1.10.1

@jenlampton jenlampton released this May 30, 2018 · 26 commits to 1.x since this release

This is the first bug-fix release for Backdrop 1.10. It cleans up a few new features added, and improves the user and developer experience. Complete list of changes below.

No changes were made to files outside the core directory.

The database update script (update.php) does not need to be run for this release.

  • Issue #3130: Check that a load callback exists before calling.
  • Issue #1951: Fixed: field_validate_field() message assumes a field is being created.
  • Issue #2681: Show menu local tasks when managing display modes.
  • Issue #3135: Fix version checking for dev releases and in installer.
  • Issue #3150: Reduce messages shown when scheduling content.
  • Issue #3035: Added ability to override Body field being added to new content types.
  • Issue #3104: BackdropWebTestCase::assertOption should work on select fields with optgroups.
  • Issue #3133: Update three database queries for better compatibility.
  • Issue #2295: Clearfix rich text areas in case of floated content.
  • Issue #984: Fixed: Manually installed layout templates should not require a cache clear.
  • Issue #2541: Project Installer: Modules "remembered” even if enabled.
  • Issue #3120: Remove unclear explanation text.
  • Issue #3070: Clarify multilingual options on node form.
  • Issue #3125: Fix Undefined index: description in block info.
  • Issue #3123: Hide the langcode markup for menu itsms if language module is not enabled.

1.10.0

@jenlampton jenlampton released this May 15, 2018 · 27 commits to 1.x since this release

After another 4 months of new feature development, we're pleased to release Backdrop 1.10.0! This version of Backdrop adds exciting new functionality to Backdrop CMS, including:

  • Scheduled publishing: Content can now be scheduled, and will be automatically published in the future.
  • Comment auto-closing: Comments can now be configured to close automatically after a period of time. Useful if discussion on content usually only happens for a few weeks after the initial publishing, then closes afterwards to limit spam.
  • Inline file uploading: In addition to inline image uploading that was already supported, editors may now upload files of configured types directly into the rich text editor and create a link to them.
  • Translatable menu items: Menus may now be translated into multiple languages. This functionality is built into Menu module directly, and becomes available if Locale module enabled.
  • Translatable blocks: Blocks also now have native translation capabilities. This functionality is built into Block module directly, and becomes available if Locale module is enabled.

Version 1.10.0 also includes a number of other minor improvements, and it combines all previous updates. See the complete list below. You may upgrade to 1.10.0 from any previous version of Backdrop.

It will be necessary to run the update script (located at /update.php) for this release.

Updates have been made to the .htaccess file located outside the /core directory, but replacing your copy is not necessary. We've added an example on how to redirect traffic from http to https, as follows:

# To redirect all users to access the site using a SSL/https certificate,
# uncomment the following:
# RewriteCond %{HTTPS} !=on
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

No other files outside the /core directory have been modified in this release.

Changes since 1.9.6

  • Issue #3100: Allow page to build without menu langcode.
  • Issue #3113: Add interval to scheduled content message.
  • Issue #3083: Auto-prefix link URLs with http if needed.
  • Issue #3085: Link external URLs incorrectly have base path removed.
  • Issue #3101: Add file types and max file size to inline file upload description.
  • Issue #3102: Improve UI for comment closer override.
  • Issue #3073: Decouple Node from Date module.
  • Issue #2493: Upgrade jQuery UI to 1.12.1.
  • Issue #2926: Hide comments section when no comments.
  • Issue #3058: Added token support to 'maintenance mode message' field.
  • Issue #3079: Hide task list from update.php when anonymous.
  • Issue #2694: Add easy-to-enable HTTPS redirect rules in .htaccess.
  • Issue #3076: Ensure the node type status is correct.
  • Issue #2475: Allow override display renderer.
  • Issue #3052: Draggable contact categories.
  • Issue #857: Add scheduled publication of nodes.
  • Issue #225: Make menu items translatable.
  • Issue #2956: Add translation capabilities to custom blocks.
  • Issue #2072: Extend link dialog to include a file upload option.
  • Issue #2722: Add description field to custom blocks.
  • Issue #3001: Option to automatically close comments.
  • Issue #2987: Check for valid file admin config before attempting to update it.
  • Issue #2973: Module page search should work on category names.
  • Issue #3040: Show a theme screenshot in the installer
  • Issue #3032: Use new JS APIs for detecting timezone more accurately.
  • Issue #496: Create database during installation if possible.
  • Issue #3045: Update install.sh for password field changes.
  • Issue #297: Separate password confirm from strength indicator. Add show/hide password.

Backdrop 1.10.0 also includes all fixes that were in the 1.9.6 release, which was released in tandem. If upgrading from 1.9.5, the following additional fixes have been made:

Changes since 1.9.5

  • Issue #2507: Fix database prefix in UI installer.
  • Issue #3090: Removing missing source map line.
  • Issue #2085: Tableselect.js affects checkboxes that should not be selected.
  • Issue #3066: Brighter colours for enabled/disabled module requirements.
  • Issue #2542: Merging custom colors into the default color array, so that when you add a new color to the theme, it will show up in the UI.
  • Issue #3004: When a context is not provided by the menu router, add one from provided layout info.
  • Issue #3071: Add vertical space below fieldset description.
  • Issue #3080: Avoid random failures in PHP 5.3.
  • Issue #2948: Add support for PHP 7.2.
  • Issue #3068: Make comment setting description text more friendly.
  • Issue #3064: Add a button-danger class to the Clear log messages button for dblog.

