Skip to content

Add release notes for 4.5.0 #2062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
alhambrav wants to merge 20 commits into
base: master
Choose a base branch
from
Draft

Add release notes for 4.5.0 #2062

alhambrav wants to merge 20 commits into from
+222 −37

Conversation

@alhambrav
Copy link
Member

@alhambrav alhambrav commented Sep 22, 2025

Ticket reference or full description of what's in the PR

Add release notes for 4.5.0

@coderabbitai
Copy link

coderabbitai bot commented Sep 22, 2025
edited
Loading

Summary by CodeRabbit

  • New Features

    • Studio maintenance mode; Groovy sandbox whitelists; search input focuses when activated

  • Enhancements

    • Serverless performance improvements with caching; configurable search connection pool; improved OpenSearch query caching; expanded search keyword support (broader Latin character set)

  • Bug Fixes

    • Fixed repeating-group and delete-renamed-folder issues; fixed Studio user search with square brackets; corrected repository password description and minor example/text tweaks

  • Documentation

    • Added 4.5.0 release notes and breaking-changes entry; site/version metadata bumped and release listings updated

✏️ Tip: You can customize this high-level summary in your review settings.

Walkthrough

Updated documentation and Sphinx metadata to 4.5.0: added release notes and breaking-changes entries for 4.5.0, expanded Studio SEARCH_KEYWORDS validation regex, and bumped an embedded Deployer OpenAPI/Redoc spec and example payloads from 4.4.4 → 4.5.0 (plus minor text fixes).

Changes

Cohort / File(s) Summary
Version metadata updates
source/conf.py, source/index.rst, source/support.rst, source/release-notes/index.rst		 Bumped release/last-updated/displayed version strings to 4.5.0 and adjusted supported-versions table and release-notes includes.
Release notes: 4.5.0
source/release-notes/4-5-0.rst		 Added new 4.5.0 release notes describing features, enhancements, bug fixes, dependency updates, and upgrade guidance.
Breaking changes index update
source/release-notes/4-x-breaking-changes.rst		 Updated last-updated to 4.5.0 and inserted the 4.5.0 breaking-changes section (including OpenSearch toQuery() guidance).
Deployer API docs spec bump
source/_static/api/deployer.html		 Updated embedded OpenAPI/Redoc state and spec metadata from 4.4.4 → 4.5.0; adjusted example payload timestamps/text and corrected repo_password description.
Studio reference update
source/reference/modules/studio.rst		 Bumped last-updated to 4.5.0 and expanded studio.validation.regex.SEARCH_KEYWORDS to allow additional punctuation, brackets, apostrophe, and Latin characters.

Sequence Diagram(s)

(omitted — changes are documentation and small validation/metadata updates; no new multi-component control flow introduced)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested reviewers

  • sumerjabri
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately reflects the main change: adding release notes for version 4.5.0, which is the primary purpose of this PR.
Description check ✅ Passed The PR description matches the template structure and provides the required information by restating the title as the ticket description.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 46b4e9f and e764c55.

📒 Files selected for processing (1)
  • source/release-notes/4-5-0.rst
🚧 Files skipped from review as they are similar to previous changes (1)
  • source/release-notes/4-5-0.rst

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@alhambrav
Copy link
Member Author

alhambrav commented Sep 22, 2025

@CodeRabbit full review

@coderabbitai
Copy link

coderabbitai bot commented Sep 22, 2025

✅ Actions performed

Full review triggered.

coderabbitai[bot]
coderabbitai bot reviewed Sep 22, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Nitpick comments (4)
source/release-notes/4-x-breaking-changes.rst (1)

26-35: Clarify default Groovy sandbox impact and mitigation

Add one line with the exact toggle/override path or property to disable/extend the allowlist per component so users can quickly unblock upgrades.

Suggested addition:

- - CrafterCMS version 4.5.0 added a whitelist for Groovy scripts ...
+ - CrafterCMS version 4.5.0 added an allowlist (whitelist) for Groovy scripts ...
+   You can extend it via per‑component configuration (e.g., studio: `studio.groovy.sandbox.whitelist.*`, engine: `engine.groovy.sandbox.whitelist.*`, deployer: `deployer.groovy.sandbox.whitelist.*`).
source/index.rst (1)

74-74: Latest version line updated

OK. Consider adding a short note linking to breaking changes for visibility.

-The latest version of CrafterCMS is `version 4.5.0 <https://craftercms.com/download>`__.
+The latest version of CrafterCMS is `version 4.5.0 <https://craftercms.com/download>`__. See :ref:`breaking-changes-4-x` before upgrading.
source/release-notes/4-5-0.rst (2)

19-23: Groovy sandbox: add quick guidance

Add a one‑sentence “How to extend the allowlist” pointer per component.

- See :ref:`Deployer Groovy Sandbox <deployer-groovy-sandbox-configuration>`, ...
+ See :ref:`Deployer Groovy Sandbox <deployer-groovy-sandbox-configuration>`, ...
+ To allow custom classes/methods, extend the sandbox allowlist in your component’s configuration.

