This project adheres to Semantic Versioning.
4.13.50 (2024-11-15)
Fixed issues:
- #7713 Use the
RateLimiter
component to limit password reset requests (bytehead) - #7703 Backport the VFS interface adjustments (m-vo)
- #7581 Add a rate limit for password resets (bytehead)
- #7480 Fix search results overwriting root limit (aschempp)
- #7444 Use the service ID instead of the class name for cron jobs (Toflar)
- #7564 Decode entities in the
CustomRgxpListener
(fritzmg) - #7550 Delete related opt-in tokens after a password change (bytehead)
- #7545 Add
includeBlankOption
formodule
andform
content element (fritzmg) - #7559 Fix warning in
ModuleRegistration
if editable field does not exist anymore (fritzmg) - #7595 Add the
resampling-filter
Imagine option (ausi) - #7605 Fix login redirect and session usage (fritzmg)
- #7629 Use UTC in
BackupListCommandTest
(fritzmg) - #7692 Fix typo for purge XML files (zonky2)
- #7532 Rename
$buger
to$burger
in theBackendMenuListener
(zoglo) - #7547 Fix erroneous tag on
contao.listener.make_response_private
(fritzmg) - #7535 Fix hardcoded limit to 30 in database statement (Toflar)
- #7533 Update
box-size
translation for image-size (zoglo)
4.13.49 (2024-09-17)
Security fixes:
- CVE-2024-45604: Directory traversal in the FileSelector widget
- CVE-2024-45398: Remote command execution through file uploads
- CVE-2024-45612: Insert tag injection via canonical URLs
4.13.48 (2024-09-12)
Fixed issues:
- #7497 Use
flex
for the back end gallery layout (fritzmg) - #7517 Fix the TinyMCE overflow on mobile devices (zoglo)
- #7466 Do not show the template warnings if a user only has group permissions (leofeyer)
- #7512 Allow the
name
attribute for the<details>
element (ausi) - #7506 Only get valid image extensions once (zoglo)
- #7483 Fix the description list markup for
template
templates (fritzmg) - #7481 Fix a PHP8 error if a user has no groups (aschempp)
4.13.47 (2024-08-23)
Fixed issues:
- #7462 Consistent handing of user fields (aschempp)
- #7459 Disable copying and deleting of tl_undo records (lukasbableck)
- #7433 Cast
$alexf
data to array (fritzmg) - #7425 Encode e-mails in the
MarkdownController
(Toflar) - #7380 Render partial tree instead of disabling root trails with breadcrumb (aschempp)
4.13.46 (2024-08-06)
Fixed issues:
- #7365 Use the user data instead of magic methods (aschempp)
- #7379 Fix a PHP8 error if a user has no groups (aschempp)
- #7350 Ignore deleted cookies in the
CsrfTokenCookieSubscriber
(fritzmg) - #7371 Add the
playerColor
migration (fritzmg) - #7359 Fix a PHP8 error when sending newsletters (aschempp)
- #7357 Skip database backups if the remaining migrations will not be executed (fritzmg)
- #7356 Allow .ics file uploads and downloads (aschempp)
- #7340 Ignore duplicate opt-in submissions (aschempp)
- #7316 Introduce a
Template::once()
method (Toflar) - #7332 Handle routing errors when trying to render the error screen (aschempp)
- #7323 Fix the login state for two-factor authentication (fritzmg)
4.13.45 (2024-06-25)
Fixed issues:
- #7180 Correctly show the file tree if the widget is restricted to a path (leofeyer)
- #7275 Make ID always searchable in DC_Table (Toflar)
- #7281 Check CSRF and private response after the session (ausi)
- #7277 Improve the docs of
quoteIdentifier()
andfindInSet()
(ausi) - #7263 Handle failed
preg_split()
return values for image sources (aschempp) - #7266 Delete search index entries under more specific conditions (fritzmg)
- #7264 Replace non-routable URLs with an empty string for the
{{link*}}
insert tags (fritzmg) - #7246 Use
ENT_QUOTES|ENT_SUBSTITUTE|ENT_HTML5
instead of justENT_QUOTES
(leofeyer) - #7255 Support
buildIfResourceExists()
in the preview factory (ausi) - #7254 Do not update the
tstamp
column on cut/paste (ausi) - #7247 Support MODIFY queries in the database installer (Toflar)
- #7248 Handle legacy keywords when rendering an article in the back end (fritzmg)
- #7240 Only handle
GET
requests in the search index listener (fritzmg) - #7233 Fix the
_token_check
logic (leofeyer) - #7236 Add 'Bubble the back end log entries to file logs' again (leofeyer)
4.13.44 (2024-05-23)
Fixed issues:
- #7077 Render the Contao login page even if the current route is not a Contao page (aschempp)
- #7232 Consolidate the route definitions in invokable controllers (leofeyer)
- #7224 Backport 'Set a low priority for the back end fallback route' (fritzmg)
- #7213 Check the cookie headers in the
isSessionEmpty()
method (ausi) - #7227 Store the referrer by default in
backend
scope (fritzmg) - #7181 Adjust the deprecation for custom template names (leofeyer)
- #7194 Handle quoted columns names in the boolean fields migration (ausi)
- #7179 Render the
date::Y
insert tag inline (leofeyer) - #7171 Backport the boolean fields migration (fritzmg)
- #7169 Correctly resolve child definitions for callback tags (Toflar)
- #7160 Restore the time period back end settings (fritzmg)
- #7086 Add a fallback route for the back end (aschempp)
- #7161 Send an
X-Robots-Tag: noindex
header in the back end (fritzmg) - #7126 Automatically set
ParameterType::BOOLEAN
for booleans (fritzmg) - #7155 Backport 'Fix non-existent "contao.image.image_factory" in FeedItem.php' (stefansl)
4.13.43 (2024-04-19)
Fixed issues:
4.13.42 (2024-04-17)
Fixed issues:
4.13.41 (2024-04-16)
Fixed issues:
- #7076 Fix the markup of the trusted device checkbox in the login template (aschempp)
- #7109 Add the missing
FilesystemItem::getName()
method (Toflar) - #7072 Use
display: grid
in the image gallery preview (zoglo) - #7092 Remove the
feViewable
configuration (fritzmg) - #7078 Fix a PHP 8 error if there is no default palette (aschempp)
- #7069 Correctly run the file extension migration on Windows (lukasbableck)
- #7052 Skip token validation if the session is empty and new (ausi)
- #7033 Register theme templates in the global namespace, too (ausi)
- #7036 Handle CSV fields in the registration and personal data module (qzminski)
4.13.40 (2024-04-09)
Security fixes:
- CVE-2024-28235: Session cookie disclosure in the crawler
- CVE-2024-28190: Cross site scripting in the file manager
- CVE-2024-28191: Insert tag injection via the form generator
- CVE-2024-30262: Remember-me tokens are not cleared after a password change
- CVE-2024-28234: Insufficient BBCode sanitization
4.13.39 (2024-03-20)
Fixed issues:
- #7029 Update the DBAFS cache when creating files (m-vo)
- #6957 Prevent infinite loops of migrations (richardhj)
- #6771 Backport the
UnwrapTwigExceptionListener
(bytehead) - #6986 Ignore empty image size items (ausi)
- #6926 Set the X-Frame-Options header for popups (richardhj)
4.13.38 (2024-03-07)
