Skip to content

Releases: cakephp/cakephp

CakePHP 4.4.11 released

11 Feb 01:15
4.4.11
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.11. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.11. See the changelog for every commit.

  • View can now iterates templates paths that were defined as an associative array.
  • The i18n extract command now checks for directory existence before trying to enumerate the files within directories provided as inputs.
  • Update SECURITY policy docs to include 3.x end-of-life status.
  • Improve API documentation.
  • Fix dynamic-property error in PHP8.2 when PDOError objects are logged.
  • Switch to using phive to install static analysis tools.
  • Set the request into the routing context before processing middleware. This ensures that links on error pages always have access to the current request.

Contributors to 4.4.11

Thank you to all the contributors that helped make this release happen:

  • ADmad
  • Edgaras Janušauskas
  • fabsn182
  • Kevin Pfeifer
  • Marc Würth
  • Mark Scherer
  • Mark Story
  • Mikkel Bonde
  • othercorey

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.2.12 Released

07 Jan 01:00
4.2.12
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.2.12. This release corrects a regression introduced when backporting the recent security fix from 4.4.10 to the 4.2 branch.

Bugfixes

You can expect the following changes in 4.4.12. See the changelog for every commit.

  • Fix regression in Query::offset() and Query::limit().

CakePHP 4.4.10 released

06 Jan 03:22
4.4.10
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.10. This release contain a security fix for the limit() and offset() methods of Cake\Database\Query. If passed unfiltered request data, these methods would allow for SQL injection. If your application does not use CakePHP's Pagination wrappers and directly passes request data into one of these methods your application is vulnerable. We'd like to thank 'Tanaka' for reporting this issue.

Additional Bugfixes in 4.4.10

The 4.4.10 release contains the aforementioned security fix as well as the following fixes. See the changelog for every commit.

  • Update association definitions in ORM tests.
  • Update build images to Ubuntu 22.04.

Contributors to 4.4.10

Thank you to all the contributors that helped make this release happen:

  • ADmad
  • Kevin Pfeifer
  • Mark Scherer
  • Mark Story
  • othercorey

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.3.11 released

06 Jan 03:23
4.3.11
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.3.11. This release contain a security fix for the limit() and offset() methods of Cake\Database\Query. If passed unfiltered request data, these methods would allow for SQL injection. If your application does not use CakePHP's Pagination wrappers and directly passes request data into one of these methods your application is vulnerable. We'd like to thank 'Tanaka' for reporting this issue.

CakePHP 4.2.11 released

06 Jan 03:23
4.2.11
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.2.11. This release contain a security fix for the limit() and offset() methods of Cake\Database\Query. If passed unfiltered request data, these methods would allow for SQL injection. If your application does not use CakePHP's Pagination wrappers and directly passes request data into one of these methods your application is vulnerable. We'd like to thank 'Tanaka' for reporting this issue.

CakePHP 3.x End of Support and 3.10.5 Released

02 Jan 03:02
3.10.5
Compare
Choose a tag to compare

As previously communicated the time has come for CakePHP 3.x support to end. It has been 36 months since the release of 4.0.0 on Dec 15 2019, and going forward the core team will not be maintaining the 3.x branch.

Going forward the CakePHP team will continue to support 4.x and develop 5.x. Once 5.0.0 is released, 4.x will receive bugfixes for 24 months, and security fixes for 36 months.

CakePHP 3.10.5 released

The 3.10.5 release contains a single bugfix:

  • Fix IntegrationTestTrait providing null as the request body.

Contributors to 3.10.5

  • Marc Würth

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.4.9 released

30 Dec 02:57
4.4.9
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.9. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.9. See the changelog for every commit.

  • Improve duplicate route detection in cake routes.
  • Make ShadowTranslate strategy for TranslateBehavior handle missing association records with translations consistently with EavStrategy.

Contributors to 4.4.9

Thank you to all the contributors that helped make this release happen:

  • ADmad
  • Mark Story
  • Matthias Wirtz
  • othercorey

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 5.0.0-beta1 released

19 Dec 18:02
5.0.0-beta1
Compare
Choose a tag to compare
Pre-release

The CakePHP core team is proud to announce the first beta release of CakePHP 5.0.0. This initial release contains most of the new features and breaking changes that 5.0 will contain. This release contains a minimal working application skeleton. It also features a new version of Chronos with several breaking changes. A focus of 5.0 has been to remove deprecated features and improve the adoption of native type-declarations where possible.

Our focus in the near future is to finish updating all of the CakePHP maintained plugins to be compatible with 5.0. We'll also be putting more work into backporting deprecations into the next 4.x release (4.5.0) so that upgrading can be done incrementally before 5.x is released.

Finally, the scope for 5.x isn't locked down so if you'd like to see a feature or breaking change made please open an issue.

New Features

The migration guide has a complete list of what's new in 5.0.0. We recommend you give that page a read when upgrading as it notes the various breaking changes present in 5.0.

How you Can Help

You can help deliver 5.0 by contributing in one of many ways:

  1. Check the documentation for mistakes, outdated, unclear or broken examples. We've been trying to update everything but may have not caught everything.
  2. Try it out! Give CakePHP 5.0 a test drive in a non-production application. We'd love to hear how converting a small application went and what was harder than it should have been.
  3. File issues for regressions in existing features, or suggest new features. Even if those features don't make it into 5.0, we would appreciate community input on what should be part of 5.1 and 5.2

Contributors to 5.0.0-beta1

Thank you to all the contributors that have helped since the alpha1 release:

  • ADmad
  • Chris Nizzardini
  • Kevin Pfeifer
  • Mark Scherer
  • Mark Story
  • ndm2
  • othercorey
  • saeideng

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

CakePHP 4.4.8 released

02 Dec 02:50
4.4.8
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.8. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.8. See the changelog for every commit.

  • Aligned ServerRequest::scheme() and Uri::getScheme() on how they handle proxy headers.
  • Improve compatibility of old PaginatorInterface alias.
  • Fixed infinite loop when a table class was created without a name or table, and getAlias() is called on it.
  • Improve assertMailSentWith comparisons with array values.
  • Fixed sortDefault and directionDefault not working with multiple pagination.
  • Improved typehints and API docs.

Contributors to 4.4.8

Thank you to all the contributors that helped make this release happen:

  • ADmad
  • Marc Würth
  • Mark Story
  • Matthias Wirtz
  • othercorey
  • TerryKern

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP 4.4.7 released

30 Oct 02:34
4.4.7
Compare
Choose a tag to compare

The CakePHP core team is happy to announce the immediate availability of CakePHP 4.4.7. This is a maintenance release for the 4.4 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 4.4.7. See the changelog for every commit.

  • Fixed errors arising from exporting objects with invalid __debugInfo() methods.
  • Improved API documentation.
  • Fixed missing dependency to cakephp/database.
  • Fixed regression in FormHelper::radio() and FormHelper::multiCheckbox().

Contributors to 4.4.7

Thank you to all the contributors that helped make this release happen:

  • ADmad
  • Felix Kempf
  • Mark Scherer
  • Mark Story
  • ndm2
  • Oliver Nowak
  • othercorey
  • Tyler Lendon

As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.