v1.2.0

See the Upgrade Guide for a quick highlight of any potentially required changes in your code in order to be compatible with Winter CMS v1.2+. Although the upgrade should be relatively painless it is still worth taking a quick look to verify that you are not affected by any of the relatively few breaking changes.

Due to the significant number of changes in 1.2, they are grouped by section rather than category for this release note.

• Dependencies
• Community Improvements
• CLI & Console Commands
• Project Configuration & Helper Files
• Testing
• Plugin Manager
• Backend UI & UX
• Media Manager & Image Resizing
• Themes
• Twig
• Events
• Database
• Filesystem
• Modules
• Internals

Dependencies

• Minimum version of PHP bumped from PHP 7.2.9 to PHP 8.0.2
• Laravel upgraded from 6.x LTS to 9.x
• Twig upgraded from 2.x to 3.x
• Minimum version of Laravel Tinker bumped to 2.7
• Minimum version of PHPUnit bumped to 9.5.8
• Minimum version of Mockery bumped to 1.4.4
• Symfony ugpraded from 4.x to 6.x
• Symfony/Yaml upgraded from 3.4 to 6.0
• Assetic upgraded from the modified embedded version of 1.4.0 to 3.0 as an external dependency.

Community Improvements

Over the past year as we have been working on the Laravel 9 upgrade we have released a number of plugins, themes, and development tools designed to further enhance the Winter CMS developer experience.

• First Party Plugins
• First Party Themes
• VS Code Extension

First Party Plugins:

The following first party plugins were released / revamped:

• Winter.TailwindUI - TailwindUI-based skin for the backend.
• Winter.Search - Enables full-text search capabilities in Winter.
• Winter.Redirect - Manage redirects.
• Winter.Docs - Manages & displays documentation from various sources within your Winter projects.
• Winter.Matomo - Integrates the open source Matomo Analytics platform into Winter.
• Winter.DriverAWS - Driver plugin that adds support for AWS to Winter.
• Winter.DriverMailgun - Driver plugin that adds support for Mailgun to Winter.
• Winter.DriverMandrill - Driver plugin that adds support for Mandrill to Winter.
• Winter.DriverPostmark - Driver plugin that adds support for Postmark to Winter.
• Winter.DriverSendGrid - Driver plugin that adds support for SendGrid to Winter.
• Winter.DriverSparkPost - Driver plugin that adds support for SparkPost to Winter.

First Party Themes:

The following first party themes were released:

• Nabu - Theme designed for documentation sites using the powerfull Winter.Docs & Winter.Search plugins.
• Workshop - TailwindCSS-built theme for testing first party plugins.

VSCode Extension:

The official Winter CMS VSCode extension was released which provides code completion and syntax highlighting for Winter CMS projects.

CLI & Console Commands

A number of improvements have been made to the console commands available out of the box with Winter as well as the developer experience for working with the CLI in general. In addition to these improvements, the Console documentation has been updated and enhanced, click here to read the docs.

• Autocompletion
• Improved Support for Laravel-provided commands
• New Winter\Storm\Console\Command base class and helpers
• Scaffolding Improvements
• Bug Fixes

Autocompletion

• Added support for autocompletion for all Winter provided CLI commands.
• Added complete() function to the create:command Command scaffolding for providing autocompletion in console commands. (run artisan completion --help to setup autocompletion in your terminal)
• Added autocompletion support to the following commands:
  • plugin:disable $name
  • plugin:enable $name
  • plugin:refresh $name
  • plugin:rollback $name $rollbackVersion
  • winter:passwd $username (last 20 updated backend users)

Improved Support for Laravel provided commands

• Added migrate as an alias to winter:up to simplify transitioning to Winter from Laravel
• Laravel's migration commands have been removed / aliased to the relevant Winter commands as they did not function with Winter and never have.
• Version number reported by artisan --version will now include Winter CMS.
• route:list and route:cache now support module routes out of the box.
• Fixed issue where the key:generate command wouldn't set the APP_KEY value in the .env file if the .env file didn't exist yet.

New Winter\Storm\Console\Command base class and helpers

• Added Winter\Storm\Console\Command base class that adds helpers for making it easier for commands to implement suggested values for autocompletion.
• Added alert() helper to the Winter Command base class that improves on the Laravel default by adding support for wrapping long alert messages to multiple lines.
• Added Winter\Storm\Console\Traits\ConfirmsWithInput trait provides the confirmWithInput($message, $requiredInput) method to require the user to input the required input string in order before proceeding with running the command.
• Added Winter\Storm\Console\Traits\ProcessesQuery trait that provides a processQuery($query, $callback, $chunkSize, $limit) method that simplifies the process of processing large numbers of records in console commands by handling creating and updating a progress bar, chunking the provided query by the provided chunk size and limit parameters, running the callback for each record, and gracefully handling any exceptions thrown during the processing of records.

Scaffolding Improvements

• Added create:job Author.Plugin JobName scaffolding console command to create an initial Job class
• Added new scaffold argument to create:theme command, defaults to less; also supports tailwind.
• Moved all scaffolding commands out of Winter\Storm and into their relevant Modules (Backend, CMS, & System).
• Added $nameFrom property and getNameInput() method to the Winter\Storm\Scaffold\GeneratorCommand to enable checking for reserved names when generating code via scaffolding commands. Also made some method signature type hint changes to the class, be sure to review and apply them accordingly in any custom uses of that base class.
• Removed getPluginIdentifier() method from the Winter\Storm\Scaffold\GeneratorCommand class and added a new base class for scaffolding resources that are specific to plugins: System\Console\BaseScaffoldCommand.
• Added support for autocompletion of the plugin argument for scaffolders that extend System\Console\BaseScaffoldCommand.
• Added System\Console\Traits\HasPluginInput trait that provides helpers for when a console command interacts with plugin names as input arguments.
• Added support for generating localization messages by calling a getLangKeys() method defined on the scaffolding command during the execution process. This method can use the $this->vars property and $this->laravel->getLocale() method to return an associative array of message keys without the author prefix and their values for the current locale.
• Added several helpers in the scaffolding template files:
  • plugin_id -> lowercase version of a plugin's identifier
  • plugin_code -> Studly case version of the plugin's identifier
  • plugin_url -> author/plugin, used in Backend::url() calls
  • plugin_folder -> author/plugin, used when generating paths to files with the $ plugins directory path symbol or the ~ application path symbol.
  • plugin_namespace -> Studly case version of the plugin's identifier in namespace form (i.e. Author\Plugin)

Bug Fixes

• Added ability for the mix:watch command to clean up after itself when terminated with SIGTERM.
• winter:version will now only normalize file contents before hashing if the file is a valid text-based file which improves the reliability of change detection on Windows.
• Fixed issue where running winter:version --changes would always display "We have detected the following modifications:" even when no modifications were detected.
• winter:passwd now returns the status codes instead of using exit($code)
• Fixed issue where if the underlying data behind a datasource changes through manual intervention (either in the database or ...

v1.1.9

UX/UI Improvements

• The base Snowboard framework has been included in the Backend by default, allowing people to use Snowboard requests and included functionality in their plugin's backend pages if they wish. Please see #548 for more information on what is included.
• Dates displayed on the Theme Logs & Event Logs pages in the backend now display in the current user's preferred locale & timezone.

API Changes

• Dependency checking and management for Snowboard plugins has been improved. Singletons that have a ready callback will not be fired until dependencies are loaded.
• Added a flash.create and flash.remove global event in Snowboard to listen when a flash message is created and removed, respectively.
• Added URL handling and base URL detection in Snowboard via the Snowboard.url() plugin.
• Added sortable property to the Repeater FormWidget, defaults to true.
• Added a mix:update command to allow updating of Node dependencies for Mix assets.
• Added support for type: nestedform fields to the ThemeData theme customization forms.
• Added helper methods for Snowboard event listening - the on method registers a simple listener for a Snowboard event, the off de-registers the listener. The ready method is a shortcut method that registers a listener for when the DOM is ready, synonymous with $(document).ready() in jQuery.
• Added an Asset Loader component for Snowboard, which is now included in the extras and allows simple loading of script, style and image assets on the fly.
• Added a Data Configuration component for Snowboard, which is now included in the extras and allows widgets to retrieve configuration from an element's data attributes, similar to the current widgets within Winter CMS.
• Added the public flag trimStringAttributes to Winter\Storm\Database\Model to make it possible to disable the default behaviour of automatically trimming string attribute values on model instances.

Bug Fixes

• Improved support for read-only filesystems by using the Storage facade to handle the disabled plugins cache file instead of directly interacting with the local disk and checking if the local filesystem is writable before attempting to create the temporary directory required by the UpdateManager.
• Fixed the System Status dashboard widget on read-only filesystems.
• Fixed issue where calling Snowboard.request() with the element parameter set to false or null would fail.
• Fixed issue where changes made to $this->vars in a Partial's PHP code section wouldn't be available in the Twig section.
• Fixed issue where a Snowboard plugin that had been removed could not be re-added.
• Backported a fix from the 1.2 branch which resolves timeout issues with the mix:install command.
• Fixed issue where using the useRelationCount option with a relation in a List widget would not retrieve the count if the relation name was not snake-cased.
• Fixed an issue where passing configuration that had been generated by $this->makeConfig() to a ReportContainer would cause it to fail to initialize.
• Fixed missing variable in error message with mix:watch command if packages are missing from the overall workspace.
• Fixed issue where Snowboard requests in the Backend did not include the CSRF token.
• Fixed issue where using a time limit with data-track-input in Snowboard for input debouncing was being overwritten on entering a value due to misnamed variable.
• Fixed issue where any value returned by a success or error callback in Snowboard would prevent further execution (including no value); instead of just preventing execution on receiving a value of false.
• Fixed issue where string values (query selectors) were not able to be provided as the data-request-form attribute to Snowboard as it was requiring an instance of an element.
• Fixed issue where passing an already URL-encoded string to the UrlGenerator could cause its query parameter keys to become double encoded, disrupting the original data structure.

Security Improvements

• Improved reliability of the CMS Safe Mode feature. See GHSA-q37h-jhf3-85cj for more information
• Improved reliability of Winter\Storm\Database\Attach\File->fromData(). See GHSA-8v7h-cpc2-r8jp for more information.

Translation Improvements

• Improved German translation
• Improved Spanish translation
• Improved Farsi translation

Community Improvements

• Fixed file language hinting for backend controller views for VS Code

Dependencies

• The Winter core modules now report via composer that they replace the associated version of the October core modules to improve compatibility with the October ecosystem.

New Contributors

• @der-On made their first contribution in #457
• @marcomessa made their first contribution in #485
• @davidlueder made their first contribution in #563
• @multiwebinc made their first contribution in #603

v1.0.475

Security improvements backported from v1.1:

Security Improvements

• Improved reliability of the CMS Safe Mode feature. See GHSA-q37h-jhf3-85cj for more information.
• Improved reliability of Winter\Storm\Database\Attach\File->fromData(). See GHSA-8v7h-cpc2-r8jp for more information.

Dependencies

• The Winter core modules now report via composer that they replace the associated version of the October core modules to improve compatibility with the October ecosystem.

v1.1.8

UX/UI Improvements

• All default backend controller behaviors (i.e. FormController, ListController, RelationController, etc) no longer require a configuration property (i.e. $formConfig, $listConfig, $relationConfig, etc) defined on the implementing controller if the default config file is being used (i.e. config_form.yaml, config_list.yaml, config_relation.yaml, etc).
• The winter:down command now requires a user to explicitly confirm the action by typing DELETE in their CLI.
• The plugin:remove command now requires a user to explicitly confirm the action by typing the plugin code in their CLI.
• Added Created At & Updated At columns to the Backend User & User Roles lists, marked invisible by default.
• Updated the syntax highlighting language used by the backend custom CSS brand setting to acurately reflect the actual language in use (LESS, not CSS).
• The Markdown editor will now add a https:// template when adding a link or image, to encourage use of secure links.
• Removed the timeout when running winter:test.
• Fixed styling issue with color pickers on the Mail Brand Settings page in the backend.
• Files in the CMS Theme Editor AssetList component will now be sorted alphabetically.
• Added ability to manage the list of users associated with a given role from that role's update page.
• Added "slug" input preset to the Administrator Role's code field.

