Movable Type 8.5.0 Release Notes
This version of Movable Type was released February 19, 2025.
This version is an internal release.
New and improved features
- Updated Smarty from 4.5.3 to 4.5.5 (MTC-29974)
- Updated extlib CPAN modules (MTC-29847)
CGI.pm
(4.61 → 4.66)Crypt::URandom
(0.39 → 0.40)Email::Date::Format
(1.005 → 1.008)IO::Socket::IP
(0.41 → 0.42)LWP::Protocol::https
(6.12 → 6.14)LWP::UserAgent
(6.76 → 6.77)Math::BigInt
(2.003002 → 2.003003)MIME::EncWords
(1.014003 → 1.015)MIME::Types
(2.24 → 2.26)parent
(0.241 → 0.242)Try::Tiny
(0.31 → 0.32)URI
(5.25 → 5.29)version
(0.9930 → 0.9933)
- Added support for MySQL
caching_sha2_password
authentication (MTC-29715) - Updated
MTBlockEditor
to 1.2.5 (MTC-29995) - Updated
MFA
(Multi-Factor Authentication) plugin to 1.0.5 (MTC-30060) - Added the environment variable
AllowTestModifier
to disable"test"
modifiers such asMTIf
(MTC-29824) - Moved the
HTML::Entities::Numbered
module bundled in theWXRImporter
plugin toextlib
(MTC-29857) - Enabled specifying a date range when downloading logs as CSV from the admin screen (SUPPORT-432)
- Included detailed metadata (
log_metadata
) in CSV logs downloaded from the admin screen (SUPPORT-431) - Reviewed and optimized the processing of
MT::Permission
to improve the response time of the admin screen (MTC-29836) - Prevented unnecessary permission processing for system administrators to improve performance (MTC-29832)
Resolved issues
- Fixed an issue where pasting multi-line text in
TinyMCE6
did not convert line breaks to<br>
elements (MTC-30072) - Removed unnecessary files included in the package (MTC-30173)
- Fixed an issue where the error
'mt.mt_config' doesn't exist
occurred whenmt-config.cgi
already existed, but the database did not (MTC-28991) - Enabled default settings for converting Japanese file names and automatically correcting image orientation when uploading profile images (MTC-30005)
- Fixed an issue where some images and thumbnails did not display correctly when metadata indicated a 90-degree or 270-degree rotation (MTC-29971)
- Fixed an issue where the modal did not close when pressing the cancel button in the image editing modal (MTC-29850)
- Fixed an issue where ContentType user-specific archives were not fully rebuilt in some cases (MTC-29907)
- Fixed an issue where the selection behavior in
Entry > Asset/Image Insertion > List
did not function correctly (MTC-29210) - Fixed an issue where canceling during image editing initialization displayed an
"Invalid request"
error (MTC-29991) - Fixed an issue where determining images containing metadata took too long (MTC-29993)
- Fixed an issue where inserting images using the old block editor caused an error when specifying a thumbnail width (MTC-29967)
- Fixed an issue where menu display control via theme files was not functioning (MTC-29893)
- Made it easier to extend display conditions for menu actions and user actions via plugins (MTC-29900)
- Stopped using the deprecated
"window.unload"
event in Chrome browser (MTC-29851) - Modified
tools/rebuild-pages
to suppress error output.LWP::UserAgent::Local
will be deprecated in a future version (MTC-29932) - Fixed an issue where modules related to
MT::Mail::MIME
did not log errors occurring during email rendering (MTC-29408) - Added a deprecation warning for conditional branching using
image_defaults
, which was removed and is no longer used in MT7 (MTC-29969) - Fixed an issue where the timing of calling the
listReady
event in the common list screen differed from the previous behavior in Svelte (MTC-29915) - Fixed an issue in the Svelte-based user list screen where pressing the minus button in the
"Username"
filter item did not remove the filter item (MTC-29928) - Fixed an issue in the Svelte common list screen where applying a created filter using
filter_key
did not set the parameter in the input field (MTC-29925) - Fixed an issue where the confirmation dialog was not displayed when pressing the browser’s back button after adding or deleting rows in the Table ContentField (MTC-29965)
- Fixed an issue where the settings for adding and deleting rows and columns in the Table ContentField on the ContentType edit screen were reversed (MTC-29839)
- Supported hash reference parameters in
filtered_list
(MTC-29945) - Fixed an issue in DataAPI where a warning for an undefined value was displayed when the appropriate authentication header was not provided (MTC-29941)
- Prevented warnings for undefined values when outputting performance logs (MTC-29950)
