Activity
From 2022-09-02 to 2022-10-01
2022-10-01
-
21:33 Revision 18f0d7e9: [TASK] Drop CKEditor4 related resources
- Some plugins and integrations have been kept on purpose
in #96874, in order to keep the patch small.
All CKEditor4 r... -
20:17 Revision 4c6d5fdf: [!!!][FEATURE] Integrate CKEditor5 as new RTE
- This change adds CKEditor v5, which is a completely new
editor compared to the previous CKEditor 4. It works without
... -
- Having manually(!) enabled "enhanced spell checking" in browsers,
can lead to scenarios where password data is sent t... -
19:11 Revision 71125625: [TASK] Remove leftover requireJS implementation of CKEditor
- CKEditor does not use RequireJS anymore since
https://review.typo3.org/c/Packages/TYPO3.CMS/+/72733
regardless of any... -
- When running in composer-mode TYPO3 can benefit
from having most PHP code outside of the document root,
making TYPO3 ... -
13:43 Revision f1d81ff7: [TASK] styleguide: Migrate type=inline with foreign_table=sys_file_reference to type=file
- https://github.com/TYPO3-CMS/styleguide/pull/355
https://review.typo3.org/c/Packages/TYPO3.CMS/+/75916 -
- Composer-based installations will now have their
extensions within composers' vendor folder
instead of typo3/sysext/ ... -
12:41 Revision 42a7949c: [TASK] Improve usability of logicalAnd and logicalOr
- Due to the improved strictness of the API the query
methods logicalAnd and logicalOr required at least
two parameters... -
12:34 Revision 9796eb13: [TASK] styleguide: Remove "TCEforms" wrapper in FlexForm definitions
- https://review.typo3.org/c/Packages/TYPO3.CMS/+/73835
-
12:19 Revision 189766c3: [TASK] styleguide: Temporarly disable acceptance tests with PHP8.2
- TYPO3 recently added the dependency `firebase/php-jwt`, which
contains a PHP8.2 deprecation. Thus acceptance tests ar... -
- GitHub actions tends to cancel remaining matrix jobs, if
one or more jobs has already failed, even if the w'd be
gree... -
09:17 Revision 44fc4f5e: [BUGFIX] Correct "additionalParams" handling in PageViewHelpers
- ViewHelpers f:link.page and f:uri.page in non-Extbase
context don't handle "additionalParams" correctly
since #98484,... -
- With the upgrade to codemirror v6 in #96575 it was forgotten to
remove the RequireJS configuration that is no longer ... -
- The example tasks "sleep" and "test" have been removed.
They were introduced in 2009 when EXT:scheduler was added
to ...
2022-09-30
-
18:16 Revision 6c8a89a6: [!!!][TASK] Make sys_template not workspace aware
- The patch makes table "sys_template" no longer
obey workspaces: The workspace related fields
are gone and the overlay... -
13:14 Revision 3d6c7357: [BUGFIX] Drop obsolete devbridge-autocomplete patch
- With #98455, the package devbridge-autocomplete was removed, but a
patch file was forgotten, leading to a warning dur... -
- This change updates rollup and installs
some further devDependencies we need
for optimizations in CKEditor5.
Used co... -
11:10 Revision 616e958f: [FEATURE] Auto creation of database fields for TCA "slug"
- Create database fields for TCA type `slug` columns automatically
if they have not already been defined.
Resolves: #9... -
08:02 Revision 89182fa0: [!!!][BUGFIX] Set password forgot hash based on user uid in ext:felogin
- When the forgot password function is used, TYPO3 looks up the affected
frontend user record by either the email addre...
2022-09-29
-
- The StandaloneView has a very unfortunate flaw in
__construct(): It creates an Extbase Request by
default without ask... -
- Field 'pid' in TCA tables should not allow
negative integer values anymore since "pid -1"
values have been removed fr... -
14:06 Revision ad2d8405: [BUGFIX] Prevent undefined array key in TimeTracker
- Resolves: #98421
Releases: main, 11.5
Change-Id: I069ae69d4d396883393f76b1c9cf1b1cacaa0f9d
Reviewed-on: https://revie... -
- Resolves: #98421
Releases: main, 11.5
Change-Id: I069ae69d4d396883393f76b1c9cf1b1cacaa0f9d
Reviewed-on: https://revie... -
- Avoid PHP warning if pageRow is empty, i.e. no 'editlock' can be checked.
