All notable changes to this project will be documented in this file, per the Keep a Changelog standard, and will adhere to Semantic Versioning.
Unreleased - TBD
2.2.6 - 2024-08-28
Note that this release bumps the WordPress minimum version from 5.7 to 6.4.
- Bump WordPress "tested up to" version to 6.6 (props @sudip-md, @ankitguptaindia, @jeffpaul via #212, #213).
- Bump WordPress minimum from 5.7 to 6.4 (props @sudip-md, @ankitguptaindia, @jeffpaul via #212, #213).
- Add svg sanitization on the
wp_handle_sideload_prefilter
filter (props @dkotter, @xknown, @iamdharmesh via GHSA-3vr7-86pg-hf4g). - Bump
braces
from 3.0.2 to 3.0.3,pac-resolver
from 7.0.0 to 7.0.1,socks
from 2.7.1 to 2.8.3,ws
from 7.5.9 to 7.5.10 and removeip
(props @dependabot, @Sidsector9 via #206). - Bump
axios
from 1.6.7 to 1.7.4 (props @dependabot, @faisal-alvi via #218).
2.2.5 - 2024-06-27
- New filter,
safe_svg_current_user_can_upload
, allowing more control over who can upload SVG files (props @dkotter, @iamdharmesh via #193).
- Fatal error when applying the
admin_post_thumbnail_html
filter with just two arguments (props @kmgalanakis, @dkotter, @liz1kiweno via #196). - Prevent PHP fatal error when the value of the filtered block categories is not an array (props @kmgalanakis, @dkotter, @cguidog via #200).
- Handled PHP warning when the
$image_meta
is not an array (props @faisal-alvi, @dkotter, @drazenbebic, @kirtangajjar via #203).
- Added a "Testing" section in the
CONTRIBUTING.md
file (props @kmgalanakis, @jeffpaul via #197). - Added the Repo Automator GitHub Action (props @iamdharmesh, @jeffpaul via #198).
2.2.4 - 2024-03-28
- Upgrade the
download-artifact
from v3 to v4 (props @iamdharmesh, @jeffpaul via #181). - Replaced
lee-dohm/no-response
withactions/stale
to help with closing no-response/stale issues (props @jeffpaul, @dkotter via #183).
- Ensure the svg file can be loaded before we try accessing it's attributes (props @dkotter, @metashield-ie, @ocean90, @darylldoyle, @faisal-alvi via #186).
- Ensure we don't throw JS errors in the Classic Editor when the optimizer feature is turned on (props @dkotter, @turtlepod, @faisal-alvi via #187).
- Bump
webpack-dev-middleware
from 5.3.3 to 5.3.4 (props @dependabot, @dkotter via #185). - Bump
express
from 4.18.2 to 4.19.2 (props @dependabot, @dkotter via #188).
2.2.3 - 2024-03-20
- Bump WordPress "tested up to" version 6.5 (props @dkotter, @jeffpaul via #180).
- Clean up NPM dependencies and update node to v20 (props @Sidsector9, @dkotter via #172).
- Refactor the
svg_dimensions
function to be more performant (props @sksaju, @cjyabraham, @bmarshall511, @Hercilio1, @darylldoyle via #154, #174). - Address fatal JS error when optimization is enabled and an item is published without blocks (props @psorensen, @tictag, @dkotter via #173).
- Bump
axios
from 0.25.0 to 1.6.2 and@wordpress/scripts
from 26.0.0 to 26.18.0 (props @dependabot, @ravinderk via #166). - Bump
follow-redirects
from 1.15.3 to 1.15.6 andip
from 1.1.8 to 1.1.9 (props @dependabot, @dkotter via #169, #177).
2.2.2 - 2023-11-21
- Bump WordPress "tested up to" version 6.4 (props @qasumitbagthariya, @jeffpaul via #162, #163).
- Ensure CSS applies properly to the SVG Icon block when added via
theme.json
(props @tobeycodes, @dkotter via #161).
2.2.1 - 2023-10-23
- Update to
apiVersion
3 for our SVG Icon block (props @fabiankaegy, @ravinderk, @jeffpaul, @dkotter via #133).
