This issue is currently postponed on:

1. Bots having PHP instances that can fully support AVIF files - currently the bots' PHP, 8.1 and 8.2, cannot save files via imageavif(), the (bundled?) GD library is missing an appropriate codec supporting the write. (Also see https://bugs.php.net/bug.php?id=81217 , https://github.com/php/php-src/pull/7526 )

Problem/Motivation

AVIF image file format is getting traction in browsers' support.

This issue is proposing to implement support to this image format in Drupal core's GD Toolkit.

Done:

• libgd should support the AVIF format - DONE, first release supporting is 2.3.2, released on: March 6, 2021
• a PHP version supporting an IMAGETYPE_AVIF constant - upstream PR https://github.com/php/php-src/pull/5127 - supported with PHP 8.1
• a DrupalCI testbot container should be available for testing.
• #3239935: Refactor ToolkitGdTest
• a bot with a PHP 8.1. instance compiled with libavif support
• a PHP 8.2 bot to test getimagesize() on AVIF
• #3116611: Add a requirements check for GD support of allowed image types

Proposed resolution

Extend the GD toolkit to support AVIF too.

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

At present we have core's 7.x branch set up to run automated tests with the following configs:

PHP 5.3 & MySQL 5.5
PHP 5.4 & MySQL 5.5
PHP 5.5 & MySQL 5.5
PHP 5.6 & MySQL 5.5
PHP 7.1 & MySQL 5.5
PHP 7.2 & MySQL 5.5
PHP 7 & MySQL 5.5 issue testing default

We need to review and update this.

For new versions of PHP and MySQL:

• When the branch passes under PHP 7.3 we should add that. See: #3012308: D7: Fully support PHP 7.3
• When the PHP 7.4 is released, and the branch passes we should add that. See: #3081386: [META] Fully support PHP 7.4 in Drupal 7
• When the branch passes with MySQL 8 we should add that. See: #2978575: Mysql 8 Support on Drupal 7

According to https://www.drupal.org/docs/7/system-requirements/php-requirements :

The minimum recommended PHP version for Drupal 7 is PHP 7.1.x (until it's official end-of-life at 1 Dec, 2019).

So we should update the issue testing default to PHP 7.1, and probably change that again to PHP 7.2 after 7.1's EOL.

According to https://www.php.net/supported-versions.php all versions of PHP 5 are now EOL, and so is PHP 7.0. Do we need to keep any of these enabled in our automated testing? Probably yes in at least some cases. For reference, D8 still has PHP 5.5, 5.6 and 7.0 enabled.

For MySQL, https://www.drupal.org/docs/7/system-requirements/database-server seems quite out-of-date for Drupal 7 - it mentions:

Drupal 7 supports MySQL 5.0.15/MySQL 5.1.30/MariaDB 5.1.44/Percona Server 5.1.70 or higher

https://en.wikipedia.org/wiki/MySQL#Release_history suggests that MySQL 5.5 is now EOL.

What versions of MySQL 5.x should we be testing against? D8 still has 5.5 enabled, but different branches also have combinations of 5.6 and 5.7 enabled.

Problem/Motivation

We have quite some subform issues.

Proposed resolution

Let's crosslink them to coordinate efforts.

Remaining tasks

Do it, coordinate here, do specific stuff in subtickets.

Problem/Motivation

When a form embeds a subform (see https://www.drupal.org/node/2774077 for a background), the parent form should explicitly call the subform validators. That means the parent form must be aware about subform details. But it's possible that, as the code evolves, a 3rd-party module is adding more validators to the subform, by implementing form alters. Then the parent form is out-of-sync and will perform only some validations on subform.

The attached test shows that, when calling the main subform validation, the other validators are ignored.

Proposed resolution

Implement a method to rule all subform validations once. Where? To be defined...

Remaining tasks

None.

User interface changes

None.

API changes

TBD.

Data model changes

None.

Release notes snippet

TBD.

