Plone 5.2.7
There may be hotfixes applicable to this release. Always check the Plone Hotfix page before production deployment.
Release notes
License | GPL |
---|---|
Date released | 2022-01-28 |
Release manager | Eric Steele |
Plone 5.2.7 is a bug fix release of Plone 5.2. Release Manager for this version is Maurits van Rees (despite the automated text above).
Installers can be downloaded with the buttons below. Experienced users can update their buildout config by pointing to https://dist.plone.org/release/5.2.7/versions.cfg.
Linux/BSD/Unix users: Use the Unified Installer. It is a configuration and setup kit with build scripts.
Windows 10 users: use the Unified Installer. See Windows-specific installation instructions. Consider using the unified installer within the Windows Subsystem for Linux (WSL).
OS X users: use the Vagrant kit or install XCode command-line tools and use the Unified Installer.
Automated provisioning: See Plone's Ansible Playbook for a full-stack installation kit.
Cross-platform Docker: install Docker and use the Plone Docker image.
For the Plone 5.2 upgrade guide, see https://docs.plone.org/manage/upgrading/
Specific release notes for Plone 5.2.7:
Some highlights of this release are:
- `plone.app.contenttypes` and `Products.ATContentTypes`: Security fix: prevent cache poisoning with the Referer header. See security advisory.
- `plone.app.linkintegrity`: Track integrity of video and audio files in HTML source tags.
- `plone.app.z3cform` and `plone.app.textfield`: Enable multiple wysiwyg editors (use default editor registry setting).
- `plone.namedfile`: Make `DefaultImageScalingFactory` more flexible, with methods you can override.
- `plone.app.layout`: Improved the Global section viewlet:
- Catalog based navigation.
- Allow more customization by adding methods as hooks.
- Various performance optimizations.
- Deprecate now unused navtree_depth property.
- `diazo`: Removed `FormEncode` test dependency.
- `plone.restapi`: Be permissive when testing the schema of the querystring endpoint.
Downloads
-
Unified Installer tarball -- builds Plone on most Linux/macOS/Windows 10 systems
all platforms (5.6 MB) -
Unified Installer zip
Windows (5.6 MB)
Changes
collective.recipe.omelette: 1.0.0 → 1.1.0
- Fix 2to3 old setuptools hook [goschtl]
- mordernize to python3 code [goschtl]
- update to new zope.testing [goschtl]
- use pytest and tox [goschtl]
- Note: tested on Python 2.7 and 3.6-3.10.
plone.releaser: 1.8.4 → 1.8.6
Bug fixes:
- Insert buildout:docs-directory when reading sources. Workaround for issue similar to mr.roboto 89. [maurits] (#89)
- Fix InterpolationMissingOptionError when parsing coredev 6.0 sources. [maurits] (#42)
repoze.xmliter: 0.6 → 0.6.1
- Fixed tests with lxml 4.7.1 or higher. Fixes issue 8. [maurits]
diazo: 1.4.1 → 1.4.2
Bug fixes:
- Remove FormEncode test dependency. [maurits] (#83)
Plone: 5.2.6 → 5.2.7
Bug fixes:
- Release Plone 5.2.7 final. [maurits]
plone.app.contentlisting: 2.0.4 → 2.0.6
Bug fixes:
- Do not throw an error when the contenttype is not in the mimetypes_registry. [tschorr] (#41)
- Adapt the tests for Plone 6 [ale-rt] (#39)
plone.app.contenttypes: 2.2.2 → 2.2.3
Bug fixes:
- Security fix: prevent cache poisoning with the Referer header. See security advisory <https://github.com/plone/plone.app.contenttypes/security/advisories/GHSA-f7qw-5fgj-247x>. [maurits] (#1)
- Depend on plone.namedfile core instead of its empty [blobs] extra. [maurits] (#106)
plone.app.dexterity: 2.6.9 → 2.6.10
Bug fixes:
- Depend on plone.namedfile core instead of its empty [scales] extra. [maurits] (#106)
plone.app.layout: 3.4.6 → 3.5.1
New features:
Global section viewlet: Catalog based navigation. Show the global sections also if navigation contains items but tabs are empty. This allows for disabling portal tabs rendering and constructing the navigation only from the catalog query. [thet] (273-1)
Global sections viewlet: Customize entries and query. Also allow customizing the tabs entries and the navigation query along with the other navigation entries. [thet] (273-2)
Global sections viewlet: Factor out types_using_view. Factor out types_using_view so that this method can be re-used, e.g. in a subclass with a customize_entry method. [thet] (273-3)
Global sections viewlet performance optimizations:
- Remove pointless caching on types_using_view,
- Store settings in variable for multiple access, bypassing cache checks,
- Remove now pointless caching on settings property,
- Deprecate now unused navtree_depth property.
[thet] (#275)
Remove pointless caching on types_using_view,
Store settings in variable for multiple access, bypassing cache checks,
Remove now pointless caching on settings property,
Deprecate now unused navtree_depth property.
Bug fixes:
- Escape navigation titles only once. [thomasmassmann] (#280)
plone.app.linkintegrity: 3.4.1 → 3.5.0
New features:
- Track integrity of video and audio files in HTML source tags. (#77)
plone.app.textfield: 1.3.5 → 1.3.6
Bug fixes:
- Fix usage of wysiwyg editor settings from portal_properties to registry [duchenean, gotcha] (#45)
plone.app.upgrade: 2.0.41 → 2.1.0
New features:
- Removed the Plone 6 upgrade code. From now on, the 2.x branch is for Plone 5.2, master is for Plone 6. [maurits] (#227)
Bug fixes:
- Added upgrade to 5215, Plone 5.2.7. [maurits] (#5215)
plone.app.z3cform: 3.2.2 → 3.2.3
New features:
- Enable multiple wysiwyg editors (use default editor registry setting) [duchenean, gotcha] (#45)
plone.cachepurging: 2.0.3 → 2.0.4
Bug fixes:
- Better debugging capabilities by enhancing the output of the purge views @@plone.cachepurging.purge and @@plone.cachepurging.queue. [jensens] (#21)
plone.dexterity: 2.10.4 → 2.10.5
Bug fixes:
- Incorporate plone.synchronize its one and only simple synchronized function into plone.dexterity, which were the only consumer. Also moves the test. Removes a dependency and a package to look after. [jensens] (#157)
- Avoid setting a default value on methods. If a Schema Interface has a method in it, i.e. to be used as a constraint for another field, etc. the default_from_schema function would trip over it while trying to get a default value for it. [gforcada, jensens] (#158)
- Fixes schema name generated in Python 2. [wesleybl] (#159)
plone.namedfile: 5.5.1 → 5.6.0
New features:
- Make DefaultImageScalingFactory more flexible, with methods you can override. [maurits] (#104)
plone.restapi: 7.5.0 → 7.7.0
Breaking changes:
- Be permissive when testing the schema of the querystring endpoint [reebalazs] (#1307)
New features:
- Format zcml files with collective.zpretty. Add zpretty Github workflow. @tiberiuichim (#1120)
- Fix tests for Plone 4.3 and 5.2 with Python 2.7 @ichim-david (#1243)
Products.CMFPlone: 5.2.6 → 5.2.7
Bug fixes:
- Release Plone 5.2.7 final. No changes compared to last release candidate. [maurits] (#3413)
- Add plone.synchronize as dependency, because plone.dexterity 2.10.5 has removed this dependency. Core Plone does not need the package anymore, but in case someone uses it, it is not nice to lose it in a bugfix release of Plone. [maurits] (#157)
- The portal catalog will not try to index itself anymore [ale-rt] (#3312)
- Load adapter for index location, only if Archetypes is installed. [wesleybl] (#3347)
- Add missing lxml dependency [MrTango] (#3356)
- Update metadata version to 5215, Plone 5.2.7. [maurits] (#5215)
Products.GenericSetup: 2.1.4 → 2.1.5
- Fix #114: Problems using ZMI on multi-instance clusters due to instable hash key. (#114)
- Move several tabs to Zope 4+ ZMI-markup standard. [jensens]
Products.MimetypesRegistry: 2.1.8 → 2.1.9
Bug fixes:
- Fix missing comma in install_requires. [maurits] (#21)
Products.PluggableAuthService: 2.6.4 → 2.7.0
plone.app.debugtoolbar: 1.2.2 → 1.2.3
Bug fixes:
- Fix missing zcml directive when plone.app.standardtiles is installed. [petschki] (#18)
- Fix brackets in toolbar-help [djowett] (#25)
- Fix a compatibility issue with Python 3.8 (#27)
plone.app.versioningbehavior: 1.4.3 → 1.4.5
Bug fixes:
- Depend on plone.namedfile core instead of its empty [blobs] extra. [maurits] (#106)
- Fix tests on Python 2 with newer plone.dexterity using repr for the schema. [wesleybl] (#60)
z3c.jbot: 1.1.0 → 1.1.1
plone.app.tiles: 3.2.0 → 3.2.3
FormEncode: 1.3.1 → 2.0.1
plone.app.blob: 1.8.1 → 1.8.2
Bug fixes:
- Minor package improvements. (#56)
Products.ATContentTypes: 3.0.5 → 3.0.6
Bug fixes:
- Security fix: prevent cache poisoning with the Referer header. See security advisory <https://github.com/plone/Products.ATContentTypes/security/advisories/GHSA-g4c2-ghfg-g5rh>. [maurits] (#1)