Merge branch 'release/1.7.49.1'

Signed-off-by: Andy Miller <rhuk@mac.com>

.editorconfig

@@ -13,5 +13,5 @@ indent_size = 4
 trim_trailing_whitespace = true
 
 # 2 space indentation
-[*.{yaml,yml}]
+[*.{yaml,yml,vue,js,css}]
 indent_size = 2

.github/workflows/build.yaml

@@ -4,19 +4,28 @@ on:
   release:
     types: [published]
 
+permissions: {}
+
 jobs:
   build:
+    permissions:
+      contents: write # for release creation (svenstaro/upload-release-action)
+
     if: "!github.event.release.prerelease"
     runs-on: ubuntu-latest
 
     steps:
       - uses: actions/checkout@v2
 
+      - name: Extract Tag
+        run: echo "PACKAGE_VERSION=${{ github.ref }}" >> $GITHUB_ENV
+
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
           php-version: 7.3
           extensions: opcache, gd
+          tools: composer:v2
           coverage: none
         env:
           COMPOSER_TOKEN: ${{ secrets.GLOBAL_TOKEN }}
@@ -38,15 +47,19 @@ jobs:
         run: |
           bash ./build-grav.sh
 
-      - name: Upload Grav Release Assets
-        id: upload-release-asset
-        uses: alexellis/upload-assets@0.2.3
-        env:
-          GITHUB_TOKEN: ${{ secrets.GLOBAL_TOKEN }}
+      - name: Upload packages to release
+        uses: svenstaro/upload-release-action@v2
         with:
-          asset_paths: '["./grav-dist/*.zip"]'
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ env.PACKAGE_VERSION }}
+          file: ./grav-dist/*.zip
+          overwrite: true
+          file_glob: true
 
   slack:
+    permissions:
+      actions: read # to list jobs for workflow run (technote-space/workflow-conclusion-action)
+
     name: Slack
     needs: build
     runs-on: ubuntu-latest

.github/workflows/tests.yaml

@@ -6,41 +6,37 @@ on:
   pull_request:
     branches: [ develop ]
 
-jobs:
+permissions:
+  contents: read # to fetch code (actions/checkout)
 
+jobs:
   unit-tests:
+    strategy:
+      matrix:
+        php: ['8.3', '8.2', '8.1', '8.0', '7.4', '7.3']
+        os: [ubuntu-latest]
 
     runs-on: ${{ matrix.os }}
 
-    strategy:
-      matrix:
-        php: [ 8.0, 7.4, 7.3]
-        os: [ubuntu-latest]
-
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
-      - name: Setup PHP
+      - name: Setup PHP ${{ matrix.php }}
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ matrix.php }}
           extensions: opcache, gd
+          tools: composer:v2
           coverage: none
         env:
-          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-#      - name: Update composer
-#        run: composer update
-#
-#      - name: Validate composer.json and composer.lock
-#        run: composer validate
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Get composer cache directory
         id: composer-cache
-        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+        run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
 
       - name: Cache dependencies
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}

.github/workflows/trigger-skeletons.yml

@@ -12,6 +12,9 @@ on:
         required: true
         default: true
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   build:
     runs-on: ubuntu-latest

.gitignore

@@ -25,8 +25,11 @@ user/plugins/*
 !user/plugins/.*
 user/themes/*
 !user/themes/.*
-user/localhost/config/security.yaml
-user/config/security.yaml
+user/**/config/security.yaml
+
+# Environments
+.env
+.gravenv
 
 # OS Generated
 .DS_Store*

.htaccess

@@ -59,9 +59,9 @@ RewriteRule .* index.php [L]
 # Block all direct access for these folders
 RewriteRule ^(\.git|cache|bin|logs|backup|webserver-configs|tests)/(.*) error [F]
 # Block access to specific file types for these system folders
-RewriteRule ^(system|vendor)/(.*)\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
+RewriteRule ^(system|vendor)/(.*)\.(txt|xml|md|html|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
 # Block access to specific file types for these user folders
-RewriteRule ^(user)/(.*)\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
+RewriteRule ^(user)/(.*)\.(txt|md|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
 # Block all direct access to .md files:
 RewriteRule \.md$ error [F]
 # Block all direct access to files and folders beginning with a dot

CHANGELOG.md

@@ -1,3 +1,624 @@
+# v1.7.49.1
+## 08/25/2025
+
+1. [](#new)
+    * Rerelease to include all updated plugins/theme etc.
+
+# v1.7.49
+## 08/25/2025
+
+1. [](#new)
+    * Revamped Grav Scheduler to support webhook to call call scheduler + concurrent jobs + jobs queue + logging, and other improvements
+    * Revamped Grav Cache purge capabilities to only clear obsolete old cache items
+    * Added full imagick support in Grav Image library
+    * Added support for Validate `match` and `match_any` in forms
+1. [](#improved)
+    * Handle empty values on require with ignore fields in Forms
+    * Use `actions/cache@v4` in github workflows
+    * Use `actions/checkout@v4`in github workflows [#3867](https://github.com/getgrav/grav/pull/3867)
+    * Update code block in README.md [#3886](https://github.com/getgrav/grav/pull/3886)
+    * Updated vendor libs to latest
+1. [](#bugfix)
+    * Bug in `exif_read_data` [#3878](https://github.com/getgrav/grav/pull/3878)
+    * Fix parser error in URI: [#3894](https://github.com/getgrav/grav/issues/3894)
+
+
+# v1.7.48
+## 10/28/2024
+
+1. [](#new)
+    * New Trait for fetchPriority attribute on images [#3850](https://github.com/getgrav/grav/pull/3850)
+1. [](#improved)
+    * Fix for #3164. Adds aliases as possible commands during lookup [#3863](https://github.com/getgrav/grav/pull/3863)
+1. [](#bugfix)
+    * Fix style conflict with Clockwork and tooltips [#3861](https://github.com/getgrav/grav/pull/3861)
+
+# v1.7.47
+## 10/23/2024
+
+1. [](#new)
+  * New `Utils::toAscii()` method  
+  * Added support for Clockwork Debugger to allow web UI (requires new `clockwork-web` plugin)
+1. [](#improved) 
+  * Include modular sub-pages in last-modification date computation [#3562](https://github.com/getgrav/grav/pull/3562)
+  * Updated vendor libs to latest versions
+  * Updated JQuery to `3.7.1` [#3787](https://github.com/getgrav/grav/pull/3827)
+  * Updated vendor libraries to latest versions
+  * Support for Fediverse Creator meta tag [#3844](https://github.com/getgrav/grav/pull/3844)
+1. [](#bugfix)
+  * Fixes deprecated for return type in Filesystem with PHP 8.3.6 [#3831](https://github.com/getgrav/grav/issues/3831) 
+  * Fix for `exif_imagtetype()` throwing an exception when file doesn't exist
+  * Fix JSON output comments check with content type [#3859](https://github.com/getgrav/grav/pull/3859)
+
+# v1.7.46
+## 05/15/2024
+
+1. [](#new)
+   * Added a new `Utils::toAscii()` method to remove UTF-8 characters from string
+1. [](#improved) 
+   * Removed unused `symfony/service-contracts` [#3828](https://github.com/getgrav/grav/pull/3828)
+   * Upgraded bundled legacy JQuery to `3.7.1` [#3727](https://github.com/getgrav/grav/pull/3827)
+   * Include modular pages in header `last-modified:` calculation [#3562](https://github.com/getgrav/grav/pull/3562)
+   * Updated vendor libs to latest versions
+1. [](#bugfix)
+   * Fixed some deprecated issues in Filesystem [#3831](https://github.com/getgrav/grav/issues/3831)
+
+# v1.7.46
+## 05/15/2024
+
+1. [](#improved) 
+   * Better handling of external protocols in `Utils::url()` such as `mailto:`, `tel:`, etc.
+   * Handle `GRAV_ROOT` or `GRAV_WEBROOT` when `/` [#3667](https://github.com/getgrav/grav/pull/3667)
+1. [](#bugfix)
+   * Fixes for multi-lang taxonomy when reinitializing the languages (e.g. LangSwitcher plugin) 
+   * Ensure the full filepath is checked for invalid filename in `MediaUploadTrait::checkFileMetadata()`
+   * Fixed a bug in the `on_events` REGEX pattern of `Security::detectXss()` as it was not matching correctly.
+   * Fixed an issue where `read_file()` Twig function could be used nefariously in content [#GHSA-f8v5-jmfh-pr69](https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69)
+
+# v1.7.45
+## 03/18/2024
+
+1. [](#new)
+   * Added new Image trait for `decoding` attribute [#3796](https://github.com/getgrav/grav/pull/3796)
+1. [](#bugfix)
+   * Fixed some multibyte issues in Inflector class [#732](https://github.com/getgrav/grav/issues/732)
+   * Fallback to page modified date if Page date provided is invalid and can't be parsed [getgrav/grav-plugin-admin#2394](https://github.com/getgrav/grav-plugin-admin/issues/2394)
+   * Fixed a path traversal vulnerability with file uploads [#GHSA-m7hx-hw6h-mqmc](https://github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc)
+   * Fixed a security issue with insecure Twig functions be processed [#GHSA-2m7x-c7px-hp58](https://github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58) [#GHSA-r6vw-8v8r-pmp4](https://github.com/getgrav/grav/security/advisories/GHSA-r6vw-8v8r-pmp4) [#GHSA-qfv4-q44r-g7rv](https://github.com/getgrav/grav/security/advisories/GHSA-qfv4-q44r-g7rv) [#GHSA-c9gp-64c4-2rrh](https://github.com/getgrav/grav/security/advisories/GHSA-c9gp-64c4-2rrh)
+1. [](#improved) 
+   * Updated composer packages
+   * Updated `bin/composer.phar` to latest `2.7.2`
+
+# v1.7.44
+## 01/05/2024
+
+1. [](#new)
+   * Added PHP `8.3` to tests [#3782](https://github.com/getgrav/grav/pull/3782)
+   * Added debugger messages when Page routes conflict
+   * Added `ISO 8601` date format [#3721](https://github.com/getgrav/grav/pull/37210)
+   * Added support for `.vcf` (vCard) in media configuration [#3772](https://github.com/getgrav/grav/pull/3772)
+1. [](#improved) 
+   * Update jQuery to `v3.6.4` [#3713](https://github.com/getgrav/grav/pull/3713)
+   * Updated vendor libraries including Dom-Sanitizer `v1.0.7` that addresses an XSS issue 
+   * Updated `bin/composer.phar` to latest `2.6.6`
+   * Updated vendor libraries to latest
+   * Updated language files
+   * Updated copyright year
+1. [](#bugfix)
+   * Fixed a math rounding issue with number validation when using floating point steps [#3761](https://github.com/getgrav/grav/issues/3761)
+   * Fixed an issue with `Inflector::ordinalize()` not working as expected [#3759](https://github.com/getgrav/grav/pull/3759)
+   * Fixed various issues with file extension checking with dangerous extensions [#3756(https://github.com/getgrav/grav/pull/3756)]
+   * Fix for invalid input to foreach in `UserGroupObject` [#3724](https://github.com/getgrav/grav/pull/3724)
+   * Fixed exception: `Property 'jsmodule_pipeline_include_externals' does not exist in object` [#3661](https://github.com/getgrav/grav/pull/3661)
+   * Fixed `too few arguments exception` in FlexObjects [#3658](https://github.com/getgrav/grav/pull/3658)
+
+# v1.7.43
+## 10/02/2023
+
+1. [](#new)
+   * Add the ability to programatically set a page's `modified` timestamp via a `modified:` frontmatter entry
+2. [](#improved)
+   * Update vendor libraries
+   * Include `phar` in the list of `security.uploads_dangerous_extensions`
+   * When enabled `system.languages.debug` now dumps **Key -> Value** to debugger [#3752](https://github.com/getgrav/grav/issues/3752)
+   * Updated built-in composer to latest `2.6.4` [#3748](https://github.com/getgrav/grav/issues/3748)
+   * Added support for `@import` to ensure paths are rewritten correctly in CSS pipeline [#3750](https://github.com/getgrav/grav/pull/3750)
+
+# v1.7.42.3
+## 07/18/2023
+
+2. [](#improved)
+   * Fixed a typo in `Utils::isDangerousFunction`
+
+# v1.7.42.2
+## 07/18/2023
+
+2. [](#improved)
+   * In `Utils::isDangerousFunction`, handle double `\\` in `|map` twig filter to mitigate SSTI attack
+   * Better handle empty email in `Validatoin::typeEmail()`
+
+# v1.7.42.1
+## 06/15/2023
+
+2. [](#improved)
+   * Quick fix for `isDangerousFunction` when `$name` was a closure [#3727](https://github.com/getgrav/grav/issues/3727)
+
+# v1.7.42
+## 06/14/2023
+
+1. [](#new)
+   * Added a new `system.languages.debug` option that adds a `<span class="translate-debug"></span>` around strings translated with `|t`. This can be styled by the theme as needed.
+1. [](#improved)
+   * More robust SSTI handling in `filter`, `map`, and `reduce` Twig filters and functions
+   * Various SSTI improvements `Utils::isDangerousFunction()`
+1. [](#bugfix)
+   * Fixed Twig `|map()` allowing code execution
+   * Fixed Twig `|reduce()` allowing code execution
+
+# v1.7.41.2
+## 06/01/2023
+
+1. [](#improved)
+   * Added the ability to set a configurable 'key' for the Twig Cache Tag: `{% cache 'my-key' 600 %}`
+1. [](#bugfix)
+   * Fixed an issue with special characters in slug's would cause redirect loops
+
+# v1.7.41.1
+## 05/10/2023
+
+1. [](#bugfix)
+   * Fixed certain UTF-8 characters breaking `Truncator` class [#3716](https://github.com/getgrav/grav/issues/3716)
+
+# v1.7.41
+## 05/09/2023
+
+1. [](#improved)
+   * Removed `FILTER_SANITIZE_STRING` input filter in favor of `htmlspecialchars(strip_tags())` for PHP 8.2+
+   * Added `GRAV_SANITIZE_STRING` constant to replace `FILTER_SANITIZE_STRING` for PHP 8.2+
+   * Support non-deprecated style dynamic properties in `Parsedown` class via `ParseDownGravTrait` for PHP 8.2+
+   * Modified `Truncator` to not use deprecated `mb_convert_encoding()` for PHP 8.2+
+   * Fixed passing null into `mb_strpos()` deprecated for PHP 8.2+
+   * Updated internal `TwigDeferredExtension` to be PHP 8.2+ compatible
+   * Upgraded `getgrav/image` fork to take advantage of various PHP 8.2+ fixes
+   * Use `UserGroupObject::groupNames` method in blueprints for PHP 8.2+
+   * Comment out `files-upload` deprecated message as this is not going to be removed
+   * Added various public `Twig` class variables used by admin to address deprecated messages for PHP 8.2+
+   * Added `parse_url` to list of PHP functions supported in Twig Extension
+   * Added support for dynamic functions in `Parsedown` to stop deprecation messages in PHP 8.2+
+ 
+# v1.7.40
+## 03/22/2023
+
+1. [](#new)
+    * Added a new `timestamp: true|false` option for individual assets
+1. [](#improved)
+    * Removed outdated `xcache` setting [#3615](https://github.com/getgrav/grav/pull/3615)
+    * Updated `robots.txt` [#3625](https://github.com/getgrav/grav/pull/3625)
+    * Handle the situation when GRAV_ROOT or GRAV_WEBROOT are `/` [#3625](https://github.com/getgrav/grav/pull/3667)
+1. [](#bugfix)
+    * Fixed `force_ssl` redirect in case of undefined hostname [#3702](https://github.com/getgrav/grav/pull/3702)
+    * Fixed an issue with duplicate identical page paths
+    * Fixed `BlueprintSchema:flattenData` to properly handle ignored fields
+    * Fixed LogViewer regex greediness [#3684](https://github.com/getgrav/grav/pull/3684)
+    * Fixed `whoami` command [#3695](https://github.com/getgrav/grav/pull/3695)
+
+# v1.7.39.4
+## 02/22/2023
+
+1. [](#bugfix)
+    * Reverted a reorganization of `account.yaml` that caused username to be disabled [admin#2344](https://github.com/getgrav/grav-plugin-admin/issues/2344)
+
+# v1.7.39.3
+## 02/21/2023
+
+1. [](#bugfix)
+    * Fix for overzealous modular page template rendering fix in 1.7.39 causing Feed plugin to break [#3689](https://github.com/getgrav/grav/issues/3689)
+
+# v1.7.39.2
+## 02/20/2023
+
+1. [](#bugfix)
+    * Fix for invalid session breaking Flex Accounts (when switching from Regular to Flex)
+
+# v1.7.39.1
+## 02/20/2023
+
+1. [](#bugfix)
+    * Fix for broken image CSS with the latest version of DebugBar
+
+# v1.7.39
+## 02/19/2023
+
+1. [](#improved)
+    * Vendor library updates to latest versions
+1. [](#bugfix)
+    * Various PHP 8.2 fixes
+    * Fixed an issue with modular pages rendering thew wrong template when dynamically changing the page
+    * Fixed an issue with `email` validation that was failing on UTF-8 characters. Following best practices and now only check for `@` and length.
+    * Fixed PHPUnit tests to remove deprecation warnings
+
+# v1.7.38
+## 01/02/2023
+
+1. [](#new)
+    * New `onBeforeSessionStart()` event to be used to store data lost during session regeneration (e.g. login)
+1. [](#improved)
+   * Vendor library updates to latest versions
+   * Updated `bin/composer.phar` to latest `2.4.4` version [#3627](https://github.com/getgrav/grav/issues/3627)
+1. [](#bugfix)
+   * Don't fail hard if pages recurse with same path
+   * Github workflows security hardening [#3624](https://github.com/getgrav/grav/pull/3624)
+
+# v1.7.37.1
+## 10/05/2022
+
+1. [](#bugfix)
+    * Fixed a bad return type [#3630](https://github.com/getgrav/grav/issues/3630)
+
+# v1.7.37
+## 10/05/2022
+
+1. [](#new)
+    * Added new `onPageHeaders()` event to allow for header modification as needed
+    * Added a `system.pages.dirs` configuration option to allow for configurable paths, and multiple page paths
+    * Added new `Pages::getSimplePagesHash` which is useful for caching pages specific data
+    * Updated to latest vendor libraries
+1. [](#bugfix)
+    * An attempt to workaround windows reading locked file issue [getgrav/grav-plugin-admin#2299](https://github.com/getgrav/grav-plugin-admin/issues/2299)
+    * Force user index file to be updated to fix email addresses [getgrav/grav-plugin-login#229](https://github.com/getgrav/grav-plugin-login/issues/229)
+
+# v1.7.36
+## 09/08/2022
+
+1. [](#new)
+    * Added `authorize-*@:` support for Flex blueprints, e.g. `authorize-disabled@: not delete` disables the field if user does not have access to delete object
+    * Added support for `flex-ignore@` to hide all the nested fields in the blueprint
+1. [](#bugfix)
+    * Fixed login with a capitalised email address when using old users [getgrav/grav-plugin-login#229](https://github.com/getgrav/grav-plugin-login/issues/229)
+
+# v1.7.35
+## 08/04/2022
+
+1. [](#new)
+   * Added support for `multipart/form-data` content type in PUT and PATCH requests
+   * Added support for object relationships
+   * Added variables `$environment` (string), `$request` (PSR-7 ServerRequestInterface|null) and `$uri` (PSR-7 Uri|null) to be used in `setup.php`
+1. [](#improved)
+   * Minor vendor updates
+
+# v1.7.34
+## 06/14/2022
+
+1. [](#new)
+    * Added back Yiddish to Language Codes [#3336](https://github.com/getgrav/grav/pull/3336)
+    * Ignore upcoming `media.json` file in media
+1. [](#bugfix)
+    * Regression: Fixed saving page with a new language causing cache corruption [getgrav/grav-plugin-admin#2282](https://github.com/getgrav/grav-plugin-admin/issues/2282)
+    * Fixed a potential fatal error when using watermark in images
+    * Fixed `bin/grav install` command with arbitrary destination folder name
+    * Fixed Twig `|filter()` allowing code execution
+    * Fixed login and user search by email not being case-insensitive when using Flex Users
+
+# v1.7.33
+## 04/25/2022
+
+1. [](#improved)
+    * When saving yaml and markdown, create also a cached version of the file and recompile it in opcache
+2. [](#bugfix)
+    * Fixed missing changes in **yaml** & **markdown** files if saved multiple times during the same second because of a caching issue
+    * Fixed XSS check not detecting onX events without quotes
+    * Fixed default collection ordering in pages admin
+
+# v1.7.32
+## 03/28/2022
+
+1. [](#new)
+    * Added `|replace_last(search, replace)` filter
+    * Added `parseurl` Twig function to expose PHP's `parse_url` function
+2. [](#improved)
+    * Added multi-language support for page routes in `Utils::url()`
+    * Set default maximum length for text fields
+      - `password`: 256
+      - `email`: 320
+      - `text`, `url`, `hidden`, `commalist`: 2048
+      - `text` (multiline), `textarea`: 65536
+3. [](#bugfix)
+   * Fixed issue with `system.cache.gzip: true` resulted in "Fetch Failed" for PHP 8.0.17 and PHP 8.1.4 [PHP issue #8218](https://github.com/php/php-src/issues/8218)
+   * Fix for multi-lang issues with Security Report
+   * Fixed page search not working with selected language [#3316](https://github.com/getgrav/grav/issues/3316)
+
+# v1.7.31
+## 03/14/2022
+
+1. [](#new)
