CakePHP 3.5.8

CakePHP is a web development framework, somewhat similar to Rails. It provides scaffolding tools, an ActiveRecord/DataMapper implementation, doesn't require much setup or configuration. It comes with helpers for text translations, caching, validation, authorization backends, CSRF and XSS protection, and templating. It follows the Web-"MVC" scheme, centralized route dispatching, less efficient class-by-class autoloading, etc. Thorough API documentation and a rich set of user-contributed plugins exist.

Tags php framework web-mvc cakephp rails
License MITL
State stable

Recent Releases

3.5.812 Dec 2017 11:45 minor feature: Improved internal usage of PHPUnit assertions. Improved API documentation. warnings from phpstan level 3. inconsistent hash algorithm usage in Digest Authentication. Database Type::map() now clears built objects when types are re-mapped. CakePHP catches Throwable in several places improving PHP7 support. schema reflection with MariaDB's current_timestamp() default value. Routes now match when _method is an array which could happen when named routes supported multiple HTTP methods. FormHelper::button() now supports the confirm option. Response::body() will no longer invoke string callables. ServerRequest::referer(true) no longer returns protocol relative URLs that are embedded in the path. po files that contained the same message string as both a singular and a plural form now correctly work with __(). ADmad. Dariusz Ruminski. David Yell. Florian Krämer. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Raúl Arellano. chinpei215. mosaxiv. saeid. timalive.
3.5.707 Dec 2017 20:05 minor feature: Improved internal usage of PHPUnit assertions. Improved API documentation. warnings from phpstan level 3. inconsistent hash algorithm usage in Digest Authentication. Database Type::map() now clears built objects when types are re-mapped. CakePHP catches Throwable in several places improving PHP7 support. schema reflection with MariaDB's current_timestamp() default value. Routes now match when _method is an array which could happen when named routes supported multiple HTTP methods. FormHelper::button() now supports the confirm option. Response::body() will no longer invoke string callables. ServerRequest::referer(true) no longer returns protocol relative URLs that are embedded in the path. po files that contained the same message string as both a singular and a plural form now correctly work with __(). ADmad. Dariusz Ruminski. David Yell. Florian Krämer. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Raúl Arellano. chinpei215. mosaxiv. saeid. timalive.
2.10.524 Nov 2017 17:25 minor feature: fallback domain lookups not working in Validation::email(). Improved API documentation. Joseph Zidell. Marc Würth. Mark Story. Milan van As. Yaser Naderi. saeideng.
3.5.620 Nov 2017 18:25 minor feature: Iterating subclasses of ArrayIterator that include CollectionTrait retains the original class ing use of methods defined on the subclass. Response::__deInfo() includes the response body now. Http Client creates response objects in a separate method making response creation easier to extend. SQL expressions no longer include double parenthesis when nesting expressions. View subdirectories are no longer doubled when RequestHandlerComponent and view classes using subDir property are used together. Middleware can now be registered in RouteBuilder using a string classname. Protocol relative string URLs are now properly HTML encoded by UrlHelper. ADmad. Dariusz Ruminski. Dmitrii Romanov. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Michael Hoffmann. Raúl Arellano. Walther Lalk. saeid. timalive.
3.5.502 Nov 2017 11:25 minor feature: SQLServer no longer reports double column lengths for NVARCHAR and NCHAR columns. IntegrationTestSuite::enableCsrfToken() no longer emits errors when the POST body is a string. Response::getType() has been added as a replacement for Response::type(). Network Socket now supports explicit use of TLS1.1 and 1.2. Support for SSL2 is deprecated and will be removed in 4.0.0. IntegrationTestCase::assertResponseCode() now allows custom messages to be set. Cake Http Client FormData::addFile() now adds parts as documented. Router:: initialized is deprecated. As we migrate to routes being loaded via middleware this property will no longer be in use. TableSchema now provides more succinct deinformation. ADmad. Chris Valliere. Dmitrii Romanov. Edgaras Janu?auskas. Mark Scherer. Mark Story. Robert Pustu?ka. saeideng.
2.10.420 Oct 2017 09:25 minor feature: Email pattern used in CakeEmail now accepts _ in domain names. Improved API doc blocks. SQLServer driver now accepts limit values that are numeric strings. Sessions can now leverage use_trans_sid if necessary. Hash::sort() can now sort sparse arrays. JCB credit card pattern has been corrected. CookieComponent::delete() can now remove deeply nested keys. Clemens Weiß. Ionut-Mihai Burlacu. Koji Tanaka. LustyRain. Mark Story. chinpei215. kolorafa.
3.5.416 Oct 2017 14:05 minor feature:
3.5.327 Sep 2017 15:45 minor feature: Http Client now supports protocol relative Location headers. Improved API documentation for the Query Builder. Shell help messages when commands are missing are no longer displayed in red. Dependent deletions in HasMany/HasOne associations now preconditions with the table alias. Directories created by FileCache are more atomic. The default locale is now correctly set when the current locale is changed. CommandRunner now sorts command listings alphabetically. Cookie objects with array values is now sent JSON encoded. This restores backwards compatibility with CookieComponent. Validation::url() now accepts URLs that have fragments containing query data. Router::redirect() now allows the routeClass to be defined. Email address validation now accepts domain names with _ in them. Additional constants for join types have been added. ADmad. Jeremy Harris. José Lorenzo Rodríguez. Littley Lv. Livia Scapin. Mark Scherer. Mark Story. Patrick Conroy. Pierre Martin. Rachman Chavik. Robert Pustu?ka. Steffen Brand.
2.10.318 Sep 2017 06:25 minor feature: Improved API documentation. Http Client no longer fails to parse cookies with non-standard properties. CookieComponent configuration is more backwards compatible with previous versions. PO file parsing now handles po files that have the same message id defined as both a singular and a plural when the singular message is defined after the plural one. Helper::addClass() no longer emits warnings when class attributes are arrays. View setter methods now return this instead of void. RedisEngine increment/decrement now work with infinite timeout keys again. HtmlHelper::link() now supports the fullBase option. Text::uuid() will now use random_int if that function is defined. Deger::highlight() is no longer off by one line. Cookies added via Http Client::addCookie() now require a path and domain. ADmad. Florian Krämer. Huw Jones. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Robert Pustu?ka. batopa. inoas. ndm2. supermanner.
3.5.212 Sep 2017 23:05 minor feature: Improved API documentation. Http Client no longer fails to parse cookies with non-standard properties. CookieComponent configuration is more backwards compatible with previous versions. PO file parsing now handles po files that have the same message id defined as both a singular and a plural when the singular message is defined after the plural one. Helper::addClass() no longer emits warnings when class attributes are arrays. View setter methods now return this instead of void. RedisEngine increment/decrement now work with infinite timeout keys again. HtmlHelper::link() now supports the fullBase option. Text::uuid() will now use random_int if that function is defined. Deger::highlight() is no longer off by one line. Cookies added via Http Client::addCookie() now require a path and domain. ADmad. Florian Krämer. Huw Jones. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Robert Pustu?ka. batopa. inoas. ndm2. supermanner.
2.10.203 Sep 2017 06:25 minor feature: Improved performance of test suites by not truncating tables that were just created. Web test runner now works with PHPUnit 4. The hiddenField option on radio buttons now works as documented. SQLServer driver now emits exceptions when the persistent option is used. This option does not work properly with SQLServer. SessionHelper now handles stacked flash messages created by FlashComponent. Jeremy Harris. Luis Cano. Mark Story. Mike Fellows. Val Bancer.
3.5.129 Aug 2017 06:05 minor feature: Warnings are now logged when active connections are destroyed with pending transactions. Hash::remove() correctly handles 0 in path strings now. Improved API documentation. Query::notMatching() now works with BelongsToMany associations that use composite primary keys. DSN string parsing was restored for SqlLocalDB. compatibility between Collection and Traversable. Response headers set in view templates using the immutable methods are now output correctly. Request::clientIp() now reads IPs from the end of the IP chain when trustProxy is enabled. Xml::build() now default the parseHuge option to false. Previously it was documented as defaulting to false, but was defaulted to true. Disabling this option by default prevents arbitrarily large XML documents from consuming too much memory. Hash comparisons in Authentication classes now use constant time comparison functions. FormAuthenticate hashes passwords even when the user is not found as documented. This helps to protect against timing attacks. The non-PSR7 Dispatcher can send cookies once again. AssetDispatcher no longer serves files starting with. The bundled root certificates have been updated to the latest bundle from mozilla. This removes a few untrusted certificate authorities like StartSSL. Form::setErrors() was added. ConsoleIntegrationTestCase has new methods added for ensuring stdout/stderr are empty. HtmlHelper now HTML encodes string URLs for css/javascript/images in case user data is supplied to them. ADmad. Ceeram. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Tadahisa MOTOOKA. chinpei215. inoas.
3.5.021 Aug 2017 16:05 minor feature: Scoped Middleware - Middleware can now be conditionally applied to routes in specific URL scopes. This allows you to build specific stacks of middleware for different parts of your application without having to write URL checking code in your middleware. New Middleware - New middleware was added to apply CSRF tokens, and encrypted cookies. Improved Console Environment - A new console dispatcher has been added, integrating the Application class into the CLI environment. Integration testing helpers have been added making testing console commands simpler. Helpful Console Errors - Missing options subcommands now make suggestions of valid options instead of just erroring out. Cache Engine Fallbacks - Cache engines can now be configured with a fallback key that defines a cache configuration to fall back to if the engine is misconfigured (or unavailable). Cookie Objects - New Cookie CookieCollection classes have been added. These classes allow you to work with cookies in an object-orientated way. dotenv Support added to Application Skeleton - The application skeleton now features a 'dotenv' integration making it easier to use environment variables to configure your application.
3.4.1317 Aug 2017 12:25 minor feature: Added backwards compatibility shim for getMock() on CakeTestCase. This makes upgrading to newer versions of PHPUnit easier. Model::deleteAll() once again uses recursive=0 by default. This reverts a change done in 2.10.0 that attempted to improve performance of deleteAll(). CakeEmail once again attachs files that define the data key, but no mimetype. Mark Story. Val Bancer. bclay.
3.5.0-RC212 Aug 2017 06:45 minor feature: Added backwards compatibility shim for getMock() on CakeTestCase. This makes upgrading to newer versions of PHPUnit easier. Model::deleteAll() once again uses recursive=0 by default. This reverts a change done in 2.10.0 that attempted to improve performance of deleteAll(). CakeEmail once again attachs files that define the data key, but no mimetype. Mark Story. Val Bancer. bclay.
2.10.108 Aug 2017 03:16 minor feature: Added backwards compatibility shim for getMock() on CakeTestCase. This makes upgrading to newer versions of PHPUnit easier. Model::deleteAll() once again uses recursive=0 by default. This reverts a change done in 2.10.0 that attempted to improve performance of deleteAll(). CakeEmail once again attachs files that define the data key, but no mimetype. Mark Story. Val Bancer. bclay.
3.4.1202 Aug 2017 05:45 minor feature: Shell::out() and similar methods once again handle array inputs. Cake Http Client now raises a 504 HttpException when a timeout occurs. Improved deprecation comments in API doc blocks. Cake Http Client response bodies can be read with the PSR7 interface once again. Improved SQLServer 2008 pagination shims to work when results are ordered by a computed field. DefaultPasswordHasher now includes the hashCost option as a factor into whether or not a password needs to be rehashed. IntegrationTestCase now correctly generates form-tampering prevention tokens for requests with query string arguments in the URL string. Empty translation messages now return the key for messages with no context. ADmad. Bernat Arlandis. David Yell. Jeremy Harris. Joris Vaesen. José Lorenzo Rodríguez. Marc Würth. Mark Scherer. Mark Story. Mike Fellows. Owen Gerrard. antograssiot. saeid.
3.5.0-RC127 Jul 2017 11:45 minor feature: Schema reflection now handles CURRENT_TIMESTAMP() as a default value from MariaDB. Pagination with TranslateBehavior and NOT expressions now works as expected. The default application includes composer scripts like the application skeleton in 3.x does. Test stability under MySQL 5.7 has been improved. Shell commands now display an error when unknown options are used. This feature was backported from 3.x. Koji Tanaka. Kurre Ståhlberg. Mark Story. Val Bancer.
2.10.023 Jul 2017 21:25 minor feature: Schema reflection now handles CURRENT_TIMESTAMP() as a default value from MariaDB. Pagination with TranslateBehavior and NOT expressions now works as expected. The default application includes composer scripts like the application skeleton in 3.x does. Test stability under MySQL 5.7 has been improved. Shell commands now display an error when unknown options are used. This feature was backported from 3.x. Koji Tanaka. Kurre Ståhlberg. Mark Story. Val Bancer.