Main objective

We want to simplify the front-end development workflow, and improve maintainability of core and contrib themes.

For that we will:

• Reduce the number of framework implementation details required to put templated HTML, CSS, and JS in a Drupal page.
• Define explicit component APIs, and provide a methodology to replace a component provided upstream (in a parent theme or module).

Goals

1. HTML markup in core components can be changed without breaking BC.
2. CSS and JS for a component is scoped to the component and automatically attached to it.
3. CSS and JS for a component provided by core can be changed without breaking BC.
4. Components can be provided by any module and/or theme, and then overridden explicitly or using theme specificity rules.
5. All the code necessary to render a component is in the component directory.
6. Components declare their props explicitly. Component props are the API of the component.
7. Rendering a component in Twig uses the familiar include/embed syntax, with support for Twig blocks (slots).
8. Facilitate the implementation of component libraries for design systems of themes.
9. Provide an optional way to document components.

Architecture

The main concept is the component directory. Everything related to the component will be stored in that directory.

A directory becomes a component directory if it meets the following criteria:

• Contains a component definition file: my-component.component.yml
• Contains, at least, a Twig file with the name of the component: my-component.twig.
• It is stored in a module or a theme directory under "templates/components". Components directories can reside in nested directories for organization, but never inside another component directory.

Discovery

Components are plugins. The parsed component definition file (my-component.component.yml) constitutes the plugin definition. The plugin discovery will scan all modules and themes that contain a /templates/components directory recursively using the existing YamlDirectoryDiscovery (using a recursive filtered iterator).

Automatic libraries

Each component will declare a library automatically with the CSS and JS assets contained in the component directory. This library will be attached to the page automatically when the component is rendered. This means that front-end developers no longer need to learn about declaring libraries, and how to attach them to the page.

It will be possible to override the automatically defined libraries when more control over its definition is needed.

Component negotiation

Including a component in a Twig template looks like this:

{{ include('my-component', {
  prop1: content.field_foo
}) }}

When Drupal encounters this it will search for all the components with a machine name 'my-component'. The negotiation will choose the component with the following priority rules.

1. The component is in the active theme.
2. The component is in one of the base themes of the active theme. The closer in the inheritance chain, the more priority.
3. The component is in a module.

This intentionally matches the priority rules used for templates sharing the same name.

If the developer wants to skip the negotiation step, they can include the provider in the template name:

{{ include('olivero:my-component', {
  prop1: content.field_foo
}) }}

Component replacement

Themes and modules can replace components provided by other themes and modules.

Themes can replace a component by copy & paste of the original component in a location that has higher priority (see Component negotiation). Themes can replace components provided either by modules or by themes which they extend.

Modules can replace components provided by other modules by copy & paste of the original component and explicitly stating it with the "replaces" property in the component definition file (my-component.component.yml). Example, the node module wants to replace "my-component" originally provided by system. node/templates/components/foo/bar/my-component/my-component.component.yml needs to contain: replaces: 'system:my-component'

Additional considerations

We decided against always prefixing components with the provider. This will better reflect the developer's decision of embedding a component leveraging the negotiation rules. Adding the provider in front will have the effect of including the component as defined in the specified provider.

We thought it would be confusing to allow writing {{ include('system:my-component') }} yet render the my-component as defined in a sub-theme of Olivero, so we decided against it.

No prefix when including/embedding means "let the negotiation decide the component to render". Adding the prefix will skip negotiation entirely.

Edge cases

PHP code

Some PHP code is very relevant to how a component renders. As a general rule, we want all the code pertinent to how a component renders encapsulated in the component directory.

This means that we will support the my-component.php file inside of the component directory. We will only allow certain "component hooks" in this file. Component hooks are very similar to regular hooks but they can only affect their components.

Initially we will only allow pre-process component hooks.

Multiple module replacements

If two different modules replace the same component, the module with the lowest weight will take precedence over the one with the highest priority. If two modules have the same priority, then the one that comes first alphabetically will take precedence. This is not ideal, yet common in the framework.