Releases: main, 11.5
Resolves: #98459
Chan... -
- Avoid PHP warning if pageRow is empty, i.e. no 'editlock' can be checked.
Releases: main, 11.5
Resolves: #98459
Chan... -
- This patch migrates the auto-suggest feature used in FormEngine to a
custom implementation incorporating web componen... -
- Resolves: #98465
Related: #98426
Releases: main
Change-Id: I3d963f20b2b6212a36a6912f439aa19e1fc71383
Reviewed-on: htt... -
- Resolves: #98466
Releases: main
Change-Id: Idccac90e9915e078b0097f2c7af5ec708b5a0e1c
Reviewed-on: https://review.typo... -
- This change uses the core UriBuilder and LinkFactory (FE)
for creating links in f:link.page and f:uri.page to avoid
b... -
- The UX team discusses internally whether the existing shortcut to open
the live search (Shift+Shift) introduced in #9... -
- Added tests for malformed JWT-like literals.
Resolves: #98473
Related: #97305
Releases: main
Change-Id: Ida62075c4bf... -
- The preview mode selector doesn't change its width anymore based on the
largest element available as the behavior may... -
- A CSRF-like request-token handling has been introduced, to
mitigate potential cross-site requests on actions with sid... -
- Property $type is set by a required
constructor argument and needs no default.
Resolves: #98472
Releases: main
Chang... -
- FormProtectionFactory has a static instance cache
that potentially leaks state in between tests.
The patch adds a cou... -
- FormProtectionFactory has a static instance cache
that potentially leaks state in between tests.
The patch adds a cou...
2022-09-28
-
14:46 Revision 709e7dab: [BUGFIX] Remove global css from form-framework specific css
- During the removal of font-awesome, the global CSS was
included in the form-specific CSS. We are now removing it
agai... -
- The inclusion of the global CSS variables into the
SCSS variables were flawed from the very beginning.
The include re... -
- Parent modules are now indicating correctly
that a submodule has been selected and
active.
Resolves: #98458
Releases... -
- jQuery and jQuery UI is now removed from EXT:viewpage. jQuery UI was
used to make the preview frame resizable, which ... -
- Extension 'recordlist' is a must-have extension that
is part of 'minimal usable system' and always loaded:
Especiall... -
- In order to further simplify FlexForm definitions,
the superfluous array key "TCEforms" is now removed
and not evalua... -
- The label in the extension manager must be adopted as
t3x is not allowed anymore since #92590.
Resolves: #98438
Rela... -
- The label in the extension manager must be adopted as t3x is not allowed
anymore since #92590.
Furthermore, the uploa... -
- Resolves: #98368
Releases: main
Change-Id: Ibdda66047e4b6eb55bca4cdbf217d045033e54b5
Reviewed-on: https://review.typo...
2022-09-27
- 20:21 Revision 08f7463b: [FEATURE] Introduce AfterRecordSummaryForLocalizationEvent
- this adds a new PSR-14 Event into the LocalizationController
allowing extension authors to modify the whole payload i... -
- The field `pages.alias` is removed for quite some but still used for the search in field `group_db_10`.
The usage of ... -
- Prefer loading a single variable font file for normal
and italic versions of Source Sans 3 instead of dedicated
ones ... -
- The typo3-docheader declarations are not
used and can be removed.
Resolves: #98446
Releases: main
Change-Id: I4b1c77... -
09:34 Revision 3f3b32c3: [BUGFIX] Consider filemounts from groups
- The filemounts from groups are used when a backend user logs in.
Resolves: #98440
Releases: main, 11.5
Change-Id: I1... -
- The hook $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['GLOBAL']['recStatInfoHooks']
is removed from Page Module and List... -
- The filemounts from groups are used when a backend user logs in.
Resolves: #98440
Releases: main, 11.5
Change-Id: I1...