3.4.1119 Jul 2017 09:45 minor feature: FormHelper will now use the default value for undefined indexes in entity fields with array values. marshalling time data when locale parsing is enabled and the time format looks like a float. a regression in ConsoleIo::overwrite() introduced in 3.4.10. Plural messages with '' as their value now fallback to the singular message id. This makes plural messages consistent with other translations. ADmad. David Yell. Ian den Hartog. Iandenh. José Lorenzo Rodríguez. Mark Story. Niklas Rother. Robert Pustu?ka. kicaj.
3.4.1010 Jul 2017 09:45 minor feature: Sessions now work with trans_sid enabled. Inspecting queries with Xdeno longer causes lastInsertId() to return the incorrect results. Validation error messages when Email addresses are invalid are more helpful now. FormHelper can now read values from entity properties that implement ArrayAccess. ConsoleIo::overwrite() can now overwrite long content with shorter content correctly. Several compatibility with PHP 7.2 were. Digest Authentication can now compare the digest hash even when the field is hidden in the entity. Associations contained in beforeFind events are now retained on cloned queries. MO file parsing correctly handles Plural-Forms: nplurals=1; plural=0;. Http Client now handles redirects instead of the Stream adapter handling them. This resolves an where cookies sent in intermediary responses were not being forwarded in subsequent requests. The validation package no longer has a hard dependency on cakephp/i18n. ADmad. Cees-Jan Kiewiet. Clemens Weiß. Daniel Opitz. José Lorenzo Rodríguez. Mark Story. Michael Hoffmann. Mike Fellows. Robert Pustu?ka. nojimage.
2.10.0-RC130 Jun 2017 11:05 minor feature: RedisEngine now uses multiple delete operations when clearing keys. This resolves a compatibility with redis cluster. Plugin tures in sub-directories can now be used as documented. Query::contain() on HasMany associations with a finder option now works as expected. IntegrationTestCase now simulates the correct environment variables enabling getRequestTarget() to work as expected. Deger::excerpt() can now be used on the last line in a file. An incompatibility introduced in PHPUnit 5.7.21 and CakePHP's forwards compatibility shims has been resolved. ADmad. Bryan Crowe. Jeremy Harris. José Lorenzo Rodríguez. Marc Würth. Mark Story. Michael Hoffmann. h-moriya. ndm2.
3.4.926 Jun 2017 15:25 minor feature: RedisEngine now uses multiple delete operations when clearing keys. This resolves a compatibility with redis cluster. Plugin tures in sub-directories can now be used as documented. Query::contain() on HasMany associations with a finder option now works as expected. IntegrationTestCase now simulates the correct environment variables enabling getRequestTarget() to work as expected. Deger::excerpt() can now be used on the last line in a file. An incompatibility introduced in PHPUnit 5.7.21 and CakePHP's forwards compatibility shims has been resolved. ADmad. Bryan Crowe. Jeremy Harris. José Lorenzo Rodríguez. Marc Würth. Mark Story. Michael Hoffmann. h-moriya. ndm2.
3.4.820 Jun 2017 06:05 minor feature:
2.9.926 May 2017 11:05 minor feature: Basic Authentication now reads the Authorization header if present. This improves compatibility with FastCGI. Improved API documentation. Marc Würth. Mark Scherer. Mark Story. Nicola Beghin.
3.4.721 May 2017 03:16 minor feature: Improved API documentation for deprecated methods. Translations now return the key name when a message has both a context, and a blank translated value. Nested request body parameters no longer trigger errors in the Oauth1 client authentication adapter. IntegrationTestCase::enableRetainFlashMessages() was added. By using this method you can assert flash messages using assertSession(). Validation::hexColor() was added. Pagination queries with nested matching() calls no longer emit invalid SQL. ADmad. David Yell. Ian den Hartog. Jeremy Harris. Mark Scherer. Mark Story. Michael Hoffmann. chinpei215. mehdi fathi.
3.4.603 May 2017 05:45 minor feature: The CSRF and Security token fields now have autocomplete=off. This resolves a problem with the back button in new versions of Safari. The SQLServer driver now supports more connection options. Improved API documentation. tureManager always uses connection aliases now. This prevents accidentally using the live connection when the test connection has not been defined. Translation packages can initialize from cache files created in 3.3 without errors now. the conjugation of conditions by and*() and or*(). Previously and*() methods appended conditions, while or*() methods prepended them. ADmad. Joep Roebroek. José Lorenzo Rodríguez. Marc Würth. Mark Scherer. Mark Story. Michael Hoffmann. Sohel Rana. Stephan Meyer. Travis Rowland. lilHermit. mehdi fathi. ndm2. saeid.
2.9.822 Apr 2017 03:16 minor feature: Support for TLS 1.2 was added to CakeSocket. Using newer TLS versions requires PHP5.6 or greater. The CSRF and Security token fields now have autocomplete=off. This resolves a problem with the back button in new versions of Safari. ControllerTestCase::testAction() now works as expected when App.base is set. Validation::notEmpty() accepts -0.0 as it does on 3.x. Livia Scapin. Marc Würth. Marcin Stramek. Mark Story. ndm2.
3.3.1607 Apr 2017 06:25 minor feature: a fatal error in Http Client Request caused by Diactoros 1.4.0, which contains an incompatiblily CakePHP's use case.
2.9.702 Apr 2017 17:05 minor feature: Router::reverseToArray() was added. This new method allows you to get the URL parameters from a request that would let you generate the request's URL again with Router::url(). CakeSchema no longer adds an additional id column to tables when reflecting schema of tables with non-conventional primary keys, and not using the defined model classes. The error class used by FormHelper::input() can be customized with theerrorClass option. Hash::filter() no longer removes values of 0.0. AuthComponent::logout() now removes the active user data used by stateless authenticators. Latvian and Hungarian locale names were corrected. Henrik Gemal. Koji Tanaka. Mark Story. Mark van Driel. Sébastien Barré. Val Bancer.
3.4.429 Mar 2017 09:25 minor feature: Hash::filter() no longer removes 0.0. Error messages now include file and line numbers more often. Logging now handles string scopes more consistently. The ORM no longer emits errors when an association's alias does not match the linked table's alias. This allows you to leverage the targetTable option in associations to make association names that do not need to match the linked table. HtmlHelper::scriptStart() not longer emits CDATA blocks by default anymore. This makes scriptStart() consistent with script(). TranslateBehavior::translationField() returns standard table alias for default locale. Improved API documentation. Allow getting configured datetime class for Type class. ADmad. José Lorenzo Rodríguez. Koji Tanaka. Mark Scherer. Mark Story. Robert Pustu?ka. Roberto Maldonado. Sevvlor. chinpei215. inoas. saeid. saeideng. ypnos-web.
3.4.311 Mar 2017 16:25 minor feature: Query::rowCountAnd() was added enabling you to get a rowcount and a statement in a single method. This is intended to be used with delete and update queries. ServerRequest now correctly handles _FILES when the keys are out of order. Newlines in the confirm messages created by FormHelper are now preserved. The showHtml argument of dd() is now used. CLI commands can now return integers to indicate errors. Response::withStringBody() was added making it easier to create responses with simple string bodies. The lib-ICU version requirement was removed. It was causing installation for many users on windows. The elipsis in PaginatorHelper::numbers() always replaces more than one page now. Previously it would sometimes replace only a single page. cake routes generate now parses boolean arguments. Incorrect attributes in the XML help for CLI commands have been. HtmlHelper::meta() now accepts the block option in the custom meta tag array data. In a nested transaction when a rollback is followed by a commit, an exception is now raised as the entire transaction must be aborted when save points are not being used. The previous behavior could result in operations following the first rollback to succeed as they ran in a standalone transaction. Error handling now always includes the file name and line number. Entity::setVirtual() and Entity::setHidden() now merge non-associative array arguments when called multiple times with the merge parameter. TranslateBehavior's allowEmptyTranslations option no longer creates orphaned records when translated text is empty. Text::highlight() now has a limit option. TableSchema::removeColumn() was added. ADmad. Brady Pacha. David Yell. Dmitrii Romanov. Edgaras Janu?auskas. José Lorenzo Rodríguez. Koji Tanaka. Manuel1948. Mark Scherer. Mark Story. Mathew Foscarini. Michael Hoffmann. antograssiot. chinpei215. inoas. macnie. saeid.
2.9.602 Mar 2017 10:25 minor feature: Improved API documentation. Added Validation::minLengthByte() and Validation::maxLengthBytes() . Allow false/true to be read as keys in Hash::get(). Exit early when SMTP connections are disconnected on the remote side. This prevents the SmtpTransport from waiting until the read timeout is reached. FormHelper to work better with numeric optgroup labels. José Lorenzo Rodríguez. Livia Scapin. Mark Sch. Mark Story. Mischa ter Smitten. Mponos George. chinpei215. kanonji.
3.4.225 Feb 2017 15:45 minor feature: Improved API documentation. The association option has been restored to the Model.beforeMarshal event. missing compatibility aliases to allow compatibility with both PHPUnit 5.7 and PHPUnit 6. a memory leak in the ORM EagerLoader. Restored Event:: result the magic methods were not fully backwards compatible. Improved EntityTrait::__deInfo() to show fields that are not accessible. ServerRequest::getQuery(null) now returns the complete query data. Sessions now have an id in CLI environments. Controller actions with passed parameters no longer emit errors when route keys are converted into passed parameters. ADmad. David Yell. José Lorenzo Rodríguez. Marc Würth. Mark Scherer. Mark Story. Mathew Foscarini. Michael Hoffmann. antograssiot. chinpei215. saeideng. sohelrana820.
3.4.121 Feb 2017 18:05 minor feature: CounterCacheBehavior had an ignoreCounterCache option added, allowing you to disable counter updates on save. Table::saveOrFail() and Table::deleteOrFail() were added. These methods allow you to perform save/delete operations that raise exceptions on failure instead of returning false. Support for PHPUnit 6 was added. Currently only composer based installation of PHPUnit 6 is supported. Helper::getView() was added. Urlencoded URLs are once again matched correctly. InflectedRoute routes using HTTP method conditions work again. Association duplicate alias detection is more relaxed and accepts sub-classes. Mailer Email no longer waits until the socket timeout when an SMTP server disconnects early. BelongsToMany::foreignKey() no longer incorrectly returns this when modifying the key. Strings that contain only whitespace are now correctly output by de(). ADmad. Eric Büttner. Florian Krämer. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Michael. Michael Hoffmann. Oxicode. Paolo Cuffiani. Robert Pustu?ka. Walther Lalk. antograssiot. chinpei215. inoas.
3.4.017 Feb 2017 23:45 minor feature: The CakePHP Request Response objects now implement the complete set of PSR-7 interface methods. This allows you to use one set of methods every where in your application and leverage libraries that work on PSR-7 compliant objects. Routes now support a _host option allowing you to match URLs on specific domains. Collection::chunkWithKeys() allows you to split a collection into chunks and preserve the keys for those chunks. Email messages can have their priority set. FormHelper can now read default data out of the query string making GET forms simple to build.
3.3.1513 Feb 2017 09:25 minor feature: Improved API documentation types. QueryLogger no longer strips and when re-creating SQL queries. Custom attributes can be passed down to checkboxes and radio buttons now. Added labelOptions for multi-checkbox/radio widgets, enabling these widgets to have additional attributes defined on the label elements through the labelOptions key. Whitespace before text inside HTML tags no longer causes assertHtml() to fail. Bryan Crowe. Edgaras Janu?auskas. José Lorenzo Rodríguez. Marc Würth. Mark Scherer. Mark Story. lilHermit.
3.3.1409 Feb 2017 16:45 minor feature: ValueBinder::placeholder() now works as documented when anonymous placeholders are used. Caching result sets on PHP 7.1.1 works again. There was an incompatibility due to a change in how SplArray was unserialized. Validation::notBlank() now works with float 0. Collection::transpose() with different number of columns and rows now works as expected. The 'toggle vendor stack frames' links on error pages now work. Session destruction now works properly using the cache engine and memcached. Email log headers and body are separated by a new line. Cory Thompson. Edgaras Janu?auskas. Joep Roebroek. Johan Meiring. José Lorenzo Rodríguez. Mark Story. Mathew Foscarini. Rodrigo moyle. antograssiot.
