drupal 9.1.0

This is a minor version (feature release) of Drupal 9 and is ready for use on production sites. Learn more about Drupal 9 and the Drupal core release cycle.

This minor release provides new improvements and functionality without breaking backward compatibility (BC) for public APIs. Note that there may be changes in internal APIs and experimental modules that require updates to contributed and custom modules and themes per Drupal core's backwards compatibility and experimental module policies.

Drupal 9.1.x contains new features, and should be the target for new site development. Drupal 9.0.x will continue to have security support until June 2021. Drupal 8.9.x will continue to have security support until November 2021.

Regardless of which version you choose now, features will only be added to Drupal 9 minor releases, so plan to adopt Drupal 9 as soon as possible so that you can easily update to Drupal 9.2 and later.

Important update information

Updating from Drupal 8

For information on updating from Drupal 8 to Drupal 9, see Upgrading a Drupal 8 site to Drupal 9.

Sites on 8.7 or earlier must update to either 8.8 or 8.9 before updating to Drupal 9 as all Drupal 8 update functions from before Drupal 8.8.0-rc1 were removed from Drupal 9. We recommend updating to 8.9.x, as well as updating all contributed modules, before updating to any Drupal 9 release.

Note: The migration paths from Drupal 6 and Drupal 7 to Drupal 9 will remain supported throughout Drupal 9's release cycle.

Note for users of the Experimental Workspaces module

Existing Drupal 8 sites using the experimental Workspaces module must update to at least Drupal 8.8.2 before updating to Drupal 9. (This is due to a required data integrity fix.) Remember that Workspaces is currently in beta status and is not intended for production.

Upgrading from Drupal 7

Drupal 7 users can continue to migrate to Drupal 8.9, or migrate to 9.0 or 9.1 directly. The upgrade path for multilingual sites is stable in Drupal 8.9, 9.0 and 9.1!

Changes to robots.txt and .htaccess

This release includes changes to the default versions of both robots.txt and .htaccess files shipped with Drupal core. Site owners should back up any customized versions of these files before updating, and add their customizations back in after updating.

• Drupal's default robots.txt file (used for informing web crawlers what paths to not index) has been updated to disallow indexing of the user registration, password reset, login, and logout routes. These rules were already in place for years, but were ineffective because they had an incorrect trailing slash. This change has removed that trailing slash.

• Drupal's generated .htaccess files now consistently escape dots (the . character) in rewrite conditions and rules. (For example, statistics.php has been corrected to statistics\.php. See the Drupal core issue for this .htaccess change for full examples.) These changes make the rules slightly more strict (and therefore safer). Site owners should make a backup of customized .htaccess files before updating, and may wish to also escape dots in their own custom rules where appropriate.

Drupal project templates no longer use minimum-stability "dev"

In Drupal 8.8 though 9.0, Drupal's Composer project templates declared a minimum stability of dev with an additional prefer-stable setting, which allowed any development versions of other packages such as modules to be installed with the template.

However, this occasionally produced unexpected results, such as upgrading to newer unstable releases rather than remaining on a current stable release (which could be dangerous for a production website). Therefore, starting with 9.1.0-alpha1, the minimum stability will match the stability of core itself. For example, the 9.1.0-alpha1 templates will have alpha as the minimum stability, and 9.1.0 will have stable.

The core change will not affect existing projects using the previous templates, so we strongly recommend that existing Composer sites also change their own templates to raise the minimum stability. In most cases stable is recommended for production websites. For more information on updating your templates, as well as instructions for allowing individual pre-release modules to be used with your stable templates, review the change record: Drupal project templates no longer use minimum-stability "dev".

Additionally, the core recommended project templates now explicitly depend on the current minor branch (for example, ^9.1 instead of ^9), in order to make Composer behavior with pre-release milestones more predictable (so that, for example, a site running 9.1.0-beta1 will not be accidentally downgraded to 9.0.x.)

PHP 8 compatibility

Drupal 9.1.0 is fully compatible with PHP 8.0! Report any PHP 8 issues in the Drupal core issue queue.

Database driver changes for PHP 8 compatibility

A new StatementWrapper class added to wrap PHP's built-in \PDOStatement. Contributed and custom database drivers that use PDO need to use this class for PHP 8 compatibility. See \Drupal\Core\Database\Connection::$statementClass is deprecated; use the new DB API StatementWrapper class instead for more information.

