Released version 3.3.0-RC

Nette Application 3.3 modernizes the foundations: PHP 8.3+ and Latte 3.1, more reliable CSRF protection driven by the browser itself, and a default presenter mapping that finally matches the structure used throughout the documentation. It also clears out a pile of long-forgotten legacy. Please test the RC and report anything that breaks before the stable release.

💥 Breaking Changes

• PHP 8.3 – 8.5 and Latte 3.1 are now required
• More reliable CSRF protection – same-origin is now verified via the browser's Sec-Fetch-Site header instead of a SameSite cookie.
• Default presenter mapping is now App\Presentation\*\**Presenter
• Application::processRequest() returns a Response instead of sending it itself (#350) – sending is handled by run(). This enables long-running runtimes (RoadRunner, FrankenPHP) and PSR integration.
• Presenter::getRequest() throws instead of returning null when the presenter isn't running yet
• LatteFactory::create() now takes ?Control – update any custom LatteFactory implementation to the new create(?Control $control = null) signature.
• Removed {ifCurrent} – use {if isLinkCurrent('...')}.
• Removed compatibility with old class names such as PresenterComponent and IRouter.

⚠️ Deprecations

Mostly very old curiosities that few people knew existed – they still work but now emit a deprecation notice:

• @annotations → PHP attributes: @persistent → #[Persistent], @crossOrigin → #[Requires(sameOrigin: false)], @deprecated → #[Deprecated].
• Array access on RouteList – $router[] = new Route(...) and friends are replaced by $router->addRoute(...) / getRouters().
• Query string in a link destination – link('Product:detail?id=1') should pass arguments instead: link('Product:detail', ['id' => 1]).
• Component::getParameter() second $default argument – use the ?? operator instead.
• Some magic properties ($presenter->view, $layout, $request, $session…) – use the getters.

✨ New Features

• Set the URL fragment straight from arguments – link('Product:detail', ['#' => 'reviews']) produces ...#reviews. The value is URL-encoded, must be scalar, and isn't passed on as a request parameter.
• New Presenter::completeTemplate() – a protected method extracted from sendTemplate() that you can override to inject shared variables or set the template file before rendering.