🔒Security release

This release bumps some of our dependencies and also addresses several security issues. Please update at your earliest convenience after taking a backup and ensuring that it's working.

What's Changed

🔒Security fixes

CVE-2021-27915 - XSS Cross-site Scripting Stored in Description field - GHSA-2rc5-2755-v422

CVE-2022-25774 - XSS in Notifications via saving Dashboards - GHSA-fhcx-f7jg-jx3f

CVE-2021-27916 - Relative Path Traversal / Arbitrary File Deletion in GrapesJS builder - GHSA-9fcx-cv56-w58p

CVE-2022-25775 - SQL Injection in dynamic Reports - GHSA-jj6w-2cqg-7p94

CVE-2022-25776 - Sensitive Data Exposure due to inadequate user permission settings - GHSA-qjx3-2g35-6hv8

CVE-2022-25777 - Server-Side Request Forgery in Asset section - GHSA-mgv8-w49f-822w

⬆️ Dependencies

Upgrade twig package by @lenonleite in #13604
Upgrade http kernel by @lenonleite in #13605
Upgrade phpseclib by @lenonleite in #13607
Upgrade elfinder package by @lenonleite in #13608
Upgrade composer packages by @lenonleite in #13603
Upgrade guzzlehttp psr7 by @lenonleite in #13606
Updating symfony/flex by @escopecz in #13589
Update to last gitpod version by @lenonleite in #13601

🐛 Bugs

• DPMMA-2401 Use object's timezone when comparing with 'now' in DateTimeHelper by @patrykgruszka in #13320
• Fix form api create without post action parameter by @kuzmany in #13410
• DPMMA-2462 Fix Autowiring Dependency for PushToIntegrationTrait by @patrykgruszka in #13470
• DPMMA-2600 Fix for Grapesjs-Mjml self-closing tag issue by @patrykgruszka in #13431
• The API defines Contacts not Contact causing the API to not receive the correct mapping by @mallezie in #13208
• Add memory limit to run test maria db by @lenonleite in #13622

Full Changelog: 5.0.3...5.0.4

SHA1(5.0.4.zip)= 593cfded533ea44d0a7dc3bbbedd0eb51ff12aeb
SHA1(5.0.4-update.zip)= e7242d4bc728e1def79f8f7a4fef1d188cac5adc

🔒Security release

This release bumps some of our dependencies and also addresses several security issues. Please update at your earliest convenience after taking a backup and ensuring that it's working.

What's Changed

🔒Security fixes

CVE-2021-27915 - XSS Cross-site Scripting Stored in Description field - GHSA-2rc5-2755-v422

CVE-2022-25774 - XSS in Notifications via saving Dashboards - GHSA-fhcx-f7jg-jx3f

CVE-2021-27916 - Relative Path Traversal / Arbitrary File Deletion in GrapesJS builder - GHSA-9fcx-cv56-w58p

CVE-2022-25775 - SQL Injection in dynamic Reports - GHSA-jj6w-2cqg-7p94

CVE-2022-25776 - Sensitive Data Exposure due to inadequate user permission settings - GHSA-qjx3-2g35-6hv8

CVE-2022-25777 - Server-Side Request Forgery in Asset section - GHSA-mgv8-w49f-822w

⬆️ Dependencies

• Upgrade twig package by @lenonleite in #13604
• Upgrade http kernel by @lenonleite in #13605
• Upgrade phpseclib by @lenonleite in #13607
• Upgrade elfinder package by @lenonleite in #13608
• Upgrade composer packages by @lenonleite in #13603
• Upgrade guzzlehttp psr7 by @lenonleite in #13606
• Updating symfony/flex by @escopecz in #13589
• Update to last gitpod version by @lenonleite in #13601

Full Changelog: 4.4.11...4.4.12

SHA1(4.4.12.zip)= c5e1406c0bcdb54d75a594a7d24a69ae18f9631c
SHA1(4.4.12-update.zip)= 8ea9ceed0bf1876588215423bcb1c27808ecdb29