Symfony 5 and 6 forward-compatibility

Work is underway to make Drupal 9 forward-compatible with Symfony 5 (already available) and 6 (not yet released), by ensuring Drupal 9 does not use APIs deprecated in newer releases of Symfony. A few of these fixes may require changes to contributed and custom modules:

• Sites installed prior to Drupal 9.1.0 that are using a customized version of default.services.yml may need to update the YAML syntax in that file. See YAML format in default.services.yml may need updating for more information.

• Drupal has been updated for upstream changes in the Symfony 5 Events system, including changes to event classes, the order of arguments for the EventDispatcher::dispatch() method. Review the change record on Symfony 5 Events changes for more information, including suggestions for modules extending ContainerAwareEventDispatcher.

Views exposed filter form changes

Views exposed filters that involve multiple form elements are now wrapped in a fieldset. For example, this applies to numeric filters with a 'Between' operator, or any filter with an exposed operator. The filter label is now always visible, as the fieldset legend, and any included elements are nested inside.

This significantly improves the user interface for both sighted users and people using assistive technology. However, this means that the form structure of the exposed filter form is changed. Sites that implement hook_form_alter() to modify the exposed filter form may have to update that implementation to handle the changed form structure. See the change record on the Views exposed filter form for details.

Change to "Node from URL" context may affect block visibility

The context provider for the "Node from URL" context now provides a context value on node preview and revision pages. For example, this means that blocks with node type visibility conditions will now be displayed on these pages. It might also affect certain blocks, conditions, and other plugins using the context system to work correctly on these pages. For more information, see the change record on the "Node from URL" context change.

SimpleTest stub module can no longer be installed

Prior to the release of Drupal 9.0.0, most SimpleTest functionality was replaced by a PHPUnit test suite, and the old SimpleTest module was moved into contrib for projects that had not yet upgraded their tests to PHPUnit. A stub module was left in Drupal 9 core to prevent fatal errors for sites upgrading from Drupal 8 that had for whatever reason left the module enabled. In Drupal 9.1, we've made it so that the core stub module can no longer be installed. If your site still has the SimpleTest module installed, you should uninstall it.

Dependency updates

Production PHP dependencies

• In order to support PHP 8, Drupal core is now using composer/semver version 3, and the tests are now using composer/composer version 2 internally. For more information, see the change record on Drupal 9.1's internal composer requirements. Note: These are only internal dependencies. Site owners may use either Composer 1 or Composer 2 on the command line to manage their Drupal 8.8, 8.9, 9.0, and 9.1 sites. Drush users must update to version 10.3.6 or higher for compatibility with this change in Drupal 9.1.

• Laminas components have all received minor-level updates for PHP 8 compatibility: laminas/diactoros to 2.5.0, laminas/escaper to to 2.7.0, and laminas-feed to 2.13.0.

• Two Symfony components have added new internal dependencies on symfony/http-client-contracts and symfony/polyfill-intl-normalizer, so both dependencies are now included in Drupal 9.1 installations.

• A couple of unneeded polyfills for versions of PHP prior to 7.3 were unnecessarily included in the core-recommended template and the lockfile. These have now been removed.

• Most Symfony components have been updated from 4.4.9 to 4.4.16, and several Symfony polyfill libraries have been updated from 1.18.1 to 1.20.0.

• Twig has been updated from 2.13.1 to 2.14.1.

• Archive_Tar has been updated from 1.4.9 to 1.4.11.

• typo3/phar-stream-wrapper has been updated from 3.1.5 to 3.1.6 for PHP 8 compatibility.

• The locked version of the fabpot/goutte development dependency has been updated to 3.3.1 for PHP 8 compatibility.

• symfony/mime and symfony/phpunit-bridge have received patch-level updates to version 5.1.8. These updated versions resolve several issues with the Drupal test runner.

• symfony/var-dumper is now a top-level development dependency and has also been upgraded from 4.4 to 5.1.8. (Note that an older version of the dependency was previously installed indirectly as a requirement for symfony/error-handler.)

• Many other top-level PHP dependencies have all been updated to the latest minor and patch versions for the major version in use.

Production JavaScript Dependencies

• CKEditor has been updated from 4.14.1 to 4.15.0, which includes numerous bugfixes and improvements.

• Popper.js has been updated from 2.0.6 to 2.5.4.

• Underscore.js has been updated from 1.9.1 to 1.11.0.

PHPUnit 9

Drupal 9 now uses PHPUnit 9 to run tests on PHP versions higher than PHP 7.3. This allows Drupal core to support PHP 8, but may require some small changes to tests in contributed or custom modules. See the change record about the PHPUnit 9 update for more details.