- Address an error due to the SVG Icon block using the
fill-rule
attribute (props @zamanq, @jeffpaul, @iamdharmesh via #152).
- Bump
postcss
from 8.4.20 to 8.4.31 (props @dependabot, @faisal-alvi via #155). - Bump
@cypress/request
from 2.88.12 to 3.0.1 andcypress
from 10.11.0 to 13.3.0 (props @dependabot, @ravinderk via #156). - Bump
@babel/traverse
from 7.20.12 to 7.23.2 (props @dependabot, @iamdharmesh via #158).
2.2.0 - 2023-08-21
- New settings that give the ability to select which user roles can upload SVG files (props @dhanendran, @csloisel, @faisal-alvi, @dkotter via #76).
- SVG optimization during upload via SVGO. Feature is disabled by default but can be enabled using the
safe_svg_optimizer_enabled
filter (props @gsarig, @peterwilsoncc, @Sidsector9, @darylldoyle, @faisal-alvi, @dkotter, @ravinderk via #79, #145). - Spacing and color controls added to SVG block (props @bmarshall511, @iamdharmesh via #135).
- Mochawesome reporter added for Cypress test report (props @jayedul, @peterwilsoncc via #124).
- Update Support Level from
Active
toStable
(props @Sidsector9, @iamdharmesh via #100). - Update name of SVG block from Safe SVG Icon to Inline SVG (props @bmarshall511, @iamdharmesh via #135).
- Bump WordPress "tested up to" version 6.3 (props @dkotter, @jeffpaul via #144).
- Update the Dependency Review GitHub Action (props @jeffpaul, @Sidsector9 via #128).
- Add namespace to the
class_exists
check (props @szepeviktor, @iamdharmesh via #120). - Ensure Sanitizer class is properly imported (props @szepeviktor, @iamdharmesh via #121).
- Remove an unneeded global (props @szepeviktor, @iamdharmesh via #122).
- Use absolute path in require (props @szepeviktor, @iamdharmesh via #123).
- Ensure custom classname added to SVG block is output on the front-end (props @bmarshall511, @Sidsector9, @dkotter via #130).
- Ensure
SimpleXML
exists before using it (props @sdmtt, @faisal-alvi via #140). - Fix markdown issues in the readme (props @szepeviktor, @iamdharmesh via #119).
- Bump
semver
from 5.7.1 to 5.7.2 (props @dependabot via #134). - Bump
word-wrap
from 1.2.3 to 1.2.5 (props @dependabot via #141). - Bump
tough-cookie
from 4.1.2 to 4.1.3 and@cypress/request
from 2.88.10 to 2.88.12 (props @dependabot via #146).
2.1.1 - 2023-04-05
- Upgrade
@wordpress
npm package dependencies (props @ggutenberg, @Sidsector9 via #108). - Bump WordPress "tested up to" version 6.2 (props @ggutenberg, @Sidsector9 via #108).
- Run our E2E tests on the zip generated by "Build release zip" action (props @jayedul, @dkotter via #106).
- Only load our block CSS if a page has the SVG block in it and remove an extra slash in the CSS file path. Remove an unneeded JS block file (props @dkotter, @freinbichler, @IanDelMar, @ocean90, @Sidsector9 via #112).
- Better error handling for environments that don't match our minimum PHP version (props @dkotter, @ravinderk via #111).
2.1.0 - 2023-03-22
- An SVG Gutenberg Block (props @faisal-alvi, @Sidsector9, @cr0ybot, @darylldoyle, @cbirdsong, @jeffpaul via #80).
- "Build release zip" GitHub Action (props @iamdharmesh, @dkotter, @faisal-alvi via #87).
- Bump minimum PHP version from 7.0 to 7.4 (props @iamdharmesh, @peterwilsoncc, @vikrampm1 via #82).
- Bump minimum WordPress version from 4.7 to 5.7 (props @iamdharmesh, @peterwilsoncc, @vikrampm1 via #82).
- Bump WordPress "tested up to" version 6.1 (props @iamdharmesh, @peterwilsoncc via #85).
