Code Igniter 4.5.8

24 January 2025

Code Igniter version 4.5.8 is now available (security release).

What's New in Code Igniter 4.5.8

• Security fix: HTTP Validation of header name and value: Fixed a potential vulnerability on lack of proper header validation for its name and value. See the security advisory for more information. Credits to @neznaika0 for reporting.
  
• Security fix: ensure csrf token is string by @datlechin in #9365
  

• gather affected rows after query call failed by @michalsn in #9363
  

• use more strict result check on preg_match_all() result by @samsonasik in #9361
  
• Fix phpstan if.condNotBoolean by @neznaika0 in #9368
  
• Fix phpstan when delete string key by @neznaika0 in #9369
  
• Fix phpstan greaterOrEqual.invalid by @neznaika0 in #9370
  
• Fix phpstan nullCoalesce by @neznaika0 in #9374
  
• Fix phpstan isset offset by @neznaika0 in #9383
  
• Fix phpstan return.missing by @neznaika0 in #9382
  
• Fix phpstan booleanAnd.rightAlwaysTrue by @neznaika0 in #9367
  
• Fix phpstan codeigniter.configArgumentInstanceof by @neznaika0 in #9390
  
• Use strtolower with str_contains/str_**_with as replacement for stripos by @paulbalandan in #9414