Other development dependencies

• The EasyRDF development dependency has been updated from 0.9.0 to 1.0.0 for compatibility with PHP 7.4. See the change record on EasyRDF for more details.

• The drupal/coder development dependency has been updated from 8.3.9 to 8.3.10, and it has added a new development dependency on sirbrillig/phpcs-variable-analysis. squizlabs/php_codesniffer has also been updated from 3.5.6 to 3.5.8.

• The postcss-preset-env development dependency has been added to replace usage of postcss-custom-properties for CSS post-processing in Claro.

• All yarn development dependencies have been updated, including major version updates for chalk, chromedriver, cross-env, eslint, eslint-plugin-react-hooks, mkdirp, postcss, postcss-header, prettier, stylelint-config-standard, and terser.

• Numerous other development dependencies have received patch- and minor-level version updates.

Changes to coding standards

The following additional coding standards have been enabled in the core ruleset:

• Drupal.Commenting.DocComment.TagsNotGrouped
• Drupal.Semantics.FunctionT.ConcatString
• Drupal.NamingConventions.ValidClassName
• PSR2.Namespaces.UseDeclaration.UseAfterNamespace
• Squiz.PHP.NonExecutableCode
• Some parts of the Squiz.ControlStructures.SwitchDeclaration standard.

Known issues

Search the issue queue for known issues.

• There are a few known issues with the display of form fields in Claro on wide monitors. Refer to #3184667: Node form layout looks awkward on wide screens since #3158854 and #3181964: Horizontal field groups content too narrow and paragraphs break out of node edit form. Work to improve the design is ongoing.

All changes since 9.1.0-rc3

• Issue #3183425 by tanc, ckrina, longwave, sylus, Abhijith S, idebr, justafish, pandaski, bnjmnm: Google Chrome 87 renders fieldset with grey artefacts
• Issue #3183673 by jonathan1055, longwave: Fix 'Drupal.Commenting.DocComment.ShortFullStop' coding standard - part 1 auto-fixes
• Issue #3180756 by mherchel, ranjith_kumar_k_u, anmolgoyal74, lauriii, proeung: Embedded media audio has height of 0 in Olivero and cannot be seen
• Issue #3138795 by quietone, sja112: d6_term_node_revision references non-existent migration
• Issue #3053897 by alexpott, UpTil4Music, webflo: No version key/value pair in new core modules (json_api, migrate_drupal_multilingual)
• Issue #3172116 by shetpooja04, naresh_bavaskar, raman.b, quietone, alexpott: Fix test in MenuLinkParentTest::testTransformException
• Issue #2828680 by raman.b, bandanasharma, mogtofu33, drclaw, damontgomery, tanubansal, paulocs, amietpatial, Chi, borisson_: Missing ul wrapper on forum local action links
• Issue #3165065 by sarvjeetsingh, Abhijith S, joachim: PluginWithFormsInterface and PluginWithFormsTrait should reference each other in docs
• Issue #3089902 by Taran2L, jmlsteele, anmolgoyal74, longwave, kishor_kolekar, tuan.hmt, alexpott, daffie, Aron Novak, hploeger: "Azure Database for MySQL server" reports wrong database version
• Issue #3157370 by S_Bhandari, tvb, quietone: Modify comment referring to file_directory_temp()
• Issue #3180280 by komalk, mherchel, sulfikar_s, ranjith_kumar_k_u, proeung, jwitkowski79: [Olivero Theme] [Design QA]: Reduce the letter spacing within the Subnav menu items
• Issue #3176911 by markdorison, kostyashupenko, anmolgoyal74, mherchel: Document [noscript_styles] in the @file documentation of Olivero's html.html.twig
• Issue #3176906 by markdorison, sarvjeetsingh, paulocs: Correct twig documentation in various Olivero templates
• Issue #3180726 by markdorison, walangitan: Missing punctuation in Olivero's html.html.twig @file documentation
• Issue #3176914 by sarvjeetsingh: Media is missing from the available variables list in Olivero's media.html.twig
• Issue #3176912 by anmolgoyal74, Abhijith S, sarvjeetsingh, mherchel: Missing variables in Olivero's block--secondary-menu--plugin-id--search-form-block.html.twig
• Issue #3174088 by Ramya Balasubramanian, mherchel: Remove .mobile-buttons comment within Olivero's scripts.es6.js