Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Assorted todo lists carried over from #3216978: [meta] Priorities for 2021-12-01 release of Drupal 7
PHP 8.1 compatibility fixes are top priority for the next release.
These are not necessarily in priority order.
For consideration
- #3071997: Backport to D7 - inclusion of the announce project in D7 core - see also:
- #3206643: Project messaging channel in core (as experimental) and linked issues
Issues which have had recent activity, and are RTBC.
Simple Fixes:
- #2884171: The drupal_render() function could use a bit more protection May need to add logging for developers.
- #2994212: SqlContentEntityStorage::loadFromDedicatedTables() does use an unnecessary sort in the DB leading to a filesort Another field storage issue, marked as major with patch by Fabianx that still applies to D7, wile D9 patch needs work.
- #674354: CSS selectors get overridden by narrower selector at style.css when using Seven Simple fix, moves inline with D8 having more specific selectors.
- #1973278: Error in image_styles of image.module on database update Simple fix, does it really need a test?
- #2492191: Remove "Crawl-delay" in robots.txt Simple fix. For parity with D8/9 this should probably be committed to D7 although taking this out of D7 now seems like a big change at such a late stage; users who want to change Crawl-delay will already have done this. The patch itself is trivial so marking RTBC for a D7 core committer to decide whether to commit or close this.
- #920840: Broken images displayed and PHP notices when file/image field values are missing
- #2871459: Simpletest does not reset the $theme* globals
- #2218647: [D7] Undefined property: stdClass::$nid in node_tokens()
- #2830428: Fix behaviour of entity_load when passed ids with a trailing dot
- #3026560: After upgrade to 7.63, 8.5.10, 8.6.7, 9.4.0 get TYPO3 phar error for drush
- #3182785: PHP 7.4 notice for /modules/system/system.admin.inc A simple fix that could possibly be improved.
- #3255713: [D7] Login fails and no warning is issued if cookies are not enabled This is a D7 backport of #2946: Login fails and no warning is issued if cookies are not enabled, an 18 year old issue that was marked as major and committed to drupal 9.3.x in June 2021.
- #2790857: Log completely unusable when an entry has corrupt serialized data (D7)
- #3281663: D7 backport: Fix htaccess files for PHP 8
- #3266018: Backport Make core aware of Nginx and PHP-FPM to D7
- #2112325: Warning: gzinflate(): data error in drupal_serve_page_from_cache() (line 1617 of /includes/bootstrap.inc).
- #3212398: [D7] Field API assumes serial/integer entity IDs, but the entity system does not
- #2828455: User mail token PHP notices for anonymous
- #3166668: PHP7.4 and empty entity_keys for taxonomy term result in notices
- #2594955: [D7] Duplicate HTML IDs are created for file_managed_file fields
Important Fixes:
- #1374090: Editing a comment still changes creation date Patch in comment #100 is 6 years old and appears to solve the problem. Comment #112 confirms patch looks good and to be deployed on drupal.org website.
- #1705618: Double click prevention on form submission Important to prevent double submission of forms, creating duplicate nodes, etc. Must clear browser cache to take effect.
- #1899126: [D7] Add wrappers to fix permission checks Required for POSIX filesystem. Fixed in D8? @orlitzky: "I'm just going to keep updating the patch for drupal-7.x for the rest of my life." "I'll keep posting patches until I don't have to any more."
- #1951408: Core Update manager doesn't correctly handle "status" UPDATE_NOT_CHECKED Includes D7 core patch in comment #16 that passes tests and is RTBC. Required for update_advanced module that is used by 2,700 sites. Does not appear to be relevant to D8/D9.
- #1978176: Build menu_tree without loading so many objects @joseph.olstad: "... the performance improvement is huge! .. After several years I see no credible reports of an issue with this patch"
- #2418755: Path alias filter by system path includes 6 year old patch for D7 in comment #1 that has been RTBC and without the patch "it's very hard to find alias which contains few slashes in path."
- #2431283: Cron CSRF vulnerability Security hardening fix. Fixed in D8. Fabianx comment in #31, just before last patch.
- #2550519: Crypt::randomBytes()/drupal_random_bytes() doesn't actually return cryptographically secure random bytes Issue is 6 years old, priority was set as "critical", still needs work.
- #2752783: [D7] file_unmanaged_move() should issue rename() where possible instead of copy() & unlink() Important fix. Mcdruid urging commit. @joseph.olstad: "D8 has this already. It is a good idea."
- #2783153: [D7] Convert drupalSettings from JavaScript to JSON, to allow for CSP in the future FabianX said it looks good, has updated tests
- #2891346: tableheader.js: Source: call to eval() or related function blocked by CSP Another content-security-policy issue.
