Release Notes
Stay up to date with the latest Statamic changes.
To see what's in development, check out the roadmap.
5.73.12
March 4th, 2026
What's fixed
- Antlers config backwards compatibility #14146 by @jasonvarga
- Config parsing exclusion #14152 by @jasonvarga
- Fix Antlers parser state restoration #14151 by @jasonvarga
- Support Laravel Debugbar 4 #14142 by @jasonvarga
- Remove pdf css #14141 by @jasonvarga
- More Antlers defaults #14125 by @jasonvarga
5.73.11 Security
February 27th, 2026
This release contains a potentially breaking change for the sake of security.
What's fixed
- Antlers hardening (Breaking: See PR for upgrade notes) #14092 by @jasonvarga
- External Glide URL validation #14101 by @jasonvarga
- Harden redirects #14099 by @jasonvarga
- Harden auth redirects #14089 by @duncanmcclean
- Fix user fieldtype search #14084 by @duncanmcclean
- Fix user name and email logic #14079 by @jasonvarga
- Sanitize SVGs #14077 by @jasonvarga
- Fix CSRF token on pages excluded from static caching #14056 by @duncanmcclean
- Improve PDF Viewer #14045 by @duncanmcclean
- Throw UnableToReadFile for invalid images in ImageGenerator #14043 by @mmodler
- Antlers user content and config #14058 by @jasonvarga
- Block methods in Antlers by default #14059 by @jasonvarga
5.73.10 Security
February 20th, 2026
What's fixed
- Fixes
shouldUpdateUrisregex adding additional brackets to Antlers #13995 by @martyf - Validate password reset url #14023 #14008 by @jasonvarga
- Harden html rendering #14006 by @jasonvarga
5.73.9 Security
February 18th, 2026
What's fixed
- Correct test namespaces to avoid PSR-4 warnings #13989 by @duncanmcclean
- Sanitize html in html fieldtype #13992 by @jasonvarga
5.73.8
February 18th, 2026
What's fixed
- Avoid replacing nocache regions in initial full-measure response #13953 by @duncanmcclean
- Fix Icon fieldtype augment error when value is empty #13966 by @jhhazelaar
- Fix
whereIn()/whereNotIn()error for booleans #13952 by @duncanmcclean
5.73.7
February 14th, 2026
What's fixed
- Revert etags #13933 by @jasonvarga
5.73.6 Security
February 11th, 2026
What's fixed
- Fix after_save preference not persisting when default preferences override 'listing' #13879 by @el-schneider
- Asset auth fix #13883 by @duncanmcclean
- Account for custom fields when checking if entry URIs should be updated #13859 by @duncanmcclean
5.73.5
February 3rd, 2026
What's fixed
- Add auth to asset routes #13810 by @jasonvarga
5.73.4
February 3rd, 2026
What's fixed
- Handle
0values in text fields andnullstring in slugs #13786 by @joshuablum - Fix multi-site URL invalidation in
ApplicationCacher#13793 by @joshuablum
5.73.3
January 30th, 2026
What's fixed
- Avoid showing large number of assets in listing #13758 by @jasonvarga
- Abort 404 when asset is not found in AssetsController #13741 by @mynetx
5.73.2
January 26th, 2026
What's fixed
- Revert
AssetContainer::accessible()visibility change #13673 by @duncanmcclean - Fix: Prevent 304 responses without client cache headers #13654 by @mynetx
- Fix uninitialized property error from
HandleEntrySchedulejob #13648 by @duncanmcclean - Bump lodash from 4.17.21 to 4.17.23 #13628 by @dependabot
- Avoid updating Bard value unless content has actually changed #13645 by @duncanmcclean
5.73.1
January 21st, 2026
What's fixed
- Revert config values in forms #13632 by @jasonvarga
5.73.0
January 21st, 2026
What's new
- Allow config values to be used in forms #11403 by @FrittenKeeZ
- Allow closure in cascade content hydration #13580 by @marcorieser
What's fixed
AssetContainer::accessible()should take filesystem visibility into account #13621 by @duncanmcclean- Augment appended form config fields for Antlers #13111 by @marcorieser
- Fix error from
DefaultInvalidatorwhen creating a nav #13596 by @duncanmcclean - Prevent redirect when creating term via fieldtype #13595 by @duncanmcclean
- Handle null value gracefully #13598 by @aerni
- Fix existing field validation with prefixed fieldset imports #13551 by @duncanmcclean
5.72.0
January 13th, 2026
What's new
- Support query scopes in navigations #13509 by @el-schneider
What's fixed
- Generate etag after nocache replacements #13433 by @mmodler
- Support custom validation rules for asset containers #13459 by @duncanmcclean
- Fix filterWhere with arrays #13507 by @aerni
- Dutch translations #13532 by @laurenskr
5.71.0
January 8th, 2026
What's new
- PHP 8.5 Compatibility #13112 by @duncanmcclean
- Add ability to get raw array directly from Values object #13318 by @andjsch
- Make GetItemsContainingData hookable #13302 by @ryanmitchell
What's fixed
- Fix structure not being saved to collection #13479 by @jasonvarga
- Fix JsDriver::addToFormData call to match interface signature #13463 by @andrii-trush
- Fix add set button not overlap content on small container #13269 by @lecoa
- Terms Filter: Use
termsfieldtype instead ofselect#13439 by @duncanmcclean - Fix blueprint cache #13430 by @aerni
- Add
Nav::clearCachedUrlsexpectation toAddonTestCase#13396 by @duncanmcclean - Remove "Bulgarian Lev" from Currencies dictionary #13414 by @duncanmcclean
- Ensure field parent is set correctly #13305 by @aerni
- Invalidate nav's URL cache when collection/taxonomy/etc is created #13297 by @duncanmcclean
- Fix whereNotIn error with nulls #13266 by @jasonvarga
- Fix
eloquent:import-userscommand with computed values #13260 by @duncanmcclean - Fix page collection and mounted collection #13250 by @jasonvarga
- French translations #13300 by @ebeauchamps
- Bump validator from 13.15.20 to 13.15.22 #13234 by @dependabot
- Bump qs from 6.11.1 to 6.14.1 #13409 by @dependabot