API Changes

• Permissions registered without the roles property defined will now only be inherited by the developer system role, not all system roles.
• Added Snowboard.js, a new JS framework intended to replace the existing AJAX Framework that is more modular and no longer depends on jQuery.
• Added support for Laravel Mix via the following commands: mix:install, mix:compile, mix:watch, & mix:list.
• Added autodetection of Laravel Mix package configuration files when winter.mix.js is present in a plugin, theme, or module.
• Added System\Classes\MixAssets for managing Laravel Mix packages provided by plugins, themes, & modules. See registerMixAssets() now available as a registration method for Plugin.php, MixAssets::registerCallback() for Modules, and the mix property on theme.yaml definitions
• Classes implementing the System\Traits\PropertyContainer trait to provide dynamic property options for Inspector fields no longer need to have zero (or one optional) parameters in their constructor in order to work correctly. Note that if your constructor requires a value in any property and does not define a default, this will still fail, so ideally you should still use a class specifically set up for handling Inspector properties.
• Added | md_line Twig filter to make use of the Markdown::parseLine() method in Twig templates.
• Replaced Winter\Storm\Auth\AuthException with Winter\Storm\Auth\AuthenticationException, added Winter\Storm\Auth\AuthorizationException.
• The plugin:remove command now provides a --no-rollback option which disables the rolling back of database migrations for a plugin when it is being removed, allowing the plugin data to be retained.
• Added support for the app.asset_url & ASSET_URL configuration options for use with the Url::asset() & asset() helpers.
• Added | asset Twig Filter
• Made app(), media(), asset(), resize(), imageWidth(), imageHeight() available as Twig Functions

Bug Fixes

• Integers can now be used as values for options provided to the Inspector set field.
• Fixed issue with list of available encodings for importing where ISO 8859-9 was incorrectly referenced as ISO 8859-0.
• Fixed issue that could occur when running console commands on a project that had replaced plugins and their replacing plugins present at the same time.
• Fixed incorrect exception message when attempting to impersonate a user without authorization.
• Fixed color picker widget not allowing empty values.
• Fixed color picker widget showing misleading mouse cursors in read-only mode.
• Fixed color picker widget not triggering dependent fields on change.
• Fixed issue where attempting to render a theme without a database present would fail because the AssetMaker trait was attempting to get the system build information from the database even though the DB wasn't present.
• Fixed PHP 8 compatibility issue where a component with no controller throws an error when checking the existence of a method on the non-existent controller.
• Fixed bug introduced in v1.1.5 where an infinite loop would occur when attempting to impersonate a backend user while logged in as a user without the is_superuser flag.
• Modules will now be seeded before plugin migrations are run to support plugin migrations that interact with module seeded data.
• Fixed issue where setting the readOnly property to true on datepicker FormWidgets would leave the field greyed out but still editable.

Security Improvements

• Improved the Twig SecurityPolicy to block more potentially dangerous entry points from being abused by accounts with access to Twig but not PHP.
• Themes can no longer be imported while cms.enableSafeMode is active.
• Added a warning message to the system status dashboard widget when the default admin user is detected on the system.
• Limited inheritance of "orphaned" (permissions without default roles assigned) to just the "Developer" role instead of all system roles.
• Fixed issue where users without the backend.access_dashboard could still access the dashboard if they did not have access to any other main menu items in the backend.
• Removed the is_safe="html" flag from the System Twig filters (| app, | media, | resize, | imageWidth, & | imageHeight) as none of them should ever return values that should be injected into templates without escaping the results.

Translation Improvements

• Improved Latvian translation.
• Improved Ukrainian translation.
• Improved French translation.
• Improved Italian translation.
• Improved Slovak translation.
• Improved Russian translation.
• Improved Persian translation.
• Improved Japanese translation.

