Kirby's core application folder
api
option for Sections to define API endpoints just like for fields #6246
<?php
return [
'thumbs' => [
'driver' => 'im',
'threads' => 2
]
];
value
prop of the k-login-view
component #6364
$helpers
docs #6257 #6287
media
attribute support for custom Panel favicons #5657
expand
, collapse
, divider
and chart
range
input #6253
calendar
, date
, time
, timoptions
inputs #6254
unsigned
option for integers. Defaults to true
to maintain backwards compatibility.size
option for varchars. Defaults to 255 to maintain backwards compatibility.float
type to create a floating point columns.decimal
type to create decimal columns with precision
and decimal_places
options. The new features are aimed at MySQL and are ignored in SQLite as they are not supported. Float and decimal both map to REAL
columns in SQLite.k-user-avatar
#6325
A::prepend()
now behaves the same as A::append()
(just opposite side) for non-associative arrays #6219
alpha
and hue
inputs: setting custom min
and max
props would break the inputs. Those props aren't falsely exposed anymore. #6251
colorname
input: props that were falsely exposed are now correctly unset #6255
search
input: props that were falsely exposed are now correctly unset #6256
null
value for Text\KirbyTag::parent()
#6220
Database\Query
: Fixed using BETWEEN
or NOT BETWEEN
in →where()
clause (thanks @SeriousKen) #6292
Date::round()
not taking timezone into account properly (thanks @SeriousKen) #6264
k-tabs
inline variable assignment #6324
Dir::inventory()
#6218
Cms\Blueprint
class #6206
v-bind
order #6333
mounted
lifecycle hooks instead of created
#6336
Dir::inventory()
with various number of page models #6218
Options
, Query
, Text
and partially Toolkit
packages tests, including additional tests for uncovered code #6220
Lab\Example::github()
linking to lab example file #6295
api
option for Sections to define API endpoints just like for fields #6246
<?php
return [
'thumbs' => [
'driver' => 'im',
'threads' => 2
]
];
value
prop of the k-login-view
component #6364
$helpers
docs #6257 #6287
media
attribute support for custom Panel favicons #5657
expand
, collapse
, divider
and chart
range
input #6253
calendar
, date
, time
, timoptions
inputs #6254
unsigned
option for integers. Defaults to true
to maintain backwards compatibility.size
option for varchars. Defaults to 255 to maintain backwards compatibility.float
type to create a floating point columns.decimal
type to create decimal columns with precision
and decimal_places
options. The new features are aimed at MySQL and are ignored in SQLite as they are not supported. Float and decimal both map to REAL
columns in SQLite.k-user-avatar
#6325
A::prepend()
now behaves the same as A::append()
(just opposite side) for non-associative arrays #6219
alpha
and hue
inputs: setting custom min
and max
props would break the inputs. Those props aren't falsely exposed anymore. #6251
colorname
input: props that were falsely exposed are now correctly unset #6255
search
input: props that were falsely exposed are now correctly unset #6256
null
value for Text\KirbyTag::parent()
#6220
Database\Query
: Fixed using BETWEEN
or NOT BETWEEN
in →where()
clause (thanks @SeriousKen) #6292
Date::round()
not taking timezone into account properly (thanks @SeriousKen) #6264
k-tabs
inline variable assignment #6324
Dir::inventory()
#6218
Cms\Blueprint
class #6206
v-bind
order #6333
mounted
lifecycle hooks instead of created
#6336
Dir::inventory()
with various number of page models #6218
Options
, Query
, Text
and partially Toolkit
packages tests, including additional tests for uncovered code #6220
Lab\Example::github()
linking to lab example file #6295
permalinksToUrls
method if a model for a UUID cannot be found #6165
dump
helper if it already exists. This fixes Kirby for Herd Pro users and other cases where dump is already defined by the environment #6250
k-icon-frame
#6315
toFiles
method by checking for valid file IDs #6318
open_basedir
#6316
This release fixes several vulnerabilities that were all responsibly reported to us in February 2024:
Thanks to Natwara Archeepsamooth (@PlyNatwara) for responsibly reporting the identified issues.
During our investigation of the security reports, we noticed that the documentation on the Markdown safe mode was inaccurate and incomplete.
The Markdown safe mode protects Markdown and KirbyText content from cross-site scripting (XSS) attacks. We have already documented the risk of raw HTML, however there are also risks in the Markdown syntax itself (e.g. malicious javascript:
links). These risks are also mitigated by the safe mode. So we strongly recommend this mode for all Kirby sites that might have potential attackers in the group of authenticated Panel users.
The documentation on the safe mode contained a wrong code example that used an invalid safeMode
option instead of the correct safe
option. This has now been corrected. If you already use the safe mode, please check your code.
➡️ Read more
$file->sharpen()
method for images #6227
Str::excerpt()
for texts without spaces #6215
k-button-group
wrap with long label line. #6231
layout: table
#6234
k-icon
component #6276
This release fixes several vulnerabilities that were all responsibly reported to us in February 2024:
Thanks to Natwara Archeepsamooth (@PlyNatwara) for responsibly reporting the identified issues.
During our investigation of the security reports, we noticed that the documentation on the Markdown safe mode was inaccurate and incomplete.
The Markdown safe mode protects Markdown and KirbyText content from cross-site scripting (XSS) attacks. We have already documented the risk of raw HTML, however there are also risks in the Markdown syntax itself (e.g. malicious javascript:
links). These risks are also mitigated by the safe mode. So we strongly recommend this mode for all Kirby sites that might have potential attackers in the group of authenticated Panel users.
The documentation on the safe mode contained a wrong code example that used an invalid safeMode
option instead of the correct safe
option. This has now been corrected. If you already use the safe mode, please check your code.
➡️ Read more
This release fixes several vulnerabilities that were all responsibly reported to us in February 2024:
Thanks to Natwara Archeepsamooth (@PlyNatwara) for responsibly reporting the identified issues.
During our investigation of the security reports, we noticed that the documentation on the Markdown safe mode was inaccurate and incomplete.
The Markdown safe mode protects Markdown and KirbyText content from cross-site scripting (XSS) attacks. We have already documented the risk of raw HTML, however there are also risks in the Markdown syntax itself (e.g. malicious javascript:
links). These risks are also mitigated by the safe mode. So we strongly recommend this mode for all Kirby sites that might have potential attackers in the group of authenticated Panel users.
The documentation on the safe mode contained a wrong code example that used an invalid safeMode
option instead of the correct safe
option. This has now been corrected. If you already use the safe mode, please check your code.
➡️ Read more
This release fixes several vulnerabilities that were all responsibly reported to us in February 2024:
Thanks to Natwara Archeepsamooth (@PlyNatwara) for responsibly reporting the identified issues.
During our investigation of the security reports, we noticed that the documentation on the Markdown safe mode was inaccurate and incomplete.
The Markdown safe mode protects Markdown and KirbyText content from cross-site scripting (XSS) attacks. We have already documented the risk of raw HTML, however there are also risks in the Markdown syntax itself (e.g. malicious javascript:
links). These risks are also mitigated by the safe mode. So we strongly recommend this mode for all Kirby sites that might have potential attackers in the group of authenticated Panel users.
The documentation on the safe mode contained a wrong code example that used an invalid safeMode
option instead of the correct safe
option. This has now been corrected. If you already use the safe mode, please check your code.
➡️ Read more
This release fixes several vulnerabilities that were all responsibly reported to us in February 2024:
Thanks to Natwara Archeepsamooth (@PlyNatwara) for responsibly reporting the identified issues.
During our investigation of the security reports, we noticed that the documentation on the Markdown safe mode was inaccurate and incomplete.
The Markdown safe mode protects Markdown and KirbyText content from cross-site scripting (XSS) attacks. We have already documented the risk of raw HTML, however there are also risks in the Markdown syntax itself (e.g. malicious javascript:
links). These risks are also mitigated by the safe mode. So we strongly recommend this mode for all Kirby sites that might have potential attackers in the group of authenticated Panel users.