- Updates the underlying sanitisation library to pull in a security fix (props @darylldoyle, @faisal-alvi, @Cyxow via #105).
- Bump
got
from 10.7.0 to 11.8.5 (props @dependabot via #83). - Bump
@wordpress/env from
4.9.0 to 5.6.0 (props @dependabot via #83). - Bump
simple-git
from 3.9.0 to 3.16.0 (props @dependabot via #88, #99). - Bump
loader-utils
from 2.0.2 to 2.0.4 (props @dependabot via #92). - Bump
json5
from 1.0.1 to 1.0.2 (props @dependabot via #91). - Bump
decode-uri-component
from 0.2.0 to 0.2.2 (props @dependabot via #93). - Bump
markdown-it
from 12.0.4 to 12.3.2 (props @dependabot, @peterwilsoncc via #94). - Bump
@wordpress/scripts
from 19.2.4 to 25.1.0 (props @dependabot, @peterwilsoncc via #94). - Bump
http-cache-semantics
from 4.1.0 to 4.1.1 (props @dependabot, @peterwilsoncc via #101). - Bump
webpack
from 5.75.0 to 5.76.1 (props @dependabot, @faisal-alvi via #103). - Bump
svg-sanitizer
from 0.15.2 to 0.16.0 (props @darylldoyle, @faisal-alvi, @Cyxow via #105).
2.0.3 - 2022-09-01
- More robust PHP testing (props @iamdharmesh, @faisal-alvi via #71, #73).
- Addressed PHPCS errors (props @iamdharmesh, @faisal-alvi via #73).
2.0.2 - 2022-06-27
- Dependency security scanning (props @jeffpaul via #60).
- End-to-end testing with Cypress (props @iamdharmesh via #64).
- Redundant premium version upgrade link (props @ocean90, @peterwilsoncc via #61).
- Unneeded admin CSS fix for featured images (props @AdamWills, @dkotter, @peterwilsoncc via #63).
2.0.1 - 2022-04-19
- Documentation updates (props @jeffpaul, @peterwilsoncc via #50).
- Ensure our height and width attributes are set before using them (props @dkotter, @r8r, @jerturowetz, @cadic via #51)
- Support for installing via packagist.org (props @roborourke, @peterwilsoncc via #52).
2.0.0 - 2022-04-06
- New filter,
safe_svg_use_width_height_attributes
, that can be used to change the order of attributes we use to determine the SVG dimensions (props @dkotter, @peterwilsoncc via #43).
- Documentation updates (props @j-hoffmann, @jeffpaul, @Zodiac1978 via #39, #42).
- Use the
viewBox
attributes first for image dimensions. Ensure we don't use image dimensions that end with percent signs (props @dkotter, @peterwilsoncc via #43). - Make sure we use the full size SVG dimensions rather than the requested size, to avoid wrong sizes being used and duplicate height and width attributes (props @dkotter, @cadic via #44).
- Ensure the
tmp_name
andname
properties exist before we use them (props @dkotter, @aksld via #46).
1.9.10 - 2022-02-23
Note that this release bumps the WordPress minimum version from 4.0 to 4.7 and the PHP minimum version from 5.6 to 7.0.
- Bump WordPress minimum version from 4.0 to 4.7 (props @cadic via #32).
- Bump PHP minimum version from 5.6 to 7.0 (props @mehidi258, @iamdharmesh, @amdd-tim, @darylldoyle, @jeffpaul via #20).
- Update
enshrined/svg-sanitize
from 0.13.3 to 0.15.2 (props @mehidi258, @iamdharmesh, @amdd-tim, @darylldoyle, @jeffpaul, @cadic via #20, #29). - Bump WordPress version "tested up to" 5.9 (props @BBerg10up, @jeffpaul, @cadic via #14, #27).
- Updated library location and added a new build step (props @darylldoyle, @dkotter via #35, #36).
- Updated plugin assets and added docs and repo management workflows via GitHub Actions (props Brooke Campbell, @jeffpaul via #16, #26).