Fixed issues:
- #6959 Do not make a response private if the session is empty (Toflar)
- #6965 Always lowercase the file extension in the DBAFS (leofeyer)
- #6866 Correctly generate record labels with foreign keys (aschempp)
- #6966 Set the correct URL when generating multiple aliases (leofeyer)
- #6949 Fix the Twig loader infrastructure (m-vo)
- #6947 Correctly output the legend for the security question (fritzmg)
- #6940 Handle unicode strings in insert tag flags (ausi)
- #6905 Camelize the file system service argument (richardhj)
- #6906 Update the
tstamp
column only ontl_files
in the DBAFS (richardhj) - #6909 Also strip query parameter from
QUERY_STRING
variable inServerBag
(fritzmg) - #6892 Merge the
Cache-Control
header inPageRegular
(MarkejN)
4.13.37 (2024-02-12)
Fixed issues:
- #6870 Improve the CAPTCHA (ausi)
- #6868 Do not add duplicate paths in our own Twig filesystem loader (m-vo)
- #6832 Do not load the sitemap from cache for authenticated users (fritzmg)
- #6849 Add the missing use statement for
FormHidden
(fritzmg) - #6848 Improve the
ConfigureFilesystemPass
performance (fritzmg) - #6826 Randomize CSRF tokens once per request (ausi)
- #6825 Add a foreign key declaration for form and module fields (rorych)
- #6798 Correctly show past events if "hide running events" is active (janborg)
- #6801 Handle empty sessions in the CSRF cookie subscriber (Toflar)
- #6808 Support HTML5 entities with
double_encode: false
(ausi) - #6777 Ensure absolute paths in the
ImageObject
schema.org data (leofeyer) - #6778 Correctly check the "show" permission in the site structure (leofeyer)
- #6764 Prevent argument errors on malicious login attempts (fritzmg)
- #6762 Fix mov mime type (ausi)
- #6717 Allow prefixing simple tokens with
#
(Toflar) - #6724 Redirect in the
BackendConfirm
controller if there is noINVALID_TOKEN_URL
in the session (leofeyer)
4.13.36 (2024-01-17)
Fixed issues:
- #6721 Revert "Allow data-lightbox in TinyMCE by default" (fritzmg)
- #6697 Fix an error if a gallery image does not exist (fritzmg)
- #6474 Retrieve the
PageModel
correctly inContaoMailer
(fritzmg) - #6692 Make
FrontendTemplateTrait::getTemplate()
static (Shadow-Devil) - #6699 Fix the compression in the
contao:backup:create
command (Toflar) - #6700 Fix tests when
MAILER_DSN
env var is defined (fritzmg) - #6684 Do not overwrite
id
,pid
,ptable
andsorting
when restoring a version (leofeyer) - #6463 Fix a PHP8 error in the
Frontend::addToUrl()
method (zonky2) - #6342 Fix a PHP 8 error in the
Form
class (zonky2) - #6689 Fix the description of the "template data" field (fiedsch)
- #6622 Use the name of the related field when getting options from another record (asconsulting)
- #6599 Disallow the web profiler in the
robots.txt
file (aschempp) - #6554 Fix NULL handling in the
SerpPreview
widget (aschempp) - #6434 Cache the
cteAlias
references (fritzmg) - #6169 Support the
template_from_string()
Twig function (richardhj) - #6644 Correctly check the theme export permissions (aschempp)
- #6621 Add example content to the auto-generated
.env
file (aschempp) - #6549 Update page registry when generating multiple page aliases (aschempp)
- #6625 Do not show the end time of open-ended events (ausi)
- #6571 Fix relative asset paths in feeds (fritzmg)
- #6616 Backport the cache warmer test fix (fritzmg)
- #6593 Add a data container setting to hide the
orderBy
column in the back end listing (ameotoko) - #6602 Update the insert tags doc link (aschempp)
4.13.35 (2023-11-30)
Fixed issues:
- #6574 Fix and improve logging deprecation messages (Toflar)
- #6575 Fix the safe analysis for the
contao_html
andcontao_html_attr
strategies (m-vo) - #6576 Correctly reset the page registry (aschempp)
- #6460 Fix the news URL cache when the archive is added (aschempp)
- #6568 Add the missing autowiring alias for the image sizes service (Toflar)
- #6524 Improve performance when loading language files that do not exist (fritzmg)
- #6535 Fix ongoing events (ausi)
- #6532 Bubble the back end log entries to file logs (aschempp)
- #6430 Only consider the main request in the
MergeHttpHeadersListener
class (Toflar) - #6545 Change the form permission constant (aschempp)
- #6522 Remove the XLIFF level restriction (fritzmg)
- #6514 Make sure the session cookie is always lax (Toflar)
- #6511 Fix undefined array key warning in
DC_Table::deleteAll
(fritzmg) - #6507 Use placeholders for URLs in translation strings (leofeyer)
- #6501 Fix the date format in the
Feed
class (leofeyer)
4.13.34 (2023-11-06)
Fixed issues:
- #6492 Fix the arguments of the
contao.command.user_list
service (xprojects-de)
4.13.33 (2023-11-06)
Fixed issues:
- #6490 Focus the TinyMCE dialog after using the picker (ausi)
- #6487 Fixed debug log not shown when crawler is running (Toflar)
- #6345 Fix redirect to language without URL prefix (aschempp)
- #6473 Cast boolean to integer in
DC_Table::copy
(fritzmg) - #6466 Correctly handle metadata in Dbafs (aschempp)
- #6467 Compare the actual row format instead of the create options (ausi)
- #6459 Correctly reset the context when generating preview URL fails (aschempp)
- #6462 Remove the
kernel.reset
tag (aschempp) - #6457 Add member login preview links to known limitations (ausi)
- #6417 Change user commands to not use models (aschempp)
- #6444 Enable code highlighting for Twig (m-vo)
4.13.32 (2023-10-17)
Fixed issues:
- #6437 Support themes from ZIP files (aschempp)
- #6431 Make sure valid URLs start with a slash (aschempp)
- #6425 Do not set
database_version
in the install tool (aschempp)
4.13.31 (2023-10-09)
Fixed issues:
- #6419 Use
href
for lightbox resource (fritzmg) - #6422 Correctly tag cached responses with forms (aschempp)
- #6401 Create one
<script>
block per JSON-LD context (leofeyer) - #6391 Do not forward pages with parameters by default (leofeyer)
- #6393 Generate the file tree preview images with a 1x, 2x source set (leofeyer)
- #6390 Do not allow route parameters for redirect pages (leofeyer)
- #6349 Fix an "access array offset on value of type null" error in the help wizard (leofeyer)
- #6384 Fix legacy route matching for unpublished pages (fritzmg)
- #6352 Fix a PHP8 warning on undefined
$GLOBALS['TL_CSS']
(aschempp)
4.13.30 (2023-08-30)
Fixed issues:
- #6343 Fix warning if reference page of navigation module gets deleted (fritzmg)
- #6333 Correctly add the schema.org data of multiple FAQ archives on the same page (Toflar)
- #6348 URL-encode file paths for edit multiple (ausi)
- #6332 Always allow unpublished pages in preview entry point (aschempp)
- #6331 Check the preview script before the firewall (aschempp)
- #6325 Do not URL-encode insert tags in
