Feed aggregator

This is a patch (bugfix) release of Drupal 9 and is ready for use on production sites. Learn more about Drupal 9.

Drupal 9.2.x will receive security coverage until June 2022 when Drupal 9.4.0 is released.

If you are upgrading from Drupal 8, read upgrading a Drupal 8 site to Drupal 9, 9.0.0 release notes, and the 9.2.0 release notes before upgrading to this release.

Drupal core’s JavaScript development dependencies have been updated to the latest allowed minor and patch versions to address security issues in those dependencies. This should have minimal impact on contributed or custom code and CI workflows. Core developers should completely remove their core/node_modules directory and re-run yarn install from within the core/ directory.

Search the issue queue for known issues.

This is a patch (bugfix) release of Drupal 9 and is ready for use on production sites. Learn more about Drupal 9.

Drupal 9.3.x will receive security coverage until December 2022.

If you are upgrading from Drupal 8, read upgrading a Drupal 8 site to Drupal 9, 9.0.0 release notes, and the 9.3.0 release notes before upgrading to this release.

• Drupal core's yarn dependency constraints for production dependencies have been changed to only allow patch-level updates. This allows yarn upgrades to be done easily and safely when there are security issues with the dependencies, without accidentally making disruptive updates to production dependencies. The constraints will be deliberately increased as necessary for future updates and future Drupal minor versions.

• Drupal core’s JavaScript development dependencies have been updated to the latest allowed minor and patch versions to address security issues in those dependencies. This should have minimal impact on contributed or custom code and CI workflows. Core developers should completely remove their core/node_modules directory and re-run yarn install from within the core/ directory.

• The deprecated Backbone and Underscore dependencies have received patch level updates: Backbone has been updated from 1.4.0 to 1.4.1, and Underscore has been updated from 1.13.2 to 1.13.3.

Search the issue queue for known issues.

• Issue #3278163 by xjm, nod_, lauriii: yarn upgrade for latest security vulnerabilities
• Issue #3266912 by nod_, Wim Leers, lauriii, xjm, mmjvb: Review version constraints for production yarn dependencies
• Issue #3230541 by cliddell, jday, yogeshmpawar, neclimdul, cmlara, Charlie ChX Negyesi: Queue items only reserved by cron for 1 second
• Revert "Issue #3230541 by cliddell, jday, yogeshmpawar, neclimdul, cmlara, Charlie ChX Negyesi: Queue items only reserved by cron for 1 second"
• Issue #3230541 by cliddell, jday, yogeshmpawar, neclimdul, cmlara, Charlie ChX Negyesi: Queue items only reserved by cron for 1 second
• Issue #3270709 by Shashwat Purav, Chi, apaderno: Remove reference to contextual_pre_render_placeholder() function
• Issue #3277309 by phjou, mradcliffe, benjifisher, markie: Update links to Drupal documentation pages in Umami
• Issue #2995367 by quietone, xjm, Lendude: Fix update module test fixture names for 8.2.0-rc2 sample data
• Issue #3277274 by richardrobinson, saki007ster, ApocalypticJake, bnjmnm, sjothivelu@valleywater.org, mcolebank, joshmiller, markie, mradcliffe, pilot3, W01F: Dialog css references nonexistient --color-whitesmoke css variable
• Issue #3277743 by xjm, RainbowArray: Update contributor name and username in MAINTAINERS.txt
• Issue #3228691 by Wim Leers, lauriii, nod_: Restrict allowed additional attributes to prevent self XSS
• Issue #3276974 by hooroomoo, Wim Leers: [drupalMedia] Media View Modes don't work if alignment not enabled
• Issue #3261599 by hooroomoo, Wim Leers, lauriii: Use CKEditor 5's native <ol start> support (and also support <ol reversed>)
• Issue #3277405 by Wim Leers, nod_: Update @ckeditor/ckeditor5-list to v34.0.1
• Issue #3231334 by Wim Leers, bnjmnm: Global attributes (<* lang> and <* dir="ltr rtl">): validation + support (fix data loss)
• Issue #3229078 by scott_euser, Wim Leers, hooroomoo, brentg, yogeshmpawar, catch: Unit tests for all @CKEditor5Plugin plugin classes
• Issue #3248425 by nod_, yogeshmpawar, Wim Leers, lauriii, bnjmnm, marcvangend: Ensure that all classes and functions in Drupal-specific CKEditor 5 plugins are documented
• Issue #3269085 by alexpott, larowlan, danflanagan8, Matroskeen: [random test failure] Random test fail in EntityAutocompleteTest
• Issue #3276627 by Wim Leers, hooroomoo: CKEditor5::shouldHaveVisiblePluginSettingsForm() does not correctly handle configurable CKE5 plugin that has a filter condition
• Issue #3276670 by hooroomoo, Wim Leers: Some configurations of allowed view modes cause CKE to fail to initialize
• Issue #2717921 by gaurav.kapoor, drnikki, subhashuyadav, pratik_specbee, hmendes, jhodgdon, joachim, effulgentsia, shashikant_chauhan, Wim Leers, larowlan: undocumented #has_garbage_value property of render elements
• Issue #3245720 by hooroomoo, nod_, Wim Leers, lauriii, yash.rode: [drupalMedia] Support choosing a view mode for
• Issue #3261943 by bnjmnm, lauriii, Wim Leers, andreasderijcke, ifrik: Confusing behavior after pressing "Apply changes to allowed tags" with invalid value
• Issue #3230230 by bnjmnm, johnwebdev, Wim Leers, lauriii, Anna_CKSource, Reinmar: Enable table captions; override CKE5's default downcast to generate <table><caption></table> instead of <figure><table><figcaption></figure>
• Issue #3272035 by mherchel, andy-blum: Add "linktext" and "canvastext" to cspell dictionary.
• Issue #3273056 by kmonahan, mherchel, Johnny Santos, rkoller, ckrina: Active and hover state of skip to main content has a too low color contrast
• Issue #3130305 by mherchel, cindytwilliams, bnjmnm, saschaeggi, andrewmacpherson: Ensure all of Claro's background images are visible in forced colors mode
• Issue #3269341 by mherchel, KurtTrowbridge: Claro element not rendering properly in forced colors
• Back to dev.
• Merged 9.3.12.
• Issue #3269091 by gambry, yogeshmpawar, jonathanshaw, joachim, alexpott: Undocumented behaviour for Schema::findTables() when an underscore is used
• Issue #3273325 by Dom., Wim Leers, andregp, ifrik: CKE5 and contrib: better "next action" description on upgrade path messages
• Issue #3274278 by Wim Leers, jcnventura, yogeshmpawar, andregp, bnjmnm: Migrate "codetag" contrib CKEditor 4 plugin to built-in equivalent in core's CKEditor 5