CakePHP 4.5.1 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.5.1. This is a maintenance release for the 4.4 branch that fixes several community reported issues and a minor security related fix.

Bugfixes

You can expect the following changes in 4.5.1. See the changelog for every commit.

• ControllerFactory no longer raises errors on union typed parameters.
• Collection::combine() raises an error when keys are null.
• Namespaced core functions are now wrapped in function_exists calls resolving errors if the file containing these functions are imported more than once.
• Added schema mapping type to sqlite for UUID_TEXT.
• Reverted deprecated annotation on LocatorAwareTrait::$defaultTable property.

Contributors to 4.5.1

Thank you to all the contributors that helped make this release happen:

• ADmad
• Corey Taylor
• Jorge González
• Kevin Pfeifer
• Mark Scherer
• Mark Story

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 5.0.2

The CakePHP core team is happy to announce the immediate availability of CakePHP 5.0.2. This is a maintenance release for the 5.0 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 5.0.2. See the changelog for every commit.

• Fixed links between API docs and book.
• TranslateBehavior now allows using _translations.{locale}.field_name style naming for default locale.
• LoggedQuery::getContext() now includes the query that was emitted.
• Fixed recursion errors when entities have cyclic references and getErrors() or hasErrors() is called.
• ControllerFactory no longer raises errors when it encounters a type it cannot cast into (like unions). Instead the framework relies on PHP to validate the parameter types.
• Collection::combine() now raises an error should a path result in a null value for the key.
• Relaxed constraint on psr/simple-cache, psr/container and psr/http-message.
• Invalid enum values are no longer cast to null when an invalid string value is marshalled into the PHP value.
• Improved compatibility between enum values and FormHelper.
• Improved compatibility between DateTimeWidget and ChronosTime.
• Improved SQLite mapping of uuid abstract type. It now maps to UUID_TEXT.
• TimeType::getClassName() was added. This method was missed in 5.0.0

Contributors to 5.0.2

Thank you to all the contributors that helped make this release happen:

• ADmad
• Jèfferson Gonçalves
• Jorge González
• Kevin Pfeifer
• Lars Ebert
• Mark Scherer
• Mark Story
• Mark Watney
• Michael Hoffmann
• othercorey
• salehhashemi1992
• wowDAS Markus Ramšak

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.5.0

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.5.0. This is the first stable release of 4.5.0. 4.5.0 provides a number improvements to CakePHP. 4.5.0 introduces a large number of deprecation warnings aimed at assisting with future upgrades to CakePHP 5.0.

Upgrading to 4.5.0

You can use composer to upgrade to CakePHP 4.5.0:

php composer.phar require --update-with-dependencies "cakephp/cakephp:4.5.*"

Deprecation Warnings

4.5 introduces a few deprecations. All of these features will continue for the duration of 4.x but will be removed in 5.0. See the migration guide.

What's new in 4.5.0?

The migration guide has a complete list of what's new in 4.5.0. We recommend you give that page a read when upgrading. A few highlights from 4.5.0 are:

• bin/cake cache clear_group <name> was added. This command gives a CLI interface to clearing a specific cache group.
• ComponentRegistry is now automatically added to your application's DI container.
• Controller::addViewClasses() was added. This method lets you build a controller's view classes programatically.
• Database and ORM connections now support read and write connection roles. Connection roles let you scale an application up by using read-replicas. When defining connections, roles can be configured with read and write keys in the connection config that override the shared config.
• New methods were added to queries to select the read or write connection role to be used.
• ModelAwareTrait::fetchModel() was added. This method works similar to loadModel() but does not set the model as an attribute.
• The development error page design has been improved. It now renders chained exceptions and makes navigating stack traces easier as each frame can be collapsed individually.
• Console exception messages now include stack traces for chained exceptions.
• EntityTrait::$_hasAllowsNull was added. This property allows you to incrementally opt-in to a breaking change present in 5.x for EntityTrait::has().
• View::addHelper() was added. This method compliments addBehavior() and addComponent().

Contributors to 4.5.0

Thank you to all the contributors that helped make 4.5 happen:

• ADmad
• Alejandro Ibarra
• Brian French
• Chris Nizzardini
• Jaro Varga
• Jose Daian
• Kevin Pfeifer
• Lars Ebert
• leon.schaub
• Marcelo Rocha
• Mark Scherer
• Mark Story
• Matthias Wirtz
• othercorey
• Roland Waldner
• wowDAS Ing. Markus Ramšak

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests. 4.5.0 is a large release and would not have been possible without the community support and feedback.

What's Next

With both 5.0 and 4.5 shipped the core team's focus will be primarily on CakePHP 5.x. Future 4.x releases will be primarily community driven. Feature and bugfix releases for 4.x will continue until September 2025. Security fixes will continue for 4.x until September 2026.

