v20.11.0

What's Changed

As you can see, there are many many changes in this release! Thanks to all of the contributors for keeping OpenMage one of the fastest and most secure robust open source eCommerce platforms around!

Fixes

• Show correct version for main branch by @sreichel in #4137
• Allow to use $before parameter in addCss/addJs from XML by @Caprico85 in #4151
• Fixed issues #4134 undefined array index label_use_default in Mage_Catalog_Model_Product_Attribute_Backend_Media by @empiricompany in #4136
• Fix strlen() null deprecation in AccountController.php by @kiatng in #4155
• Added error directory to checks + php8.4 fix by @sreichel in #4184
• Add email link to set password. See issue #1205. by @kiatng in #3262
• Fixed undefined array key "values" in Mage_Catalog_Model_Product_Attribute_Backend_Media by @S0FTWEX in #4125
• Fix ACL Resource "admin/sales/order/actions/use" not found by @pbaldauf in #4199
• PHP8: Fixes passing null to str_contains() by @sreichel in #4203
• Fixed missing/wrong admin _setActiveMenu() by @sreichel in #4209
• Fix wrong Preview link on CMS pages grid by @Caprico85 in #4214
• In product list all swatches are always shown even if they are not available when "Display Out of Stock Products" is disabled by @empiricompany in #4100
• Openmage admin theme: Change background-color for active sections by @sreichel in #4219
• Backport: Added unittest for date and datetime by @sreichel in #4210
• Fixed strcmp(): Passing null to parameter #1 ($string1) of type strin… by @kiatng in #4212
• Custom product types - increased column length for widgets by @sreichel in #4226
• PHP8.1: Added getter method for Mage_Adminhtml_Block_Widget_Grid_Column::getType() to return string by @sreichel in #4238
• Admin theme: Change background-color for active sections by @sreichel in #4246
• Deprecated functionality: preg_match(): Passing null to parameter #4 … by @addison74 in #4251
• Bugfix: passing invalid ID to Mage_Catalog_Model_Url::refreshRewrites() by @sreichel in #4259
• Configurable: remove unused double foreach loop by @Hanmac in #4008
• Added ext-ftp to requirements by @sreichel in #4270
• Fixes configurable swatch color picker in legacy admin theme by @sreichel in #4218
• Fixed incorrect datetime in block, ref #1525 by @sreichel in #4242
• PHP8: base64_decode(): Passing null is deprecated by @sreichel in #4281
• Fix placeholder image in WYSIWYG editor when using a different admin theme by @Caprico85 in #4240
• [PHP 8.4] fgetcsv() - The $escape parameter must be provided as its default value will change by @addison74 in #4297
• [PHP 8.4] fputcsv() - The $escape parameter must be provided as its default value will change by @addison74 in #4298
• Fixes Mage_Core_Helper_Url::removeRequestParam() by @sreichel in #4295
• PHP84: ignore deprecated E_STRICT by @sreichel in #4289
• Fix deprecated message for strlen first value null by @leissbua in #4306
• Fixed full name observer calls in config.xml by @sreichel in #4309
• Fix Mage_Adminhtml_Block_Template::isOutputEnabled() for invalid module by @sreichel in #4320
• Fix: cannot add to wishlist from tag page - Customer account by @sreichel in #4329
• Fix duplicate block rendering with getSortedChildren() by @justinbeaty in #4337
• [PHP 8.x] Deprecated functionality: strtotime(): Passing null to para… by @addison74 in #4339
• Fixes line-height for some H4 in admin legacy theme by @sreichel in #4335
• Added ext-pdo_mysql to checks by @sreichel in #4350
• Fix: create empty SimpleXMLElement by @sreichel in #4351
• Bugfix: cant create order from admin backend by @sreichel in #4348
• Deprecated functionality: preg_replace() by @addison74 in #4311
• Fixed null deprecation in Varien/Convert/Parser/Xml/Excel by @kiatng in #4375
• Fixed null deprecation in Mage_Catalog_Model_Product_Option_Type_Text::validateUserValue() by @kiatng in #4357
• Bugfix: Mage_Adminhtml_Helper_Dashboard_Data::countStores() on null by @sreichel in #4370
• Fix validateHttpVersion to be RFC 1945 and RFC 7230 compliant by @leissbua in #4368
• Fix for catalog_product_relation not being deleted when bundle option deleted. by @dannydnz in #4395
• Fix unserializeArray on nonserialized string by @Hanmac in #4387
• [Tax] add FK to tax/sales_order_tax again by @Hanmac in #4334
• Fix Possible Array Access warnings in Captcha Observer by @Hanmac in #4424

Features

• New feature: Added "Newsletter Subscription Form" widget by @empiricompany in #4095
• Added support to specify file upload dir in system configuration by @eneiasramos in #4079
• Add new method to get config value directly from DB bypassing cache. by @kiatng in #4163
• Updated Varien_Object::getData() and added getDataByKey() & getDataByPath() by @sreichel in #4205
• Admin config: added input validation & hide disabled options by @sreichel in #4232
• Better config for admin RSS links by @sreichel in #4243
• Prevent delete/disable CMS pages used in configuration by @sreichel in #4239
• Unified admin grid columns and added XML configuration by @sreichel in #4225
• Make Mage_GiftMessage optional in templates by @Hanmac in #4266
• Cache isModuleOutputEnabled or isModuleEnabled status by @sreichel in #4323
• Use transliterator_transliterate to generate "url_key" by @sreichel in #4315
• New feature: Highlight popular countries in country select by @ma4nn in #4089
• Install TinyMCE 7.5 via composer by @sreichel in #4113

Security

• TinyMCE security fix by @sreichel in #4157
• Obfuscated login credentials in stacktraces by @sreichel in #4388

DDEV

• [DDEV] Adding n98-magerun support for the test environment by @addison74 in #4107
• DDEV: file permission and bugfix by @sreichel in #4145
• DDEV: command for local development by @sreichel in #4133
• [DDEV] Support for xhprof/xhgui by @sreichel in #4325
• DDEV: updated install script by @sreichel in #4407

Coding style

• PHPCS: fixed php compatibility warning by @sreichel in #4148
• PHPCS: ignore mcrypt related warnings by @sreichel in #4147
• PHP-CS-Fixer: added check for double quotes by @sreichel in #4126
• PHPCS: fixed last PHPCompatibility check errors by @sreichel in #4164
• Small DocBlock update by @sreichel in #4160
• PHP-CS-Fixer: added check for short array syntax and logical operators by @sreichel in #4181
• PHP-CS-Fixer: added check for concat spaces by @sreichel in #4185
• PHPCS: patched ECG standard by @sreichel in #4149
• Rector: CQ - UnusedForeachValueToArrayKeysRector by @sreichel in https://github.com/OpenMage/mage...

v20.10.2

• bump coded in version tag, which was missed in the previous release.

Full Changelog: v20.10.1...v20.10.2

v20.10.1

Security fixes

• CVE-2024-41676 - GHSA-5vrp-638w-p8m2 Stored XSS in admin system configs

What's Changed

• Fixed null parameter warning in Mage_Wishlist_Block_Abstract by @addison74 in #4068
• Fixed null parameter warning in Mage_Shipping_Model_Resource_Carrier_Tablerate by @addison74 in #4073
• Updated TinyMCE to 6.8.4 by @fballiano in #4084
• fix codestyle - empty line by @Flyingmana in #4112
• Fixed UI bug in Newsletter Templates backend page, filters not saved in session by @eneiasramos in #4077
• Added check for isModuleOutputEnabled('Mage_Review') in customer's backend page by @eneiasramos in #4075
• Fixed null parameter warning in Mage_Wishlist_Controller_Abstract::allcartAction() by @addison74 in #4083
• Fixed null parameter warning in Mage_ImportExport_Model_Import_Entity_Product::_filterRowData() by @addison74 in #4086
• Fixed invisible configuration values in backend by @fballiano in #4085
• Added hadling of allowed_extensions for file uploads in backend's configuration section by @eneiasramos in #4078
• Backend: Improved "copy button" style in legacy admin theme by @ma4nn in #4072
• Missing translations in Mage_Sales.csv by @addison74 in #4110

Full Changelog: v20.10.0...v20.10.1

v21.0.0-beta2

🚀 OpenMage 21 is the next step in the evolution of our beloved M1 platform. 🚀

📢🔔 While V21 introduces breaking changes that require careful consideration during the upgrade process, these long-overdue modifications will ultimately bring significant benefits to your stores. In the long run, you can expect enhancements in performance, security, SEO scores, and more, making the transition worthwhile. 📢🔔

Changes you must know and that you have to check one by one

Introduced in beta2

• OM 21.0.0-beta2 is based on OM 20.10.0
• Removed deprecated global translate function __()
• SOAP APIs: Removed all imports from schemas.xmlsoap.org