Follow-up tasks

• Per #3313520-26: Single directory components in core and #3313520-28: Single directory components in core, create a child issue for discussing incorporation of this concept into entity bundle classes per #3313520-25: Single directory components in core.

Problem/Motivation

At time to test I got:

Behat\Testwork\Call\Exception\CallErrorException: 8192: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated in /var/www/html/web/core/lib/Drupal/Core/Mail/Plugin/Mail/PhpMail.php

in PhpMail.php 80 and 112 lines can be the reasons.

Steps to reproduce

run
$ drush status-report

Proposed resolution

Valid the values befor to call to strpos function

Found this pre-existing issue while testing #3254202: Remove IE11 Support from Claro

"Spinner" loading icon not vertically aligned properly

Problem/Motivation

Menu item is not removed after deleting feed types

Problem/Motivation

#2997123: Cacheability of normalized computed fields' properties is not captured during serialization added the ability for computed field properties to contribute cacheable metadata to the normalization. However, entity reference fields are treated totally different by json:api module, since they must be converted to a "Relationship object" which references a UUID and resource type. As a result, there is no way for computed ER fields to express cache metadata.

Updated: We must also account for cacheability of empty fields.

Steps to reproduce

Create a computed ER field on an entity and observe it cannot vary by cache tags, context or TTL.

Proposed resolution

Use similar logic to the recently-added feature set, but for ER fields. We can use ResourceIdentifier::getDataReferencePropertyName() to be consistent.

Remaining tasks

Extend test coverage.

User interface changes

None.

API changes

None... well, we potentially change the visibility of the helper static method for getting the data reference property.

Data model changes

None.

Release notes snippet

TBD.

Original report

Hi,

I'm having an issue with a computed field (entity reference type) being displayed on JSON:API resources. The problem is that it's always cached, although it should change as I change for ex. categories or tags.

What I want is to have a computed/virtual field with similar articles for given article (depending on common categories and tags). For retrieving similar articles I use module called Similar By Terms => https://www.drupal.org/project/similarterms I want these similar articles to be outputted on JSON:API resources... and it works good, but it's cached all the time.

Here's my code:

function my_module_entity_bundle_field_info_alter(array &$fields, EntityTypeInterface $entityType, string $bundle): void {
  if ($entityType->id() === 'node'&& $bundle === 'article') {
    $fields['field_similar_articles'] = BaseFieldDefinition::create('entity_reference')
      ->setName('field_similar_articles')
      ->setLabel('Similar articles')
      ->setTargetEntityTypeId('node')
      ->setTargetBundle('article')
      ->setComputed(TRUE)
      ->setRevisionable(FALSE)
      ->setTranslatable(FALSE)
      ->setCardinality(FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED)
      ->setClass(SimilarArticlesComputedField::class);
  }
}

class SimilarArticlesComputedField extends EntityReferenceFieldItemList {

  use ComputedItemListTrait;

  protected function computeValue(): void {
    $similarArticles = <array of articles' entities get from the view>

    foreach ($similarArticles as $key => $similarArticle) {
      $this->list[$key] = $this->createItem($key, $similarArticle);
    }
  }

}

As I said, JSON:API resource displays field_similar_articles field correctly, but when I change some article's category or tag then output of this field in JSON:API resource should change as well, but it's not.

Let's say there is Article 1, 2, 3, 4 and 5.

Article 2, 3 and 4 are similar articles to the Article 1 (because they share common tags/categories).

When I go to this resources /jsonapi/node/article/{article-1-uuid} then I can see Article 2, 3 and 4 in section field_similar_articles and also in included section.

So far, so good.

But then, let's say that I delete tags and categories for Article 2 and once again go to the upper mentioned resource... I still can see Article 2, 3 and 4 in section field_similar_articles... but Article 2 should not be there. What's interesting, in the included section Article 2 disappears, which is good.

