This release includes Silverstripe CMS version 4.5.1.

Upgrading to Recipe 2.5.1 is recommended for all CWP sites. This upgrade can be carried out by any development team familiar with the Silverstripe CMS. However, if you would like Silverstripe's assistance, you can request support via the Service Desk.

New features

The release announcement includes the note worthy features, but be sure to review the change log for full detail.

Known issues

There are no new known issues in this release.

Security considerations

This release includes a security fix. Please see the release announcements for a more detailed description, but note that the issue has a CWP-specific CVSS Environmental score which takes built-in protections from the CWP platform into account. We highly encourage upgrading your CWP projects to include this security patch regardless of severity.

The following security fixes were included in the previous release (2.5.0) but originally omitted from the release notes. They are repeated here for visibility.

Upgrading instructions

In order to update an existing site to use the new CWP recipe the following changes to your composer.json can be made:

"require": {
    "cwp/cwp-recipe-core": "2.5.1@stable",
    "cwp/cwp-recipe-cms": "2.5.1@stable",
    "silverstripe/recipe-blog": "1.5.1@stable",
    "silverstripe/recipe-form-building": "1.5.1@stable",
    "silverstripe/recipe-authoring-tools": "1.5.1@stable",
    "silverstripe/recipe-collaboration": "1.5.1@stable",
    "silverstripe/recipe-reporting-tools": "1.5.1@stable",
    "cwp/cwp-recipe-search": "2.5.1@stable",
    "silverstripe/recipe-services": "1.5.1@stable",
    "silverstripe/subsites": "2.3.3@stable",
    "tractorcow/silverstripe-fluent": "4.4.5@stable",
    "cwp/starter-theme": "3.0.3@stable"
"prefer-stable": true


Change Log



  • 2020-02-18 eabcd7c Apply mcrypt requirement (Garion Herman)
  • 2020-02-05 96c2bc3 Use correct translation string for AccountResetUI.renderSuccess() (Garion Herman)
  • 2020-01-07 72bc71a #270 - Reset variant state back to original state after processing (Brett Tasker)
  • 2020-01-05 0685dfa Add missing aliases for EnvironmentChecks (Garion Herman)
  • 2019-12-03 6eba8ab Replace deprecated implode parameter order (Garion Herman)
  • 2019-11-18 49d7d5f Update Travis config to Xenial (Garion Herman)
  • 2019-09-05 9dca139 log in after logging in (Dylan Wagstaff)
  • 2019-08-27 32e2f9f Ensure test uses database cache, it asserts assuming it is configured (Robbie Averill)
  • 2019-05-23 156c3e5 fix: update Travis config (Sam)
  • 2019-05-23 2405aa2 fix: add subsite class check (Sam)
  • 2019-05-23 40f05ea fix: ensure preview url displays the correct subsite url (Sam)
  • 2019-02-19 3ff72be StringTagField now works with SS-2018-021/CVE-2019-5715 by serialising arrays before write (Robbie Averill)
  • 2018-09-17 690f0cc Fix for $source left null (Damian Mooyman)

Other changes

  • 2020-02-16 ba5ae2d Add explicit ext-mcrypt requirement (Serge Latyntcev)
  • 2020-02-12 8e2af78 Specify php 7.1 (Steve Boyd)
  • 2020-02-04 5c9a702 Rename contributing team => maintainer (Damian Mooyman)
  • 2020-02-04 2ddc0a5 Update contributing guidelines (Damian Mooyman)
  • 2020-02-02 eeafe1b Fluent dev state fix (Mojmir Fendek)
  • 2020-01-23 4e0f0e9 Update jQuery to 3.4.1 (Garion Herman)
  • 2020-01-23 f82e8ba Update jQuery to 3.4.1 (Garion Herman)
  • 2020-01-23 f0f7d3b Update jQuery to 3.4.1 (Garion Herman)
  • 2020-01-14 8094fdd DOC Adjust changelog template for RC releases (Garion Herman)
  • 2019-11-26 8643337 Removed redundent CSS (James Cocker)
  • 2019-11-22 1c52b0e Resolve SVG IE11 logo scaling issue (James Cocker)
  • 2019-11-22 afcfb12 Brand logo CSS improvements (James Cocker)
  • 2019-11-20 5978c62 Update to Xenial, expand build matrix (Garion Herman)
  • 2019-11-18 d24c0fb Update Travis config to Xenial (Garion Herman)
  • 2019-10-21 71385fe DOCs update docs link (brynwhyman)
  • 2019-10-21 704b000 DOCS what members get MFA (brynwhyman)
  • 2019-10-21 4e45a92 DOCS remove empty docs file (brynwhyman)
  • 2019-09-09 fbd8406 Update translations (Garion Herman)
  • 2019-08-27 0d7c507 Use trusty in Travis builds (Robbie Averill)
  • 2019-08-16 9425139 Increase memory limit for kitchen sink builds (Robbie Averill)
  • 2019-08-14 10e0898 Update agency-extensions and gridfieldqueuedexport (Robbie Averill)
  • 2019-05-09 aae09ae Update translations (Robbie Averill)
  • 2019-05-09 e024613 Update translations (Robbie Averill)
  • 2019-05-09 d33b589 Update translations (Robbie Averill)
  • 2019-05-09 60e3d6d Update translations (Robbie Averill)
  • 2018-11-08 9260d8c Bump postgres version in Travis configuration to 2.1.x (Robbie Averill)
  • 2018-09-17 77bad9b Use getShouldLazyLoad() accesser (Damian Mooyman)
  • 2018-09-17 ce8ba85 Revert default argument change (Damian Mooyman)
  • 2018-09-12 024e648 Added getSource() function to populate source inline with the api. (Simon Gow)
  • 2018-09-07 fa754f3 TagField lazy load shouldnt render Options (Simon Gow)
  • 2018-09-06 3797049 Resolve Performance issues with TagField (Simon Gow)

Was this article helpful?