-
-
Notifications
You must be signed in to change notification settings - Fork 188
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
TASK: Add changelog for 8.1.13 [skip ci]
- Loading branch information
Jenkins
committed
Jun 28, 2024
1 parent
d51f143
commit 9166564
Showing
1 changed file
with
78 additions
and
0 deletions.
There are no files selected for viewing
78 changes: 78 additions & 0 deletions
78
Neos.Flow/Documentation/TheDefinitiveGuide/PartV/ChangeLogs/8113.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| `8.1.13 (2024-06-28) <https://github.com/neos/flow-development-collection/releases/tag/8.1.13>`_ | ||
| ================================================================================================ | ||
|
|
||
| Overview of merged pull requests | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| `BUGFIX: Avoid insecure composer/composer versions <https://github.com/neos/flow-development-collection/pull/3366>`_ | ||
| -------------------------------------------------------------------------------------------------------------------- | ||
|
|
||
| This adjusts the dependency to ``~2.2.24 || ^2.7.7`` to avoid versions vulnerable to multiple command injections via malicious branch names. | ||
|
|
||
| More details in: | ||
|
|
||
| - https://blog.packagist.com/composer-2-7-7/ | ||
| - https://github.com/advisories/GHSA-v9qv-c7wm-wgmf | ||
| - https://github.com/advisories/GHSA-47f6-5gq3-vx9c | ||
|
|
||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `BUGFIX: Dont log stack trace for `InvalidHashException` in Production <https://github.com/neos/flow-development-collection/pull/3247>`_ | ||
| ---------------------------------------------------------------------------------------------------------------------------------------- | ||
|
|
||
| This configures an ``invalidHashExceptions`` exception handler rendering group and configures it to not dump stack traces in ``Production`` context. For ``Development`` context stack traces are still written to ease debugging. | ||
|
|
||
| * See: `#3159 <https://github.com/neos/flow-development-collection/issues/3159>`_ | ||
|
|
||
| **Upgrade instructions** | ||
|
|
||
| In case you need trace dumps for ``InvalidHashException`` in production context, override the settings as needed. | ||
|
|
||
| **Review instructions** | ||
|
|
||
| * See: `#3159 <https://github.com/neos/flow-development-collection/issues/3159>`_ for ways to trigger those exceptions. Then check if a trace is dumped. | ||
|
|
||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `BUGFIX: Fix documentation of `maximumThrowableDump` defaults <https://github.com/neos/flow-development-collection/pull/3269>`_ | ||
| ------------------------------------------------------------------------------------------------------------------------------- | ||
|
|
||
| * Related: `#3158 <https://github.com/neos/flow-development-collection/issues/3158>`_ | ||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `TASK: Scripts.php avoid use of same references for exec <https://github.com/neos/flow-development-collection/pull/3171>`_ | ||
| -------------------------------------------------------------------------------------------------------------------------- | ||
|
|
||
| Followup to https://github.com/neos/flow-development-collection/pull/3116 | ||
|
|
||
| I debugged with @dlubitz a problem and we found that in theory? $output _might_ be possibly already filled? | ||
| I dont know if that can happen but just to be sure we set it to empty as its also a bad practice. | ||
|
|
||
|
|
||
| **Upgrade instructions** | ||
|
|
||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `TASK: Fix errors in Middleware code example <https://github.com/neos/flow-development-collection/pull/3299>`_ | ||
| -------------------------------------------------------------------------------------------------------------- | ||
|
|
||
| I found two small errors in the Middleware code example in the documentation. | ||
|
|
||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `TASK: Correct Flow composer.json <https://github.com/neos/flow-development-collection/pull/3252>`_ | ||
| --------------------------------------------------------------------------------------------------- | ||
|
|
||
| The upmerge commit `42e3fd7886d5bed317511a2046d4119867216923 <https://github.com/neos/flow-development-collection/commit/42e3fd7886d5bed317511a2046d4119867216923>`_ wrongly overwrote major parts of Flows composer.json, introducing older versions of PHP and psr/log as well as removing dependencies on some other psr packages. This change corrects the issue and needs to be upmerged accordingly. | ||
|
|
||
| The changes were never merged into the collection composer.json so that the issue was not noticed in development environments. | ||
|
|
||
| * Packages: ``Flow`` | ||
|
|
||
| `Detailed log <https://github.com/neos/flow-development-collection/compare/8.1.11...8.1.13>`_ | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |