« Changelog History


CraftCMS v3.1.7 Release Notes

Release Date: 2019-01-31 // over 5 years ago

  • ➕ Added

    • ➕ Added all the things that came in Craft 3.0.40.
    • ➕ Added craft\helpers\FileHelper::canTrustMimeType().
    • ➕ Added craft\web\UploadedFile::getMimeType().

    🔄 Changed

    • The “Port” SMTP mail transport setting can now be set to an environment variable. (#3740)
    • 0️⃣ craft\web\Controller::requireAdmin() now has a $requireAdminChanges argument, which dictates whether the allowAdminChanges config setting must also be enabled (true by default).
    • 🔀 The project-config/sync console command now creates a project.yaml file, if it’s missing. (#3736)
    • Querying for active users no longer excludes locked users.
    • craft\helpers\FileHelper::getMimeType() now returns application/x-yaml for .yaml and .yml files.
    • ⚡️ Updated Craft UI to 0.2.0.

    🛠 Fixed

    • 🛠 Fixed an error that occurred when updating to Craft 3.1 if a plugin or module was calling craft\records\User::find().
    • 🛠 Fixed a bug where cross-domain Live Preview requests could fail due to CORS restrictions.
    • 🛠 Fixed a 403 error that would occur when an admin attempted to log in as another user on an environment where the allowAdminChanges config setting was disabled. (#3749)
    • 🛠 Fixed a bug where asset index toolbar items would be misaligned when searching in a volume or folder with subfolders.
    • 🛠 Fixed a bug where asset indexes could show multiple view mode toggles if a different volume or subfolder was selected while at least one asset was checked. (#3702)
    • 🛠 Fixed a bug where Plugin Store screenshots were not showing properly. (#3709)
    • 🛠 Fixed a bug where zoomed Plugin Store screenshots would not close when hitting the browser’s Back button. (#3754)
    • 🛠 Fixed a bug where the Plugin Store was not working properly when Dev Mode was enabled.

    🔒 Security

    • 👉 User accounts are now locked after multiple failed password attempts in current-password modals, per the maxInvalidLogins config setting.
    • 👉 Users are no longer signed out of active sessions when their account becomes locked.
    • ⏪ Database backup/restore exception messages now redact the database password when using PostgreSQL.