Umbraco

Upgrade Notes

Be aware of a change to behaviour for detecting the Umbraco application URL. Previously, ApplicationMainUrl was automatically set from the Host header of incoming HTTP requests. In environments where Umbraco is not behind a reverse proxy that validates the Host header, this could allow a forged Host header to overwrite the URL used in password reset links, user invitations, and other email notifications. While this is normally mitigated by proper hosting configuration and setting UmbracoApplicationUrl explicitly, we felt that the auto-detection behaviour should be hardened up and become an opt-in rather than the default. You can read more about this under "Breaking Changes" below, the linked PR and the documentation.

There are a few updates related to performance in this release that are worth investigating for larger sites. Using output cache in your projects, with intelligent and customisable detection of page invalidation, is now a configuration option for templated websites, with extension points also applied for the Delivery API. We have optimised content cache rebuild after schema updates, with an option for deferred rebuild in the background. If considering a project with significant expected concurrency for member login and registration, and you prefer to use an external service for member management, the new option for lightweight external members will be worth reviewing.

If working with AI tools such as Umbraco MCP, additions to management API endpoints that expose JSON schema for data types and allow for patch updates of specific properties, should improve accuracy and reliability.

As usual please find the full list of PRs that have contributed to Umbraco 17.4 as follows.

What's Changed Since 17.4.0-rc3

Full Changelog: https://github.com/umbraco/Umbraco-CMS/compare/release-17.4.0-rc3...release-17.4.0

What's Changed Since 17.4.0-r2

📦 Dependencies

• Bump @umbraco-ui/uui to 1.17.3 by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22753

🔒 Security

• Backoffice: Add localize.htmlString() helper to prevent XSS in HTML-rendered translations by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22731

🐛 Bug Fixes

• Auth: Un-deprecate getLatestToken and route per-request fetches through it by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22736
• Color Picker: Refresh stored label when data type label changes (closes #22741) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22761
• Published Content: Fix Fallback.ToAncestors with no match throwing exception at property level (closes #22759) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22763

Full Changelog: https://github.com/umbraco/Umbraco-CMS/compare/release-17.4.0-rc2...release-17.4.0-rc3

What's Changed Since 17.4.0-rc

🐛 Bug Fixes

• Block permissions: Correction of read-only inheritance and language access (closes #22472, #21973) by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22522
• Redirect Tracker: Prevent creation of redirects from unrouteable URLs (closes #22652, #22256) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22657
• Blueprints: Fix intermittent blank workspace when creating documents from blueprints (closes #21996) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22422

Full Changelog: https://github.com/umbraco/Umbraco-CMS/compare/release-17.4.0-rc...release-17.4.0-rc2

What's Changed Since the Previous Version (17.3.5)

🙌 Notable Changes

• Management API: Add JSON Schema support for data types and content types by @Migaroez in https://github.com/umbraco/Umbraco-CMS/pull/21771
• Media Picker: Add Cards/Table view switcher (closes #22005) by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22138
• Management API: Add document patch endpoint by @Migaroez in https://github.com/umbraco/Umbraco-CMS/pull/22104
• Website Rendering: Add configurable output caching for template rendered pages by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22338
• Basic Authentication: Standalone login page for frontend-only deployments (closes #22144) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22168
• Icons: extends icon data + improved search by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22436
• Members: Add lightweight external-only members (closes #12741) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22162
• Cache: Add deferred content type rebuild mode with de-duplication by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22194

💥 Breaking Changes

• Application URL: Add ApplicationUrlDetection setting to control application URL auto-detection by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22307

📦 Dependencies

• Bump lodash from 4.17.23 to 4.18.1 in /src/Umbraco.Web.UI.Login by @dependabot[bot] in https://github.com/umbraco/Umbraco-CMS/pull/22334
• Dependencies: Update minor and patch versions by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22498
• Update npm dependencies for v17.4.0-rc by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/22464
• Bump the npm_and_yarn group across 3 directories with 4 updates by @dependabot[bot] in https://github.com/umbraco/Umbraco-CMS/pull/22537
• Dependencies: Update Microsoft packages to latest patch and fix HybridCache ParseFault with Redis by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22278
• Dependencies: Pin System.Security.Cryptography.Xml to resolve vulnerability warning by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22514

🚤 Performance

• Performance: Batch backoffice media thumbnail URL requests to reduce N+1 API calls by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22329
• Performance: Optimize FullDataSetRepositoryCachePolicy usage across all repositories by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22264
• Performance: Optimize ContentTypeRepository deep-clone on cache reads (closes #22250) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22263
• Performance: Use GeneratedRegex instead of generating at runtime in string extensions by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22534
• Performance: Avoid allocating a string if _publishedContentCache has a cached version in MediaCacheService by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22535
• Performance: Micro-optimisation in UdiParser (eliminate closure, fix naming & formatting of exceptions) by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22506
• Micro-optimization: Use Array.ConvertAll instead of LINQ .Select .ToArray by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/20292
• Entity Service: Batch GetAllPaths queries to avoid SQL Server parameter limit (closes #22470) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22471
• Document URL Service: Batch delete of obsolete URL segment records to avoid SQL Server parameter limit (closes #22339) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22340
• Content Version Cleanup: Optimize for large datasets (closes #22224) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22239
• Migrations: Optimise sortable value population for date properties by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22547
• Migrations: Fix potential OptimizeInvariantUrlRecords timeout on SQL Server (closes #22377) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22382
• Umb-icon color setting optimization by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22433

🌈 Accessibility Improvements

• Accessibility: Fix missing labels on uui-select elements causing console warnings by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22385
• Accessibility: Include visible initials in name displayed on account menu button (closes #21942) by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22117
• Accessibility: Add labels to member workspace toggles by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22403
• Accessibility: Add label and localized placeholder to picker search field by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22402
• Accessibility: Add label to member type filter dropdown by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22397

🚀 New Features

• Entity Data Picker: Adds start node support to tree data-sources by @leekelleher in https://github.com/umbraco/Umbraco-CMS/pull/22172
• Rich Text Editor: Filter paste, drag&drop, and media picker to allowed media types (closes #21824) by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22267
• Tiptap RTE: Add width/height to edit image properties (AB#65981) by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22266
• Document Blueprints: Add info workspace view by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/21951
• Notifications: Surface ProblemDetails detail in error notifications by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22298
• General: Add decoding="async" to relevant IMG-tags by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22428
• Backoffice Identity: Add Override method to IBackOfficeSecurityAccessor for background processing by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22499
• Relations: Fire relation notifications for automatic relations (closes #22222) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22345
• User Groups: Add ability to manage users directly from the group workspace by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/22215
• Block Editor: Create Modal Size Overwrite by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22386

🐛 Bug Fixes

• Management API: Return descriptive 400 for property variance mismatch (closes #22076) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22100
• Sections: Sort sections by display name in user group assignment (closes #22094) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22112
• Block Editors: Resolves incorrect "Discard unsaved changes" message when editing blocks with live editing by @marcloveUSN in https://github.com/umbraco/Umbraco-CMS/pull/22134
• Redirect Tracking: Fix segment change detection and optimise descendant traversal (closes #22082) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22091
• Routing: Resolve URL segment collision for siblings differing only in punctuation (closes #22070) by @0xRozier in https://github.com/umbraco/Umbraco-CMS/pull/22090
• Last Synced: Adding A File System Approach to Subscriber Servers by @NillasKA in https://github.com/umbraco/Umbraco-CMS/pull/22145
• Localization: Added missing for elements by @Lantzify in https://github.com/umbraco/Umbraco-CMS/pull/22079
• Application URLs: Prevent back office hosts being overwritten in a shared database setup (closes #16741) by @matthewcare in https://github.com/umbraco/Umbraco-CMS/pull/22160
• Migrations: Fix property detection for invariant content types with culture-varying compositions (closes #22159) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22167
• Backoffice: Add tree item children collection views for Partial Views, Stylesheets, Scripts, Templates, and Document Blueprints by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22146
• Distributed Locking: Add ROWLOCK hint to prevent cross-row contention on umbracoLock table (closes #22113) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22126
• EFCore Scoping: Clear stale connection on pooled DbContext before returning to pool (closes #22124) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22132
• Distributed Background Jobs: Preventing Jobs From Running When Database Is Read-Only by @NillasKA in https://github.com/umbraco/Umbraco-CMS/pull/22208
• EFCore Scoping: Preserve connection string before disposing EFCoreScope database (closes #22211) by @idseefeld in https://github.com/umbraco/Umbraco-CMS/pull/22212
• Blueprints: Allow saving document blueprints with partial variant names (closes #22190) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22210
• Tree Picker: Fix root item not deselecting in single-selection picker (closes #22073) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22099
• Management API: Add endpoint to get all member types allowed at root by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22226
• Dynamic Root: Fix current origin resolution for new unsaved content (closes #22213) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22216
• Backoffice: Migrate Templating, Language, Member Group, and Document Blueprint create entity actions to use entityCreateOptionAction extensions by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22214
• Members: Fix Create Members based on Member Types in folders by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22241
• Member Authorization: Return correct status codes for unauthenticated members (fixes #21638) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22220
• Localization: Update "MFA" label to "2FA" in language files by @marcloveUSN in https://github.com/umbraco/Umbraco-CMS/pull/22236
• Examine: Fix DocumentUrlService not initialized during Examine indexing after package upgrade by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22243
• Examine Dashboard: Support content node links from delivery API index (closes #22221) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22225
• Repositories: Fix Raw Sql Statements without Escaped Table, Column or Alias Names (closes #22259) by @idseefeld in https://github.com/umbraco/Umbraco-CMS/pull/22261
• Cache sync: append SiteName to machine identifier for same-host load balancing by @nikolajlauridsen in https://github.com/umbraco/Umbraco-CMS/pull/22257
• Media: Set width and height for uploaded SVGs by @enkelmedia in https://github.com/umbraco/Umbraco-CMS/pull/22244
• Migrations: Fix NPoco auto-select breaking retrust FK migration by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22270
• Backoffice: Remove token cookie if decryption fails (mitigates #16107) by @Migaroez in https://github.com/umbraco/Umbraco-CMS/pull/22237
• Unattended Upgrades: Rebuild routing caches after background migrations to fix unroutable document URLs by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22269
• Media: Allow duplicating system media types (closes #22282) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22284
• User management: Show change password validation error (closes #22291) by @JoseMarcenaro in https://github.com/umbraco/Umbraco-CMS/pull/22292
• User Service: Fix WhereIn subquery in PermissionRepository (closes #22288) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22289
• Install: Ensure media directory exists before creating PhysicalFileProvider (closes #14877, #22355) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22281
• Templating: Add Production Mode condition to Partial View and Template Collection create actions by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22295
• Document Editing: Fix unchanged variants selected in save and publish dialog (closes #22277) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22285
• BackOffice Document Editing: Fix pending changes status in variant selector (closes #22271) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22290
• Block Grid: Protect against null columnSpan/rowSpan when rendering blocks (closes #22306) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22311
• Redirects: Fix crash seen in Redirect URL Management dashboard when the redirect route does not contain '/' (closes #22308) by @VargyasMoniLajos in https://github.com/umbraco/Umbraco-CMS/pull/22309
• Block Editors: Fix preset values for composition properties on non-varying element types (closes #22320) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22320
• Background Jobs: Fix period drift in RecurringHostedServiceBase by @ronaldbarendse in https://github.com/umbraco/Umbraco-CMS/pull/22330
• Builder Extensions: Make AddWebComponents() idempotent (closes #22344) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22347
• Search: Show ancestor breadcrumb path in items results (closes #21107) by @engijlr in https://github.com/umbraco/Umbraco-CMS/pull/22240
• Media Picker: Fix folder selection regression for developer-configured media pickers (closes #22349) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22350
• Relations: Allow saving relation types without parent/child object types (closes #22359) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22336
• Property Editor Dialog: Set height to 100% for umb-property-editor-ui-picker-modal by @bjarnef in https://github.com/umbraco/Umbraco-CMS/pull/22354
• Cache: Fix published content not immediately routable after PublishBranch (closes #22398) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22341
• Content type design: Fix tab overflow with scrollable navigation (closes #20876) by @engijlr in https://github.com/umbraco/Umbraco-CMS/pull/22294
• CSP: Add blob: to img-src for media upload previews by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22343
• Slider: Persist value updates on drag-and-drop (closes #22183) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22276
• User group: Fix issue icons not show when different colour than black (closes #22352) by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/22372
• Added length validation to change password modal element by @Yinzy00 in https://github.com/umbraco/Umbraco-CMS/pull/21781
• Languages: Exclude invariant culture from list of available cultures for language creation (closes #22380) by @hifi-phil in https://github.com/umbraco/Umbraco-CMS/pull/22381
• Templating: Move production mode validation from service layer to Management API by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22383
• Management API: Fix OAuth client registration permanently skipped after transient failure (closes #22356) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22368
• Content picker: Fix display for list items in content picker when pre-selected items exceed maximum (closes #22129) by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/22395
• Login: Update styles of login screen for better color customizations by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22389
• Block Grid: Apply language fallback to block elements within layouts (closes #22195) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22219
• Clipboard: Localize property labels when copying to clipboard (closes #21998) by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22412
• Templates: Fixes modal text styling in when inserting sections (closes #22358) by @Abdjulaziz in https://github.com/umbraco/Umbraco-CMS/pull/22376
• User Service: Prevent fetching all permissions when no IDs are provided by @krebil in https://github.com/umbraco/Umbraco-CMS/pull/22424
• RTE: Block Clipboard label Localization (closes #22412) by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22417
• Migrations: Consistently handle GUID casing when using SQLite by @callumbwhyte in https://github.com/umbraco/Umbraco-CMS/pull/22406
• Migrations: Quote names when creating index (closes #22409) by @idseefeld in https://github.com/umbraco/Umbraco-CMS/pull/22410
• dotnet Templates: Remove legacy Umbraco:CMS:Content:MacroErrors from project template development configuration by @callumbwhyte in https://github.com/umbraco/Umbraco-CMS/pull/22447
• Backoffice: Add explicit controller aliases to observe() calls in tree components by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22450
• Cache: Invalidate published cache entries when content or media is trashed by @lauraneto in https://github.com/umbraco/Umbraco-CMS/pull/22451
• Member Authentication: Add member sign-in/sign-out notifications (closes #22461) by @mattbrailsford in https://github.com/umbraco/Umbraco-CMS/pull/22463
• Tags Property Editor: Preserve commas in tag values (closes #22413) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22432
• Media Collection: Display upload notifications in rows rather than in columns (closes #21502) by @Welander1994 in https://github.com/umbraco/Umbraco-CMS/pull/22467
• Document Create Modal: Add loading indicator to Create options (fix #20817) by @Copilot in https://github.com/umbraco/Umbraco-CMS/pull/20857
• Document Editing: Allow removal of template from a document and indicate when the selected template is no longer allowed (closes #20929) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22348
• Migrations: Fix RetrustForeignKeyAndCheckConstraints failing when data violates a constraint by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22488
• Output Caching: Align Delivery API extensibility with website output caching by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22456
• Parameterise variables in SqliteSyntaxProvider and SqlServerSyntaxProvider by @liamlaverty in https://github.com/umbraco/Umbraco-CMS/pull/22492
• TipTap Code Editor: Fix horizontal overflow in TipTap source code modal (closes #22287) by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22474
• Background Jobs: Use ApplicationMainUrl as fallback for absolute URL provision (closes #22420) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22435
• Tiptap RTE: Fix Clear Formatting errors when HTML attribute extensions aren't enabled (closes #22502) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22509
• adds same drag styling as when dragging item in the content sectin by @Welander1994 in https://github.com/umbraco/Umbraco-CMS/pull/22460
• Media Picker: Use UUI breadcrumbs to prevent modal overflow with deep folder paths (closes #22286) by @engijlr in https://github.com/umbraco/Umbraco-CMS/pull/22375
• Fix: parse hashtag strings for confirm dialog localization by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22490
• Documents: Present blueprint options from collection view Create button (closes #22529) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22533
• Trees: Respect 'Ignore user start nodes' on expand (closes #22487) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22510
• Templating: Correct the updated Navigation snippet (closes #22528) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22530
• Migrations: Await EF Core premigrations for OpenIddict (closes #22200) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22205
• Attended Upgrades: Detect and display correct "from" version on the upgrade screen (closes #20980) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22387
• Authorization: Fix publish with descendants returning 403 with granular permissions (closes #22140) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22148
• User Service: Remove IBackOfficeUserStore service location from read methods (closes #22404) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22408
• V17/media notification by @Welander1994 in https://github.com/umbraco/Umbraco-CMS/pull/22484
• Removed line clamp for data type picker (closes #22515) by @andreaslborg in https://github.com/umbraco/Umbraco-CMS/pull/22526
• Boot Failed: Add missing BootFailed.html error page (closes #17144) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22120
• Users: Show success dialog after creating API user (closes #21921) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22426
• Members: Fix SQL error when combining member type and group filters on filter endpoint by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22209
• Migrations: Fix local link migration losing fragments and query strings (closes #22152) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22153
• EF Core Scoping: Allow separate database connections for custom DbContexts (closes #22131) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22133
• Published Content Cache: Defensive hardening against race conditions (closes #22254, #22384) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22393
• Migrations: Fix Label long-string data type dbType (closes #22553) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22557
• Cache: Gracefully handle inconsistent published version state (closes #22293) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22296
• Relations: Swallow exceptions when retrieving references from incompatible property values (closes #22197) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22207
• Security: Prevent XXE opportunity in OEmbedProviderBase by @liamlaverty in https://github.com/umbraco/Umbraco-CMS/pull/22550
• Backoffice: Stop UI filtering invariant document URLs by display culture (closes #22556) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22560
• Surface controllers: validate redirect url in public surface controllers by @NguyenThuyLan in https://github.com/umbraco/Umbraco-CMS/pull/22561
• Permissions: Route UI permission retrieval through IContentPermissionService (closes #22351) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22400
• Document Management: Clear per-culture published flags when copying a document (closes #22540) by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22567
• Decimal: Allow decimal values when step size is not configured (closes #22127) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22128
• Frontend: Fix umb-table Firefox rendering when columns change (closes #22411) by @iOvergaard in https://github.com/umbraco/Umbraco-CMS/pull/22414
• Document URL Aliases: De-duplicate repeated aliases to prevent upgrade failure by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22569
• Subscriber Server Role: Skip URL/alias persistence on subscribers with read-only databases (closes #22570) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22572
• Slider: Add minimumRange configuration for range sliders (partially closes #22067) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22078
• Segments: Preserve segmented property values after save (closes #22166) by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22173

🧪 Testing

• E2E: QA Added acceptance tests for DisableDeleteWhenReferenced setting by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22017
• E2E: Updated the acceptance tests to match the recent changes by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22088
• E2E: QA Updated acceptance tests for bulk trash content due to UI changes by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22118
• E2E: QA: Added document segemented variant acceptance tests by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/21957
• Build: Serialize E2E stages and stagger branch schedules to reduce agent usage by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22164
• E2E: QA Added acceptance test for HMAC secret key health check by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22141
• Integration Tests: Avoid hidden BootFailedException in CoreConfigurationHttpTests by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22188
• E2E: QA Added acceptance tests for public access by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22158
• E2E: QA Updated acceptance tests for duplication action due to UI changes by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22206
• E2E: QA: add acceptance tests for compositions by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/22180
• E2E: QA Added acceptance tests for moving media items by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22232
• E2E: QA Added acceptance tests for validating a mandatory multi URL picker by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22235
• E2E: Reverted npm command for smokeTest by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22246
• E2E: Added acceptance tests for block grid area by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22181
• E2E: QA Added acceptance tests for bulk actions by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22361
• Unit tests: Add test coverage for ContentPermissionService by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22373
• E2E: QA Updated acceptance tests to match the recent UI changes by @nhudinh0309 in https://github.com/umbraco/Umbraco-CMS/pull/22445
• E2E: QA: add member type acceptance tests by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/22379
• E2E: QA: Added acceptance tests for member authentication by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/22466
• Integration Tests: Fix raw SQL statements in DocumentUrlTests (closes issue #22360) by @idseefeld in https://github.com/umbraco/Umbraco-CMS/pull/22365
• Tests: Remove dead KeepAlive config remnants by @pijemcolu in https://github.com/umbraco/Umbraco-CMS/pull/22272
• Build: Extract nbgv version step into shared template by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/22480
• Nightly Pipeline: Skip E2E and Integration stages when Build fails by @andr317c in https://github.com/umbraco/Umbraco-CMS/pull/22568

🛡️ Code Quality, Documentation and Refactoring

• Code Documentation: Add missing XML header documentation to the Umbraco.Cms.Infrastructure project by @readingdancer in https://github.com/umbraco/Umbraco-CMS/pull/21782
• Code Documentation: Add missing XML header documentation to the Umbraco.Cms.Api.Management project by @readingdancer in https://github.com/umbraco/Umbraco-CMS/pull/21785
• Code Quality: Add 'new' keyword to 3 methods hiding inherited members resolving CS0114 warnings by @reabr in https://github.com/umbraco/Umbraco-CMS/pull/22317
• Code Quality: Use array over dictionary in private collection of PublishedContentType by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22476
• Code Quality: Use more appropriate types for private fields of Umbraco.Cms.Core.Enum<T> by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22475
• Code Quality: Eliminate closure in AppPolicedCacheDictionary by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22482
• Code Quality/Logging: Fix 'occured' -> 'occurred' typos in log/error/comment strings by @SAY-5 in https://github.com/umbraco/Umbraco-CMS/pull/22508
• Code Quality: Reduce dictionary lookups within lock by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22504
• Code Quality: Use FrozenDictionary and Array instead of Dictionary and List in EntityContainer. by @Henr1k80 in https://github.com/umbraco/Umbraco-CMS/pull/22505
• Backoffice Agent Context: Add design philosophy, developer roles and skills for a few common extensions and infrastructure tasks by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22273
• Backoffice: Add Workspace documentation and create-workspace skill for agents by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22300
• Backoffice: Add Repository documentation and create-repository skill for agents by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22310
• Backoffice: Add client-side model guidance and repo rules for agents by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22321
• Agent Review: Prefer documentation over implementations by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22324
• Review: Claude Skill for Review of Github PRs by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22245
• Claude: Agent MD files for manifestss by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22367
• Developer Tools: Add umb-bump-version skill for automating version bumps by @AndyButland in https://github.com/umbraco/Umbraco-CMS/pull/22438
• Store: Accept tokens and update MDs for general Context Consumption by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22458
• Management API: Reduce user start node tree filtering code duplication by @lauraneto in https://github.com/umbraco/Umbraco-CMS/pull/22486

🏠 Internal

• Backoffice: Fix Ctrl+C not terminating the example dev server by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22249
• CLAUDE.md: OpenAPI.json maintenance by @leekelleher in https://github.com/umbraco/Umbraco-CMS/pull/22326
• Mock Server: Add missing batch handlers for content types by @leekelleher in https://github.com/umbraco/Umbraco-CMS/pull/22390
• Backoffice Mocks: Introduce Mock Sets by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22493
• Backoffice Mocks: Add Webhook Mock Services + Kitchen sink mock data by @madsrasmussen in https://github.com/umbraco/Umbraco-CMS/pull/22507
• Backoffice Mocks: Fixes to Kitchen Sink mock data by @leekelleher in https://github.com/umbraco/Umbraco-CMS/pull/22512
• Eslint: Rule for Manifest Aliases by @nielslyngsoe in https://github.com/umbraco/Umbraco-CMS/pull/22316
• security.md Update Sanitize HTML docs to describe Umb-CMS implementation by @liamlaverty in https://github.com/umbraco/Umbraco-CMS/pull/22552

New Contributors

• @marcloveUSN made their first contribution in https://github.com/umbraco/Umbraco-CMS/pull/22134
• @reabr made their first contribution in https://github.com/umbraco/Umbraco-CMS/pull/22317
• @VargyasMoniLajos made their first contribution in https://github.com/umbraco/Umbraco-CMS/pull/22309
• @SAY-5 made their first contribution in https://github.com/umbraco/Umbraco-CMS/pull/22508

Full Changelog: https://github.com/umbraco/Umbraco-CMS/compare/release-17.3.4...release-17.4.0-rc