3.4.0-RC405 Feb 2017 16:05 minor feature: When sending a Client request through a proxy, the URI is now in an absolute form. Query::update() now raises an error when an invalid parameter is passed. Mailers are now reset when sending an email raises an exception. Improved error messages when associations are missing primary keys. Validator::multipleOptions no longer ignores the caseInsensitive option. HasMany::link() now updates all records in a single transaction. The nestedInput option in FormHelper::input() no longer appears as an attribute. TestCase::assertHtml() accepts whitespace before a closing tag. Improved API documentation. Added support for the parseHuge option in Xml::build(). ADmad. Bernat Arlandis. Ceeram. Cory Thompson. Dmitrii Romanov. Gareth Ellis. Henrik Gemal. José Lorenzo Rodríguez. Marc Würth. Mark Story. Ross Chater. Yves P. lilHermit. ndm2.
3.3.1331 Jan 2017 14:25 minor feature: When sending a Client request through a proxy, the URI is now in an absolute form. Query::update() now raises an error when an invalid parameter is passed. Mailers are now reset when sending an email raises an exception. Improved error messages when associations are missing primary keys. Validator::multipleOptions no longer ignores the caseInsensitive option. HasMany::link() now updates all records in a single transaction. The nestedInput option in FormHelper::input() no longer appears as an attribute. TestCase::assertHtml() accepts whitespace before a closing tag. Improved API documentation. Added support for the parseHuge option in Xml::build(). ADmad. Bernat Arlandis. Ceeram. Cory Thompson. Dmitrii Romanov. Gareth Ellis. Henrik Gemal. José Lorenzo Rodríguez. Marc Würth. Mark Story. Ross Chater. Yves P. lilHermit. ndm2.
2.9.527 Jan 2017 16:25 minor feature: query string parsing on requestAction(). This a long standing that resulted in query strings being doubled in requestAction() URLs. FlashHelper::render() can now render default messages created by. SessionComponent. Add support for the parseHuge option in Xml::build(). Error messages if PHP's mail() function fails are now accurate. Added support for the 'ru-ru' locale. Built-in server now accepts query string parameters for the base path. Bernat Arlandis. Henrik Gemal. José Lorenzo Rodríguez. Mark Story. Markus Bauer. chinpei215.
3.4.0-RC323 Jan 2017 11:25 minor feature: Improve return types compatiblity with PHPStorm in doc blocks. Routes with _host options now use that option when generating URLs. Aura.Intl version was raised to 3.0. missing uploaded files in Request objects. strict errors raised when Cake Database Schema Table is used as a typehint. Query::update() raises an error when an invalid parameter is passed. Mailers are now reset when sending an email raises an exception. Improved error messages when associations are missing primary keys. Validator::multipleOptions no longer ignores the caseInsensitive option. ADmad. Bernat Arlandis. Cory Thompson. Henrik Gemal. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Ross Chater.
3.4.0-RC219 Jan 2017 16:25 minor feature: HasMany Associations and a replace save strategy and conditions work more often now as table aliases are stripped from generated conditions. TextHelper::autoLinkUrls() now links more URLs correctly. Postgres schema reflection now extracts precision and scale from NUMERIC and DECIMAL columns. Headers set with setHeader() now overwrite those in _SERVER when requests are transformed into CakePHP requests. Table output in CLI tools now correctly handles empty strings when calculating widths. Hash::maxDimensions() correctly calculates dimensions when the first element is false. A plural message was used with __() an array would be returned which is never right. When an unknown context is used the __x() method fails. Datetime validation no longer emits errors when non-datetime objects are passed in. CLI commands can now accept an argument multiple times by setting the multiple option on an argument. The ignoreDirty option was added to CounterCacheBehavior which enables ignoring counter cache fields from being updated. Add dd() as quick alternative for de(); die();. ADmad. Christian Winther. DaVinciEngineer. José Lorenzo Rodríguez. Koen Brouwer. Mark Scherer. Mark Story. Mathew Foscarini. Michael Hoffmann. Michael Underwood. Robert Pustu?ka. Yves P. ndm2. yutmr.
3.4.0-RC116 Jan 2017 00:05 minor feature: HasMany Associations and a replace save strategy and conditions work more often now as table aliases are stripped from generated conditions. TextHelper::autoLinkUrls() now links more URLs correctly. Postgres schema reflection now extracts precision and scale from NUMERIC and DECIMAL columns. Headers set with setHeader() now overwrite those in _SERVER when requests are transformed into CakePHP requests. Table output in CLI tools now correctly handles empty strings when calculating widths. Hash::maxDimensions() correctly calculates dimensions when the first element is false. A plural message was used with __() an array would be returned which is never right. When an unknown context is used the __x() method fails. Datetime validation no longer emits errors when non-datetime objects are passed in. CLI commands can now accept an argument multiple times by setting the multiple option on an argument. The ignoreDirty option was added to CounterCacheBehavior which enables ignoring counter cache fields from being updated. Add dd() as quick alternative for de(); die();. ADmad. Christian Winther. DaVinciEngineer. José Lorenzo Rodríguez. Koen Brouwer. Mark Scherer. Mark Story. Mathew Foscarini. Michael Hoffmann. Michael Underwood. Robert Pustu?ka. Yves P. ndm2. yutmr.
3.3.1215 Jan 2017 06:25 minor feature: HasMany Associations and a replace save strategy and conditions work more often now as table aliases are stripped from generated conditions. TextHelper::autoLinkUrls() now links more URLs correctly. Postgres schema reflection now extracts precision and scale from NUMERIC and DECIMAL columns. Headers set with setHeader() now overwrite those in _SERVER when requests are transformed into CakePHP requests. Table output in CLI tools now correctly handles empty strings when calculating widths. Hash::maxDimensions() correctly calculates dimensions when the first element is false. A plural message was used with __() an array would be returned which is never right. When an unknown context is used the __x() method fails. Datetime validation no longer emits errors when non-datetime objects are passed in. CLI commands can now accept an argument multiple times by setting the multiple option on an argument. The ignoreDirty option was added to CounterCacheBehavior which enables ignoring counter cache fields from being updated. Add dd() as quick alternative for de(); die();. ADmad. Christian Winther. DaVinciEngineer. José Lorenzo Rodríguez. Koen Brouwer. Mark Scherer. Mark Story. Mathew Foscarini. Michael Hoffmann. Michael Underwood. Robert Pustu?ka. Yves P. ndm2. yutmr.
3.4.0-beta411 Jan 2017 02:05 minor feature: Xml::fromArray() now serialized '0' correctly. Http Client Response::getStatusCode() now returns integers, instead of strings. RequestHandler:: ajaxLayout is now deprecated. Previously undocumented, this property will be removed in 4.0.0. Improved API documentation. Validation::(min max)LengthBytes() were added. These methods let you check the number of bytes in a value where as (min max)Length() let you check the number of characters. The Form library is now offered as a standalone package. ADmad. Bryan Crowe. Ceeram. Koji Tanaka. Marc Würth. Mark Scherer. Mark Story. Mirko Pagliai. Mischa ter Smitten. gregs.
3.4.0-beta306 Jan 2017 07:05 minor feature: Xml::fromArray() now serialized '0' correctly. Http Client Response::getStatusCode() now returns integers, instead of strings. RequestHandler:: ajaxLayout is now deprecated. Previously undocumented, this property will be removed in 4.0.0. Improved API documentation. Validation::(min max)LengthBytes() were added. These methods let you check the number of bytes in a value where as (min max)Length() let you check the number of characters. The Form library is now offered as a standalone package. ADmad. Bryan Crowe. Ceeram. Koji Tanaka. Marc Würth. Mark Scherer. Mark Story. Mirko Pagliai. Mischa ter Smitten. gregs.
3.4.0-beta202 Jan 2017 18:25 minor feature: Xml::fromArray() now serialized '0' correctly. Http Client Response::getStatusCode() now returns integers, instead of strings. RequestHandler:: ajaxLayout is now deprecated. Previously undocumented, this property will be removed in 4.0.0. Improved API documentation. Validation::(min max)LengthBytes() were added. These methods let you check the number of bytes in a value where as (min max)Length() let you check the number of characters. The Form library is now offered as a standalone package. ADmad. Bryan Crowe. Ceeram. Koji Tanaka. Marc Würth. Mark Scherer. Mark Story. Mirko Pagliai. Mischa ter Smitten. gregs.
3.3.1129 Dec 2016 10:05 minor feature: Xml::fromArray() now serialized '0' correctly. Http Client Response::getStatusCode() now returns integers, instead of strings. RequestHandler:: ajaxLayout is now deprecated. Previously undocumented, this property will be removed in 4.0.0. Improved API documentation. Validation::(min max)LengthBytes() were added. These methods let you check the number of bytes in a value where as (min max)Length() let you check the number of characters. The Form library is now offered as a standalone package. ADmad. Bryan Crowe. Ceeram. Koji Tanaka. Marc Würth. Mark Scherer. Mark Story. Mirko Pagliai. Mischa ter Smitten. gregs.
2.9.425 Dec 2016 12:25 minor feature: The hu-HU and lv-LV locales were added. Errors are no longer emitted when operating on corrupted cookie data. redirectUrl when loginRedirect is empty. missing HTML encoding when error messages contain HTML. This can happen when user data is used as an offset in an array in an unchecked way. Thanks to Teppei Fukuda for reporting this via the responsible security disclosure process. TreeBehavior no longer invokes its own methods indirectly via the Model proxy method. Xml::fromArray() now correctly serializes '0'. Henrik Gemal. Mark Story. chinpei215. domingues.
3.3.1013 Dec 2016 12:25 minor feature: Literal in string template variables no longer cause errors. Query Logging now correctly replaces placeholders for IN clauses. BreadcrumbsHelper::render() now returns '' when there are no crumbs. This makes its return type consistent in all cases. MissingHelper errors raised when rendering an error page, no longer cause a blank page response. PaginatorComponent now caps the limit option to the maxLimit option if both are specified. All SQL dialects now correctly generate default values for DATETIME and TIMESTAMP columns for values other than CURRENT_TIMESTAMP. Deger now HTML encodes error message contents. Previously, applications running in demode could be vulnerable to reflected cross-site-scripting (XSS) in some scenarios. Thank you to Teppei Fukuda for reporting this via the security disclosure process. FlashComponent now supports a duplicate option. When disabled, this option will prevent duplicate messages from being set. IntegrationTestCase::assertResponseRegExp() and. IntegrationTestCase::assertResponseNotRegExp() were added. MissingElementException provides more context now. ADmad. Alex Bogdanov. Cees-Jan Kiewiet. JayPHP. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Mirko Pagliai. Yasuaki Hamano. gregs.
2.9.301 Dec 2016 21:05 minor feature: The constructor of AclNode now lets you pass in an alias when instances are created via ClassRegistry::init(). A regression introduced in 2.9.1 where bootstrap files would not be correctly processed preventing bake from creating new applications. PagesController no longer allows.. in paths allowing other view templates to be loaded potentially causing application errors. Shell commands now accept the --webroot CLI parameters allowing you to customize the path to your application's webroot directory if necessary. Cache::engine() was backported from 3.x. DboSource now supports hook methods for customizing how the method cache works. Marc Würth. Mark Sch. Mark Story. Mischa ter Smitten. Val Bancer. chinpei215.
3.1.1427 Nov 2016 07:25 minor feature: An invalid option was removed from JsonView. ShellDispatcher now logs fewer warnings about duplicate shells when delogging is enabled. The exception message raised when an ORM update fails due to missing primary key values has been improved. Xml::toArray() no longer errors on tag names that match application class names. Console errors no longer include duplicate tags when invalid options are used. Improved API documentation for return parameter types. Router no longer parses extensions in a greedy way. Route key elements can now be a single character. BreadCrumbsHelper was added. This helper offers and improved API over the existing breadcrumb features offered by HtmlHelper. Cake Network Response now features a __deInfo() method. ADmad. David Yell. Guillaume "Elektordi" Genty. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Mathew Foscarini. Walther Lalk. Yves P. chinpei215. luke83.
3.3.922 Nov 2016 19:45 minor feature: An invalid option was removed from JsonView. ShellDispatcher now logs fewer warnings about duplicate shells when delogging is enabled. The exception message raised when an ORM update fails due to missing primary key values has been improved. Xml::toArray() no longer errors on tag names that match application class names. Console errors no longer include duplicate tags when invalid options are used. Improved API documentation for return parameter types. Router no longer parses extensions in a greedy way. Route key elements can now be a single character. BreadCrumbsHelper was added. This helper offers and improved API over the existing breadcrumb features offered by HtmlHelper. Cake Network Response now features a __deInfo() method. ADmad. David Yell. Guillaume "Elektordi" Genty. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Mathew Foscarini. Walther Lalk. Yves P. chinpei215. luke83.