2022-09-26
-
14:56 Revision 847a9638: [!!!][TASK] Resolve most #[ReturnTypeWillChange] attributes
- Sets return types for most classes that implement
PHP SPL classes. Only "mixed" return types are not
set: That would ... -
- Method descriptions are added from the changelog here:
https://docs.typo3.org/c/typo3/cms-core/main/en-us/Changelog/1... -
- EXT:workspace User TSconfig options "options.workspaces.swapMode"
and "options.workspaces.changeStageMode":
* They a... -
- Add static library functions that allow using base64url-compliant
values (according to https://tools.ietf.org/html/rf... -
10:49 Revision 272d28d8: [BUGFIX] Improve error message when the FlexForm file is not found
- Releases: main
Resolves: #98433
Change-Id: Iadd221621d10ba960c26ad085288657d05d673e4
Reviewed-on: https://review.typo... -
- Add static library functions that allow using base64url-compliant
values (according to https://tools.ietf.org/html/rf... -
- https://github.com/TYPO3-CMS/styleguide/pull/352
see https://review.typo3.org/c/Packages/TYPO3.CMS/+/74183
2022-09-23
-
19:48 Revision ac1703ae: [BUGFIX] Restore and streamline auth log with MFA
- MFA was preventing the login log entry to be written
as after successful username/password auth MFA was
triggered wit... -
- The controls of EXT:viewpage have several glitches which are fixed in
this patch:
* Setting a custom width now prope... -
- MFA was preventing the login log entry to be written
as after successful username/password auth MFA was
triggered wit... -
- The controls of EXT:viewpage have several glitches which are fixed in
this patch:
* The label of the "Custom" preset... -
- Support for non JavaScriptModuleInstruction RequireJS invocations
in FormEngine has been dropped in #96221, but the s... -
- The method DashboardInitializationService::getRequireJsModules()
triggers a deprecation error, but is is actually in ...
2022-09-22
-
- The New Record Wizard shows the correct header for
the "system" group again.
The change preserves the group's title ... -
- This patch greatly improves the performance of the
"View Upgrade Documentation" module in the Install Tool.
The foll... -
- The New Record Wizard shows the correct header for
the "system" group again.
The change preserves the group's title ... -
- Resolves: #98412
Releases: main, 11.5
Change-Id: Idcb0a18ece3162940e0c883d41f0f2f9e1a740bd
Reviewed-on: https://revie... -
- Resolves: #98418
Releases: main, 11.5
Change-Id: Ic97959c358978b2032e5fa18aaec915552e2ff1a
Reviewed-on: https://revie... -
- Resolves: #98412
Releases: main, 11.5
Change-Id: Idcb0a18ece3162940e0c883d41f0f2f9e1a740bd
Reviewed-on: https://revie... -
- Public property BackendUserAuthentication->workspace is
always an integer and should be declared as such. This
avoids... -
- Resolves: #98418
Releases: main, 11.5
Change-Id: Ic97959c358978b2032e5fa18aaec915552e2ff1a
Reviewed-on: https://revie... -
- Resolves: #98406
Releases: main, 11.5
Change-Id: I856ebd36c1f8c8906fa6b23834704bd2ee5531ad
Reviewed-on: https://revie... -
- Resolves: #98406
Releases: main, 11.5
Change-Id: I856ebd36c1f8c8906fa6b23834704bd2ee5531ad
Reviewed-on: https://revie... -
- To make datetimer picker buttons focus the belonging textfield, the
buttons were rendered as `<label>` which is a ver... -
- Resolves: #98274
Releases: main, 11.5
Change-Id: I75e778b7c57ac5c165045aaec40c6f134c3ddb72
Reviewed-on: https://revie... -
- Resolves: #98243
Releases: main, 11.5
Change-Id: I4347b6f293e582d00cffa4105d5a2641bf425bf9
Reviewed-on: https://revie... -
- Resolves: #98274
Releases: main, 11.5
Change-Id: I75e778b7c57ac5c165045aaec40c6f134c3ddb72
Reviewed-on: https://revie... -
- A new feature flag "yamlImportsFollowDeclarationOrder"
was introduced with #92100 which was available in TYPO3 v10 an... -
- Resolves: #98243
Releases: main, 11.5
Change-Id: I4347b6f293e582d00cffa4105d5a2641bf425bf9
Reviewed-on: https://revie... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- Tags attached to Changelog documentation files are
used in the install tool "View Upgrade Documentation"
as filters.
... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- Tags attached to Changelog documentation files are
used in the install tool "View Upgrade Documentation"
as filters.
... -
- As relative paths to the Source Sans font are used, this leads to errors
in the backend module of EXT:form as the pat...