Could you please tell me what I can do about it ... and will it be possible after applying this patch (I'm using Drupal ver 9.2.10) from this issue?

Problem/Motivation

MySQL and MariaDb (sort of) supports JSON fields.

We don't have the type defined in \Drupal\Core\Database\Driver\mysql\Schema::getFieldTypeMap() which makes working with them trickier than it should be.

There's https://www.drupal.org/project/json_field but if you use that and then try to use the DbDumpCommand it breaks because we're missing information in the schema type map.

Proposed resolution

Add the information to the schema type map.

Remaining tasks

Add a test.

User interface changes

None

API changes

None

Data model changes

None

Release notes snippet

In the docs for drupal_attach_tabledrag() it mentions

In a more complex case where there are several groups in one column (such as the block regions on the admin/structure/block page), a separate subgroup class must also be added to differentiate the groups.

I've been trying to get that working with minimal additional JS and I think I might've uncovered some bugs in tabledrag. When trying to use subgroups I was finding that dragging a row from one group into the other didn't seem to copy the subgroup class across correctly.

In #2489826: tabledrag is broken (dcf9ab4) some changes were made to some tabledrag jQuery selectors. I think the changes were meant to be functionally equivelent, just a little more efficient, eg:

-    var $indentationLast = $item.find('td').eq(0).find('.js-indentation').eq(-1);
+    var $indentationLast = $item.find('td:first-of-type').find('.js-indentation').eq(-1);

IIUC the starts of both of those lines basically do the same thing - grab the first td. But there are some other situations where I think the behaviour changed, and I wonder if that was unintentional.

1. --- a/core/misc/tabledrag.js
   +++ b/core/misc/tabledrag.js
   @@ -718,7 +718,7 @@
            // take into account hidden rows. Skip backwards until we find a draggable
            // row.
            while ($row.is(':hidden') && $row.prev('tr').is(':hidden')) {
   -          $row = $row.prev('tr').eq(0);
   +          $row = $row.prev('tr:first-of-type');
              row = $row.get(0);
            }
            return row;
   

   In this case $row.prev('tr:first-of-type') will only return a value if the previous row is also the first row in the table, rather than iterating each previous row. I've reverted that in the patch, but I wonder if the whole while block is redundant: $row is set from $(this.table.tBodies[0].rows).not(':hidden') at the start of findDropTargetRow(). Should it just be removed?

2. @@ -766,9 +766,9 @@
        }
        // Siblings are easy, check previous and next rows.
        else if (rowSettings.relationship === 'sibling') {
   -      $previousRow = $changedRow.prev('tr').eq(0);
   +      $previousRow = $changedRow.prev('tr:first-of-type');
          previousRow = $previousRow.get(0);
   -      var $nextRow = $changedRow.next('tr').eq(0);
   +      var $nextRow = $changedRow.next('tr:first-of-type');
          var nextRow = $nextRow.get(0);
          sourceRow = changedRow;
          if ($previousRow.is('.draggable') && $previousRow.find('.' + group).length) {
   

   This is what caused the original problem and prevented the weight subgroup class being copied over when moving a row into a different group. As before it's looking for the previous row using first-of-type and in this case it means the source row for sibling relationships isn't correctly set. The patch should fix and test this.

3. @@ -811,7 +811,7 @@
            // Use the first row in the table as source, because it's guaranteed to
            // be at the root level. Find the first item, then compare this row
            // against it as a sibling.
   -        sourceRow = $(this.table).find('tr.draggable').eq(0).get(0);
   +        sourceRow = $(this.table).find('tr.draggable:first-of-type').get(0);
            if (sourceRow === this.rowObject.element) {
              sourceRow = $(this.rowObject.group[this.rowObject.group.length - 1]).next('tr.draggable').get(0);
            }
   

   The original line found the first row with the draggable class but the modified version looks for a row which is both the first and has the draggble class. This causes an issue with field_group on a table with a non-draggable first row: #3085858: Drag and drop acts weird, sometimes not resetting the parent, or even clearing the region value. The patch should fix and test this.
   

This is my first time touching tabledrag so careful review welcome :p

Also it's quite an old commit that introduced this, I know tabledrag is used in lots of places, so I'm not sure if I'm just missing something obvious... (:

Remaining tasks

• Decide whether the first JS block above should be removed entirely.
• Should this be split up into multiple tickets with more meaningful names?

Problem/Motivation

Over in #3232699: SQLite schema introspection implementation struggles with NULL default values we're fixing some SQLite default value bugs and the fact that MySQL 5.7 doesn't support default values for blob, text and json fields came to light. Drupal has gone through quite a bit of pain over the years with this. See:

• #1747358: set 'initial' by default for text field
• #300971: Longtexts cannot have default values (install.php fatal error)
• #299292: Defaults on text fields prevent installation (HEAD installation is broken)

The good news is that MySQL changed its handling of default values to allow blob, text or JSON in 8.0.13: https://dev.mysql.com/doc/refman/8.0/en/data-type-defaults.html (thanks @longwave for this info).

The bad news is that according to the docs...

The BLOB, TEXT, GEOMETRY, and JSON data types can be assigned a default value only if the value is written as an expression, even if the expression value is a literal:

This is permitted (literal default specified as expression):

CREATE TABLE t2 (b BLOB DEFAULT ('abc'));

This produces an error (literal default not specified as expression):

CREATE TABLE t2 (b BLOB DEFAULT 'abc');

So we're going to need to fix up \Drupal\Core\Database\Driver\mysql\Schema::createFieldSql() to cope with this.

Steps to reproduce

Do something like...

    // Create the table.
    $table_specification = [
      'description' => 'Test table.',
      'fields' => [
        'column1'  => [
          'type' => 'int',
          'default' => NULL,
        ],
        'column2'  => [
          'type' => 'text',
          'default' => 'a literal value',
        ],
      ],
    ];
    $schema->createTable('test table', $table_specification);

Proposed resolution

Fix up \Drupal\Core\Database\Driver\mysql\Schema::createFieldSql() to cope with this.
Determine what to do about MySQL 5.7. Default values on text fields is supported by the other db engines we support.

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

Problem/Motivation

While playing with lazy loading attribute that is coming from Drupal core and our own implementation in #3060605: Support lazy loading of images @sasanikolic noticed that responsive image tag is missing width and height attribute. Why is Drupal core is not setting these attributes for lazy image loading which basically disable lazy loading for all responsive images? The short answer is that responsive images are more complicated. And it still needs to be implemented.

I've read quite a bit of info related to lazy loading and images and responsive images in the next resources:

• https://www.smashingmagazine.com/2020/03/setting-height-width-images-imp...
• https://github.com/whatwg/html/pull/4952
• https://bugs.chromium.org/p/chromium/issues/detail?id=979891
• https://bugzilla.mozilla.org/show_bug.cgi?id=1547231
• https://bugs.webkit.org/show_bug.cgi?id=201641

In short, at least as I understand, the problem with lazy loading and responsive images was that in one moment browsers were not properly supporting width/height attributes when images were lazy-loaded. So the browsers were not able to calculate the aspect ratio of images and show image area while image was still loading - and this resulted in recalculating page layout on image load. However, this should be fixed in most or all browsers now and this combination should work.

Proposed resolution

• Add width and height attributes to the responsive image tag.
• Add an option to toggle the loading="lazy/eager" option in the picture field formatter. For this, see the great work being done in #3173180: Add UI for 'loading' html attribute to images. We should model a similar result for picture.

A UI toggle is needed in this issue. We've learned a few things since loading="lazy" has started to be heavily used. Mainly, always enabling it negatively affects the page's LCP score. See https://web.dev/lcp-lazy-loading/ for an exhaustive description of the problem.

Remaining tasks

We want to avoid browser reflow if loading=lazy is configured.

