Yii 2.0.8 is released

Apr 28, 2016

We are very pleased to announce the release of Yii Framework version 2.0.8. Please refer to the instructions at http://www.yiiframework.com/download/ to install or upgrade to this version.

Version 2.0.8 is a patch release of Yii 2.0 which contains about 100 minor new features and bug fixes in 300 commits, by 64 contributors, changing 150 files.

There are extra steps to do while upgrading so check the UPGRADE.md file.

Thanks to our awesome Yii community which supplied us with valuable pull requests and discussions. The release wouldn't be possible without you!

You may follow the development progress of Yii 2 by starring or watching Yii 2.0 GitHub Project. You may also follow Yii Twitter feeds or join Yii Facebook group to connect with other Yii developers. There is also a forum thread about this news announcement.

Below we summarize some of most important features/fixes included in this release. A complete list of changes can be found in the CHANGELOG

PHP 7 compatibility

Yii 2.0.8 got a couple of PHP 7 compatibility fixes. One is for error handler overall and another is for JSON errors handling. As you probably know, PHP 7 is going to become quite common this year because its inclusion into Ubuntu LTS recently. We are prepared.

Databases and ActiveRecord

We finally have a well-known Yii 1.1 functionality back, which are the filter operators in GridView columns. You may now use yii\db\Query::andFilterCompare() to add this functionality to your GridView filters. Documentation in the Guide is still missing for this feature, contributions welcome!

A new event has been added to ActiveRecord. ActiveRecord classes will now trigger an EVENT_AFTER_REFRESH after a record is refreshed.

Schema and Migrations

In this release, thanks to our community, we've got various enhancements to database schema builder which you can use either while describing migrations or when modifying schema for other purposes.

First of all, there's now the ability to add comments on tables and columns. Column definition in migration it looks like the following:

'title' => $this->string()->notNull()->comment('Hello, I am the title!'),

Usage as separate methods is the following:

$this->addCommentOnTable('user', 'This is a table comment.');
$this->addCommentOnColumn('user', 'name', 'This is a column comment.');
$this->dropCommentFromColumn('user', 'name');
$this->dropCommentFromTable('user');

Next, you can specify the position for newly added column:

$this->string()->notNull()->first();
$this->string()->notNull()->after('anotherColumn');

Unsigned primary keys are now easy to define via $this->primaryKey()->unsigned().

./yii migrate/create console command got a few enhancements as well. The command itself got a useTablePrefix option which, if set to true will cause generated code to use table prefixes.

It now supports foreign keys generation via --fields:

yii migrate/create create_post --fields="author_id:integer:notNull:foreignKey(user),category_id:integer:defaultValue(1):foreignKey,title:string,body:text"

Forms and validation

Have you ever forgotten to set proper form enctype while implementing file uploads? Now Yii handles this for you. If fileInput is used, necessary enctype for the form is set automatically.

When specifying validation rules you can now include a field for validation while keeping it unsafe for mass assignment by adding exclamation mark before the attribute name.

It is now also possible to specify mimeTypes using wildcards when using FileValidator. For example image/* will pass all mime types, that begin with image/ (e.g. image/jpeg, image/png).

The DateValidator became fully compatible for validating time values. This was possible before but also with some limitations. You can now set the $type property of date validator to TYPE_DATETIME or TYPE_TIME to enable time validation even for intl short formats.

Security

Thanks to research by Tom Worster and productive discussions that followed it, security component got some enhancements:

  • It now avoids reading more bytes than needed from /dev/urandom and /dev/random.
  • Pefers /dev/random to /dev/urandom when running on FreeBSD.
  • Has better RNG performance.

None of these are security issues so there's no hurry upgrading from 2.0.7.

Another notable enhancement is that Security component has got a lot more test coverage to ensure it works as expected in different environments.

Command line

Additional to the existing command line options, the console controllers now accept short aliases for most of the options. For example when creating migrations you can now use

./yii migrate/create -p=@app/modules/somemodule/migrations -t=module_migrations new_migration

instead of

./yii migrate/create --migrationPath=@app/modules/somemodule/migrations --migrationTable=module_migrations new_migration

For your own console controllers you may override yii\console\Controller::optionAliases() and specify the aliases.

Dependency Injection for closures in configuration

Dependencies are now automatically injected for closures in configuration:

'components' => [
    'pheanstalk' => function(yii\web\User $user) {
        $result = new \Pheanstalk\Pheanstalk('localhost');
        $result->watch($user->getId());
        return $result;
    },
    // ...

PostgreSQL-based mutex

Mutex got a driver for PostgreSQL so if you're using it you now have one more option to handle locking.

Advanced Application

The Advanced Application now comes with configuration that lets you install with vagrant to create a separated dev environment. Check the docs for more details.