2022-09-21
-
- Resolves: #98248
Releases: main, 11.5
Change-Id: I365236b8aa959db5092a7c8ba1731674b12f053c
Reviewed-on: https://revie... -
- Resolves: #98248
Releases: main, 11.5
Change-Id: I365236b8aa959db5092a7c8ba1731674b12f053c
Reviewed-on: https://revie... -
- With #92715 the structure of the link types array
was unified to always use the types as array values.
This patch ad... -
- All buttons on the left side of the docheader
should get a label to describe the functionality better.
In the next st... -
- This change renames variables and splits up
some logic in AbstractUserAuthentication in order
to allow further change... -
- With #92715 the structure of the link types array
was unified to always use the types as array values.
This patch ad... -
- This introduces a new PSR-14 event, enabling
extension authors to modify the user access
decision for creating / edit... -
- Due to cleanups some, usages of Extbase's Request
and UriBuilder can be removed.
Resolves: #98398
Releases: main
Cha... -
- The package `source-sans-pro` was renamed to `source-sans` in September
2020. npm annotates this deprecation during i... -
- Resolves: #98397
Releases: main
Change-Id: Id3c3ee0a9de93062840ee0acc39a8c8917326535
Reviewed-on: https://review.typo... -
- With TYPO3 v11, a new feature flag "subrequestPageErrors"
was added to avoid external requests when loading error pag... -
13:36 Revision f24de0da: [BUGFIX] Allow sorting of pages on root level
- This patch takes care of a missing id in the request, which is the case
for the rootpage.
Resolves: #98392
Releases:... -
- Resolves: #98395
Releases: main, 11.5
Change-Id: If2a8fba27d4a6250114b591055e3f49d603881d5
Reviewed-on: https://revie... -
- Do not expect all properties to already exist.
Update properties with different value as well as missing properties.
... -
- The Extbase Request still had a fallback to fetch
the base Request from $GLOBALS. The base Request
is of course a har... -
- This patch takes care of a missing id in the request, which is the case
for the rootpage.
Resolves: #98392
Releases:... -
- This change removes any usage of GeneralUtility::getIndpEnv()
in favor of NormalizedParams (non-global state) and
usi... -
- Resolves: #98395
Releases: main, 11.5
Change-Id: If2a8fba27d4a6250114b591055e3f49d603881d5
Reviewed-on: https://revie... -
- Do not expect all properties to already exist.
Update properties with different value as well as missing properties.
... -
- The new records controller (list modul "+" button) tries
to group records. TCA 'ctrl' property 'groupName'
can be use... -
- The new records controller (list modul "+" button) tries
to group records. TCA 'ctrl' property 'groupName'
can be use... -
- To have the progress bar visible on a panels using the
"default" or "light" theme variant, the progress bar
color is ...
2022-09-20
-
- The class `item` was removed in #98349, but the existing JavaScript code
still relied on that class. To solve the iss... -
- The feature flag "unifiedPageTranslationHandling"
has been active since TYPO3 v10, and can be removed
from the defaul... -
- The feature flag "unifiedPageTranslationHandling"
has been active since TYPO3 v10, and can be removed
from the defaul... -
- The ext:fluid RenderingContext extends standalone fluid
RenderingContextInterface by adding getRequest(). This
object...
2022-09-19
-
- The class prophecy has not been imported and does
not seem to be needed for the test.
Resolves: #98379
Releases: mai... -
- The PreviewRenderer pattern was added very late in
v10 development, along with a Resolver concept,
which was never pr... -
- Per the existing todo messages, these hooks are not useful and
better alternatives already exist. There's therefore n... -
- The three legacy hooks
* $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['cms/layout/class.tx_cms_layout.php']['record_is_u... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- CodeMirror v6 is a major rewrite of CodeMirror v5.
Existing addons and language parsers need to be rewritten.
There i...
2022-09-18
-
- Views should be data sinks, but not data sources:
In Fluid, RenderingContext is the main state object
used to carry r... -
- The Extbase Request has been turned into a
PSR-7 decorator in v11. Most interface changes
have not been enforced in v... -
- With https://review.typo3.org/c/Packages/TYPO3.CMS/+/75655 the `AbstractPlugin` was made internal.