From #13:
The HTML spec has very recently been updated to allow for width and height attributes to be set on source elements:

https://github.com/whatwg/html/issues/4968
https://twitter.com/zcorpan/status/1365046132401913861
https://twitter.com/jensimmons/status/1365066057774493697

Current browsers implementation:

• https://groups.google.com/a/chromium.org/g/blink-dev/c/GEjjJE0LCnM/m/0p8... state: "this has landed and will ship in Chrome 90. Christian On Thu, Feb 18, 2021"
• Firefox has open issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1694741 (linked from https://github.com/mozilla/standards-positions/issues/485)
• Safari has a closed (merged) issue https://bugs.webkit.org/show_bug.cgi?id=222368

As of Oct 5th, 2021, it looks like FF is the only major browser not currently supporting this. Safari and Chrome already do.

The image dimensions are always provided. The srcset attribute only supports a single set of dimensions. These
dimensions reflect the real size but all images should follow the same
image size ratio. If using sizes and art direction, that might not be true.
For image styles, that is less of a concern because specifying image
density should already require that all images are the same image size
ratio. One could argue that providing wrong dimensions for sizes attribute
is bad for art direction. But having some image size to calculate ratio
is better than providing nothing. Ergo, we provide dimensions in all cases
even though they might be wrong in some edge scenarios.

These image dimensions are used by the browser to calculate the size and render a placeholder. This avoids content shift on page load. If someone decided to use lazy loading and art direction, they should not use sizes attribute. But rather image styles and specify the image dimensions. Because if they don't then they could conceivably experience some content shift issues.

User interface changes

Minor wording change due to #137:

See #237 for more details about this mild regression:

With patch:

Without patch:

API changes

None.

Data model changes

None.

Problem/Motivation

Symfony's Response class has a setContent() method. This is equivalent to passing the content of the response in the constructor.

It means you can do things like create a HtmlResponse, call addCacheableDependency() on it in the same part of the code as where entities are being loaded, and then finally do setContent() at the end. This improves readability and maintainability of the code.

ResourceResponse uses ResourceResponseTrait to store the JSON data for the response in the $responseData property. The trait has a getResponseData() method, but no setResponseData().

This doesn't follow the same pattern as the base class and makes it harder to work with.

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

New method on ResourceResponse and ResourceResponseTrait.

Data model changes

Release notes snippet

In our use case we have two seach_api index sett-ups; one for local development and one for staging / produdction.

On deployment we use drush cset search_api.server.index status false to select the appropiate configuration.

This works fine for trash and rebuild on the local development machines, but when the configuration in imported on the persitent environments the following error is produced:

