Bump the umbraco group with 1 update#392
Merged
Merged
Conversation
Bumps Umbraco.Cms.Api.Management from 17.3.4 to 17.4.2 --- updated-dependencies: - dependency-name: Umbraco.Cms.Api.Management dependency-version: 17.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: umbraco ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
.NET
dependabot
Bot
added
dependencies
Summary
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated Umbraco.Cms.Api.Management from 17.3.4 to 17.4.2.
Release notes
Sourced from Umbraco.Cms.Api.Management's releases.
17.4.2
What's Changed
🐛 Bug Fixes
Cache: Only write to url table on a single server in load balanced environments to remove lock contention umbraco/Umbraco-CMS#22890
Full Changelog: umbraco/Umbraco-CMS@release-17.4.1...release-17.4.2
17.4.1
What's Changed
🐛 Bug Fixes
UseOutputCache()middleware by @AndyButland in Output Caching: Correctly gate auto-registration ofUseOutputCache()middleware umbraco/Umbraco-CMS#22897Full Changelog: umbraco/Umbraco-CMS@release-17.4.0...release-17.4.1
17.4.0
Upgrade Notes
Be aware of a change to behaviour for detecting the Umbraco application URL. Previously,
ApplicationMainUrlwas automatically set from the Host header of incoming HTTP requests. In environments where Umbraco is not behind a reverse proxy that validates the Host header, this could allow a forged Host header to overwrite the URL used in password reset links, user invitations, and other email notifications. While this is normally mitigated by proper hosting configuration and settingUmbracoApplicationUrlexplicitly, we felt that the auto-detection behaviour should be hardened up and become an opt-in rather than the default. You can read more about this under "Breaking Changes" below, the linked PR and the documentation.There are a few updates related to performance in this release that are worth investigating for larger sites. Using output cache in your projects, with intelligent and customisable detection of page invalidation, is now a configuration option for templated websites, with extension points also applied for the Delivery API. We have optimised content cache rebuild after schema updates, with an option for deferred rebuild in the background. If considering a project with significant expected concurrency for member login and registration, and you prefer to use an external service for member management, the new option for lightweight external members will be worth reviewing.
If working with AI tools such as Umbraco MCP, additions to management API endpoints that expose JSON schema for data types and allow for patch updates of specific properties, should improve accuracy and reliability.
As usual please find the full list of PRs that have contributed to Umbraco 17.4 as follows.
What's Changed Since 17.4.0-rc3
Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc3...release-17.4.0
What's Changed Since 17.4.0-r2
📦 Dependencies
🔒 Security
localize.htmlString()helper to prevent XSS in HTML-rendered translations by @iOvergaard in Backoffice: Add localize.htmlString() helper to prevent XSS in HTML-rendered translations umbraco/Umbraco-CMS#22731🐛 Bug Fixes
Fallback.ToAncestorswith no match throwing exception at property level (closes #22759) umbraco/Umbraco-CMS#22763Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc2...release-17.4.0-rc3
What's Changed Since 17.4.0-rc
🐛 Bug Fixes
Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc...release-17.4.0-rc2
What's Changed Since the Previous Version (17.3.5)
🙌 Notable Changes
... (truncated)
17.4.0-rc3
Upgrade Notes
Be aware of a change to behaviour for detecting the Umbraco application URL. Previously,
ApplicationMainUrlwas automatically set from the Host header of incoming HTTP requests. In environments where Umbraco is not behind a reverse proxy that validates the Host header, this could allow a forged Host header to overwrite the URL used in password reset links, user invitations, and other email notifications. While this is normally mitigated by proper hosting configuration and settingUmbracoApplicationUrlexplicitly, we felt that the auto-detection behaviour should be hardened up and become an opt-in rather than the default. You can read more about this under "Breaking Changes" below, the linked PR and the documentation.There are a few updates related to performance in this release that are worth investigating for larger sites. Using output cache in your projects, with intelligent and customisable detection of page invalidation, is now a configuration option for templated websites, with extension points also applied for the Delivery API. We have optimised content cache rebuild after schema updates, with an option for deferred rebuild in the background. If considering a project with significant expected concurrency for member login and registration, and you prefer to use an external service for member management, the new option for lightweight external members will be worth reviewing.
