HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Drupal

>

Releases

>

Latest Release 10.5.1

Latest Release: 10.5.1

Tag Name: 10.5.1

Release Date: 6/26/2025

View Release
Drupal LogoDrupal

Highly flexible, open-source content management system known for complex, scalable web applications. Preferred by government, educational, and large enterprise websites requiring advanced customization and security features. Robust module ecosystem.

Open SourceDeveloper-FriendlyEnterprise

TL;DR

Drupal 10.5.1: Performance and Security Maintenance Release

This minor maintenance release for Drupal 10.5.x addresses several critical performance issues and security vulnerabilities. Key improvements include fixing a severe performance bottleneck in the tableresponsive.js script that was causing significant page load delays on the extensions page, and addressing potential security risks related to PHP object unserialization in the configuration system. This release also includes several bug fixes for file handling and URI generation.

Highlight of the Release

    • Fixed a major performance issue in tableresponsive.js that was causing slow page loads on the extensions page
    • Addressed security vulnerabilities related to PHP object unserialization in the configuration system
    • Improved file handling and URI generation in core modules
    • Fixed Composer compatibility issues with the phpcodesniffer-composer-installer

Migration Guide

No specific migration steps are required for this maintenance release. This is a standard bugfix release that maintains backward compatibility with Drupal 10.5.0.

However, if you're experiencing issues with the phpcodesniffer-composer-installer package, you may need to update your composer dependencies after upgrading to 10.5.1.

Upgrade Recommendations

It is strongly recommended to update to Drupal 10.5.1 as soon as possible, especially if you're currently running Drupal 10.5.0. This release contains important performance improvements and security fixes that affect core functionality.

The update process should be straightforward:

  1. Back up your database and site files
  2. Update Drupal core using Composer: 
    composer update drupal/core-recommended --with-all-dependencies
  3. Run database updates: 
    drush updatedb
  4. Clear caches: 
    drush cache:rebuild

If you're managing Drupal with other methods, follow the standard update procedures in the Drupal documentation.

Bug Fixes

  • Extensions Page Performance: Fixed a critical issue in tableresponsive.js that was causing extremely slow page load times on the extensions page (Issue #3521884)

  • Database Connection Serialization: Resolved a LogicException that occurred when attempting to serialize database connections (Issue #2987548)

  • File and Image Field Sample Values: Fixed issues with ImageItem and FileItem generateSampleValue methods that were creating invalid URIs (Issue #3471194)

  • File Upload Tests: Corrected FileSaveUploadTest to prevent writing to the application root directory (Issue #3455183)

  • Composer Compatibility: Fixed compatibility issues with the dealerdirect/phpcodesniffer-composer-installer package when updating from v1.0.0 to v1.1.0 (Issue #3532187)

New Features

No new features were added in this maintenance release. Drupal 10.5.1 focuses on bug fixes, performance improvements, and security enhancements to the existing functionality introduced in Drupal 10.5.0.

Security Updates

  • Configuration System: Improved security in the configuration system by cleaning up unsafe uses of PHP's unserialize() function, which could potentially lead to security vulnerabilities (Issue #3525174)

  • File Handling: Enhanced security in file handling operations by fixing issues with URI generation and preventing file writes to unauthorized locations (Issue #3455183)

Performance Improvements

  • Extensions Page Loading: Significantly improved page load times for the extensions page by fixing a performance bottleneck in tableresponsive.js. This issue was causing the browser to become unresponsive when viewing pages with many extensions (Issue #3521884)

  • Database Connection Handling: Enhanced the handling of database connections to prevent serialization issues, which improves overall system stability and performance (Issue #2987548)

Impact Summary

Drupal 10.5.1 is a maintenance release that addresses several important issues affecting performance, security, and stability. The most significant impact comes from fixing a severe performance bottleneck in tableresponsive.js that was causing the extensions page to load extremely slowly or even freeze browsers on sites with many extensions.

The security improvements to the configuration system's handling of unserialized data reduce potential attack vectors, making sites more secure against certain types of exploits. The fixes for file handling and URI generation improve the reliability of file-related operations throughout the system.

This release also includes several maintainer changes for core modules, which doesn't affect functionality but reflects changes in the project's maintenance structure.

Overall, this update provides substantial performance and security benefits with minimal risk, making it an important update for all Drupal 10.5.x sites.

Statistics:

File Changed15
Line Additions150
Line Deletions24
Line Changes174
Total Commits10

User Affected:

  • Will experience significantly improved performance when browsing the extensions page
  • Should update to address security vulnerabilities in the configuration system
  • Will benefit from more reliable file handling and URI generation

Contributors:

xjmlarowlanalexpott