Community Improvements

• Winter.Notes, a new first party plugin for adding notes to any record type in Winter was released. It provides a custom notes FormWidget that presents a note management experience similar to the Mac OS Notes App.
• All code examples in the official documentation now has proper language highlighting depending on the language of each example.
• The console commands documentation has been signficantly refactored with an introductory page with a list of all commands now available. Commands are now grouped by their logical function.
• Added a default .vscode/settings.json to the project to help VS Code correctly identify the language (PHP, Twig, or WinterCMS Template) used for .htm files based on where in the project they are located.
• Added a default .vscode/extensions.json to the project to provide recommendations on extensions for VS Code that work well with Winter

Dependencies

• Laravel 6.x LTS does not support PHP 8.1 so Winter has limited the supported PHP versions to PHP 7.2.9 -> PHP 8.0.*. PHP 8.1 support will come with Winter 1.2 using Laravel 9.x LTS in February/March 2022.

v1.1.7

UX/UI Improvements

• The color picker widget has been redesigned with a fresh look and additional features. See #324 for more information.
• You can now define one or more IP addresses that may view the site during maintenance mode via the Maintenance mode Settings screen.
• Console scaffolding commands (i.e. create:controller, create:plugin, etc) will now list the files that were created during the scaffolding process for clarity.

API Changes

• Added $data as the fourth argument to the mailer.prepareSend and mailer.send events.
• Added create:settings {plugin} {settings=Settings} scaffolding command to generate a Settings model for the provided plugin.
• Added winter:test {?--p|plugin=} {?--c|configuration=} {?--o|core} --ANY-PHP-UNIT-FLAGS-HERE command to easily run the core and plugin's PHPUnit testing suites.

Bug Fixes

• Fixed issue introduced in v1.0.466 where copying the default RelationController markup to use in a controller-level override of RelationController partials would result in an "undefined index" exception.
• Client language files for child locales (i.e. en-ca) will now include fallback strings from their parent locales.
• Fixed an issue with the Markdown Editor in Chrome clipping the editor content if the viewport height is restricted while the widget has "stretch" enabled.
• Fixed Backed\Helper\Backend::makeCarbon() to correctly default to the backend timezone set in cms.backendTimezone
• Large numbers of options (250+) are now better handled with the group filter
• Added support for base64 encoded data:image URIs in image type columns.

Translation Improvements

• Improved Persian translation.
• Improved Latvian translation.
• Improved Russian translation.
• Improved German translation.

Community Improvements

• Winter CMS can now be accessed via the Gitpod service, providing near-instant, fully working copies of Winter CMS for testing and development. Please see #295 for more information.
• The Architecture Concepts section has been added to the documentation and provide an higher level overview of Winter CMS and some of the advanced time-saving features available within the project.
• The Maintainer Guide has been added to the documentation.

v1.0.474

Security improvements backported from v1.1:

API Changes

• The URL generator (URL::to() and url()) will now always return a slash after the hostname and properly URL-encode values with the dot segments processed out.
• Added getRealUser() to Winter\Storm\Auth\Manager to get the real user for the current request, taking into account user impersonation
• Added canBeImpersonated($impersonator = false) to Winter\Storm\Auth\Models\User and models extending it (i.e. Backend\Models\User); used to determine if the provided impersonator can impersonate the selected user.
• Changed model.user.beforeImpersonate to a halting event so that third party plugins are able to override the default return values from canBeImpersonated() to implement more or less strict impersonation protection policies as desired on a per project basis by returning a boolean flag indicating if the user can be impersonated or not

Bug Fixes

• Fixed issue where the user impersonation system would sometimes fail to restore the original user correctly.

Security Improvements

• URLs generated by Url::to() and url() now return properly URL-encoded values
• Fixed issue where post() could return values when the request was not a valid POST request
• Triggering user impersonation while already impersonating a user will now record the original impersonator as the impersonator for the second impersonation action as well, previously the impersonated user would have been recorded as the impersonator in those cases.
• Impersonated users will now have their access filtered to only include permissions that the impersonator would have also had access to.
• CMS Theme logs now reflect the real user behind a request; taking into account user impersonation.

v1.1.6

Bug Fixes

• Fixed a CSS issue from v1.1.5 where pages that were less that 100% of the viewport's height would only display a sliver of vertical content.

v1.1.5

UX/UI Improvements

• Added a notice to the top of every page in the backend when using the user impersonation functionality.