+   * Added new local Multiavatar (local generation). **This will be default in Grav 1.8**
+   * Added support to get image size for SVG vector images [#3533](https://github.com/getgrav/grav/pull/3533)
+   * Added XSS check for uploaded SVG files before they get stored
+   * Fixed phpstan issues (All level 2, Framework level 5)
+2. [](#improved)
+   * Moved Accounts out of Experimental section of System configuration to new "Accounts" tab
+3. [](#bugfix)
+   * Fixed `'mbstring' extension is not loaded` error, use Polyfill instead [#3504](https://github.com/getgrav/grav/pull/3504)
+   * Fixed new `Utils::pathinfo()` and `Utils::basename()` being too strict for legacy use [#3542](https://github.com/getgrav/grav/issues/3542)
+   * Fixed non-standard video html atributes generated by `{{ media.html() }}` [#3540](https://github.com/getgrav/grav/issues/3540)
+   * Fixed entity sanitization for XSS detection
+   * Fixed avatar save location when `account://` stream points to custom directory
+   * Fixed bug in `Utils::url()` when path contains part of root
+
+# v1.7.30
+## 02/07/2022
+
+1. [](#new)
+    * Added twig filter `|field_parent` to get parent field name
+2. [](#bugfix)
+    * Fixed error while deleting retina image in admin
+    * Fixed "Page Authors" field in Security tab, wrongly loading and saving the value [#3525](https://github.com/getgrav/grav/issues/3525)
+    * Fixed accounts filter only matches against email address [getgrav/grav-plugin-admin#2224](https://github.com/getgrav/grav-plugin-admin/issues/2224)
+
+# v1.7.29.1
+## 01/31/2022
+
+1. [](#bugfix)
+    * Fixed `Call to undefined method` error when upgrading from Grav 1.6 [#3523](https://github.com/getgrav/grav/issues/3523)
+
+# v1.7.29
+## 01/28/2022
+
+1. [](#new)
+    * Added support for registering assets from `HtmlBlock`
+    * Added unicode-safe `Utils::basename()` and `Utils::pathinfo()` methods
+2. [](#improved)
+    * Improved `Filesystem::basename()` and `Filesystem::pathinfo()` to be unicode-safe
+    * Made path handling unicode-safe, use new `Utils::basename()` and `Utils::pathinfo()` everywhere
+3. [](#bugfix)
+    * Fixed error on thumbnail image creation
+    * Fixed MimeType for `gzip` (`application/x-gzip`)
+
+# v1.7.28
+## 01/24/2022
+
+1. [](#new)
+    * Added links and modules support to `HtmlBlock` class
+    * Added module support for twig script tag: `{% script module 'theme://js/module.mjs' %}`
+    * Added twig tag for links: `{% link icon 'theme://images/favicon.png' priority: 20 with { type: 'image/png' } %}`
+    * Added `HtmlBlock` support for `{% style %}`, `{% script %}` and `{% link %}` tags
+    * Support for page-level `redirect_default_route` frontmatter header override
+3. [](#bugfix)
+    * Fixed XSS check not detecting escaped `&#58`
+
+# v1.7.27.1
+## 01/12/2022
+
+3. [](#bugfix)
+   * Fixed a typo in CSS Asset pipeline that was erroneously joining files with `;`
+
+# v1.7.27
+## 01/12/2022
+
+1. [](#new)
+   * Support for `YubiKey OTP` 2-Factor authenticator
+   * Added support for generic `assets.link()` for external references. No pipeline support
+   * Added support for `assets.addJsModule()` with full pipeline support
+   * Added `Utils::getExtensionsByMime()` method to get all the registered extensions for the specific mime type
+   * Added `Media::getRoute()` and `Media::getRawRoute()` methods to get page route if available
+   * Added `Medium::getAlternatives()` to be able to list all the retina sizes
+2. [](#improved)
+   * Improved `Utils::download()` method to allow overrides on download name, mime and expires header
+   * Improved `onPageFallBackUrl` event
+   * Reorganized the Asset system configuration blueprint for clarity
+3. [](#bugfix)
+   * Fixed CLI `--env` and `--lang` options having no effect if they aren't added before all the other options
+   * Fixed scaled image medium filename when using non-existing retina file
+   * Fixed an issue with JS `imports` and pipelining Assets
+
+# v1.7.26.1
+## 01/04/2022
+
+3. [](#bugfix)
+   * Fixed `UserObject::getAccess()` after cloning the object
+
+# v1.7.26
+## 01/03/2022
+
+1. [](#new)
+    * Made `Grav::redirect()` to accept `Route` class
+    * Added `translated()` method to `PageTranslateInterface`
+    * Added second parameter to `UserObject::isMyself()` method
+    * Added `UserObject::$isAuthorizedCallable` to allow `$user->isAuthorized()` customization
+    * Use secure session cookies in HTTPS by default (`system.session.secure_https: true`)
+    * Added new `Plugin::inheritedConfigOption()` function to access plugin specific functions for page overrides
+2. [](#improved)
+   * Upgraded vendor libs for PHP 8.1 compatibility
+   * Upgraded to **composer v2.1.14** for PHP 8.1 compatibility
+   * Added third `$name` parameter to `Blueprint::flattenData()` method, useful for flattening repeating data
+   * `ControllerResponseTrait`: Redirect response should be json if the extension is .json
+   * When symlinking Grav install, include also tests
+   * Updated copyright year to `2022`
+3. [](#bugfix)
+   * Fixed bad key lookup in `FlexRelatedDirectoryTrait::getCollectionByProperty()`
+   * Fixed RequestHandlers `NotFoundException` having empty request
+   * Block `.json` files in web server configs
+   * Disabled pretty debug info for Flex as it slows down Twig rendering
+   * Fixed Twig being very slow when template overrides do not exist
+   * Fixed `UserObject::$authorizeCallable` binding to the user object
+   * Fixed `FlexIndex::call()` to return null instead of failing to call undefined method
+   * Fixed Flex directory configuration creating environment configuration when it should not
+
+# v1.7.25
+## 11/16/2021
+
+1. [](#new)
+    * Updated phpstan to v1.0
+    * Added `FlexObject::getDiff()` to see difference to the saved object
+2. [](#improved)
+    * Use Symfony `dump` instead of PHP's `vardump` in side the `{{ vardump(x) }}` Twig vardump function
+    * Added `route` and `request` to `onPagesInitialized` event
+    * Improved page cloning, added method `Page::initialize()`
+    * Improved `FlexObject::getChanges()`: return changed lists and arrays as whole instead of just changed keys/values
+    * Improved form validation JSON responses to contain list of failed fields with their error messages
+    * Improved redirects: send redirect response in JSON if the request was in JSON
+3. [](#bugfix)
+    * Fixed path traversal vulnerability when using `bin/grav server`
+    * Fixed unescaped error messages in JSON error responses
+    * Fixed `|t(variable)` twig filter in admin
+    * Fixed `FlexObject::getChanges()` always returning empty array
+    * Fixed form validation exceptions to use `400 Bad Request` instead of `500 Internal Server Error`
+
+# v1.7.24
+## 10/26/2021
+
+1. [](#new)
+    * Added support for image watermarks
+    * Added support to disable a form, making it readonly
+2. [](#improved)
+    * Flex `$user->authorize()` now checks user groups before `admin.super`, allowing deny rules to work properly
+3. [](#bugfix)
+    * Fixed a bug in `PermissionsReader` in PHP 7.3
+    * Fixed `session_store_active` language option (#3464)
+    * Fixed deprecated warnings on `ArrayAccess` in PHP 8.1
+    * Fixed XSS detection with `&colon;`
+
+# v1.7.23
+## 09/29/2021
+
+1. [](#new)
+    * Added method `Pages::referrerRoute()` to get the referrer route and language
+    * Added true unique `Utils::uniqueId()` / `{{ unique_id() }}` utilities  with length, prefix, and suffix support
+    * Added `UserObject::isMyself()` method to check if flex user is currently logged in
+    * Added support for custom form field options validation with `validate: options: key|ignore`
+2. [](#improved)
+   * Replaced GPL `SVG-Sanitizer` with MIT licensed `DOM-Sanitizer`
+   * `Uri::referrer()` now accepts third parameter, if set to `true`, it returns route without base or language code [#3411](https://github.com/getgrav/grav/issues/3411)
+   * Updated vendor libs with latest
+   * Updated with latest language strings via Crowdin.com
+3. [](#bugfix)
+    * Fixed `Folder::move()` throwing an error when target folder is changed by only appending characters to the end [#3445](https://github.com/getgrav/grav/issues/3445)
+    * Fixed some phpstan issues (all code back to level 1, Framework level 3)
+    * Fixed form reset causing image uploads to fail when using Flex
+
+# v1.7.22
+## 09/16/2021
+
+1. [](#new)
+    * Register plugin autoloaders into plugin objects
+2. [](#improved)
+    * Improve Twig 2 compatibility
+    * Update to customized version of Twig DeferredExtension (Twig 1/2 compatible)
+3. [](#bugfix)
+    * Fixed conflicting `$_original` variable in `Flex Pages`
+
+# v1.7.21
+## 09/14/2021
+
+1. [](#new)
+    * Added `|yaml` filter to convert input to YAML
+    * Added `route` and `request` to `onPageNotFound` event
+    * Added file upload/remove support for `Flex Forms`
+    * Added support for `flex-required@: not exists` and `flex-required@: '!exists'` in blueprints
+    * Added `$object->getOriginalData()` to get flex objects data before it was modified with `update()`
+    * Throwing exceptions from Twig templates fires `onDisplayErrorPage.[code]` event allowing better error pages
+2. [](#improved)
+    * Use a simplified text-based `cron` field for scheduler
+    * Add timestamp to logging output of scheduler jobs to see when they ran
+3. [](#bugfix)
+    * Fixed escaping in PageIndex::getLevelListing()
+    * Fixed validation of `number` type [#3433](https://github.com/getgrav/grav/issues/3433)
+    * Fixed excessive `security.yaml` file creation [#3432](https://github.com/getgrav/grav/issues/3432)
+    * Fixed incorrect port :0 with nginx unix socket setup [#3439](https://github.com/getgrav/grav/issues/3439)
+    * Fixed `Session::setFlashCookieObject()` to use the same options as the main session cookie
+
+# v1.7.20
+## 09/01/2021
+
+2. [](#improved)
+    * Added support for `task` and `action` inside JSON request body
+
+# v1.7.19
+## 08/31/2021
+
+1. [](#new)
+    * Include active form and request in `onPageTask` and `onPageAction` events (defaults to `null`)
+    * Added `UserObject::$authorizeCallable` to allow `$user->authorize()` customization
+2. [](#improved)
+    * Added meta support for `UploadedFile` class
+    * Added support for multiple mime-types per file extension [#3422](https://github.com/getgrav/grav/issues/3422)
+    * Added `setCurrent()` method to Page Collection [#3398](https://github.com/getgrav/grav/pull/3398)
+    * Initialize `$grav['uri']` before session
+3. [](#bugfix)
+    * Fixed `Warning: Undefined array key "SERVER_SOFTWARE" in index.php` [#3408](https://github.com/getgrav/grav/issues/3408)
+    * Fixed error in `loadDirectoryConfig()` if configuration hasn't been saved [#3409](https://github.com/getgrav/grav/issues/3409)
+    * Fixed GPM not using non-standard cache path [#3410](https://github.com/getgrav/grav/issues/3410)
+    * Fixed broken `environment://` stream when it doesn't have configuration
+    * Fixed `Flex Object` missing key field value when using `FolderStorage`
+    * Fixed broken Twig try tag when catch has not been defined or is empty
+    * Fixed `FlexForm` serialization
+    * Fixed form validation for numeric values in PHP 8
+    * Fixed `flex-options@` in blueprints duplicating items in array
+    * Fixed wrong form issue with flex objects after cache clear
+    * Fixed Flex object types not implementing `MediaInterface`
+    * Fixed issue with `svgImageFunction()` that was causing broken output
+
+# v1.7.18
+## 07/19/2021
+
+1. [](#improved)
+    * Added support for loading Flex Directory configuration from main configuration
+    * Move SVGs that cannot be sanitized to quarantine folder under `log://quarantine`
+    * Added support for CloudFlare-forwarded client IP in the `URI::ip()` method
+1. [](#bugfix)
+    * Fixed error when using Flex `SimpleStorage` with no entries
+    * Fixed page search to include slug field [#3316](https://github.com/getgrav/grav/issues/3316)
+    * Fixed Admin becoming unusable when GPM cannot be reached [#3383](https://github.com/getgrav/grav/issues/3383)
+    * Fixed `Failed to save entry: Forbidden` when moving a page to a visible page [#3389](https://github.com/getgrav/grav/issues/3389)
+    * Better support for Symfony local server on linux [#3400](https://github.com/getgrav/grav/pull/3400)
+    * Fixed `open_basedir()` error with some forms
+
+# v1.7.17
+## 06/15/2021
+
+1. [](#new)
+    * Interface `FlexDirectoryInterface` now extends `FlexAuthorizeInterface`
+1. [](#improved)
+    * Allow to unset an asset attribute by specifying null (ie, `'defer': null`)
+    * Support specifying custom attributes to assets in a collection [Read more](https://learn.getgrav.org/17/themes/asset-manager#collections-with-attributes?target=_blank) [#3358](https://github.com/getgrav/grav/issues/3358)
+    * File `frontmatter.yaml` isn't part of media, ignore it
+    * Switched default `JQuery` collection to use 3.x rather than 2.x
+1. [](#bugfix)
+    * Fixed missing styles when CSS/JS Pipeline is used and `asset://` folder is missing
+    * Fixed permission check when moving a page [#3382](https://github.com/getgrav/grav/issues/3382)
+
+# v1.7.16
+## 06/02/2021
+
+1. [](#new)
+    * Added 'addFrame()' method to ImageMedium [#3323](https://github.com/getgrav/grav/pull/3323)
+1. [](#improved)
+    * Set `cache.clear_images_by_default` to `false` by default
+    * Improve error on bad nested form data [#3364](https://github.com/getgrav/grav/issues/3364)
+1. [](#bugfix)
+    * Improve Plugin and Theme initialization to fix PHP8 bug [#3368](https://github.com/getgrav/grav/issues/3368)
+    * Fixed `pathinfo()` twig filter in PHP7
+    * Fixed the first visible child page getting ordering number `999999.` [#3365](https://github.com/getgrav/grav/issues/3365)
+    * Fixed flex pages search using only folder name [#3316](https://github.com/getgrav/grav/issues/3316)
+    * Fixed flex pages using wrong type in `onBlueprintCreated` event [#3157](https://github.com/getgrav/grav/issues/3157)
+    * Fixed wrong SRI paths invoked when Grav instance as a sub folder [#3358](https://github.com/getgrav/grav/issues/3358)
+    * Fixed SRI trying to calculate remote assets, only ever set integrity for local files. Use the SRI provided by the remote source and manually add it in the `addJs/addCss` call for remote support. [#3358](https://github.com/getgrav/grav/issues/3358)
+    * Fix for weird regex issue with latest PHP versions on Intel Macs causing params to not parse properly in URI object
+
+# v1.7.15
+## 05/19/2021
+
+1. [](#improved)
+    * Allow optional start date in page collections [#3350](https://github.com/getgrav/grav/pull/3350)
+    * Added `page` and `output` properties to `onOutputGenerated` and `onOutputRendered` events
+1. [](#bugfix)
+    * Fixed twig deprecated TwigFilter messages [#3348](https://github.com/getgrav/grav/issues/3348)
+    * Fixed fatal error with some markdown links [getgrav/grav-premium-issues#95](https://github.com/getgrav/grav-premium-issues/issues/95)
+    * Fixed markdown media operations not working when using `image://` stream [#3333](https://github.com/getgrav/grav/issues/3333) [#3349](https://github.com/getgrav/grav/issues/3349)
+    * Fixed copying page without changing the slug [getgrav/grav-plugin-admin#2135](https://github.com/getgrav/grav-plugin-admin/issues/2139)
+    * Fixed missing and commonly used methods when using `system.twig.undefined_functions = false` [getgrav/grav-plugin-admin#2138](https://github.com/getgrav/grav-plugin-admin/issues/2138)
+    * Fixed uploading images into Flex Object if field destination is not set
+
 # v1.7.14
 ## 04/29/2021
 

README.md

@@ -1,20 +1,19 @@
 # ![](https://avatars1.githubusercontent.com/u/8237355?v=2&s=50) Grav
 
 [![PHPStan](https://img.shields.io/badge/PHPStan-enabled-brightgreen.svg?style=flat)](https://github.com/phpstan/phpstan)
-[![SensioLabsInsight](https://insight.sensiolabs.com/projects/cfd20465-d0f8-4a0a-8444-467f5b5f16ad/mini.png)](https://insight.sensiolabs.com/projects/cfd20465-d0f8-4a0a-8444-467f5b5f16ad)
 [![Discord](https://img.shields.io/discord/501836936584101899.svg?logo=discord&colorB=728ADA&label=Discord%20Chat)](https://chat.getgrav.org)
- [![PHP Tests](https://github.com/getgrav/grav/workflows/PHP%20Tests/badge.svg?branch=develop)](https://github.com/getgrav/grav/actions?query=workflow%3A%22PHP+Tests%22) [![OpenCollective](https://opencollective.com/grav/backers/badge.svg)](#backers) [![OpenCollective](https://opencollective.com/grav/sponsors/badge.svg)](#sponsors)
+ [![PHP Tests](https://github.com/getgrav/grav/workflows/PHP%20Tests/badge.svg?branch=develop)](https://github.com/getgrav/grav/actions?query=workflow%3A%22PHP+Tests%22) [![OpenCollective](https://opencollective.com/grav/tiers/backers/badge.svg?label=Backers&color=brightgreen)](#backers) [![OpenCollective](https://opencollective.com/grav/tiers/supporters/badge.svg?label=Supporters&color=brightgreen)](#supporters) [![OpenCollective](https://opencollective.com/grav/tiers/sponsors/badge.svg?label=Sponsors&color=brightgreen)](#sponsors)
 
 Grav is a **Fast**, **Simple**, and **Flexible**, file-based Web-platform.  There is **Zero** installation required.  Just extract the ZIP archive, and you are already up and running.  It follows similar principles to other flat-file CMS platforms, but has a different design philosophy than most. Grav comes with a powerful **Package Management System** to allow for simple installation and upgrading of plugins and themes, as well as simple updating of Grav itself.
 
 The underlying architecture of Grav is designed to use well-established and _best-in-class_ technologies to ensure that Grav is simple to use and easy to extend. Some of these key technologies include:
 
-* [Twig Templating](https://twig.sensiolabs.org/): for powerful control of the user interface
+* [Twig Templating](https://twig.symfony.com/): for powerful control of the user interface
 * [Markdown](https://en.wikipedia.org/wiki/Markdown): for easy content creation
 * [YAML](https://yaml.org): for simple configuration
 * [Parsedown](https://parsedown.org/): for fast Markdown and Markdown Extra support
 * [Doctrine Cache](https://www.doctrine-project.org/projects/doctrine-orm/en/latest/reference/caching.html): layer for performance
-* [Pimple Dependency Injection Container](https://pimple.sensiolabs.org/): for extensibility and maintainability
+* [Pimple Dependency Injection Container](https://github.com/silexphp/Pimple): for extensibility and maintainability
 * [Symfony Event Dispatcher](https://symfony.com/doc/current/components/event_dispatcher/introduction.html): for plugin event handling
 * [Symfony Console](https://symfony.com/doc/current/components/console/introduction.html): for CLI interface
 * [Gregwar Image Library](https://github.com/Gregwar/Image): for dynamic image manipulation
@@ -40,22 +39,22 @@ You can download a **ready-built** package from the [Downloads page on https://g
 
 You can create a new project with the latest **stable** Grav release with the following command:
 
-```
-$ composer create-project getgrav/grav ~/webroot/grav
+```bash
+composer create-project getgrav/grav ~/webroot/grav
 ```
 
 ### From GitHub
 
 1. Clone the Grav repository from [https://github.com/getgrav/grav]() to a folder in the webroot of your server, e.g. `~/webroot/grav`. Launch a **terminal** or **console** and navigate to the webroot folder:
-   ```
-   $ cd ~/webroot
-   $ git clone https://github.com/getgrav/grav.git
+   ```bash
+   cd ~/webroot
+   git clone https://github.com/getgrav/grav.git
    ```
 
 2. Install the **plugin** and **theme dependencies** by using the [Grav CLI application](https://learn.getgrav.org/advanced/grav-cli) `bin/grav`:
-   ```
-   $ cd ~/webroot/grav
-   $ bin/grav install
+   ```bash
+   cd ~/webroot/grav
+   bin/grav install
    ```
 
 Check out the [install procedures](https://learn.getgrav.org/basics/installation) for more information.
@@ -64,28 +63,28 @@ Check out the [install procedures](https://learn.getgrav.org/basics/installation
 
 You can download [plugins](https://getgrav.org/downloads/plugins) or [themes](https://getgrav.org/downloads/themes) manually from the appropriate tab on the [Downloads page on https://getgrav.org](https://getgrav.org/downloads), but the preferred solution is to use the [Grav Package Manager](https://learn.getgrav.org/advanced/grav-gpm) or `GPM`:
 
-```
-$ bin/gpm index
+```bash
+bin/gpm index
 ```
 
 This will display all the available plugins and then you can install one or more with:
 
-```
-$ bin/gpm install <plugin/theme>
+```bash
+bin/gpm install <plugin/theme>
 ```
 
 # Updating
 
 To update Grav you should use the [Grav Package Manager](https://learn.getgrav.org/advanced/grav-gpm) or `GPM`:
 
-```
-$ bin/gpm selfupgrade
+```bash
+bin/gpm selfupgrade
 ```
 
 To update plugins and themes:
 
