Skip to content

Add release notes for 4.5.0 #2062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 12 commits into
base: master
Choose a base branch
from
Draft

Add release notes for 4.5.0 #2062

wants to merge 12 commits into from

Conversation

@alhambrav
Copy link
Member

Ticket reference or full description of what's in the PR

Add release notes for 4.5.0

@coderabbitai
Copy link

coderabbitai bot commented Sep 22, 2025
edited
Loading

Summary by CodeRabbit

Release Notes - Version 4.5.0

  • New Features

    • Groovy sandbox whitelists for enhanced security control
    • Serverless performance optimization using Redis/ValKey caching for S3
    • Configurable search connection pool properties

  • Enhancements

    • Improved query performance and OpenSearch caching with intelligent default filtering
    • Search queries now support square brackets and additional special characters by default

  • Bug Fixes

    • Fixed repeating group control issues
    • Resolved Studio UI breakage when searching for users with special characters

Walkthrough

Bumps documentation and Sphinx release metadata to 4.5.0, adds 4.5.0 release notes and breaking-changes entries, updates the embedded Deployer OpenAPI/Redoc spec to 4.5.0 (including minor example/text tweaks), and expands the Studio SEARCH_KEYWORDS validation regex.

Changes

Cohort / File(s) Summary
Version metadata updates
source/conf.py, source/index.rst, source/support.rst, source/release-notes/index.rst		 Updated release/last-updated/displayed version strings from 4.4.x to 4.5.0 and adjusted the supported-versions table.
Release notes: 4.5.0
source/release-notes/4-5-0.rst		 Added new 4.5.0 release notes covering features, enhancements, bug fixes, and dependency updates.
Breaking changes index update
source/release-notes/4-x-breaking-changes.rst		 Bumped last-updated to 4.5.0 and inserted a visual separator around the 4.4.3/4.4.0 sections.
Deployer API docs spec bump
source/_static/api/deployer.html		 Updated embedded OpenAPI/Redoc state and spec metadata from 4.4.4 → 4.5.0; adjusted example payloads and corrected repo_password description and minor text/formatting.
Studio reference update
source/reference/modules/studio.rst		 Bumped last-updated to 4.5.0 and expanded studio.validation.regex.SEARCH_KEYWORDS to include additional punctuation, brackets, apostrophe, and Latin characters.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested reviewers

  • sumerjabri

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)
Check name Status Explanation Resolution
Description Check ⚠️ Warning The PR description is largely incomplete despite having the required section heading. The content merely restates the title ("Add release notes for 4.5.0") without providing either a ticket reference or a fuller description of what's included in the PR. The PR objectives mention related commits and issue #8351 regarding the Studio UI search fix, but this ticket reference is absent from the description. Given the breadth of changes across multiple documentation files, the description should be more informative. Enhance the PR description by including a ticket reference (such as "Fixes #8351") and a fuller description of the changes. For example, the description should explain that this PR adds release notes for 4.5.0 and updates version numbers and documentation across the repository to reflect the release, including new features, enhancements, and bug fixes documented in the release notes file.
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (1 passed)
Check name Status Explanation
Title Check ✅ Passed The PR title "Add release notes for 4.5.0" directly relates to the primary change in the changeset—the addition of a new release notes document for version 4.5.0 (source/release-notes/4-5-0.rst). While the changeset includes supporting updates such as version bumps in configuration and documentation files, these are typical ancillary changes that accompany a release. The title is specific, clear, and accurately reflects the main objective without being misleading or vague.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cbb8b62 and 45be751.

📒 Files selected for processing (3)
  • source/index.rst (2 hunks)
  • source/release-notes/index.rst (2 hunks)
  • source/support.rst (2 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
  • source/index.rst
  • source/support.rst
🔇 Additional comments (2)
source/release-notes/index.rst (2)

2-2: Metadata version bump looks good.

The :last-updated: value correctly reflects the new 4.5.0 release.

14-14: Include directive is correctly implemented with valid referenced file.

The verification confirms that source/release-notes/4-5-0.rst exists, is well-formed reStructuredText, and contains the expected 4.5.0 release notes with proper structure including New Features, Enhancements, and Bug Fixes sections. The include directive in index.rst correctly references this file with proper ordering.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@alhambrav
Copy link
Member Author

@CodeRabbit full review

@coderabbitai
Copy link

coderabbitai bot commented Sep 22, 2025

✅ Actions performed

Full review triggered.

coderabbitai[bot]
coderabbitai bot reviewed Sep 22, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Nitpick comments (4)
source/release-notes/4-x-breaking-changes.rst (1)

26-35: Clarify default Groovy sandbox impact and mitigation

Add one line with the exact toggle/override path or property to disable/extend the allowlist per component so users can quickly unblock upgrades.

Suggested addition:

- - CrafterCMS version 4.5.0 added a whitelist for Groovy scripts ...
+ - CrafterCMS version 4.5.0 added an allowlist (whitelist) for Groovy scripts ...
+   You can extend it via per‑component configuration (e.g., studio: `studio.groovy.sandbox.whitelist.*`, engine: `engine.groovy.sandbox.whitelist.*`, deployer: `deployer.groovy.sandbox.whitelist.*`).
source/index.rst (1)

74-74: Latest version line updated

OK. Consider adding a short note linking to breaking changes for visibility.