API Changes

• Added getRealUser() to Winter\Storm\Auth\Manager to get the real user for the current request, taking into account user impersonation
• Added canBeImpersonated($impersonator = false) to Winter\Storm\Auth\Models\User and models extending it (i.e. Backend\Models\User); used to determine if the provided impersonator can impersonate the selected user.
• Changed model.user.beforeImpersonate to a halting event so that third party plugins are able to override the default return values from canBeImpersonated() to implement more or less strict impersonation protection policies as desired on a per project basis by returning a boolean flag indicating if the user can be impersonated or not

Bug Fixes

• Fixed critical issue introduced in 1.1.4 where post() didn't return the default value when the request was not a POST request. This caused issues with forms relying on session keys (i.e. file upload fields etc.) as well as the form context property.

Security Improvements

• Triggering user impersonation while already impersonating a user will now record the original impersonator as the impersonator for the second impersonation action as well, previously the impersonated user would have been recorded as the impersonator in those cases.
• Impersonated users will now have their access filtered to only include permissions that the impersonator would have also had access to.
• CMS Theme logs now reflect the real user behind a request; taking into account user impersonation.

v1.1.4

UX/UI Improvements

• Fixed visual issue with checkboxes in inspector popups where they would take up space but not be visible.
• The order of columns in the Lists widget will be reset when pressing the "Reset to Default" button in the List config popup.
• The password restore and reset pages in the Auth controller now provide a body class (restore and reset, respectively) for targeting CSS.

API Changes

• The URL generator (URL::to() and url()) will now always return a slash after the hostname and properly URL-encode values with the dot segments processed out.
• SystemExceptions are now thrown for code paths resulting in not found exceptions (AJAX handlers, partials, content, components, etc) to make it easier to identify and resolve issues before end users are affected.
• Added the getNamespaceAliases($namespace) & getReverseAlias($class) methods to the ClassLoader class.
• Added Winter\Storm\Support\Testing\MocksClassLoader trait for mocking the ClassLoader in unit tests.
• The Http helper in the Storm library now stores and makes available all response headers in the $headers property even if the toFile() method is used - previously, headers would be discarded to prevent them being added to the file content.
• Custom Twig filters & functions registered in plugins via registerMarkupTags() can now specify the options to be used when registering the filters / functions with Twig.
• Added support for Trusted Proxies in Winter CMS, allowing sites behind proxies to still be served under HTTPS even if the HTTPS connection terminates at the proxy. Previously, the Backend of Winter CMS would redirect the user to the real underlying web address, which may not exist if it is proxied.
• Added support for providing a default image to be used for type: image backend list columns.
• Added the following global helper functions:
  • array_accessible(): Arr::accessible()
  • array_has_any(): Arr::hasAny()
  • is_associative(): Arr::isAssoc()
  • array_shuffle(): Arr::shuffle()
  • str_ordinal(): Str::ordinal()
  • str_after_last(): Str::afterLast()
  • str_ascii(): Str::ascii()
  • str_before_last(): Str::beforeLast()
  • str_contains_all(): Str::containsAll()
  • str_is_uuid(): Str::isUuid()
  • str_limit_words(): Str::words()
  • str_plural_studly(): Str::pluralStudly()

Bug Fixes

• Fixed issue where warnings about removing replaced plugins were still shown even when the plugins had already been removed.
• Fixed support for multiple where clauses on the unique model attribute validation rule.
• Fixed support for uppercase file extensions when using the ImageResizer (i.e. .JPG, etc)
• Fixed a few issues with the unique validation rule (couldn't specify multiple where conditions, minor inconsitencies in how it was being parsed, etc) and added unit tests to cover all valid variations fo the rule
• Fixed issue where calling url() or temporaryUrl() on a filesystem driver that didn't support those methods would throw a Class not found exception instead the appropriate RuntimeException.
• Backported a fix from Laravel 7 to allow pagination for queries with having clauses.
• Fixed issue with NavigationManager items that had invalid order values causing the backend to crash.
• Fixed issue where requests to non-existant Asset Combiner routes would return a 500 error code instead of 404.
• Fixed issue where the replacing plugin would be disabled on the first request after an aliased plugin was disabled.
• Fixed issue where namespace aliases registered via the ClassLoader (usually through the plugin replacement functionality) would not be evaluated by the Extendable trait (i.e. behaviors were not resolving correctly).
• Fixed issue where 0 couldn't be used as the min or max value for number field types.
• Fixed an issue with SSL connection failures and the winter:version command on Mac OS by using the Http helper as opposed to the file_get_contents() method.
• Fixed issue where the user impersonation system would sometimes fail to restore the original user correctly.

