Drupal Release: 10.4.0-beta1

TL;DR

Drupal 10.4.0-beta1 introduces significant performance improvements, enhanced testing infrastructure, and better developer experience. This release focuses on optimizing CI pipelines, fixing security issues, improving accessibility, and enhancing the Navigation module. Key highlights include improved caching mechanisms, updated JavaScript dependencies (including jQuery UI 1.14.0), and numerous bug fixes. The release also brings new recipe capabilities with input prompting and config actions, making site building more flexible.

Highlight of the Release

• Updated to jQuery UI 1.14.0
• Improved performance of the user permissions page
• Enhanced recipe system with input prompting and flexible config actions
• Fixed workspaces publishing with thousands of items
• Added Views EntityReference filter for better UX with exposed filters
• Improved Navigation module with better logo handling and settings organization
• Optimized CI pipeline and testing infrastructure
• Fixed security issues including prevention of sensitive information leakage

Migration Guide

jQuery UI Update

If you're using jQuery UI in your custom code, be aware that Drupal has updated to jQuery UI 1.14.0. Review your JavaScript code that interacts with jQuery UI to ensure compatibility.

Workspaces and Content Moderation

The relationship between workspaces and content moderation has been fixed. If you're using both modules together, test your workflows to ensure they work correctly after updating.

Navigation Module Changes

The navigation module now stores the file path instead of ID for the navigation logo. If you have custom code that interacts with the navigation logo, you'll need to update it to work with the path instead of the ID.

Recipe System Changes

If you've created custom recipes, be aware that the recipe system has been enhanced with input prompting and flexible config actions. You may want to update your recipes to take advantage of these new features.

Caching Changes

Several caching mechanisms have been improved, including better handling of X-Drupal-Cache and X-Drupal-Dynamic-Cache headers. If you have custom code that interacts with these headers or caching in general, review it for compatibility.

Plugin Discovery

Error messages and exception handling for plugin discovery have been improved. If you're catching specific exceptions related to plugin discovery, review your code to ensure it still works as expected.

Upgrade Recommendations

Recommendation

This is a beta release, so it's recommended for testing environments only, not production sites. However, testing this beta in a development or staging environment is highly encouraged to help identify any issues before the final release.

Priority

Medium Priority - This beta release contains important performance improvements, security fixes, and new features that will be valuable in the final 10.4.0 release. Testing now will help ensure a smooth upgrade when the stable version is released.

Testing Focus Areas

1. Workspaces and Content Moderation: Test the interaction between these modules, especially with large numbers of items.
2. Navigation Module: Test the new NavigationLinkBlock plugin and logo handling.
3. Recipe System: Test the enhanced recipe capabilities, especially input prompting and config actions.
4. Performance: Test the performance improvements, especially on the permissions page and with route caching.
5. jQuery UI: Test any custom code that interacts with jQuery UI to ensure compatibility with version 1.14.0.

Preparation Steps

1. Create a complete backup of your site before testing.
2. Review the full release notes for any changes that might affect your custom code.
3. Test in a non-production environment first.
4. Update any custom modules that might be affected by the changes in this release.

Bug Fixes

Core System Fixes

• Fixed issue where single directory component CSS asset library wasn't picked up immediately after module install
• Fixed issue with trailing whitespace at the end of cache IDs
• Fixed DatabaseStorage readMultiple error when receiving empty array
• Fixed issue with workspaces and thousands of items not being able to publish
• Fixed sub workspace not clearing properly
• Fixed issue with workspaces and content moderation preventing deployment
• Fixed issue where creating a published moderated entity in a workspace made it published in Live

UI and Frontend Fixes

• Fixed machine name field auto-creation
• Fixed subpixel rounding issue causing dialog to resize unnecessarily
• Fixed Drupal Displace outputting invalid value for offset-right when opening top dialog
• Fixed JavaScript errors from Drupal.behaviors.activeLinks
• Fixed special menu items rendering as empty links in navigation
• Fixed header always showing in Claro even when regions are empty
• Fixed spacing issue between checkbox label and button
• Fixed inconsistencies in system-status-counter RTL styles
• Fixed CSS "form-item__label" inconsistency on node edit forms

