Code Igniter 4.5.8
24 January 2025
Code Igniter version 4.5.8 is now available (security release).
What's New in Code Igniter 4.5.8
Security
- Security fix: HTTP Validation of header name and value: Fixed a potential vulnerability on lack of proper header validation for its name and value. See the security advisory for more information. Credits to @neznaika0 for reporting.
- Security fix: ensure csrf token is string by @datlechin in #9365
Fixed Bugs
- gather affected rows after query call failed by @michalsn in #9363
Refactoring
- use more strict result check on preg_match_all() result by @samsonasik in #9361
- Fix phpstan if.condNotBoolean by @neznaika0 in #9368
- Fix phpstan when delete string key by @neznaika0 in #9369
- Fix phpstan greaterOrEqual.invalid by @neznaika0 in #9370
- Fix phpstan nullCoalesce by @neznaika0 in #9374
- Fix phpstan isset offset by @neznaika0 in #9383
- Fix phpstan return.missing by @neznaika0 in #9382
- Fix phpstan booleanAnd.rightAlwaysTrue by @neznaika0 in #9367
- Fix phpstan codeigniter.configArgumentInstanceof by @neznaika0 in #9390
- Use strtolower with str_contains/str_**_with as replacement for stripos by @paulbalandan in #9414