Security Improvements

• URLs generated by Url::to() and url() now return properly URL-encoded values
• Fixed issue where post() could return values when the request was not a valid POST request

Translation Improvements

• Improved French translation.
• Improved Latvian translation.
• Improved Italian translation.
• Improved Romanian translation.
• Improved Russian translation.
• Improved German translation.

Performance Improvements

• Improved speeds with path resolution for Halcyon File datasources sharing the same base directory.

Community Improvements

• Dropped old "build" files in the Storm library that were previously used for subsplitting the modules in the main Winter CMS repository for Composer. This has been replaced by a command in the Winter CMS CLI utility.
• Changed the default database host config option to be 127.0.0.1 instead of localhost. localhost may be slightly faster in some environments, but 127.0.0.1 is more reliable in all environments and the default can always be changed for specific projects that require it.
• Added automatic regeneration of the docs on wintercms.com/docs whenever a commit is made to the docs repository meaning that the public docs will finally be always up to date with the underlying git repository that powers them! Huge thanks to Marc Jauvin for finally taking care of a long standing annoyance with the project documentation.
• Updated the default config files to more closely match Laravel 6's default configurations.
• Improved issue templates on the main Winter CMS repository

v1.1.3

UX/UI Improvements

• Added support for choosing the default backend locale and timezone in php artisan winter:install.
• Controller scaffolding now uses the default backend localization keys for the default titles in the FormBehavior config instead of hardcoded English strings
• The unique validation rule can now be used without any additional information, previously it required the table name to be specified in the form of unique:table_name. This also means that unique validation rules will respect the current model's $table property.

API Changes

• Added support for modifying the RichEditor's allowed attributes list through the EditorSettings in the backend
• Added support for saving deferred bindings with pivot data.
• Added Backend::makeCarbon($dateTime) helper for setting the backend timezone on date values.
• Added support for Dependency Injection in console commands.
• Added support for php artisan winter:util purge orphans command that removes any system_files records that do not have matching files stored on the filesystem.
• Added support for registerValidationRules in the Plugin.php plugin registration file to register custom validation rules.
• Added support for specifying min, max, and step values on the number and numberrange List Filter scope types.
• Added support for pre and post processing of YAML being parsed which should pave the way for supporting YAML v4
• Added support for array views to the MailFake class
• Added support for HTTP HEAD requests from the Http utility.
• Added boolean $ok indicator to the Http utility to indicate if the last response was successful (ie. an HTTP 2xx response code was returned)
• Added support for automatic cache busting for the assets loaded by the {% framework %} Twig tag based on the current version stored in the database. Use artisan winter:version to set the correct version for your project.
• Added support for translator namespace aliases by adding Lang::registerNamespaceAlias('real.namespace', 'aliased.namespace').
• Added Config::registerNamespaceAlias($original, $alias); to allow aliasing a config namespaces to another config namespace, i.e. Config::registerNamespaceAlias('winter.debugbar', 'debugbar'); would return the config items from winter.debugbar when accessing the debugbar config. This is useful for forked packages or when integrating Laravel packages into Winter.
• Added Config::registerPackageFallback($original, $fallback) to allow the config items to be loaded from the global $fallback config when present if the $original global config isn't present. Useful when forking plugins to ensure existing installations with customized configs at the global level continue to work.
• Added support for lazy loading class aliases only when needed through the new Winter\Storm\Support\ClassLoader->addAliases(['Real\Class' => 'Alias\For\Class']) method.
• Added support for aliasing entire namespaces in the class loader via the new Winter\Storm\Support\ClassLoader->addNamespaceAliases(['Real\Namespace' => 'Aliased\Namespace']) method.
• Added support for getting the original class name of an aliased class when registered through the ClassLoader via the Winter\Storm\Support\ClassLoader->getAlias($aliasedClass) method
• Added support for plugins specifying that they "replace" other plugins via the replaces key in the pluginDetails() method. See wintercms/winter#41 & wintercms/docs#11 for more details. Methods added to PluginBase: getReplaces($includeConstraints = false), canReplacePlugin($plugin, $version), getPluginIdentifier(), getPluginPath(), and getPluginVersion().

Bug Fixes

• Fixed issue with Schedule->withoutOverlapping() by bringing the Halcyon MemoryRepository more inline with the parent class.
• Fixed an error thrown when using the "package:discover" command when app.loadDiscoveredPackages set to false, as the manifest was reset to null as opposed to an empty array.
• Fixed issue where tooltips set on the first column of the Lists widget were not working.
• Fixed issue where components that used dependency injection in their constructors would break in the backend.
• The RecordFinder FormWidget will now automatically determine what to use for the key column if the model used is not using the default of id. This used to be controlled by the undocumented keyFrom option on the recordfinder, but is now handled behind the scenes automatically.
• Reverted "Fixed issue introduced in Laravel 5.7 where eager loading File relationships on PostgreSQL would fail with the message "Varchar <> Integer comparison is not allowed"" introduced in 1.1.2 since it was causing issues when strict typing was enabled.
• Fixed an issue where PluginManager->getRegistrationMethodValues() would attempt to call protected methods on PHP 7.4.
• Improved Media Library path validation logic by allowing // but not allowing :// to account for poorly constructed paths that are still technically valid.
• Fixed issue where sending emails using the Laravel Notification system could cause an exception in the System module when it attempted to extend a view instance while it was expecting a view string reference.
• Fixed issue where a TagList field that is disabled or readOnly would fail to correctly render if the value was an array.
• Added branching support for winter:version, different version branches (1.0, 1.1, etc) can now be correctly identified.
• Improved handling of dates by the Filter widget, specifically when ignoreTimezone is set on only one of a few date inputs in a given filter, and when using the daterange filter type with certain date values.
• Changed the default value of database.connections.sqlite.database to base_path('storage/database.sqlite') to better support applications using a mirrored public directory.
• Fixed issue where redirects to slow loading pages via AJAX could stop the loading indicator (and thus enable the triggering element) before the redirect actually completed, potentially leading to users triggering multiple requests unintentionally. As a side-effect due to how browsers process file downloads triggered by AJAX, this broke the loading indicator for AJAX redirects that cause the browser to download files instead of leaving the page; see the test plugin for how you can manually fix that functionality within your projects.
• Fixed long standing issue with the pagelinks plugin in the richeditor where inserting a link from the pagelinks popup would insert it at the start of the content instead of where the selected text was, and fixed another issue that would cause any preset text to be overwritten when selecting a link to use from the pagelinks popup.
• Fixed issue where exceptions / errors that were thrown before the Event facade was available would always be reported as "Class Event does not exist" instead of the actual problem.
• Fixed support for CSS variables within the asset compiler / combiner, this is a step closer towards native Tailwind support within Winter CMS.
• Fixed issue where resizing certain .gif images would result in imagecolorsforindex(): Argument #2 ($color) is out of range.
• Fixed issue where resizing .gif images with no transparent colour set would result in the white colour being replaced with the default transparent colour.
• Fixed issue where passing null as the image source to the | resize filter resulted in an exception being thrown instead of more gracefully silently ignoring the input and returning an emptry string.
• Fixed issue where init.php wouldn't be loaded by the plugin boot process when running unit tests.
• Fixed long standing issue where disabled plugins wouldn't be uninstalled by the winter:down command
• Fixed issue where routes registered via plugin's routes.php file would not have names registered via Route::name() actually registered with the internal route name mapping meaning that route($name) would not be able to resolve to those routes.

Security Improvements

• Improved password reset flow by no longer throwing an error message if the provided email address doesn't exist in the system.
• Tightened up the permission checking logic by requiring strict type matches.
• Removed xml from the list of default allowed extensions to upload, can be added back through the configuration if required.

Translation Improvements

• Improved French translation.
• Improved Russian translation.
• Improved Dutch translation.
• Moved Media Manager rename and move action language keys to the backend module instead of the CMS module.

Community Improvements

• Documented the Lists widget's perPageOptions configuration property

Dependencies

• Refactored the Winter\Storm\Events\Dispatcher class to extend and override the base Laravel Event Dispatcher rather than just duplicating and implementing the contract for greater compatibility with Laravel.
• Switched away from the abandoned fzaninotto/faker package to the maintained fakerphp/faker package.