Yii Framework 2 Change Log ========================== 2.0.25 August 13, 2019 ---------------------- - Bug #15779: If directory path is passed to `FileHelper::unlink()` and directory has files it will not delete files in this directory on Windows now (alexkart) - Bug #17223: Fixed detaching a behavior event when it is a Closure instance (GHopperMSK, rob006) - Bug #17473: Fixed `SimpleConditionBuilder::build()` when column is not a string (alexkart) - Bug #17485: Reverted #17477 (samdark) - Bug #17486: Fixed error when using `batch()` without `$db` parameter with MSSQL (alexkart) 2.0.24 July 30, 2019 -------------------- - Bug #10020: Fixed quoting of column names with dots in MSSQL (alexkart) - Bug #16796: Fixed addition and removal of table and column comments in MSSQL (sdlins) - Bug #17219: Fixed quoting of table names with spaces in MSSQL (alexkart) - Bug #17424: Subdomain support for `User::loginRequired` (alex-code) - Bug #17437: Fixed generating namespaced migrations (bizley) - Bug #17449: Fixed order of SQL column build syntax for MySQL migration (choken) - Bug #17457: Fixed `phpTypecast()` for MSSQL (alexkart) - Bug #17469: Fixed updating `Yii` logger instance when setting new logger via configuration (samdark) 2.0.23 July 16, 2019 -------------------- - Bug #10023: Fixed MSSQL "There are no more rows in the active result set" exception when using `each()` and `batch()` (alexkart) - Bug #17395: Fixed issues with actions that contain underscores in their names (alexkart) - Bug #17413, #17418, #17426, #17431: Fixed MSSQL tests (alexkart) - Bug #17420: Fixed loading of column default values for MSSQL (alexkart) - Bug #17435: Fixed `i18n_init` migration for MSSQL (alexkart) 2.0.22 July 02, 2019 -------------------- - Bug #16394: Fixed issues in `migrate/create` when specifying default values with colons and adding multiple columns (alexkart) - Bug #17057: Fixed issues with table names that contain special characters or keywords in MSSQL (alexkart) - Bug #17325: Fixed "Cannot drop view" for MySQL while `migrate/fresh` (alexkart) - Bug #17341: Re-added fix for error from yii.activeForm.js in strict mode (mikehaertl) - Bug #17384: Fixed SQL error when passing `DISTINCT ON` queries (brandonkelly) - Bug #17389: Fixed `UniqueValidator` to work with Active Record having `joinWith()` in its `find()` (garthpmurray) - Enh #17382: Added `\yii\validators\DateValidator::$strictDateFormat` to enable strict validation (alexkart) - Enh #17396: Added 'invoked by controller' to the debug log message when `\yii\base\Action` is used (alexkart) 2.0.21 June 18, 2019 -------------------- - Bug #16565: Added missing parts of the context message in `\yii\log\Target::collect` (alexkart) - Bug #17070: Striped invalid character from fallback file name in `Content-Disposition` header when using `\yii\web\Response::sendFile` (alexkart) - Bug #17332: Trigger 'change' for checkboxes in GridView (andrii-borysov-me) - Bug #17341: Fixed error from yii.activeForm.js in strict mode (mikehaertl) - Bug #17341: Allowed callable objects to be set to `\yii\filters\AccessRule::$roleParams` (alexkart) - Bug #17356: MSSQL Schema was not detecting string field size (ricarnevale, sdlins) - Enh #17344: Improved performance of `yii\db\Connection::addSelect()` (brandonkelly) - Enh #17345: Improved performance of `yii\db\Connection::quoteColumnName()` (brandonkelly) - Enh #17348: Improved performance of `yii\db\Connection::quoteTableName()` (brandonkelly) - Enh #17353: Added `sameSite` support for `yii\web\Cookie` and `yii\web\Session::cookieParams` (rhertogh) 2.0.20 June 04, 2019 -------------------- - Bug #16509: Fixed console command help text wordwrap for multi-byte strings (alexkart) - Bug #17299: Fixed adding of input error class in `\yii\widgets\ActiveField::widget` (alexkart) - Bug #17328: Added mime aliases for BMP and SVG files (cmoeke) - Bug #17336: Fixed wildcard matching in Event::hasHandlers() (samdark) - Bug #12080: Fixed afterValidate triggering when any validation occurs (czzplnm) 2.0.19 May 21, 2019 ------------------- - Bug #12077, #12135, #17263: Fixed PostgreSQL version of `alterColumn()` to accept properly `ColumnSchemaBuilder` definition of column (bizley) - Bug #16918: Console Table widget variables visibility was changed to protected to allow extending it (samdark) - Bug #17233: Fixed bug with integer model attribute names in Validator class (nadar) - Bug #17306: Added ".mjs" extensions to mimetypes meta (samdark) - Bug #17313: Support jQuery 3.4 (samdark) 2.0.18 April 23, 2019 --------------------- - Bug #16589: Fixed not using `defaultValue` in `BlameableBehavior` for console app (evil1) - Bug #16820: `yii\filters\Cors::prepareHeaders()` now accepts Access-Control-Allow-Headers in preflight response (georgezim85) - Bug #17220: Fixed error when using non-InputWidget in active form field (s1lver) - Bug #17235: `yii\helpers\FileHelper::normalizePath()` now accepts stream wrappers (razvanphp) - Bug #17268: Fixed Formatter didn't take power into account (samdark) 2.0.17 March 22, 2019 --------------------- - Bug #9438, #13740, #15037: Handle DB session callback custom fields before session closed (lubosdz) - Bug #16158: Fix multiple select validation was trigged on other fields blur event (GHopperMSK) - Bug #16335: Fixed in `yii\filters\AccessRule::matchIP()` user IP validation with netmask in rule (omentes) - Bug #16681: `ActiveField::inputOptions` were not used during some widgets rendering (GHopperMSK) - Bug #17083: Fixed `yii\validators\EmailValidator::$checkDNS` tells that every domain is correct on alpine linux (mikk150) - Bug #17124: Fixed ErrorException when run `./yii fixture/unload` without arguments (ricpelo) - Bug #17127: `yii\db\ActiveRecord::findOne()` now accepts table aliases (albertborsos) - Bug #17133: Fixed aliases rendering during help generation for a console command (GHopperMSK) - Bug #17152: Fixed error page when using traceline option (asamats) - Bug #17156: Fixes PHP 7.2 warning when a data provider has no data as a parameter for a GridView (evilito) - Bug #17180: Do not populate `yii\web\Response::$response` when response code is 204 (mikk150) - Bug #17185: Fixed `AssetManager` timestamp appending when a file is published manually (GHopperMSK) - Bug #17215: Improved security for servers running PHP 7.0.0+ (brandonkelly) 2.0.16.1 February 28, 2019 -------------------------- - Bug #17089: Fixed caching of related records when `via()` using with callable (rugabarbo) - Bug #17094: Fixed response on 204 status. Now it is empty (GHopperMSK) - Bug #17098: Fixed message/extract when using message params returned from method calls (rugabarbo) - Bug #17150: Fixed `yii\helpers\BaseInflector::camel2words()` splitting `ALLCAPS` words on each letter (brandonkelly) - Bug #17093: Fixed regression in `DataProvider::totalCount` (samdark) 2.0.16 January 30, 2019 ----------------------- - Bug #5341: HasMany via two relations (shirase, cebe) - Bug #10843: Additional hidden input rendered by `yii\helpers\BaseHtml` methods inherits `disabled` HTML option if provided and set to `true` (bizley) - Bug #11960: Fixed `checked` option ignore in `yii\helpers\BaseHtml::checkbox()` (misantron) - Bug #13932: Fix number validator attributes comparison (uaoleg, s1lver) - Bug #13977: Skip validation if file input does not exist (RobinKamps, s1lver) - Bug #14039, #16636: Fixed validation for disabled inputs (s1lver, omzy83) - Bug #14230: Fixed `itemsOptions` ignored in `checkBoxList` and `radioList` (s1lver) - Bug #14230: Fixed `itemsOptions` ignored in `checkBoxList` (s1lver) - Bug #14368: Added `role` attribute for active radio list (s1lver) - Bug #14636: Views can now use relative paths even when using themed views (sammousa) - Bug #14660: Fixed `yii\caching\DbCache` concurrency issue when set values with the same key (rugabarbo) - Bug #14759: Fixed `yii\web\JsonResponseFormatter` output for `null` data (misantron) - Bug #14901: Fixed trim validation for radio/checkbox button (s1lver) - Bug #14950: Fixed `yii\i18n\Formatter` methods `asInteger`, `asDecimal`, `asPercent`, and `asCurrency` outputs for very big numbers (bizley) - Bug #15117: Fixed `yii\db\Schema::getTableMetadata` cache refreshing (boboldehampsink) - Bug #15167: Fixed loading of default value `current_timestamp()` for MariaDB >= 10.2.3 (rugabarbo, bloodrain777, Skinka) - Bug #15204: `yii\helpers\BaseInflector::slug()` is not removing substrings matching provided replacement from given string anymore (bizley) - Bug #15286: Fixed incorrect formatting of time with timezone information (rugabarbo) - Bug #15482: AR::find()->with() missing data when using string identifiers for relations (rugabarbo) - Bug #15528: Fix timestamp formatting to always use decimal notation in `yii\log\Target::getTime()` (rob006) - Bug #15548: Fixed index names collision in RBAC (gonimar) - Bug #15683: Fixed file as array uploading in MultipartFormDataParser (Groonya) - Bug #15791: Added a warning when the form names conflict (s1lver, rustamwin) - Bug #15798: Fixed render `yii\grid\RadioButtonColumn::$content` and `yii\grid\CheckboxColumn::$content` (lesha724) - Bug #15802: Fixed exception class in yii\di\Container (vuchastyi, developeruz) - Bug #15826: Fixed JavaScript compareValidator in `yii.validation.js` for attributes not in rules (mgrechanik) - Bug #15850: check basePath is writable on publish in AssetManager (Groonya) - Bug #15875: afterSave for new models flushes unsaved data (shirase) - Bug #15876: `yii\db\ActiveQuery::viaTable()` now throws `InvalidConfigException`, if query is not prepared correctly (silverfire) - Bug #15889: Fixed override `yii\helpers\Html::setActivePlaceholder` (lesha724) - Bug #15931: `yii\db\ActiveRecord::findOne()` now accepts quoted table and column names using curly and square braces respectively (silverfire) - Bug #15988: Fixed bash completion (alekciy) - Bug #16006: Handle case when `X-Forwarded-Host` header have multiple hosts separated with a comma (pgaultier) - Bug #16010: Fixed `yii\filters\ContentNegotiator` behavior when GET parameters contain an array (rugabarbo) - Bug #16022: Fix UniqueValidator for PostgreSQL. Checks the uniqueness of keys in `jsonb` field (lav45) - Bug #16028: Fix serialization of complex cache keys that contain non-UTF sequences (rugabarbo) - Bug #16039: Fixed implicit conversion from `char` to `varbinnary` in MSSQL (vsivsivsi) - Bug #16068: Fixed `yii\web\CookieCollection::has` when an expiration param is set to 'until the browser is closed' (OndrejVasicek) - Bug #16073: Fixed regression in Oracle `IN` condition builder for more than 1000 items (cebe) - Bug #16081: Fixed composite IN using just one column (rugabarbo) - Bug #16091: Make `yii\test\InitDbFixture` work with non-SQL DBMS (cebe) - Bug #16101: Fixed Error Handler to clear registered meta tags, link tags, css/js scripts and files in error view (bizley) - Bug #16104: Fixed `yii\db\pgsql\QueryBuilder::dropIndex()` to prepend index name with schema name (wapmorgan) - Bug #16120: FileCache: rebuild cache file before touch when different file owner (Slamdunk) - Bug #16183: Fixed when `yii\helpers\BaseFileHelper` sometimes returned wrong value (samdark, SilverFire, OndrejVasicek) - Bug #16184: Fixed `yii\base\Widget` to access `stack` property with `self` instead of `static` (yanggs07) - Bug #16193: Fixed `yii\filters\Cors` to not reflect origin header value when configured to wildcard origins (Jianjun Chen) - Bug #16217: Fixed `yii\console\controllers\HelpController` to work well in Windows environment (samdark) - Bug #16245: Fixed `__isset()` in `BaseActiveRecord` not catching errors (sammousa) - Bug #16252: Fixed `yii\base\DynamicModel` for checking exist property (vuongxuongminh) - Bug #16253: Fixed empty checkboxlist validation (GHopperMSK) - Bug #16266: Fixed `yii\helpers\BaseStringHelper` where explode would not allow 0 as trim string (Thoulah) - Bug #16277: Fixed `yii\db\Query::from()` to respect `yii\db\ExpressionInterface` (noname007) - Bug #16278: Fixed drop existing views