Skip to content
Compare
Choose a tag to compare

Maintenance release for Backdrop CMS. This update contains bug fixes only. An update hook was incorrectly included in the 1.22.1 version that advised removing Entity Reference module. That update was intended to be part of Backdrop 1.23.0, which will be released September 15, 2022. The incorrect update message was removed in this version.

Please see the release notes for 1.22.1 if you have not previously updated to that version.

Notes for updating

  • The database update script does not need to be run.
  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.

Changes since version 1.22.1 are listed below.

Compare
Choose a tag to compare

Security release for Backdrop CMS. This release fixes 1 security vulnerability:

Notes for updating

  • It will be necessary to run the update script (located at /core/update.php) for this release.
  • No crucial changes have been made to the .htaccess, robots.txt or default settings.php files in this release. However, examples and documentation about how to use the new file_additional_public_schemes configuration value have been added to the default settings.php file. Updating your site settings.php with this documentation is optional.

Important information

Sites that use modules that provide alternative file systems (or "stream wrappers"), such as the S3 or remote file system module, may be affected by changes in this release. Backdrop now treats these alternative file systems as private by default. If a module intentionally wishes to serve files with no access checking or management by Backdrop, the module must now implement hook_file_download().

Since contributed modules that provide alternative stream wrappers might not be updated immediately for this security release, site owners may also specify which stream wrappers should be treated as public stream wrappers (with no access control). If content from a stream wrapper on your site stops working after this update, you can add the following line to settings.php:

$config['system.core']['file_additional_public_schemes'] = array('example');

...where example is replaced by the name of the affected stream wrapper. (For example, s3 or https.) The name of the stream wrapper will depend on the affected module and its configuration.

If you encounter this problem, please also verify or submit an issue in the module's queue to implement hook_file_download() for this security advisory.

Changes since version 1.22.0 are listed below.

Bug fixes

  • Fixed: Custom logo/favicon should have 'permanent' status. #5660
  • Added flood protection to the Password Reset form. #5659
  • Fixed: PHP Notice: Undefined index: header in bartik_preprocess_layout(). #5652
  • Fixed: PHP Notice: Undefined variable: links in node_revision_overview(). #5649
  • Fixed: When upgrading from Drupal 7, the required File module should be automatically enabled. #5648
  • Fixed: Unable to removing custom contexts from layouts. #5645
  • Fixed: PHP Notice: Undefined offset: 0 in views_many_to_one_helper->ensure_my_table. #5643
  • Fixed: Display the 'broken block' notice when fields blocks for deleted fields are displayed. #5627
  • Fixed: Bulk Operations displayed should always match the entity selected for the operations. #5603
  • Fixed: The configuration diff page throws an error if visited directly (which not intended). #5559
  • Fixed: Views hooks are not invoked without a defined path in hook_views_api(). #5512
  • Fixed: PHP 8.1 support for Default layouts (when path is NULL). #5501
  • Fixed: Incorrect context data passed by LayoutRelationshipAuthorFromNode. #5482
  • Fixed: Only print class attributes when attribute values are provided (no more class=""). #4977
  • Fixed: Drupal 7 upgrade path must include setting for 'Error messages to display'. #4364
  • Fixed: PHP notice: Undefined index in theme_get_setting(). #3981

User Experience Improvements

  • A11y: Remove automatic focus on node form title fields. #5386
  • People without permission to "Administer Book Outlines" can see the "Book outline" tab. #5626
  • Change cursor to a hand when hovering over a button #5601
  • Update hook descriptions should not have special characters removed. #4610
  • Style "The update process was aborted prematurely..." message, as an error. #5392
  • Choose better names for Admin Bar components, and add descriptions. #5284
  • Choose a better default value for the 'Site name' setting, when installing Backdrop. #4675

Documentation and Developer Experience Improvements

  • Fixed function description in docblock for system_theme_settings(). #5315
  • Updated documentation for hook_schema_alter(). #3129
  • Update docblock for template_preprocess_page(): correct the reference to system_element_info(). #4779

Miscellaneous changes

  • Update the html5shiv library to version 3.7.3. #3880
  • Add a views field for Menu link ID for books. #5565
  • Optimize path_admin_form(): Avoid calling url() multiple times. #4963
Compare
Choose a tag to compare

Security release for Backdrop CMS. This release fixes 1 security vulnerability only:

Changes since version 1.21.5

Notes for updating

  • The database update script does not need to be run.
  • No crucial changes have been made to the .htaccess, robots.txt or default settings.php files in this release. However, examples and documentation about how to use the new file_additional_public_schemes configuration value have been added to the default settings.php file. Updating your site settings.php with this documentation is optional.