Notice: Undefined index: uuid in Drupal\Core\Config\StorageComparer->addChangelistUpdate() (line 262 of docroot/core/lib/Drupal/Core/Config/StorageComparer.php)
#0 docroot/core/includes/bootstrap.inc(548): _drupal_error_handler_real(8, 'Undefined index...', '/mnt/www/html/h...', 262, Array)
#1 docroot/core/lib/Drupal/Core/Config/StorageComparer.php(262): _drupal_error_handler(8, 'Undefined index...', '/mnt/www/html/h...', 262, Array)
#2 docroot/core/lib/Drupal/Core/Config/StorageComparer.php(206): Drupal\Core\Config\StorageComparer->addChangelistUpdate('')
#3 docroot/core/modules/config/src/Form/ConfigSync.php(181): Drupal\Core\Config\StorageComparer->createChangelist()
#4 [internal function]: Drupal\config\Form\ConfigSync->buildForm(Array, Object(Drupal\Core\Form\FormState))
#5 docroot/core/lib/Drupal/Core/Form/FormBuilder.php(514): call_user_func_array(Array, Array)
#6 docroot/core/lib/Drupal/Core/Form/FormBuilder.php(271): Drupal\Core\Form\FormBuilder->retrieveForm('config_admin_im...', Object(Drupal\Core\Form\FormState))
#7 docroot/core/lib/Drupal/Core/Controller/FormController.php(74): Drupal\Core\Form\FormBuilder->buildForm(Object(Drupal\config\Form\ConfigSync), Object(Drupal\Core\Form\FormState))
#8 [internal function]: Drupal\Core\Controller\FormController->getContentResult(Object(Symfony\Component\HttpFoundation\Request), Object(Drupal\Core\Routing\RouteMatch))
#9 docroot/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(123): call_user_func_array(Array, Array)
#10 docroot/core/lib/Drupal/Core/Render/Renderer.php(574): Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}()
#11 docroot/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(124): Drupal\Core\Render\Renderer->executeInRenderContext(Object(Drupal\Core\Render\RenderContext), Object(Closure))
#12 docroot/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(97): Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->wrapControllerExecutionInRenderContext(Array, Array)
#13 [internal function]: Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}()
#14 /mnt/www/html/hiscoxukstg/vendor/symfony/http-kernel/HttpKernel.php(144): call_user_func_array(Object(Closure), Array)
#15 /mnt/www/html/hiscoxukstg/vendor/symfony/http-kernel/HttpKernel.php(64): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1) #16 docroot/core/lib/Drupal/Core/StackMiddleware/Session.php(57): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#17 docroot/core/lib/Drupal/Core/StackMiddleware/KernelPreHandle.php(47): Drupal\Core\StackMiddleware\Session->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#18 docroot/core/modules/page_cache/src/StackMiddleware/PageCache.php(99): Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#19 docroot/core/modules/page_cache/src/StackMiddleware/PageCache.php(78): Drupal\page_cache\StackMiddleware\PageCache->pass(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#20 docroot/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(47): Drupal\page_cache\StackMiddleware\PageCache->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#21 docroot/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(50): Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#22 /mnt/www/html/hiscoxukstg/vendor/stack/builder/src/Stack/StackedHttpKernel.php(23): Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#23 docroot/core/lib/Drupal/Core/DrupalKernel.php(652): Stack\StackedHttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
#24 docroot/index.php(19): Drupal\Core\DrupalKernel->handle(Object(Symfony\Component\HttpFoundation\Request))
#25 {main}.

In a content-moderated node, there is a multi-valued file field. Whatever state the node is in, whenever editing it, I can upload a file for the first time, but always fail afterwards. And there is a log message:
InvalidArgumentException: The state '' does not exist in workflow. in Drupal\workflows\Plugin\WorkflowTypeBase->getState() (line 155 of /var/www/myproject/web/core/modules/workflows/src/Plugin/WorkflowTypeBase.php).

Edit: not only multi-valued file field, but also the single-valued image field.

Problem/Motivation

⚠️ Discovered while reviewing #3312442: Make ready for ckeditor5, which is updating the ckeditor_bidi module to support CKEditor 5 and provide an automatic upgrade path.

There are two places where we do

$end = $can_access_dblog ?
…

in SmartDefaultSettings.

But only the first is preceded by $can_access_dblog = ($this->currentUser->hasPermission('access site reports') && $this->moduleHandler->moduleExists('dblog'));. The second will crashSmartDefaultSettings if the first case wasn't also hit.

This went unnoticed until now because the first case happens in this if-test:

      if (!empty($plugins_enabled) || !$source_editing_additions->allowsNothing()) {

and the second happens in this if-test:

      // Generate warning for:
      // - The addition of <p>/<br> due to them being fundamental tags.
      // - The addition of other tags/attributes previously unsupported by the
      //   format.
      if (!$missing_fundamental_tags->allowsNothing() || !empty($attributes_to_tag) || !empty($added_tags)) {

In Drupal core, the second never happens without the first also happening, because we worked hard to never run into the case of additional attributes or tags being enabled on the text format: if that were to happen, it'd mean that we wouldn't be able to granularly match the HTML enabled for CKEditor 4 plugins!

But … contrib can be different of course: it's possible that it will be less granular in its upgrade path (and hence require supporting additional tags, attributes or attribute values).

Furthermore, it's possible Drupal 9 sites using CKEditor 4 are misconfigured: if the allowed_html is not in sync with the functionality allowed by CKEditor 4, it's possible they did not notice, the upgrade to CKEditor 5 would then automatically fix things for them. Which would then also trigger this warning:

Warning: Undefined variable $can_access_dblog in Drupal\ckeditor5\SmartDefaultSettings->computeSmartDefaultSettings() (line 375 of core/modules/ckeditor5/src/SmartDefaultSettings.php)

Steps to reproduce

See test.

This bug was introduced in #3245967: Messages upon switching to CKEditor 5 are overwhelming.

Proposed resolution

Fix.

Remaining tasks

Review.

User interface changes

None.

API changes

None.

Data model changes

None.

Release notes snippet

N/A

Problem/Motivation

In #3215784: [META] Fix up topics to use new help_route_link function, the patch was too large and too burdensome to review, so the issue was re-scoped and child issues created. The patches in #58 (9.5.x) and #61 (10.1.x) can be used as a reference.

On #3090659: Make a way for help topics to generate links only if they work and are accessible, we've added two new functions for making safe links with access checks in help topics.
Related change record is https://www.drupal.org/node/3192582

As an example, this is how the block.place.html.twig file was updated in the patch on that issue (that was the only production topic that was updated):

-{% set layout_url = render_var(url('block.admin_display')) %}
+{% set layout_link_text %}
+{% trans %}Block layout{% endtrans %}
+{% endset %}
+{% set layout_link = render_var(help_route_link(layout_link_text, 'block.admin_display')) %}
 
...

-  <li>{% trans %}In the <em>Manage</em> administrative menu, navigate to <em>Structure</em> &gt; <a href="{{ layout_url }}"><em>Block layout</em></a>.{% endtrans %}</li>
+  <li>{% trans %}In the <em>Manage</em> administrative menu, navigate to <em>Structure</em> &gt; {{ layout_link }}.{% endtrans %}</li>

...

-  <li>{% trans %}Configure the block and click <em>Save block</em>; see <a href="{{ configure }}">Configuring a previously-placed block</a> for configuration details.{% endtrans %}</li>
+  <li>{% trans %}Configure the block and click <em>Save block</em>; see {{ configure_topic }} for configuration details.{% endtrans %}</li>

Steps to reproduce

N/A

Proposed resolution

0. Discuss and decide on the best way to handle the sentence-embedded links in these help topics.

1. Update internal links and breadcrumbs in the following help topics:

• core/modules/help_topics/help_topics/content_moderation.changing_states.html.twig
• core/modules/help_topics/help_topics/content_moderation.configuring_workflows.html.twig
• core/modules/help_topics/help_topics/core.content_structure.html.twig
• core/modules/help_topics/help_topics/search.overview.html.twig

2. Attempt to embed the link in the help topic copy simply and directly in order to help translators. If possible, use the menu link title for the link text.

3. Get feedback from Multilingual subsystem maintainer on translatability. (When issue is ready for review, the issue reporter should add "Needs subsystem maintainer review" tag and request feedback from @Gábor Hojtsy.)

Remaining tasks

Patch, review, commit.

User interface changes

None.

API changes

None.

Data model changes

None.

Release notes snippet

Not necessary. This is an experimental module.

Problem/Motivation

Frequently I find urls like: example.com/user/password?name%5B%23post_render%5D%5B0%5D=array_map&name%5B%23suffix%5D=eval%28%24_POST%5Bc%5D%29%3B%2F%2F&name%5B%23type%5D=markup&name%5B%23markup%5D=assert

result in the logging: Warning: mb_strlen() expects parameter 1 to be string, array given in Drupal\Core\Form\FormValidator->performRequiredValidation() (line 333 of /xxx/core/lib/Drupal/Core/Form/FormValidator.php)

I presume the code should give an error message to the user and prevent a warning in the logging.
I Drupal 7 these is warnings exists as well, but are not so important.