when console `migrate/fresh` command runs (developeruz) - Bug #16280: Fixed `yii\base\Model::getActiveValidators()` to return correct validators for attribute on scenario (paweljankowiak06) - Bug #16292: Fixed misconfigured CORS filter exception throwing. Now it throws `InvalidConfigException` in Debug mode (khvalov) - Bug #16301: Fixed `yii\web\User::setIdentity()` to clear access check cache while setting identity object to `null` (Izumi-kun) - Bug #16322: Fixed strings were not were not compared using timing attack resistant approach while CSRF token validation (samdark, Felix Wiedemann) - Bug #16331: Fixed console table without headers (rhertogh) - Bug #16377: Fixed `yii\base\Event:off()` undefined index error when event handler does not match (razvanphp) - Bug #16424: `yii\db\Transaction::begin()` throws now `NotSupportedException` for nested transaction and DBMS not supporting savepoints (bizley) - Bug #16425: Check for additional values for disabled confirm dialog (Alex-Code, s1lver) - Bug #16469: Allow cache to be specified as interface and to be configured in DI container (alexeevdv) - Bug #16490: Fix schema on rbac init (marcelodeandrade) - Bug #16514: Fixed `yii\di\Container::resolveCallableDependencies` to support callable object (wi1dcard) - Bug #16527: Fixed return content for `\yii\widgets\ActiveForm::run()` (carono) - Bug #16552: Added check in `yii\db\ActiveQuery::prepare()` to prevent populating already populated relation when another relation is requested with `via` (drlibra) - Bug #16558: Added cloning `yii\data\ActiveDataProvider::query` property when ActiveDataProvider object is cloned (mgrechanik) - Bug #16580: Delete unused php message files in MessageController if `$removeUnused` option is on (Groonya) - Bug #16648: Html::strtolower() was corrupting UTF-8 strings (Kolyunya) - Bug #16657: Ensure widgets after run event result contains the result of the rendered widget (AdeAttwood) - Bug #16666: Fixed `yii\helpers\ArrayHelper::merge` (rustamwin) - Bug #16680: Fixed ActiveField 'text' input with maxlength (s1lver) - Bug #16687: Add missing translations for `nl-NL` durations used in `yii\i18n\Formatter::asDuration()` (alexeevdv) - Bug #16716: The ability to filter by pressing the Enter key when the option `$filterOnFocusOut` off (s1lver) - Bug #16748: Fixed params when normalize data (marcelodeandrade) - Bug #16752: Fix rotating files under Windows (samdark, nadirvishun) - Bug #16766: `yii\filters\ContentNegotiator` was not setting `Vary` header to inform cache recipients (koteq, cebe, samdark) - Bug #16822: Create config dir recursively in message/config (Groonya) - Bug #16828: `yii\console\controllers\MessageController::translator` recognized object' methods and functions calls as identical sets of tokens (erickskrauch) - Bug #16836: Fix `yii\mutex\MysqlMutex` to handle locks with names longer than 64 characters (rob006) - Bug #16838: `yii\mutex\Mutex::acquire()` no longer returns `true` if lock is already acquired by the same component in the same process (rob006) - Bug #16858: Allow `\yii\console\widgets\Table` to render empty table when headers provided but no columns (damiandziaduch) - Bug #16891: Fixed Pagination::totalCount initialized incorrectly (taobig) - Bug #16897: Fixed `yii\db\sqlite\Schema` missing primary key constraint detection in case of `INTEGER PRIMARY KEY` (bizley) - Bug #16903: Fixed 'yii\validators\NumberValidator' method 'isNotNumber' returns false for true/false value (annechko) - Bug #16910: Fix messages sorting on extract (Groonya) - Bug #16945: Fixed RBAC DbManager ruleName fetching on the case of PDO::ATTR_ORACLE_NULLS => PDO::NULL_TO_STRING (razonyang) - Bug #16959: Fixed typo in if condition inside `yii\web\DbSession::typecastFields()` that caused problems with session overwriting (silverfire) - Bug #16966: Fix ArrayExpression support in related tables (GHopperMSK) - Bug #16969: Fix `yii\filters\PageCache` incorrectly storing empty data in some cases (sammousa) - Bug #16974: Regular