- #2970929: [D7] Support X-Forwarded-* HTTP headers alternates Important backport for reverse proxies and load balance.
- #3176634: [D7] node_access filters out accessible nodes when node is left joined Issue identified as major. Fixed in D8 with D9 fix pending. Backport to D7 patch from 2016-March-9
- #3210388: Potential dataloss when opting in to "Avoid field storage write when field content did not change" and changing the bundle type of an existing entity
PostgreSQL performance improvements (backports from D8):
- #3265837: Backport DatabaseSchema_pgsql::fieldExists() improvements
- #2823488: Backport DatabaseSchema_pgsql::queryTableInformation() improvements
- #3265842: Backport DatabaseSchema_pgsql::findTables() improvements
- #2370593: Database::tableExists optimization for PostgreSQL
Unsorted Fixes:
- #498752: Partial word search for Drupal 7 Includes working patch from 5 yrs ago. Was closed as won't fix feature request. Now that a similar feature is proposed for D9 core #103548: Partial Search in Drupal Core maybe it's worth considering.
- #822128: "Textarea + summary" widget broken when field allows multiple values (followup) and associated JavaScript uses fragile selectors Has been committed to Drupal 8 and 9. Includes patch for D7 in #39 that is RTBC.
- #2539478: [D7] Allow image fields to use any extensions the current image toolkit supports (instead of hard-coding jpg, png and gif only) Adds svg to allowed extensions for image fields.
- #2819535: x-content-type-options nosniff ignored for anonymous cached pages
- #3017095: Clean up .htaccess and web.config file protection likely needs to go into D9 first
- #111702: Set fixed "from:" and add "Reply-to:" to comply with DMARC
- #965078: HTTP request checking is unreliable and should be removed in favor of watchdog() calls Needs work and needs CR
- #1328696: Problem with _drupal_wrap_mail_line and attachment files Attachment of docx file or files with long names results in email that is not correct. Fixed in D8, backport for D7 has patch.
- #3017522: Make SSL options configurable in drupal_http_request() Verifies SSL certificates in OpenSSL connections (Critical)
- #139015: breadcrumbs wrong on dblog event detail pages Issue seems in good shape, needs a bit of work as of Aug-4
- #691932: Add hook_field_schema_alter()
- #1992010: Reverting to revisions prior to addition of field translations is broken Issue is 9 years old, marked as critical and has patch that is RTBC and passes automated tests. Are tests sufficient?
- #1158322: Add backtrace to all errors
| Comment | File | Size | Author |
|---|---|---|---|
| #16 | 3259739-16_noop.patch | 285 bytes | mcdruid |
Comments
Comment #2
mcdruid commentedComment #3
mcdruid commentedJust added #3260196: [meta] Priorities for 2022-03-02 release of Drupal 7 to the release schedule, having discussed this with @Fabianx today.
We'll keep this issue for the June release, as the one in March will focus almost entirely on PHP 8.1 compatibility.
Comment #4
poker10 commentedI have summarized some backport patches which should (according to info from D8) greatly improve D7 PostgreSQL performance. I have added links to these issues to the issue summary to a separate category. All issues have patches ready and are passing all tests.
It will be great if someone can review them so they will be able to get into this June release.
Just for info how important this could be:
Comment #5
izmeez commentedAdded issue: #1374090: Editing a comment still changes creation date Patch in comment #100 is 6 years old and appears to solve the problem. Comment #112 confirms patch looks good and to be deployed on drupal.org website. A related issue #2288865: Same comment creation & changed date may no longer be relevant as noted in the interdiff of the patch in comment #100.
Comment #6
izmeez commentedAdded issue to unsorted:
#1992010: Reverting to revisions prior to addition of field translations is broken Issue is 9 years old, marked as critical and has patch that is RTBC and passes automated tests. Are tests sufficient?
Comment #7
poker10 commentedWe have approx. one month until the next planned D7 release (1.6.2022).
If it is not planned to postpone this release, hopefully @mcdruid or @Fabianx will make some time to review and commit at least most important issues (as there are few PHP 8.1 deprecations, few PostgreSQL important performance fixes and few others).
I must say that we are looking forward especially for the mentioned four PostgreSQL backport issues, as we are running a lot of PostgreSQL sites and perfomance benefits should be big (it should also help Drupal testing infrastructure as well).
Thanks!
Comment #8
mcdruid commentedThanks for the updates to this meta issue.
My last several weeks have either been busy or disrupted, but I'll try to get some issues from the list(s) here reviewed ASAP.
The 2022-06-01 release is likely to be fairly "light" though in terms of the number of issues / fixes / commits.