1.9.6

@jenlampton jenlampton released this May 15, 2018 · 96 commits to 1.x since this release

This is the final release of the 1.9.x minor version, containing all current fixes for the 1.9.x branch. Backdrop 1.10.0 is being released in tandem with 1.9.6, and users are encouraged to upgrade to that version. Upgrading to 1.9.6 is not necessary, you may upgrade directly from any previous version of Backdrop directly to the latest release.

No changes were made to any files outside the /core directory in this release.

The update script (located at update.php) does not need to be run for this release.

Changes since 1.9.5

  • Issue #2507: Fix database prefix in UI installer.
  • Issue #3090: Removing missing source map line.
  • Issue #2085: Tableselect.js affects checkboxes that should not be selected.
  • Issue #3066: Brighter colours for enabled/disabled module requirements.
  • Issue #2542: Merging custom colors into the default color array, so that when you add a new color to the theme, it will show up in the UI.
  • Issue #3004: When a context is not provided by the menu router, add one from provided layout info.
  • Issue #3071: Add vertical space below fieldset description.
  • Issue #3080: Avoid random failures in PHP 5.3.
  • Issue #2948: Add support for PHP 7.2.
  • Issue #3068: Make comment setting description text more friendly.
  • Issue #3064: Add a button-danger class to the Clear log messages button for dblog.

1.9.5

@serundeputy serundeputy released this Apr 25, 2018 · 96 commits to 1.x since this release

1.9.5

This is a security release of Backdrop CMS.

  • SA-CORE-2018-004
  • No files outside of the core directory are changed in this version.
  • It is not necessary to run update.php after performing this update.

Changes since 1.9.4

  • Comprehensive fix for ajax/upload callback and destination sanitization. (9d139b1)
  • Issue #2987: Check for valid file admin config before attempting to update it. (a1f8345)

1.8.4

@serundeputy serundeputy released this Apr 25, 2018 · 191 commits to 1.x since this release

1.8.4

This is a security release of Backdrop CMS.

  • SA-CORE-2018-004
  • No files outside of the core directory are changed in this version.
  • It is not necessary to run update.php after performing this update.

Changes since 1.8.3

  • Comprehensive fix for ajax/upload callback and destination sanitization. (41e0349)

1.9.4

@serundeputy serundeputy released this Apr 18, 2018 · 96 commits to 1.x since this release

1.9.4

This is a security release of Backdrop CMS.

  • SA-CORE-2018-003
  • No files outside of the core directory are changed in this version.
  • It is necessary to run update.php after performing this update.

Changes since 1.9.3

  • Issue #2783: Mark UTF8-MB4 support as enabled after installation. (c83847c)
  • Updating to CKEditor 4.7.3 plus security patch. (bb7aa35)
  • Issue #3007: Handle race conditions in UTF8-MB4 check. (3376cb8)
  • Issue #3017: Fix php warnings for PHP 7.1 in date.elements.inc. (2ebc4db)
  • Issue #3018: Fixed API documentation for hook_ckeditor_plugins(). (b651194)
  • Issue #2971: Fixed emails that may have been improperly upgraded from Drupal. (4c6a54e)
  • Issue #2880: Fix module name for installer. (5fcb865)
  • Issue #2905: Fixing the wording for the Entity API documentation that indicates the 'entity keys' element is optional. (a919f29)
  • Issue #2952: Move core layout contexts into their respective modules. (406118e)

1.9.3

@jenlampton jenlampton released this Mar 28, 2018 · 96 commits to 1.x since this release

This release fixes highly critical security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below, and the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, robots.txt or default settings.php files
in this release, so upgrading custom versions of those files is not necessary.

Known issues:

As of this release, Backdrop strips out several potentially dangerous values from user-provided input.
This is unlikely to break sites because the values that are stripped are very rarely used
intentionally.

1.8.3

@jenlampton jenlampton released this Mar 28, 2018 · 191 commits to 1.x since this release

Sites on 1.8 should immediately update to this 1.8.3 release, but plan to update to Backdop CMS 1.9.3 in the next month.

This release fixes highly critical security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below, and the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, robots.txt or default settings.php files
in this release, so upgrading custom versions of those files is not necessary.

Known issues:

As of this release, Backdrop strips out several potentially dangerous values from user-provided input.
This is unlikely to break sites because the values that are stripped are very rarely used
intentionally.

1.7.4

@jenlampton jenlampton released this Mar 28, 2018 · 269 commits to 1.x since this release

Sites on 1.7 should immediately update to this 1.7.4 release, but plan to update to Backdop CMS 1.9.3 in the next month.

This release fixes highly critical security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below, and the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, robots.txt or default settings.php files
in this release, so upgrading custom versions of those files is not necessary.

Known issues:

As of this release, Backdrop strips out several potentially dangerous values from user-provided input.
This is unlikely to break sites because the values that are stripped are very rarely used
intentionally.

1.9.2

@quicksketch quicksketch released this Feb 22, 2018 · 96 commits to 1.x since this release

This version of Backdrop includes 4 security fixes. See the security announcement at https://backdropcms.org/security/backdrop-sa-core-2018-001 for more information.

Besides the security fixes, this version also fixes a few bugs:

  • Issue #2981: Check Apache support and create .htaccess conditionally.
  • Issue #2979: Set comment bundle properly.

The overall impact of upgrading to this version of Backdrop is expected to be minimal. Upgrading is encouraged for all sites using Backdrop.