-The latest version of CrafterCMS is `version 4.5.0 <https://craftercms.com/download>`__.
+The latest version of CrafterCMS is `version 4.5.0 <https://craftercms.com/download>`__. See :ref:`breaking-changes-4-x` before upgrading.
source/release-notes/4-5-0.rst (2)

19-23: Groovy sandbox: add quick guidance

Add a one‑sentence “How to extend the allowlist” pointer per component.

- See :ref:`Deployer Groovy Sandbox <deployer-groovy-sandbox-configuration>`, ...
+ See :ref:`Deployer Groovy Sandbox <deployer-groovy-sandbox-configuration>`, ...
+ To allow custom classes/methods, extend the sandbox allowlist in your component’s configuration.

56-57: Capitalize dependency names; optional links

Minor copy edit.

-  - Spring security to version 6.5.4
-  - Mariadb4j to version 3.1.0.5
+  - Spring Security to version 6.5.4
+  - MariaDB4j to version 3.1.0.5

Optionally link to changelogs.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5600fe4 and db61d65.

📒 Files selected for processing (8)
  • source/_static/api/deployer.html (2 hunks)
  • source/conf.py (1 hunks)
  • source/index.rst (2 hunks)
  • source/reference/modules/studio.rst (2 hunks)
  • source/release-notes/4-5-0.rst (1 hunks)
  • source/release-notes/4-x-breaking-changes.rst (3 hunks)
  • source/release-notes/index.rst (2 hunks)
  • source/support.rst (2 hunks)
🔇 Additional comments (11)
source/support.rst (1)

2-2: LGTM on metadata bump

:last-updated set to 4.5.0 looks consistent with the PR intent.

source/reference/modules/studio.rst (1)

2-2: LGTM on metadata bump

:last-updated updated to 4.5.0 aligns with this release.

source/conf.py (1)

32-32: Version bump looks good — verify 4.5.0 Javadoc is published & reachable

Location: source/conf.py:32 — release='4.5.0' flows into extlinks. I checked https://javadoc.craftercms.org/4.5.0 (index and package pages) — all returned HTTP 403 (Forbidden), not 200. Confirm the 4.5.0 Javadoc is published and publicly accessible or update extlinks / revert the bump.

source/_static/api/deployer.html (1)

413-415: Version banner correctly reflects 4.5.0

Header and displayed version are in sync.

source/release-notes/4-x-breaking-changes.rst (1)

2-2: Meta updated to 4.5.0

Good.

source/index.rst (1)

2-2: Meta bump to 4.5.0

Looks good.

source/release-notes/index.rst (2)

2-2: Meta bump to 4.5.0

OK.

14-15: Include 4.5.0 at top

Ordered correctly.

source/release-notes/4-5-0.rst (3)

24-26: Enterprise badge and cache details

Confirm the |enterpriseOnly| substitution renders and add a link to the enterprise caching doc.

- Improved startup and first page load speeds by using Redis/ValKey as a cache in front of S3.
+ Improved startup and first page load speeds by using Redis/ValKey as a cache in front of S3. See :ref:`enterprise-caching`.

30-37: Search connection pool and default filters

Good callouts; verify anchors exist.

45-49: Property name and links

Confirm the property key is exactly studio.validation.regex.SEARCH_KEYWORDS and that the referenced sections exist.

coderabbitai[bot]
coderabbitai bot reviewed Sep 23, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
source/support.rst (1)

24-28: Make series label styling consistent; confirm “Latest” policy for unreleased series.

  • Only 4.5 is a hyperlink; other series are plain text. Suggest making 4.5 plain for consistency (or link all series).

Apply to standardize styling:

-    * - `4.5 <https://craftercms.com/download>`__
+    * - 4.5

Also, confirm whether showing “Latest: 4.5.0 (TBD, 2025)” pre‑release matches your Support page policy. If not, consider “TBD” or “—” until GA.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e6fd1fe and 227373d.

📒 Files selected for processing (1)
  • source/support.rst (2 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-09-23T14:20:52.668Z 
Learnt from: alhambrav
PR: craftercms/docs#2062
File: source/release-notes/4-5-0.rst:7-7
Timestamp: 2025-09-23T14:20:52.668Z
Learning: In CrafterCMS release notes files, "Released *TBD, 2025*" placeholders are intentionally used during release preparation phase. The actual release date is only set once the product is officially released, not during the preparation phase.

Applied to files:

  • source/support.rst
🔇 Additional comments (2)
source/support.rst (2)

2-2: Version bump looks correct.
:last-updated set to 4.5.0 aligns with the new 4.5 row below.

29-33: 4.4 row: statuses should not be TBD; also, prior “Latest” issue is resolved.

  • Good: “Latest” now correctly shows 4.4.4 (resolves the earlier comment).
  • Suggest replacing “:green:TBD” with explicit statuses (likely “:green:Active”) unless you intend to set end dates.

Proposed update:

-      - :green:`TBD`
-      - :green:`TBD`
+      - :green:`Active`
+      - :green:`Active`

@alhambrav
Copy link
Member Author

Commit: 2a82cfc and db34259 for

User search with [SA] breaks Studio UI

@alhambrav
Copy link
Member Author

Commits cbb8b62 and 45be751: Updates for whitelist default https://github.com/craftersoftware/craftercms/issues/1178

@github-project-automation github-project-automation bot moved this to Todo in v4.5.0 Oct 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

pending release

Projects

v4.5.0
Status: Todo

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alhambrav @sumerjabri