Option `_DEFAULT_... -
07:28 Revision 7117ba70: [BUGFIX] Guard array key access in TypoScriptFrontendController
- This change ensure guarded array key access to avoid corresponding
native PHP undefined array key access warnings in ... -
- Resolves: #98317
Releases: main, 11.5
Change-Id: I4fc1cbd52dda8a9440a6256a5e61be7d89323232
Reviewed-on: https://revie... -
- This change ensure guarded array key access to avoid corresponding
native PHP undefined array key access warnings in ... -
- Resolves: #98317
Releases: main, 11.5
Change-Id: I4fc1cbd52dda8a9440a6256a5e61be7d89323232
Reviewed-on: https://revie...
2022-09-17
-
- Single FE content objects (TEXT, IMAGE, ...) always receive
the PSR-7 request since v11: Instances are created via
Co...
2022-09-16
-
- The patch rewrites TypoScript related code that uses
the comment based TypoScript configuration magic towards
the new... -
- The live search located at the top right side of the TYPO3 backend now
uses a modal window to render the search contr... -
- Casual raise of typo3/cms-styleguide and typo3/testing-framework
to latest dev versions in main.
> composer u --dev ... -
- In case an inline field doesn't define the "disabled" column
in its "showitem" list, a hidden checkbox is now rendere... -
- Link to the TSconfig reference where it makes sense,
also for setting page TSConfic, as this changed in v12.
We do no... -
- In case an inline field doesn't define the "disabled" column
in its "showitem" list, a hidden checkbox is now rendere... -
- If no size is explicitly given, the avatar size is based on the text
size, similar to icons. In the SetupModuleContro... -
12:17 Revision dc105e34: [TASK] Streamline scheduler flash messages
- The flash messages for the executed state and the
not executed state have been adapted to the previous flash messages... -
- The flash messages for the executed state and the
not executed state have been adapted to the previous flash messages... - 12:11 Revision 11caa711: [TASK] Add notification when Grunt "watch" finished compilation
- This outputs a "bell" character to notify the developer that the "watch"
task has picked up and finished compilation ... -
- The doc comments for some functions in `\TYPO3\CMS\Core\Database\Connection`
state, that table expressions and column... -
- The doc comments for some functions in `\TYPO3\CMS\Core\Database\Connection`
state, that table expressions and column... -
- Resolves: #98337
Releases: main, 11.5
Change-Id: I048defb5d96c4365a2005a5a2c0adae806b3e298
Reviewed-on: https://revie... -
- Resolves: #98337
Releases: main, 11.5
Change-Id: I048defb5d96c4365a2005a5a2c0adae806b3e298
Reviewed-on: https://revie... -
- `\TYPO3\CMS\Frontend\Plugin\AbstractPlugin` is not a recommended way of
developing Frontend Plugins anymore. As long ... -
11:52 Revision 65580b5a: [TASK] Allow flushing the makeInstance class name caches for testing
- `GeneralUtility::flushInternalRuntimeCaches` now also flushes the caches
used by `makeInstance` to determine the fina... -
- The doc comments for some functions in `\TYPO3\CMS\Core\Database\Connection`
state, that table expressions and column... -
- `GeneralUtility::flushInternalRuntimeCaches` now also flushes the caches
used by `makeInstance` to determine the fina... -
11:47 Revision 89e93da2: [BUGFIX] Avoid FE error if url field on external pages is empty
- Circumvent 'Unitialized string offset' error when trying to prefix the
url of a page from type 'external page' when f... -
- Resolves: #98361
Releases: main, 11.5
Change-Id: Ib94267b45199a5cf5cce3fa48df51e53cff9a256
Reviewed-on: https://revie... -
- `GeneralUtility::flushInternalRuntimeCaches` now also flushes the caches
used by `makeInstance` to determine the fina... -
- Resolves: #98359
Releases: main, 11.5
Change-Id: I2651ca3b0c5bbad93fc931134d2d2480d51f7af6
Reviewed-on: https://revie... -
- Circumvent 'Unitialized string offset' error when trying to prefix the
url of a page from type 'external page' when f... -
- Resolves: #98361
Releases: main, 11.5
Change-Id: Ib94267b45199a5cf5cce3fa48df51e53cff9a256
Reviewed-on: https://revie... -
- Resolves: #98359
Releases: main, 11.5
Change-Id: I2651ca3b0c5bbad93fc931134d2d2480d51f7af6
Reviewed-on: https://revie... -
- The documentation clearly states that the Testing application context
may only be used internally.