Introduced in beta1

• PHP8.2 is now the minimum required version for OM v21
• Added form key validation to Contacts form
  Check app/design/frontend/base/default/template/contacts/form.phtml in your theme and be sure that you've <?php echo $this->getBlockHtml('formkey') ?> under the <form opening tag, as shown here.
• Unified CSRF configuration
  If you enabled CSRF in System -> Configuration -> System (which you should!) then it will be enabled for all your forms and the checkout.
• Removed double span element from HTML buttons
  Be sure to check your CSS styles for the buttons in your frontend theme, you may need to adjust them slightly.
• Removed all deprecated _Mysql4_ classes
  This will break many extremely old modules but it was long overdue and allowed us to remove 500+ obsolete files from the core. We provide the shell/rename-mysql4-class-to-resource.php migration script to fix the old modules, you will have to run it but make sure you'll do it in a test environment and thoroughly test everything before publishing to production.
• Removed decorate*() js functions
  Check the phtml files of your custom themes for javascript code calling decorate*() (decorateList, decorateTable, decorateGeneric etc) and remove those calls since they will generate javascript errors on your browser's console.
• Removed "admin routing compatibility mode" for extensions
  The new admin routing mode was implemented in Magento 1.4 for security reasons, together with "compatibility mode" (in order to allow some time to developers to update their modules). After these many years we are removing the compatibility mode and all extensions will have to follow the new admin routing mode or they will not appear in the backend.
• Removed scriptaculous/dragdrop.js from frontend

Changes you want to know about

Introduced in beta2

• RWD theme: Added explicit width/height for product thumbnails in product list template
• RWD theme: Removed ancient normalize.css

Introduced in beta1

• RWD theme: updated jQuery to 3.7.1

Changes that probably won't affect you

Introduced in2

• Rewrote js/varien/menu.js without prototypejs but no longer linked in the base theme
• Rewrote js/mage/adminhtml/accordion.js without prototypejs
• Rewrote js/mage/adminhtml/input-counter.js without prototypejs
• Rewrote payment.js without prototypejs
• Removed unused files from app/code/core/Mage/Adminhtml/Block/Catalog/Category/Tab
• Removed unused file js/varien/telephone.js
• Removed obsolete module Mage_Centinel
• Removed deprecated module DirectPost from Authorize.net payment method
• Removed ccard.js in favor of public domain code
• Removed deprecated escape() from cookies.js

Introduced in beta1

• RWD theme: removed enquire.js and converted to window.matchMedia
• RWD theme: converted default logos to SVG (and removed some Magento names)
• Removed onmouseover/onmouseout from adminhtml menu
• Removed auto_detect_line_endings in Varien_Io_File
• Fixed implementation of SessionHandlerInterface in Mage_Core_Model_Resource_Session
• Rewrote js/varien/weee.js without prototypejs
• Rewrote js/varien/accordion.js without prototypejs
• Rewrote js/mage/captcha.jsp without prototypejs
• Removed unused file js/mage/adminhtml/scrollbar.js
• Removed unused file js/mage/adminhtml/magento-all.js
• Removed unused file js/mage/adminhtml/image.js
• Removed deprecated and unused files from lib/Mage
• Rewrote js/mage/adminhtml/hash.js using native javascript
• Rewrote js/mage/adminhtml/variables.js without prototypejs
• Rewrote js/mage/translate.js without prototypejs

v20.10.0

Highlights

This release brings copyable cells to backend grids, preliminary PHP 8.4 support, improved MariaDB compatibility and fixes to a bundle of important issues. From smoothing out UPS REST API handling, an old cache problem in primary navigation block and a couple of minor regressions in product's attribute handling.

Full changelog

• New Feature for developers: Copyable cells in grids by @kiatng in #4029
• Restored parent::save() on a few classes (fixing PHPStan) ref #3988 by @fballiano in #4021
• Improved orphaned resources detection in backend, fixed #4007 by @kiatng in #4022
• Fixed undefined array index label_use_default in Mage_Catalog_Model_Product_Attribute_Backend_Media by @fballiano in #4024
• UPS Rest API: handling cases where a single service is returned by UPS by @fballiano in #4044
• Fixed bug in Mage_Usa_Model_Shipping_Carrier_Ups->_doShipmentRequestRest() by @ragnese in #4046
• Switched to ROW_FORMAT DYNAMIC for better compatibility with MariaDB 10.3 / 10.11 by @alexh-swdev in #4027
• Fixed Mage_Uploader_Helper_File::getDataMaxSize() when checking against different size units by @F1Red5 in #4039
• Fixed cache issue in primary navigation block by @empiricompany in #4040
• Preliminary PHP 8.4 support: Fixed implicitly nullable parameter deprecation warning by @F1Red5 in #4037
• Fixed array_keys(null) and call to undefined method in Mage_Eav_Model_Config by @F1Red5 in #4036
• Fixed null parameter warnings during installation with DeveloperMode enabled by @fballiano in #4030
• Fixed regression introduced in #2993 where attributes are no longer sorted correctly by attribute group order in attribute comparison by @davidhiendl in #4064
• Fixed undefined array key in Mage/Eav/Model/Config.php by @kiatng in #4059
• Removed extra comma in Mage_Captcha.csv by @addison74 in #4066
• Fixed regression introduced in #2993 where attributes are not correctly pre-filtered for the layered navigation by @davidhiendl in #4063
• Fixed ship-to address for UPS REST shipment API by @ragnese in #4047

External components updates

• Bump phpstan/phpstan from 1.11.2 to 1.11.3 by @dependabot in #4025
• Bump friendsofphp/php-cs-fixer from 3.57.2 to 3.58.1 by @dependabot in #4026
• Bump phpstan/phpstan from 1.11.3 to 1.11.4 by @dependabot in #4038
• Bump friendsofphp/php-cs-fixer from 3.58.1 to 3.59.3 by @dependabot in #4042
• Bump phpseclib/phpseclib from 3.0.37 to 3.0.38 by @dependabot in #4052
• Bump symfony/polyfill-php81 from 1.29.0 to 1.30.0 by @dependabot in #4051
• Bump symfony/polyfill-php74 from 1.29.0 to 1.30.0 by @dependabot in #4050
• Bump phpstan/phpstan from 1.11.4 to 1.11.5 by @dependabot in #4049
• Bump symfony/polyfill-php80 from 1.29.0 to 1.30.0 by @dependabot in #4048
• Bump symfony/polyfill-php82 from 1.29.0 to 1.30.0 by @dependabot in #4061
• Bump phpseclib/phpseclib from 3.0.38 to 3.0.39 by @dependabot in #4060

Full Changelog: v20.9.0...v20.10.0

v20.9.0

Another small but important release, mostly oriented towards fixing a couple of bugs with the new UPS APIs.
Remember, the old UPS XML APIs will be shut down on 3rd June 2024.

What's Changed

• Fixed unable to select "free method" in UPS backend configuration by @fballiano in #4005
• Fixed erroneous call to getText() method in Mage_Usa_Model_Shipping_Carrier_Ups::getAllowedMethods() by @ragnese in #4013
• Fixed available currencies filtering in UPS _parseRestResponse() method by @fballiano in #4017
• Added "edit" action column to "Associated Products" grid of grouped products by @empiricompany in #4006
• Fixed customer can't login after registering through PayPal Express Checkout by @fballiano in #3979
• Added filemtime to merged JS/CSS hash calculation algorithm by @boesbo in #4004
• Added stopPropagation to "copy text" buttons in backend by @Caprico85 in #4019
• Updated PHPStan to 1.11.2 by @fballiano in #3988
• Bump squizlabs/php_codesniffer from 3.9.2 to 3.10.1 by @dependabot in #4011
• Bump friendsofphp/php-cs-fixer from 3.57.1 to 3.57.2 by @dependabot in #4012

v20.8.0

This is a small but important release, necessary to iron out a couple of fixes and improvements with the new UPS APIs and it's necessary to release it now in order for everybody to test and upgrade before 3rd June 2024, when the old UPS XML APIs will be retired.

What's Changed

• Fixed UPS Rest API bugs by @fballiano in #3976
• Fixed cannot sort by column in backend's grids by @fballiano in #3985
• Backend: show links to RSS only if they are enabled by @fballiano in #3997
• Fixed wrong line endings for LICENSE.txt and LICENSE_AFL.txt by @colinmollenhour in #3992
• Bump friendsofphp/php-cs-fixer to 3.57.1 by @dependabot in #4000

v20.7.0

This is such a great release I don't even know how to start, packed with new features like never before! 🤯
Carefully check the 📖 changelog and, if your store uses 🚚 UPS, double check the feature number 4, it is extremely important! 🚨

Incredible new features

1. ConfigurableSwatches now allows for auto-generation of the swatch image file based on color selection

Forget the times when you had to manually generate image files for your plain-color swatches, now everything will be done for you in the backend and it's backward compatible with any swatch image you previously uploaded in the media/wysiwyg/swatches folder.

2. Added copyText function to admin order view page for copying order details

Tired of selecting important data with your mouse just to copy them to the clipboard?
Well, now you can do it much more easily.

3. Override configurations with env variables

The title almost says it all, but now you can create environment variables with structure similar to these:

OPENMAGE_CONFIG__DEFAULT__GENERAL__STORE_INFORMATION__NAME = default
OPENMAGE_CONFIG__WEBSITES__BASE__GENERAL__STORE_INFORMATION__NAME = website
OPENMAGE_CONFIG__STORES__GERMAN__GENERAL__STORE_INFORMATION__NAME = store_german

And they will override every XML or DB based configuration.

4. Added support for UPS Rest APIs

This is extremely important if your store uses UPS for shipments, on 3rd of June 2024 UPS will shut down their SOAP APIs, so you have to migrate to the new Rest API which is provided by this new feature.

Go to "System -> Configuration -> Shipping Methods -> UPS", select the new "United Parcel Service REST" and follow the documentation in the page to create your new UPS credentials.

IMPORTANT NOTE: while you will have to update to v20.7.0 before 3rd of June or your UPS integration will stop working, this new feature has to be handle with caution because of the limited tests that we were able to do before publishing. We worked on this for a few months but you must test with care before upgrading, and you must do it now if you want your store to be safe after the end of May. In case you face any problem get in contact with one of the maintainers.

Important bugs fixed

1. Fixed faulty media gallery label/description management for mutistore projects

Since the beginning of the M1 platform, many many years ago, these data were always broken in the context of multistore/multilanguage project, well, now they're not anymore!

Minor changes and fixes

• Removed jQuery dependencies from swatches in RWD theme by @empiricompany in #3824
• Added new useful columns in products tab in category view by @dbachmann in #2713
• New feature: added mage_run_installed_exception event when uncatched exception is thrown by @pquerner in #3613
• Removed invalid "sortcut icon" HTML element by @fballiano in #3941
• Backend: removed invalid "name" element, removed redundant nobr spans, added data-column-id to grids by @fballiano in #3927
• Type casting and minor fixes in preparation for declare strict_types=1 by @luigifab in #3648

Dependency update

• Bump phpunit/phpunit from 9.6.18 to 9.6.19 by @dependabot in #3931
• Bump friendsofphp/php-cs-fixer from 3.52.1 to 3.53.0 by @dependabot in #3942
• Bump phpstan/phpstan from 1.10.66 to 1.10.67 by @dependabot in #3951
• Bump friendsofphp/php-cs-fixer from 3.53.0 to 3.54.0 by @dependabot in #3950
• Bump squizlabs/php_codesniffer from 3.9.1 to 3.9.2 by @dependabot in #3965
• Bump friendsofphp/php-cs-fixer from 3.54.0 to 3.55.0 by @dependabot in #3974

v21.0.0-beta1

🚀 OpenMage 21 is the next step in the evolution of our beloved M1 platform. 🚀

📢🔔 While V21 introduces breaking changes that require careful consideration during the upgrade process, these long-overdue modifications will ultimately bring significant benefits to your stores. In the long run, you can expect enhancements in performance, security, SEO scores, and more, making the transition worthwhile. 📢🔔

Changes you must know and that you have to check one by one

• PHP8.2 is now the minimum required version for OM v21
• Added form key validation to Contacts form
  Check app/design/frontend/base/default/template/contacts/form.phtml in your theme and be sure that you've <?php echo $this->getBlockHtml('formkey') ?> under the <form opening tag, as shown here.
• Unified CSRF configuration
  If you enabled CSRF in System -> Configuration -> System (which you should!) then it will be enabled for all your forms and the checkout.
• Removed double span element from HTML buttons
  Be sure to check your CSS styles for the buttons in your frontend theme, you may need to adjust them slightly.
• Removed all deprecated _Mysql4_ classes
  This will break many extremely old modules but it was long overdue and allowed us to remove 500+ obsolete files from the core. We provide the shell/rename-mysql4-class-to-resource.php migration script to fix the old modules, you will have to run it but make sure you'll do it in a test environment and thoroughly test everything before publishing to production.
• Removed decorate*() js functions
  Check the phtml files of your custom themes for javascript code calling decorate*() (decorateList, decorateTable, decorateGeneric etc) and remove those calls since they will generate javascript errors on your browser's console.
• Removed "admin routing compatibility mode" for extensions
  The new admin routing mode was implemented in Magento 1.4 for security reasons, together with "compatibility mode" (in order to allow some time to developers to update their modules). After these many years we are removing the compatibility mode and all extensions will have to follow the new admin routing mode or they will not appear in the backend.
• Removed scriptaculous/dragdrop.js from frontend

Changes you want to know about

• RWD theme: updated jQuery to 3.7.1 by @fballiano in #3922

Changes that probably won't affect you

• RWD theme: removed enquire.js and converted to window.matchMedia by @fballiano in #3208
• RWD theme: converted default logos to SVG (and removed some Magento names) by @fballiano in #3148
• Removed onmouseover/onmouseout from adminhtml menu by @luigifab in #2737
• Removed auto_detect_line_endings in Varien_Io_File by @fballiano in #3283
• Fixed implementation of SessionHandlerInterface in Mage_Core_Model_Resource_Session by @fballiano in #3499
• Rewrote js/varien/weee.js without prototypejs by @fballiano in #3670
• Rewrote js/varien/accordion.js without prototypejs by @fballiano in #3669
• Rewrote js/mage/captcha.jsp without prototypejs by @fballiano in #3754
• Removed unused file js/mage/adminhtml/scrollbar.js by @fballiano in #3765
• Removed unused file js/mage/adminhtml/magento-all.js by @fballiano in #3764
• Removed unused file js/mage/adminhtml/image.js by @fballiano in #3758
• Removed deprecated and unused files from lib/Mage by @fballiano in #3872
• Rewrote js/mage/adminhtml/hash.js using native javascript by @fballiano in #3763
• Rewrote js/mage/adminhtml/variables.js without prototypejs by @fballiano in #3762
• Rewrote js/mage/translate.js without prototypejs by @fballiano in #3662

v20.6.0

A solid bugfix release this 20.6.0, with some accessibility improvements to the RWD theme too, which will improve the lighthouse scores that everybody loves ;-)

Changelog

• Fixed zIndex to avoid conflicts between TinyMCE and OpenMage's overlays in the CMS section by @fballiano in #3851
• Fixed default width for input/textarea in OpenMage backend theme by @fballiano in #3850
• Improved fields dependence (show/hide) in backend's config section by @luigifab in #2150
• Varien_Directory_Collection::getLastDir(): "$this" can no longer be used in a plain function or method, since PHP 7.1 by @fballiano in #3823
• Fixed null error on hash_equal in Mage_Oauth_Model_Server by @kiatng in #3870
• Fixed row click issue in Category Products tab by @addison74 in #3866
• Fixed null deprecation in lib/Varien/Filter/Template.php by @kiatng in #3879
• Fixed row click issue in product's upsell/crosssell/related grids by @addison74 in #3865
• Added PHP8.3 to supported list by @fballiano in #3887
• Added VAT related attributes to salesOrderAddressEntity webservices entity by @empiricompany in #3885
• RWD: enhanced contrast on a few colors to fix accessibility issues by @fballiano in #3911
• Fixed no data shown for products with recurring profiles by @fballiano in #3910
• RWD: accessibility improvements: made the red color a bit darker and added titles to important links by @fballiano in #3912
• Rewrote getOpenMageVersion() to be faster by @fballiano in #3875
• Removed unused variables from Mage_Api_Model_Server_Handler_Abstract by @fballiano in #3862
• Removed @Deprecation on Mage::getBlockSingleton() by @kiatng in #3835
• Fixed null parameter warning in Mage_Catalog_Model_Layer_Filter_Attribute by @fballiano in #3926
• Bump phpseclib/phpseclib from 3.0.35 to 3.0.37 by @dependabot in #3869
• Bump phpseclib/mcrypt_compat from 2.0.5 to 2.0.6 by @dependabot in #3868
• Bump friendsofphp/php-cs-fixer from 3.50.0 to 3.51.0 by @dependabot in #3867
• Bump tj-actions/changed-files from 42 to 43 by @dependabot in #3882
• Bump friendsofphp/php-cs-fixer from 3.51.0 to 3.52.1 by @dependabot in #3895
• Bump phpunit/phpunit from 9.6.17 to 9.6.18 by @dependabot in #3896
• Bump squizlabs/php_codesniffer from 3.9.0 to 3.9.1 by @dependabot in #3919
• Bump tj-actions/changed-files from 43 to 44 by @dependabot in #3918
• Bump phpstan/phpstan from 1.10.59 to 1.10.66 by @dependabot in #3880

Full Changelog: v20.5.0...v20.6.0