Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump craftcms/cms from 3.6.3 to 3.8.6 in /src #18

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 26, 2023

Bumps craftcms/cms from 3.6.3 to 3.8.6.

Changelog

Sourced from craftcms/cms's changelog.

3.8.6 - 2023-04-04

  • Content tab menus now reveal when a tab contains validation errors, and invalid tabs’ menu options get the same warning icon treatment as inline tabs do. (#12971)
  • Element index bulk action spinners are now centered on the viewport. (#12972)
  • All control panel errors are new presented via error notifications rather than browser alerts. (#13024)
  • Fixed a bug where Assets fields weren’t respecting their View Mode setting when viewing entry revisions. (#12948)
  • Fixed a bug where some relational fields were showing duplicate selected relations. (#12949)
  • Fixed a bug where asset pagination was broken when there was more than 100 subfolders. (#12969)
  • Fixed a bug where entry index pages’ “Revision Notes” and “Last Edited By” columns weren’t getting populated for disabled entries. (#12981)
  • Fixed a JavaScript error that occurred when closing a disclosure menu within Live Preview. (#12992)
  • Fixed a bug where assets were getting relocated to the root volume folder when renamed. (#12995)
  • Fixed a bug where it wasn’t possible to preview entries on another domain when the system was offline. (#12979)
  • Fixed a bug where users were able to access volumes they didn’t have permission to view via Assets fields. (#13006)
  • Fixed a bug where soft hyphens, non-breaking spaces, zero-width characters, invisible characters, and byte order marks weren’t getting stripped from sanitized asset filenames. (#13029)
  • Fixed a bug where the Plugin Store wasn’t accurately reporting installed plugins’ license statuses. (#12986)
  • Fixed a bug where the Plugin Store wasn’t handling 403 API responses for cart operations properly, once a cart had been handed off to Craft Console and assigned to an organization. (#12916)
  • Fixed an XSS vulnerability.

3.8.5 - 2023-03-21

  • Fixed a bug where relation data was getting deleted when running garbage collection on PostgreSQL. (#9905)
  • Fixed a bug where Lightswitch fields’ “OFF Label” and “ON Label” settings weren’t getting translated. (#12942)
  • Fixed a bug where craft\events\DefineUserContentSummaryEvent::$userId was never set for craft\controllers\EVENT_DEFINE_CONTENT_SUMMARY events. (#12944)
  • Updated svg-sanitizer to 0.16. (#12943)

3.8.4 - 2023-03-20

  • The |json_encode Twig filter now calls craft\helpers\Json::encode() internally, improving error handling. (#12919)
  • craft\helpers\Json::encode() no longer sets the JSON_UNESCAPED_SLASHES flag by default.
  • Fixed a JavaScript error that occurred when resolving an asset move conflict. (#12920)
  • Fixed a bug where volume subfolders were being shown when viewing soft-deleted assets. (#12927)
  • Fixed a bug where structure data was getting deleted when running garbage collection on PostgreSQL. (#12925)

3.8.3 - 2023-03-16

  • Customize Sources modals no longer hide when the Esc key is pressed on the surrounding area is clicked on. (#12895)
  • Added craft\helpers\FileHelper::uniqueName().
  • Fixed an error that occurred when uploading an asset with a filename over 250 characters long. (#12889)
  • Fixed an error that could occur when preparing licensing alerts, if any licenses were invalid. (#12899)
  • Fixed a bug where it wasn’t possible to drag nested Neo blocks. (#12896)
  • Fixed a bug where fields with reduced widths in Matrix blocks were becoming full-width while dragged. (#12909)
  • Fixed a bug where multi-edition plugins weren’t showing their edition labels within the Plugin Store cart. (#12910)

3.8.2 - 2023-03-14

  • Fixed a bug where it wasn’t always possible to access entry or category edit pages if the slugWordSeparator config setting was set to /. (#12871)
  • Fixed a bug where craft\helpers\Html::parseTagAttribute() wasn’t decoding attribute values, which could lead to double-encoded attributes, e.g. when using the |attr filter. (#12887)
  • Fixed XSS vulnerabilities.
  • Fixed an SSRF vulnerability.

... (truncated)

Commits
  • 7a72e1b Finish 3.8.6
  • 11ce692 Merge pull request #13038 from craftcms/fix-uncaught-org-cart
  • 3060707 Release note
  • 074d0f3 Merge branch 'v3' into fix-uncaught-org-cart
  • 60e070c Merge pull request #13023 from craftcms/fix-purchase-showing-as-trial
  • aa948d5 Release note
  • 4424cc4 Merge branch 'v3' into fix-purchase-showing-as-trial
  • efe5556 Merge pull request #13029 from craftcms/bugfix/13022-sanitize-filename
  • cc12386 Release note
  • c3b4ef8 Merge branch 'v3' into bugfix/13022-sanitize-filename
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [craftcms/cms](https://github.com/craftcms/cms) from 3.6.3 to 3.8.6.
- [Release notes](https://github.com/craftcms/cms/releases)
- [Changelog](https://github.com/craftcms/cms/blob/3.8.6/CHANGELOG.md)
- [Commits](craftcms/cms@3.6.3...3.8.6)

---
updated-dependencies:
- dependency-name: craftcms/cms
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels May 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file php Pull requests that update Php code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants