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 09a2e13 Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
- 2020-12-11 5f52065 Bump ini from 1.3.5 to 1.3.7 (dependabot[bot])
- 2020-11-11 c5fd81f Bump dot-prop from 4.2.0 to 4.2.1 (dependabot[bot])
-
silverstripe/mfa (4.3.0 -> 4.4.0)
- 2021-08-05 f31c85a Bump ws from 5.2.2 to 5.2.3 (dependabot[bot])
- 2021-05-14 5cf337d Bump ini from 1.3.5 to 1.3.8 (dependabot[bot])
- 2021-05-11 638148f Bump hosted-git-info from 2.8.8 to 2.8.9 (dependabot[bot])
- 2021-05-11 52ce62f Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-05-09 35eb656 Bump handlebars from 4.7.6 to 4.7.7 (dependabot[bot])
- 2021-05-07 2667e73 Bump ua-parser-js from 0.7.20 to 0.7.28 (dependabot[bot])
- 2021-04-01 6dadc43 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-10 dfc08a5 Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
-
silverstripe/crontask (2.2.0 -> 2.3.0)
- 2021-08-05 2ccad81 php 8 requirement too narrow (Steve Boyd)
-
silverstripe/ckan-registry (1.2.0 -> 1.3.0)
- 2021-05-10 66b90b8 Bump hosted-git-info from 2.8.5 to 2.8.9 (dependabot[bot])
- 2021-05-07 38b6e34 Bump url-parse from 1.4.7 to 1.5.1 (dependabot[bot])
- 2021-05-07 e75e844 Bump handlebars from 4.5.1 to 4.7.7 (dependabot[bot])
- 2021-05-06 da3ab3a Bump ua-parser-js from 0.7.20 to 0.7.28 (dependabot[bot])
- 2021-03-30 973429b Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 adc04ba Bump elliptic from 6.5.1 to 6.5.4 (dependabot[bot])
- 2020-06-06 8e56dbb Bump websocket-extensions from 0.1.3 to 0.1.4 (dependabot[bot])
-
silverstripe/webauthn-authenticator (4.2.0 -> 4.3.0)
- 2021-08-05 6d4eea7 Bump ws from 5.2.2 to 5.2.3 (dependabot[bot])
- 2021-05-10 4b48b24 Bump hosted-git-info from 2.8.8 to 2.8.9 (dependabot[bot])
- 2021-05-08 23033b1 Bump lodash from 4.17.20 to 4.17.21 (dependabot[bot])
- 2021-05-07 32e9eab Bump handlebars from 4.7.6 to 4.7.7 (dependabot[bot])
- 2021-03-30 5ee0fa1 Bump y18n from 3.2.1 to 3.2.2 (dependabot[bot])
- 2021-03-09 1414320 Bump elliptic from 6.5.3 to 6.5.4 (dependabot[bot])
-
silverstripe/recipe-ccl (2.8.0 -> 2.9.0)
- 2021-05-19 630511b Update dependencies for CMS 4.8 (#19) (Andre Kiste)
Documentation
-
silverstripe/assets (1.8.0 -> 1.9.0)
- 2021-03-19 4064bb0 Update PHPDoc for Upload_Validator::setAllowedMaxFileSize to reflect that a string can be provided (Maxime Rainville)
-
silverstripe/framework (4.8.0 -> 4.9.0)
- 2021-09-06 00e29758f Add information regarding Security::setCurrentUser() (Steve Boyd)
- 2021-08-26 b38b27fad Add SwiftMailer to changelog (Steve Boyd)
- 2021-08-23 a2f850d65 Add email section to server requirements (Steve Boyd)
- 2021-08-18 c59ef273e incorrect php version reference (brynwhyman)
- 2021-08-17 2838625a0 Add extra detail to the Image Lazy Loading doc (#10049) (Maxime Rainville)
- 2021-08-15 e78a93588 Add session-manager to changelog (Steve Boyd)
- 2021-08-10 0128bbd80 core committer onboarding proccess (brynwhyman)
- 2021-08-04 0c998fc5c Add Michal Kleiner as core committer (Aaron Carlino)
- 2021-07-17 c8c7ee4a0 better docblock for TinyMCEConfig::removeButtons (Nicolaas)
- 2021-06-30 fdbd89976 Update SilverStripe to Silverstripe CMS (Michael Pritchard)
- 2021-06-30 29320841c improve graphql inheritance docs (Aaron Carlino)
- 2021-06-30 0537e769f Fix line break (Aaron Carlino)
- 2021-06-30 f3e1cd459 new union and interface inheritance pattern (#9912) (Aaron Carlino)
- 2021-06-24 b5a1024b1 update SilverStripe to Silverstripe (Michael Pritchard)
- 2021-06-22 53ef257ff update SilverStripe to Silverstripe (Michael Pritchard)
- 2021-06-08 ecd58cbc6 Remove stray 3.x changelogs (Ingo Schommer)
- 2021-06-08 f1f946296 Add recipe version (Steve Boyd)
- 2021-06-08 1fc1e71bb Tweak 4.8.0 changelog GraphQL entry (Maxime Rainville)
- 2021-06-08 d5d9f4fd4 Changelog for 4.8.0 (Steve Boyd)
- 2021-06-01 fa3c5e6fe Clearer sysadmin guidance for "packaging" (#9960) (Ingo Schommer)
- 2021-06-01 6e13600a8 Update pattern library link to point to new repo (Maxime Rainville)
- 2021-05-20 8c9e203f1 4.9.0 changelog with dot notation changes (Ingo Schommer)
- 2021-05-20 99c56fc91 Handling nested form data (Ingo Schommer)
-
silverstripe/versioned-admin (1.8.0 -> 1.9.0)
- 2020-10-01 936a54f include userhelp link in versioned readme (brynwhyman)
-
silverstripe/session-manager (0.1.1 -> 1.1.0)
-
silverstripe/recipe-content-blocks (2.8.0 -> 2.9.0)
- 2021-08-25 01fd174 Remove reference to SilverStripe and CWP (Maxime Rainville)
Other changes
-
silverstripe/recipe-kitchen-sink (4.8.0 -> 4.9.0)
-
silverstripe/assets (1.8.0 -> 1.9.0)
- 2021-07-16 627be98 PATCH: fix docblock for FIle::find (Nicolaas)
- 2021-07-08 576fd35 Remove ability to set loading state with 'eager'/'lazy' string (Maxime Rainville)
- 2021-07-06 f0695d2 Update pre-existing test to work with new image syntax (Maxime Rainville)
- 2021-07-06 bc7a718 Tweak casting settings (Maxime Rainville)
- 2021-07-06 c0844ea Silly typo fix (Maxime Rainville)
-
silverstripe/config (1.1.0 -> 1.2.0)
-
silverstripe/framework (4.8.0 -> 4.9.0)
- 2021-10-05 d66b64b6a Update translations (Maxime Rainville)
- 2021-08-26 5ee6fa5ef Update translations (Maxime Rainville)
- 2021-08-22 c8d1b4988 Adding spider food for SEO purposes. (Patrick Nelson)
- 2021-08-06 6e8a39056 Change SilverStripe to Silverstripe CMS (Michael Pritchard (HEIW))
- 2021-08-02 cacd76235 Avoid "new" keyword to instantiate CompositeValidator (GuySartorelli)
- 2021-07-13 3e2ca3027 destroy session on logout instead of restarting it (Florian Thoma)
- 2021-07-08 03b43227a Update 02_Images.md (Steve Boyd)
- 2021-07-01 8225b2e89 Update 02_Images.md (Andre Kiste)
- 2021-06-25 b6d12bc14 Add docs for lazy loading (André Kiste)
- 2021-06-21 62a74e97c Instructions Memcached change (Remy Vaartjes)