-```
-$ bin/gpm update
+```bash
+bin/gpm update
 ```
 
 ## Upgrading from older version
@@ -118,12 +117,19 @@ If you discover a possible security issue related to Grav or one of its plugins,
 * More [Awesome Grav Stuff](https://github.com/getgrav/awesome-grav)
 
 # Backers
-Support Grav with a monthly donation to help us continue development. [[Become a backer](https://opencollective.com/grav#backer)]
+Support Grav with a monthly donation to help us continue development. [[Become a backer](https://opencollective.com/grav/contribute)]
 
 <img src="https://opencollective.com/grav/tiers/backers.svg?avatarHeight=36&width=600" />
 
+
+# Supporters
+Support Grav with a monthly donation to help us continue development. [[Become a supporter](https://opencollective.com/grav/contribute)]
+
+<img src="https://opencollective.com/grav/tiers/supporters.svg?avatarHeight=36&width=600" />
+
+
 # Sponsors
-Become a sponsor and get your logo on our README on Github with a link to your site. [[Become a sponsor](https://opencollective.com/grav#sponsor)]
+Support Grav with a yearly donation to help us continue development. [[Become a sponsor](https://opencollective.com/grav/contribute)]
 
 <img src="https://opencollective.com/grav/tiers/sponsors.svg?avatarHeight=36&width=600" />
 

SECURITY.md

@@ -7,15 +7,32 @@ We are focusing our security updates on the following versions
 | Version | Supported          |
 | ------- | ------------------ |
 | 1.7.x   | :white_check_mark: |
-| 1.6.x   | :warning:          |
+| 1.6.x   | :x:          |
 | < 1.6   | :x:                |
 
+## :pushpin: Note on Security Severity
+
+> NOTE: Please use the following guidelines when selecting a **Severity**.  Submitted advisories that are marked **High** or **Critical** that don't meet the guidelines below will be closed.
+
+* **CRITICAL** - no account required, can modify content, or run malicious code or nefarious activity without any access.
+* **HIGH** - publisher level account able to run malicious code or nefarious activity, or other high level security things.
+* **MODERATE** - admin level account able to run malicious code or do nefarious things. other moderate security things.
+* **LOW** - super admin level account able to run malicious code or do nefarious things. other minor security things.
+
 ## :warning: Versions
 
 Versions with :warning: will be supported for security issues, however you won't be able to update to them, you will need to manually update through the [`direct-install` command](https://learn.getgrav.org/17/admin-panel/tools).
 
 If you cannot update to the latest stable version available because, for example, your server does not meet the minimum PHP requirements, you can manually install a previous version by downloading the package from our Releases directory (https://github.com/getgrav/grav/releases).
 
-## Reporting a Vulnerability
+## :pencil: Reporting a Vulnerability
+
+Please contact security@getgrav.org with a detailed explanation of the security issue found.  If it appears to be a legitimate issues, please submit an **advisory via GitHub Security**: https://github.com/getgrav/grav/security/advisories
+
+> NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability.
+
+## :bug: Bug Bounties
+
+We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found.  
+
 
-Please contact security@getgrav.org with a detailed explaination of the security issue found and we will work with you to get it resolved as fast as possible.

assets/.gitkeep

@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */

backup/.gitkeep

@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */

bin/gpm

@@ -2,7 +2,7 @@
 <?php
 
 /**
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -25,18 +25,10 @@ if (!file_exists(__DIR__ . '/../vendor/autoload.php')){
 
 $autoload = require __DIR__ . '/../vendor/autoload.php';
 
-if (version_compare($ver = PHP_VERSION, $req = GRAV_PHP_MIN, '<')) {
-    exit(sprintf("You are running PHP %s, but Grav needs at least PHP %s to run.\n", $ver, $req));
-}
-
-if (!ini_get('date.timezone')) {
-    date_default_timezone_set('UTC');
-}
+// Set timezone to default, falls back to system if php.ini not set
+date_default_timezone_set(@date_default_timezone_get());
 
 // Set internal encoding.
-if (!\extension_loaded('mbstring')) {
-    die("'mbstring' extension is not loaded.  This is required for Grav to run correctly");
-}
 @ini_set('default_charset', 'UTF-8');
 mb_internal_encoding('UTF-8');
 

bin/grav

@@ -2,7 +2,7 @@
 <?php
 
 /**
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -25,18 +25,10 @@ if (!file_exists(__DIR__ . '/../vendor/autoload.php')){
 
 $autoload = require __DIR__ . '/../vendor/autoload.php';
 
-if (version_compare($ver = PHP_VERSION, $req = GRAV_PHP_MIN, '<')) {
-    exit(sprintf("You are running PHP %s, but Grav needs at least PHP %s to run.\n", $ver, $req));
-}
-
-if (!ini_get('date.timezone')) {
-    date_default_timezone_set('UTC');
-}
+// Set timezone to default, falls back to system if php.ini not set
+date_default_timezone_set(@date_default_timezone_get());
 
 // Set internal encoding.
-if (!\extension_loaded('mbstring')) {
-    die("'mbstring' extension is not loaded.  This is required for Grav to run correctly");
-}
 @ini_set('default_charset', 'UTF-8');
 mb_internal_encoding('UTF-8');
 

bin/plugin

@@ -2,7 +2,7 @@
 <?php
 
 /**
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -25,18 +25,10 @@ if (!file_exists(__DIR__ . '/../vendor/autoload.php')){
 
 $autoload = require __DIR__ . '/../vendor/autoload.php';
 
-if (version_compare($ver = PHP_VERSION, $req = GRAV_PHP_MIN, '<')) {
-    exit(sprintf("You are running PHP %s, but Grav needs at least PHP %s to run.\n", $ver, $req));
-}
-
-if (!ini_get('date.timezone')) {
-    date_default_timezone_set('UTC');
-}
+// Set timezone to default, falls back to system if php.ini not set
+date_default_timezone_set(@date_default_timezone_get());
 
 // Set internal encoding.
-if (!\extension_loaded('mbstring')) {
-    die("'mbstring' extension is not loaded.  This is required for Grav to run correctly");
-}
 @ini_set('default_charset', 'UTF-8');
 mb_internal_encoding('UTF-8');
 

cache/.gitkeep

@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */

composer.json

@@ -19,17 +19,19 @@
         "ext-zip": "*",
         "ext-dom": "*",
         "ext-libxml": "*",
-        "symfony/polyfill-mbstring": "~1.20",
-        "symfony/polyfill-iconv": "^1.20",
-        "symfony/polyfill-php74": "^1.20",
-        "symfony/polyfill-php80": "^1.20",
+        "ext-gd": "*",
+        "symfony/polyfill-mbstring": "~1.23",
+        "symfony/polyfill-iconv": "^1.23",
+        "symfony/polyfill-php74": "^1.23",
+        "symfony/polyfill-php80": "^1.23",
+        "symfony/polyfill-php81": "^1.23",
         "psr/simple-cache": "^1.0",
         "psr/http-message": "^1.0",
         "psr/http-server-middleware": "^1.0",
-        "psr/container": "~1.0.0",
+        "psr/container": "~1.1.0",
         "nyholm/psr7-server": "^1.0",
         "nyholm/psr7": "^1.3",
-        "twig/twig": "~1.44",
+        "twig/twig": "~v1.44",
         "erusev/parsedown": "^1.7",
         "erusev/parsedown-extra": "~0.8",
         "symfony/contracts": "~1.1",
@@ -44,33 +46,31 @@
         "filp/whoops": "~2.9",
         "matthiasmullie/minify": "^1.3",
         "monolog/monolog": "~1.25",
-        "getgrav/image": "^3.0",
+        "getgrav/image": "^4.0",
         "getgrav/cache": "^2.0",
         "donatj/phpuseragentparser": "~1.1",
-        "pimple/pimple": "~3.3.0",
+        "pimple/pimple": "~3.5.0",
         "rockettheme/toolbox": "~1.5",
         "maximebf/debugbar": "~1.16",
         "league/climate": "^3.6",
-        "antoligy/dom-string-iterators": "^1.0",
         "miljar/php-exif": "^0.6",
         "composer/ca-bundle": "^1.2",
-        "dragonmantank/cron-expression": "^1.2",
-        "phive/twig-extensions-deferred": "^1.0",
+        "dragonmantank/cron-expression": "^3.3",
         "willdurand/negotiation": "^3.0",
         "itsgoingd/clockwork": "^5.0",
-        "enshrined/svg-sanitize": "~0.13",
         "symfony/http-client": "^4.4",
-        "composer/semver": "^1.4"
+        "composer/semver": "^1.4",
+        "rhukster/dom-sanitizer": "^1.0",
+        "multiavatar/multiavatar-php": "^1.0"
     },
     "require-dev": {
         "codeception/codeception": "^4.1",
-        "phpstan/phpstan": "^0.12",
-        "phpstan/phpstan-deprecation-rules": "^0.12",
+        "phpstan/phpstan": "^1.8",
+        "phpstan/phpstan-deprecation-rules": "^1.0",
         "phpunit/php-code-coverage": "~9.2",
         "getgrav/markdowndocs": "^2.0",
         "codeception/module-asserts": "^1.3",
-        "codeception/module-phpbrowser": "^1.0",
-        "symfony/service-contracts": "*"
+        "codeception/module-phpbrowser": "^1.0"
     },
     "replace": {
         "symfony/polyfill-php72": "*",
@@ -83,7 +83,8 @@
         "ext-intl": "Recommended for multi-language sites",
         "ext-memcache": "Needed to support Memcache servers",
         "ext-memcached": "Needed to support Memcached servers",
-        "ext-redis": "Needed to support Redis servers"
+        "ext-redis": "Needed to support Redis servers",
+        "ext-exif": "Needed to use exif data from images."
     },
     "config": {
         "apcu-autoloader": true,
@@ -93,12 +94,20 @@
     },
     "autoload": {
         "psr-4": {
-            "Grav\\": "system/src/Grav"
+            "Grav\\": "system/src/Grav",
+            "Twig\\": "system/src/Twig"
         },
         "files": [
-            "system/defines.php"
+            "system/defines.php",
+            "system/src/DOMLettersIterator.php",
+            "system/src/DOMWordsIterator.php"
         ]
     },
+    "autoload-dev": {
+        "psr-4": {
+            "PHPStan\\": "tests/phpstan/classes"
+        }
+    },
     "archive": {
         "exclude": [
             "VERSION"
@@ -107,8 +116,8 @@
     "scripts": {
         "api-17": "vendor/bin/phpdoc-md generate system/src > user/pages/14.api/default.17.md",
         "post-create-project-cmd": "bin/grav install",
-        "phpstan": "vendor/bin/phpstan analyse -l 1 -c ./tests/phpstan/phpstan.neon --memory-limit=480M system/src",
-        "phpstan-framework": "vendor/bin/phpstan analyse -l 1 -c ./tests/phpstan/phpstan.neon --memory-limit=480M system/src/Grav/Framework system/src/Grav/Events system/src/Grav/Installer",
+        "phpstan": "vendor/bin/phpstan analyse -l 2 -c ./tests/phpstan/phpstan.neon --memory-limit=720M system/src",
+        "phpstan-framework": "vendor/bin/phpstan analyse -l 5 -c ./tests/phpstan/phpstan.neon --memory-limit=480M system/src/Grav/Framework system/src/Grav/Events system/src/Grav/Installer",
         "phpstan-plugins": "vendor/bin/phpstan analyse -l 1 -c ./tests/phpstan/plugins.neon --memory-limit=400M user/plugins",
         "test": "vendor/bin/codecept run unit",
         "test-windows": "vendor\\bin\\codecept run unit"

images/.gitkeep

@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */

index.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav.Core
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2024 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -12,28 +12,14 @@ namespace Grav;
 \define('GRAV_REQUEST_TIME', microtime(true));
 \define('GRAV_PHP_MIN', '7.3.6');
 
-if (version_compare($ver = PHP_VERSION, $req = GRAV_PHP_MIN, '<')) {
-    die(sprintf('You are running PHP %s, but Grav needs at least <strong>PHP %s</strong> to run.', $ver, $req));
-}
-
 if (PHP_SAPI === 'cli-server') {
-    $symfony_server = stripos(getenv('_'), 'symfony') !== false || stripos($_SERVER['SERVER_SOFTWARE'], 'symfony
-') !== false;
+    $symfony_server = stripos(getenv('_'), 'symfony') !== false || stripos($_SERVER['SERVER_SOFTWARE'] ?? '', 'symfony') !== false || stripos($_ENV['SERVER_SOFTWARE'] ?? '', 'symfony') !== false;
+
     if (!isset($_SERVER['PHP_CLI_ROUTER']) && !$symfony_server) {
         die("PHP webserver requires a router to run Grav, please use: <pre>php -S {$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']} system/router.php</pre>");
     }
 }
 
-// Set timezone to default, falls back to system if php.ini not set
-date_default_timezone_set(@date_default_timezone_get());
-
-// Set internal encoding.
-if (!\extension_loaded('mbstring')) {
-    die("'mbstring' extension is not loaded.  This is required for Grav to run correctly");
-}
-@ini_set('default_charset', 'UTF-8');
-mb_internal_encoding('UTF-8');
-
 // Ensure vendor libraries exist
 $autoload = __DIR__ . '/vendor/autoload.php';
 if (!is_file($autoload)) {
@@ -43,23 +29,23 @@ if (!is_file($autoload)) {
 // Register the auto-loader.
 $loader = require $autoload;
 
+// Set timezone to default, falls back to system if php.ini not set
+date_default_timezone_set(@date_default_timezone_get());
+
+// Set internal encoding.
+@ini_set('default_charset', 'UTF-8');
+mb_internal_encoding('UTF-8');
+
 use Grav\Common\Grav;
 use RocketTheme\Toolbox\Event\Event;
 
 // Get the Grav instance
-$grav = Grav::instance(
-    array(
-        'loader' => $loader
-    )
-);
+$grav = Grav::instance(array('loader' => $loader));
 
 // Process the page
 try {
     $grav->process();
-} catch (\Error $e) {
-    $grav->fireEvent('onFatalException', new Event(array('exception' => $e)));
-    throw $e;
-} catch (\Exception $e) {
+} catch (\Error|\Exception $e) {
     $grav->fireEvent('onFatalException', new Event(array('exception' => $e)));
     throw $e;
 }

logs/.gitkeep

@@ -1 +1 @@
-/* @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved. */
+/* @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved. */

robots.txt

@@ -1,16 +1,21 @@
 User-agent: *
+Disallow: /.github/
+Disallow: /.phan/
+Disallow: /assets/
 Disallow: /backup/
 Disallow: /bin/
 Disallow: /cache/
-Disallow: /grav/
 Disallow: /logs/
 Disallow: /system/
-Disallow: /vendor/
+Disallow: /tests/
+Disallow: /tmp/
 Disallow: /user/
+Disallow: /vendor/
+Disallow: /webserver-configs/
 Allow: /user/pages/
 Allow: /user/themes/
 Allow: /user/images/
 Allow: /
 Allow: *.css$
 Allow: *.js$
-Allow: /system/*.js$
+Allow: /system/*.js$

system/assets/debugger/clockwork.css

@@ -1,2 +1,61 @@
 /** Clockwork Debugger CSS **/
-.clockwork-badge{position:fixed;z-index:10;bottom:0;left:0;padding:2px 4px;background-color:#eee;border:1px solid #ccc;border-bottom:0;border-left:0;display:flex;align-items:center}.clockwork-badge:hover{width:auto}.clockwork-badge:hover:after{content:'Grav Clockwork debugger enabled. Install Clockwork Browser extension (Chrome or Firefox), open your Developer tools and then select the Clockwork tab.'}.clockwork-badge:after{margin-left:10px;font-family:Monaco,Consolas,"Lucida Console",monospace;font-size:12px;line-height:1.5;color:#666}.clockwork-badge i{display:block;float:left;height:22px;width:22px;min-width:22px;background-size:contain;background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==)}
+.clockwork-badge {
+    position: fixed;
+    z-index: 1000; /* Increased z-index for better visibility */
+    bottom: 0; /* Added some spacing from the bottom */
+    left: 0;   /* Added some spacing from the left */
+    padding: 5px;
+    background-color: #eee;
+    border: 1px solid #ccc;
+    border-bottom: 0;
+    border-left: 0;
+    display: flex;
+    align-items: center;
+    border-radius: 0 4px 0 0; /* Rounded top corners */
+    box-shadow: 0 2px 5px rgba(0,0,0,0.2);
+    font-size: 14px;
+    color: #333;
+    transition: background-color 0.3s ease;
+}
+
+.clockwork-badge:hover {
+    background-color: #ddd;
+}
+
+.clockwork-badge i {
+    display: block;
+    height: 24px;
+    width: 24px;
+    background-size: contain;
+    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==);
+}
+
+.clockwork-badge .tooltip {
+    display: none; /* Hidden by default */
+    position: absolute;
+    bottom: 35px; /* Position above the badge */
+    left: 0;
+    width: 450px;
+    padding: 20px;
+    background-color: #fff;
+    border: 1px solid #ccc;
+    border-radius: 4px;
+    font-size: 16px;
+    color: #666;
+    line-height: 1.5;
+    box-shadow: 0 2px 8px rgba(0,0,0,0.2);
+    z-index: 1001; /* Ensure it appears above other elements */
+}
+
+.clockwork-badge:hover .tooltip {
+    display: block; /* Show tooltip on hover */
+}
+
+.clockwork-badge .tooltip a {
+    color: #007BFF;
+    text-decoration: none;
+}
+
+.clockwork-badge .tooltip a:hover {
+    text-decoration: underline;
+}

system/assets/debugger/clockwork.js

@@ -1,3 +1,37 @@
 /** Clockwork Debugger JS **/
-document.addEventListener("DOMContentLoaded",function () {
-    var e=document.createElement("div");e.appendChild(document.createElement("i")),e.className="clockwork-badge",document.body.appendChild(e)});
+document.addEventListener("DOMContentLoaded", function () {
+    // Directly select the script tag by its id
+    var currentScript = document.getElementById('clockwork-script');
+
+    if (!currentScript) {
+        console.error("Clockwork Debugger: Script tag with id 'clockwork-script' not found.");
+        return;
+    }
+
+    var route = currentScript.getAttribute('data-route') || '/clockwork'; // Default route if not specified
+
+    // Debugging: Log the route to verify
+    console.log("Clockwork Debugger Route:", route);
+
+    // Create the badge container
+    var badge = document.createElement("div");
+    badge.className = "clockwork-badge";
+    badge.setAttribute('aria-label', 'Clockwork Debugger Enabled');
+    badge.setAttribute('role', 'button');
+
+    // Create the icon element
+    var icon = document.createElement("i");
+    badge.appendChild(icon);
+
+    // Create the tooltip element
+    var tooltip = document.createElement("div");
+    tooltip.className = "tooltip";
+    tooltip.innerHTML = `
+        <b>Grav Clockwork Debugger Enabled.</b><br>
+        Install the <b>Clockwork Browser extension</b> (Chrome or Firefox) or use the <b>"Clockwork Web"</b> Grav plugin to <a href="${route}" target="_blank">View Debug Info 🔗</a>.
+    `;
+    badge.appendChild(tooltip);
+
+    // Append the badge to the body
+    document.body.appendChild(badge);
+});

system/assets/debugger/phpdebugbar.css

@@ -14,11 +14,8 @@ div.phpdebugbar {
     padding: 5px 8px;
 }
 
-.phpdebugbar div.phpdebugbar-header, .phpdebugbar a.phpdebugbar-restore-btn {
-    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==);
-}
-
 .phpdebugbar a.phpdebugbar-restore-btn {
+    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAA/1BMVEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHh4AAAD///8EBAT7+/sLCwv29vYVFRUvLy/t7e3m5ubCwsKxsbE/Pz+mpqZMTEwcHBzy8vLp6emfn5+AgIA2Njbi4uLf39+rq6tzc3NWVlYhISHa2trW1tbS0tLMzMy7u7uZmZmUlJSMjIxvb29kZGRHR0c7Ozt5eXkqKiq1tbWQkJBqampbW1tSUlLHx8eHh4ckJCRDQ0M3wD42AAAAI3RSTlMA/PibTbQ0x76TVAlw4LhZLOuEYCAN9Hjx0a2ppGZEGYw97djhXHwAAATZSURBVFjDlVcHW+MwDO1eFCjj2McNOzvdpXTTXVbL/P+/5SQ7QSSX5Di1X1onfi/Sk+Q4sTDbKqWK+YuznZ2zi3wxVdqK/Zf92M1nT9gnO8rmd398GX6Z3xaoOFoiAQcx3E5efgmeSuN8F6Xg1x3G06l/wjNpMR1B0uif4EhnIuFb+0diIoFXk3IVfokisR+h52GO4JKgyjmfaMhAFNlSaPR7DpwI+lzn/E4QKIqmKIJirxCMP4izBPPZPXhgXwMBYgULw0nfg/BF5scDbslb7QeJ08yqqTEmGYoB95d4H8ETL8+n9wBqrLu6ao3bBsMwAnxISf/9BHcqxNB8Y7cWl3Zz7TAUfPrvAT6AoNEFFXvsjutL01yOuMrtBxnFXsmT/1wQHmdWAFNnI3uI48Yj0FUcHbKf62GfUfr8eeQt7Uk3mQZpZNoVRPEui5vtEz5zFEpgWnyqVBZMc6oaGNriH2hGVZ0OxEvInPeMaZWJBA7vmPbCr5jjws5HBnAUxvDMH40aCIf4G5BjRQSs8E8HFFYf8bGxgDvD55bzGhwWkoBcuIyHR/AMdaCagxXDhtL6tSqoWpd4BMnlIR+Or+rYTK/a3EAGcc6e4AWHISnWv20iCCojsHoVlQdjrMexFF2C7UMg2A2WEGWbQhXN6l3eXC6XGp4b9qxbuEB2EBGBwtocrK90cVG5mbRXm6vmx/0phq1sIAGKDgLOBiN1MrO5a9aDl+D0W6x0Ar9BCTRuIIANa90Y7LrLVRXzwVtDInCqMRWcf2bUOEAsa4wJqFowQALL9EiAtVRk8QC4OW+1pOM9jIaVASwYagyNXDj+W0NcfuZNzjtXOiL0Zzg30Llj+ptfxQs4+vBPNiL5PawFCBkgXpUaVtqGl+A8dgZHL34BcBUQrwPptToW+o37Ku+UH9eYByJIx3YkAeFnMFuGO7S5gEp7YhXxa5OOAM39RXDPXb0qmpROsswZe+twXdU55oUIZAiEv3bD1UFwIYKkmGqytPCDCwKFQCKK0yL7qtSAPX54UAbtsLuBHkb9zyLmPQSNjsSgmQwKUOIfEY8F8t4B34DvndJY9BA8tNBJq1Nev9axmaStFcQLhgYoCTo0salkIaW8OUDdWjMTR2sHPhrAFZqx6cqcKE4pl2BJJ4K6hfwvqNgAnXfKX/HU6X3Zrhnu0k7tLNZtTBRv1hkwTDBY1NzFU6doDYjJbWdQkQhWwuU7/LvhTh3SDoco4ECL4i5dwURbc8NdDZz2IwKicE8d0KIqWetLE3+lL4hvUuGSeRfVWNLfj/gpOw4smBJBkKQHCzlHGwvAj4woB1gq5NGGLSXtORBPnUQPV5/MPVkDMxbpwG7w4x0xL6Ltxka0A/4NBvV09UVk4DoSn/jl2+JQS9q9KYawisAD4CfhsZ4TH3htylsdEHARIQBusqCKyUpymycgbbkkXEXjT3z7/oKQFTFVuZD2FMJHZIDsO5x2d4aAr2jR+GLwZhtAb028/0yJ9J8dE87jQyKObcjtTXT8dH+fDuKF4/eiPwzH44wTf/yUi6wrpRIOZ9lM1EtXAifFI+CJn9+iX/t2xMQwOMth/UZbASi8btAwR9FHWSpJr75g9Oqbin3VDg+SpwlP6k6TB4ex/7JvmcJx8jydy6XPk8eFTKhyfwCgX71MSvaBHgAAAABJRU5ErkJggg==);
     width: 13px;
 }
 

system/blueprints/config/scheduler.yaml

@@ -4,73 +4,850 @@ form:
     validation: loose
 
     fields:
+        scheduler_tabs:
+            type: tabs
+            active: 1
 
-        status_title:
-            type: section
-            title: PLUGIN_ADMIN.SCHEDULER_STATUS
-            underline: true
+            fields:
+                status_tab:
+                    type: tab
+                    title: PLUGIN_ADMIN.SCHEDULER_STATUS
 
-        status:
-            type: cronstatus
-            validate:
-                type: commalist
+                    fields:
+                        status_title:
+                            type: section
+                            title: PLUGIN_ADMIN.SCHEDULER_STATUS
+                            underline: true
 
-        jobs_title:
-            type: section
-            title: PLUGIN_ADMIN.SCHEDULER_JOBS
-            underline: true
+                        status:
+                            type: cronstatus
+                            validate:
+                                type: commalist
+                                
+                        webhook_status_override:
+                            type: display
+                            label:
+                            content: |
+                                <script>
+                                (function() {
+                                    function updateSchedulerStatus() {
+                                        // Find all notice bars
+                                        var notices = document.querySelectorAll('.notice');
+                                        var webhookStatusChecked = false;
+                                        
+                                        // Check for modern scheduler and webhook settings
+                                        fetch(window.location.origin + '/grav-editor-pro/scheduler/health')
+                                            .then(response => response.json())
+                                            .then(data => {
+                                                if (data.webhook_enabled) {
+                                                    notices.forEach(function(notice) {
+                                                        if (notice.textContent.includes('Not Enabled for user:')) {
+                                                            // This is the cron status notice - replace it
+                                                            notice.className = 'notice info';
+                                                            notice.innerHTML = '<i class="fa fa-fw fa-check-circle"></i> <strong>Webhook Active</strong> - Scheduler can be triggered via webhook. Cron is not configured.';
+                                                        }
+                                                    });
+                                                    
+                                                    // Also update the main status if it exists
+                                                    var statusDiv = document.querySelector('.cronstatus-status');
+                                                    if (statusDiv && statusDiv.textContent.includes('Not Enabled')) {
+                                                        statusDiv.className = 'cronstatus-status success';
+                                                        statusDiv.innerHTML = '<i class="fa fa-fw fa-check"></i> Webhook Ready';
+                                                    }
+                                                }
+                                            })
+                                            .catch(error => {
+                                                console.log('Webhook status check failed:', error);
+                                            });
+                                    }
+                                    
+                                    // Run on page load
+                                    if (document.readyState === 'loading') {
+                                        document.addEventListener('DOMContentLoaded', updateSchedulerStatus);
+                                    } else {
+                                        updateSchedulerStatus();
+                                    }
