Magnolia CORE 5.6.7 corrects security vulnerabilities, several bugs and also brings the following changes and improvements:
Changes for authors
XML export action offers a download dialog
This release fixes an issue occurring in Magnolia 5.6.6 where exporting an XML bootstrap file opens the file directly in the active browser window instead of offering a download dialog. The issue does not appear for YAML format exports.
Changes for developers
Fieldtype definition registry prioritizes decorated field definitions
To make sure that fields are not broken by ignoring existing decorations of deprecated field definitions, we have changed the logic of registering field type definitions by prioritizing decorated definitions. The field registration process now follows this order:
- If a decorated definition is found, it is registered.
- If no decorated definiton is found, then we search for deprecated and non-deprecated definitons.
- If a non-deprecated definition is found, it is registered.
- If no non-deprecated definition is found, then the deprecated definition is registered.
Deprecated block definitions are reported
Dynamically defined dialog names
This release also comes with the property called
dialogLabelItemProperty already introduced with Magnolia 5.7. It allows you to set a dialog's name via a property holding the preferred value for the dialog caption, for example via the
jcrName property. If no
dialogLabelItemProperty is configured for the dialog, Magnolia tries to retrieve the dialog's name from the language bundle associated with the dialog.
You can see the new property implemented in the Security app dialogs for example.
In Magnolia 5.6.7, the new
dialogLabelItemProperty property is set:
As a result, the dialog's caption now shows eric which is the value of the
jcrName property for the dialog:
For comparison, here's the same dialog in older Magnolia 5.6.6, where the property is not available and the "User" caption of the dialog is defined with
security-app.user.label=User in the app's language bundle:
Update to Apache Groovy 2.4.15
Security vulnerabilities fixed
See the 5.6.7 changelog for all the changes.
Please be aware that the version numbers for the Magnolia main and UI projects are not in sync with the version number of this release.
If you are updating from an earlier version:
Projects based on an older maven archetype may not build correctly starting with Magnolia 5.6.3 - because the version of the Magnolia main modules is not the same as the Magnolia bundle anymore. If you experience a problem, please update your project parent pom.
- Barebones Magnolia Tomcat Bundle 1.0.1
- Community Edition 5.6.7
- Content Dependencies 1.8.1
- Content Editor 1.1.5
- DAM 2.3.2
- Demo Projects 1.2.5
- Enterprise Edition 5.6.7
- Groovy 2.6.3
- Imaging 3.4.1
- Log Tools 1.1.1
- Magnolia 5.6.6
- Personalization 1.5.3
- Publishing 1.0.5
- UI 5.6.6
info.magnolia.ui.form.field.factory.TwinColSelectFieldFactory - An old deprecated constructor has been removed. (See diff.)
The Magnolia team would also like to thank everyone who reported issues, contributed patches, or simply commented on issues for this release. Your continued interest helps us make Magnolia better. Special thanks go to Nils Breunese, Arne Diekmann, Thomas Duffey, Gernot Fussan, Rico Jansen, Michiel Meeuwissen, Frank Sommer, James Spence and Tom Wespi.