Skip to content

Latest commit

 

History

History
689 lines (590 loc) · 81.7 KB

CHANGELOG.md

File metadata and controls

689 lines (590 loc) · 81.7 KB
Raw

Changelog

43.3.1 (November 6, 2024)

We are happy to announce the release of CKEditor 5 v43.3.1.

Release highlights

We had to revert a change introduced in v43.3.0 related to the icons export in one of our packages. This was due to unforeseen TypeScript issues in some setups.

Bug fixes

  • link: Reverted a change related to adding icons re-export. See #17358. (commit)

Other changes

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:

43.3.0 (October 29, 2024)

We are happy to announce the release of CKEditor 5 v43.3.0.

Release highlights

Performance improvements

We have improved how the editor handles the document structure by making it more reliable and efficient to access specific elements and verify their positions.

  • Node index and offset caching: The Node and NodeList elements now cache index and offset values, reducing the need for recalculations and significantly boosting overall performance during model operations.
  • Selection range validation: The newly implemented Position#isValid() method is also utilized to better validate selection ranges, ensuring more consistent behavior in various editing scenarios.
  • Performance improvements in numbers: The editor now loads content between 3x and, in some cases, up to 6x faster, depending on the type and size of the content. For instance, where a specific 200-page document previously took almost 25 seconds to load, the time has now been reduced to just 3.5 seconds.

We’re committed to ongoing performance enhancements, so you can expect even faster, smoother experience in future updates.

Export to Word watermark support

A new configuration option has been added to include a watermark when exporting documents to Word, providing additional flexibility in document branding and protection.

Notable bug fixes and improvements

  • Suggestions retention on revision restore: Suggestions are no longer lost in specific cases when restoring revisions with changes from multiple users. The revision tracking process has been improved to ensure that all operations, including markers, are handled and saved correctly during synchronization. This fix resolves issues where markers were previously not retained, ensuring consistent data handling in collaborative editing scenarios.
  • Action dropdown visibility fix: Resolved an issue where the action dropdown remained hidden after permission changes on comments. The dropdown now properly reflects updated permissions, allowing users to interact with the available actions seamlessly.
  • AI command enhancements:
    • Custom AI Commands are now correctly applied to individual dropdowns when only one group of comments is present, instead of the entire group.
    • Empty comment groups no longer render, improving UI clarity.
    • Fixed an issue where nested AI command menus would close unexpectedly when used within a balloon toolbar, preventing unintended behavior during selection.

Features

  • engine: Introduced the getChildAtOffset() method for model.Element and model.DocumentFragment. (commit)
  • engine: Introduced the Position#isValid() method to check whether the position exists in the current model tree. (commit)
  • export-word: Added a configuration setting for adding a watermark to generated documents.
  • revision-history: Introduced the RevisionTracker#getRevisionDocumentData() and RevisionTracker#getRevisionRootsAttributes() methods to the public scope of the editor API. You can use them to retrieve document data saved with the revision.
  • utils: Made FocusTracker extendable with other FocusTracker instances to allow logical focus tracking across separate DOM sub-trees (see #17277). (commit)

Bug fixes

  • ai: Empty AI Assistant command groups should not render in the UI.
  • ai: The AI Assistant command list should be flat when only one command group is available.
  • comments: Fixed an issue where the action dropdown remained hidden when permissions allowing actions on a comment changed.
  • engine: The content of an inline object should be handled as a flow root so whitespaces should be trimmed as the content of an inline object element is inside a block element. Closes #17199. (commit)
  • image: Handle existing picture element correctly on sources downcast. (commit)
  • link: No longer crash editor after removing link from image when LinkConfig#addTargetToExternalLinks: true is set. Closes #17252. (commit)
  • list-multi-level: Multi-level lists should display correctly in RTL mode for Decoupled Editor.
  • pagination: Improved pagination of large tables that are followed by block elements.
  • revision-history: Suggestions are no longer lost in some scenarios when restoring revisions in real-time collaboration.
  • ui: The dropdown menu component should not cause editor blur if used in a BalloonToolbar while the user hovers a nested menu. Closes #17277. (commit)
  • ui: Made the page unscrollable while the modal is visible. Closes #17093. (commit)

Other changes

  • engine: Node index and offset related values are now cached in model Node and NodeList to improve performance. (commit)
  • link: Exported link and unlink icons from the ckeditor5-link package. Closes #17304. (commit)
  • ui: Disabled dragging support for modal windows in the Dialog plugin. Closes #17290. (commit)
  • ui: Disabled positioning restrictions for modal windows caused by config.ui.viewportOffset. Closes #17290. (commit)

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Releases containing new features:

Other releases:

43.2.0 (October 2, 2024)

We are happy to announce the release of CKEditor 5 v43.2.0.

Release highlights

Notable improvements

  • Operational Transformation Stability: Significant changes have been made to the OT system, enhancing the undo functionality and real-time collaboration, especially in conflict resolution scenarios. These improvements ensure smoother editor operations during complex interactions.
  • Performance Improvements: We have merged several community-driven performance enhancements (thanks @sunesimonsen), that optimize the editor’s core engine. While no changes to the editor’s logic were made, these updates improve overall efficiency and responsiveness.

More imports available via ckeditor5 and ckeditor5-premium-features indexes

As users transition to new installation methods (v42.0.0+) with ckeditor5 and ckeditor5-premium-features as the main packages, we are continuously addressing missing imports for less common classes, functions, types, and utilities, broadening their availability. Since our TypeScript rewrite (v37.0.0), imports can now be made directly through the package indexes, simplifying integration. As many users historically imported from src, we encourage you to try the new version and report any missing imports. In the future, we are considering removing src from published packages to reduce package size, so the more feedback we receive, the better and more stable API we will provide.

Features

  • engine: Added the usePassive option to DomEventObserver that enables listening to passive events. Closes #16412. (commit)
  • media-embed: It is now possible to embed YouTube shorts. Closes #17090. (commit)
  • ui: Updated the "Powered by" link. (commit)

Bug fixes

  • ckbox: Editing inline images using CKBox no longer changes and reinserts them simultaneously. Closes #17056. (commit)
  • engine: Fixed incorrect marker handling in some scenarios involving undo and real-time collaboration, which earlier led to a model-nodelist-offset-out-of-bounds error. See #9296. (commit)
  • engine: Fixed incorrect handling of merge changes during undo in some scenarios involving real-time collaboration, which earlier led to a model-nodelist-offset-out-of-bounds error. See #9296. (commit)
  • engine: Fixed conflict resolution error, which led to editor crash in some scenarios where two users removed larger intersecting part of the content and used undo. See #9296. (commit)
  • engine: Fixed incorrect undo behavior leading to an editor crash when a user pressed Enter key multiple times, then pressed backspace that many times, then undid all the changes. Closes #9296. (commit)
  • theme-lark: Increased the specificity of the dropdown menu panel styles to address issues with incorrect z-index ordering. (commit)
  • ui: Fixed scrolling in dropdowns when a block toolbar button is active. Closes #17067. (commit)
  • ui: Increased the specificity of the dropdown menu panel styles to address issues with incorrect z-index ordering. (commit)

Other changes

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Releases containing new features:

Other releases:

43.1.1 (September 25, 2024)

We are happy to announce the release of CKEditor 5 v43.1.1.

During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package (CVE-2024-45613). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.

This vulnerability affects only installations where the editor configuration meets the following criteria:

  1. The Block Toolbar plugin is enabled.
  2. One of the following plugins is also enabled:

You can read more details in the relevant security advisory and contact us if you have more questions.

Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce theoretical and unexploitable issues. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, in order to increase the overall security posture of our software.

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:

43.1.0 (September 5, 2024)

We are happy to announce the release of CKEditor 5 v43.1.0.

Release highlights

This release includes important bug fixes and enhancements for the editor:

  • Block merge fields: In contrast to regular, inline merge fields, the block merge fields are designed to represent complex, block-level structures, such as a dynamically generated table, a row of products, or a personalized call-to-action segment. Block merge fields are supposed to be replaced by arbitrary HTML data when the document template is post-processed or exported to a PDF or Word file.

  • Nested dropdown menus: this release introduces a new UI component: nested dropdown menus. They can be used by feature developers to easily provide an advanced user interface where UI elements are organized into a nested menu structure.

  • Customizable accessible label: You can now configure the label for the accessible editable area through the editor settings, ensuring it fits your system’s needs.

  • Improved table and cell border controls: It is now easier to manage both table and cell borders. The table user interface now clearly indicates the default border settings, allowing you to set “no borders” (None) for tables and cells without any additional configuration.

    ⚠️ In some cases this update may lead to data changes in the tables’ HTML markup when the editor loads them. However, visually nothing will change, and the experience will be the same.

The full list of enhancements can be found below.

MINOR BREAKING CHANGES ℹ️

  • Reverted config.sanitizeHtml. In v43.0.0 we made a decision to move config.htmlEmbed.sanitizeHtml to a top-level property config.sanitizeHtml. However, we realized that it was a wrong decision to expose such a sensitive property in a top-level configuration property. Starting with v43.1.0 you should again use config.htmlEmbed.sanitizeHtml and/or config.mergeFields.sanitizeHtml. The editor will throw an error if config.sanitizeHtml is used. See the migration guide for additional context behind this decision.
  • ai: The structure and presentation of the list of AI commands in the toolbar have changed (a flat filtered list is now a nested menu). Additionally, if your integration customizes this user interface, please ensure your integration code is up-to-date.
  • ui: The default [aria-label] provided by InlineEditableUIView is now 'Rich Text Editor. Editing area: [root name]' (previously: 'Editor editing area: [root name]'). You can use the options.label constructor property to adjust the label.

Features

  • comments: Added [data-author-id] to suggestion and comment markers in editing for easier integration and styling.
  • media-embed: Added support for new Twitter domain (x.com) and Instagram Reels. Closes #16435. (commit)
  • merge-fields: Introduced block merge fields. They are a new type of merge fields which are treated as block content in the editor editing area.
  • track-changes: Added [data-author-id] to suggestion and comment markers in editing for easier integration and styling.
  • ui: Introduced nested menu component for dropdowns. Closes #6399. (commit)
  • ui: Added support for the balloon toolbar in the multi-root editor. Closes #14803. (commit)
  • Allowed to configure the accessible editable area label via the config.label property. Closes #15208, #11863, #9731. (commit)

Bug fixes

  • cloud-services: The refreshing mechanism (from the Token class) should retry after a failure to limit the chance of the user getting disconnected and data loss in real-time collaboration. (commit)
  • comments: The TrackChangesData#getDataWithAcceptedSuggestions() method will no longer throw errors when there are suggestions containing multi-range comments in tables.
  • document-outline: Editor no longer crashes during initialization when the TableOfContents and ImageBlock plugins are enabled. Closes ckeditor/ckeditor5#16915.
  • editor-classic: The widget toolbar no longer covers editor's sticky toolbar when scrolling. Closes #15744. (commit)
  • editor-multi-root: The selection is no longer lost while clicking an editable containing only one block element. Closes #16806. (commit)
  • engine: Prevent from editor crashes when trying to style a long paragraph. Closes #16819. (commit)
  • html-support: The <hgroup> and <summary> elements should work with the source editing feature. Closes #16947. (commit)
  • list: A to-do list should preserve the state of the checked items on the data load. Closes #15602. (commit)
  • table: Changed default table and table cell properties to match the content styles. It fixes a problem with setting [border=none] on the table. Closes #6841. (commit)
  • table: Larger tables are no longer truncated in print mode. Closes #16856. (commit)
  • track-changes: The TrackChangesData#getDataWithAcceptedSuggestions() and TrackChangesData#getDataWithDiscardedSuggestions() methods will no longer throw errors when used in asynchronous load and save integration type.
  • ui: Nested menus in the menu bar and dropdowns should not get their panels focused when the main button is clicked. Closes #16857. (commit)
  • ui: Restored the ability to pin balloons to text nodes in the DOM tree. Closes #16958 #16889. (commit)
  • ui: The focus outline should remain visible upon closing a menu bar using the Esc key during keyboard navigation. Closes #16719. (commit)
  • ui: Balloon Editor toolbar no longer sticks out of the limiter element while scrolling. Closes #17002. (commit)

Other changes

  • ai: The AI Assistant pre-defined commands toolbar dropdown will now use a new nested menu component instead of the flat list component.
  • comments: Moved Ctrl+Shift+E and Esc key handling code from individual features to the Annotations plugin to simplify the logic.
  • core: Reverted recent change to move config.htmlEmbed.sanitizeHtml to a top-level config property (config.sanitizeHtml). config.sanitizeHtml is no longer available and using it will throw an error.
  • html-embed: Reverted recent change to move config.htmlEmbed.sanitizeHtml to a top-level config property (config.sanitizeHtml). Starting from v43.1.0 config.htmlEmbed.sanitizeHtml is no longer deprecated.
  • merge-fields: Introduced config.mergeFields.sanitizeHtml config property. Use it instead of config.sanitizeHtml. config.sanitizeHtml is no longer available and using it will throw an error.
  • track-changes: Moved Ctrl+Shift+E and Esc key handling code from individual features to the Annotations plugin to simplify the logic.
  • typing: The package exports now the TextTransformationConfig type. (commit)
  • Updated translations. (commit)

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Minor releases (contain minor breaking changes):

Releases containing new features:

Other releases:

To see all releases, visit the release page.