7.3.19 (2024-01-15)

Overview of merged pull requests

BUGFIX: Check SVG files for malicious code before providing original asset url links

This adds a check in the preview of assets in the media module and checks for malicous content in svgs. If detected, the direct links to the original url get removed from the preview pages and a warning is shown.

!`image <https://github.com/neos/neos-development-collection/assets/13046100/bb8a2b73-a251-499e-926a-1e6b866bbc87>`_

Fixes https://github.com/neos/flow-development-collection/issues/3248

  • Packages: Neos Media.Browser

BUGFIX: Resolve StyleCI issues

  • Packages: Neos Fusion

BUGFIX: node:repair fails with could not be converted to string

Fixes the following crash during node:repair

```shell ./flow node:repair –dry-run –only removeBrokenEntityReferences Dry run, not committing any changes.

Checking for broken entity references … Object of class Neos\Flow\Persistence\Doctrine\Proxies\__CG__\Neos\Media\Domain\Model\ImageVariant could not be converted to string

Type: Error File: Data/Temporary/Development/SubContextWbWeb/Cache/Code/Flow_Object_Classes/Neos_ContentRepository_Command_NodeCommandControllerPlugin.php Line: 836


resolved #4794

Upgrade instructions

  • [x] Code follows the PSR-2 coding style

  • ~~Tests have been created, run and adjusted as needed~~
    • There are not tests in place and I added none.

  • [x] The PR is created against the lowest maintained branch -> 7.3

  • [ ] Reviewer - PR Title is brief but complete and starts with FEATURE|TASK|BUGFIX

  • [ ] Reviewer - The first section explains the change briefly for change-logs

  • [ ] Reviewer - Breaking Changes are marked with !!! and have upgrade-instructions

  • Packages: Neos ContentRepository

Detailed log