Comment #9
poker10 commentedAdding one another potential candidate for this release. It is a D9 backport, so it should be a relatively easy fix. And it could help lot of people experiencing broken watchdog. Test for that usecase is included.
#2790857: Log completely unusable when an entry has corrupt serialized data (D7)
Comment #10
ressaWould June 1, 2022 date format in the title in stead of 2022-06-01 result in faster scannability? Feel free to revert this change, if you think it is a step backwards.
Comment #11
mcdruid commentedAdded #3281663: D7 backport: Fix htaccess files for PHP 8.
@ressa I've switched the date in the title back. It might just be because I am a Brit who has worked in a predominantly US company for nearly a decade, but I have quite a strong preference for ISO-8601 :)
https://xkcd.com/927/
Comment #12
ressaThat's cool, I thought I'd just float the idea :)
Comment #13
poker10 commentedAdding two another possible candidates for this/next release:
#1158322: Add backtrace to all errors - but maybe it would need some decision first
#3266018: Backport Make core aware of Nginx and PHP-FPM to D7 - simple backport
Comment #14
poker10 commentedI have quickly checked other RTBC issues and found 4 simple issues - each of them has tests, so I am adding them here to consider.
#2112325: Warning: gzinflate(): data error in drupal_serve_page_from_cache() (line 1617 of /includes/bootstrap.inc).
#3212398: [D7] Field API assumes serial/integer entity IDs, but the entity system does not - D8 backport, approved also by @Fabianx
#2828455: User mail token PHP notices for anonymous
#3166668: PHP7.4 and empty entity_keys for taxonomy term result in notices - this issue was RTBC, but a small patch update was needed according to the detailed testing
Comment #15
poker10 commentedSorry for "spam", but this simple fix/backport was also RTBC with a patch from @David_Rothstein, but only a test was missing. I have added the test, so it should be safe to go now :)
#2594955: [D7] Duplicate HTML IDs are created for file_managed_file fields
Comment #16
mcdruid commentedAdding a noop patch to ensure all tests pass before preparing 7.90 (I'm not available to work on the release next week).
Comment #17
poker10 commentedThanks for all your work on this release @mcdruid!
And wow, look at these numbers... PostgreSQL tests done in 8 minutes!! It was 25 minutes before (yes we also skipped 2 upgrade functions, but that can be only benefit of minute or two).
I know that probably the release is already closed but is there any chance to include the last two PHP8/8.1 issues to 7.90?
Thanks again!
Comment #18
mcdruid commentedThank you for all the work you've put into this release @poker10!
Good to see the tests are green - PHP 5.6 initially failed but it was just testbot snafu.
Unfortunately I won't be able to get anything else into 7.90 - I need to have the release ready pretty much now and will just be doing the final few formalities next week on 2022-06-01.
Here are the draft release notes:
Release notes
Maintenance release of the Drupal 7 series. Includes bug fixes and small API/feature improvements only (no major, non-backwards-compatible new functionality).
No security fixes are included in this release.
No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.
A change has been made to the .htaccess file that Drupal generates to prevent PHP execution in files directories. See the Change Record for more details of how to ensure your site's .htaccess files are up-to-date.
This release includes improved support for PHP 8.1 (and other recent PHP releases), but there may still be problems not revealed by Drupal core's test suite, especially on sites with contrib (and custom) modules. Please test, and report any problems in the appropriate issue queue.
This release also includes some major performance improvements for PostgreSQL. Special thanks to poker10 for providing several backports that make a significant difference.
As always, many thanks to everyone that contributed to this release of Drupal 7.
Major changes in 7.90:
All changes:
Comment #19
long.skinny.boy commentedGood afternoon, thanks for the new release! Please tell me if there are plans to add a fix to this problem?
https://www.drupal.org/project/drupal/issues/3176634
Comment #20
damienmckennaAnything not included in 7.90 should be moved into a new planning issue and this one should be marked "fixed" (by a core maintainer so that attribution can be given).
Comment #21
mcdruid commented@long.skinny.boy that issue is in the todo list(s) in the (newly created) meta issue for the next release #3292217: [meta] Priorities for 2022-12-07 release of Drupal 7 (which is not a guarantee it will be included I'm afraid). Feel free to advocate for it to be looked at in the comments for that issue.
Closing this as Fixed per @DamienMcKenna in #20.
Thank you everyone that contributed to 7.90!
Comment #23
joseph.olstad@poker10 and @mcdruid, I have been impressed by all the fantastic work on improving the Postgresql and SQLLite db abstraction layers, recently I also noticed that adding the pg_trgm extension seemed to very much improve performance on postgres v12.10 or v12.8.
#3214921: Add a requirements warning in Drupal 9 when PostgreSQL is used and the pg_trgm extension is not created