- 2021-05-31 843671d10 [doc] Add additional information required to run the test (Pen y Fan)
- 2021-05-31 bba872e02 [doc] Update to Silverstripe 4 convention (Pen y Fan)
- 2021-05-31 44c30aea2 META: Publish docs on updates to 3 branch, not 3.7 (Aaron Carlino)
- 2021-05-20 7a0d35452 Linter fixes (Ingo Schommer)
- 2021-05-20 8806b3bef Fixes required for dot notation support in fields (Ingo Schommer)
- 2021-05-19 ebdbbfd59 Update 04_Shortcodes.md (chromos33)
- 2021-05-16 3a49759c0 Update 09_Casting.md (Manuel Thalmann)
- 2021-05-16 293f7e9d0 Update 06_Themes.md (Manuel Thalmann)
- 2021-05-16 0d649e0dd Update 05_Template_Inheritance.md (Manuel Thalmann)
- 2021-05-16 deb767d9f Update 03_Requirements.md (Manuel Thalmann)
- 2021-05-16 64d569ee0 Update 02_Common_Variables.md (Manuel Thalmann)
- 2021-05-16 a1ace4229 Update 01_Syntax.md (Manuel Thalmann)
- 2021-05-16 c3ff7a417 Update index.md (Manuel Thalmann)
- 2021-05-14 4de89323f Update Grouping_DataObject_Sets.md (Manuel Thalmann)
- 2021-05-14 e37188da4 Revert unnecessary change (Manuel Thalmann)
- 2021-05-14 4f57bd94d Apply further suggestion (Manuel Thalmann)
- 2021-05-14 42f0957bd Update Dynamic_Default_Fields.md (Manuel Thalmann)
- 2021-05-14 ff7654db1 Update 11_Scaffolding.md (Manuel Thalmann)
- 2021-05-14 b0cdff361 Apply suggestions (Manuel Thalmann)
- 2021-05-14 ac7cbef6b Update 10_Versioning.md (Manuel Thalmann)
- 2021-05-14 ff9fc2846 Update 08_SQL_Select.md (Manuel Thalmann)
- 2021-05-13 ed50c1b94 Update docs/en/02_Developer_Guides/00_Model/02_Relations.md (Manuel Thalmann)
- 2021-05-13 8c0efd398 Extension hooks for CsvBulkLoader (Ingo Schommer)
- 2021-05-11 e7e586b8c Update 01_Validation.md (Daniel Pina)
- 2021-05-05 b6a31d922 Update 01_ModelAdmin.md (Daniel Pina)
- 2020-09-21 23ffd2bbd Linting fix (Dan Hensby)
-
silverstripe/mimevalidator (2.1.1 -> 2.2.0)
-
silverstripe/admin (1.8.0 -> 1.9.0)
-
silverstripe/asset-admin (1.8.0 -> 1.9.0)
-
silverstripe/campaign-admin (1.8.0 -> 1.9.0)
- 2021-08-05 5733dff Add hook (#205) (Alex Saelens)
-
silverstripe/versioned-admin (1.8.0 -> 1.9.0)
-
silverstripe/cms (4.8.0 -> 4.9.0)
- 2021-10-05 9f7262f9 Update translations (Maxime Rainville)
- 2021-08-26 8cbc6d21 Update translations (Maxime Rainville)
- 2021-07-16 10e2c1f2 PATCH: docblock for return value fixed for get_by_link (Nicolaas)
- 2021-05-24 8438bf98 Remove broken versioneye badges (Ingo Schommer)
- 2021-05-07 ed4ff6ea BUGFIX: Ensure SiteTree is always available in the CMS, along with ancestors (Aaron Carlino)
- 2021-04-06 85c3b109 UPDATE generate canonical via MetaComponents (Nic Horstmeier)
-
silverstripe/errorpage (1.8.0 -> 1.9.0)
-
silverstripe/siteconfig (4.8.0 -> 4.9.0)
-
silverstripe/versioned (1.8.0 -> 1.9.0)
- 2021-09-07 c97131a BUGFIX: Ensure scalar plugin is assigned to Version field (Aaron Carlino)
- 2021-08-26 ee5b708 Update translations (Maxime Rainville)
- 2021-06-24 32b7282 Ensure versioning is applied before inheritance (Aaron Carlino)