The roadmap for 5.x is still under development. We're interested in making the upgrade from 4.5.0 to 5.0 a smooth one, and would appreciate any feedback you have on upgrade difficulties. Please open an issue and get the discussion started.

CakePHP 5.0.1

The CakePHP core team is happy to announce the immediate availability of CakePHP 5.0.1. This is a maintenance release for the 5.0 branch that fixes several community reported issues and a minor security related fix..

Bugfixes

You can expect the following changes in 5.0.1. See the changelog for every commit.

• Allow FormProtection component to have its session id source customized in subclasses.
• Fixed potential email address manipulation if unvalided address data was set into Cake\Mailer\Message. Thank you to Waldemar Bartikowski who reported the issue via our security mailing list.
• Fixed errors arising from plugin helpers being loaded within other plugin helpers, when the parent helper is loaded without a plugin scope.
• PaginatedResultSet is now JsonSerializable.
• Replaced usage of include_once when Application loads plugin configuration.
• Fixed broken links in API documentation links to MDN.
• View::getConfig() is now public.
• ORM\Marshaller::one() now uses newEmptyEntity() improving compatibility with subclass implementations.
• Adding methods with getMockForModel() is deprecated because of changes in PHPUnit.
• Fixed Cake\Http\Client cookie parsing with invalid values that lack both a value and = delimiter.
• Collection\SortIterator is now compatible with Chronos types.
• Fixed source line attribution in the dd() method.
• Fixed defaults being mutated in DashedRoute and InflectedRoute after match() is called.

Contributors to 5.0.1

Thank you to all the contributors that helped make this release happen:

• ADmad
• Jorge González
• Kevin Pfeifer
• Mark Scherer
• Mark Story
• andrii-pukhalevych
• breno
• othercorey
• wowDAS Ing. Markus

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.4.18

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.18. This is a maintenance release for the 4.4 branch that fixes several community reported issues and a minor security related fix.

Bugfixes

You can expect the following changes in 4.4.18. See the changelog for every commit.

• RedirectException now forwards headers to redirect responses.
• Allow ConsoleOutput to accept stream resources. This solves 'too many streams open' problems when application code creates many instances of ConsoleIo.
• Fixed potential email address manipulation if unvalided address data was set into Cake\Mailer\Message. Thank you to Waldemar Bartikowski who reported the issue via our security mailing list.
• Fixed Cake\Http\Client cookie parsing with invalid values that lack both a value and = delimiter.

Contributors to 4.4.18

Thank you to all the contributors that helped make this release happen:

• Brian French
• Mark Story
• andrii-pukhalevych
• othercorey
• Waldemar Bartikowski

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 5.0.0 released

The CakePHP team is thrilled to announce the immediate availability of 5.0.0. This is release begins a new chapter for CakePHP as 5.0 is now stable. 5.0.0 has been in development for the past two years, adding many new features and performance improvements. It also contains breaking changes as features and behavior deprecated in 4.x have been removed.

Key Features

• PHP 8.1 required.
• Improved typehints across the framework. CakePHP now leverages union types to formalize the types of many parameters across the framework.
• Upgraded to PHPUnit 10.x
• Support for read and write database connection roles.
• New enum type mapping support in the ORM enabling more expressive model layers with improved type checking.
• Table finders with named parameters, providing more expressive query building APIs.
• Added time-only Time type and greatly improved Date and DateTime support via chronos 3.x.
• Support for PSR17 HTTP factories was added.

To find out more about what is new and changed in 5.0 refer to the migration guide.

Upgrading to 5.0

5.0 contains a number of breaking changes. If you have an existing application, we'll be releasing 4.5.0 in the upcoming weeks. This release will contain many of the features present in 5.0, and will also contain deprecations for many ofthe breaking changes in 5.0 that do not already have deprecations. Once 4.5.0 is released we recommend that you upgrade to that release first. Then, once you have addressed all of the deprecations in 4.5.0 you will have a much easier time upgrading to 5.0.0

To help with your upgrade from 4.x to 5.x the core team has prepared both a migration guide covering the deprecated, removed and new features.

Additionally, the core team has also prepared an upgrade guide which provides a step-by-step guide and CLI tooling to help you upgrade your application.

Contributors to 5.0.0

CakePHP 5.0 is the result of two years of work and contributions from the
following community members:

• ADmad
• Alejandro Ibarra
• Andrii Pukhalevych
• Brian French
• chris cnizzardini
• Chris Nizzardini
• fabian-mcfly
• Jaro Varga
• J.Brabec
• Jose Daian
• Jozef Grencik
• Kevin Pfeifer
• leon.schaub
• Marcelo Rocha
• Marc Würth
• Mark Scherer
• Mark Story
• Matthias Wirtz
• ndm2
• Oliver Nowak
• othercorey
• Roland Waldner
• saeideng

Thank you for all you've done to make CakePHP 5.0.0 a reality.