specialcharsUrl()
(ausi) - #6317 Use primary language for slug generation (fritzmg)
- #6279 Fix bug with huge PDF files in the back end preview (ausi)
- #6311 Remove another left-over
errorInfo()
call (leofeyer) - #6309 Fix warnings when using
Image::get
(fritzmg) - #6310 Allow storing large integers in the calendar bundle (leofeyer)
- #6308 Encode the form data when sending it as XML file (leofeyer)
- #6307 Fix the .htaccess rewrite rules (leofeyer)
- #6306 Correctly handle users without username in the registration module (e-spin)
- #6302 Generate the file manager preview images with a 1x, 2x source set (leofeyer)
- #6297 Remove the left-over
errorInfo()
call (leofeyer) - #6296 Allow to set
field
andinputName
on DataContainer (aschempp) - #6293 Add redirect for app.php to prevent duplicate content (bennyborn)
- #6276 Use PDF TrimBox when generating previews (ausi)
4.13.29 (2023-08-01)
Fixed issues:
- #6261 Fix the FAQ page and list modules (leofeyer)
- #6251 Handle insert tags in news and event URLs (leofeyer)
- #6252 Set the correct PIDs when copying folders recursively (leofeyer)
- #6127 Recursively implode fields when generating record labels (aschempp)
- #6250 Correctly show options with the same label in the filter menu (leofeyer)
- #6240 Do not set the unsubscribe header for test newsletters (aschempp)
- #6234 Fix the variable naming in the DCA schema provider (leofeyer)
4.13.28 (2023-07-25)
Security fixes:
- CVE-2023-36806: Cross site scripting in widgets with units
4.13.27 (2023-07-21)
Fixed issues:
- #6226 Replace the token in the storage for preview link authentication (ausi)
- #5829 Make the RegisterFragmentType compiler pass reusable (richardhj)
- #6159 Include the category data in the FAQ list template (aschempp)
- #6229 Fix PHP8 issues in the database installer (aschempp)
- #6222 Handle missing files in the
StringUtil::insertTagToSrc()
method (ausi) - #6231 Fix the
ReflectionProperty::setValue()
method signature (ausi) - #6217 Fix relative redirects (fritzmg)
- #6221 Improve the
UrlUtil::makeAbsolute()
method (ausi)
4.13.26 (2023-07-10)
Fixed issues:
- #6197 Handle empty label fields in the picker (leofeyer)
- #6187 Make the template module more flexible (fritzmg)
- #6148 Correctly encode URLs in the sitemap (aschempp)
- #6180 Fix rootNodes for table picker (aschempp)
- #6171 Revert 'Use real path for
.env.local
' (ausi) - #6168 Fix highlighting for phrase searches (ausi)
4.13.25 (2023-06-21)
Fixed issues:
- #6151 Fix a PHP8 issue in the
be_help
template (aschempp) - #6161 Accumulate several PHP8 fixes (leofeyer)
- #6160 Ensure
multiSRC
is not mandatory whenuseHomeDir
is selected (cliffparnitzky) - #6073 Check string length for short hex color (zonky2)
- #6130 Use
setMetadata()
in theaddImageToTemplate()
method (leofeyer) - #6145 Add
authorModel
to the news templates (fritzmg) - #6144 Support vimeo unlisted video privacy hash (ausi)
- #6152 Fix undefined array key 0 in stylesheet (ausi)
- #6123 Prepend the web dir in
FigureBuilder::fromUrl()
(fritzmg) - #6141 Remove entity mapping type for app bundle (aschempp)
- #6140 Always define a reference type in
PageModel::getFrontendUrl()
(fritzmg) - #6139 Support relative URLs as canonical URLs (ausi)
- #6142 Fix force language in
PageModel::getFrontendUrl()
(fritzmg) - #6138 Fix book navigation in PHP 8 (fritzmg)
- #6132 Require version
^2.15.1
offriendsofsymfony/http-cache
(leofeyer) - #5871 Set
templateGroup
for faux requests (fritzmg) - #6109 Correctly track whether config files exist (aschempp)
- #6121 Do not generate a secret in the install tool anymore (leofeyer)
- #6089 Add the missing annotation for the widget type field (aschempp)
- #6113 Add recipient and channel ID to subject for List-Unsubscribe (de-es)
- #5968 Fix security and CSRF issues on the command line (aschempp)
- #6035 Make sure login constants are set when rendering error page (aschempp)
- #5694 Parse back end URLs with Symfony assets (aschempp)
- #6087 Make named parameter matching in routing non-possessive (fritzmg)
- #6084 Compare start and stop dates as numbers instead of strings (aschempp)
4.13.24 (2023-05-25)
Fixed issues:
- #6064 Merge the "overwrite metadata" with the default metadata (leofeyer)
- #6080 Fix the randomImage caption bug (agonyz)
- #6066 Use real path for
.env.local
(fritzmg) - #6077 Also handle transport exceptions when sending newsletters (leofeyer)
- #6075 Fix root page dependent module when there is no module for a root page (fritzmg)
- #6071 Make the support link language-agnostic (aschempp)
- #5985 Support readonly in TinyMCE and ACE editor (zonky2)
- #6063 Do not filter folders named
0
in the file manager (leofeyer) - #6062 Do not mark as copy more than once (fritzmg)
- #6052 Fix a PHP8 warning in the PageSelector class (aschempp)
- #6038 Load the page details before manipulating root page data (aschempp)
- #6041 Fix a PHP 8 error if the label insert tag does not match (aschempp)
- #6040 Add missing space after page icon (ameotoko)
- #6015 Only modify changed values in the Dotenv dumper (ausi)
- #5930 Correctly detect empty HTML when generating DCA labels (aschempp)
- #6014 Fix backtracking in insert tags regular expressions (ausi)
- #6006 Prepend the base path to the Contao Manager URL in the back end (aschempp)
- #5966 Ensure that root pages are always shown in the correct order (Toflar)
4.13.23 (2023-05-03)
Fixed issues:
4.13.22 (2023-05-02)
Fixed issues:
- #6003 Add a method to retrieve the original route path (aschempp)
- #6002 Fix a type error in the meta wizard (ausi)
- #5984 Make the
multiSRC
field mandatory for galleries and downloads (cliffparnitzky) - #5993 Fix the type hint in the Hybrid class (leofeyer)
- #5951 Auto-generate and dump the APP_SECRET during contao-setup (m-vo)
- #5971 Add an optional class attribute to the figure builder (a-v-l)
- #5986 Allow flysystem-bundle ^3.0 (Toflar)
4.13.21 (2023-04-25)
Security fixes:
- CVE-2023-29200: Directory traversal in the file manager
Fixed issues:
4.13.20 (2023-04-19)
Fixed issues:
- #5962 Fix an undefined array key warning when comparing versions with different fields (fritzmg)
- #5851 Do not auto-link images in the newsreader (leofeyer)
- #5959 Remove unnecessary locale tags from languages (ausi)
- #5955 Remove the "symfony/proxy-manager-bridge" dependency (leofeyer)
- #5893 Correctly check the mounted pages in the
hasAccess()
method (leofeyer) - #5952 Ignore exceptions when adding trusted devices (aschempp)
- #5942 Do not treat subdirectories of Twig namespace roots as template paths (m-vo)
- #5908 Correctly handle response status codes from legacy entry points (aschempp)
