What's new in joomla 5.1?
Supply chain attack
To mitigate such an attack, it is necessary that the local Joomla site can verify that information about available updates was published by a trusted entity – the Joomla project). It should also be possible to check the integrity of the downloaded update package.
To do this, the software industry uses public/private key encryption: the developer publishes update information and signs it using his private key. The local Joomla instance stores a copy of the public key, allowing this signature to be verified. If the update information or signature has been changed, the check will fail. And if that update information also includes a hash (the “fingerprint” of the file) of the actual update package, the software can also verify that the package actually downloaded is the original file and has not been modified.
Thanks to TUF, Joomla can now prove the integrity of both update information and files. This makes future kernel updates tamper-proof. Even if attackers manage to gain access to the update server distributing information about available updates, they will not be able to forge a cryptographic signature confirming that this information was actually published by an official project.
TUF decides wide range of different problems , and also allows the Joomla project to securely add and remove authorized signing keys in the future. This is a strategic security decision for Joomla for many years to come.
For Joomla extension developers, nothing has changed yet. TUF is only supported for Joomla core updates.
Joomla 5 admin panel dark theme
A dark admin theme appeared in Joomla 5, however, almost immediately, requests for improvement began to arise. In particular, there was a lack of a switch between dark and light themes, which was solved with additional modules for the control panel.
Dark theme in Joomla 5.0.2:
Dark theme in Joomla 5.1:
In the style settings of the Joomla 5 – Atum admin panel template, a setting has been added to select a default theme. To do this, go to System – Control Panel Styles – Atum – “Color Options” tab
You need to go there and just save the settings. Then the theme switch will appear in the “My Profile” admin drop-down menu.
Before saving the Atum template parameters:
After saving, the option “Switch template theme” appears.
Welcome educational tour
A welcome tour has been created for new Joomla installations, which is designed to introduce newbies to the main sections of the admin panel.
Of course, you can’t learn Joomla in 6 steps. And the vast majority of experienced users do not need this. But for those who find themselves in the admin area for the first time, it may be useful. Similar tours are found in other engines, for example, in Moodle. Overall, this is a reminder that Joomla has this functionality and can be used to train new admin users. Well, creating a friendly atmosphere))
Support has been added to the process of creating tours checkbox, radio, select as objectives for the tour element.
SEO Settings in Joomla 5.1
2 new features have been added to the SEF plugin. One of them is related to index.php in the url, the second – with repeated slashes at the end of the address.
Usually these problems are solved by settings in the file .htaccess. But now we have added this functionality to the admin panel.
How to remove index.php from url in Joomla 5.1+?
Usually this problem appears due to the fact that after installation the “Redirect URL” parameter was not enabled in the general settings and was not renamed htaccess.txt V .htaccess for Apache server. Usually these two actions are enough. But in the event that under the influence of black magic index.php is not removed from the address – you can enable the parameter in the SEF plugin. As the tooltip to the option says, “Using the parameter is impossible if in the general site settings for the parameter Redirect URL value set No“
How to remove slashes at the end of URL in Joomla 5.1+?
Another useful option in the SEF plugin is the Trailing Slash in URL parameter. It has 3 possible values: “no change”, “force include at end” and “force exclude at end”. This is also usually resolved by the rules in .htaccessbut maybe someone will find it useful.
Also, in the general Joomla settings, a notification has been added that these settings exist and are located in the plugin System – SEF.
Added two new plugins for Schema.org: Custom and Article
In general, we need to remind you that Joomla 5 has a new type of plugins – schemaorg. They work together with the plugin Система - Schema.org.
Out of the box Joomla has the ability to specify Schema.org micro markup in the format json+ld. To do this, basic settings are specified in the system plugin, and type plugins add settings to the material and contact components. Added type Schema.org/Articleas well as type Custom (in the PR name it was listed as Generic, but then renamed to Custom). When you select this type, a field appears where you can manually specify the desired JSON micromarkup code.