- Double slash being added in SVG file URL for newer uploads (props @mehulkaklotar, @smerriman via #19).
- Float value casting for SVGs when fetching width and height (props @mehulkaklotar, @smerriman via #19).
- Use calculated size for SVGs instead of using
false
(props @dkotter, @darylldoyle, @fritteli via #23). - Add better file type checking when looking for SVG files (props @davidhamann, @dkotter, @darylldoyle via #28).
1.9.9 - 2020-05-07
- Issue where 100% width is accidentally converted to 100px width (props @joehoyle).
1.9.8 - 2020-05-07
- Underlying library update.
1.9.7 - 2019-12-10
- Underlying library update.
1.9.6 - 2019-11-07
- Underlying library update that fixes a security issue.
1.9.5 - 2019-11-04
- Underlying library update that fixes some security issues.
1.9.4 - 2019-08-21
- Bug causing lots of error log output to do with
safe_svg::fix_direct_image_output()
.
1.9.3 - 2019-02-19
- Bug causing 0 height and width SVGs.
1.9.2 - 2019-02-14
- Warning about an Illegal string offset.
- Issue if something other than a WP_Post object is passed in via the
wp_get_attachment_image_attributes
filter.
1.9.1 - 2019-01-29
- Warning that was being generated by a change made in 1.9.0.
1.9.0 - 2019-01-03
- If an image is the correct ratio, allow skipping of the crop popup when setting header/logo images with SVGs.
1.8.1 - 2018-11-22
- Don't let errors break upload if uploading an empty file.
- Featured image display in Gutenberg. Props @dmhendricks :)
1.8.0 - 2018-11-04
- Pull SVG dimensions from the width/height or viewbox attributes of the SVG.
- role="img" attribute to SVGs.
1.7.1 - 2018-10-01
- Underlying lib and added new filters for filtering allowed tags and attributes.
1.7.0 - 2018-10-01
- Allow devs to filter tags and attrs within WordPress.
1.6.1 - 2018-03-17
- Images will now use the size chosen when inserted into the page rather than default to 2000px everytime.
1.6.0 - 2017-12-20
- Fairly big new feature - The library now allows
<use>
elements as long as they don't reference external files!
- You can now also embed safe image types within the SVG and not have them stripped (PNG, GIF, JPG).
1.5.3 - 2017-11-16
- 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry!
1.5.2 - 2017-11-15
- Tested with 4.9.0.
- Issue with SVGs when regenerating media.
1.5.1 - 2017-08-21
- PHP strict standards warning.
1.5.0 - 2017-06-20
- Library update.
- role, aria- and data- attributes are now whitelisted to improve accessibility.
1.4.5 - 2017-06-18
- Library update.
- Issues with defining the size of an SVG.
1.4.4 - 2017-06-07
- SVGs now display as featured images in the admin area.
1.4.3 - 2017-03-06
- WordPress 4.7.3 Compatibility.
- Expanded SVG previews in media library.
1.4.2 - 2017-02-26
- Check / fix for when mb_* functions are not available.
1.4.1 - 2017-02-23
- Underlying library to allow attributes/tags in all case variations.
1.4.0 - 2017-02-21
- Ability to preview SVG on both grid and list view in the wp-admin media area.
- Underlying library version.
1.3.4 - 2017-02-20
- SVGZ uploads failing and not sanitising correctly.
1.3.3 - 2017-02-15
- Allow SVGZ uploads.
1.3.2 - 2017-01-27
- Mime type issue in 4.7.1. Mad props to @LewisCowles1986.
1.3.1 - 2016-12-01
- Underlying library version.
1.3.0 - 2016-10-10
- Minify SVGs after cleaning so they can be loaded correctly through
file_get_contents
.
1.2.0 - 2016-02-27
- Support for camel case attributes such as viewBox.
1.1.1 - 2016-07-06
- Issue with empty svg elements self-closing.
1.1.0 - 2015-07-04
- I18n.
- da, de, en, es, fr, nl, and ru translations.
- Issue with filename not being pulled over on failed uploads.
1.0.0 - 2015-07-03
- Initial Release.