Bump craftcms/cms from 4.4.13 to 4.4.15

[dependabot[bot]]

Bumps craftcms/cms from 4.4.13 to 4.4.15.

Release notes

Sourced from craftcms/cms's releases.

4.4.15

• The control panel footer now includes a message about active trials, with a link to purchase the licenses.
• Tags fields now only show up to five suggestions. (#13322)
• The up, migrate/up, and migrate/all commands now revert any project config changes created by migrations on failure.
• The up, migrate/up, and migrate/all commands now prompt to restore the backup created at the outset of the command, or recommend restoring a backup, on failure.
• Added craft\console\controllers\BackupTrait::restore().
• Added craft\helpers\Component::cleanseConfig().
• craft\log\ContextProcessor::filterVars() now supports filtering keys using dot notation and ! negation. (#13362)
• Fixed an error that occurred when passing arguments to an element’s prev and next fields via GraphQL. (#13334)
• Fixed a bug where Single entries weren’t getting preloaded for template macros, if the template body wasn‘t rendered. (#13312)
• Fixed a bug where asset folders could get dynamically created for elements with temporary slugs. (#13311)
• Fixed a bug where Matrix fields with custom propagation methods were being marked as translatable if the rendered translation key was blank. (#13329)
• Fixed a bug where transformed images’ width or height properties could be null if the transform didn’t specify both dimensions. (#13335)
• Fixed a bug where heading UI elements within field layouts were getting a top border if they were preceeded by conditionally-hidden fields. (#13308)
• Fixed a bug where new Single sections could get URIs filled in on form submit based on the section name, if the input was blank and hadn’t been directly edited. (#13350, #13355)
• Fixed a bug where it was possible to drag items beyond the normal page scroll limits. (#13351)
• Fixed two RCE vulnerabilities.

4.4.14

• The utils/fix-field-layout-uids command now adds missing field layout component UUIDs.
• The _includes/forms/date and _includes/forms/time templates now accept a timeZone variable.
• Invalid utility URLs now redirect to the first permitted utility (besides “Updates”). (#13282)
• Fixed an error that could occur when updating a plugin with the craft update command, if it provided a new migration but still had the same schema version.
• Fixed an error that occurred when rendering editable tables with Date or Time columns. (#13270)
• Fixed a bug where CSS classes that contained a pseudo-selector weren’t getting namespaced. (#13251)
• Fixed a JavaScript error that could occur when renaming assets without URLs. (#13223)
• Fixed a bug where craft\base\Element::setFieldValuesFromRequest() wasn’t properly handling empty strings passed as the namespace. (#13252)
• Fixed a styling issue with control panel notifications. (#13258)
• Fixed a bug where element thumbnails could stop getting loaded when quickly switching between element sources. (#13253)
• Fixed an error that occurred when uploading an asset with a filename over 232 characters long, directly to an Assets field. (#13264)
• Fixed an error that occurred when transforming an image with a filename over 232 characters long. (#13266)
• Fixed a SQL error that could occur when upgrading to 4.4 on PostgreSQL, if the database was converted from MySQL. (#12855)
• Fixed a bug where craft\db\Query::collect() was returning a craft\elements\ElementCollection instance.
• Fixed a SQL error that could occur when upgrading to Craft 4 if any database tables had foreign keys to entryversions or other now-unused tables that are removed during the upgrade.
• Fixed a bug where the users/save-user action wasn’t including user details in successful responses. (#13267)
• Fixed a PHP error that occurred if an asset without a dateModified value was passed to craft\helpers\Assets::revParams(). (#13268)
• Fixed a bug where the Updates utility’s heading wasn’t reflecting updates that were blocked due to an expired plugin. (#13274)
• Fixed a bug where element deletion events weren’t getting triggered when elements were hard-deleted from an element index. (#13280)
• Fixed a bug where dropdowns within editable tables had blank optgroup labels. (#13298)
• Fixed a bug where textual cells within editable tables would display [object Object] if an object was passed as their value. (#13303)

Changelog

Sourced from craftcms/cms's changelog.