- 2021-05-24 c6ca052 Remove broken versioneye badges (Ingo Schommer)
-
silverstripe/graphql (3.5.0 -> 3.6.0)
-
silverstripe/session-manager (0.1.1 -> 1.1.0)
- 2021-10-05 fbf5aac Update translations (Maxime Rainville)
- 2021-08-26 f227681 Update translations (Maxime Rainville)
- 2021-06-28 5e14993 Downscale image (André Kiste)
- 2021-06-28 cada525 Build docs on 1 instead of master (Andre Kiste)
- 2021-06-15 268facc Refer to sessions correctly, instead of devices. (#71) (Andre Kiste)
- 2021-06-08 7852e7a Improve transition when removing login sessions (André Kiste)
-
silverstripe/login-forms (4.4.1 -> 4.5.0)
-
silverstripe/blog (3.7.0 -> 3.8.0)
-
silverstripe/contentreview (4.2.0 -> 4.3.0)
- 2021-05-14 c89a759 Add test (Daniel Hensby)
-
symbiote/silverstripe-advancedworkflow (5.4.0 -> 5.5.0)
- 2021-07-19 9f3a5f8 $this-&gt;extend() doesn't exist, add extensible (azt3k)
-
silverstripe/userforms (5.9.0 -> 5.10.0)
- 2021-10-05 aa4e892 Update translations (Maxime Rainville)
- 2021-08-26 62b726e Update translations (Maxime Rainville)
- 2021-07-19 63a1d1d BUGFIX: Fixed issue causing the regex on windows to throw an error due to escaping of the parenthesis caused by DIRECTORY_SEPARATOR (UndefinedOffset)
- 2021-06-22 80c3d2e Update de_DE.yml (chromos33)
- 2021-04-12 b01d296 Avoids reply to address being set to empty, if reply to field value is empty (James Cocker)
- 2021-04-06 34883ad Add testing (Bauke Zwaan)
- 2021-03-12 fad372d Only add attachments when HideFormData-setting is not set for this recipient (Bauke Zwaan)
-
silverstripe/versionfeed (2.0.3 -> 2.1.0)
- 2021-10-05 52f303d Update translations (Maxime Rainville)
- 2021-08-26 b4ce6ca Update translations (Maxime Rainville)
- 2021-01-21 42ea538 Update build status badge (Steve Boyd)
- 2019-12-19 8de3ec1 META: Add github action to build docs (Aaron Carlino)
- 2018-06-15 9065f82 Add supported module badge to readme (Dylan Wagstaff)
-
dnadesign/silverstripe-elemental (4.6.0 -> 4.7.0)
- 2021-08-05 cfddd7d Patch 2 (#919) (Nicolaas)
- 2021-07-04 e8dce69 BUGFIX: Ensure graphql3 compat in type name generation (#912) (Aaron Carlino)
- 2021-06-17 2ca448b Add config to disable the content search in ElementSiteTreeFilterSearch (Alexandre)
- 2021-05-19 9035ae4 ADD test for ignored_classes being respected when migrating content. (Guy Sartorelli)
-
silverstripe/elemental-fileblock (2.1.2 -> 2.2.0)
-
silverstripe/elemental-bannerblock (2.2.1 -> 2.3.0)
-
silverstripe/totp-authenticator (4.1.1 -> 4.2.0)
-
silverstripe/crontask (2.2.0 -> 2.3.0)
- 2021-08-05 5c123a9 Update php constraint to ^7.1 || ^8 (Mason Dechaineux)
-
silverstripe/gridfieldqueuedexport (2.4.0 -> 2.5.0)
- 2021-06-08 9f5396e Apply filters when exporting (ishan jayamanne)
-
silverstripe/realme (4.1.0 -> 4.1.1)
- 2021-04-26 c0e1674 Update configuration.md (torleif)
-
silverstripe/hybridsessions (2.2.1 -> 2.3.0)