This information ... -
11:19 Revision 26d15e3e: [BUGFIX] Avoid undefined array key in RecordLinkHandler
- Resolves: #98232
Releases: main, 11.5
Change-Id: I8c1277a1d9b611785c6c852069d976033abda813
Reviewed-on: https://revie... -
- Instead of creating new database queries for each user group,
corresponding items are fetched in just one query.
Res... -
- Instead of creating new database queries for each user group,
corresponding items are fetched in just one query.
Res... -
- Resolves: #98232
Releases: main, 11.5
Change-Id: I8c1277a1d9b611785c6c852069d976033abda813
Reviewed-on: https://revie... -
- In ext:viewpage, jQuery UI resizable is used to allow an editor
to resize the iframe with the page preview. The fluid... -
- The documentation clearly states that the Testing application context
may only be used internally.
This information ... -
- Resolves: #98358
Releases: main, 11.5
Change-Id: I4f1080dc4308660eff99c3a70a35c3917d688ab6
Reviewed-on: https://revie... -
- Resolves: #98358
Releases: main, 11.5
Change-Id: I4f1080dc4308660eff99c3a70a35c3917d688ab6
Reviewed-on: https://revie... -
- The core currently uses a wide range of
state colors across the backend. This is
a mixture of defined colors for spec... -
- In #98288 the modal component was rewritten to be a lit element. The
modal title was defined by a `title` attribute. ...
2022-09-15
-
- This change allows the injection of the fluid
RenderingContextFactory while disallowing the
direct injection of the R... -
- I added and improved non-trivial method descriptions from the Changelog
descriptions here: https://review.typo3.org/c...
2022-09-13
-
- This is documented but not working in current
ext-settings core. -
- int=int+ with range is supposed to work, but does not
add min/max to input fields right now.
Releases: main, 11 -
- Releases: main, 11
-
- Change-Id: I4b2648148ee8b112fc71d76d0730893f102785a1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/757... -
- Change-Id: Ib8ba8cc8c720f50691897abc59fda00fef32e905
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/757... -
- Change-Id: I5d3e7def4c0c254f46061591081e7ccc33b60bc5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/757... -
- Change-Id: I6dc1c8bd8f1c308ccc283de2d801e0821fb7253e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/757... -
- see https://github.com/TYPO3/html-sanitizer/releases/tag/v2.0.16
composer req masterminds/html5:^2.7.6 typo3/html-sa... -
- Variables in child nodes like `<f:asset.css>{value}</f:asset.css>`
were not encoded and allow cross-site scripting. I... -
- FileDumpController is used to expose stored files from the backend
user interface through a corresponding service-sid... -
- When a TYPO3 backend user performs a password reset request, a
password reset link including an expiration time is se... -
- Observing response time during user authentication can be used to
distinguish between existing and non-existing user ... -
- This fixes TYPO3-CORE-SA-2021-005 again, which accidentally had
been removed during TYPO3 v11 development. An inacces... -
- see https://github.com/TYPO3/html-sanitizer/releases/tag/v2.0.16
composer req masterminds/html5:^2.7.6 typo3/html-sa... -
- Variables in child nodes like `<f:asset.css>{value}</f:asset.css>`
were not encoded and allow cross-site scripting. I... -
- FileDumpController is used to expose stored files from the backend
user interface through a corresponding service-sid... -
- When a TYPO3 backend user performs a password reset request, a
password reset link including an expiration time is se... -
- Observing response time during user authentication can be used to
distinguish between existing and non-existing user ... -
- This fixes TYPO3-CORE-SA-2021-005 again, which accidentally had
been removed during TYPO3 v11 development. An inacces... -
- see https://github.com/TYPO3/html-sanitizer/releases/tag/v2.0.16
composer req masterminds/html5:^2.7.6 typo3/html-sa... -
- Variables in child nodes like `<f:asset.css>{value}</f:asset.css>`
were not encoded and allow cross-site scripting. I... -
- FileDumpController is used to expose stored files from the backend
user interface through a corresponding service-sid... -
- When a TYPO3 backend user performs a password reset request, a
password reset link including an expiration time is se... -
- Observing response time during user authentication can be used to
distinguish between existing and non-existing user ... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- The changes applied for issue #93887 introduced a bunch of
regressions, which were partially addressed. However, ther... -
- The changes applied for issue #93887 introduced a bunch of
regressions, which were partially addressed. However, ther... -
- This change addresses several "undefined array key" issues that have
been identified by PsalmPHP (see issue #98321).