2.9.211 Nov 2016 03:45 minor feature: You can now enable callbacks on components used by components by setting the enabled option to true. formatResults callbacks attached to BelongsToMany Associations now fire as they should. ResponseEmitter no longer calls a missing method on Log. TranslateBehavior no longer creates translation records for the default locale. This was a regression introduced in 3.3.7. column SQL generation nullable column with default values. Options passed to Table::validateUnique() are now passed to the generated rule object. Improved API documentation. ADmad. Ceeram. Hugh Downer. Jeremy Harris. José Lorenzo Rodríguez. Marc Würth. Mark Story. Mathew Foscarini. dereuromark.
3.3.729 Oct 2016 07:05 minor feature: Http Client no longer sets the Content-Type header on all requests. Instead if there is no request data, the Content-Type header is not sent. New Entities that contain only translated records now persist correctly. JsonView no longer hard fails on INF and NAN values. Instead these values are replaced with '0'. '' is now an accepted key in both Session and Hash::get() operations. Time objects can now have their JSON encode format set to Time::UNIX_TIMESTAMP_FORMAT. FormHelper::create() now supports the 'enctype' and 'method' options. Routing now supports multi-extensions like '.csv.gz'. Composer scripts were added to make running tests and linting easier. Andrew LeCody. Johan Meiring. Walther Lalk. inoas. Mark Story. Andrej Griniuk. lilHermit. José Lorenzo. thinkingmedia.
3.3.615 Oct 2016 07:25 minor feature: The ORM will now correctly handle complex types like datetimes in where conditions for associations that are joined with joinWith(), innerJoinWith(), matching() and notMatching(). View Cells now include the template and action name when generating cache keys. This incorrect cached content from being displayed. When autoFields are disabled 1:1 associated records will now be hydrated as an empty object. The associations generated by BelongsToMany associations now preserve the loading strategy defined in the root association. A double URL encoding on cookie values emitted by the PSR7 HTTP stack. This resulted in encrypted cookies not being readable. TestCase::getMockForModel() now correctly sets plugin model aliases. RoutingMiddleware sets the request method based on the _method request data parameter. SqlServer handles default values with N prenow. Improved API documentation. The ajaxLogin of AuthComponent is now deprecated. PaginatorHelper supports escape = false in more methods. PaginatorHelper::generateUrl() was added. HtmlHelper::meta() can now create canonical, next and prev tags. ADmad. Gareth Ellis. Hari K T. Johan Meiring. Jorge Alberto Cricelli. José Lorenzo Rodríguez. Marc Wilhelm. Marc Ypes. Mark Story. Robert Pustu?ka. Walther Lalk. chinpei215. cjquinn. dereuromark. inoas. phongkt. saeid. thinkingmedia.
2.9.111 Oct 2016 11:25 minor feature: Regressions in FormHelper SecurityComponent token generation were. A number of plugins and applications were relying on CakePHP to autoload Object which it now does again. Length detection for ENUM columns was. Schema generation now omits table names that would result in invalid property names. The default flash template had incorrect content removed. Model::query() now defaults the cache argument to Model:: cacheQueries. Andrej Griniuk. David Maicher. José Lorenzo Rodríguez. Mark Sch. Mark Story. Mischa ter Smitten.
3.3.530 Sep 2016 09:45 minor feature: __xn, __dx and __dxn support variadic arguments now. An incompatibility in Response::body(callable) PSR7 stack was. Improved API docs resolving warnings in PHPStorm and other IDEs. Checkbox inputs now support the escape option. Translations that result in '' no longer throws an exception. EventManager::__deInfo() is more accurate. notMatching() without query builder callback triggering an error. Clean primary entity after Model.afterSaveCommit is triggered. Previously primary entity was being cleaned too early and callbacks for Model.afterSaveCommit were useless if one wanted to acccess original state. The ErrorHandlerMiddleware now logs errors as ErrorHandler would. Requests with an invalid HTTP protocol version no longer fatally error. Instead they return a 400 HTTP status code. Redirect Routes now work as expected for applications in subdirectories using the PSR7 HTTP stack. DispatchFilters now receive events when exceptions are rendered again. Session regeration now works as expected with the database adapter, and PHP7+. Very large decimal values can now be used in database operations withouth losing precision now. RouteBuilder::nameExists() was added. This method allows you to check the existence of named routes. Collection:cartesianProduct() was added. View::element() now supports plugin = false as an option to disable automatic plugin element rendering. imageSize, imageHeight and imageWidth methods were added to Validation. These methods let you validate uploaded image file sizes without requiring additional extensions. Improved API docs. ADmad. Alexandros Solanos. Bryan Crowe. Cees-Jan Kiewiet. David Yell. Florian Krämer. Jad Bitar. Jose Diaz-Gonzalez. José Lorenzo Rodríguez. Mark Story. Mirko Pagliai. mscherer. Pedro Tanaka. Thinking Media. chinpei215. hashmode. ndm2.
3.3.425 Sep 2016 04:25 minor feature: __xn, __dx and __dxn support variadic arguments now. An incompatibility in Response::body(callable) PSR7 stack was. Improved API docs resolving warnings in PHPStorm and other IDEs. Checkbox inputs now support the escape option. Translations that result in '' no longer throws an exception. EventManager::__deInfo() is more accurate. notMatching() without query builder callback triggering an error. Clean primary entity after Model.afterSaveCommit is triggered. Previously primary entity was being cleaned too early and callbacks for Model.afterSaveCommit were useless if one wanted to acccess original state. The ErrorHandlerMiddleware now logs errors as ErrorHandler would. Requests with an invalid HTTP protocol version no longer fatally error. Instead they return a 400 HTTP status code. Redirect Routes now work as expected for applications in subdirectories using the PSR7 HTTP stack. DispatchFilters now receive events when exceptions are rendered again. Session regeration now works as expected with the database adapter, and PHP7+. Very large decimal values can now be used in database operations withouth losing precision now. RouteBuilder::nameExists() was added. This method allows you to check the existence of named routes. Collection:cartesianProduct() was added. View::element() now supports plugin = false as an option to disable automatic plugin element rendering. imageSize, imageHeight and imageWidth methods were added to Validation. These methods let you validate uploaded image file sizes without requiring additional extensions. Improved API docs. ADmad. Alexandros Solanos. Bryan Crowe. Cees-Jan Kiewiet. David Yell. Florian Krämer. Jad Bitar. Jose Diaz-Gonzalez. José Lorenzo Rodríguez. Mark Story. Mirko Pagliai. Pedro Tanaka. Thinking Media. chinpei215. hashmode. ndm2.
2.9.020 Sep 2016 13:05 minor feature: The Object class has been deprecated due to upcoming PHP7 collisions. It has been renamed to CakeObject to avoid collisions with new PHP reserved words. AuthComponent::user() now makes the user data available when using stateless authentication adapters. DboSource::flushQueryCache() was added to allow more fine-grained control of query result caching when enabled. The log messages created by ErrorHandler can now be more easily customize in subclasses. Additional mime-types for 'jsonapi', and 'psd' were added. Time Datetime inputs no longer set a maxlength attribute when rendered as 'text' input types.
2.8.817 Sep 2016 02:05 minor feature: CakeTestCase::getMockForModel() no longer fails when when models interact with their data source in the constructor. A regression in FormHelper related to security tokens and applications in sub-directories was. José Lorenzo Rodríguez. Mark Story.
2.8.712 Sep 2016 06:25 minor feature: CakeRequest::header() can now read the Authorization header when it is set by fast-cgi. TestShell now supports the --coverage-text option. Folder::inPath() now only accepts absolute paths. It previously had ambiguous behavior when relative paths were used. Mysql::insertMulti() now performs better, as all rows are inserted in one query. FormHelper now generates security tokens correctly when. AppHelper::url() injects parameters into generated URLs. FormHelper::submit() now supports the confirm option. Hash::sort() now supports sorting by the current locale. CaketureManager will only truncate tables if tables are not being dropped between test methods. Kenya Yamaguchi. Marc Würth. Mark van Driel. Sebastien Barre. Val Bancer. mark_story. mscherer. ndm2. nojimage.
2.9.0-RC107 Sep 2016 14:45 minor feature: The Object class has been deprecated due to upcoming PHP7 collisions. It has been renamed to CakeObject to avoid collisions with new PHP reserved words. AuthComponent::user() now makes the user data available when using stateless authentication adapters. DboSource::flushQueryCache() was added to allow more fine-grained control of query result caching when enabled. The log messages created by ErrorHandler can now be more easily customized in subclasses. Additional mime-types for 'jsonapi', and 'psd' were added. Time Datetime inputs no longer set a maxlength attribute when rendered as 'text' input types. Gareth Ellis. Jorge González. José Lorenzo Rodríguez. Kenya Yamaguchi. Marc Würth. Mark Story. Mark van Driel. Sebastien Barre. chinpei215. mark_story. mscherer. ndm2. nojimage. schrolli.
3.3.303 Sep 2016 09:45 minor feature: HasMany::unlink() no longer emits errors when an empty list is provided. The global event manager now tracks events when the local event manager does not have tracking enabled. Selecting SQL computed fields in contained associations no longer emits warnings in PHP7. Redirect routes work correctly once again. Previously the beforeDispatch event was not stopped causing errors. Folder::inPath() now only accepts absolute paths. It previously had ambiguous behavior when relative paths were used. TestCase::getMockForModel() now ensures that generated mocks have the correct table name. EntityTrait::clean() now resets the original value states. Marshalling no longer marks unchanged null values as dirty. Numeric column names are now correctly quoted when identifier quoting is enabled. Improved API docs in the ORM and Database packages. Cake TestSuite EmailAssertTrait was added. This trait makes it easier to to write tests for Mailer classes. Hash::sort() now supports sorting by the current locale. FormHelper::create() now supports the templateVars option. ADmad. Alexandros Solanos. Benjamin Tamási. Jad Bitar. Jeremy Harris. José Lorenzo Rodríguez. Mark Scherer. Mark Story. Nick Busey. Thinking Media. mscherer. ndm2.
3.3.225 Aug 2016 11:05 minor feature: Session cookies are now only sent by the PSR7 stack when the session is active. Content-Type headers emitted from the PSR7 stack now include the charset. Mark Story.
3.3.120 Aug 2016 20:25 minor feature: AssetFilter now interacts properly with PSR7 based applications. Cookie decryption when using the PSR7 stack now works properly. Regressions around marshalling associated data have been. All associations now marshall correctly when TranslateBehavior is enabled. BelongsToMany _joinData records with complex properties now hydrate correctly again when loaded with find(). Request::is() no longer caches results. This an where parameterized detectors would return cached results when parameters are different. CakeEmail::deliver() correctly uses default as the default transport configuration instead of 'fast'. MiddlewareStack::insertAt() behaves correctly when adding non-Closure based middleware. Dispatcher filters are not doubly invoked when an application uses the PSR7 HTTP stack and dispatcher filters. CrossSchemaTableExpression and automatic cross database join preing has been removed. This was a new feature in 3.3.0 that caused regressions for a number of folks. Removing the problematic feature feels like a better solution over trying to patch as they come up. Session cookie rotation works correctly, when setting custom cookies, and using the PSR7 HTTP stack. Cake ORM SaveOptionsBuilder was added. This class provides a builder interface for building option sets for save operations. By using a fluent interface you can reduce the number of errors made. Exceptions are now raised when duplicate named routes are connected. Florian Krämer. Jad Bitar. José Lorenzo Rodríguez. Juan Basso. Mark Sch. Mark Story. Mirko Pagliai. Walther Lalk. antograssiot. saeideng.