Expression Validator to include support for 'u' (UTF-8) modifier (Dzhuneyt) - Bug #16991: Removed usage of `utf8_encode()` from `Request::resolvePathInfo()` (GHopperMSK) - Bug #17021: Fix to do not remove existing message category files in a subfolder (albertborsos) - Bug: Fixed bad instanceof check in `yii\db\Schema::getTableMetadata()` (samdark) - Bug: (CVE-2018-14578): Fixed CSRF token check bypassing in `\yii\web\Request::getMethod()` (silverfire) - Bug: (CVE-2018-19454): Fixed excess logging of sensitive information in `\yii\log\Target` (silverfire) - Enh #9133: Added `yii\behaviors\OptimisticLockBehavior` (tunecino) - Enh #14289: Added `yii\db\Command::executeResetSequence()` to work with Oracle (CedricYii) - Enh #14367: In `yii\db\mysql\QueryBuilder` added support fractional seconds for time types for MySQL >= 5.6.4 (konstantin-vl) - Enh #16151: `ActiveQuery::getTableNameAndAlias()` is now protected (s1lver) - Enh #16151: Change of scope for method `getTableNameAndAlias()` (s1lver) - Enh #16191: Enhanced `yii\helpers\Inflector` to work correctly with UTF-8 (silverfire) - Enh #16365: Added $filterOnFocusOut option for GridView (s1lver) - Enh #16522: Allow jQuery 3.3 (Slamdunk) - Enh #16603: Added `yii\mutex\FileMutex::$isWindows` for Windows file shares on Unix guest machines (brandonkelly) - Enh #16839: Increase frequency of lock tries for `yii\mutex\FileMutex::acquireLock()` when $timeout is provided (rob006) - Enh #16839: Add support for `$timeout` in `yii\mutex\PgsqlMutex::acquire()` (rob006) - Enh: `yii\helpers\UnsetArrayValue`, `yii\helpers\ReplaceArrayValue` object now can be restored after serialization using `var_export()` function (silvefire) - Chg #16192: `yii\db\Command::logQuery()` is now protected, extracted `getCacheKey()` from `queryInternal()` (drlibra) - Chg #16941: Set `yii\console\controllers\MigrateController::useTablePrefix` to true as default value (GHopperMSK) 2.0.15.1 March 21, 2018 ----------------------- - Bug #15931: `yii\db\ActiveRecord::findOne()` now accepts column names prefixed with table name (cebe) 2.0.15 March 20, 2018 --------------------- - Bug #15688: (CVE-2018-7269): Fixed possible SQL injection through `yii\db\ActiveRecord::findOne()`, `::findAll()` (analitic1983, silverfire, cebe) - Bug #15878: Fixed migration with a comment containing an apostrophe (MarcoMoreno) 2.0.14.2 March 13, 2018 ----------------------- - Bug #15776: Fixed slow MySQL constraints retrieving (MartijnHols, berosoboy, sergeymakinen) - Bug #15783: Regenerate CSRF token only when logging in directly (samdark) - Bug #15792: Added missing `yii\db\QueryBuilder::conditionClasses` setter (silverfire) - Bug #15801: Fixed `has-error` CSS class assignment in `yii\widgets\ActiveField` when attribute name is prefixed with tabular index (FabrizioCaldarelli) - Bug #15804: Fixed `null` values handling for PostgresSQL arrays (silverfire) - Bug #15817: Fixed support of deprecated array format type casting in `yii\db\Command::bindValues()` (silverfire) - Bug #15822: Fixed `yii\base\Component::off()` not to throw an exception when handler does not exist (silverfire) - Bug #15829: Fixed JSONB support in PostgreSQL 9.4 (silverfire) - Bug #15836: Fixed nesting of `yii\db\ArrayExpression`, `yii\db\JsonExpression` (silverfire) - Bug #15839: Fixed `yii\db\mysql\JsonExpressionBuilder` to cast JSON explicitly (silverfire) - Bug #15840: Fixed regression on load fixture data file (leandrogehlen) - Bug #15858: Fixed `Undefined offset` error calling `yii\helpers\Html::errorSummary()` with the same error messages for different model attributes (FabrizioCaldarelli, silverfire) - Bug #15863: Fixed saving of `null` attribute value for JSON and Array columns in MySQL and PostgreSQL (silverfire) - Bug: Fixed encoding of empty `yii\db\ArrayExpression` for PostgreSQL (silverfire) - Bug: Fixed table schema retrieving for PostgreSQL when the table name was wrapped in quotes (silverfire) 2.0.14.1 February 24, 2018 -------------------------- - Bug #15318: Fixed `session_name(): Cannot change session name when session is active` errors (bscheshirwork, samdark) - Bug #15678: Fixed `resetForm()` method in `yii.activeForm.js` which used an undefined variable (Izumi-kun) - Bug #15692: Fix `yii\validators\ExistValidator` to respect filter when `targetRelation` is used (developeruz) - Bug #15693: Fixed `yii\filters\auth\HttpHeaderAuth` to work correctly when pattern is set but was not matched (bboure) - Bug #15696: Fix magic getter for `yii\db\ActiveRecord` (developeruz) - Bug #15707: Fixed JSON retrieving from MySQL (silverfire) - Bug #15708: Fixed `yii\db\Command::upsert()` for Cubrid/MSSQL/Oracle (sergeymakinen) - Bug #15724: Changed shortcut in `yii\console\controllers\BaseMigrateController` for `comment` option from `-c` to `-C` due to conflict (Izumi-kun) - Bug #15726: Fix ExistValidator is broken for NOSQL (developeruz) - Bug #15728, #15731: Fixed BC break in `Query::select()` method (silverfire) - Bug #15742: Updated `yii\helpers\BaseHtml::setActivePlaceholder()` to be consistent with `activeLabel()` (edwards-sj) - Enh #15716: Added `disableJsonSupport` to MySQL and PgSQL `ColumnSchema`, `disableArraySupport` and `deserializeArrayColumnToArrayExpression` to PgSQL `ColumnSchema` (silverfire) - Enh #15716: Implemented `\Traversable` in `yii\db\ArrayExpression` (silverfire) - Enh #15760: Added `ArrayAccess` support as validated value in `yii\validators\EachValidator` (silverfire) 2.0.14 February 18, 2018 ------------------------ - Bug #8983: Only truncate the original log file for rotation (matthewyang, developeruz) - Bug #9342: Fixed `yii\db\ActiveQueryTrait` to apply `indexBy` after relations population in order to prevent excess queries (sammousa, silverfire) - Bug #11401: Fixed `yii\web\DbSession` concurrency issues when writing and regenerating IDs (samdark, andreasanta, cebe) - Bug #13034: Fixed `normalizePath` for windows network shares that start with two backslashes (developeruz) - Bug #14135: Fixed `yii\web\Request::getBodyParam()` crashes on object type body params (klimov-paul) - Bug #14157: Add support for loading default value `CURRENT_TIMESTAMP` of MySQL `datetime` field (rossoneri) - Bug #14276: Fixed I18N format with dotted parameters (developeruz) - Bug #14296: Fixed log targets to throw exception in case log can not be properly exported (bizley) - Bug #14484: Fixed `yii\validators\UniqueValidator` for target classes with a default scope (laszlovl, developeruz) - Bug #14604: Fixed `yii\validators\CompareValidator` `compareAttribute` does not work if `compareAttribute` form ID has been changed (mikk150) - Bug #14711: (CVE-2018-6010): Fixed `yii\web\ErrorHandler` displaying exception message in non-debug mode (samdark) - Bug #14811: Fixed `yii\filters\HttpCache` to work with PHP 7.2 (samdark) - Bug #14859: Fixed OCI DB `defaultSchema` failure when `masterConfig` is used (lovezhl456) - Bug #14903: Fixed route with extra dashes is executed controller while it should not (developeruz) - Bug #14916: Fixed `yii\db\Query::each()` iterator key starts from 1 instead of 0 (Vovan-VE) - Bug #14980: Fix looping in `yii\i18n\MessageFormatter` tokenize pattern if pattern is invalid (uaoleg, developeruz) - Bug #15031: Fixed incorrect string type length detection for OCI DB schema (Murolike) - Bug #15046: Throw an `yii\web\HeadersAlreadySentException` if headers were sent before web response (dmirogin) - Bug #15122: Fixed `yii\db\Command::getRawSql()` to properly replace expressions (hiscaler, samdark) - Bug #15142: Fixed array params replacing in `yii\helpers\BaseUrl::current()` (IceJOKER) - Bug #15169: Fixed translating a string when NULL parameter is passed (developeruz) - Bug #15194: Fixed `yii\db\QueryBuilder::insert()` to preserve passed params when building a `INSERT INTO ... SELECT` query for MSSQL, PostgreSQL and SQLite (sergeymakinen) - Bug #15229: Fixed `yii\console\widgets\Table` default value for `getScreenWidth()`, when `Console::getScreenSize()` can't determine screen size (webleaf) - Bug #15234: Fixed `\yii\widgets\LinkPager` removed `tag` from `disabledListItemSubTagOptions` (SDKiller) - Bug #15249: Controllers in subdirectories were not visible in commands list (IceJOKER) - Bug #15270: Resolved potential race conditions when writing generated php-files (kalessil) - Bug #15300: Fixed "Cannot read property 'style' of undefined" error at the error screen (vitorarantes) - Bug #15301: Fixed `ArrayHelper::filter()` to work properly with `0` in values (hhniao) - Bug #15302: Fixed `yii\caching\DbCache` so that `getValues` now behaves the same as `getValue` with regards to streams (edwards-sj) - Bug #15317: Regenerate CSRF token if an empty value is given (sammousa) - Bug #15320: Fixed special role checks in `yii\filters\AccessRule::matchRole()` (Izumi-kun) - Bug #15322: Fixed PHP 7.2 compatibility of `FileHelper::getExtensionsByMimeType()` (samdark) - Bug #15353: Remove side effect of ActiveQuery::getTablesUsedInFrom() introduced in 2.0.13 (terales) - Bug #15355: Fixed `yii\db\Query::from()` does not work with `yii\db\Expression` (vladis84, silverfire, samdark) - Bug #15356: Fixed multiple bugs in `yii\db\Query::getTablesUsedInFrom()` (vladis84, samdark) - Bug #15380: `FormatConverter::convertDateIcuToPhp()` now converts `a` ICU symbols to `A` (brandonkelly) - Bug #15407: Fixed rendering rows with associative arrays in `yii\console\widgets\Table` (dmrogin) - Bug #15432: Fixed wrong value being set in `yii\filters\RateLimiter::checkRateLimit()` resulting in wrong `X-Rate-Limit-Reset` header value (bizley) - Bug #15440: Fixed `yii\behaviors\AttributeTypecastBehavior::$attributeTypes` auto-detection fails for rule, which specify attribute with '!' prefix (klimov-paul) - Bug #15462: Fixed `accessChecker` configuration error (developeruz) - Bug #15494: Fixed missing `WWW-Authenticate` header (developeruz) - Bug #15522: Fixed `yii\db\ActiveRecord::refresh()` method does not use an alias in the condition (vladis84) - Bug #15523: `yii\web\Session` settings could now be configured after session is started (StalkAlex, rob006, daniel1302, samdark) - Bug #15536: Fixed `yii\widgets\ActiveForm::init()` for call `parent::init()` (panchenkodv) - Bug #15540: Fixed `yii\db\ActiveRecord::with()` unable to use relation defined via attached behavior in case `asArray` is enabled (klimov-paul) - Bug #15553: Fixed `yii\validators\NumberValidator` incorrectly validate resource (developeruz) - Bug #15621: Fixed `yii\web\User::getIdentity()` returning `null` if an exception had been thrown when it was called previously (brandonkelly) - Bug #15628: Fixed `yii\validators\DateValidator` to respect time when the `format` property is set to UNIX Epoch format (silverfire, gayHacker) - Bug #15644: Avoid wrong default selection on a dropdown, checkbox list, and radio list, when a option has a key equals to zero (berosoboy) - Bug #15658: Fixed `yii\filters\auth\HttpBasicAuth` not to switch identity, when user is already authenticated and identity does not get changed (silverfire) - Bug #15662: Fixed `yii\log\FileTarget` not to create log directory during init process (alexeevdv) - Enh #3087: Added `yii\helpers\BaseHtml::error()` "errorSource" option to be able to customize errors display (yanggs07, developeruz, silverfire) - Enh #3250: Added support for events partial wildcard matching (klimov-paul) - Enh #5515: Added default value for `yii\behaviors\BlameableBehavior` for cases when the user is guest (dmirogin) - Enh #6844: `yii\base\ArrayableTrait::toArray()` now allows recursive `$fields` and `$expand` (bboure) - Enh #7640: Implemented custom data types support. Added JSON support for MySQL and PostgreSQL, array support for PostgreSQL (silverfire, cebe) - Enh #7988: Added `\yii\helpers\Console::errorSummary()` and `\yii\helpers\Json::errorSummary()` (developeruz) - Enh #7996: Short syntax for verb in GroupUrlRule (schojniak, developeruz) - Enh #8092: ExistValidator for relations (developeruz) - Enh #8527: Added `yii\i18n\Locale` component having `getCurrencySymbol()` method (amarox, samdark) - Enh #8752: Allow specify `$attributeNames` as a string for `yii\base\Model` `validate()` method (developeruz) - Enh #9137: Added `Access-Control-Allow-Method` header for the OPTIONS request (developeruz) - Enh #9253: Allow `variations` to be a string for `yii\filters\PageCache` and `yii\widgets\FragmentCache` (schojniak, developeruz) - Enh #9771: Assign hidden input with its own set of HTML options via `$hiddenOptions` in activeFileInput `$options` (HanafiAhmat) - Enh #10186: Use native `hash_equals` in `yii\base\Security::compareString()` if available, throw exception if non-strings are compared (aotd1, samdark) - Enh #11611: Added `BetweenColumnsCondition` to build SQL condition like `value BETWEEN col1 and col2` (silverfire) - Enh #12623: Added `yii\helpers\StringHelper::matchWildcard()` replacing usage of `fnmatch()`, which may be unreliable (klimov-paul) - Enh #13019: Support JSON in SchemaBuilderTrait (zhukovra, undefinedor) - Enh #13425: Added caching of dynamically added URL rules with `yii\web\UrlManager::addRules()` (scriptcube, silverfire) - Enh #13465: Added `yii\helpers\FileHelper::findDirectories()` method (ArsSirek, developeruz) - Enh #13618: Active Record now resets related models after corresponding attributes updates (Kolyunya, rob006) - Enh #13679: Added `yii\behaviors\CacheableWidgetBehavior` (Kolyunya) - Enh #13814: MySQL unique index names can now contain spaces (df2) - Enh #13879: Added upsert support for `yii\db\QueryBuilder`, `yii\db\Command`, and `yii\db\Migration` (sergeymakinen) - Enh #13919: Added option to add comment for created table to migration console command (mixartemev, developeruz) - Enh #13996: Added `yii\web\View::registerJsVar()` method that allows registering JavaScript variables (Eseperio, samdark) - Enh #14043: Added `yii\helpers\IpHelper` (silverfire, cebe) - Enh #14254: add an option to specify whether validator is forced to always use master DB for `yii\validators\UniqueValidator` and `yii\validators\ExistValidator` (rossoneri, samdark) - Enh #14355: Added ability to pass an empty array as a parameter in console command (developeruz) - Enh #14488: Added support for X-Forwarded-Host to `yii\web\Request`, fixed `getServerPort()` usage (si294r, samdark) - Enh #14538: Added `yii\behaviors\AttributeTypecastBehavior::typecastAfterSave` property (littlefuntik, silverfire) - Enh #14546: Added `dataDirectory` property into `BaseActiveFixture` (leandrogehlen) - Enh #14568: Refactored migration templates to use `safeUp()` and `safeDown()` methods (Kolyunya) - Enh #14638: Added `yii\db\SchemaBuilderTrait::tinyInteger()` (rob006) - Enh #14643: Added `yii\web\ErrorAction::$layout` property to conveniently set layout from error action config (swods, cebe, samdark) - Enh #14662: Added support for custom `Content-Type` specification to `yii\web\JsonResponseFormatter` (Kolyunya) - Enh #14732, #11218, #14810, #10855: It is now possible to pass `yii\db\Query` anywhere, where `yii\db\Expression` was supported (silverfire) - Enh #14806: Added $placeFooterAfterBody option for GridView (terehru) - Enh #15024: `yii\web\Pjax` widget does not prevent CSS files from sending anymore because they are handled by client-side plugin correctly (onmotion) - Enh #15047: `yii\db\Query::select()` and `yii\db\Query::addSelect()` now check for duplicate column names (wapmorgan) - Enh #15076: Improve `yii\db\QueryBuilder::buildColumns()` to throw exception on invalid input (hiscaler) - Enh #15120: Refactored dynamic caching introducing `DynamicContentAwareInterface` and `DynamicContentAwareTrait` (sergeymakinen) - Enh #15135: Automatic completion for help in bash and zsh (Valkeru) - Enh #15216: Added `yii\web\ErrorHandler::$traceLine` to allow opening file at line clicked in IDE (vladis84) - Enh #15219: Added `yii\filters\auth\HttpHeaderAuth` (bboure) - Enh #15221: Added support for specifying `--camelCase` console options in `--kebab-case` (brandonkelly) - Enh #15221: Added support for the `--