... -
- With #98331 friendsofphp/php-cs-fixer has been raised in
v11. However, pre-merge ci only scans for cgl in changed
php...
2022-09-12
-
- With the change #98308 it was forgotten that the
TypoScript property "config.disableImgBorderAttr"
is removed as well... -
- In order to consolidate TypoScript options,
the TypoScript option page.CSS_inlineStyle is removed
in favor of the muc... -
- To avoid divergent code-style results among other Git branches,
package friendsofphp/php-cs-fixer is upgraded to vers... - 09:08 Revision 15244ac2: Register Icons in Icons.php (#350)
- See https://docs.typo3.org/c/typo3/cms-core/main/en-us/Changelog/11.4/Feature-94692-RegisteringIconsViaServiceContain...
2022-09-09
-
- Badges are currently in an inconsistent state
and sometimes the severity it shows is not
related to the contents of t... -
- HTML deprecated the "border" attribute and the "longdesc"
attributes which are not set anymore by TYPO3's Frontend.
... -
- New PSR-14 events are introduced in favor of old hooks
within PageRepository which are related to overlaying
records.... -
- Resolves: #98306
Releases: 11.5
Change-Id: I7a5ec64e330a6a779abb5ed95eb6c70acb221785
Reviewed-on: https://review.typo... -
09:43 Revision 2ac5966b: [FEATURE] Option to configure primary actions in File List
- The primary actions in the file list visible as dedicated buttons in the
table list are now configurable on a backend... -
- Fixed the display of pseudocode to simple rest as these get
displayed in TYPO3 Explained. This resolves rendering
war... -
- Fixed the display of pseudocode to simple rest as these get
displayed in TYPO3 Explained. This resolves rendering
war... -
- This patch cleans up and streamlines the dropdown,
datepicker and context menu css components.
They now look unified... -
- All requests are changed to use the AJAX API. Due to this, the return
type of some methods is changed, resulting in a...
2022-09-08
-
- When TSFE->set_no_cache() is called without a reason
(usually through third-party code), the Logger now
ships with mo... -
- For not yet migrated filemount records, the
StoragePermissionsAspect previously triggered
an undefined array key sinc... -
- Avoid mistakes, especially by copy & paste, and trim the given data
before closing the modal and delegating the data.... -
- Avoid jQuery and especially the bootstrap
jQuery compat layer.
Use lit as template engine instead of jQuery compositi... -
- Avoid mistakes, especially by copy & paste, and trim the given data
before closing the modal and delegating the data.... -
- The ToolbarItemInterface requires the methods
hasDropDown() as well as getDropDown(). Since
#98214 the evaluation whe... -
- If a backend user switches pages in the list module right after the
clipboard is being loaded, the error message "An ... -
- Resolves: #98245
Releases: main
Change-Id: I03f3d485b75e1475d651479142bed40897c2b992
Reviewed-on: https://review.typo... -
- If a backend user switches pages in the list module right after the
clipboard is being loaded, the error message "An ... -
- Four new PSR-14 Events are added, which allow to fully
control the flex form parsing in an object-oriented
way. They ...
2022-09-07
-
- The datetimepicker (flatpickr) is now not based on
the Bootstrap DateTimePicker (which was used before),
but uses nat... -
- This change adapts various places where tests
are run / simulated to be in "Backend Context" (such as
ConditionMatche... -
- Resolves: #98280
Releases: main
Change-Id: I81078af2444b78df9eb26d0495fcb7cc73315162
Reviewed-on: https://review.typo... -
- This patch removes any usage of jQuery from the link browser
JS component. Additionally, some obsolete functionality
... -
17:17 Revision 39a05afd: [FEATURE] Add TypeConverter for enums
- With PHP 8.1 we got Enums, to use them also in our extbase actions,
a new TypeConverter is added with this patch.
Th... -
- This patch deprecates the constant "TYPO3_mainDir"
in favor of a BackendEntryPointResolver which
contains the informa... -
- This patch removes any usage of jQuery from EXT:rte_ckeditor. Some
obsolete handling from times when the link browser... -
12:20 Revision 801003d1: [TASK] Use current git repository links
- README.md and CONTRIBUTING.md use the current repository links with this change.
The change also includes several min... -
- README.md and CONTRIBUTING.md use the current repository links with this change.