What's Changed

🐛 Bugs

• Focus first invalid element of form on validation error by @kuzmany in #13247
• Update preview form script source path for dev enviroment by @kuzmany in #13248
• Fix replace entity with reference for detached lists for add to segment action by @kuzmany in #13244
• Fix incorrect twig field checks for contacts and companies by @mollux in #13254
• fix incorrect version of the SpBundle dependency by @mollux in #13253
• Fix call to logger warn method. by @AdamBark in #13252
• Fix incorrect occurrences of dns where it should be dsn by @mollux in #13259
• Fix using messenger DSN with special characters by @mollux in #13255
• fix incorrect migration from old mail config to mailer_dsn config by @mollux in #13256
• add missing translations for flash messages by @mollux in #13258
• fix missing filter on contact grid display by @mollux in #13260
• Pass mauticTemplateVars to twig templates by @kuzmany in #13257
• Fix incorrect PSR-4 namespaces in tests by @mollux in #13274
• Fix broken API output for composer based installs by @mollux in #13272
• DPMMA-2566 Support old contactId type in point groups migration by @patrykgruszka in #13284
• Maut 10853Fixing Array to string conversion by @escopecz in #13287
• Fix error 500 for Visits URL within time Point action by @patrykgruszka in #12609
• Bump dependencies to align with composer based installs by @mollux in #13311

New Contributors

• @AdamBark made their first contribution in #13252

Full Changelog: 5.0.2...5.0.3

SHA1(5.0.3.zip)= 9675c8186ff1645b998d2492421657de9e24528a
SHA1(5.0.3-update.zip)= a241d03e6276d76649b825db7fe574a6ff7fb528

What's Changed

✨ Features and enhancements

• DPMMA-2537 RFC 8058 one-click unsubscribe [backport] by @patrykgruszka in #13117 (read more in our blog post about the upcoming changes to Gmail and Yahoo's spam policies)

🐛 Bugs

• Fixing Import custom email template functionality by @shinde-rahul in #12495
• Fix toggle buttons by @kuzmany in #12787
• [backport] Empty the (un)publish dates on email clone by @nick-vanpraet in #12783

Full Changelog: 4.4.10...4.4.11

SHA1(4.4.11.zip)= 7ab01cda2209cca9b057d81c21123d3f064102af
SHA1(4.4.11-update.zip)= 259160183cd1864baa6d359c7e367d57946fc21c

What's Changed

🐛 Bugs

• DPMMA-375 fix multiple flash messages by @patrykgruszka in #13187
• Fixing Undefined project root by @escopecz in #13193
• fix: [DPMMA-2252] point groups migration fix by @patrykgruszka in #13195
• Fixing a typo in a controller action path by @escopecz in #13203
• fix incorrect variable name when setting read only db host by @mollux in #13211
• Fix embedding images in mails by @mollux in #13219
• Enforce pdo_mysql as doctrine driver as it's the only supported one by @mollux in #13210
• Fix invalid javascript:void(). by @biozshock in #13217
• ensure JS libraries requiring Jquery UI are loaded in the correct order by @mollux in #13216
• Add Missing Translations for GrapeJS by @code5rick in #13207
• Update form.html.twig by @porubma in #13223
• DPMMA-375 Flash messages are not visiblie in campaign builder by @patrykgruszka in #13205
• DPMMA-2566 GroupContactScore mapping fix by @patrykgruszka in #13231

New Contributors

• @porubma made their first contribution in #13223

Full Changelog: 5.0.1...5.0.2

SHA1(5.0.2.zip)= db164a55b94cab87a430aaf521c3378d768c8b2b
SHA1(5.0.2-update.zip)= cc2811018b08106ff2d5e36a31e8e92b22c83f16

What's Changed

🐛 Bugs

• Adding wrongly removed migration back by @escopecz in #13183
• Typo fix by @RCheesley in #13184

Full Changelog: 5.0.0...5.0.1

SHA1(5.0.1.zip)= fb2f1579200391cc53b95f53aac7d41ba219235d
SHA1(5.0.1-update.zip)= 81e40f3b1514c8d46cf2490ec3842863fd63d64c

Mautic 5 is here!

Today we are excited to announce the release of Mautic 5.0 General Availability.

This release includes support for Symfony 5, PHP 8.1 and updates many of our very outdated dependencies ‘under the hood’ to ensure Mautic remains secure and fit for the future.

We’ve also removed and updated a vast amount of old, legacy code which makes our core more streamlined and modern.

🚨 IMPORTANT: Please read our release blog post BEFORE UPDATING at https://www.mautic.org/blog/community/mautic-5-beyond-expectations-beyond-limits, which contains important information about things that have changed in Mautic 5. Importantly you will need to check that your email service provider is supported via a plugin for the new email sending system, update your cron jobs, and also ensure you check your plugins are installed and working correctly.