- #5934 Fix the search query in DC_Folder (leofeyer)
- #5917 Consider foreign keys when sorting the list view (dennisbohn)
- #5927 Fix the version panel alignment (fritzmg)
4.13.19 (2023-04-04)
Fixed issues:
- #5914 Regenerate the symlinks when moving or duplicating folders (leofeyer)
- #5910 Support PHP and XML config files in the app (Toflar)
- #5913 Fix a PHP 8 issue in the
mod_breadcrumb.html5
template (leofeyer) - #5892 Normalize the line endings in the file editor (leofeyer)
- #5890 Fix the incorrect formatting of numbers with decimal places (qzminski)
- #5888 Remove the @internal hints at constructor level (leofeyer)
- #5876 Always allow toggling a field that is not excluded (aschempp)
- #5884 Prevent foreign key check errors when deleting a parent record with children (qzminski)
- #5883 Add psr/log ^2.0 and ^3.0 (JanoschOltmanns)
- #5887 Fix urlencoded paths in DC_Folder (ausi)
4.13.18 (2023-03-16)
Fixed issues:
4.13.17 (2023-03-15)
Fixed issues:
- #5864 Fix subpalette toggling (aschempp)
- #5820 Throw an exception if a model relation is incomplete (aschempp)
- #5830 Handle invalid back end confirm requests (aschempp)
- #5868 Always redirect ajax requests when session expired (Toflar)
- #5863 Correctly handle sub-subpalettes in editAll mode (aschempp)
- #5873 Create deferred image in legacy image class (fritzmg)
- #5862 Used parsed referer for target path in login module (fritzmg)
- #5860 Also consider the referer when redirecting back in the login module (fritzmg)
- #5854 Fix an integrity constraint violation in the Versions class (leofeyer)
- #5856 Add the
multiple
attribute to the list and table wizards (leofeyer) - #5855 Add the
FigureBuilder::fromUrl()
method (ausi) - #5850 Fix a possible CSRF cookie race condition (leofeyer)
- #5843 Fix possible undefined headline data (rabauss)
- #5842 Fix a PHP8 issue with the back end breadcrumb menu (leofeyer)
- #5834 Refresh the cache after updating metadata in the Dbafs class (Toflar)
- #5815 Make the captcha widget cacheable (ausi)
- #3540 Improve handling of pages with
tl_page.requireItem
(SeverinGloeckle) - #5774 Ignore if global_operation has no class (aschempp)
- #5793 Do not rely on the current session IDs (ausi)
- #5817 Fix invalid HTML output of
DC_Table
(fritzmg) - #5795 Add the missing option to resume crawling from CLI (Toflar)
4.13.16 (2023-02-22)
Fixed issues:
- #5809 Fix the "root page dependent modules" module (bytehead)
- #5790 Load app routes before everything else (aschempp)
- #5811 Clear the session value when toggle is closed (aschempp)
- #5802 Fix public folder renaming on Windows (fritzmg)
- #5792 Skip invalid article links if the URL cannot be generated (aschempp)
- #5797 Purge the new records when revising tables (ausi)
- #5799 Define line endings for templates (fritzmg)
- #5787 Disable
ToggleNodesLabelListener
if not in back end (fritzmg) - #5785 Fix file uploads erroneously overwriting existing files (fritzmg)
- #5786 Handle negative PHP ini precision in StringUtil (ausi)
- #5674 Dynamically change the "expand/collapse all" label (aschempp)
- #5782 Fix the remaining opt-in token validation queries (leofeyer)
- #5619 Allow using both modern fragments and Twig templates in extensions (m-vo)
- #5777 Do not URL-decode file paths in FigureBuilder (ausi)
- #5692 Unify newlines in textarea widgets (aschempp)
- #5759 Fix the image encoding in the RSS feeds (qzminski)
- #5753 Always set
currentRecord
when initializing widgets (leofeyer) - #5740 Correctly handle numeric paths (part 2) (m-vo)
- #5544 Merge CSS classes in the "root page dependent modules" module (bytehead)
- #5696 Fix installer issue if SQL field has no precision (aschempp)
- #5741 Fix reordering trees when the PID is null (aschempp)
- #5708 Add the missing null check for button_callback (aschempp)
- #5606 Use the request language to match
iflng
tags (aschempp) - #5709 Check for trail page before rendering the navigation (aschempp)
- #5669 Skip pages in sitemap.xml if URL cannot be generated (aschempp)
4.13.15 (2023-01-13)
Fixed issues:
- #5667 Correctly sort images and downloads by date (leofeyer)
- #5662 Handle symlinked upload directories outside the Contao root (qzminski)
- #5625 Correctly handle invalid size in TextArea widget (aschempp)
- #5643 Fix array index check in tl_calendar_events (Defcon0)
- #5629 Fix PHP8 Warning picture_default (zonky2)
- #5618 Correctly handle numeric paths (m-vo)
- #5603 Set $useLastModified in FilesystemConfiguration::addDefaultDbafs() (Toflar)
- #5620 Fix
{{date::Y}}
caching (fritzmg) - #5587 Also display the visible root trail when searching/filtering (Toflar)
- #5575 Ensure parameters are strings (fritzmg)
- #5526 Correctly sort tree items when PID can be null (aschempp)
- #5564 Do not run our Twig filesystem warmer on sub requests (m-vo)
- #5559 Allow data-lightbox in TinyMCE by default (fritzmg)
- #5556 Fix SitemapController not working for protected pages (Toflar)
- #5540 Fix a PHP 8 warning in the StyleSheets class (fritzmg)
4.13.14 (2022-11-28)
Fixed issues:
- #5518 Correctly handle missing inputType in DCA (aschempp)
- #5532 Make sure text content is always a string (aschempp)
- #5333 Correctly handle invalid path in DC_Folder (aschempp)
- #5524 Fixed potential PHP8 issues in picker widget (aschempp)
- #5520 Improve the stability of the JSON export for the "user list" command (richardhj)
- #5517 Handle possibly missing variable (aschempp)
- #5511 Fix undefined array key access (bytehead)
- #5510 Fix PHP8 issues in TimePeriod widget (aschempp)
4.13.13 (2022-11-15)
Fixed issues:
- #5498 Handle broken images in FigureBuilder#buildIfResourceExists() (m-vo)
- #5499 Fix automatic DBAFS sync for root resources (m-vo)
- #5485 Fix and improve mime type handling in the VFS (m-vo)
- #5454 Check the preview link validity on every request (ausi)
- #5434 Restore previous translations in
$GLOBALS['TL_LANG']
(fritzmg) - #5493 Fix the autoFocusFirstInputField function (leofeyer)
- #5467 Correctly handle special characters when encoding domain names (leofeyer)
- #5471 Use executeStatement() in the Dbafs class (leofeyer)
- #5470 Use executeStatement() instead of query() in search (ausi)
- #5453 Make the version updates and the install tool MySQLi compatible (leofeyer)
- #5451 Fix bug in Search::removeEntry() (ausi)
- #5442 Do not boot Contao framework in DefaultIndexer::delete() (Toflar)
- #5438 Don’t throw error for empty insert tag (ausi)
- #5422 Fix more PHP8 issues (aschempp)
- #5366 Rename the internal route name for generating page routes (aschempp)
- #5410 Fix several VFS/UUID related issues (m-vo)
4.13.12 (2022-10-13)
Fixed issues:
- #5355 Backport the database configuration error checks (m-vo)
- #5361 Fix the oncopy_callback (fritzmg)
4.13.11 (2022-10-11)
Fixed issues:
- #5346 Ignore invalid jumpTo pages in the FAQ back end module (leofeyer)
- #5350 Fix an "unknown system variable" error (ausi)
- #5345 Fix the version edit URL (leofeyer)
- #5326 Fix the sitemap cache invalidation in the news module (qzminski)
- #5344 Fix the LONG_TERM_SUPPORT constant (leofeyer)
- #5341 Fix a possible non-numeric value issue (leofeyer)
- #5337 Backport the localconfig file check to Contao 4.13 (fritzmg)
- #5332 Fix return type of FilterIterator (aschempp)
- #5318 Trigger the oncopy_callback for child records (leofeyer)
- #5317 Disable spell checking in the password field toggle (leofeyer)
- #5309 Backport support for nested template paths (m-vo)
- #5312 Fix another "Undefined array key" issue (leofeyer)
- #5306 Use real placeholders in password fields (leofeyer)
- #5302 Fix an "Undefined array key" issue in the registration module (leofeyer)
- #5291 Harden the unique field check (leofeyer)
4.13.10 (2022-09-16)
Fixed issues:
4.13.9 (2022-09-15)
Fixed issues:
- #5277 Fix the order of the palette combiner (ausi)
- #5269 Don't return empty theme directories in the TemplateLocator (m-vo)
- #5268 Fix page mounts not being applied correctly (Toflar)
- #5260 Fix a PHP8 issue if the confirmation key is not translated (aschempp)
- #5249 Fix cache tagging for aliased content elements (fritzmg)
- #5240 Improve the order of operations during the Contao setup (m-vo)
- #5234 Correctly list the templates in "override all" mode (leofeyer)
- #5227 Fix the password field icon (leofeyer)
- #5222 Use the firewall name instead of the scope to determine the access strategy (aschempp)
- #5221 Correctly validate same page alias with required parameters on multiple domains (aschempp)
- #5206 Deprecate the article-to-PDF functionality (aschempp)
- #5194 Deprecate the Controller::setStaticUrls() method (leofeyer)
4.13.8 (2022-08-17)
Fixed issues:
- #5185 Make the maker-bundle compatible with symfony/maker-bundle >= 1.44.0 (leofeyer)
- #4571 Allow searching content elements and members by ID (christianbarkowsky)
- #5099 Fix the preview link purge job (aschempp)
- #5167 Allow usages of picker without active record (bezin)
- #5170 Correctly replace insert tags within links in the markdown element (Toflar)
- #5165 Add the password toggle to the "change password" dialog (leofeyer)
- #5137 Set login constants in request listener (fritzmg)
- #5159 Do not define ptable for tl_content (fritzmg)
4.13.7 (2022-08-15)
Fixed issues:
- #5112 Allow subpalettes based on value 0 in case of selects (dennisbohn)
- #5142 Support pid foreign keys in DC_Table (richardhj)
- #5104 Skip the database backup in contao:migrate command if there is no work to do (qzminski)
- #5092 Check database version in migrate command (ausi)
- #4979 Fix legacy routing matcher not matching the route if page has no alias (qzminski)
- #5064 Deprecate the MAILER_URL environment variable (aschempp)
- #4988 Redirect to fragment URL on preview URL error (aschempp)
- #5009 Keep the ResponseContextAccessor available for autowiring (aschempp)
- #5061 Improve canonical URL help text (ausi)
- #5129 Handle non-existing table in DcaExtractor (aschempp)
- #5108 Do not override manually defined ptable configuration (dmolineus)
- #5016 Fix several argument warnings on PHP methods (aschempp)
- #5095 Don’t use deprecated getIdentifierQuoteCharacter() (ausi)
- #5098 Fix compatibility with doctrine/dbal 3.3.8 (ausi)
- #5071 Deprecate noCache parameter of DcaLoader (ausi)
- #5059 Fix illegal string offsets in the translator (ausi)
- #5026 Also set collation for database.sql files (fritzmg)
- #5020 Fix wrong UUID being applied when moving resources (m-vo)
- #4965 Use cache_suffix for TinyMCE (fritzmg)
- #4973 Deprecate the importUser hook (bytehead)
- #4957 Fixed str_replace errors when passing null (aschempp)
- #4961 Always set both collate and collation to the same value (fritzmg)
- #4952 Allow iterating FilesystemItemIterator multiple times (m-vo)
- #4933 Do not set header in Ajax::executePostActions (fritzmg)
- #4948 Fix potential PHP 8 warnings when resizing an uploaded image (qzminski)
4.13.6 (2022-07-05)
Fixed issues:
- #4941 Reduce System::getContainer and $container->getParameter calls (fritzmg)
- #4932 Deprecate insert tag flag uncached (ausi)
- #4808 Various PHP 8 fixes (aschempp)
- #4945 Hard-code timezone to avoid time deviation (bezin)
- #4926 Allow to exclude all tl_page fields (aschempp)
- #4870 Disable widgets for configured settings (aschempp)
- #4878 Make sure
eval.rte
is a string (fritzmg) - #4891 Fix the query string being lost during the preview script redirect (qzminski)
- #4889 Fix a potential PHP 8 warning in tl_article callback (qzminski)
- #4881 Use the resource finder in the lightbox migration (leofeyer)
- #4883 Hide the "icon" table header in the user and member module (leofeyer)
- #4886 Always unlock search tables to prevent deadlocks (ausi)
- #4877 Fix a potential PHP 8 warning in the Search class (qzminski)
- #4848 Fix a few potential PHP 8 warnings (qzminski)
- #4850 Show array keys als fallback for sorting dropdowns (Tastaturberuf)
- #4861 Fix a potential version comparison if the field definitions are missing (qzminski)
- #4857 Correctly add the preview script (leofeyer)
- #4849 Show array keys instead of nothing in show column mode (Tastaturberuf)
- #4833 Order the languages in the meta wizard (leofeyer)
- #4778 Fix undefined array key while button generation (rabauss)
- #4838 Improve DropSearchMigration (fritzmg)
- #4836 Fix infinite loop while loading of countries (rabauss)
- #4807 Fix date filtering in DC_Table (fritzmg)
- #4794 Deprecate Controller::generateMargin (bezin)
- #4786 Do not allow empty values for the badge title and custom CSS/JS scripts (leofeyer)
- #4782 Add a cache timeout for the
{{date::Y}}
insert tag (Toflar) - #4799 Always set both collate and collation to the same value (fritzmg)
4.13.5 (2022-06-03)
New features:
- #3924 Show page name in duplicate alias error (aschempp)
- #4665 Make the template element more flexible (doishub)
- #4672 Add a deprecation helper to detect insert tags in Twig templates (m-vo)
Fixed issues:
- #4785 Fix the while loop in the
Controller::getParentEntries()
method (leofeyer) - #4784 Return 0 after deleting a deferred image reference (leofeyer)
- #4757 Fix a potential PHP 8 warning in booknav frontend module (qzminski)
- #4763 Correctly toggle checkbox groups with collapseUncheckedGroups (aschempp)
- #4774 Fix a potential PHP 8 error in the Contao\Environment class (qzminski)
- #4767 Fix a potential PHP 8 warning in the Contao\Controller class (qzminski)
- #4679 Fix several accessibility issues in the back end navigation (aschempp)
- #4752 Deprecate orderField (ausi)
- #4732 Fix a potential PHP 8 warning in the sitemap module (qzminski)
- #4747 Apply the rel=lightbox migration to all rte fields (ausi)
- #4728 Fix DBAFS when upload_path contains subfolders (fritzmg)
- #4733 Undeprecate reload…tree ajax post actions (ausi)
- #4739 Make sure page language is always a string in routing (aschempp)
- #4720 Fix a potential PHP 8 warning in the breadcrumb module (qzminski)
- #4719 Fix the PHP 8 warning if a $_SERVER variable does not exist (qzminski)
- #4713 Also override Return-Path and Sender address (fritzmg)
- #4717 Correctly handle index pages without URL prefix (aschempp)
- #4692 Harden against invalid input (leofeyer)
- #4691 Fix failing backup on contao:migrate must abort the command (Toflar)
- #4683 Drop the DBAFS file size limit (m-vo)
- #4673 Fix undefined array key warning when using an article list (MarkejN)
- #4662 Deprecate the move operation (aschempp)
- #4443 Expose public URIs in the VFS (m-vo)
- #4681 Fix the PHP 8 warning in Contao\Date class (qzminski)
- #4669 Remove all "Unable to generate URL for page" log entries (leofeyer)
- #4668 Fix the hasText/hasDetails usage (leofeyer)
- #4667 Stop using the deprecated VERSION constant (bezin)
- #4656 Unset TL_CONFIG in ContaoTestCase::tearDown() (fritzmg)
- #4643 Remove superfluous class name in deprecation messages (fritzmg)
- #4632 Undeprecate some autowiring aliases (fritzmg)
- #4641 Fix missing PurgePreviewLinksCron registration (fritzmg)
- #4623 Improve how the Contao Twig escaper works (m-vo)
- #4617 Ensure that the license field in the MetaWizard contains a URL (Toflar)
- #4592 Support both
collation:
andcollate:
(leofeyer) - #4631 Fix the empty URL check in the getCandidates() method (leofeyer)
- #4627 Fix RelLightboxMigration if ContaoCommentsBundle is not installed (fritzmg)
- #4608 Deprecate the Backend::getTinyTemplates() method (de-es)
4.13.4 (2022-05-05)
New features:
Fixed issues:
- #4504 Improve the XDebug experience (m-vo)
- #4514 Do not use head and attribute data in search context (aschempp)
- #4603 Correctly generate the edit URL of a version (leofeyer)
- #4396 Deprecate the StringUtil::toHtml5() method (m-vo)
- #4604 Use host name without port in some controllers (bezin)
- #4601 Correctly toggle the CSS class when (un)publishing a format definition (leofeyer)
- #4600 Fix the DCA picker in the CSS editor (leofeyer)
- #4599 Do not throw an exception if a page insert tag cannot be generated (leofeyer)
- #3995 Replace old back end paths (aschempp)
- #4501 Fix undefined sorting mode for group header (rabauss)
- #4489 Fix the SendNewsletterEvent when sending as text only (fritzmg)
- #4573 Add loop as an option to YouTube videos (Wusch)
- #4567 Deprecate Controller::getSpellcheckerString() (ausi)
- #4523 Handle predefined image sizes when validating the ImageSize widget (qzminski)
- #4549 Fix a type error in the listing module (Toflar)
- #4534 Fix the FAQ page module throwing a warning in PHP 8 if author could not be fetched (qzminski)
- #4535 Fix the registration module throwing a warning in PHP 8 if captcha is disabled (qzminski)
- #4533 Fix an error when unpacking an associative array of model search criteria values (qzminski)
- #4527 Deprecate Contao\Request (Toflar)
- #4521 Fix the translation domain in the root page dependent select (leofeyer)
- #4456 Fix the record preview (bezin)
- #4437 Correctly resolve parameters when prepending bundle config (aschempp)
- #4451 Quote all schema names, same as we do for inserts (ausi)
- #4448 Skip row size calculation for MyISAM (ausi)
- #4447 Fix simple token parser default value for unknown variables (m-vo)
4.13.3 (2022-05-05)
Security fixes:
- CVE-2022-24899: Cross site scripting via canonical URL
4.13.2 (2022-03-31)
Fixed issues:
- #4431 Allow to purge the preview cache in the user profile (leofeyer)
- #4433 Always create an article if page has no layout (aschempp)
- #4426 Add the service subscriber tag to the correct controller (m-vo)
- #4303 Move the logic from LogoutHandler to LogoutSuccessListener (bytehead)
- #4301 Remove file title from sources element (CMSworker)
- #4425 Return the prefix-relative path when getting filesystem items from the VFS (m-vo)
- #4410 Use symfony/polyfill-intl-idn instead of true/punycode (leofeyer)
- #4179 Add a warning for too large database row sizes (ausi)
- #4297 Fix requireItem sorting (aschempp)
- #4346 Drop useless framework initialization (m-vo)
- #4397 Fix several VFS bugs (m-vo)
- #4398 Add missing annotations in ContentModel for showPreview (m-vo)
- #4311 Remove nullable response in controllers (aschempp)
- #4353 Ensure the decorated access decision manager shows up in profiler (Toflar)
- #4302 Always render protected pages in the pretty error screen listener (aschempp)
- #4376 Increase the speed of the functional tests (ausi)
- #4374 Fix minor typo in InsertTags (fritzmg)
- #4359 Fix code style for InsertTags::executeReplace (fritzmg)
- #4300 Fix symlink tests on Windows (m-vo)
- #4287 Fix the route sorting in the Route404Provider (leofeyer)
- #4288 Revert an accidental change in the cal_ templates (leofeyer)
- #4292 Ignore file symlinks when auto-mounting adapters (m-vo)
4.13.1 (2022-03-15)
Fixed issues:
- #4026 Fix multiple page controller routing issues (aschempp)
- #4281 Add missing isSortable checks to the picker widget (MarkejN)
- #4279 Fix bug with database query returing non-string types (ausi)
- #4272 Add a help wizard if the canonical URL fields are disabled (leofeyer)
- #4273 Adjust the "Recreate the XML files" description (leofeyer)
- #4270 Only shorten the main headline elements if necessary (leofeyer)
- #4275 Fix a potential PHP 8 incompatibility when generating a DCA column (qzminski)
- #4274 Fall back to the section key if there is no label (leofeyer)
- #4271 Correctly show all breadcrumb items (leofeyer)
- #4197 Fix some dynamic routes handling (aschempp)
- #4269 Use the correct web dir in the InstallWebDirCommand (leofeyer)
- #4268 Fix the type hint of the MessageCatalogue::isContaoDomain() method (leofeyer)
- #4267 Fix two minor issues in the install tool (leofeyer)
- #4158 Set DB server version in install tool (ausi)
- #4228 Improve the performance of contao:backup:create (Toflar)
- #4261 Fix SQL error in purge expired data cron (ausi)
- #4262 Fix SQL commands not supported in prepared statements (ausi)
- #4264 Make search accent insensitive (ausi)
- #4254 Fix infinite loop while loading of languages (rabauss)
- #4202 Fix the remaining image size labels (fritzmg)
- #4265 Use service_closure instead of lazy service (ausi)
- #4259 Avoid error if the DATABASE_URL environment variable is an empty string (qzminski)
- #4245 Decode equal sign when parsing query parameters of figure insert tag (m-vo)
- #4244 Make sure tl_content.type has an index (Toflar)
- #4216 Skip non-UTF-8 resources when syncing the DBAFS (m-vo)
- #4230 Fix undefined array index warnings for content elements and forms (fritzmg)
- #4224 Execute BackendTemplate#compile() when using the AbstractBackendController (m-vo)
- #4221 Fix the FigureRendererTest (aschempp)
- #4208 Lower max file size in Dbafs service (m-vo)
- #4183 Clarify the backup command description (Mynyx)
- #4162 Fix the widget height (leofeyer)
4.13.0 (2022-02-17)
New features:
Fixed issues:
- #4151 Make the
crontao.cron
service lazy (aschempp) - #4149 Use static description for commands (m-vo)
- #4133 Improve the preview links back end (aschempp)
- #4141 Support symlinks in the upload directory (m-vo)
- #4145 Fix time sensitive tests (ausi)
- #4126 Check return type of generateLabelRecord method (bezin)
- #4143 Do not use transactions for restoring backups (ausi)
- #4139 Adjust labels for root page dependent modules (bytehead)
- #4121 Show custom Twig templates in the back end dropdowns (m-vo)
- #4140 Add feed image size property doc comment (bezin)
- #4136 Increase the minimum version of the Composer runtime API (dmolineus)
- #4117 Do not add the element name to the PHP attribute in the maker bundle (leofeyer)
- #4134 Remove custom template option (bytehead)
4.13.0-RC3 (2022-02-11)
New features:
- #3990 Fast manual file sync for the back end (m-vo)
- #4004 Support virtual filesystem in CLI backup management (Toflar)
- #4042 Enable SQL strict mode by default (m-vo)
Fixed issues:
- #4099 Do not store record preview for DC_Folder instances (bezin)
- #4114 Allow DCAs without driver (leofeyer)
- #4113 Return an empty string if there is no driver (leofeyer)
- #4112 Skip all dot files when syncing the DBAFS (m-vo)
- #4103 Fix the color of bold strings inside error messages (leofeyer)
- #3992 Automatically generate Twig IDE auto-completion mappings (m-vo)
- #4096 Fix an undefiend array key (richardhj)
- #4065 Fix order of parameters in AsContentElement and AsFrontendModule constructors (m-vo)
- #4078 Fix 'Purge the preview cache' (path not found) (AlexanderWillner)
- #4095 Fix the logger service calls (SeverinGloeckle)
- #4094 Fix missing fallback for densities in preview factory (m-vo)
- #4093 Allow autowiring of preview factory (m-vo)
- #4074 Fix
contao:user:list
with empty database (AlexanderWillner)
4.13.0-RC2 (2022-02-08)
New features:
Fixed issues:
- #4052 Do not fetch similar pages with empty alias (aschempp)
- #4046 Encode binary data as hex literal in backup dump (ausi)
- #3994 Pre-render record preview for undo view on delete (bezin)
- #4057 Limit image width in tl_undo_preview (bezin)
- #4021 Fix time sensitive test (ausi)
- #4022 Add missing option showFilePreview to fileTree widget (ausi)
- #4049 Support \Attribute::TARGET_METHOD for our DI attributes (m-vo)
- #4060 Fix the missing request token in ModulePassword.php (dennisbohn)
- #4034 Fix 'Warning: Undefined array key 1' in insert tags (xprojects-de)
- #4032 Add a conflict for doctrine/dbal:3.3.0 (leofeyer)
- #4027 Also make the AvailableTransports service alias public (fritzmg)
- #4028 Fix replacing insert tags on non-strings (aschempp)
- #4030 Correctly handle parameter for requireItem (aschempp)
- #4001 Check
$objPage
inController::getTemplate()
(xprojects-de) - #4002 Add a better exception message if a page is unroutable (leofeyer)
- #4005 Fixed missing service name adjustments (Toflar)
- #3991 Fix an 'Attempt to read property "language" on null' warning (dennisbohn)
- #3987 Fix the available transports service (fritzmg)
- #4000 Make sure the
requestToken
variable is defined (leofeyer) - #3979 Sort the root IDs if there is a
sorting
column (leofeyer) - #3978 Change the root page icon in maintenance mode (aschempp)
- #3935 Allow Flysystem v3 (m-vo)
- #3975 Allow custom labels for the overview links (leofeyer)
- #3970 Handle quoted column names in the Statement class (leofeyer)
- #3969 Do not enable the maintenance mode for new pages (leofeyer)
- #3968 Correctly hash the preview file path (ausi)
- #3943 Generate useful error message on routing issues (aschempp)
- #3961 Gray out expired preview links (leofeyer)
- #3953 Fix the PackageUtil class (ausi)
- #3962 Fix the button alignment in the parent view (leofeyer)
- #3934 Fix the permission check for preview links (aschempp)
- #3949 Fix a leftover System::log call (fritzmg)
- #3952 Fix default log context for Email::sendTo (SeverinGloeckle)
- #3945 Make security.encoder_factory public again (bytehead)
4.13.0-RC1 (2022-01-17)
New features:
- #3613 Add a root page dependent module selector (bytehead)
- #3419 Add options to customize the layout inheritance for pages (SeverinGloeckle)
- #3774 Add a DBAFS service and integrate Flysystem (m-vo)
- #3872 Add front end preview links (aschempp)
- #3702 Add a system logger service (SeverinGloeckle)
- #3785 Show member groups for content elements when protected (fritzmg)
- #3684 Use the metadata for the player caption (fritzmg)
- #3180 Render be_main with custom back end controller (m-vo)
- #2959 Add the back end attributes and badge title to the preview toolbar (rabauss)
- #3498 Improve the undo module for better editor experience (bezin)
- #3926 Add CSS definitions for info texts in widgets (leofeyer)
- #3914 Show route path with regexp in page settings (aschempp)
- #3883 Improve the maintenance mode command (aschempp)
- #3848 Add file previews for downloads (ausi)
- #3644 Allow MODE_PARENT without child_record_callback (fritzmg)
- #3911 Support Typescript in the code editor (leofeyer)
- #3630 Support image sizes in news and calendar feeds (bezin)
- #3489 Add the "send newsletter" event (SeverinGloeckle)
- #3888 Deprecate System::getTimeZones() (ausi)
- #3843 Add route priority and allow the same page alias with different parameters (aschempp)
- #3862 Add an "overview page" field (leofeyer)
- #3889 Add generic toggle operation handling (aschempp)
- #3793 Allow creating nested folders in the file manager (leofeyer)
- #3737 Improve the system maintenance mode (Toflar)
- #3850 Add a backup retention policy (Toflar)
- #3729 Maintenance mode per root page (aschempp)
- #3628 Make image width and height overwritable in the upload widget (doishub)
- #3839 Remove page from index if "Do not search" is checked (aschempp)
- #3819 Add comments to our interfaces and abstract classes (leofeyer)
- #3812 Increase the length of URL fields (fritzmg)
- #3797 Allow previewing unroutable pages (aschempp)
- #3813 Replace ramsey/uuid with symfony/uid (m-vo)
- #3804 Always show debug log and fetch crawl status earlier (Toflar)
- #3798 Use unroutable pages types to limit queries (aschempp)
- #3605 Do not generate routes for error pages (fritzmg)
- #3660 Add Chosen to select menus in the backend DCA filters (qzminski)
- #3674 Add a DCA option to collapse inactive checkbox groups (SeverinGloeckle)
- #3604 Use the back end access voter instead of hasAccess() and isAllowed() (aschempp)
- #3615 Add the maker bundle (sheeep)
- #3727 Link parent elements in the back end breadcrumb trail (Toflar)
- #3750 Make Symfony 5.4 the minimum requirement (leofeyer)
- #3719 Forward error handling to routing controller (aschempp)
- #3614 Add a nonce to all string placeholders (m-vo)
- #3620 Deprecate the request_token insert tag (m-vo)
- #3631 Backup management on CLI (Toflar)
- #3611 Decorate the access decision manager (Toflar)
- #3706 Add a service ID linter and adjust the service IDs (leofeyer)
- #3686 Do not use FQCN service IDs for non-autowiring services (leofeyer)
- #3458 Add deprecations (ausi)
- #3603 Add a setting for allowed insert tags (ausi)
- #3619 Add PHP8 attributes for our existing service annotations (aschempp)
- #3659 Add a cache tag service for entity/model classes (m-vo)
- #3638 Add an insert tags service (ausi)
- #3622 Make replacing insert tags more granular (m-vo)
- #3472 Make the backend path configurable (richardhj)
- #3616 Support canonical URLs in the front end (Toflar)
- #3207 Relay statement parameters to doctrine dbal (ausi)
- #3617 Do not index documents if the canonical URL does not match (Toflar)
- #3625 Add a template element and module (ausi)
- #3609 Move the simple token parser into the String namespace (leofeyer)
- #3602 Add the HtmlDecoder service (leofeyer)
- #3606 Keep insert tags as chunked text and handle them in the HTML escaper (m-vo)
- #2892 Add constants for the DCA sorting modes and flags (bezin)
- #3535 Set the contao.web_dir parameter from composer.json (m-vo)
- #3230 Add blank insert tag argument to open links in new window (ausi)
- #3542 Support image formats AVIF, HEIC and JXL (ausi)
- #3523 Upgrade to Doctrine 3 (ausi)
- #3530 Replace patchwork/utf8 with symfony/string (leofeyer)
- #3391 Always show the parent trails in the tree view (Toflar)
- #3522 Optionally delete the home directory in the "close account" module (leofeyer)
- #3524 Add an event count to the event list (leofeyer)
- #3379 Add "Do Not Track" option to the Vimeo content element (MarkejN)
- #3445 Allow to pass the actual 40x page to the page type (aschempp)
- #3442 Change all occurrences of master (request) to main (aschempp)
- #3439 Use the PHP 7.4 syntax (leofeyer)
- #3436 Drop the contao/polyfill-symfony package (leofeyer)
- #3191 Use v2 of league/commonmark (Toflar)
- #3434 Update the dependencies and remove the BC layers (leofeyer)
Fixed issues:
- #3927 Explicitly set rootPaste, deprecate implicit rootPaste (ausi)
- #3937 Various small filesystem tweaks (m-vo)
- #3938 Remove remaining deprecations (bytehead)
- #3896 Improve the toggle operation (aschempp)
- #3909 Correctly handle types and empty values in DC_Table::save() (aschempp)
- #3929 Adjust the SERP preview formatting (leofeyer)
- #3916 Fixed tl_page permissions for routing fields (aschempp)
- #3912 Move the imgSize labels to the default.xlf file (leofeyer)
- #3917 Update maintenance response and add to preview endpoint (aschempp)
- #3905 Deprecate the PackageUtil class (leofeyer)
- #3829 Handle
$objPage
not being set in the InsertTags class (leofeyer) - #3892 Fix method name to get default token value (aschempp)
- #3891 Fix memory issues in the backup command (aschempp)
- #3884 Check for unpublished elements when generating the RSS feed (leofeyer)
- #3885 Unify the command output format (aschempp)
- #3873 Stop using BE_USER_LOGGED_IN constant (aschempp)
- #3871 Rename the token value method (aschempp)
- #3866 Fix some minor issues (leofeyer)
- #3865 Use generic image format labels (leofeyer)
- #3868 Set logout response depending on scope (bytehead)
- #3846 Fixed debug:pages command and show dynamic content composition (aschempp)
- #3858 Revert replacing insert tags in the template inheritance trait (leofeyer)
- #3859 Deprecate two global variables (leofeyer)
- #3863 Harden the Picker class against undefined array keys (leofeyer)
- #3861 Fix the back end pagination menu (leofeyer)
- #3845 Register a controller for error page types (aschempp)
- #3816 Rework the @throws annotations (leofeyer)
- #3835 Remove the alias field from unroutable pages (aschempp)
- #3837 Do not check on null as the username can be empty (bytehead)
- #3810 Use mode constants in Picker widget (bezin)
- #3801 Add a missing isset() when checking for the mailer DSN (aschempp)
- #3795 Fix issues with non-admin users (leofeyer)
- #3799 Make the page registry service public (aschempp)
- #3796 Correctly handle unroutable legacy types (aschempp)
- #3778 Ensure type-safety when replacing legacy insert tags (aschempp)
- #3765 Do not deprecate the autowiring aliases (leofeyer)
- #3695 Switch to Symfony's version of the Path helper (m-vo)
- #3764 Make the autowiring aliases of renamed services public (leofeyer)
- #3744 Show bubbled exceptions in the pretty error screen listener (aschempp)
- #3743 Fix the PasswordHasherFactory usage (bytehead)
- #3746 Upgrade symfony/security-bundle to 5.4 and fix TokenInterface usage (bytehead)
- #3735 Correctly fix a wrong method usage (leofeyer)
- #3723 Stop using the LegacyEventDispatcherProxy class (leofeyer)
- #3720 Fix security permissions for custom backend paths (aschempp)
- #3714 Do not unnecessarily fetch the PageRoute twice (aschempp)
- #3705 Fix a typo in a listener ID (leofeyer)
- #3691 Fix an array to string conversion (leofeyer)
- #3696 Lower the maximum insert tag recursion level (m-vo)
- #3680 Fix a wrong method usage (leofeyer)
- #3681 Fix the fragment handler (leofeyer)
- #3676 Replace FragmentRendererPass with tagged locator (aschempp)
- #3257 Fix the Symfony 5.3 security deprecations (bytehead)
- #3658 Correctly check whether the root page allows canonical URLs (leofeyer)
- #3645 Restore backwards compatiblilty for DB Statement (ausi)
- #3653 Do not block the
contao.backend
namespace (leofeyer) - #3643 Fix the DB query in the Versions class (leofeyer)
- #3641 Replace the remaining mode/flag numbers with constants (leofeyer)
- #3596 Fix the visible root trail check in the extended tree view (Toflar)