Important information

Sites that use modules that provide alternative file systems (or "stream wrappers"), such as the S3 or remote file system module, may be affected by changes in this release. Backdrop now treats these alternative file systems as private by default. If a module intentionally wishes to serve files with no access checking or management by Backdrop, the module must now implement hook_file_download().

Since contributed modules that provide alternative stream wrappers might not be updated immediately for this security release, site owners may also specify which stream wrappers should be treated as public stream wrappers (with no access control). If content from a stream wrapper on your site stops working after this update, you can add the following line to settings.php:

$config['system.core']['file_additional_public_schemes'] = array('example');

...where example is replaced by the name of the affected stream wrapper. (For example, s3 or https.) The name of the stream wrapper will depend on the affected module and its configuration.

If you encounter this problem, please also verify or submit an issue in the module's queue to implement hook_file_download() for this security advisory.

e6aae12
Compare
Choose a tag to compare

The Backdrop community is pleased to present the 1.22.0 release.

Notes for updating

  • Note that the .htaccess file has been modified in this release compared with 1.21.4. It is suggested to copy changes from this latest version into your copy.
  • No changes have been made to the robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • It will be necessary to run the update script (located at /update.php) for this release.

Very important: This version of Backdrop now requires PHP 5.6 or higher. Previous versions of Backdrop supported anything from 5.3 or higher, so if your site is running one of these very old installations of PHP, you will need to upgrade your server prior to upgrading.

Changes since version 1.21.4 are listed below.

New features

  • Provide "Cards" by default – a new hidden-path content type (for new installations). #4903
  • Add a new component to the Admin Bar with information about the current page. #2626
  • Allow blocks to be disabled in Layouts. #1936
  • Configure default date formats based on timezone/country (for new installations). #4645
  • Add a new cropped image style specifically for cards (for new installations). #5607
  • Add the ability to enable Backdrop-only required modules during an upgrade from Drupal 7. #5499
  • Add a warning flag in the Status report if there are duplicate copies of a module. #5464
  • Add various UI improvements in the Book module. #5331
  • Add a link in the module browser to each module's BackdropCMS.org project page. #5003
  • Add a setting to specify which Views display(s) get created by default. #2978

Bug fixes

  • Fix incorrect links to GitHub in module browser for core modules. #5623
  • Fix views-related tests after recent changes for default Cards functionality. #5615
  • Fix default sort order for front page card view. #5608
  • Fix extraneous gray stripe left over when removing Cards grid. #5599
  • Fix output buffer notices. #5594

Miscellaneous changes

  • Add new screenshot for Basis which includes the new Cards content. #5621
  • Remove unnecessary path pattern for Cards. #5597
  • Add description text to the 'Administer custom blocks' permission. #5544
  • Drop support for PHP versions less than 5.6. #3992
  • Separate "Administer comments and comment settings" into two distinct permissions. #336
98cf08b
Compare
Choose a tag to compare

Maintenance release for Backdrop CMS. This update contains bug fixes and usability improvements only.

Notes for updating

  • Note that the .htaccess file has been modified in this release compared with 1.21.4. It is suggested to copy changes from this latest version into your copy.
  • No changes have been made to the robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • The database update script does not need to be run.

Changes since version 1.21.4 are listed below.

