CakePHP官网安全更新（2023-09-29）

安全更新

The CakePHP core team is happy to announce the immediate availability of CakePHP 5.0.1. This is a maintenance release for the 5.0 branch that fixes several community reported issues and a minor security related fix..<br/><br/>Bugfixes<br/>--------<br/><br/>You can expect the following changes in 5.0.1. See the [changelog](https://github.com/cakephp/cakephp/compare/5.0.0...5.0.1) for every commit.<br/><br/>* Allow ``FormProtection`` component to have its session id source customized in subclasses.<br/>* Fixed potential email address manipulation if unvalided address data was set into ``Cake\Mailer\Message``. Thank you to Waldemar Bartikowski who reported the issue via our security mailing list.<br/>* Fixed errors arising from plugin helpers being loaded within other plugin helpers, when the parent helper is loaded without a plugin scope.<br/>* ``PaginatedResultSet`` is not ``JsonSerializable``.<br/>* Replaced usage of ``include_once`` when ``Application`` loads plugin configuration.<br/>* Fixed broken links in API documentation links to MDN.<br/>* ``View::getConfig()`` is now public.<br/>* ``ORM\Marshaller::one()`` now uses ``newEmptyEntity()`` improving compatibility with subclass implementations.<br/>* Adding methods with ``getMockForModel()`` is deprecated because of changes in PHPUnit.<br/>* Fixed ``Cake\Http\Client`` cookie parsing with invalid values that lack both a value and ``=`` delimiter.<br/>* ``Collection\SortIterator`` is now compatible with ``Chronos`` types.<br/>* Fixed source line attribution in the ``dd()`` method.<br/>* Fixed ``defaults`` being mutated in ``DashedRoute`` and ``InflectedRoute`` after ``match()`` is called.<br/><br/><br/>Contributors to 5.0.1<br/>----------------------<br/><br/>Thank you to all the contributors that helped make this release happen:<br/><br/>* ADmad<br/>* Jorge González<br/>* Kevin Pfeifer<br/>* Mark Scherer<br/>* Mark Story<br/>* andrii-pukhalevych<br/>* breno<br/>* othercorey<br/>* wowDAS Ing. Markus<br/><br/>As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.

CakePHP是一个运用了诸如ActiveRecord、Association Data Mapping、Front Controller和MVC等著名设计模式的快速开发框架

暂无

暂无

暂无

https://github.com/cakephp/cakephp/releases/tag/5.0.1