The change also includes several min... -
- When changing the doktype of a page in the "create multiple pages"
wizard, the corresponding icon does now correctly ... -
- This patch removes any usage of jQuery from the constant
editor JS component. Additionally, some obsolete functionali... -
- When changing the doktype of a page in the "create multiple pages"
wizard, the corresponding icon does now correctly ... -
- Since TYPO3 v7 the RequestType Ajax was used
to identify AJAX routes. This is nowadays only
used in FormProtectionFac... -
- Back in the old HTMLArea it was possible to pre-define a link title in
the `classesAnchor` configuration which got ap... -
- Resolves: #98273
Releases: main, 11.5
Change-Id: I521d855fb4dc8fbafb302de16f8d446abfb4d9e1
Reviewed-on: https://revie... -
- Resolves: #98273
Releases: main, 11.5
Change-Id: I521d855fb4dc8fbafb302de16f8d446abfb4d9e1
Reviewed-on: https://revie... -
- Link to the TSconfig reference where it makes sense,
also for setting page TSConfic, as this changed in v12.
We do no...
2022-09-06
-
- Resolves: #98269
Releases: main
Change-Id: Ibdaf9319071b3b596330a3be41c17a862a247b8a
Reviewed-on: https://review.typo... -
- `unsafe-perm = true` is not available in npm v8 documentation,
and TYPO3 core requires npm =>v8.
The file has been in... -
- With PHP8.2 setting dynamic properties has been deprecated. This
is also valid if it is set through unserialization a... -
- README.md and CONTRIBUTING.md use the current repository links with this change.
The change also includes several min... -
- Commands executed:
npm install --save-dev grunt-stylelint@^0.18 stylelint@^14.11 stylelint-order stylelint-scss
n... -
- With PHP8.2 setting dynamic properties has been deprecated. This
is also valid if it is set through unserialization a... -
- During the migration to bootstrap the scaffold was reworked and is now flowing
incorrectly. The introduction flex on ... -
- Set the content language of RichText elements based on the direction
of the site language of the given element.
Reso... -
- * Use strict function argument and return types where possible
* Removed superfluous argument and return type doc com... -
- The FormEngine review module broke with the introduction of Bootstrap 5
due to changed API of its Popover module.
Ou... -
- This change removes all usages of "getRecordOverlay"
to slowly phase out "getRecordOverlay" as a legacy method,
where... -
- The support for jQuery in the module `@typo3/backend/popover` has been
dropped. Passing jQuery elements to the module...
2022-09-05
-
- The FormEngine review module broke with the introduction of Bootstrap 5
due to changed API of its Popover module.
Ou... -
- The check for `inData.action` didn't work anymore for a long time as
`action` is not set in the controllers anymore. ... -
- Some small JavaScripts used in EXT:impexp and EXT:info are migrated to
remove the dependency on jQuery.
Resolves: #9... - 10:15 Revision c68017aa: [TASK] Update settings snippet: use default values everywhere
- All values are default values except the redirectTTL value.
Releases: main, 11.5, 10.4
Resolves: #98238
Change-Id: I... - 10:15 Revision 2e67318d: [TASK] Update settings snippet: use default values everywhere
- All values are default values except the redirectTTL value.
Releases: main, 11.5, 10.4
Resolves: #98238
Change-Id: I... -
- The check for `inData.action` didn't work anymore for a long time as
`action` is not set in the controllers anymore. ...
2022-09-02
-
- PHPStan fails with composer max installation due
changes in the detection. Raising the version to
corresponding versi... -
- PHPStan fails with composer max installation due
changes in the detection. Raising the version to
corresponding versi... - 15:57 Revision 8bfd84d5: [TASK] Update settings snippet: use default values everywhere
- All values are default values except the redirectTTL value.
Releases: main, 11.5, 10.4
Resolves: #98238
Change-Id: I... -
- PHP8.1 introduced native return types to native methods
and interfaces, which crashes if they are not compatible.
As ... -
- PHP8.1 introduced native return types to native methods
and interfaces, which crashes if they are not compatible.
As ... -
- Items were previously rendered in BackendController into a large HTML
string that was passed to Fluid. This commit re... -
- With patch #97786 a bug was fixed, to only toggle inline controls in
their own scope. For this a new helper class was... -
- With patch #97786 a bug was fixed, to only toggle inline controls in
their own scope. For this a new helper class was...
Also available in: Atom