3.3.013 Aug 2016 07:25 minor feature: Router::mapResources() is deprecated. Use routing scopes and routes- resources() instead. Router::redirect() is deprecated. Use routing scopes and routes- redirect() instead. Router::parseNamedParams() is deprecated. Named parameter backwards compatibility will be removed in 4.0.0. Cake Http Client Response has had the following methods deprecated because they overlap with PSR7 interface methods: statusCode() use getStatusCode() instead. encoding() use getEncoding() instead. header() use getHeaderLine() instead. cookie() use getCookie() instead. version() use getProtocolVersion() instead. . statusCode() use getStatusCode() instead. encoding() use getEncoding() instead. header() use getHeaderLine() instead. cookie() use getCookie() instead. version() use getProtocolVersion() instead. Dispatcher Filters are now deprecated. Use the new HTTP middleware features. RequestActionTrait has been deprecated. Refactor your code to use view cells instead. Cake Utility Crypto Mcrypt engine has been deprecated as the mcrypt extension is deprecated in PHP 7.1. Use the openssl driver instead. PSR7 Middleware support has been added. This is an opt-in feature that allows you to leverage the increasing number of PSR7 middleware libraries from the broader PHP community in your CakePHP application. A new streamlined workflow for TranslateBehavior that makes creating forms for multiple translation values easier than before. Cake Network Http Client has been moved to Cake Http Client. Its request and response objects now implement the PSR7 interfaces __. Additional support has been added for mapping complex data types. This makes it easier to work with geo-spatial types, and data that cannot be represented by strings in SQL queries. A new JsonType was added. This new type lets you use the native JSON types available in MySQL and Postgres. In other database providers the json type will map to TEXT columns. When entities are converted into JSON, the associa
3.3.0-RC106 Aug 2016 18:05 minor feature: CakeEmail::deliver() now lets subclasses use the static method. Welcome page now correctly displays PDO related errors. Query timing metrics are reset on BEGIN/COMMIT/ROLLBACK statements, giving more accurate query timing data. AuthComponent no longer stores redirect URLs for JSON requests. Empty strings are removed from the secured field list in FormHelper. Icelandic locale (is-is) support was added. Stateless authentication adapters now store their user data on all requests, not just those that require authorization. Plugin associations defined with the short name as a key now behave consistently with other declaration modes. Shutdown events are now triggered by the default error handling controllers. CakeResponse::header() now treats null values now works like setting '' as a value. Model::delete() no longer performs joins when simple conditions are used. CakeSchema can now change column lengths to the database vendor's defaults. A memory leak in the SmtpTransport has been.
3.2.1302 Aug 2016 06:05 minor feature: The Content-Type header works better in controller integration tests. TreeBehavior no longer allows a node to be its own parent. You can now write integration tests for methods that use secured forms with query string arguments in the URL. FormHelper::error() now allows message translation by rule name, in addition to by error message string. Table::validateUnique() no longer raises an exception when non-scalar values are received. BelongsToMany::replaceLinks() no longer returns true when linked records fail to save because of application rules. An exception will be raised when a Model.afterSave event handler aborts the transaction. An optimization made to the DateTimeType has been reverted as it caused with user-land plugins. Text::stripLinks() now recursively removes HTML. This method is now deprecated as stripping HTML with regular expressions is almost never truly safe. Using associations that do not exist will now fail with an exception when marshalling data. Cell::__toString() now displays more useful fatal errors in PHP7. The console TableHelper now correctly handles double-width characters. Text::truncateByWidth() was added. This method makes it easier to truncate text by its visual width instead of its character length. The notExists() and exists() methods were added to QueryExpression. A warning is now logged by Cake Network Response when headers have already been sent.
3.3.0-beta328 Jul 2016 18:45 minor feature: The console TableHelper more gracefully handles empty data. Junction table conditions are now reset correctly. ExistsIn and IsUnique application rules are no longer invoked twice. Generated junction table classes now inherit the connection of the table defining the BelongsToMany association. This makes it easier to have plugin specific connections. URLs with uppercase protocols are now autolinked by TextHelper. Cache groups defined in injected cache engine instances are now registered correctly. Request::header() can now read the Content-Length and Content-Type header values. Schema reflection will now include per-column collation data when available. TimeHelper now supports an outputTimezone config option. This lets you set a global output timezone making it easier to localise formatted dates/times. HtmlHelper::image() now supports CID: URLs. Table::findOrCreate() now supports an atomic option. Performance optimizations in find(list). Folder::inCakePath() is now deprecated. Use Folder::inPath() instead.
3.3.0-beta218 Jul 2016 07:25 minor feature: The console TableHelper more gracefully handles empty data. Junction table conditions are now reset correctly. ExistsIn and IsUnique application rules are no longer invoked twice. Generated junction table classes now inherit the connection of the table defining the BelongsToMany association. This makes it easier to have plugin specific connections. URLs with uppercase protocols are now autolinked by TextHelper. Cache groups defined in injected cache engine instances are now registered correctly. Request::header() can now read the Content-Length and Content-Type header values. Schema reflection will now include per-column collation data when available. TimeHelper now supports an outputTimezone config option. This lets you set a global output timezone making it easier to localise formatted dates/times. HtmlHelper::image() now supports CID: URLs. Table::findOrCreate() now supports an atomic option. Performance optimizations in find(list). Folder::inCakePath() is now deprecated. Use Folder::inPath() instead.
3.3.0-beta14 Jul 2016 08:25 minor feature: The console TableHelper more gracefully handles empty data. Junction table conditions are now reset correctly. ExistsIn and IsUnique application rules are no longer invoked twice. Generated junction table classes now inherit the connection of the table defining the BelongsToMany association. This makes it easier to have plugin specific connections. URLs with uppercase protocols are now autolinked by TextHelper. Cache groups defined in injected cache engine instances are now registered correctly. Request::header() can now read the Content-Length and Content-Type header values. Schema reflection will now include per-column collation data when available. TimeHelper now supports an outputTimezone config option. This lets you set a global output timezone making it easier to localise formatted dates/times. HtmlHelper::image() now supports CID: URLs. Table::findOrCreate() now supports an atomic option. Performance optimizations in find(list). Folder::inCakePath() is now deprecated. Use Folder::inPath() instead.
3.2.1209 Jul 2016 13:45 minor feature: The console TableHelper more gracefully handles empty data. Junction table conditions are now reset correctly. ExistsIn and IsUnique application rules are no longer invoked twice. Generated junction table classes now inherit the connection of the table defining the BelongsToMany association. This makes it easier to have plugin specific connections. URLs with uppercase protocols are now autolinked by TextHelper. Cache groups defined in injected cache engine instances are now registered correctly. Request::header() can now read the Content-Length and Content-Type header values. Schema reflection will now include per-column collation data when available. TimeHelper now supports an outputTimezone config option. This lets you set a global output timezone making it easier to localise formatted dates/times. HtmlHelper::image() now supports CID: URLs. Table::findOrCreate() now supports an atomic option. Performance optimizations in find(list). Folder::inCakePath() is now deprecated. Use Folder::inPath() instead.
3.2.1123 Jun 2016 01:25 minor feature: SQLServer schema correctly handles default values of 'NULL'. Model predata is now merged with un-preby the Marshaller instead of being used instead of un-predata. Http Client will now correctly timeout connections from servers that never the connection. The Marshaller now correctly uses custom primary keys consistently. Invalid maxLimit values no longer result in a division by zero error. SQLServer driver can now reflect views. A more clear exception is raised when associations define invalid primary keys. A clearer exception is raised when validator methods don't return a Validator instance. Sessions are now garbage collected when they expire, not after a long delay. RouteBuilder::redirect() now lets you use custom route classes. API documentation improvements. Http Client OAuth 1 adaptor now supports RSA-SHA1. bin/cake --version now outputs the installed version of CakePHP. EventManager instances can now track the events they dispatch. Route matching results now include a _matchedRoute parameter. This provides access to the template of the matched route. Response::mapType() is now more efficient for common media types. DateTimeType objects only create instances as needed now. FormHelper::postButton() lets you customize the form element. TestCase::assertEventFired() and TestCase::assertEventFiredWith() were added. These methods make it easier to assert that events were triggered.
2.8.513 Jun 2016 03:15 minor feature: Bake now recommends using the FlashComponent instead of the deprecated SessionComponent. RequestHandlerComponent will now automatically parse request data for PATCH requests as it does for POST. Sqlite now correctly handles DEFAULT CURRENT_TIMESTAMP. FormHelper now resets the unlocked fields when a form is. ApcEngine now supports APCu on PHP7. Folder::read() can now sort by modified time. FormHelper::radio() now supports the fieldset option for customizing the generated fieldset element.
3.2.1027 May 2016 06:05 minor feature: Query::insert() now resets columns when called multiple times. The ExistsIn rule no longer enforces constraints on new entities that have no dirty fields. This reverts a problematic change introduced in 3.2.9. Exceptions for missing mailer transports have been improved. Request URLs that contain another embedded URL are now handled correctly. FormHelper now resets the unlocked fields each time end() is called. This prevents fields unlocked in one form from being unlocked in subsequent forms. Multi-part mime message boundaries are now generated with Security::randomBytes(). This removes the possibility of timing attacks on mime-message boundary markers. RequestHandler no longer overwrites response content-types when no extension has been parsed. The insecure fallback for Security::randomBytes() behaves more consistently with the secure modes now. The IsUnique rule once again enforces unique-ness as a SQL constraint would. This means that NULL values will never be equivalent for unique checks. This reverts a problematic change introduced in 3.2.9. The BelongsToMany::find() uses the correct foreign key columns when creating queries that involve junction table join conditions. Folder::subdirectories() was added. MissingAction and MissingTemplate error pages are now compatible with errors coming out of Mailers.
3.2.917 May 2016 06:45 minor feature: 'chef' is now pluralized correctly. Valiation::notBlank() now accepts '0'. CookieComponent now correctly uses the encryption key configured on specific top-level keys. SQLite schema generation now handles DEFAULT 'NULL' correctly. Cache Engine FileEngine uses less memory when writing cache data. EntityContext no longer modifies query objects. Session::renew() no longer triggers errors when object destruction fails. The ExistsIn rule now correctly applies on new entities that don't have the required columns set. View classes set with viewBuilder() now take precedence over those defined with the deprecated viewClass property. CompletionShell now correctly lists all subcommand names. Bound parameters in eagerly loaded associations via the subquery strategy now work correctly. The IsUnique rule no longer emits field = NULL when properties are null. Instead it emits IS NULL. Hash::merge() no longer emits an error when merging more than 2 arrays, containing mixed string/array values. FormHelper::input() now forwards additional options to error() allowing you to turn of HTML escaping if you so wish. Cache::clearAll() was added. This method lets you clear all data from all configured cache engines. The ValidCount rule was added. This rule lets you ensure associations have the required number of associated values more easily. BaseAuth now passes the 'username' to custom finders. Validator::hasAtLeast() and Validator::hasAtMost() were added. Folder::read() now supports ordering files by modified time, or name. New mastercard numbers are now accepted by Validation::luhn. Date::setDefaultLocale() and Time::setDefaultLocale() were added. These methods replace direct access to the defaultLocale property. Named route mismatches now have better error messages.
2.8.403 May 2016 10:25 minor feature: FormHelper::postLink() now correctly generates SecurityComponent field hashes when used within another form. Validation::phone() now accepts 'N11' exchanges for North American phone numbers. The Equifax Secure Certificate Authority root certificate was re-added. This several with the certificate bundle update in 2.8.3. BlowfishPasswordHasher now generates a random salt when comparing to a hashed password of ''. This prevents incorrect password matching on empty values. tureTask honours the --records and --schema options when creating a ture in a non-interactive fashion. Several missing European locales were added. HTTP Range header parsing is more resilient. A regression introduced in 2.8.0 in FormHelper when handling the deprecated action option has been. Improved API docs. Added example configuration for using letsencrypt with CakePHP. You can now set the Response class used in ControllerTestCase.
3.2.825 Apr 2016 16:58 minor feature: The Equifax Secure Certificate Authority root certificate was re-added. This several with the certificate bundle update in 3.2.7. Collection::every() now returns false on an empty collection. Security::randomBytes() emits a warning when openssl is used and there was not a strong source of entropy available. Text::truncate() better handles short words within HTML tags when the html and exact options are used. Dependencies for cakephp/orm were updated. Improved API documentation. ConsoleOptionParser now sorts options an arguments when displaying help. Table::saveMany() was added. This method allows you to save multiple entities in a single method call.
3.2.712 Apr 2016 07:25 minor feature: Connection drivers now support short classname references. Exception types raised by SecurityComponent have been updated to match the documented values. FormHelper postLink elements generated inside an open form now work as expected. Schema reflection in MySQL now preserves TEXT BLOB column lengths. The bundled Certificate Authority file was updated using the latest Mozilla Certificate bundle. Empty JSON values can be read by Http Client. Text::slug() was added. This method leverages the intl extension, and will replace Inflector::slug() which is now deprecated. Text::transliterate() was added. This method allows unicode strings to be transliterated into ASCII using the intl extension. Support for TINYTEXT, MEDIUMTEXT and LONGTEXT was added. These types are compatible with all core drivers. Support for TINYBLOB, MEDIUMBLOG and LONGBLOB was added. These types are compatible with all core drivers.