4.4.15 - 2023-07-03

• The control panel footer now includes a message about active trials, with a link to purchase the licenses.
• Tags fields now only show up to five suggestions. (#13322)
• The up, migrate/up, and migrate/all commands now revert any project config changes created by migrations on failure.
• The up, migrate/up, and migrate/all commands now prompt to restore the backup created at the outset of the command, or recommend restoring a backup, on failure.
• Added craft\console\controllers\BackupTrait::restore().
• Added craft\helpers\Component::cleanseConfig().
• craft\log\ContextProcessor::filterVars() now supports filtering keys using dot notation and ! negation. (#13362)
• Fixed an error that occurred when passing arguments to an element’s prev and next fields via GraphQL. (#13334)
• Fixed a bug where Single entries weren’t getting preloaded for template macros, if the template body wasn‘t rendered. (#13312)
• Fixed a bug where asset folders could get dynamically created for elements with temporary slugs. (#13311)
• Fixed a bug where Matrix fields with custom propagation methods were being marked as translatable if the rendered translation key was blank. (#13329)
• Fixed a bug where transformed images’ width or height properties could be null if the transform didn’t specify both dimensions. (#13335)
• Fixed a bug where heading UI elements within field layouts were getting a top border if they were preceded by conditionally-hidden fields. (#13308)
• Fixed a bug where new Single sections could get URIs filled in on form submit based on the section name, if the input was blank and hadn’t been directly edited. (#13350, #13355)
• Fixed a bug where it was possible to drag items beyond the normal page scroll limits. (#13351)
• Fixed two RCE vulnerabilities.

4.4.14 - 2023-06-13

• The utils/fix-field-layout-uids command now adds missing field layout component UUIDs.
• The _includes/forms/date and _includes/forms/time templates now accept a timeZone variable.
• Invalid utility URLs now redirect to the first permitted utility (besides “Updates”). (#13282)
• Fixed an error that could occur when updating a plugin with the craft update command, if it provided a new migration but still had the same schema version.
• Fixed an error that occurred when rendering editable tables with Date or Time columns. (#13270)
• Fixed a bug where CSS classes that contained a pseudo-selector weren’t getting namespaced. (#13251)
• Fixed a JavaScript error that could occur when renaming assets without URLs. (#13223)
• Fixed a bug where craft\base\Element::setFieldValuesFromRequest() wasn’t properly handling empty strings passed as the namespace. (#13252)
• Fixed a styling issue with control panel notifications. (#13258)
• Fixed a bug where element thumbnails could stop getting loaded when quickly switching between element sources. (#13253)
• Fixed an error that occurred when uploading an asset with a filename over 232 characters long, directly to an Assets field. (#13264)
• Fixed an error that occurred when transforming an image with a filename over 232 characters long. (#13266)
• Fixed a SQL error that could occur when upgrading to 4.4 on PostgreSQL, if the database was converted from MySQL. (#12855)
• Fixed a bug where craft\db\Query::collect() was returning a craft\elements\ElementCollection instance.
• Fixed a SQL error that could occur when upgrading to Craft 4 if any database tables had foreign keys to entryversions or other now-unused tables that are removed during the upgrade.
• Fixed a bug where the users/save-user action wasn’t including user details in successful responses. (#13267)
• Fixed a PHP error that occurred if an asset without a dateModified value was passed to craft\helpers\Assets::revParams(). (#13268)
• Fixed a bug where the Updates utility’s heading wasn’t reflecting updates that were blocked due to an expired plugin. (#13274)
• Fixed a bug where element deletion events weren’t getting triggered when elements were hard-deleted from an element index. (#13280)
• Fixed a bug where dropdowns within editable tables had blank optgroup labels. (#13298)
• Fixed a bug where textual cells within editable tables would display [object Object] if an object was passed as their value. (#13303)

Commits

• 273dfd3 Merge branch 'release/4.4.15' into main
• d63c37c Finish 4.4.15
• e6efb5b Merge branch 'v3' of https://github.com/craftcms/cms into develop
• 969a457 Finish 3.8.15
• d7c68f9 Merge pull request #13378 from craftcms/t9n/develop
• 9122d29 New translations app.php (Norwegian Bokmal)
• 1b64c8c New translations app.php (German, Switzerland)
• bdbae22 New translations app.php (French, Canada)
• 0375795 New translations app.php (English, United Kingdom)
• 07901c4 New translations app.php (Thai)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.