Developers and advanced users: The blog post has some plain-english information but you can find the finer details in https://github.com/mautic/mautic/blob/5.x/UPGRADE-5.0.md and https://github.com/mautic/mautic/blob/5.x/UPGRADE-PHP-TO-TWIG-TEMPLATES.md for information on upgrading plugins.

Update to Mautic 5 in the usual way (at command line) after taking a full backup of your files and database and verifying its integrity.

What's Changed

⚠️ Breaking Changes

Authentication

• Tprod 296 Authentication refactoring needed for Symfony 5 by @escopecz in #11057

Calendar

• Removing calendar bundle by @escopecz in #11270

Campaigns

• Stop duplicate campaign update by @escopecz in #10550

Configuration

• Implementing DI for commands that still use container by @escopecz in #11041
• Update french regions (departements) by @npracht in #10802
• Froala feature flag - disabled by default by @escopecz in #12416
• Add Symfony Mailer Only by @mabumusa1 in #11613

Contacts

• Create field in background without user ID by @kuzmany in #12446

Email

• Transactional emails in campaigns ignore the DNC setting by @volha-pivavarchyk in #11786

Installation

• Remove email config from installer by @fedys in #12216

Misc

• More rector dead code rules by @escopecz in #11704
• Removing emoji transformer by @escopecz in #12483

Plugins

• TPROD-272: Dropped PluginConfiguration.php by @kuzmany in #11032
• Change OAuth2 Package to use twig by @mabumusa1 in #12091
• Remove LinkedIn from core by @kuzmany in #12147
• Remove all pipedrive related files and functions by @npracht in #12081

Queue

• Queue implementation improvements by @fedys in #12648

Themes

• Remove onlyForBC themes by @kuzmany in #12524

Tracking

• TPROD-284 Refactor CookieHelper to use Symfony Cookie. by @biozshock in #11448
• Remove deprecated cookies by @putzwasser in #12440

Users & Roles

• Removing unused interface AdvancedUserInterface and methods it required by @escopecz in #11056

User interface

• TPROD-356 Removing sortable panels by @escopecz in #12022
• Rename addFlash to addFlashMessage to prevent method collision by @mollux in #12197

✨ Features and enhancements

Assets

• Assets are streamed by default by @volha-pivavarchyk in #11043
• [DPMMA-2108] Add UTM to Asset download by @tomekkowalczyk in #12098

Auditing

• Track changes for Message entity and Category Entity by @gunnrryy in #11275

Builder

• A user can edit an email or landing page created in Code Mode in the Builder, after acknowledging the risk by @volha-pivavarchyk in #11339
• Select with Mautic tokens for GrapesJS text editor by @annamunk in #11525
• Add support for {today} token by @kuzmany in #11722
• [DPMMA-2044] Loading custom fonts into GrapesJS editor - plugin by @annamunk in #12067

Campaigns

• Contact field value campaign condition multiselect for including/excluding operators by @patrykgruszka in #9658
• add more info in campaign tooltip by @npracht in #11881
• [DPMMA-2099] Page hit campaign condition by @tomekkowalczyk in #12048
• [DPMMA-716] Add new condition DNC to campaigns by @tomekkowalczyk in #12099

Companies

• Company merge event by @kuzmany in #11748

Configuration

• Option to set a strict transport security header in response by @annamunk in #11608
• Redis sentinel_master_only option by @fedys in #11675
• Add Symfony Messenger Only by @mabumusa1 in #11598
• Messenger improvements by @fedys in #12509
• Enable Slave Connections if exists by @mabumusa1 in #11792
• Add lock support on maintenances commands by @kuzmany in #11478
• Support lock for mautic:custom-field:create-column command by @kuzmany in #12000
• Add support Redis lock system for commands by @kuzmany in #10347
• TPROD-457 - PHP 8.1 support by @roboparker in #12382
• Adding marketplace command by @escopecz in #12529
• Keep the filename when uploading with Froala by @volha-pivavarchyk in #12554
• Add support for shortener services by @kuzmany in #12299
• Adding support for URL shortener in email 5.x by @christian-krieg in #12128
• Disable trackable for SMS in configuration by @kuzmany in #11683
• Add provision for custom DSN validation messages by @ts-navghane in #12624
• Option to select domain for saml_idp_entity_id by @dadarya0 in #12655
• [rector] Few configuration improvements by @TomasVotruba in #12676
• Site Url is validated in the UI to be a valid url by @volha-pivavarchyk in #12727

Contacts

• Add created and modified data to contact profile by @kuzmany in #11352
• Contact email statistics in lead view by @patrykgruszka in #11406
• The tag label in the contact page is a link to the tag detail page by @volha-pivavarchyk in #11582
• The contact history item "UTM tags recorded" has a clearer event label by @volha-pivavarchyk in #11754
• Unique contact fields are now checked for uniqueness on contact form. by @biozshock in #11716
• Update of the country name of Swaziland to Eswatini by @AlanWierzchonCA in #12061
• add la rioja to regions by @roboparker in #12575
• Dpmma 1743 focus actions on contact timeline by @AlanWierzchonCA in #11999

Dashboard

• Dashboard widget with segments build time by @patrykgruszka in #12398

Development

• add makers bundle by @roboparker in #11313
• Upsert functionality by @aarohiprasad in #11654
• Improve documentation of code and logging of exception errors by @volha-pivavarchyk in #11345
• Adding Symfony 4.0 and 4.1 Rector rule sets to CI by @escopecz in #11479
• lower sleep times for faster tests by @mollux in #11508
• Prepare database only once a test suite run by @fedys in #11585
• Bump twig/twig from 3.4.2 to 3.4.3 by @dependabot in #11532
• Upgrade php cs fixer by @biozshock in #11548
• Bump min PHP requirement to 8.0 by @mollux in #11581
• Bump DDEV to use PHP 8.0 by @RCheesley in #11600
• add custom PHPCS fixer to prevent useless MAUTIC_TABLE_PREFIX defines by @mollux in #11622
• Update UPGRADE-PHP-TO-TWIG-TEMPLATES.md by @JoshuaEstes in https://github.com/mautic/maut...

Big thanks to @TomasVotruba for his dedicated time improving Mautic's codebase with his amazing tool https://github.com/rectorphp/rector. Most of the changes in this release were made by Tomas and moves the quality of the code into a new level.

There are also many bug fixes in this release. Thanks to everyone involved!

What's Changed

🔧 Refactoring

• [type-declarations] Add known bool return type declarations by @TomasVotruba in #12946
• [cs] remove redundant class docblock - round #2 by @TomasVotruba in #12950
• [type-declarations] Add known return array type declarations by @TomasVotruba in #12945
• [type-declarations] Add known return type declarations from new instances by @TomasVotruba in #12947
• [dead-code] Symplify useless variable assign, remove redundant null param by @TomasVotruba in #12953
• [type-declarations] Add ctor based property types in - Lead bundles by @TomasVotruba in #12952
• [type-declarations] Add return type declaration based on constants + add known array types by @TomasVotruba in #12954
• [dead-code] Remove unused variable assigns by @TomasVotruba in #12961
• [type-declarations] Add ctor based property types in - Plugin, Page, Category, Channel bundles by @TomasVotruba in #12955
• [type-declarations] Add ctor based property types in - Stage, Point, Api, Install, Dashboard bundles by @TomasVotruba in #12956
• [type-declarations] Add ctor based property types in - Webhook, Core, Sms, Campaign bundles by @TomasVotruba in #12957
• [type-declarations] Add ctor based property types in - Report bundles by @TomasVotruba in #12958
• [dead-code] Apply remove default null and && over ternary rules by @TomasVotruba in #12960
• [type-declarations] Add known void return type to /plugins by @TomasVotruba in #12963
• [type-declarations] Add known void return type to Stage, User and Webhook bundles by @TomasVotruba in #12964
• [typed-properties] Add ctor based typed properties to Integrations bundle by @TomasVotruba in #12969
• [typed-properties] Add ctor based typed properties to User bundle by @TomasVotruba in #12970
• [typed-properties] Add ctor based typed properties to Cache bundle by @TomasVotruba in #12972
• [typed-properties] Add ctor based typed properties to Email bundles by @TomasVotruba in #12971
• [type-declarations] Add known return void types in Point, Plugin bundles by @TomasVotruba in #12974
• [typed-properties] Add ctor based typed properties to Notification bundle by @TomasVotruba in #12976
• [typed-properties] Add ctor based typed properties to Form bundles by @TomasVotruba in #12978
• [typed-properties] Add ctor based typed properties to Stats bundle by @TomasVotruba in #12977
• [type-declarations] Add known return void types in Page bundle by @TomasVotruba in #12981
• [type-declarations] Add known return void types in Notification bundle by @TomasVotruba in #12975
• [type-declarations] Add known return void types in Report bundles by @TomasVotruba in #12973
• [typed-properties] Add ctor based typed properties to DynamicContent bundle by @TomasVotruba in #12980
• [type-declarations] Add known return void types in Sms bundles by @TomasVotruba in #12979
• [types] Add known void types in Forms bundle by @TomasVotruba in #12983
• [types] Add known void types in Asset bundle by @TomasVotruba in #12991
• [types] Add known void types in Chanel bundle by @TomasVotruba in #12987
• [types] Add known void types in Dashboard bundle by @TomasVotruba in #12990
• [types] Add known void types in Email bundle by @TomasVotruba in #12984
• [types] Add known void types in Lead bundle by @TomasVotruba in #12985
• [types] Add known void types in Core bundle by @TomasVotruba in #12986
• [type-declaration] Add known void return type declarations to the rest of code by @TomasVotruba in #12992
• [types] Add known void types in Api bundle by @TomasVotruba in #12989
• [types] Add known void types in Campaign bundle by @TomasVotruba in #12988
• [types] Add known return scalar types + strict types in Webhook, Report, Notification, Install and Core bundles by @TomasVotruba in #12994
• [types] Add known return scalar types + strict types in Email, Marketplace, Api and Channel bundles by @TomasVotruba in #12995
• [types] Add known return scalar types + strict types in Form, Assert and Config bundles by @TomasVotruba in #12996
• [types] Add known return scalar types + strict types in Sms, Page, Integrations, Dashboard and Campaign bundles by @TomasVotruba in #12997
• [types] Add known return scalar types + strict types in Stats, Point, Asset bundles by @TomasVotruba in #12999
• [types] Add known return scalar types + strict types in Stage, Plugin, Lead, Category and DynamicContent bundles by @TomasVotruba in #12998
• [dead-code] Apply full dead-set + remove few dead code parts by @TomasVotruba in #13000
• [PHP 8.0] Add promoted properties in Webhook, User, Stats bundles - step 2 by @TomasVotruba in #13004
• [PHP 8.0] Make use of property promotion - step 1 by @TomasVotruba in #13001
• [PHP 8.0] Add promoted properties in Stage, Sms, Report and Point bundles - step 3 by @TomasVotruba in #13005
• [PHP 8.0] Add promoted properties in Page, Notification, Lead and Plugin bundles - step 4 by @TomasVotruba in #13006
• [type-declarations] Add known bool return type declarations by @TomasVotruba in #13010
• [PHP 8.0] Add promoted properties in Marketplace, Integrations, Email, Form and leftovers - step 5 by @TomasVotruba in #13009
• [PHP 8.0] Make use of str start, ends, contains functions by @TomasVotruba in #13011
• [PHP 8.0] Make use of match() by @TomasVotruba in #13012
• [type-coverage] Add new, ternary, param based returns by @TomasVotruba in #13014
• [PHP 7.0] Make use of array destruct by @TomasVotruba in #13022
• [PHP 5.6] Make use of up to PHP 5.6 features by @TomasVotruba in #13017
• [PHP 7.0] Make use of coalsece by @TomasVotruba in #13023
• [PHP 8.0] Remove unused catch variable by @TomasVotruba in #13015
• [PHP 8.0] Add property promotion to plugins by @TomasVotruba in #13027
• [type-declarations] Re-apply rector type rules to Form, Email, Core and Campaign bundles + bump Rector/PHPStan version by @TomasVotruba in #13025
• [type-declarations] Re-run rector rules on plugins, Report, Sms, User, Lead, Dynamic, Config bundles by @TomasVotruba in #13028
• [PHP 7.3] Make use of array key last/first by @TomasVotruba in #13030
• [PHP 7.4] Add arrow functions and coalessce assign by @TomasVotruba in #13031
• [PHP 7.0] Make use of up to PHP 7.0 features by @TomasVotruba in #13033
• [type-declaration] Re-run current sets for whole project on PHP 8 by @TomasVotruba in #13032
• [PHP 8.0] Make use of PHP 8.0 features by @TomasVotruba in #13035
• [tests] Add known void return type declarations by @TomasVotruba in #13040
• [tests] Add known setup based property types by @TomasVotruba in #13041
• getSubscribedEvents() always returns an array. Adding the return type… by @escopecz in #13039
• [pre-phpunit-10] Make data providers static by @TomasVotruba in #13049
• [phpstan] Rebuild phpstan baseline by @TomasVotruba in #13053
• [tests] Add features up to PHP 8 by @TomasVotruba in #13042
• [type-declarations] Add scalar and strict type...

What's Changed

🔧 Refactoring

• Replacing deprecated cache helper with cache provider in the RequestStorageHelper by @escopecz in #12699

✨ Features and enhancements

• DPMMA-2222 Email click heatmap by @patrykgruszka in #12696

🐛 Bugs

• Empty the (un)publish dates on email clone by @nick-vanpraet in #12784
• Reset plain text after clone by @kuzmany in #12748
• Fix contact dashboard graph only showing own contacts regardless of permission by @driskell in #12819
• Fix date/datetime segment filter validation by @kuzmany in #12647
• fix missing request object on clone operations by @mollux in #12811
• Override lock - Error 500 by @nick-vanpraet in #12837
• [DPMMA-2341] Doctrine does not support short namespaces - fixed by @annamunk in #12834
• fix for incorrect parameter name when using autowiring by @mollux in #12847
• Fix for extra rendered fields in the contact form by @mollux in #12848
• Fix for PHP warnings when generating email starts when no emails are sent by @mollux in #12849
• Duplicate entries in contact history when setting DNC in bulk from contact list by @nick-vanpraet in #12839
• Invoke guard authenticator. by @biozshock in #12855
• add interface to SubmissionResultLoader to appear in models by @galvani in #12870
• Notification bundle validation. by @biozshock in #12861
• [DPMMA-2341] Fixed missing preference center by @annamunk in #12829

New Contributors

• @driskell made their first contribution in #12819

Full Changelog: 5.0.0-beta2...5.0.0-rc1

SHA1(5.0.0-rc1.zip)= 6e80bf686e3997721b9d5232aadd03a8f0dc47cd
SHA1(5.0.0-rc1-update.zip)= 7f50ce2af22dcef458e35439b4ba2189254dd723

What's Changed

⚠️ Breaking Changes

• Remove onlyForBC themes by @kuzmany in #12524
• Create field in background without user ID by @kuzmany in #12446
• Queue implementation improvements by @fedys in #12648

🔧 Refactoring

• Autowire models. by @biozshock in #12493
• Update analytics.js to gtag to support ga4. by @martoboto in #12421
• Remove Duplicate Code (Doctrine) by @mabumusa1 in #12243
• refactor(phpstan): Remove deprecations related to execute() method by @scyzoryck in #12684
• [rector] [dead-code] Remove few ifs that are always true by @TomasVotruba in #12693
• [rector] [dead-code] Remove few ifs that are always true - part #2 by @TomasVotruba in #12700
• Upgrade ckeditor 4 to 5 by @dadarya0 in #12641

✨ Features and enhancements

• Messenger improvements by @fedys in #12509
• Adding marketplace command by @escopecz in #12529
• Add filter icon for segment with filters by @kuzmany in #12533
• PHPSTAN and Rector updates + baseline update by @escopecz in #12531
• Bulk importing custom fields by @diaboloshogunate in #12508
• Allow enabling/disabling new contact restrictions in segment rebuilds by @fedys in #12566
• Keep the filename when uploading by @volha-pivavarchyk in #12554
• Adding support for URL shortener in email 5.x by @christian-krieg in #12128
• The fields are links to the files in a form result report by @volha-pivavarchyk in #12474
• Point groups by @patrykgruszka in #11891
• add la rioja to regions by @diaboloshogunate in #12575
• Add mock http_client by @ts-navghane in #12579
• Focus item click conversion rate by @patrykgruszka in #11945
• Disable trackable for SMS in configuration by @kuzmany in #11683
• retrigger gitpod image generation and update ddev to latest version by @mollux in #12578
• Add reply to to custom email by @kuzmany in #11662
• Segment date filter value validation by @kuzmany in #12572
• Add delivered count to email stats by @patrykgruszka in #11965
• Tags can be imported via csv by @volha-pivavarchyk in #12547
• Columns of mapped objects can be added to the form results report by @volha-pivavarchyk in #11927
• Add provision for custom DSN validation messages by @ts-navghane in #12624
• Add support for shortener services by @kuzmany in #12299
• Add two debug logging statements when there is a wrong configuration by @adiux in #12619
• refactoring & Test case for send email to dnd contact by @dadarya0 in #12654
• Option to select domain for saml_idp_entity_id by @dadarya0 in #12655
• [rector] Few configuration improvements by @TomasVotruba in #12676
• New INTEGRATION_BEFORE_COMPANY_FIELD_CHANGES event by @escopecz in #10512
• DPMMA-2222 Email click heatmap by @patrykgruszka in #12696
• replace mrclay/minify with matthiasmullie/minify for faster asset generation by @mollux in #12717
• Dpmma 1743 focus actions on contact timeline by @AlanWierzchonCA in #11999
• Site Url is validated in the UI to be a valid url by @volha-pivavarchyk in #12727
• DPMMA-1436 click-through stats in email report by @patrykgruszka in #12713
• Improve speed of NPM and webpack on CI by adding caching by @mollux in #12771

🐛 Bugs

• set plain and current password to null in erase credentials by @diaboloshogunate in #12507
• Adding migration that will replace root_dir variable with project_dir by @escopecz in #12526
• Segment reference filter operator fix by @fedys in #12530
• Adding the Purify filter to the values that can contain simple HTML formatting by @escopecz in #12528
• Fix reply to address when contact has owner by @mabumusa1 in #12405
• Update messages.ini: Don’t overwrite value if already exists by @IonutOjicaDE in #12551
• Rector fix by @escopecz in #12556
• The list of related contacts is formed correctly by @volha-pivavarchyk in #12561
• Add lead to page and url hits by @diaboloshogunate in #12550
• Multiple select custom fields can be created without errors by @volha-pivavarchyk in #12542
• Corrects twig templates to use basic html in form help text by @volha-pivavarchyk in #12562
• Roles are now editable. by @shinde-rahul in #12520
• Fix undefined variable while creating form with API by @patrykgruszka in #12543
• remove quotes to allow cloning by @diaboloshogunate in #12567
• ignore unmapped attributes by @diaboloshogunate in #12557
• Focus: Fix popup styles coming from preview from app by @kuzmany in #12447
• Fix wrong sanitaze query for ?a during redirect by @kuzmany in #12505
• Fixing global search JS not be flash irrelevant message. by @shinde-rahul in #12436
• Support to Pass MessagingServiceSID to Twillio API instead of From by @dadarya0 in #12539
• Fix warning from last build and remove icon on unpublished segment by @kuzmany in #12534
• Webhook change segment normalize contact data by @kuzmany in #12546
• Fix email segment graph for reads by @kuzmany in #12504
• Fix: Integration Campaign Members List issue on 5.x by @irfanhanfi in #12141
• Fix limit/batch for broadcast email command by @kuzmany in #11127
• treat deprecation warnings as exceptions in PHPunit by @mollux in #12581
• Rewrite remove do not contact form action by @kuzmany in #12393
• remove obsolete scaffold files by @mollux in #12522
• Fix an issue with editing a description area form field by @volha-pivavarchyk in #12571
• fix reference to incorrect template (lead audit log list) by @mollux in #12601
• fix incorrect defaults for array input parameters when filtering contact history by @mollux in #12602
• Separate assets from media by @mollux in #10682
• fix reference to incorrect template (lead grid display) by @mollux in #12600
• add codecov token to reduce the number of failed tests due to report upload failures by @mollux in #12607
• Fix missing and incororrect references to twig templates by @mollux in #12603
• The 2 fields must be set as rendered as they were unset in M4 by @escopecz in #12608
• Fixing tracking description formating by @escopecz in #12611
• A Contact Point Log report can be generated with a segment filter by @volha-pivavarchyk in #12536
• Replace HttpClientInterface with a mock client for tests by @escopecz in #12615
• ensure the expected route part is correctly checked when setting the title by @mollux in #12605
• Respect timezone on best read hours widget by @kuzmany in #12392
• Fix not displaying error information when an ajax call goes wrong by @volha-pivavarchyk in #12125
• Configurable assets stream extensions by @kuzmany in #11474
• Fixing #12590 (form field select for M5) by @escopecz in #12618
• Fix Dynamic content block in email behaving differently in first save and edit [5.x] by @danadelion in #12637
• Send Webhook Contact ...