Drupal 8.8.0
4 December 2019
Drupal version 8.8.0 is now available (major release).
Upgrading to Drupal 8.8.0
Drupal 8.8.0 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Drupal updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Drupal install to test the 8.8.0 upgrade prior to applying it live. Get started managing your Drupal installations with Installatron
What's New in Drupal 8.8.0
This is a minor version (new-feature release) of Drupal 8 and is ready for use on production sites.
This minor release provides new improvements and functionality without breaking backwards compatibility (BC) for public APIs. There may be changes in internal APIs and experimental modules that require updates to contributed and custom modules and themes per Drupal core's backward compatibility and experimental module policies.
Minor releases may include string changes and additions. Translators can review the latest translation status on localize.drupal.org.
IMPORTANT NOTES
- If you have the contributed Pathauto module enabled, you must update to the latest version of Pathauto before you update to Drupal 8.8.0.
FAILURE TO UPDATE PATHAUTO BEFORE UPDATING CORE COULD RESULT IN DATA LOSS. Drupal 8.8.0 declares a conflict with Pathauto 8.x-1.5 or lower for this reason.
- The Path Alias core subsystem has been moved to the path_alias module. An upgrade path is provided from Drupal 8.7 for this change.
- Custom URL aliases are now provided by a new revisionable and publishable "path_alias" content entity type. Path alias services have been kept in place for backwards compatibility, and path alias hooks have been deprecated.
- As part of the change to path aliases, path alias administration forms have been converted to generic entity forms. This means form IDs and form class names have changed, so custom code needs to be updated for any hook_form_alter() or hook_form_FORM_ID_alter() implementations that were using the previous form IDs. Additionally, some path routes have been deprecated and replaced by generic entity route.
- Updating Drupal is no longer supported for sites on PHP 5.5 or 5.6. PHP 5.5 and 5.6 support was officially removed in 8.7, but Drupal still allowed sites to apply security updates on those PHP 5 versions. Drupal 8.8.0 ends that support and updates will now fail if domains are not using at least PHP 7.0.8.
Security
- security fixes for SA-CORE-2018-002 and SA-CORE-2018-004
Changes
- Support for some uncommon older browser versions has been removed
- Deprecated core modules; SimpleTest, Place Blocks
- Substantial changes to JavaScript dependencies and new JavaScript deprecations
- Testing system changes
- New stable core module: Media Library
- JSON:API changes
- Views changes
- Configuration system changes
- New revisions are created every time an entity or revision is updated, if that entity is being moderated with content moderation
- The temporary file path is now a setting in settings.php, and is no longer stored in configuration
- Changed coding standards
- Dependency updates
Bug Fixes
- Form sets system.theme:admin to '0' breaking Quick Edit and making no sense
- Race condition in file_save_upload causes data loss
- Migrate UI - allow modules to declare the state of their migrations
- Limit what can be called by a callback in render arrays to reduce the risk of RCE
- [Plan] Remove unused jQuery UI components and replace with a suite of contrib packages for the continuous upgrade path
- 8.7.0-rc1 database updates fail on media_library configuration dependencies due to missing form and view modes
- Implementation of user name in JSON:API can result in overwriting data
- Mark kernel tests that perform no assertions as risky
- \Drupal\Core\Field\Plugin\Field\FieldType\EntityReferenceItem::onDependencyRemoval() sets auto_create to an invalid data type
- Rename action.post_udate.php to action.post_update.php so that the upgrade path runs correctly
- Views referencing missing roles fail views_post_update_revision_metadata_fields()
- Remove code that tries to use _raw_variables for route argument resolution as it does not work
- Make Workspaces and Content Moderation work together
Known Issues
- There are some outstanding compatibility issues with PHP 7.4 (which was released on November 28). These issues are being addressed in #3086374: Make Drupal 8.8 compatible with PHP 7.4.
- A database updates issue has been reported for Workspaces: #3098427: Manipulating the revision metadata keys before running the BC layer breaks the BC layer.
- Users of Organic Groups have also reported issues updating due to a bug in Organic Groups.
- Some users have reported #3098873: Declaration of Drupal\Core\Security\PharExtensionInterceptor::assert(string $path, string $command): bool must be compatible with TYPO3\PharStreamWrapper\Assertable::assert($path, $command). If you have this issue, please document on the linked issue which PHP version you are using (including the patch version, e.g. "PHP 7.2.14"), whether your site has been installed from a tarball, and also the exact version of typo3/phar-stream-wrapper that has been installed on your site if you are using Composer.