If working with AI tools such as Umbraco MCP, additions to management API endpoints that expose JSON schema for data types and allow for patch updates of specific properties, should improve accuracy and reliability.
As usual please find the full list of PRs that have contributed to Umbraco 17.4 as follows.
What's Changed Since 17.4.0-r2
📦 Dependencies
🔒 Security
localize.htmlString()helper to prevent XSS in HTML-rendered translations by @iOvergaard in Backoffice: Add localize.htmlString() helper to prevent XSS in HTML-rendered translations umbraco/Umbraco-CMS#22731🐛 Bug Fixes
Fallback.ToAncestorswith no match throwing exception at property level (closes #22759) umbraco/Umbraco-CMS#22763Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc2...release-17.4.0-rc3
What's Changed Since 17.4.0-rc
🐛 Bug Fixes
Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc...release-17.4.0-rc2
What's Changed Since the Previous Version (17.3.5)
🙌 Notable Changes
... (truncated)
17.4.0-rc2
Upgrade Notes
Be aware of a change to behaviour for detecting the Umbraco application URL. Previously,
ApplicationMainUrlwas automatically set from the Host header of incoming HTTP requests. In environments where Umbraco is not behind a reverse proxy that validates the Host header, this could allow a forged Host header to overwrite the URL used in password reset links, user invitations, and other email notifications. While this is normally mitigated by proper hosting configuration and settingUmbracoApplicationUrlexplicitly, we felt that the auto-detection behaviour should be hardened up and become an opt-in rather than the default. You can read more about this under "Breaking Changes" below, the linked PR and the documentation.There are a few updates related to performance in this release that are worth investigating for larger sites. Using output cache in your projects, with intelligent and customisable detection of page invalidation, is now a configuration option for templated websites, with extension points also applied for the Delivery API. We have optimised content cache rebuild after schema updates, with an option for deferred rebuild in the background. If considering a project with significant expected concurrency for member login and registration, and you prefer to use an external service for member management, the new option for lightweight external members will be worth reviewing.
If working with AI tools such as Umbraco MCP, additions to management API endpoints that expose JSON schema for data types and allow for patch updates of specific properties, should improve accuracy and reliability.
As usual please find the full list of PRs that have contributed to Umbraco 17.4 as follows.
What's Changed Since 17.4.0-rc
🐛 Bug Fixes
Full Changelog: umbraco/Umbraco-CMS@release-17.4.0-rc...release-17.4.0-rc2
What's Changed Since the Previous Version (17.3.5)
🙌 Notable Changes
💥 Breaking Changes
ApplicationUrlDetectionsetting to control application URL auto-detection by @AndyButland in Application URL: AddApplicationUrlDetectionsetting to control application URL auto-detection umbraco/Umbraco-CMS#22307📦 Dependencies
System.Security.Cryptography.Xmlto resolve vulnerability warning by @AndyButland in Dependencies: PinSystem.Security.Cryptography.Xmlto resolve vulnerability warning umbraco/Umbraco-CMS#22514🚤 Performance
FullDataSetRepositoryCachePolicyusage across all repositories by @AndyButland in Performance: OptimizeFullDataSetRepositoryCachePolicyusage across all repositories umbraco/Umbraco-CMS#22264ContentTypeRepositorydeep-clone on cache reads (closes #22250) by @AndyButland in Performance: OptimizeContentTypeRepositorydeep-clone on cache reads (closes #22250) umbraco/Umbraco-CMS#22263GeneratedRegexinstead of generating at runtime in string extensions by @Henr1k80 in Performance: UseGeneratedRegexinstead of generating at runtime in string extensions umbraco/Umbraco-CMS#22534_publishedContentCachehas a cached version inMediaCacheServiceby @Henr1k80 in Performance: Avoid allocating a string if_publishedContentCachehas a cached version inMediaCacheServiceumbraco/Umbraco-CMS#22535UdiParser(eliminate closure, fix naming & formatting of exceptions) by @Henr1k80 in Performance: Micro-optimisation inUdiParser(eliminate closure, fix naming & formatting of exceptions) umbraco/Umbraco-CMS#22506... (truncated)