3.2.629 Mar 2016 03:45 minor feature: Improved API documentation. Queries generated by the marshaller now correctly alias primary key columns. Complex conditions in BelongsToMany associations now work correctly. Select box widgets for boolean values now generate correctly. false is now treated as equivalent to 0. Http Client now supports ssl_verify_peer_name option correctly now. CakePHP can now be used from within a phar file. Bound parameters in sub-queries now propagate to their parent query. A regression in the Postgres schema reflection code has been corrected. Accessing TitleCase properties from entities now works as expected. Cells in sub-namespaces now work as one would expect. '' is now a valid value for time inputs. Cake ORM Marshaller::one() now supports a forceNew option that can be used to create 'new' belongsToMany association records when the primary key is not defined. SecurityComponent now emits helpful error messages when secure field comparisons fail and an application is in demode. Validation::localizedTime() was added. Error logs contain request URL and referrer URLs.
3.2.517 Mar 2016 09:25 minor feature: Postgres schema reflection performs better on large databases. Xcache cache engine can now store objects. Malformed HTTP Range headers no longer emit warnings. Improved API documentation. The __xn and __dxn functions now correctly use plural forms. assertCookieNotSet was added to IntegrationTestCase. The 'obj' fetch type was added to PDOStatement.
3.1.1214 Mar 2016 03:16 minor feature: Return XML instead of DOMDocument object when using _serialize viewVar. Small improvement to doc block. Removing dead code. Update version number to 3.1.6. Add the possibility to use additional template vars for submitContainer. Add useful error message when invalid associations are used. Extract a method. mistakes. doc block. Implemented Collection::chunk(). Clarify doc blocks. More doc block clarifications. Turning the code within Datasource RulesChecker cleaner avoiding unec?. trailing whitespace. Using map() instead of unfold() in Collection::chunk() as it is faster. Adding a test for chunking collections with nested elements. Some tests fail if db timezone is not set to UTC. doc block example. PHPCS error. Don't use magic number for default error code. Also up last wrong?. Use this instead. Avoiding forced all fields in a contained belongsToMany. typos in RulesChecker docblocks. Removing test to satisfy travis for now. Speeding up travis a bit. Qoutes in yaml file were actually important. Adding composer cache for travis. Documentation - String is string, not integer. Moving test case to another file. Trying to speed up builds a bit more by disabling xde. Trying to some tests in appveyor. Repeating previous for HasMany associations. Added Conflict (409), Gone (410), Not Acceptable (406) and Service Un?. updated copyright file docblock to correct @since information. added Configure::get(). docblock, code formatting. docblock. Caching composer packages in appveyor. Trying to figure out what sql server is doing. Skipping test in SQLServer while we find an appropriate. Restoring appveyor.yml. Still trying to figure out the right composer cache folder for appveyor. ing appveyor.yaml. Update license year. some reported by scrutinizer. ing a couple other. a couple other small. get = readOrFail, separated tests, added @link (docs still need to b?. Run coveralls on PHP 5.6. utilize phpunit test docblock conventions. Clarified exception messa
3.2.407 Mar 2016 03:16 minor feature: Table names are now quoted in SQLserver schema reflection when reflecting indexes. This allows table names in different schemas to be used. Validation::date(), Validation::dateTime() and Validation::time() now accept DateTimeImmutable. Warning related to PO file parsing when a message exists as both a context inclusive and context free message have been. In this situation, the first message encountered will be used and the other will not be accessible. Serialization errors when reading negative numbers from Redis have been. The ORM will now emit warnings when association properties shadow properties in a table. Default string values now work correctly in Postgres. RelativeTimeFormatter now correctly formats 'about a month ago'/'in about a month'. XML and JSON responses no longer contain stack traces. Including stack traces could cause fatal errors when unserializable objects were in the stack trace. Routes don't recompile each time they are used within a single request. Unlinking HasMany associations correctly preconditions, which when an association finder includes additional associations by default. Unlinking empty HasMany associations no longer emits warnings on null. UnaryExpression now correctly calls traverse on child expressions. Time formatting no longer emits errors when using Russian or other languages that have more than 2 plural forms. Response::file() no longer attempts to clear the output buffering. This allows test cases involving files to not be marked as 'risky' by PHPUnit. Improved API docs. Response::getFile() was added. This gives you a way to read the file out of a response, which is helpful in testing. Association::className() was added. This lets you read the className option out of an association. JsonConfig now pretty prints dumped files. Routes can now use the multibytePattern option to enable multi-byte sub patterns in routes. UrlHelper::css(), UrlHelper::script() and UrlHelper::image() were added. MultipleCheckboxWidget now
2.8.129 Feb 2016 06:45 minor feature: API documentation improvements. Validation::uploadedFile() no longer cares about key order. CakeRequest now reads the request content-type in a way that is compatible with the built-in PHP webserver. DbAcl inherited permissions for '*' now take into account explicit allow/inherit in leaf nodes. HttpSocket now correctly parses empty headers. Negative numbers can now be read from RedisCacheEngine. Postgres now supports a uuid type. This uses the native uuid type in Postgres. SecurityComponent::requireAuth() is now deprecated. It was already removed from 3.x. This makes the deprecation in 2.x official. Security::randomBytes() was added. This method replaces Text::uuid() as the seed value for CSRF token generation. The new method emits a warning if an insecure source of random data is used. This warning indicates that your CSRF tokens could be susceptible to timing attacks.
3.2.322 Feb 2016 06:45 minor feature: Camel-backed virtual properties can be accessed once again. This was a regression in 3.2.0. Long paths in the error pages are now wrapped. _joinData is no longer lost when marshalling existing BelongsToMany records using the id attributes. Date::parseDate() now correctly handles timezones. Setting a Cell's templatePath inside the action now works. FormHelper now consistently uses formatTemplate() internally. Hash::sort() now correctly sorts DateTimeImmutable objects. Security::randomBytes() was added. This method wraps the various ways to get secure random data. If secure data cannot be found, insecure data will be used and a warning will be emitted. CSRF tokens are now generated with Security::randomBytes(). Custom template paths are now factored into view path generation. Improved API documentation. EventManager::matchingListeners() was added, allowing the caller to find listeners bound to the named event. Table::find('list') will automatically use the selected fields if there are 2 of them. This makes find(list) behave more consistently with 2.x easing migration. TableRegistry::get() now accepts a connectionName parameter. This lets you define the connection by name instead of requiring the object. QueryExpression::identifierEquals() was added to increase compatiblity across the supported database vendors. App::shortName() was added. AuthComponent finder option now permits finder options to be defined.
3.2.213 Feb 2016 07:05 minor feature: TimeHelper now interacts with immutable time objects correctly. Query::matching() now correctly type-casts hydrated results in the _matchingData property. When results are iterated in a result formatter, the _translations property is now always present. Hydrating records containing date time fields in non-english locales no longer fatally errors. Cell actions can once again set the template name. Cell template names can now be set with the viewBuilder(). SecurityComponent now correctly handles field names ending in . Symlinked configuration files now load correctly. The ProgressShellHelper now renders correctly on putty. The test suite no longer fails to rebuild tures after fatal errors. Hash::sort() better handles sorting on sparse data. API documentation improvements. cake plugin loaded was added. This CLI tool lets you list the loaded plugins your application uses. Exception messages from ture creation are now clearer. tures now allow schema to be predefined and not managed by the tures. cake i18n extract now runs faster. CakeTestCase::assertSameAsFile() now allows expected results to be updated by setting an environment variable. SecurityComponent::requireAuth() is now deprecated and will be removed in 4.x. IntegrationTestCase::assertHeaderContains() was added. FormHelper::text() and related functions now accept 'id' = true. This option enables the same automatic ID generation used in FormHelper::input(). Sub-split repositories now contain license files and status badges. FormHelper will now automatically load application widget classes that overload the core ones. HTTP status 422 was added to Response.
2.8.009 Feb 2016 06:45 minor feature: The action option in FormHelper::create() has been deprecated, as it was in 3.x. Note that this now makes the action key of an array URL consistently respected for the generation of the DOM ID. If you used the deprecated key you will want to compare the generated ID for forms before and after your upgrade. When handling fatal errors, CakePHP will now adjust the memory limit by 4MB to ensure that the error can be logged correctly. You can disable this behavior by setting Error.extraFatalErrorMemory to 0 in your Config/core.php. Cache::add() has been added. This method lets you add data to a cache if the key did not already exist. This method will work atomically in Memcached, Memcache, APC and Redis. Other cache backends will do non-atomic operations. CakeTime::listTimezones() has been changed to accept array in the last argument. Valid values for the options argument are: group, abbr, before, and after. A new option no-locations has been added to Console/cake i18n. When enabled, this option will disable the generation of location references in your POT files. Hash::sort() now supports case-insensitive sorting via the ignoreCase option. Magic finders now support custom finder types. For example if your model implements a find('published') finder, you can now use findPublishedBy and findPublishedByAuthorId functions through the magic method interface. The Session.cacheLimiter configuration option was added. This option lets you define the cache control headers used for the session cookie. The default is must-revalidate. Shell Helpers have been backported from 3.x. Validation::uploadedFile() was backported from 3.x. 'url' = false is now supported for FormHelper::create() to allow form tags to be created without HTML action attribute.
2.7.928 Jan 2016 12:25 minor feature: file:// paths are now handled correctly by File on windows. PaginatorHelper::numbers() now treats string integers as strings in the first/last option. This allows the use of page numbers in the first/last buttons. XmlView now works when return = domdocument is used. Memcached can now connect to unix domain sockets. Simulated GET requests (via method overriding) no longer POST data populated. This prevents GET requests from looking like they are POST requests that may cause unintentional side-effects. SecurityComponent now validates data whenever request- data is populated. This allows SecurityComponent to apply to PATCH and DELETE requests. Shell::CODE_ERROR was backported from 3.x. This constant serves as a default value for the exit code in shell tasks.
3.1.824 Jan 2016 15:05 minor feature: Using matching() on a BelongsToMany association with conditions no longer emits invalid SQL. Generated reciprocal BelongsToMany associations have the original conditions applied to them. Inflector::camelize() now caches results. ConnectionManager::config() no longer clones objects passed in. Postgres schema reflection now only reads constraints in the connection's schema. Memcached can now connect to unix domain sockets. TreeBehavior now uses expression objects for field updates. This makes it compatible with datasources requiring identifier quoting. incorrect behavior of TextHelper::autoLink() when CRLFs are present. The fullDeargument of TestCase::assertHtml() now works as documented. Helpers now allow newlines in javascript confirm messages. The cakephp-plugins.php file can now be located when cakephp/core is used as a standalone component. Simulated GET requests (via method overriding) no longer POST data populated. This prevents GET requests from looking like they are POST requests that may cause unintentional side-effects. SecurityComponent now validates data whenever request- data is populated. This allows SecurityComponent to apply to PATCH and DELETE requests. Controller:: name is correctly inflected when using the base route class. tures can now use public import = 'model' = 'Articles' to import schema and records from a defined model. Improved API docs. ConnectionManager::config() now accepts a callable. This makes it consistent with Log::config(). Query::set() now accepts a builder callable. Database Type now allows objects to be injected via set(). SQL Query logs now include execution time and rows returned. Error logs now include Referring URL if it is available.
2.8.0-RC114 Jan 2016 10:25 minor feature: Paginator::numbers() now treats numeric string values in first and last as strings. Using invalid associations in ExistsIn rules now raises a helpful error. BelongsToMany associations can have their fields limited through queryBuilder closures. The query- func()- now() query function works as expected in where conditions now. XmlView no longer fails when attempting to output XML documents built with DOMDocument. BelongsToMany _joinData is now marshalled consistently by Table::patchEntity(). Missing Controller error pages display the correct class name and path for precontrollers. IntegrationTestCase::cookieEncrypted() was added. This helper lets you set the value of encrypted cookies. IntegrationTestCase::assertCookieEncrypted() was added. This assertion lets you compare encrypted cookie values. FormHelper now forwards templateVars to the templates for submitContainer and inputSubmit. Collection::chunk() was added. This method lets you split a collection into equal sized chunks. Exception classes were added for Conflict (409), Gone (410), Not Acceptable (406) and Service Unavailable (506). Configure::readOrFail() was added. This method will read a value from Configure and raise an exception if it does not exist.