+                                    
+                                    // Also run after a short delay to catch any late-rendered elements
+                                    setTimeout(updateSchedulerStatus, 500);
+                                })();
+                                </script>
+                            markdown: false
+                                
+                        status_enhanced:
+                            type: display
+                            label:
+                            content: |
+                                <script>
+                                document.addEventListener('DOMContentLoaded', function() {
+                                    // Check if webhook is enabled
+                                    var webhookEnabled = document.querySelector('[name="data[scheduler][modern][webhook][enabled]"]:checked');
+                                    var statusDiv = document.querySelector('.cronstatus-status');
+                                    
+                                    // Also find the parent notice bar
+                                    var noticeBar = document.querySelector('.notice.alert');
+                                    
+                                    if (statusDiv) {
+                                        var currentStatus = statusDiv.textContent || statusDiv.innerText;
+                                        var cronReady = currentStatus.includes('Ready');
+                                        var cronNotEnabled = currentStatus.includes('Not Enabled');
+                                        
+                                        // Check if scheduler-webhook plugin exists
+                                        var webhookPluginInstalled = false;
+                                        fetch(window.location.origin + '/grav-editor-pro/scheduler/health')
+                                            .then(response => response.json())
+                                            .then(data => {
+                                                webhookPluginInstalled = true;
+                                                updateStatusDisplay(data);
+                                            })
+                                            .catch(error => {
+                                                updateStatusDisplay(null);
+                                            });
+                                        
+                                        function updateStatusDisplay(healthData) {
+                                            var isWebhookEnabled = webhookEnabled && webhookEnabled.value == '1';
+                                            var isWebhookReady = webhookPluginInstalled && isWebhookEnabled && healthData && healthData.webhook_enabled;
+                                            
+                                            // Update the main status text
+                                            var mainStatusText = '';
+                                            var mainStatusClass = '';
+                                            
+                                            if (cronReady && isWebhookReady) {
+                                                mainStatusText = 'Cron and Webhook Ready';
+                                                mainStatusClass = 'success';
+                                            } else if (cronReady) {
+                                                mainStatusText = 'Cron Ready';
+                                                mainStatusClass = 'success';
+                                            } else if (isWebhookReady) {
+                                                mainStatusText = 'Webhook Ready (No Cron)';
+                                                mainStatusClass = 'success'; // Changed from warning to success
+                                            } else if (cronNotEnabled && !isWebhookReady) {
+                                                mainStatusText = 'Not Configured';
+                                                mainStatusClass = 'error';
+                                            } else {
+                                                mainStatusText = 'Configuration Pending';
+                                                mainStatusClass = 'warning';
+                                            }
+                                            
+                                            // Update the notice bar if webhooks are ready
+                                            if (noticeBar && isWebhookReady) {
+                                                // Change from error (red) to success (green) or info (blue)
+                                                noticeBar.classList.remove('alert');
+                                                noticeBar.classList.add('info');
+                                                
+                                                var noticeIcon = noticeBar.querySelector('i.fa');
+                                                if (noticeIcon) {
+                                                    noticeIcon.classList.remove('fa-times-circle');
+                                                    noticeIcon.classList.add('fa-check-circle');
+                                                }
+                                                
+                                                var noticeText = noticeBar.querySelector('strong') || noticeBar;
+                                                var username = noticeText.textContent.match(/user:\s*(\w+)/);
+                                                if (username) {
+                                                    noticeText.innerHTML = 'Webhook Ready for user: <b>' + username[1] + '</b> (Cron not configured)';
+                                                } else {
+                                                    noticeText.innerHTML = mainStatusText;
+                                                }
+                                            }
+                                            
+                                            // Update the main status div
+                                            if (statusDiv) {
+                                                statusDiv.innerHTML = '<i class="fa fa-fw fa-' + 
+                                                    (mainStatusClass === 'success' ? 'check' : mainStatusClass === 'warning' ? 'exclamation' : 'times') + 
+                                                    '"></i> ' + mainStatusText;
+                                                statusDiv.className = 'cronstatus-status ' + mainStatusClass;
+                                            }
+                                            
+                                            // Update install instructions button/content
+                                            var installButton = document.querySelector('.cronstatus-install-button');
+                                            var installDiv = document.querySelector('.cronstatus-install');
+                                            
+                                            if (installDiv) {
+                                                var installHtml = '<div class="alert alert-info">';
+                                                installHtml += '<h4>Setup Instructions:</h4>';
+                                                
+                                                var hasInstructions = false;
+                                                
+                                                // Cron setup
+                                                if (!cronReady) {
+                                                    installHtml += '<p><strong>Option 1: Traditional Cron</strong><br>';
+                                                    installHtml += 'Run: <code>bin/grav scheduler --install</code><br>';
+                                                    installHtml += 'This will add a cron job that runs every minute.</p>';
+                                                    hasInstructions = true;
+                                                }
+                                                
+                                                // Webhook setup
+                                                if (!webhookPluginInstalled) {
+                                                    installHtml += '<p><strong>Option 2: Webhook Support</strong><br>';
+                                                    installHtml += '1. Install plugin: <code>bin/gpm install scheduler-webhook</code><br>';
+                                                    installHtml += '2. Configure webhook token in Advanced Features tab<br>';
+                                                    installHtml += '3. Use webhook URL in your CI/CD or cloud scheduler</p>';
+                                                    hasInstructions = true;
+                                                } else if (!isWebhookEnabled) {
+                                                    installHtml += '<p><strong>Webhook Plugin Installed</strong><br>';
+                                                    installHtml += 'Enable webhooks in Advanced Features tab and set a secure token.</p>';
+                                                    hasInstructions = true;
+                                                } else if (isWebhookReady) {
+                                                    installHtml += '<p><strong>✅ Webhook is Active!</strong><br>';
+                                                    installHtml += 'Trigger URL: <code>' + window.location.origin + '/grav-editor-pro/scheduler/webhook</code><br>';
+                                                    installHtml += 'Use with Authorization header: <code>Bearer YOUR_TOKEN</code></p>';
+                                                    
+                                                    if (!cronReady) {
+                                                        installHtml += '<p class="text-muted"><small>Note: No cron job configured. Scheduler runs only via webhook triggers.</small></p>';
+                                                    }
+                                                }
+                                                
+                                                if (!hasInstructions && cronReady) {
+                                                    installHtml += '<p><strong>✅ Cron is configured and ready!</strong><br>';
+                                                    installHtml += 'The scheduler runs automatically every minute via system cron.</p>';
+                                                    
+                                                }
+                                                
+                                                installHtml += '</div>';
+                                                installDiv.innerHTML = installHtml;
+                                                
+                                                // Update button text based on status
+                                                if (installButton) {
+                                                    if (cronReady && isWebhookReady) {
+                                                        installButton.innerHTML = '<i class="fa fa-info-circle"></i> Configuration Details';
+                                                    } else if (cronReady || isWebhookReady) {
+                                                        installButton.innerHTML = '<i class="fa fa-plus-circle"></i> Add More Triggers';
+                                                    } else {
+                                                        installButton.innerHTML = '<i class="fa fa-exclamation-triangle"></i> Install Instructions';
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                });
+                                </script>
 
-        custom_jobs:
-          type: list
-          style: vertical
-          label:
-          classes: cron-job-list compact
-          key: id
-          fields:
-            .id:
-              type: key
-              label: ID
-              placeholder: 'process-name'
-              validate:
-                  required: true
-                  pattern: '[a-zа-я0-9_\-]+'
-                  max: 20
-                  message: 'ID must be lowercase with dashes/underscores only and less than 20 characters'
-            .command:
-              type: text
-              label: PLUGIN_ADMIN.COMMAND
-              placeholder: 'ls'
-              validate:
-                  required: true
-            .args:
-              type: text
-              label: PLUGIN_ADMIN.EXTRA_ARGUMENTS
-              placeholder: '-lah'
-            .at:
-              type: cron
-              label: PLUGIN_ADMIN.SCHEDULER_RUNAT
-              help: PLUGIN_ADMIN.SCHEDULER_RUNAT_HELP
-              placeholder: '* * * * *'
-              validate:
-                  required: true
-            .output:
-              type: text
-              label: PLUGIN_ADMIN.SCHEDULER_OUTPUT
-              help: PLUGIN_ADMIN.SCHEDULER_OUTPUT_HELP
-              placeholder: 'logs/ls-cron.out'
-            .output_mode:
-              type: select
-              label: PLUGIN_ADMIN.SCHEDULER_OUTPUT_TYPE
-              help: PLUGIN_ADMIN.SCHEDULER_OUTPUT_TYPE_HELP
-              default: append
-              options:
-                  append: Append
-                  overwrite: Overwrite
-            .email:
-                type: text
-                label: PLUGIN_ADMIN.SCHEDULER_EMAIL
-                help: PLUGIN_ADMIN.SCHEDULER_EMAIL_HELP
-                placeholder: 'notifications@yoursite.com'
+                        modern_health:
+                            type: display
+                            label: Health Status
+                            content: |
+                                <div id="scheduler-health-status">
+                                    <div class="text-muted">Checking health...</div>
+                                </div>
+                                <script>
+                                (function() {
+                                            function loadHealthStatus() {
+                                                fetch(window.location.origin + '/grav-editor-pro/scheduler/health')
+                                                    .then(response => response.json())
+                                                    .then(data => {
+                                                        var statusEl = document.getElementById('scheduler-health-status');
+                                                        if (!statusEl) return;
+                                                        
+                                                        // Modern card-based layout
+                                                        var statusColor = '#6c757d';
+                                                        var statusLabel = data.status || 'unknown';
+                                                        if (data.status === 'healthy') statusColor = '#28a745';
+                                                        else if (data.status === 'warning') statusColor = '#ffc107';
+                                                        else if (data.status === 'critical') statusColor = '#dc3545';
+                                                        
+                                                        var html = '<div style="display: flex; flex-direction: column; gap: 1rem;">';
+                                                        
+                                                        // Status card
+                                                        html += '<div style="display: flex; align-items: center; justify-content: space-between; padding: 0.75rem 1rem; background: linear-gradient(135deg, #f8f9fa 0%, #fff 100%); border-radius: 6px; border: 1px solid #e9ecef; box-shadow: 0 1px 3px rgba(0,0,0,0.05);">';
+                                                        html += '<span style="font-weight: 500; color: #495057;">Status:</span>';
+                                                        html += '<span style="background: ' + statusColor + '; color: white; padding: 0.375rem 0.75rem; font-size: 0.875rem; font-weight: 500; border-radius: 4px; text-transform: uppercase; letter-spacing: 0.025em;">' + statusLabel + '</span>';
+                                                        html += '</div>';
+                                                        
+                                                        // Info grid
+                                                        html += '<div style="display: grid; grid-template-columns: 1fr 1fr; gap: 0.75rem;">';
+                                                        
+                                                        // Last run card
+                                                        html += '<div style="background: white; border: 1px solid #e9ecef; border-radius: 6px; padding: 0.75rem; box-shadow: 0 1px 2px rgba(0,0,0,0.03);">';
+                                                        html += '<div style="color: #6c757d; font-size: 0.75rem; text-transform: uppercase; letter-spacing: 0.05em; margin-bottom: 0.25rem;">Last Run</div>';
+                                                        if (data.last_run) {
+                                                            var age = data.last_run_age;
+                                                            var ageText = 'just now';
+                                                            if (age > 86400) {
+                                                                ageText = Math.floor(age / 86400) + ' day(s) ago';
+                                                            } else if (age > 3600) {
+                                                                ageText = Math.floor(age / 3600) + ' hour(s) ago';
+                                                            } else if (age > 60) {
+                                                                ageText = Math.floor(age / 60) + ' minute(s) ago';
+                                                            } else if (age > 0) {
+                                                                ageText = age + ' second(s) ago';
+                                                            }
+                                                            html += '<div style="font-size: 1rem; color: #212529; font-weight: 500;">' + ageText + '</div>';
+                                                        } else {
+                                                            html += '<div style="font-size: 1rem; color: #6c757d;">Never</div>';
+                                                        }
+                                                        html += '</div>';
+                                                        
+                                                        // Jobs count card
+                                                        html += '<div style="background: white; border: 1px solid #e9ecef; border-radius: 6px; padding: 0.75rem; box-shadow: 0 1px 2px rgba(0,0,0,0.03);">';
+                                                        html += '<div style="color: #6c757d; font-size: 0.75rem; text-transform: uppercase; letter-spacing: 0.05em; margin-bottom: 0.25rem;">Scheduled Jobs</div>';
+                                                        html += '<div style="font-size: 1rem; color: #212529; font-weight: 500;">' + (data.scheduled_jobs || 0) + '</div>';
+                                                        html += '</div>';
+                                                        
+                                                        html += '</div>'; // Close grid
+                                                        
+                                                        // Additional info if available
+                                                        if (data.modern_features && data.queue_size !== undefined) {
+                                                            html += '<div style="background: white; border: 1px solid #e9ecef; border-radius: 6px; padding: 0.75rem; box-shadow: 0 1px 2px rgba(0,0,0,0.03);">';
+                                                            html += '<span style="color: #6c757d; font-size: 0.875rem;">Queue Size: </span>';
+                                                            html += '<span style="font-weight: 500;">' + data.queue_size + '</span>';
+                                                            html += '</div>';
+                                                        }
+                                                        
+                                                        // Failed jobs warning
+                                                        if (data.failed_jobs_24h > 0) {
+                                                            html += '<div style="background: #fff5f5; border: 1px solid #feb2b2; border-radius: 6px; padding: 0.75rem; color: #c53030;">';
+                                                            html += '<strong>⚠️ Failed Jobs (24h):</strong> ' + data.failed_jobs_24h;
+                                                            html += '</div>';
+                                                        }
+                                                        
+                                                        html += '</div>'; // Close main container
+                                                        statusEl.innerHTML = html;
+                                                    })
+                                                    .catch(error => {
+                                                        var statusEl = document.getElementById('scheduler-health-status');
+                                                        if (statusEl) {
+                                                            statusEl.innerHTML = '<div class="alert alert-warning">Unable to fetch health status. Ensure scheduler-webhook plugin is installed.</div>';
+                                                        }
+                                                    });
+                                            }
+                                            
+                                            // Load on page ready
+                                            if (document.readyState === 'loading') {
+                                                document.addEventListener('DOMContentLoaded', loadHealthStatus);
+                                            } else {
+                                                loadHealthStatus();
+                                            }
+                                            
+                                    // Refresh every 30 seconds
+                                    setInterval(loadHealthStatus, 30000);
+                                })();
+                                </script>
+                            markdown: false
+
+                        cron_setup:
+                            type: display
+                            label: Cron Setup Commands
+                            content: |
+                                <script src="{{ url('plugin://admin/themes/grav/js/clipboard-helper.js') }}"></script>
+                                <div class="cron-setup-commands">
+                                    <script>
+                                    
+                                    (function() {
+                                        // Get the Grav root path from the current location
+                                        var pathParts = window.location.pathname.split('/');
+                                        var gravPath = '/path/to/grav'; // Default fallback
+                                        
+                                        // Try to determine actual path (assuming we're in /admin or similar)
+                                        if (typeof GravAdmin !== 'undefined' && GravAdmin.config && GravAdmin.config.base_url_relative) {
+                                            // Remove admin path to get to root
+                                            gravPath = window.location.pathname.replace(/\/admin.*$/, '') || '/';
+                                            if (gravPath === '/') {
+                                                gravPath = '/var/www/html'; // Common server path
+                                            }
+                                        }