Bug fixes

  • Fixed: ViewsUpgradeTestCase is (partly) obsolete. #5620
  • Fix main class and add more space to bottom of admin theme (Seven). #5600
  • Fix: Contextual menu blocks access to dismiss link on notifications. #5595
  • Fixed: Backdrop fails to alert admin user to rebuild content access permissions. #5589
  • Fixed: 'Page not found' when trying to delete field attached to a non-node entity type. #5580
  • Fixed: Generated .htaccess file missing newline at EOF. #5579
  • Fixed: Documentation clarification on system_settings_form. #5574
  • Fixed: deprecated function taxonomy_get_term_by_name() does not return any value. #5570
  • Fixed: Admin bar's 'search' component doesn't work if 'menu' component is disabled. #5567
  • Add better description text for administer layouts. #5552
  • Fixed: Views cache causes validation errors. #5551
  • Fixed: The layout context system is called way too many times. #5483
  • Fixed: [UX] Clean up English on number form validation failure. #5264
  • Fixed: Dashboard: Either hide the "Check manually" button, or the entire "Available updates" block, if user doesn't have the required permission. #5213
  • Fixed: Number field #max values allow settings impossible to save in the database, causing exceptions. #4751
  • Fixed: [UX] Admin Bar drop-downs go off-screen. #4549
  • Fixed: With multiple image fields, only one thumbnail shows up per save. #4284
  • Fixed: File Settings form supports tokens but doesn't display them. #4257
  • Fixed: Redirect from cron.php to core/cron.php is too greedy (.htaccess change). #3903
  • Fixed: [UX] Increase the width of the admin bar search results list (so that fewer results wrap in two lines). #1001

Documentation updates

  • Add Documentation for hook_schema_0(). #5560

User Experience improvements

  • Added: Improve the styling of color input elements in the admin theme. #4155
  • Add: Modify .htaccess to allow backdrop to serve .well-known URIs. #5583
  • [UX] Provide details about why a permission 'has security implications'. #5536
  • Added: "Show as Expanded" help text needs revising. #5397
  • Added: Distinguish layout-created/module-provided/missing-callback paths on the layout listing page. #5077
  • Added: [UX] Show a message when viewing hidden/pageless content. #3339
  • Added: [UX] Views: Update help text for option to create exposed form block. #1322
Compare
Choose a tag to compare

1.22.0-preview

Pre-release
Pre-release

The Backdrop community is pleased present the 1.22.0 preview release. This version of Backdrop is intended for developers who would like to try out the latest version of Backdrop, try new features, and check for bugs prior to the final release of 1.22.0, which will be May 15, 2022.

Note that the .htaccess file has been modified in this release compared with 1.21.4. It is suggested to copy changes from this latest version into your copy.

Very important: This version of Backdrop now requires PHP 5.6 or higher. Previous versions of Backdrop supported anything from 5.3 or higher, so if your site is running one of these very old installations of PHP, you will need to upgrade your server prior to upgrading.

New features

  • Provide a new hidden-path ("Card") content type in core #4903
  • Create a new cropped image style specifically for cards #5607
  • Layout UI: Allow blocks to be disabled/hidden instead of removed. #1936
  • Add links for quick access to editing things like the layout, theme, etc. of the current page #2626
  • Configure default date formats based on timezone/country. #4645
  • Enabling Backdrop-only required modules (e.g., Entity Plus) during upgrade from D7 #5499
  • Status Report should flag duplicate module installs #5464
  • UI improvements to Book module #5331
  • Add a link to the BackdropCMS.org page on module list for each module #5003
  • Customize "Add Block" and "Add Page" defaults when creating a new View #2978

Miscellaneous changes

  • Drop support for PHP lower than 5.6 (or establish best-effort policy) #3992
  • "Administer comments and comment settings" should be split into two permissions #336
  • Add better description text for administer blocks #5544
Compare
Choose a tag to compare

Security release for Backdrop CMS. This release includes several bug fixes, and fixes 1 security vulnerability:

Notes for updating

  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • The database update script does not need to be run.

Changes since version 1.21.3 are listed below.

  • Fixed: Administrator Role form saves wrong value on sites with numeric role machine name #5528
  • Fixed: Cached anonymous page and "background fetch" cause site rendering issues for LiteSpeed server #5525
  • Fixed grammar error in Views row class description text #5143
  • Fixed TaxonomyTerm Not Creating Term Hierarchy Reference #5540
  • Fixed: Detect LightSpeed/OpenLightSpeed and IIS servers for telemetry data #5524
  • [UX] Moved the 'Clear log messages' button to the bottom of the page #5484
  • Removed duplicate selectors in Seven's Vertical Tabs CSS file #4834
Compare
Choose a tag to compare

Security release for Backdrop CMS. This release fixes 1 security vulnerability:

Notes for updating

  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • The database update script does not need to be run.
Compare
Choose a tag to compare

Security release for Backdrop CMS. This release fixes 1 security vulnerability:

Notes for updating

  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • The database update script does not need to be run.

Changes since 1.21.2

Compare
Choose a tag to compare

Security release for Backdrop CMS. This release fixes 1 security vulnerability:

Notes for updating

  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • The database update script does not need to be run.