The documentation on the safe mode contained a wrong code example that used an invalid safeMode
option instead of the correct safe
option. This has now been corrected. If you already use the safe mode, please check your code.
➡️ Read more
The page create dialog now allows to hide the title
and/or slug
field by defining a string template that will be used instead
create:
title: "{{ page.location }} – {{ page.date.toDate('M Y') }}"
slug: "{{ page.location.slug }}-{{ page.date.toDate('Y-m-d') }}"
Custom fields from the create dialog will be accessible through Kirby query starting with page.
(in this example the fields location
and date
. If no custom fields are defined, the create dialog will be skipped and the page immediately created. #6154
options
myColorField:
type: color
options:
type: query
query: kirby.option('my.colors')
// only values
return [
'my' => [
'colors' => [
'#3e3e3e',
'#aaa',
'#ddd',
]
]
];
// values -> labels
return [
'my' => [
'colors' => [
'#3e3e3e' => 'Color A' ,
'#aaa' => 'Color B',
'#ddd' => 'Color C',
]
]
];
When resizing images, you can now sharpen them. This often enhances the image quality when downscaling images.
$page->image('my-image.jpg')->thumb([
'width' => 300,
'height' => 200,
'sharpen' => true
]);
You can also pass an integer value to control the sharpening effect. Higher numbers create sharper images. The default is 50.
$page->image('my-image.jpg')->thumb([
'width' => 300,
'height' => 200,
'sharpen' => 25
]);
Thank you very much to @dgsiegel for implementing this feature. #6164
The link field now has proper previews in structure and object fields #5262
icon
option #6006
A::implode()
method that also handles nested arrays #6059
name
, the label
is now used as fallback #6137
panel.dialog.open({
component: "k-search-dialog",
props: {
type: "pages"
}
});
url
option not available #6145
avif
images #6141
mobile: true
are shown again in narrow viewports #6106
Str
class in slug field #6049
$store.content
: fix consistent id pattern #6057
field.isVisible()
: fix if statement #6098
Helpers::handleErrors()
correctly restores the original error handler even if an exception is thrown in the action #6105
F::size()
with non-existing file #6059
Session
data #6059
V::message()
with nested arrays #6059
Kirby/Api/Api
and Kirby/Form/Form
classes when no app object is loaded$store.content.id
when deleting page #6111
image: false
in blueprint for Panel preview images #6020
preview: fields
#6128
NaN
value after sorting files #6067
field
, options
, parent
, siblings
and params
inside structure fields #6181
$field->toStructure()->field()
now returns a copy of the structure field object as intended #6181
file
KirbyTag that references a non-existing file does not throw an exception anymore, when not text
attribute passed #6177
k-tag
component #5834
cancel-small
icon version #5834
$helper.link
#5834
max-width
#6189
k-bubble
to rounded-sm to be consistent with k-tag
. #6188
Panel::area()
#6217
this.$helper.array.
functions: fromObject
, sortBy
, split
, wrap
#6140
FileActionsTest
: static provider methods #6092
Kirby\TestCase
#6124
$value => $name
, e.g. #6152
options:
"#F8B195": "Sunny rays"
"#F67280": "First-love blush"
"#C06C84": "Cherry blossom"
"#6C5B7B": "Morning gloom"
"#355C7D": "Midnight rain"
$name => value
has been deprecated #6152
$helper.object.clone()
has been deprecated. Use the native structuredClone
function instead. #6086
Array.fromObject()
has been deprecated. Use this.$helper.array.fromObject()
instead.Array.wrap()
has been deprecated. Use this.$helper.array.wrap()
instead.myArray.sortBy()
has been deprecated. Use this.$helper.array.sortBy(myArray)
instead.myArray.split()
has been deprecated. Use this.$helper.array.split(myArray)
instead.ecmaVersion
for eslint parse #6174
Full Changelog: https://github.com/getkirby/kirby/compare/4.1.0-rc.2...4.1.0-rc.3