github craftcms/cms 6.0.0-alpha.12

pre-release3 hours ago
  • Updated core asset I/O to resolve Craft filesystem definitions and configured storage targets through Laravel filesystem disks.
  • Updated elevated session prompts to use the modern control panel frontend while preserving the legacy JavaScript APIs.
  • Login attempts are now rate limited.
  • Added Illuminate\Contracts\Translation\HasLocalePreference support to user elements, allowing Laravel notifications to use users’ Language preferences. (#19228)
  • Fixed a bug where site routes weren't being registered for each localized site value.
  • Fixed a bug where POST requests to the loginPath weren’t being handled properly. (#19220)
  • Fixed a bug where users were redirected to the previous page on logout. (#19220)
  • Fixed a bug where requests to the loginPath, setPasswordPath, and verifyEmailPath were getting redirected to the control panel. (#19229)
  • Fixed a bug where Laravel translation fallbacks weren’t applied when translationDebugOutput was enabled. (#19228)
  • Fixed a bug where custom plugin settings FormRequest classes could persist unvalidated settings. (#19228)
  • Fixed a bug where failed Craft API responses weren’t processing response headers. (#19228)
  • Fixed a bug where Craft plugin service providers could be skipped when the plugin’s Composer metadata also defined Laravel package discovery settings. (#19228)
  • Fixed a bug where event-registered user permissions weren’t getting saved. (#19232)
  • Fixed lifecycle leaks where asset, GraphQL, route token, user, and user permission state could persist in long-running application processes. (#19242)
  • Fixed moderate-severity authorization bypass vulnerabilities.
  • Fixed a low-severity authorization bypass vulnerability.
  • Fixed a low-severity XSS vulnerability.

Don't miss a new cms release

NewReleases is sending notifications on new releases.