Complete list of Schema.org micro markup plugins in Joomla 5.1
Improving the version of the site for the visually impaired in Joomla
The plugin for the visually impaired version appeared in Joomla 4. It meets the requirements WCAG – international recommendations for ensuring accessibility of content on the Internet. Their analogue is GOST R 52872-2019 “Internet resources and other information presented in electronic digital form. Applications for stationary and mobile devices, other user interfaces. Accessibility requirements for people with disabilities and other persons with disabilities” (former GOST R 52872-2012).
Improvements to the version for the visually impaired include a tool for checking content for accessibility (in materials). It allows you to detect and fix accessibility issues such as color contrast issues, missing tags, etc.
Support for new languages and automatic language detection based on the page language have also been added, and new parameters have been added to the plugin settings. The problem of supporting the JS codebase for two versions of Joomla was solved, since they were different.
Replacing Bootstrap modal with dialog
For ordinary Joomla users, this innovation is invisible. Outwardly, everything works the same as before. But for developers supporting the Joomla core, as well as for developers of Joomla extensions, a movement towards standardization of approaches within the core is visible.
Previously, I wrote an article Creating a custom Form field type in Joomla 5 using Modal Select as an example, which describes working with a new type of dialog boxes in Joomla 5.
CLI improvement
Joomla extensions update checking command
For the team php cli\joomla.php update:extensions:check Extended output of information about extension updates has been added to the CLI.
Added selection of kernel update source via CLI
Joomla allows you to update the core via the CLI, however, the component settings were used com_joomlaupdate. Now the ability to select an update server has been added to the CLI update command default, next, testing or custom. If specified customthen you also need to specify the parameter --url=<url> with a link to the xml manifest of kernel updates. More details in PR #42597.
Added a new trigger for plugins onAfterInitialiseRouter
Joomla allows you to change routing (URL construction) by adding rules to it. Until now, this was often done using a plugin and adding these rules on the event onAfterInitialise. However this creates a problem when we are not in the application SiteApplication and want to create a link because the router may not be created correctly. Quite often plugins check if the current application is an application SiteApplication, and if not, then they don't react. However, this means that when you are on the backend and create a link to the frontend, for example for an email newsletter, the URL may be incorrect because plugins with custom behavior did not bind that behavior to the router because they thought that are in the wrong context.
A new event has been added to Joomla 5.1 onAfterInitialiseRouter. This event is fired every time a router object is created (which should only be executed once per initialization) and allows plugins to add their logic regardless of the currently running application and, in particular, regardless of when the object was created. More details in PR #42692.
Increasing the “capacity” of subform fields
When creating subforms in custom fields for materials, contacts, etc. They often contained various kinds of tablets, which were convenient to fill out in this way. Joomla saves subform data in json and places it in the database. It would seem that everything is fine, but the field type value in the table #_fields_values was text. It contained quite a lot of information in Latin, but quite a bit in Cyrillic, since Cyrillic is translated into unicode. And for the same amount of text, the volume of stored data increases by a factor of 5. So the word текст in unicode format the escape looks like \u0442\u0435\u043A\u0441\u0442. Therefore, large forms in Russian did not fit into the database. Webmasters usually manually changed the field type in the database from text on mediumtext. But now this change has come to the core.
Validating Joomla Form Fields Using Regular Expressions
The set of validation rules classes can be found in libraries/src/Form/Rule. These rules are specified in xml forms and allow you to perform checks during the data saving process. Now we have added the ability to specify regular characters to check field values. More details in PR #42657.
FontAwesome and TinyMCE update
Now included in the core TinyMCE 6.8.3 and FontAwesome 6.5.1.
Full list of changes
Full list available on GitHub. It contains 247 accepted Pull Requests. Of these, 69 with a label Feature – new functionality of various sizes.
You can also read about innovations in Joomla 5.1 in the official magazine of the international Joomla community – Joomla Community Magazine: What's new in Joomla 5.1?.
