packagist craftcms/cms 4.18.0
on PHP Packagist

latest releases: 6.0.0-alpha.2, 5.10.0
2 hours ago

Development

  • The |default Twig filter and is empty Twig test now treat all yii\base\Model instances as not empty. (#18727)
  • Added craft\filters\SecFetchSiteFilter for request origin verification. (#18641)
  • dataUrl() is no longer allowed in sandboxed Twig environments by default.

Extensibility

  • Removed craft\controllers\AppController::actionResourceJs(). (#18559)

System

  • Cross-domain script tags added by JavaScript are now loaded directly, rather than via a proxy. (#18559)
  • Updated the built-in composer.phar to 2.9.8. (#18761)
  • Fixed a moderate-severity JavaScript injection vulnerability. (GHSA-c55v-343g-5xff)
  • Fixed a moderate-severity path traversal vulnerability. (GHSA-287w-mxq6-x2cp)
Check out latest releases or
releases around craftcms/cms 4.18.0

Don't miss a new cms release

NewReleases is sending notifications on new releases.

Get notifications