Release 26.05.14-01

Release: v26.05.11-01 → v26.05.14-01

Caution

Rollback Warning: This release contains an irrevertable change that is non-trivial to rollback from.

• Push Publish: Bundles now carry dotStyleProperties and Style Editor schemas; receivers persist data that older senders/receivers did not write. (#35659)

Features & Enhancements

• Content Analytics: Split the docker-compose-examples/analytics stack into a dedicated experiments/ directory and redirected CA infrastructure setup to the new dot-ca-event-manager repo. (#35624, #35678)
• Content Analytics: Renamed DOT_ANALYTICS_CUSTOMER_ID → DOT_ANALYTICS_TENANT and DOT_ANALYTICS_ENVIRONMENT → DOT_ANALYTICS_PROJECT (and the upstream ?environment= query param to ?project=) to align with Platform Team naming conventions. (#35662)
• Queue: Added a cloud-agnostic DotQueuePublisher abstraction with DOT_QUEUE_PROVIDER config-driven selection, shipping SqsQueuePublisher and a default NoOpQueuePublisher. (#35628)
• Folder Resource: Added offset and limit query parameters to POST /api/v1/folder/byPath, replacing the silent 20-row truncation with paginated subfolder results (default 40, -1 for unlimited up to a 10000 safety cap). (#35618)
• Maintenance Portlet: Added DELETE /api/v1/maintenance/_contentlets REST endpoint for bulk contentlet destruction, replacing the legacy DWR path. (#35233)
• Analytics Dashboard: Added getContentAttribution and getConversionsOverview service methods plus refactored conversions state for the new dashboard charts. (#35657)
• API Documentation: Expanded OpenAPI descriptions for NavResource, ContentTypeResource, TempFileResource, and WorkflowResource to better serve AI agents and API consumers. (#35382)

Fixes and Known Issues

• Edit Content: Dismissing the unsaved-changes dialog via the X icon or ESC key now keeps the user on the editor instead of discarding their work. (#35646)
• Edit Content: Switching content items of the same type and translating manually between locales now properly clear stale field state (binary/image, date picker, relationship, and custom fields). (#35596)
• Edit Content: Required Custom Fields left empty now show the standard "This field is mandatory" inline message and a red border, exposed via new getValidationState() and onValidationChange() methods on DotCustomFieldApi. (#35653)
• SDK Client: client.page.get({ mode: 'EDIT' | 'PREVIEW' }) now correctly translates UVE_MODE keys to backend PageMode values, so preview/edit modes no longer silently fall back to LIVE. (#35656)
• OpenSearch Migration: Startup connectivity failures are now hard errors that trigger an emergency haltMigration() reset to phase 0; hasEmptyIndices() is phase-aware; thread-unsafe SimpleDateFormat replaced with DateTimeFormatter in ESIndexResource. (#35632)
• CSV Import: Tag processing now uses a diff-based approach under a SELECT ... FOR UPDATE row lock and propagates exceptions, eliminating a race condition that produced tag unions and silently swallowed failures. (#35648)
• Categories API: Single quotes in category names are now escaped in the recursive path SQL literal, fixing "Unterminated identifier" errors on /api/v1/categories/children and closing a SQL injection vector. (#35676)
• Page Cache: Vanity URL 200-forward responses now include the original request URI in the cache key, preventing different vanity-forwarded URLs that resolve to the same detail page from serving each other's cached content. (#35704)
• Permissions: PermissionBitFactoryImpl.loadPermissions() no longer caches empty walk-up results, preventing intermittent 401s on public pages after Push Publishing. (#35684)
• Template Builder: Templates portlet wrapper no longer echoes layout changes synchronously back to the designer, fixing column reordering and row duplication after row deletion. (#35698)
• Legacy Edit Content UI: Tag chips in the legacy Dojo edit screen now grow to fit their full text instead of being clipped at 112px. (#35667)
• dotAI: Default embeddings search threshold lowered from 0.5 to 0.25 across backend constants and frontend defaults. (#35660)
• UVE: Fixed auto-expand of tabs on style editor changes. (#35689)
• Block Editor 2.0: Follow-up improvements and bug fixes. (#35691)

Infrastructure & Security

• CI/CD: Docker :latest push and "Next Release" issue relabeling in the -6 Release Process workflow are now gated to main-branch dispatches only. (#35652)
• TipTap: Pinned @tiptap/core via resolutions and promoted @tiptap/extension-code-block to a direct dependency to unblock yarn nx serve dotcms-ui after the Block Editor 2.0 merge. (#35685)
• SDK: Bumped SDK VERSION from 1.5.2 to 1.5.3 to keep trunk @next builds ahead of @latest. (#35562)
• Tooling: gh-issue-troubleshoot slash command now auto-registers new integration tests in the correct JUnit 4/5 suite file. (#35644)

dotcms-cli - 26.05.14-01

Changelog

• bd50cbd 🏁 Publishing dotCLI release version [26.05.14-01]

Contributors

We'd like to thank the following people for their contributions:

• dotCMS-Machine-User

Release 25.07.10_lts_v9

v25.07.10_lts_v9

🏁 Publishing release version [25.07.10_lts_v9]

Release 25.07.10_lts_v10

v25.07.10_lts_v10

🏁 Publishing release version [25.07.10_lts_v10]

Release 24.12.27_lts_v20

v24.12.27_lts_v20

🏁 Publishing release version [24.12.27_lts_v20]

Release 24.12.27_lts_v19

v24.12.27_lts_v19

🏁 Publishing release version [24.12.27_lts_v19]

Release 26.05.11-01

Release: v26.05.08-01 → v26.05.11-01

Features & Enhancements

• UVE: Editing a contentlet from the Universal Visual Editor now opens the new Angular-based edit content dialog when the content type has the new editor feature flag enabled, with the legacy dialog as fallback. (#35572)
• Tooling: Adds a /check-release-rollback Claude Code slash command that classifies PRs between two release tags as safe/unsafe to rollback and returns a YES/NO/CONDITIONAL verdict. (#35620)

Infrastructure & Security

• Security: Adds a docs/security/SI-75/test-si75-vuln.sh script that probes /api/auditPublishing/getAll to determine whether a dotCMS instance is patched against the SI-75 SQL injection vulnerability. (#35645)

dotcms-cli - 26.05.11-01

Changelog

• d97d9bc 🏁 Publishing dotCLI release version [26.05.11-01]

Contributors

We'd like to thank the following people for their contributions:

• dotCMS-Machine-User

Release 26.05.08-01

Release: v28.05.08-01 → v26.05.08-01

No user-facing changes in this release.

Release 26.04.11-04

Release: v28.05.08-01 → v26.04.11-04

Fixes and Known Issues

• Vanity URLs: Restored the trailing slash on /c/ in BACKEND_FILTERED_COLLECTION so VanityURLFilter no longer skips resolution for any URL starting with the letter "c" (e.g. /calculators, /contact). (#35354)