+                                        
+                                        // For local development, use the actual path
+                                        if (window.location.hostname === 'trilby.local') {
+                                            gravPath = '/Users/rhuk/workspace/trilby/grav-editor-pro';
+                                        }
+                                        
+                                        var quickInstallCmd = "(crontab -l 2>/dev/null; echo '* * * * * cd " + gravPath + " && bin/grav scheduler 1>> /dev/null 2>&1') | crontab -";
+                                        var manualEntryCmd = "* * * * * cd " + gravPath + " && bin/grav scheduler 1>> /dev/null 2>&1";
+                                        
+                                        document.addEventListener('DOMContentLoaded', function() {
+                                            var quickInput = document.getElementById('cron-quick-install');
+                                            var manualInput = document.getElementById('cron-manual-entry');
+                                            
+                                            if (quickInput) quickInput.value = quickInstallCmd;
+                                            if (manualInput) manualInput.value = manualEntryCmd;
+                                        });
+                                    })();
+                                    </script>
+                                    
+                                    <div style="margin-bottom: 1rem;">
+                                        <label style="display: block; margin-bottom: 0.25rem; font-weight: 500;">Quick Install (adds to existing crontab):</label>
+                                        <div class="form-input-wrapper form-input-addon-wrapper">
+                                            <input type="text" id="cron-quick-install" readonly value="Loading..." style="font-family: monospace; background: #f5f5f5;">
+                                            <div class="form-input-addon form-input-append" style="cursor: pointer;" onclick="GravClipboard.copy(this)"><i class="fa fa-copy"></i> Copy</div>
+                                        </div>
+                                    </div>
+                                    
+                                    <div style="margin-bottom: 1rem;">
+                                        <label style="display: block; margin-bottom: 0.25rem; font-weight: 500;">Manual Entry (add to crontab -e):</label>
+                                        <div class="form-input-wrapper form-input-addon-wrapper">
+                                            <input type="text" id="cron-manual-entry" readonly value="Loading..." style="font-family: monospace; background: #f5f5f5;">
+                                            <div class="form-input-addon form-input-append" style="cursor: pointer;" onclick="GravClipboard.copy(this)"><i class="fa fa-copy"></i> Copy</div>
+                                        </div>
+                                    </div>
+                                    
+                                    <div class="alert alert-info" style="margin-top: 0.5rem;">
+                                        <i class="fa fa-info-circle"></i> <strong>Note:</strong> These commands will run the scheduler every minute. Adjust the path if needed before copying.
+                                    </div>
+                                </div>
+                            markdown: false
+
+                        trigger_methods:
+                            type: display
+                            label: Active Triggers
+                            content: |
+                                <div id="scheduler-triggers">
+                                    <div class="text-muted">Checking triggers...</div>
+                                </div>
+                                <script>
+                                (function() {
+                                            function loadTriggers() {
+                                                // Check cron status from the main status field
+                                                var cronReady = false;
+                                                var statusDiv = document.querySelector('.cronstatus-status');
+                                                if (statusDiv) {
+                                                    var statusText = statusDiv.textContent || statusDiv.innerText;
+                                                    cronReady = statusText.includes('Ready');
+                                                }
+                                                
+                                                // Check webhook status
+                                                fetch(window.location.origin + '/grav-editor-pro/scheduler/health')
+                                                    .then(response => response.json())
+                                                    .then(data => {
+                                                        var triggersEl = document.getElementById('scheduler-triggers');
+                                                        if (!triggersEl) return;
+                                                        
+                                                        var html = '<div style="display: flex; flex-direction: column; gap: 0.5rem;">';
+                                                        
+                                                        // Cron trigger card
+                                                        var cronIcon = cronReady ? '✅' : '❌';
+                                                        var cronStatus = cronReady ? 'Active' : 'Not Configured';
+                                                        var cronStatusColor = cronReady ? '#28a745' : '#6c757d';
+                                                        var cardBg = cronReady ? '#f8f9fa' : '#fff';
+                                                        
+                                                        html += '<div style="display: flex; align-items: center; justify-content: space-between; padding: 0.75rem 1rem; background: ' + cardBg + '; border: 1px solid #e9ecef; border-radius: 4px;">';
+                                                        html += '<div style="display: flex; align-items: center; gap: 0.75rem;">';
+                                                        html += '<span style="font-size: 1.25rem; line-height: 1;">' + cronIcon + '</span>';
+                                                        html += '<span style="font-weight: 500; color: #212529; font-size: 1rem;">Cron:</span>';
+                                                        html += '</div>';
+                                                        html += '<span style="background: ' + cronStatusColor + '; color: white; padding: 0.25rem 0.75rem; font-size: 0.875rem; font-weight: 500; border-radius: 3px; text-transform: uppercase; letter-spacing: 0.025em;">' + cronStatus + '</span>';
+                                                        html += '</div>';
+                                                        
+                                                        // Webhook trigger card
+                                                        if (data.webhook_enabled) {
+                                                            html += '<div style="display: flex; align-items: center; justify-content: space-between; padding: 0.75rem 1rem; background: #f8f9fa; border: 1px solid #e9ecef; border-radius: 4px;">';
+                                                            html += '<div style="display: flex; align-items: center; gap: 0.75rem;">';
+                                                            html += '<span style="font-size: 1.25rem; line-height: 1;">✅</span>';
+                                                            html += '<span style="font-weight: 500; color: #212529; font-size: 1rem;">Webhook:</span>';
+                                                            html += '</div>';
+                                                            html += '<span style="background: #28a745; color: white; padding: 0.25rem 0.75rem; font-size: 0.875rem; font-weight: 500; border-radius: 3px; text-transform: uppercase; letter-spacing: 0.025em;">ACTIVE</span>';
+                                                            html += '</div>';
+                                                        } else {
+                                                            // Show webhook as not configured/disabled
+                                                            html += '<div style="display: flex; align-items: center; justify-content: space-between; padding: 0.75rem 1rem; background: #fff; border: 1px solid #e9ecef; border-radius: 4px;">';
+                                                            html += '<div style="display: flex; align-items: center; gap: 0.75rem;">';
+                                                            html += '<span style="font-size: 1.25rem; line-height: 1;">⚠️</span>';
+                                                            html += '<span style="font-weight: 500; color: #212529; font-size: 1rem;">Webhook:</span>';
+                                                            html += '</div>';
+                                                            html += '<span style="background: #ffc107; color: #212529; padding: 0.25rem 0.75rem; font-size: 0.875rem; font-weight: 500; border-radius: 3px; text-transform: uppercase; letter-spacing: 0.025em;">DISABLED</span>';
+                                                            html += '</div>';
+                                                        }
+                                                        
+                                                        html += '</div>';
+                                                        
+                                                        // Add warning if no triggers active
+                                                        if (!cronReady && !data.webhook_enabled) {
+                                                            html += '<div class="alert alert-warning" style="margin-top: 1rem;"><i class="fa fa-exclamation-triangle"></i> No triggers active! Configure cron or enable webhooks.</div>';
+                                                        }
+                                                        
+                                                        triggersEl.innerHTML = html;
+                                                    })
+                                                    .catch(error => {
+                                                        var triggersEl = document.getElementById('scheduler-triggers');
+                                                        if (triggersEl) {
+                                                            // Show just cron status if health endpoint not available
+                                                            var html = '<ul class="list-unstyled">';
+                                                            if (cronReady) {
+                                                                html += '<li>✅ <strong>Cron:</strong> <span class="badge badge-success">Active</span></li>';
+                                                            } else {
+                                                                html += '<li>❌ <strong>Cron:</strong> <span class="badge badge-secondary">Not Configured</span></li>';
+                                                            }
+                                                            html += '<li>⚠️ <strong>Webhook:</strong> <span class="badge badge-secondary">Plugin Not Installed</span></li>';
+                                                            html += '</ul>';
+                                                            triggersEl.innerHTML = html;
+                                                        }
+                                                    });
+                                            }
+                                            
+                                            // Load on page ready
+                                            if (document.readyState === 'loading') {
+                                                document.addEventListener('DOMContentLoaded', loadTriggers);
+                                            } else {
+                                                loadTriggers();
+                                    }
+                                })();
+                                </script>
+                            markdown: false
+
+                jobs_tab:
+                    type: tab
+                    title: PLUGIN_ADMIN.SCHEDULER_JOBS
+
+                    fields:
+                        jobs_title:
+                            type: section
+                            title: PLUGIN_ADMIN.SCHEDULER_JOBS
+                            underline: true
+
+                        custom_jobs:
+                            type: list
+                            style: vertical
+                            label:
+                            classes: cron-job-list compact
+                            key: id
+                            fields:
+                                .id:
+                                    type: key
+                                    label: ID
+                                    placeholder: 'process-name'
+                                    validate:
+                                        required: true
+                                        pattern: '[a-zа-я0-9_\-]+'
+                                        max: 20
+                                        message: 'ID must be lowercase with dashes/underscores only and less than 20 characters'
+                                .command:
+                                    type: text
+                                    label: PLUGIN_ADMIN.COMMAND
+                                    placeholder: 'ls'
+                                    validate:
+                                        required: true
+                                .args:
+                                    type: text
+                                    label: PLUGIN_ADMIN.EXTRA_ARGUMENTS
+                                    placeholder: '-lah'
+                                .at:
+                                    type: text
+                                    wrapper_classes: cron-selector
+                                    label: PLUGIN_ADMIN.SCHEDULER_RUNAT
+                                    help: PLUGIN_ADMIN.SCHEDULER_RUNAT_HELP
+                                    placeholder: '* * * * *'
+                                    validate:
+                                        required: true
+                                .output:
+                                    type: text
+                                    label: PLUGIN_ADMIN.SCHEDULER_OUTPUT
+                                    help: PLUGIN_ADMIN.SCHEDULER_OUTPUT_HELP
+                                    placeholder: 'logs/ls-cron.out'
+                                .output_mode:
+                                    type: select
+                                    label: PLUGIN_ADMIN.SCHEDULER_OUTPUT_TYPE
+                                    help: PLUGIN_ADMIN.SCHEDULER_OUTPUT_TYPE_HELP
+                                    default: append
+                                    options:
+                                        append: Append
+                                        overwrite: Overwrite
+                                .email:
+                                    type: text
+                                    label: PLUGIN_ADMIN.SCHEDULER_EMAIL
+                                    help: PLUGIN_ADMIN.SCHEDULER_EMAIL_HELP
+                                    placeholder: 'notifications@yoursite.com'
+
+                modern_tab:
+                    type: tab
+                    title: Advanced Features
+
+                    fields:
+                        workers_section:
+                            type: section
+                            title: Worker Configuration
+                            underline: true
+
+                            fields:
+                                modern.workers:
+                                    type: number
+                                    label: Concurrent Workers
+                                    help: Number of jobs that can run simultaneously (1 = sequential)
+                                    default: 4
+                                    size: x-small
+                                    append: workers
+                                    validate:
+                                        type: int
+                                        min: 1
+                                        max: 10
+
+                        retry_section:
+                            type: section
+                            title: Retry Configuration
+                            underline: true
+
+                            fields:
+                                modern.retry.enabled:
+                                    type: toggle
+                                    label: Enable Job Retry
+                                    help: Automatically retry failed jobs
+                                    highlight: 1
+                                    default: 1
+                                    options:
+                                        1: PLUGIN_ADMIN.ENABLED
+                                        0: PLUGIN_ADMIN.DISABLED
+                                    validate:
+                                        type: bool
+
+                                modern.retry.max_attempts:
+                                    type: number
+                                    label: Maximum Retry Attempts
+                                    help: Maximum number of times to retry a failed job
+                                    default: 3
+                                    size: x-small
+                                    append: retries
+                                    validate:
+                                        type: int
+                                        min: 1
+                                        max: 10
+
+                                modern.retry.backoff:
+                                    type: select
+                                    label: Retry Backoff Strategy
+                                    help: How to calculate delay between retries
+                                    default: exponential
+                                    options:
+                                        linear: Linear (fixed delay)
+                                        exponential: Exponential (increasing delay)
+
+                        queue_section:
+                            type: section
+                            title: Queue Configuration
+                            underline: true
+
+                            fields:
+                                modern.queue.path:
+                                    type: text
+                                    label: Queue Storage Path
+                                    help: Where to store queued jobs
+                                    default: 'user-data://scheduler/queue'
+                                    placeholder: 'user-data://scheduler/queue'
+
+                                modern.queue.max_size:
+                                    type: number
+                                    label: Maximum Queue Size
+                                    help: Maximum number of jobs that can be queued
+                                    default: 1000
+                                    size: x-small
+                                    append: jobs
+                                    validate:
+                                        type: int
+                                        min: 100
+                                        max: 10000
+
+                        history_section:
+                            type: section
+                            title: Job History
+                            underline: true
+
+                            fields:
+                                modern.history.enabled:
+                                    type: toggle
+                                    label: Enable Job History
+                                    help: Track execution history for all jobs
+                                    highlight: 1
+                                    default: 1
+                                    options:
+                                        1: PLUGIN_ADMIN.ENABLED
+                                        0: PLUGIN_ADMIN.DISABLED
+                                    validate:
+                                        type: bool
+
+                                modern.history.retention_days:
+                                    type: number
+                                    label: History Retention (days)
+                                    help: How long to keep job history
+                                    default: 30
+                                    size: x-small
+                                    append: days
+                                    validate:
+                                        type: int
+                                        min: 1
+                                        max: 365
+
+                        webhook_section:
+                            type: section
+                            title: Webhook Configuration
+                            underline: true
+
+                            fields:
+                                webhook_plugin_status:
+                                    type: webhook-status
+                                    label:
+                                modern.webhook.enabled:
+                                    type: toggle
+                                    label: Enable Webhook Triggers
+                                    help: Allow triggering scheduler via HTTP webhook
+                                    highlight: 0
+                                    default: 0
+                                    options:
+                                        1: PLUGIN_ADMIN.ENABLED
+                                        0: PLUGIN_ADMIN.DISABLED
+                                    validate:
+                                        type: bool
+
+                                modern.webhook.token:
+                                    type: text
+                                    label: Webhook Security Token
+                                    help: Secret token for authenticating webhook requests. Keep this secret!
+                                    placeholder: 'Click Generate to create a secure token'
+                                    autocomplete: 'off'
+                                            
+                                webhook_token_generate:
+                                    type: display
+                                    label:
+                                    content: |
+                                                <div style="margin-top: -10px; margin-bottom: 15px;">
+                                                    <button type="button" class="button button-primary" onclick="generateWebhookToken()">
+                                                        <i class="fa fa-refresh"></i> Generate Token
+                                                    </button>
+                                                </div>
+                                                <script>
+                                                function generateWebhookToken() {
+                                                    try {
+                                                        // Generate token
+                                                        const array = new Uint8Array(32);
+                                                        crypto.getRandomValues(array);
+                                                        const token = Array.from(array, byte => byte.toString(16).padStart(2, '0')).join('');
+                                                        
+                                                        // Try multiple selectors to find the field
+                                                        let field = document.querySelector('[name="data[scheduler][modern][webhook][token]"]');