- Fixed an issue where
CustomFields::Util::get_meta
caused a rebuild error when receiving invalid input data (MTC-29939) - Fixed an issue where an error occurred within callbacks when deleting invalid ContentFields (MTC-29940)
- Fixed an issue where the MT tag
"MTElseIf"
did not inherit indices or keys during static publishing (MTC-25927) - Fixed an issue where the admin screen search became inaccurate when underscores were included (MTC-26724)
- Fixed an issue where changes made in the tag list screen were not always reflected (MTC-29842)
- Fixed SQLite test processing (MTC-29901)
- Fixed an issue where rebuild triggers caused an internal callback error under certain conditions (MTC-29904)
- Fixed multilingual support code embedded in
MT::Util
(MTC-29793) - Fixed an issue where pressing the
"Edit Image"
button from the asset edit screen opened two modals (MTC-29849) - Fixed an issue where the mobile dashboard did not display correctly (MTC-29665, MTC-29877)
- Removed unnecessary links and reorganized links in the footer (MTC-29882)
- Fixed an issue where
"MTIfArchiveType"
did not function correctly in some ContentType listing archives (MTC-29843) - Improved performance of ContentType-related permission processing in the site list widget on the dashboard (MTC-29873)
- Fixed an issue where warnings appeared when
mt-config.cgi
was generated if the wizard input contained Japanese characters (MTC-29831) - Fixed an issue where thumbnails in the image edit screen did not display correctly after upload depending on the image size (MTC-29840)
- Fixed an issue where long text in radio buttons within the
"Set Publish Profile"
dialog on the template edit screen did not wrap properly (MTC-29174) - Fixed an issue where
mt-search.cgi
did not complete processing when a large number of request parameters were sent (MTC-29943) - Revised the parameter processing method in
Data API
to prevent performance impact (MTC-29962) - Revised the parameter processing method in comments to prevent performance impact (MTC-29955)
- Revised the search parameter processing method in
mt-search.cgi
to improve processing time for certain parameters (MTC-29961) - Revised the parameter processing method in the search script to prevent performance impact (MTC-29953)
Movable Type Advanced
- Added a feature to automatically grant admin screen login permissions to users created via CSV batch registration (MTC-26340)
- Fixed an issue where some parameters were not saved in the LDAP-related settings screen (MTC-29844)
- Fixed an issue where an error occurred in the setup wizard if the
LDAPGroupMemberAttribute
environment variable was set incorrectly (MTC-12191) - Fixed an issue where searching for users via LDAP returned empty lines under certain configurations (MTC-12127)
Dynamic Publishing
- Fixed an issue where PHP could be executed even when the environment variable
DynamicTemplateAllowPHP
was set to0
while using dynamic publishing (MTC-29973) - Fixed an issue where filtering with the
tag
modifier did not work correctly when tag names contained"AND"
or"OR"
in dynamic publishing (MTC-28118) - Ensured that the correct error is returned when the
Contents
tag specifies onlyblog_id
and no content type is found in dynamic publishing (MTC-29821) - Fixed an issue where
MTContentCalendar
did not applycontent_type
even when specified in dynamic publishing (MTC-29820) - Fixed an issue where
{{theme_static}}
caused a PHP error (MTC-29585) - Fixed an issue where the
tag
modifier did not correctly evaluate as anOR
condition when specified with a comma","
delimiter (MTC-28119) - Fixed an issue where
AND
orOR
conditions containing private tags in thetag
modifier did not work unless the private tag was specified first (MTC-28120)
JavaScript Library Updates
- Updated
Svelte
from 4.2.18 to 4.2.19 (MTC-29926) - Updated
a-table.js
from 1.5.9 to 1.5.10 (MTC-29854)
Security fixes and improvements
- Updated
TinyMCE6
included in theTinyMCE6
plugin from 6.8.4 to 6.8.5 (MTC-29922) - Updated
jQuery Migrate
from 3.4.1 to 3.5.2 (MTC-29910) - Fixed a cross-site scripting vulnerability caused by object embedding when using the
TinyMCE6
plugin inMT Block Editor
(CVE-2025-24841, MTC-29997) - Fixed a cross-site scripting (XSS) issue in the custom block editing screen of
MT Block Editor
(CVE-2025-22888, MTC-29937) - Fixed a cross-site scripting issue in the user information editing screen (CVE-2025-25054, MTC-30057)
Deprecated features
- Removed
__mode=regenerate_site_stats_data
(MTC-29838)