17.4.0-rc
Upgrade Notes
Be aware of a change to behaviour for detecting the Umbraco application URL. Previously,
ApplicationMainUrlwas automatically set from the Host header of incoming HTTP requests. In environments where Umbraco is not behind a reverse proxy that validates the Host header, this could allow a forged Host header to overwrite the URL used in password reset links, user invitations, and other email notifications. While this is normally mitigated by proper hosting configuration and settingUmbracoApplicationUrlexplicitly, we felt that the auto-detection behaviour should be hardened up and become an opt-in rather than the default. You can read more about this under "Breaking Changes" below, the linked PR and the documentation.There are a few updates related to performance in this release that are worth investigating for larger sites. Using output cache in your projects, with intelligent and customisable detection of page invalidation, is now a configuration option for templated websites, with extension points also applied for the Delivery API. We have optimised content cache rebuild after schema updates, with an option for deferred rebuild in the background. If considering a project with significant expected concurrency for member login and registration, and you prefer to use an external service for member management, the new option for lightweight external members will be worth reviewing.
If working with AI tools such as Umbraco MCP, additions to management API endpoints that expose JSON schema for data types and allow for patch updates of specific properties, should improve accuracy and reliability.
As usual please find the full list of PRs that have contributed to Umbraco 17.4 as follows.
What's Changed
🙌 Notable Changes
💥 Breaking Changes
ApplicationUrlDetectionsetting to control application URL auto-detection by @AndyButland in Application URL: AddApplicationUrlDetectionsetting to control application URL auto-detection umbraco/Umbraco-CMS#22307📦 Dependencies
System.Security.Cryptography.Xmlto resolve vulnerability warning by @AndyButland in Dependencies: PinSystem.Security.Cryptography.Xmlto resolve vulnerability warning umbraco/Umbraco-CMS#22514🚤 Performance
FullDataSetRepositoryCachePolicyusage across all repositories by @AndyButland in Performance: OptimizeFullDataSetRepositoryCachePolicyusage across all repositories umbraco/Umbraco-CMS#22264ContentTypeRepositorydeep-clone on cache reads (closes #22250) by @AndyButland in Performance: OptimizeContentTypeRepositorydeep-clone on cache reads (closes #22250) umbraco/Umbraco-CMS#22263GeneratedRegexinstead of generating at runtime in string extensions by @Henr1k80 in Performance: UseGeneratedRegexinstead of generating at runtime in string extensions umbraco/Umbraco-CMS#22534_publishedContentCachehas a cached version inMediaCacheServiceby @Henr1k80 in Performance: Avoid allocating a string if_publishedContentCachehas a cached version inMediaCacheServiceumbraco/Umbraco-CMS#22535UdiParser(eliminate closure, fix naming & formatting of exceptions) by @Henr1k80 in Performance: Micro-optimisation inUdiParser(eliminate closure, fix naming & formatting of exceptions) umbraco/Umbraco-CMS#22506OptimizeInvariantUrlRecordstimeout on SQL Server (closes #22377) by @AndyButland in Migrations: Fix potentialOptimizeInvariantUrlRecordstimeout on SQL Server (closes #22377) umbraco/Umbraco-CMS#22382🌈 Accessibility Improvements
... (truncated)
17.3.5
What's Changed
🐛 Bug Fixes
Full Changelog: umbraco/Umbraco-CMS@release-17.3.4...release-17.3.5
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions