drop's picture

The Backdrop community is proud to release version 1.17 of Backdrop CMS, following our 4-month release cycle.

Backdrop CMS 1.17.0 release notes.

Major new features in Backdrop 1.17.0 include:

  • Add a lazy-loading option for image fields #3659
  • Provide image style tokens (imagecache_token module added to core) #3594
  • Layouts: Provide an admin label and description for all blocks #4558
  • Layouts: Allow support for custom contexts #3750
  • Security enhancement: Enforce basic password constraints (no username or email as password) #4265
  • Security enhancement: Use .htaccess files to secure configuration directories #706

Download Link

We'd love your feedback on this release. 


Oh, I wrote in this thread two years ago.

I have read this discussion several times and still have no idea what the problem is.

For four years the issue has not been resolved — fantastic! Hopefully the feature will appear by 2025, we are waiting ;)

I am running tests and getting permission errors on the attempt to copy .htaccess files into the config directories created by the tests. Some debugging shows that the destination .htaccess file already exists and is not writeable by the file owner. I imagine that's the problem.

Should this reopen the original issue #706? Or be a new issue?

@brad.bulger - I recommend that you open a new issue in the issue queue. #706 is closed and committed to core. I think it best to treat this as a potential follow-up issue. Feel free to create a link to #706 indicating that your new issue is potentially related.


What really needs to be in the core is the ImageField Tokens module.

I have read this discussion several times and still have no idea what the problem is.

It's my understanding that we have a working pull request for this feature, but two things are preventing it from getting into core.

1) Core committer is looking for additional feedback on whether or not this SHOULD be in core rather than simply in contrib. The current concern seems to be that site editors do not usually have access to tokens directly and that would be unusual for a core feature. ALSO - there is a concern that adding tokens to alt fields might encourage poorly written alt text.  2) That someone needs to write tests for the PR. Which is unlikely to happen, unless there is more of a consensus on #1.  In short, this issue is not currently moving forward, because not enough people have provided positive feedback or encouragement for this idea.