4.4.16

• The “Access the control panel” user permission now includes a warning that the permission grants view-only access to user data and most content.
• Added info buttons to “View entries”, “Create entries”, and “Save entries” user permissions, clarifying which actions they allow. (#13375)
• Improved performance when loading users with eager-loaded addresses. (#13400)
• createDraft GraphQL mutations now support a creatorId argument. (#13401)
• Garbage collection now deletes entries for sites that aren’t supported by their section. (#13383)
• Added craft\elements\Address::setOwner().
• craft\base\ElementInterface::eagerLoadingMap() can now include a createElement key in the returned array, which defines a target element factory function.
• craft\base\Element::toArray() now clones custom field values, similar to __get(). (#13392)
• Fixed a bug where entry titles could overflow within Entries fields with “Maintain hierarchy” enabled. (#13382)
• Fixed a bug where batched jobs with a configured limit could be repeated endlessly. (#13387)
• Fixed an error that could occur if null was passed to craft\elements\MatrixBlock::setOwner().
• Fixed a bug where eager-loaded categories were always loaded in the structure-defined order, even if the Categories field didn’t have “Maintain hierarchy” enabled. (#13394)
• Fixed a bug where time inputs weren’t handling malformed values properly if ICU 72.1 was installed. (#13381)
• Fixed legacy Live Preview support.
• Fixed a bug where lightswitch inputs could overflow. (#13419)
• Fixed a bug where Matrix field validation wasn’t working properly if the field value was eager-loaded. (#13421)
• Fixed a bug where date and time inputs weren’t always working properly on mobile. (#13424)
• Fixed an RCE vulnerability.

3.8.16

• The “Access the control panel” user permission now includes a warning that the permission grants view-only access to user data and most content.
• Fixed an RCE vulnerability.

4.4.15

• The control panel footer now includes a message about active trials, with a link to purchase the licenses.
• Tags fields now only show up to five suggestions. (#13322)
• The up, migrate/up, and migrate/all commands now revert any project config changes created by migrations on failure.
• The up, migrate/up, and migrate/all commands now prompt to restore the backup created at the outset of the command, or recommend restoring a backup, on failure.
• Added craft\console\controllers\BackupTrait::restore().
• Added craft\helpers\Component::cleanseConfig().
• craft\log\ContextProcessor::filterVars() now supports filtering keys using dot notation and ! negation. (#13362)
• Fixed an error that occurred when passing arguments to an element’s prev and next fields via GraphQL. (#13334)
• Fixed a bug where Single entries weren’t getting preloaded for template macros, if the template body wasn‘t rendered. (#13312)
• Fixed a bug where asset folders could get dynamically created for elements with temporary slugs. (#13311)
• Fixed a bug where Matrix fields with custom propagation methods were being marked as translatable if the rendered translation key was blank. (#13329)
• Fixed a bug where transformed images’ width or height properties could be null if the transform didn’t specify both dimensions. (#13335)
• Fixed a bug where heading UI elements within field layouts were getting a top border if they were preceeded by conditionally-hidden fields. (#13308)
• Fixed a bug where new Single sections could get URIs filled in on form submit based on the section name, if the input was blank and hadn’t been directly edited. (#13350, #13355)
• Fixed a bug where it was possible to drag items beyond the normal page scroll limits. (#13351)
• Fixed two RCE vulnerabilities.

3.8.15

• The control panel footer now includes a message about active trials, with a link to purchase the licenses.
• Fixed an error that occurred when passing arguments to an element’s prev and next fields via GraphQL. (#13334)
• Fixed an RCE vulnerability.