CKEditor and Media Fixes

• Fixed CKEditor 5 show blocks label not being translated
• Fixed media image thumbnail incorrectly ending up as NULL
• Fixed issue with CKEditor 5 having its own border color

Other Fixes

• Fixed password_confirm children not picking up #states or #attributes
• Fixed issue with file count translation being incorrect
• Fixed APCu requirement for 32M checking wrong value
• Fixed JavaScript files added by AJAX responses only being optimized in maintenance mode
• Fixed issue with external applications being redirected to frontpage in maintenance mode
• Fixed issue with dotfiles being ignored when copied over in Starterkit

New Features

Enhanced Recipe System

• Added capability for recipes to prompt for input values
• Created flexible config actions to place blocks in admin or default themes
• Added config action to clone config entities
• Added ability to create entities for every bundle of another entity type
• Implemented option to prevent recipes' imported config from being compared too strictly

Navigation Module Improvements

• Added NavigationLinkBlock Plugin with Help as a usage example
• Improved navigation settings organization for better consistency
• Enhanced logo handling by storing file path instead of ID

Views Enhancements

• Added Views EntityReference filter for better UX with exposed filters
• Added taxonomy term view to tag_taxonomy recipe

Other New Features

• Added support for priority in needs_destruction service tag
• Implemented UUID as entity ID option
• Added method to enable resource type fields disabled by previous subscribers

Security Updates

Security Improvements

• Fixed maintenance pages leaking sensitive environment information (CVE not assigned)
• Fixed issue where module and theme names were not filtered on output
• Updated twig/twig to address a possible sandbox bypass vulnerability (CVE not assigned)
• Fixed StringFormatter always displaying links to entity even if the user in context does not have access
• Implemented SA-CORE-2024-002 security fix
• Fixed cacheability information from route access checker access results being ignored by dynamic_page_cache
• Improved error handling to prevent information disclosure

Performance Improvements

CI and Testing Performance

• Reduced CPU requirements for core GitLab pipelines
• Optimized test ordering by accounting for test type, number of methods, and data providers
• Split up large tests into smaller ones for better performance
• Reduced concurrency for unit tests and build tests
• Optimized Nightwatch job CPU requirements

Core Performance Improvements

• Implemented more efficient route lookup caching
• Improved performance of the user.permissions.js script running in /admin/people/permissions
• Ensured consistent ordering when calculating library asset order
• Merged the build and lint stages in core MR pipelines
• Merged test methods in FieldUIRouteTest for better performance
• Optimized ModuleConfigureRouteTest which was previously slow
• Improved caching mechanisms with better handling of X-Drupal-Cache and X-Drupal-Dynamic-Cache headers

Impact Summary

Drupal 10.4.0-beta1 represents a significant step forward in Drupal's evolution, focusing on performance, developer experience, and site building capabilities. The release brings substantial improvements to the CI pipeline and testing infrastructure, making development and testing more efficient.

The enhanced recipe system with input prompting and flexible config actions provides site builders with more powerful tools for creating and customizing sites. This is complemented by improvements to the Navigation module and the addition of a Views EntityReference filter for better UX with exposed filters.

Performance improvements are a major focus, with optimizations to route caching, the permissions page, and asset handling. Security has also been strengthened, with fixes for information leakage and better handling of user access.

The update to jQuery UI 1.14.0 brings Drupal's JavaScript foundation up to date, while numerous bug fixes improve stability and user experience across the platform. Accessibility improvements make the CMS more inclusive for all users.

For developers, the improved error messages and exception handling for plugin discovery, along with better documentation and code organization, make development more straightforward and efficient.

Overall, this beta release sets the stage for a more performant, secure, and developer-friendly Drupal 10.4.0 final release.