CakePHP 4.4.17 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.17. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.17. See the changelog for every commit.

• Fix deprecation notice because of Chronos 2.4.
• Fixed a typo in BasePlugin.

Contributors to 4.4.17

Thank you to all the contributors that helped make this release happen:

• Kevin Pfeifer
• kolorafa
• Mark Scherer
• Mark Story

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.4.16 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.16. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.16. See the changelog for every commit.

• Improve API documentation.
• Correct pagination URL generation for the current page from numbers() when using the modulus option.
• ProgressHelper now initializes options with default values solving errors when output() is called before init() is.
• Fixed failure to reflect schema for tables in MySQL 8+ that use functional indexes.

Contributors to 4.4.16

Thank you to all the contributors that helped make this release happen:

• Edoardo Cavazza
• Jozef Grencik
• Mark Scherer
• Mark Story
• othercorey

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.5.0-RC1 released

The CakePHP core team is happy to announce the first release candidate for CakePHP 4.5.0. The 4.5 release includes many new deprecations and is a recommended upgrade point if you plan on upgrading to 5.0 in the future. There are also new features in 4.5.0. The highlights of those include:

• Cache::write() will throw an exception on error now.
• Console commands can now use -- to indicate that all following parameters are positional arguments.
• The current container instance is now registered as a service. This makes the container available as a dependency for application and plugin factories.
• ConnectionManager now supports read and write connection roles. Roles can augment the connection configuration using nested configuration.
• Improved development exception stack trace rendering.
• HttpsEnforcerMiddleware now supports the trustedProxies option which lets you define upstream proxies that your application should trust to proxy HTTPs traffic.
• Plugins can now define multiple translation domains.

What's new in 4.5.0

The migration guide has a complete list of what's new in 4.5.0. We recommend you give that page a read when upgrading as it notes the deprecations present in 4.5.0.

How you Can Help

You can help deliver 4.5.0 by contributing in one of many ways:

1. Check the documentation for mistakes, outdated, unclear or broken examples. We've been trying to update the documentation as we go, but there are likely examples or sections we've missed.
2. Try it out! Give CakePHP 4.5.0 a test drive. Let us know how upgrading went and if there were any rough spots.
3. File issues for regressions in existing features, or suggest new features. Even if those features don't make it into 4.5.0, we're early in the process of planning 4.6 and 5.1 and value community feedback.

Contributors to 5.0.0-RC2

Thank you to all the contributors that have helped since with the RC1 release:

• ADmad
• Alejandro Ibarra
• Brian French
• Chris Nizzardini
• Jaro Varga
• Jose Daian
• Jozef Grencik
• Kevin Pfeifer
• Marcelo Rocha
• Mark Scherer
• Mark Story
• Matthias Wirtz
• othercorey
• Roland Waldner

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

CakePHP 5.0.0-RC2 released

The CakePHP core team is happy to announce the second release candidate for CakePHP 5.0.0. Since the RC1 release the core team has continued to improve deprecations, add a few small features, and improved naming. Some of the highlights of this work include:

• Simplified Paginator and made hasNextPage more consistent.
• Skip SMTP authentication if no credentials are provided.
• Improved error page frame rendering.
• Added the Command.beforeExecute and Command.afterExecute events to Command.
• Allowed applications to override default console logging easier.
• Internal event handlers now use setResult instead of return. We recommend this usage in the future.
• Added cake.database.queries and cake.mailer logging scopes. The queriesLog and email scopes are deprecated now.

What's new in 5.0

The migration guide has a complete list of what's new in 5.0.0. We recommend you give that page a read when upgrading as it notes the various breaking changes present in 5.0.

How you Can Help

You can help deliver 5.0 by contributing in one of many ways:

1. Check the documentation for mistakes, outdated, unclear or broken examples. We've been trying to update the documentation as we go, but there are likely examples or sections we've missed.
2. Try it out! Give CakePHP 5.0 a test drive in a non-production application. We'd love to hear how converting a small application went and what was harder than it should have been.
3. File issues for regressions in existing features, or suggest new features. Even if those features don't make it into 5.0, we would appreciate community input on what should be part of 5.1 and 5.2

Contributors to 5.0.0-RC2

Thank you to all the contributors that have helped since the RC1 release:

• ADmad
• Corey Taylor
• DeSerFix-bot
• Jozef Grencik
• Kevin Pfeifer
• Mark Story
• othercorey

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.