This project adheres to Semantic Versioning.
5.1.11 (2023-08-01)
Fixed issues:
- #6263 Ensure absolute URLs in the PageRedirect class (leofeyer)
- #6253 Correctly set the link title in the hyperlink controller (leofeyer)
- #6254 Ensure the PID in the favorites listener is an integer (leofeyer)
- #6201 Favorites voter must not grant access (aschempp)
- #6210 Decode HTML entities in feed item titles (bezin)
- #6183 Unset PID for copy button callbacks (aschempp)
- #6230 Set the correct type on model ID (aschempp)
- #6225 Skip type error when trying to assign DCA label to string (aschempp)
- #6242 Replace the token in the storage for front end authentication (ausi)
5.1.10 (2023-07-25)
Security fixes:
- CVE-2023-36806: Cross site scripting in widgets with units
5.1.9 (2023-07-10)
Fixed issues:
- #6178 Correctly encode URLs in the sitemap (aschempp)
- #6173 Increase Symfony filesystem dependency version (ausi)
- #6177 Remove field permissions on favorites table (aschempp)
5.1.8 (2023-06-21)
Fixed issues:
- #6136 Log the bad credentials exception in the security channel (bytehead)
- #6147 Support vimeo unlisted video privacy hash (ausi)
- #6083 Skip insert tags when converting relative URLs (leofeyer)
- #6093 Fix a typo in the
_download
component (fritzmg) - #6112 Allow saving serialized strings in DC_File again (zoglo)
5.1.7 (2023-05-25)
Fixed issues:
- #6076 Add a title to the collapsed element button (aschempp)
- #6046 Improve the main navigation hover style (aschempp)
- #6047 Pass the ID to
getCurrentRecord()
in "override all" mode (leofeyer) - #5998 Fix the list and table wizards in news and events (leofeyer)
5.1.6 (2023-05-03)
Fixed issues:
5.1.5 (2023-05-02)
Fixed issues:
- #6000 Add a double encoding setting to the HtmlAttributes class (ausi)
- #5980 Unwrap response exceptions thrown while rendering a template (m-vo)
- #5981 Use the title instead of the filename in the download component (m-vo)
5.1.4 (2023-04-25)
Security fixes:
- CVE-2023-29200: Directory traversal in the file manager
Fixed issues:
5.1.3 (2023-04-19)
Fixed issues:
- #5963 Correctly count the skipped recipients (leofeyer)
- #5964 Add the header.svg and settings.svg icons again (leofeyer)
- #5946 Load the default language when generating the calendar feeds (leofeyer)
- #5960 Prevent double slashes in version URLs (leofeyer)
- #5949 Add the "adjustDca" load callback to tl_news_archive again (leofeyer)
- #5941 Do not treat subdirectories of Twig namespace roots as template paths (m-vo)
- #5922 Correctly pass null values in findBy queries (ausi)
5.1.2 (2023-04-04)
Fixed issues:
- #5921 Fix bug in Hybrid::generate() with missing ID (ausi)
- #5919 Add a unit test for invalid files to the ImagesController (m-vo)
- #5916 Filter non-image files in the ImagesController (leofeyer)
- #5906 Handle
null
in thehtml.html.twig
template (fritzmg) - #5897 Handle basic entities in the SERP preview (leofeyer)
- #5900 Allow using basic entities in texts (heimseiten)
- #5895 Allow using basic entities in headlines (leofeyer)
- #5804 Add the missing data container permission checks (aschempp)
- #5885 Always allow toggling a field that is not excluded (aschempp)
5.1.1 (2023-03-16)
Fixed issues:
- #5788 Add the TokenDeauthenticatedListener (bytehead)
- #5870 Explicitly set the legacy template in the TwoFactorController (m-vo)
- #5857 Fix the split button alignment (leofeyer)
- #5819 Surround the
togglePassword
images with a button (cliffparnitzky) - #5840 Fix deleting multiple records (Toflar)
- #5838 Add missing type hints to translation classes (ausi)
- #5821 Remove tl_settings.doNotCollapse (aschempp)
- #5828 Return BinaryFileResponse when handling downloads (m-vo)
- #5780 Fix PHPUnit deprecation warnings (m-vo)
- #5803 Move the favorites voter to the correct namespace (aschempp)
5.1.0 (2023-02-16)
Fixed issues:
5.1.0-RC3 (2023-02-09)
5.1.0-RC2 (2023-01-27)
Fixed issues:
- #5704 Do not require overwriting the console path (leofeyer)
- #5714 Use the HTML sanitizer component as Twig filter (ausi)
- #5697 Fix the module wizard (leofeyer)
- #5703 Fix the Gulp watch task (fritzmg)
- #5702 Make
$consolePath
a required argument (leofeyer) - #5695 Use two different icons for light and dark mode (leofeyer)
- #5691 Correctly toggle the favorites menu group (leofeyer)
- #5687 Move the dark mode toggle to the header bar (leofeyer)
- #5689 Make console_path a general Contao configuration (Toflar)
- #5690 Fix the icons when toggling structures in dark mode (leofeyer)
5.1.0-RC1 (2023-01-13)
New features:
- #4847 Add a new feed reader implementation (bezin)
- #5682 Allow to pass an array of allowed attributes to Input::stripTags() (leofeyer)
- #5672 Add more back end grid classes (leofeyer)
- #5673 Add an attributes_callback for DCA fields (aschempp)
- #5671 Allow a minimum amount of workers for autoscaling (Toflar)
- #3694 Add the URI and page ID to log entries (SeverinGloeckle)
- #5427 Check the administrator e-mail address (fritzmg)
- #5405 Introduce background workers (Toflar)
- #5631 Implement a dark scheme toggle (aschempp)
- #5368 Enable the login rate limit (bytehead)
- #5598 Also minify the core.js and mootao.js scripts with Webpack (leofeyer)
- #5031 Add a dark mode for the back end (leofeyer)
- #4936 Support the native date input type for text fields in the form generator (fritzmg)
- #5307 Add a confirmation message to forms and provide Ajax out of the box (qzminski)
- #4898 Add error handling to the form data processing (rabauss)
- #5425 Allow sorting DCA fields ascending and descending (aschempp)
- #5417 Add a button to copy multiple records and paste them multiple times (aschempp)
- #5591 Remove localconfig.disableCron in favor of a new zero config approach (Toflar)
- #5602 Adjust the name of the default guests group (leofeyer)
- #5116 Add the MemberActivationMailEvent (fritzmg)
- #5478 Add the
#[\SensitiveParameter]
attribute (ausi) - #5371 Allow to set the locale in
Template::trans
(fritzmg) - #5609 Improve the content elements view (leofeyer)
- #5607 Use CSS variables for all colors and CSS classes instead of inline styles (leofeyer)
- #5592 Add a favorites menu in the back end (leofeyer)
- #5594 Also add the new "idempotent actions" logic to DC_Folder (leofeyer)
- #5406 Add stimulus controllers in the back end (aschempp)
- #5554 Add support for async CLI cron jobs (Toflar)
- #5461 Disable the request token check for idempotent actions (aschempp)
- #5364 Allow defining a default search field (leofeyer)
- #5403 Add a user option to not collapse content elements (aschempp)
- #5379 Use sendfile for local files downloads (m-vo)
- #5359 Change the default value for tl_layout.viewport (leofeyer)
- #5347 Add a markdown help text (leofeyer)
- #5304 Add a lock overlay for protected articles (leofeyer)
Fixed issues:
- #5683 Fix the skippable cronjobs (fritzmg)
- #5680 Add isRequired() for desired_size and max settings on workers (Toflar)
- #5679 Add a default value for the worker "min" configuration (Toflar)
- #5670 Do not add the request token to idempotent actions (leofeyer)
- #5666 Skip cron execution for minutely cron and messenger cron in web scope (Toflar)
- #5653 Fix the tree indentation (leofeyer)
- #5652 Only hide the dark/light theme icons via CSS (leofeyer)
- #5647 Ensure Doctrine connections are closed after message handling (Toflar)
- #5646 Use enumNode instead of custom validation (Toflar)
- #5597 Correctly open and close tree nodes if there is a filter (leofeyer)
- #5593 Fix the
aria-hidden
attribute in the tips.js file (leofeyer)