3.1.710 Jan 2016 03:17 minor feature: Paginator::numbers() now treats numeric string values in first and last as strings. Using invalid associations in ExistsIn rules now raises a helpful error. BelongsToMany associations can have their fields limited through queryBuilder closures. The query- func()- now() query function works as expected in where conditions now. XmlView no longer fails when attempting to output XML documents built with DOMDocument. BelongsToMany _joinData is now marshalled consistently by Table::patchEntity(). Missing Controller error pages display the correct class name and path for precontrollers. IntegrationTestCase::cookieEncrypted() was added. This helper lets you set the value of encrypted cookies. IntegrationTestCase::assertCookieEncrypted() was added. This assertion lets you compare encrypted cookie values. FormHelper now forwards templateVars to the templates for submitContainer and inputSubmit. Collection::chunk() was added. This method lets you split a collection into equal sized chunks. Exception classes were added for Conflict (409), Gone (410), Not Acceptable (406) and Service Unavailable (506). Configure::readOrFail() was added. This method will read a value from Configure and raise an exception if it does not exist.
3.2.0-RC104 Jan 2016 12:05 minor feature: Containing the same association multiple times now works as expected, and the query builder functions are now stacked. Function expressions now correctly cast their results. This means that expressions like query- func()- current_date() will return datetime instances. Shell::info(), Shell::warn() and Shell::success() were added. These helper methods make using commonly used styling simpler. Cake Console Exception StopException was added. Shell::abort() was added to replace error(). Shell::error() is deprecated because its name does not clearly indicate that it both outputs a message and stops execution. Use Shell::abort() instead. Cake Database Expression QueryExpression::type() is deprecated. Use tieWith() instead. Cake Database Type DateTimeType:: dateTimeClass is deprecated. Use DateTimeType::useMutable() or DateTimeType::useImmutable() instead. Cake Database Type DateType:: dateTimeClass is deprecated. Use DateTimeType::useMutable() or DateType::useImmutable() instead. Cake ORM ResultSet::_calculateTypeMap() is now unused and deprecated. Cake ORM ResultSet::_castValues() is now unused and deprecated.
3.1.626 Dec 2015 08:05 minor feature: The Auth.afterIdentify event is now triggered for stateless authentication. Query::offset() now marks a query as modified. Calling find() on a BelongsToMany association now joins the junction table. This allows association conditions to be applied to queries. Redis DSN parsing was. FormContext::errors() now handles nested validation errors. The existsIn() rule now uses an association's bindingKey option. requestAction() now passes cookies to the sub-request as documented. FormHelper now treats string integer values as UTC timestamps. This mirrors how. it handles integer values. FormHelper now correctly generates name attributes for dot pathed field. names that end in . A memory leak in ORM ResultSet has been. DashedRoute now correctly handles vendor preplugin names. CORS domain handling is more robust and less permissive. Postgres index reflection is more robust and can handle complex index definitions. Postgres schema reflection more accurately defines SERIAL columns. Pagination of complex queries using expressions in their ORDER clause no longer fail. File can now open file:// paths on windows. bin/cake i18n init now preserves the locale case. Session configuration now better handles environments where runtime modification of session configuration is not allowed. The phpdbg SAPI is treated the same as CLI. CompletionShell suggests task and shell names based on short forms. It can also suggest option names for subcommands and tasks now. Compatibility with PHPUnit 5 was improved. Query::removeJoin() was added. This method can be used to remove joins. from a query by join alias. View::reset() was added. This method lets you reset the contents of a view. block.
2.7.822 Dec 2015 10:25 minor feature: An extract() call was removed from Validation::comparison(). There was some concern that it could be used to circumvent validation. around incorrect SNI validation when host name contains protocol for SmtpTransport. Proxy Authentication with SSL no longer forwards proxy credentials in HttpSocket. SchemaSchell clears the ClassRegistry after applying schema. Context is reset when parsing MO files. Previously context could bleed between message identifiers.
3.1.501 Dec 2015 20:45 minor feature: Collection::toArray() now drops the keys when dealing with RecursiveIterator. This makes the collection features easier to reason about as they generally do what people have been expecting. Improved API documentation. ResultSet::isEmpty() no longer consumes records on buffered iterators that had not already been iterated. The ORM no longer emits invalid queries when eager loading associations using the subquery strategy, and using an ORDER BY clause. Fields used in ORDER BY clauses are also included in the selected fields. Error handling is now compatible with PHP7. This removes the last known compatibility error with PHP7. BelongsToMany associations use bindingKey correctly now. Integer marshalling correctly accepts negative values now. When executing Shell 'main' method the current command name is set to 'main'. spellcheck is now a standard attribute. Unlike most HTML5 attributes, spellcheck requires 'true' and 'false' values, which means it cannot be a minimized attribute. CSRF validation is applied to all HTTP methods that are not 'GET', 'OPTIONS' or 'HEAD'. This prevents invalid HTTP methods from bypassing CSRF validation. RouterBuilder::resources() correctly inflects the object id when using 'inflect' = 'dasherize' and nested resources. TimeHelper::format() no longer shifts string datetimes to the supplied timezone before formatting. Shell::createFile() no longer converts n to r n silently when running on windows. RouteBuilder::addExtension() was added. This method lets you incrementally add extensions instead of replacing the connected extensions. The options passed to Table::save(), and HasMany/BelongsToMany link/unlink/replace methods are being passed through to the internal Table::save/delete() calls. The CsrfComponent now supports an httpOnly option. Enabling this option makes the CSRF cookie inaccessible to client side scripting.
3.1.407 Nov 2015 17:45 minor feature: PaginatorHelper always lowercases direction to be consistent. Using the --deflag in PHPUnit will also enable ture schema SQL to be logged. CounterCacheBehavior now uses bindingKey() resolving for associations that use custom binding keys. The afterSaveCommit and afterDeleteCommit callbacks were added to behaviours. The ability to set the default model type for classes using the ModelAwareTrait was added. Default type inference in ORM Query is now faster. BelongsToMany link replacement no longer fails when the association conditions include columns from the junction table. HasMany replace() now checks the return value of delete operations. Nested validators are now aware of the create/update context. Query::where() now throws an exception when empty conditions are added. This prevents the addition of 1 != 1 clauses.
1.3.2102 Nov 2015 05:45 minor feature: TimeHelper no longer returns 1969 on invalid dates. Instead '' is returned. crc32 hash keys used in DboSource have been replaced with md5 sums. This reduces the chance of hash collision significantly. MIME-Version is set on emails. The node_modules directory is ignored when looking for PHP files. View templates can no longer be located outside of the configured view paths.
3.1.328 Oct 2015 03:17 minor feature: in the SMTP email transport when connecting to gmail. regression in the BooleanType converted in database when using NULL. Solved a couple problems when matching routes containing multibyte characters. Improving Query::count() so that it does not execute the query twice when calling the method multiple times. Avoided some errors when using XDein classes having __deInfo . HasMany associations now have the link, unlink and replace methods implemented, like BelongsToMany associations do. This improves the usability of append-only associations. Made it easier to use the IntegrationTestCase with controllers having the SecurityComponent enabled.
3.1.220 Oct 2015 06:05 minor feature: Contained associations now add column typ data into queries. This means that you can use complex datatypes like DateTime objects in conditions for association columns. XHR requests with query strings that are converted into requestAction calls by RequestHandlerComponent now work as expected. Hash::extract() compatibility with ArrayAccess objects was improved. Case expressions in queries no longer mishandle '0'. de() no longer elides 'schema' and 'pre'. Validation::datetime() now accepts ',' between the date and time components. This makes validating en_US formatted dates easier. Rendering in the ProgressHelper have been. clone on Query objects now creates a deep clone as one would expect. Corrected API documentation. HasMany associations now support a 'replace' save mode. In this mode, existing associations not in the entity's current property will be removed. New records will also be inserted. IntegrationTestCase now provides enableCsrfToken() and enableSecurityToken() methods to make testing with CsrfComponent and SecurityComponent much simpler. The CSRF token post field is now removed from request data after being validated. This makes 'Post Redirect Get' workflows simpler as the CSRF token doesn't need to be manually removed. Network Socket now supports all standard SSL context options via preing. e.g ssl_verify_peer. These options can also be configured in the SmtpTransport. Test ture constraint management has been greatly improved. You no longer need to carefully order tures to ensure constraints are applied correctly. Instead constraints are created after all tables and records have been created. When preparing datatypes for SQL statements, exceptions will now be raised on invalid values instead of silent failures.
3.1.109 Oct 2015 08:25 minor feature: Query::contain() now correctly overwrites existing containments when override is true. Integration tests no longer swallow database errors stemming from missing tables or other low level. Instead these errors are bubbled up making the test failure obvious. RequestHandlerComponent no longer overwrites explict viewClass usage. dependencies for database package. Email construction with a profile name works as expected now. Plural form of 'virus' is now 'viruses'. Deprecation warnings related to ViewBuilder have been improved. Validation::datetime() now correctly handles 12:xx PM with 12 hour formats. JsonView serializes single variables more consistently now. Now if a single view var is set it's inferred as '_serialize' = 'var' instead of '_serialize' = 'var'. IntegrationTestCase accepts POST bodies that are strings. env() has an additional parameter for supplying default values. Request::env() has an additional parameter for supplying default values. Improved API documentation. Console logging now abides the --verbose and --quiet flags. Validator::requirePresence() accepts a callable to determine whether or not a field is required. Validation::containsNonAlphaNumeric() was added. Hash::extract() works with ArrayAccess objects now.
2.7.430 Sep 2015 06:25 minor feature: When saving, models will always correctly set the 'updated' and 'created' fields. Even when a 'fieldList' is used, and those fields are not in the fieldList. SessionHelper and FlashHelper are now more compatible with messages set through either the SessionComponent or FlashComponent. Bake generates tures with only 1 record by default now. The default value of CURRENT_TIMESTAMP is now supported for MySQL datetime columns. Datasources no longer fatally error if isConnected() is called after disconnect(). Improved API documentation. Email configuration defaults are now correctly loaded even when the configuration class has not been loaded. Virus is now pluralized to viruses.
3.0.1424 Sep 2015 16:25 minor feature: I18n shell no longer outputs both merged and separate domain pot files when --merge is used. StringTemplates convert 1 dimensional array values into strings. This 'array to string conversion' errors when arrays are formatted into templates. Option groups created by FormHelper can now have integer values. Json view selection now reliably works with the Accept header when the json extension has not been enabled. Postgres adapter correctly reflects schema for TIME WITHOUT TIMEZONE now. FormHelper now correctly sets the required attribute for boolean columns in associations. The BetweenExpression now accepts expression objects in each of its conditions. Query::__deInfo() and Table::__deInfo() no longer raise fatal errors if they are invoked before object construction is complete. Cache::registry() was added. This method is useful for replacing the cache backend registry in testing. Improved API documentation. UUID fields now marshal '' as null. TreeBehavior::recover() now supports a recoverSort option for defining how a tree should be sorted before recovery. The jsonapi type had its mime type added to Response. MySQL adapter supports CURRENT_TIMESTAMP default value in datetime columns.
3.1.020 Sep 2015 05:06 minor feature: FlashComponent now stacks Flash messages created with the set() or __call() methods. This means that the structure in the Session for stored Flash messages has changed. New configuration option storage has been added. It contains the storage class name that AuthComponent uses to store user record. By default SessionStorage is used. If using a stateless authenticator you should configure AuthComponent to use MemoryStorage instead. You can now also configure AuthComponent to do the auth check before controller's beforeFilter() callback is run using the checkAuthIn configuration. This is particularly useful when using stateless authenticators. RequestHandlerComponent now switches the layout and template based on the parsed extension or Accept-Type header in the beforeRender() callback instead of startup() callback. The default mime-type used when sending requests has changed in Http Client. Previously multipart/form-data would always be used. In 3.1, multipart/form-data is only used when file uploads are present. When there are no file uploads, application/x-www-form-urlencoded is used. The default route class has been changed to DashedRoute in the cakephp/app repository. Your current code base is not affected by this, but it is recommended to use this route class from now on. The breakpoint() helper function has been added. This function provides a snippet of code that can be put into eval() to trigger an interactive console. Shell::dispatchShell() no longer outputs the welcome message from the dispatched shell. You can now set _serialized to true for JsonView and XmlView to serialize all view variables instead of explicitly specifying them. Time::fromNow() has been added. This method makes it easier to calculate differences from 'now'. Time::i18nFormat() now supports non-gregorian calendars when formatting dates. Validation::latitude(), and Validation::longitude() were added. Validation::ascii(), Validation::utf8(), and. Validation::isInteger() were adde
3.0.1308 Sep 2015 01:05 minor feature: Query::count() no longer fails when there are fields with complex expressions in the select. If FormHelper is used to create a visible input after a hidden input was created, the form is no longer blackholed by SecurityComponent. Typehints in the API documentation have been corrected in a number of places. When a new entity is saved with a specific UUID, the entity returned from save() retains the original id value. Http Client now correctly sets the proxy context options, allowing proxy connections to work. Compatibility with PHP 5.x improved. Shell::quiet() and Shell::verbose() were added. These helper methods provide shortcuts to this- _io- quiet() and this- _io- verbose() respectively. I18n Number has an ordinal() method for formatting the ordinal text for a given number. The ordinal() method is also available on NumberHelper.