56-57: Capitalize dependency names; optional links

Minor copy edit.

-  - Spring security to version 6.5.4
-  - Mariadb4j to version 3.1.0.5
+  - Spring Security to version 6.5.4
+  - MariaDB4j to version 3.1.0.5

Optionally link to changelogs.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5600fe4 and db61d65.

📒 Files selected for processing (8)
  • source/_static/api/deployer.html (2 hunks)
  • source/conf.py (1 hunks)
  • source/index.rst (2 hunks)
  • source/reference/modules/studio.rst (2 hunks)
  • source/release-notes/4-5-0.rst (1 hunks)
  • source/release-notes/4-x-breaking-changes.rst (3 hunks)
  • source/release-notes/index.rst (2 hunks)
  • source/support.rst (2 hunks)
🔇 Additional comments (11)
source/support.rst (1)

2-2: LGTM on metadata bump

:last-updated set to 4.5.0 looks consistent with the PR intent.

source/reference/modules/studio.rst (1)

2-2: LGTM on metadata bump

:last-updated updated to 4.5.0 aligns with this release.

source/conf.py (1)

32-32: Version bump looks good — verify 4.5.0 Javadoc is published & reachable

Location: source/conf.py:32 — release='4.5.0' flows into extlinks. I checked https://javadoc.craftercms.org/4.5.0 (index and package pages) — all returned HTTP 403 (Forbidden), not 200. Confirm the 4.5.0 Javadoc is published and publicly accessible or update extlinks / revert the bump.

source/_static/api/deployer.html (1)

413-415: Version banner correctly reflects 4.5.0

Header and displayed version are in sync.

source/release-notes/4-x-breaking-changes.rst (1)

2-2: Meta updated to 4.5.0

Good.

source/index.rst (1)

2-2: Meta bump to 4.5.0

Looks good.

source/release-notes/index.rst (2)

2-2: Meta bump to 4.5.0

OK.

14-15: Include 4.5.0 at top

Ordered correctly.

source/release-notes/4-5-0.rst (3)

24-26: Enterprise badge and cache details

Confirm the |enterpriseOnly| substitution renders and add a link to the enterprise caching doc.

- Improved startup and first page load speeds by using Redis/ValKey as a cache in front of S3.
+ Improved startup and first page load speeds by using Redis/ValKey as a cache in front of S3. See :ref:`enterprise-caching`.

30-37: Search connection pool and default filters

Good callouts; verify anchors exist.

45-49: Property name and links

Confirm the property key is exactly studio.validation.regex.SEARCH_KEYWORDS and that the referenced sections exist.

coderabbitai[bot]
coderabbitai bot reviewed Sep 23, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
source/support.rst (1)

24-28: Make series label styling consistent; confirm “Latest” policy for unreleased series.

  • Only 4.5 is a hyperlink; other series are plain text. Suggest making 4.5 plain for consistency (or link all series).

Apply to standardize styling:

-    * - `4.5 <https://craftercms.com/download>`__
+    * - 4.5

Also, confirm whether showing “Latest: 4.5.0 (TBD, 2025)” pre‑release matches your Support page policy. If not, consider “TBD” or “—” until GA.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e6fd1fe and 227373d.

📒 Files selected for processing (1)
  • source/support.rst (2 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-09-23T14:20:52.668Z 
Learnt from: alhambrav
PR: craftercms/docs#2062
File: source/release-notes/4-5-0.rst:7-7
Timestamp: 2025-09-23T14:20:52.668Z
Learning: In CrafterCMS release notes files, "Released *TBD, 2025*" placeholders are intentionally used during release preparation phase. The actual release date is only set once the product is officially released, not during the preparation phase.

Applied to files:

  • source/support.rst
🔇 Additional comments (2)
source/support.rst (2)

2-2: Version bump looks correct.
:last-updated set to 4.5.0 aligns with the new 4.5 row below.

29-33: 4.4 row: statuses should not be TBD; also, prior “Latest” issue is resolved.

  • Good: “Latest” now correctly shows 4.4.4 (resolves the earlier comment).
  • Suggest replacing “:green:TBD” with explicit statuses (likely “:green:Active”) unless you intend to set end dates.

Proposed update:

-      - :green:`TBD`
-      - :green:`TBD`
+      - :green:`Active`
+      - :green:`Active`

@alhambrav
Copy link
Member Author

alhambrav commented Sep 24, 2025

Commit: 2a82cfc and db34259 for

User search with [SA] breaks Studio UI

@alhambrav
Copy link
Member Author

alhambrav commented Oct 23, 2025

Commits cbb8b62 and 45be751: Updates for whitelist default https://github.com/craftersoftware/craftercms/issues/1178

@github-project-automation github-project-automation bot moved this to Todo in v4.5.0 Oct 23, 2025
@alhambrav
Copy link
Member Author

alhambrav commented Dec 9, 2025

commit 75d53a3: Add note for OpenSearch upgrade to 3.3
craftercms/craftercms#8453

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

pending release

Projects

v4.5.0
Status: Todo

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alhambrav @sumerjabri