4.4.14

• The utils/fix-field-layout-uids command now adds missing field layout component UUIDs.
• The _includes/forms/date and _includes/forms/time templates now accept a timeZone variable.
• Invalid utility URLs now redirect to the first permitted utility (besides “Updates”). (#13282)
• Fixed an error that could occur when updating a plugin with the craft update command, if it provided a new migration but still had the same schema version.
• Fixed an error that occurred when rendering editable tables with Date or Time columns. (#13270)
• Fixed a bug where CSS classes that contained a pseudo-selector weren’t getting namespaced. (#13251)
• Fixed a JavaScript error that could occur when renaming assets without URLs. (#13223)
• Fixed a bug where craft\base\Element::setFieldValuesFromRequest() wasn’t properly handling empty strings passed as the namespace. (#13252)
• Fixed a styling issue with control panel notifications. (#13258)
• Fixed a bug where element thumbnails could stop getting loaded when quickly switching between element sources. (#13253)
• Fixed an error that occurred when uploading an asset with a filename over 232 characters long, directly to an Assets field. (#13264)
• Fixed an error that occurred when transforming an image with a filename over 232 characters long. (#13266)
• Fixed a SQL error that could occur when upgrading to 4.4 on PostgreSQL, if the database was converted from MySQL. (#12855)
• Fixed a bug where craft\db\Query::collect() was returning a craft\elements\ElementCollection instance.
• Fixed a SQL error that could occur when upgrading to Craft 4 if any database tables had foreign keys to entryversions or other now-unused tables that are removed during the upgrade.
• Fixed a bug where the users/save-user action wasn’t including user details in successful responses. (#13267)
• Fixed a PHP error that occurred if an asset without a dateModified value was passed to craft\helpers\Assets::revParams(). (#13268)
• Fixed a bug where the Updates utility’s heading wasn’t reflecting updates that were blocked due to an expired plugin. (#13274)
• Fixed a bug where element deletion events weren’t getting triggered when elements were hard-deleted from an element index. (#13280)
• Fixed a bug where dropdowns within editable tables had blank optgroup labels. (#13298)
• Fixed a bug where textual cells within editable tables would display [object Object] if an object was passed as their value. (#13303)

3.8.14

• The _includes/forms/date and _includes/forms/time templates now accept a timeZone variable.
• Fixed an error that could occur when updating a plugin with the craft update command, if it provided a new migration but still had the same schema version.
• Fixed an error that occurred when rendering editable tables with Date or Time columns. (#13270)

4.4.13

• Fixed a bug where asset sources weren‘t immediately showing a source path on a clear localStorage cache.
• Fixed a JavaScript error that could occur when searching within an asset index, when there was no source path. (#13241)
• Fixed a bug where Date fields with “Show Time Zone” enabled were displaying their values in the system’s time zone within element indexes. (#13233)
• Fixed a bug where the “Cancel” buttons within Dashboard widgets’ settings didn’t do anything. (#13239)

4.4.12

• Asset indexes now remember their previously-selected source path. (#13147)
• Added the enabledForSite field for entries queried via GraphQL. (#13214)
• Added craft\base\ElementInterface::sourcePath().
• Improved craft\helpers\FileHelper::getExtensionByMimeType() for some ambiguous, web-friendly MIME types.
• Fixed a bug where reverting an entry’s content from a revision could omit some Matrix blocks.
• Fixed an error that could occur when adding a new site to an entry which contained Matrix blocks, if the same site had been added and removed previously.
• Fixed a bug where Matrix blocks nested within Neo or Super Table fields could be omitted when propagating an entry to a new site. (#13207)
• Fixed a bug where craft\web\View::registerTwigExtension() could throw an exception if Twig was already initialized. (#13208)
• Fixed a bug where entries mutated via GraphQL weren’t becoming globally enabled if enabled was set to true. (#13214)
• Fixed a styling issue with “Post Date” and “Expiry Date” fields. (#13216)
• Removed the OAuth 2.0 Client library, as it’s no longer used in core.
• Fixed a bug where activation emails sent to newly-created users could link to the front-end site, if they were granted control panel access via a user group. (#13204)
• Fixed a bug where “Required” lightswitch labels within field layout designers’ field settings slideouts weren’t getting translated. (#13230)
• Fixed a bug where Date fields could display the wrong date. (#13233)
• Deprecated the Craft.startsWith() JavaScript method. String.prototype.startsWith() should be used instead.
• Fixed two XSS vulnerabilities.

3.8.13

• Fixed a bug where asset sources weren‘t immediately showing a source path on a clear localStorage cache.
• Fixed a JavaScript error that could occur when searching within an asset index, when there was no source path. (#13241)
• Fixed a bug where Date fields with “Show Time Zone” enabled were displaying their values in the system’s time zone within element indexes. (#13233)

3.8.12

• Asset indexes now remember their previously-selected source path. (#13147)
• Added craft\base\ElementInterface::sourcePath().
• Improved craft\helpers\FileHelper::getExtensionByMimeType() for some ambiguous, web-friendly MIME types.
• Removed the OAuth 2.0 Client library, as it’s no longer used in core.
• Fixed a bug where activation emails sent to newly-created users could link to the front-end site, if they were granted control panel access via a user group. (#13204)
• Fixed a bug where it wasn’t possible to drag Verbb Navigation nodes via their drag handles. (#12896)
• Fixed a bug where Date fields could display the wrong date. (#13233)
• Deprecated the Craft.startsWith() JavaScript method. String.prototype.startsWith() should be used instead.