3.1.0-RC131 Aug 2015 10:05 minor feature: DboSource::isConnected() now emits a SELECT 1 query to ensure the connection is still active. This is helpful in long running processes like CLI tools. Missing Flash templates were added. These templates were accidentally omitted from earlier 2.7 releases. Model::exists() now always returns false, when a model uses useTable = false. MediaView now correctly supports the documented extension option. Forms secured with SecurityComponent no longer blackhole when a hidden input is followed by a visible input of the same name.
2.7.327 Aug 2015 05:45 minor feature: DboSource::isConnected() now emits a SELECT 1 query to ensure the connection is still active. This is helpful in long running processes like CLI tools. Missing Flash templates were added. These templates were accidentally omitted from earlier 2.7 releases. Model::exists() now always returns false, when a model uses useTable = false. MediaView now correctly supports the documented extension option. Forms secured with SecurityComponent no longer blackhole when a hidden input is followed by a visible input of the same name.
3.0.1222 Aug 2015 07:25 minor feature: RuleChecker::existsIn() handles nullable fields better. Entities created by plugin associations have the correct return value for source() . Case statements accept literal values now. Methods defined on Controller can never be used as actions. Before, methods redefined on AppController, or a subclass could be invoked as actions. Plugin dot syntax can no longer be used to reference controllers in URLs. LocaleSelectorFilter no longer sets the default locale. Instead it sets the active locale. AuthComponent correctly redirects when an application is in a subdirectory. Query::orderAsc() and Query::orderDesc() were added. These methods make it possible to order on complex expressions. PaginatorHelper::next() and prev() accept a templates option now. The serialization format for Time objects can now be set with Time::setJsonEncodeFormat().
2.7.211 Aug 2015 05:25 minor bugfix: Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters. If your authorization depends on the presence of the prefix routing key you should upgrade as soon as possible. Validation::compare() and Validation::range() would allow specifically crafted data past certain criteria.
3.1.0-beta206 Aug 2015 14:05 minor feature: Cake ORM Query::where() would allow static methods to be invoked. This could create unintentional side effects, or undesired query manipulation. Validation::compare() and Validation::range() would allow specifically crafted data past certain criteria.
3.1.0-beta03 Aug 2015 03:05 minor feature: FlashComponent now stacks Flash messages when set with the set() or __call() method. This means that the structure in the Session for stored Flash messages has changed. New config storage has been added. It contains the storage class name that AuthComponent uses to store user record. By default SessionStorage is used. If using a stateless authenticator you should configure AuthComponent to use MemoryStorage instead. RequestHandlerComponent now switches the layout and template based on the parsed extension or Accept-Type header in the beforeRender(). callback instead of startup(). The default mime type used when sending requests has changed in Http Client. Previously multipart/form-data would always be used. In 3.1, multipart/form-data is only used when file uploads are present. When there are no file uploads, application/x-www-form-urlencoded is used instead. The following Controller properties are now deprecated: layout. view theme autoLayout viewPath layoutPath Instead of setting these properties on your controllers, you should set them on the view using methods with the same names. . layout. view. theme. autoLayout. viewPath. layoutPath.
2.7.124 Jul 2015 17:25 minor feature: CakeText::tokenize() now works with multibyte separator values. AJAX requests that failed authentication when AuthComponent did not have a loginElement configured, are no longer trapped in a redirect loop. Hash::maxDimensions() now correctly calculates the depth when nested elements are not in the 0th element of the parent. Model::saveMany() and Model::saveAssociated() behave correctly when saving with atomic = false and boolean fields set to false. FormHelper::input() now correctly uses the value option with date/time/datetime input types. Terminal colours are enabled in windows when using ConEmu.
3.0.920 Jul 2015 13:45 minor feature: Index and constraint reflection in MySQL now scopes to the current database. is now allowed in ObjectRegistry keys. This allows cache configurations to have. in their names. Datetime validation now correctly handles meridian values. Improved API documentation. Pagination link generation is correct with custom routes. Entity::extractOriginalChanged() now returns properties that were initially null. Marshalling _joinData in belongsToMany associations with existing entities is now handled correctly. Text::tokenize() now works as expected when the separator is a multi-byte character. Folders generated by i18n extract have the correct permissions assigned. Entities are now marked as 'clean' after the afterSave event. The ORM does not emit UPDATE statements for hasMany and belongsToMany associations that have not actually changed. Response::file() now accepts files with.. in the basename.
2.6.916 Jul 2015 20:45 minor feature: Deep saving hasMany associations now handles validation errors correctly. Improved API documentation. DboSource::rawQuery() behaves correctly now when there are bound parameters.
2.7.012 Jul 2015 11:45 minor feature: The class String has been renamed to CakeText. This resolves some conflicts around HHVM compatibility as well as PHP7. The String class is still provided for compatibility reasons. Validation::notEmpty() has been renamed to Validation::notBlank(). This aims to avoid confusion around the PHP notEmpty() function and that the validation rule accepts 0 as valid input. SessionComponent::setFlash() has been deprecated. You should use FlashComponent instead. SessionHelper::flash() has been deprecated. You should use FlashHelper instead.
2.6.804 Jul 2015 07:25 minor bugfix: Fix issue with overlapping irregular inflections. When irregular inflections overlap we should choose the longest match, not the shortest. Fix regression in Inflector::camelize(). The input should not be lowercased before camelizing, as this can cause inputs that were previously camelized to create incorrect results. Fix Validation::multiple() regarding 0 value. Previously 0 could not be a valid option. FormHelper::radio() now supports complex option definition. This makes it easier to define custom attributes on each radio button. Element tags had trailing whitespace removed. If you have custom element tags with HtmlHelper you might need to update your templates. Shells will now never print HTML errors. Previously if you used custom the console error handlers you could end up with HTML in your terminal. SQL operators in Postgres are now less greedy when fields are quoted.
3.0.829 Jun 2015 17:25 minor feature: EntityTrait::toArray() now handles mixed arrays better. Previously if the first element was an entity, it assumed that all elements were entities. Pagination now preserves query string arguments with 0 as their value. Validation::multiple() now correctly handles '0'. Previously it was impossible to use dot notation on two different calls to matching/contain when part of the string was shared (for example Articles.SpecialTags.Tags and Articles.SpecialTags.Authors). TableRegistry::get() now correctly merges pre-configured options. Table names in UPDATE queries are correctly quoted now. Fixtures now correctly reflect composite primary keys when generated. Both and '' are now treated the same when saving belongsToMany associations. This fixes silent failures when '' was used. Numeric fields are cast to their string values when creating form security tokens. This resolves issues where integer values would cause validation failures. CsrfComponent now correctly sets the cookie expiry date. The list of available shell commands is now correct if there is an app Shell with the same name as a core one. Multicheckboxes generated with complex input types are now checked/disabled correctly. When updating belongsToMany links, association conditions are used. This fixes issues with polymorphic joint tables. Pagination with SQLServer 2008 now works better. AuthComponent no longer causes infinite redirects when an ajax request fails and / requires authentication. This was a regression in 3.0.7.
2.7.0-RC16 Jun 2015 02:45 minor feature: The class String has been renamed to CakeText. This resolves some conflicts around HHVM compatibility as well as possibly PHP7+. There is a String class provided as well for compatibility reasons. Validation::notEmpty() has been renamed to Validation::notBlank(). This aims to avoid confusion around the PHP notEmpty() function and that the validation rule accepts 0 as valid input. SessionComponent::setFlash() has been deprecated. You should use FlashComponent instead. SessionHelper::flash() has been deprecated. You should use FlashHelper instead.
3.0.523 May 2015 04:45 minor feature: Filesystem libraries are now available as a standalone package through composer. QueryLogger correctly interpolates parameters when there are more than 10 placeholders. Datetime inputs correctly render seconds picker elements. Previously they did not include 00. Marshalling belongsToMany _joinData was improved. The marshaller now correctly handles a mix of new and existing entities. InstanceConfigTrait deletes nested data correctly now. SQLite fixtures now generate primary key columns correctly in all situations. Property caching in Entities was made less aggressive. The mutator caches are now completely invalided when any property is changed. Association conditions are no longer used when marshalling existing belongsToMany records. i18n shell creates separate po file entries for messages with differing contexts. The @ syntax for file uploads in Http Client was deprecated. Instead you should use resource handles. The @ syntax is unsafe with user supplied data and will be removed in a future version of CakePHP. Blob fields in SQLServer are now hexdecoded before being converted into resource handles. FormHelper will not default datetime pickers to 'now' unless the input also has the default = true option supplied. This was done to make it easier to work with nullable datetime fields. QueryExpressions containing subqueries now correctly wrapped in parenthesis.
3.0.221 Apr 2015 06:05 minor feature: SessionHelper is deprecated. You should use the FlashHelper, or this- request- session() instead. Saving BelongsToMany associations that contain a mixture of new and existing records has been improved. Validation::notEmpty() has been renamed to Validation::notBlank(). Validation::userDefined() is now deprecated, you can set callables. Directly in the Validator objects instead. SQLite schema reflection now works with older versions of SQLite. Foreign key update/delete clauses will not be reflected with older versions of SQLite. Hash::get() no longer raises an exception on a path of '' or null. Fatal errors when saving belongsToMany relationships that were not marshaled into entities have been fixed. Collection now implements __debugInfo(). Magic finder methods now correctly alias fields in the where clause. Cascading deletes now prioritize associations with cascading callbacks, and then apply to associations without callbacks. Shells dispatched with dispatchShell() no longer output the welcome message. MySQL driver now uses SET NAMES to fix encoding errors in some installations. IntegrationTestCase now recursively merges request data into the stubbed request. Responses in IntegrationTestCase now allow better content-type assertions. 0000-00-00 is now converted into null by the database type system. This prevents issues in how PHP's DateTime handles year 0. FormHelper fields that use integers as their name no longer trigger black hole errors.
3.0.105 Apr 2015 16:25 minor feature: Reduced chances for timing attacks in HMAC comparisons in Security::decrypt() by using more constant time string comparisons. FormHelper now supports an idPrefix option. This option allows you to specify the prefix you want prepended to id attribute of all inputs FormHelper generates. FormHelper now supports group templates for each input type. For example, the radioFormGroup template will be used for radio button sets. Elements included in a prefixed request context now look in prefixed paths. When a controller runs in a prefixed route/namespace it will automatically append the current prefix to the view paths used to locate elements. Schema reflection for Postgres no longer fails when foreign keys rely on stored procedures. Schema reflection now treats money columns as strings. Due to leading currency codes the ORM cannot easily map this type into float values. Selectboxes disable and select active options correctly now when complex option data is used. Selectboxes can now have an empty name attribute. URL filters are applied before the existing request context is applied now. Cake I18n Time now supports short timezone offset formats. Query logging now works when the duplicate named parameters are used. existsIn rules now correctly set an error message when used with a list of fields. RulesChecker methods can now return strings to indicate failure. The returned strings will be used as the error message if a field was also defined for the rule. Primary key values can now be defined when creating entities. This improves compatibility with UUID's where ID's are generated outside of your application. When saving/updating entities, existing HasMany associations can be re-linked using a _ids input similar to BelongsToMany associations. Greatly improved performance around hydrating ORM results. Improved PHP7 HHVM compatibility. Improved API documentation.
3.0.022 Mar 2015 23:55 major feature: This new major 3.0.x release is backwards incompatible with previous CakePHP versions, and minimum requirements are now PHP 5.4.16, mbstring and intl extensions. A new ORM was introduced, using the DataMapper pattern, eager loading strategies, better query bulding and post-processing, composite primary keys and custom data types. Routing is faster and more flexible. Migrations are now plugin-based and more powerful. I18N with feature-rich message translation, and locale-aware time and number library. More debugging tools were added. Composer is used now for skeleton setup. Some libraries have been split out into standalone plugins. New "view cells" add orchestration controllers within templates.