8.3.9 (2024-01-15)
Overview of merged pull requests
BUGFIX: Check SVG files for malicious code before providing original asset url links
This adds a check in the preview of assets in the media module and checks for malicous content in svgs. If detected, the direct links to the original url get removed from the preview pages and a warning is shown.
!`image <https://github.com/neos/neos-development-collection/assets/13046100/bb8a2b73-a251-499e-926a-1e6b866bbc87>`_
Fixes: - https://github.com/neos/neos-development-collection/issues/4833 - https://github.com/neos/flow-development-collection/issues/3248
Packages:
NeosMedia.Browser
BUGFIX: Resolve StyleCI issues
Packages:
NeosFusion
BUGFIX: Fix StyleCI issues
Packages:
Neos
BUGFIX: add dimensionshash migration to postgres
Regression https://github.com/neos/neos-development-collection/pull/3279
We need to generate add dimensions hash to node event model in order to be able to save new nodes as we do in MySQL: Neos.Neos/Migrations/Mysql/Version20210125134503.php
Upgrade instructions
Run ./flow doctrine:migrate
Review instructions
You want to make sure that the dimensions table has valid values. If not you might want to add a custom migration like this one:
```php <?php declare(strict_types=1);
namespace Neos\Flow\Persistence\Doctrine\Migrations;
use Doctrine\Migrations\AbstractMigration; use Doctrine\DBAL\Schema\Schema;
class Version20230727164559 extends AbstractMigration {
public function getDescription(): string {
return ‘Correct null entries in event log caused by automated import’;
}
public function up(Schema $schema): void {
$this->abortIf($this->connection->getDatabasePlatform()->getName() !== ‘postgresql’, ‘Migration can only be executed safely on \’postgresql\’.’);
$this->addSql(‘UPDATE neos_neos_eventlog_domain_model_event SET dimension = NULL WHERE dimension = :dimension AND dtype = :dtype;’, [‘dimension’ => ‘N;’, ‘dtype’ => ‘ttree_contentrepositoryimporter_event’]);
}
public function down(Schema $schema): void {
$this->abortIf($this->connection->getDatabasePlatform()->getName() !== ‘postgresql’, ‘Migration can only be executed safely on \’postgresql\’.’);
$this->addSql(‘UPDATE neos_neos_eventlog_domain_model_event SET dimension = :dimension WHERE dimension IS NULL AND dtype = :dtype;’, [‘dimension’ => ‘N;’, ‘dtype’ => ‘ttree_contentrepositoryimporter_event’]);
}
}
Packages:
Neos
BUGFIX: node:repair fails with could not be converted to string
Fixes the following crash during node:repair
```shell ./flow node:repair –dry-run –only removeBrokenEntityReferences Dry run, not committing any changes.
Checking for broken entity references … Object of class Neos\Flow\Persistence\Doctrine\Proxies\__CG__\Neos\Media\Domain\Model\ImageVariant could not be converted to string
Type: Error File: Data/Temporary/Development/SubContextWbWeb/Cache/Code/Flow_Object_Classes/Neos_ContentRepository_Command_NodeCommandControllerPlugin.php Line: 836
resolved #4794
Upgrade instructions
[x] Code follows the PSR-2 coding style
- ~~Tests have been created, run and adjusted as needed~~
There are not tests in place and I added none.
[x] The PR is created against the lowest maintained branch -> 7.3
[ ] Reviewer - PR Title is brief but complete and starts with
FEATURE|TASK|BUGFIX[ ] Reviewer - The first section explains the change briefly for change-logs
[ ] Reviewer - Breaking Changes are marked with
!!!and have upgrade-instructions
Packages:
NeosContentRepository
TASK: Removes neos/neos-setup
Summary:
When attempting to install Neos version 8.3 using the command composer create-project neos/neos-development-distribution neos-development 8.3.x-dev --keep-vcs, the installation results in the neos-setup (version 1.x) being installed. The neos/cli-setup tool has been removed and the default command ./flow welcome is still called. But the command is no longer available due to the absence of the CLI setup tool. Consequently, the setup process is not possible as the recommended command is missing.
We remove the dependency from the development collection and adds the neos/neos-setup in the latest version to the neos-development-distribution
Packages:
Neos