Added craft\helpers\App::parseEnv() and parseBooleanEnv(), replacing their Craft class counterparts. (#10319)
Changed
The Users index page now updates the URL based on the selected source. (#10336)
Live Preview no longer reloads the iframe when the device type is changed. (#10353)
admins, all, and new are now reserved user group handles.
The content in the resourcepaths table is now excluded from database backups by default.
User caches are now invalidated after login attempts. (#10313)
Assets fields’ “Upload files” buttons now have aria-describedby attributes when appropriate.
Color fields’ hex inputs now have aria-label attributes.
Field status messages are now included in their aria-describedby attributes.
User queries will no longer exclude suspended users when status('pending') is passed. (#10361)
Template autosuggest fields now include suggestions for templates in custom site template roots. (#10372)
Deprecated
Deprecated Craft::parseEnv(). craft\helpers\App::parseEnv() should be used instead.
Deprecated Craft::parseBooleanEnv(). craft\helpers\App::parseBooleanEnv() should be used instead.
Fixed
Fixed a bug where admin tables were displaying titles incorrectly.
Fixed a bug where aria-describedby attributes were getting namespaced incorrectly when they referenced multiple IDs.
Fixed a bug where “View” links on Edit Entry pages weren’t getting updated when the entry’s preview target URLs changed. (#10257)
Fixed a bug where craft\base\ApplicationTrait::getIsMultiSite() would return false on the front end, if there was only one enabled site, but additional disabled sites.
Fixed a bug where craft\base\Element::getSite() would throw an exception on the front end, if the element belonged to a disabled site.
Fixed a bug where craft\services\Sites::getEditableSiteIds() would exclude disabled sites on the front end.
Fixed a bug where validation errors referenced by aria-describedby attributes weren’t getting read out by VoiceOver. (#10355)
Fixed a bug where element queries’ withQueries properties were ignored. (#10359)
Fixed a bug where fatal PHP errors were not logged to stderr when the CRAFT_STREAM_LOG PHP constant was set to true. (#10366)
Fixed a bug where Dropdown fields with invalid data would not always display a blank option. (#10365)
Security
Fixed an XSS vulnerability.
3.7.28 - 2022-01-05
Changed
Updated Yii to 2.0.44.
Fixed
Fixed a Composer error that could occur if composer.craftcms.com was missing an expected package/version, but Packagist knew about it. (#10311)
Fixed a PHP error that could occur when querying for Matrix blocks. (#10315)
Fixed a bug where Single sections’ drafts would get deleted when their section settings were updated. (#10307)
Fixed an error that could occur on the Dashboard if there were any Quick Post widgets that included a Title field. (#10314)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/craftcms/commerce-paypal/network/alerts).
dependabot[bot]
commented
2 years ago
Bumps craftcms/cms from 3.7.23 to 3.7.29.
Changelog
Sourced from craftcms/cms's changelog.
... (truncated)
Commits
a54e725Merge branch 'release/3.7.29'4bff254Finish 3.7.292c44488Merge pull request #10375 from craftcms/fix-optional-param-order-php-8280d2e4Fix most "optional before required param" warningsc566aa1Merge branch 'develop' into fix-optional-param-order-php-841fb3c3Fix optional arg with no defaultd70a84bMerge pull request #10373 from craftcms/fix-invalid-dropdown-valuesfe25e04Suggest templates in custom site template roots33b154eFixed untranslated message6a46f84TypoDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/craftcms/commerce-paypal/network/alerts).