+                                                        if (!field) {
+                                                            field = document.querySelector('input[name*="webhook][token"]');
+                                                        }
+                                                        if (!field) {
+                                                            field = document.getElementById('scheduler-modern-webhook-token');
+                                                        }
+                                                        if (!field) {
+                                                            // Look for any text input in the webhook section
+                                                            const webhookSection = document.querySelector('.webhook_section');
+                                                            if (webhookSection) {
+                                                                const inputs = webhookSection.querySelectorAll('input[type="text"]');
+                                                                // Find the token field by checking for the placeholder
+                                                                for (let input of inputs) {
+                                                                    if (input.placeholder && input.placeholder.includes('Generate')) {
+                                                                        field = input;
+                                                                        break;
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                        
+                                                        if (field) {
+                                                            field.value = token;
+                                                            field.dispatchEvent(new Event('change', { bubbles: true }));
+                                                            field.dispatchEvent(new Event('input', { bubbles: true }));
+                                                            // Flash the field to show it was updated
+                                                            field.style.backgroundColor = '#d4edda';
+                                                            setTimeout(function() {
+                                                                field.style.backgroundColor = '';
+                                                            }, 500);
+                                                            // Also try to trigger Grav's form change detection
+                                                            if (window.jQuery) {
+                                                                jQuery(field).trigger('change');
+                                                            }
+                                                        } else {
+                                                            // Log more debugging info
+                                                            console.error('Token field not found. Looking for input fields...');
+                                                            console.log('All inputs:', document.querySelectorAll('input[type="text"]'));
+                                                            alert('Could not find the token field. Please ensure you are in the Advanced Features tab and the Webhook Configuration section is visible.');
+                                                        }
+                                                    } catch (e) {
+                                                        console.error('Error generating token:', e);
+                                                        alert('Error generating token: ' + e.message);
+                                                    }
+                                                }
+                                                </script>
+                                    markdown: false
+
+                                modern.webhook.path:
+                                    type: text
+                                    label: Webhook Path
+                                    help: URL path for webhook endpoint
+                                    default: '/scheduler/webhook'
+                                    placeholder: '/scheduler/webhook'
+
+                        health_section:
+                            type: section
+                            title: Health Check Configuration
+                            underline: true
+
+                            fields:
+                                modern.health.enabled:
+                                    type: toggle
+                                    label: Enable Health Check
+                                    help: Provide health status endpoint for monitoring
+                                    highlight: 1
+                                    default: 1
+                                    options:
+                                        1: PLUGIN_ADMIN.ENABLED
+                                        0: PLUGIN_ADMIN.DISABLED
+                                    validate:
+                                        type: bool
+
+                                modern.health.path:
+                                    type: text
+                                    label: Health Check Path
+                                    help: URL path for health check endpoint
+                                    default: '/scheduler/health'
+                                    placeholder: '/scheduler/health'
+                                            
+                        webhook_usage:
+                            type: section
+                            title: Usage Examples
+                            underline: true
+                            
+                            fields:
+                                webhook_examples:
+                                    type: display
+                                    label:
+                                    content: |
+                                                <script src="{{ url('plugin://admin/themes/grav/js/clipboard-helper.js') }}"></script>
+                                                <div class="webhook-examples">
+                                                    <script>
+                                                    // Initialize webhook commands when page loads
+                                                    document.addEventListener('DOMContentLoaded', function() {
+                                                        if (typeof GravClipboard !== 'undefined') {
+                                                            GravClipboard.initWebhookCommands();
+                                                        }
+                                                    });
+                                                    </script>
+                                                    
+                                                    <div class="alert alert-info">
+                                                        <h4>How to use webhooks:</h4>
+                                                        
+                                                        <div style="margin-bottom: 1rem;">
+                                                            <label style="display: block; margin-bottom: 0.25rem; font-weight: 500;">Trigger all due jobs (respects schedule):</label>
+                                                            <div class="form-input-wrapper form-input-addon-wrapper">
+                                                                <textarea id="webhook-all-cmd" readonly rows="2" style="font-family: monospace; background: #f5f5f5; resize: none;">Loading...</textarea>
+                                                                <div class="form-input-addon form-input-append" style="cursor: pointer;" onclick="GravClipboard.copy(this)"><i class="fa fa-copy"></i> Copy</div>
+                                                            </div>
+                                                        </div>
+                                                        
+                                                        <div style="margin-bottom: 1rem;">
+                                                            <label style="display: block; margin-bottom: 0.25rem; font-weight: 500;">Force-run specific job (ignores schedule):</label>
+                                                            <div class="form-input-wrapper form-input-addon-wrapper">
+                                                                <textarea id="webhook-job-cmd" readonly rows="2" style="font-family: monospace; background: #f5f5f5; resize: none;">Loading...</textarea>
+                                                                <div class="form-input-addon form-input-append" style="cursor: pointer;" onclick="GravClipboard.copy(this)"><i class="fa fa-copy"></i> Copy</div>
+                                                            </div>
+                                                        </div>
+                                                        
+                                                        <div style="margin-bottom: 1rem;">
+                                                            <label style="display: block; margin-bottom: 0.25rem; font-weight: 500;">Check health status:</label>
+                                                            <div class="form-input-wrapper form-input-addon-wrapper">
+                                                                <input type="text" id="webhook-health-cmd" readonly value="Loading..." style="font-family: monospace; background: #f5f5f5;">
+                                                                <div class="form-input-addon form-input-append" style="cursor: pointer;" onclick="GravClipboard.copy(this)"><i class="fa fa-copy"></i> Copy</div>
+                                                            </div>
+                                                        </div>
+                                                        
+                                                        <div style="margin-top: 1rem;">
+                                                            <p><strong>GitHub Actions example:</strong></p>
+                                                            <pre>- name: Trigger Scheduler
+                                                  run: |
+                                                    curl -X POST ${{ secrets.SITE_URL }}/scheduler/webhook \
+                                                      -H "Authorization: Bearer ${{ secrets.WEBHOOK_TOKEN }}"</pre>
+                                                        </div>
+                                                    </div>
+                                                </div>
+                                    markdown: false
 
 
 

system/blueprints/config/system.yaml

@@ -103,6 +103,7 @@ form:
                 "D, d M Y G:i:s": Date3
                 "d-m-y G:i": Date4
                 "jS M Y": Date5
+                "Y-m-d G:i": Date6
 
             pages.dateformat.long:
               type: dateformat
@@ -116,6 +117,7 @@ form:
                 "D, d M Y G:i:s": Date3
                 "d-m-y G:i": Date4
                 "jS M Y": Date5
+                "Y-m-d G:i:s": Date6
 
             pages.order.by:
               type: select
@@ -448,6 +450,17 @@ form:
               validate:
                 type: bool
 
+            languages.debug:
+              type: toggle
+              label: PLUGIN_ADMIN.LANGUAGE_DEBUG
+              help: PLUGIN_ADMIN.LANGUAGE_DEBUG_HELP
+              highlight: 0
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              validate:
+                type: bool
+
         http_headers:
           type: tab
           title: PLUGIN_ADMIN.HTTP_HEADERS
@@ -608,7 +621,6 @@ form:
                 file: File
                 apc: APC
                 apcu: APCu
-                xcache: Xcache
                 memcache: Memcache
                 memcached: Memcached
                 wincache: WinCache
@@ -621,6 +633,19 @@ form:
               help: PLUGIN_ADMIN.CACHE_PREFIX_HELP
               placeholder: PLUGIN_ADMIN.CACHE_PREFIX_PLACEHOLDER
 
+            cache.purge_max_age_days:
+                type: text
+                size: x-small
+                append: GRAV.NICETIME.DAY_PLURAL
+                label: PLUGIN_ADMIN.CACHE_PURGE_AGE
+                help: PLUGIN_ADMIN.CACHE_PURGE_AGE_HELP
+                validate:
+                    type: number
+                    min: 1
+                    max: 365
+                    step: 1
+                default: 30
+
             cache.purge_at:
               type: cron
               label: PLUGIN_ADMIN.CACHE_PURGE_JOB
@@ -646,7 +671,7 @@ form:
               type: toggle
               label: PLUGIN_ADMIN.CLEAR_IMAGES_BY_DEFAULT
               help: PLUGIN_ADMIN.CLEAR_IMAGES_BY_DEFAULT_HELP
-              highlight: 1
+              highlight: 0
               options:
                 1: PLUGIN_ADMIN.YES
                 0: PLUGIN_ADMIN.NO
@@ -888,9 +913,45 @@ form:
           title: PLUGIN_ADMIN.ASSETS
 
           fields:
-            assets_section:
+            general_config_section:
               type: section
-              title: PLUGIN_ADMIN.ASSETS
+              title: PLUGIN_ADMIN.GENERAL_CONFIG
+              underline: true
+
+            assets.enable_asset_timestamp:
+              type: toggle
+              label: PLUGIN_ADMIN.ENABLED_TIMESTAMPS_ON_ASSETS
+              help: PLUGIN_ADMIN.ENABLED_TIMESTAMPS_ON_ASSETS_HELP
+              highlight: 0
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              validate:
+                type: bool
+
+            assets.enable_asset_sri:
+              type: toggle
+              label: PLUGIN_ADMIN.ENABLED_SRI_ON_ASSETS
+              help: PLUGIN_ADMIN.ENABLED_SRI_ON_ASSETS_HELP
+              highlight: 0
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              validate:
+                type: bool
+
+            assets.collections:
+              type: multilevel
+              label: PLUGIN_ADMIN.COLLECTIONS
+              placeholder_key: collection_name
+              placeholder_value: collection_path
+              validate:
+                type: array
+
+
+            css_assets_section:
+              type: section
+              title: PLUGIN_ADMIN.CSS_ASSETS
               underline: true
 
             assets.css_pipeline:
@@ -959,6 +1020,11 @@ form:
               validate:
                 type: bool
 
+            js_assets_section:
+              type: section
+              title: PLUGIN_ADMIN.JS_ASSETS
+              underline: true
+
             assets.js_pipeline:
               type: toggle
               label: PLUGIN_ADMIN.JAVASCRIPT_PIPELINE
@@ -1003,10 +1069,15 @@ form:
               validate:
                 type: bool
 
-            assets.enable_asset_timestamp:
+            js_module_assets_section:
+              type: section
+              title: PLUGIN_ADMIN.JS_MODULE_ASSETS
+              underline: true
+
+            assets.js_module_pipeline:
               type: toggle
-              label: PLUGIN_ADMIN.ENABLED_TIMESTAMPS_ON_ASSETS
-              help: PLUGIN_ADMIN.ENABLED_TIMESTAMPS_ON_ASSETS_HELP
+              label: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE
+              help: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE_HELP
               highlight: 0
               options:
                 1: PLUGIN_ADMIN.YES
@@ -1014,24 +1085,29 @@ form:
               validate:
                 type: bool
 
-            assets.enable_asset_sri:
+            assets.js_module_pipeline_include_externals:
               type: toggle
-              label: PLUGIN_ADMIN.ENABLED_SRI_ON_ASSETS
-              help: PLUGIN_ADMIN.ENABLED_SRI_ON_ASSETS_HELP
-              highlight: 0
+              label: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE_INCLUDE_EXTERNALS
+              help: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE_INCLUDE_EXTERNALS_HELP
+              highlight: 1
               options:
                 1: PLUGIN_ADMIN.YES
                 0: PLUGIN_ADMIN.NO
               validate:
                 type: bool
 
-            assets.collections:
-              type: multilevel
-              label: PLUGIN_ADMIN.COLLECTIONS
-              placeholder_key: collection_name
-              placeholder_value: collection_path
+            assets.js_module_pipeline_before_excludes:
+              type: toggle
+              label: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE_BEFORE_EXCLUDES
+              help: PLUGIN_ADMIN.JAVASCRIPT_MODULE_PIPELINE_BEFORE_EXCLUDES_HELP
+              highlight: 1
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
               validate:
-                type: array
+                type: bool
+
+
 
         errors:
           type: tab
@@ -1105,6 +1181,13 @@ form:
                 local6: local6
                 local7: local7
 
+            log.syslog.tag:
+              type: text
+              size: small
+              label: PLUGIN_ADMIN.SYSLOG_TAG
+              help: PLUGIN_ADMIN.SYSLOG_TAG_HELP
+              placeholder: "grav"
+
         debugger:
           type: tab
           title: PLUGIN_ADMIN.DEBUGGER
@@ -1168,6 +1251,16 @@ form:
               title: PLUGIN_ADMIN.MEDIA
               underline: true
 
+            images.adapter:
+              type: select
+              size: small
+              label: PLUGIN_ADMIN.IMAGES_ADAPTER
+              help: PLUGIN_ADMIN.IMAGES_ADAPTER_HELP
+              highlight: gd
+              options:
+                  gd: GD (PHP built-in)
+                  imagick: Imagick
+
             images.default_image_quality:
               type: range
               append: '%'
@@ -1230,6 +1323,28 @@ form:
                 auto: Auto
                 lazy: Lazy
                 eager: Eager
+            
+            images.defaults.decoding:
+              type: select
+              size: small
+              label: PLUGIN_ADMIN.IMAGES_DECODING
+              help: PLUGIN_ADMIN.IMAGES_DECODING_HELP
+              highlight: auto
+              options:
+                auto: Auto
+                sync: Sync
+                async: Async
+            
+            images.defaults.fetchpriority:
+              type: select
+              size: small
+              label: PLUGIN_ADMIN.IMAGES_FETCHPRIORITY
+              help: PLUGIN_ADMIN.IMAGES_FETCHPRIORITY_HELP
+              highlight: auto
+              options:
+                auto: Auto
+                high: High
+                low: Low
 
             images.seofriendly:
               type: toggle
@@ -1394,6 +1509,18 @@ form:
               validate:
                 type: bool
 
+            session.secure_https:
+              type: toggle
+              label: PLUGIN_ADMIN.SESSION_SECURE_HTTPS
+              help: PLUGIN_ADMIN.SESSION_SECURE_HTTPS_HELP
+              highlight: 1
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              default: true
+              validate:
+                type: bool
+
             session.httponly:
               type: toggle
               label: PLUGIN_ADMIN.SESSION_HTTPONLY
@@ -1446,6 +1573,10 @@ form:
               title: PLUGIN_ADMIN.ADVANCED
               underline: true
 
+            gpm_section:
+              type: section
+              title: PLUGIN_ADMIN.GPM_SECTION
+
             gpm.releases:
               type: toggle
               label: PLUGIN_ADMIN.GPM_RELEASES
@@ -1455,23 +1586,6 @@ form:
                 stable: PLUGIN_ADMIN.STABLE
                 testing: PLUGIN_ADMIN.TESTING
 
-            gpm.proxy_url:
-              type: text
-              size: medium
-              placeholder: "e.g. 127.0.0.1:3128"
-              label: PLUGIN_ADMIN.PROXY_URL
-              help: PLUGIN_ADMIN.PROXY_URL_HELP
-
-            gpm.method:
-              type: toggle
-              label: PLUGIN_ADMIN.GPM_METHOD
-              highlight: auto
-              help: PLUGIN_ADMIN.GPM_METHOD_HELP
-              options:
-                auto: PLUGIN_ADMIN.AUTO
-                fopen: PLUGIN_ADMIN.FOPEN
-                curl: PLUGIN_ADMIN.CURL
-
             gpm.official_gpm_only:
               type: toggle
               label: PLUGIN_ADMIN.GPM_OFFICIAL_ONLY
@@ -1484,17 +1598,80 @@ form:
               validate:
                 type: bool
 
-            gpm.verify_peer:
+            http_section:
+              type: section
+              title: PLUGIN_ADMIN.HTTP_SECTION
+
+            http.method:
               type: toggle
-              label: PLUGIN_ADMIN.GPM_VERIFY_PEER
+              label: PLUGIN_ADMIN.GPM_METHOD
+              highlight: auto
+              help: PLUGIN_ADMIN.GPM_METHOD_HELP
+              options:
+                auto: PLUGIN_ADMIN.AUTO
+                fopen: PLUGIN_ADMIN.FOPEN
+                curl: PLUGIN_ADMIN.CURL
+
+            http.enable_proxy:
+              type: toggle
+              label: PLUGIN_ADMIN.SSL_ENABLE_PROXY
               highlight: 1
-              help: PLUGIN_ADMIN.GPM_VERIFY_PEER_HELP
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              default: false
+              validate:
+                type: bool
+
+            http.proxy_url:
+              type: text
+              size: medium
+              placeholder: "e.g. 127.0.0.1:3128"
+              label: PLUGIN_ADMIN.PROXY_URL
+              help: PLUGIN_ADMIN.PROXY_URL_HELP
+
+            http.proxy_cert_path:
+              type: text
+              size: medium
+              placeholder: "e.g. /Users/bob/certs/"
+              label: PLUGIN_ADMIN.PROXY_CERT
+              help: PLUGIN_ADMIN.PROXY_CERT_HELP
+
+            http.verify_peer:
+              type: toggle
+              label: PLUGIN_ADMIN.SSL_VERIFY_PEER
+              highlight: 1
+              help: PLUGIN_ADMIN.SSL_VERIFY_PEER_HELP
               options:
                 1: PLUGIN_ADMIN.YES
                 0: PLUGIN_ADMIN.NO
               validate:
                 type: bool
 
+            http.verify_host:
+              type: toggle
+              label: PLUGIN_ADMIN.SSL_VERIFY_HOST
+              highlight: 1
+              help: PLUGIN_ADMIN.SSL_VERIFY_HOST_HELP
+              options:
+                1: PLUGIN_ADMIN.YES
+                0: PLUGIN_ADMIN.NO
+              validate:
+                type: bool
+
+            http.concurrent_connections:
+              type: number
+              size: x-small
+              label: PLUGIN_ADMIN.HTTP_CONNECTIONS
+              help: PLUGIN_ADMIN.HTTP_CONNECTIONS_HELP
+              validate:
+                min: 1
+                max: 20
+
+            misc_section:
+              type: section
+              title: PLUGIN_ADMIN.MISC_SECTION
+
             reverse_proxy_setup:
               type: toggle
               label: PLUGIN_ADMIN.REVERSE_PROXY
@@ -1673,35 +1850,15 @@ form:
               validate:
                 type: bool
 
-        experimental:
+
+        accounts:
           type: tab
-          title: PLUGIN_ADMIN.EXPERIMENTAL
+          title: PLUGIN_ADMIN.ACCOUNTS
 
           fields:
-            experimental_section:
-              type: section
-              title: PLUGIN_ADMIN.EXPERIMENTAL
-              underline: true
-
-#            flex_pages:
-#              type: section
-#              title: Flex Pages
-#
-#            pages.type:
-#              type: select
-#              label: PLUGIN_ADMIN.PAGES_TYPE
-#              highlight: regular
-#              help: PLUGIN_ADMIN.PAGES_TYPE_HELP
-#              options:
-#                regular: PLUGIN_ADMIN.REGULAR
-#                flex: PLUGIN_ADMIN.FLEX
-
-            pages.type:
-              type: hidden
-
             flex_accounts:
               type: section
-              title: Flex Accounts
+              title: User Accounts
 
             accounts.type:
               type: select
@@ -1720,3 +1877,41 @@ form:
               options:
                 file: PLUGIN_ADMIN.FILE
                 folder: PLUGIN_ADMIN.FOLDER
+
+            accounts.avatar:
+              type: select
+              label: PLUGIN_ADMIN.AVATAR
+              default: gravatar
+              help: PLUGIN_ADMIN.AVATAR_HELP
+              options:
+                multiavatar: Multiavatar [local]
+                gravatar: Gravatar [external]
+
+#        experimental:
+#          type: tab
+#          title: PLUGIN_ADMIN.EXPERIMENTAL
+#
+#          fields:
+#            experimental_section:
+#              type: section
+#              title: PLUGIN_ADMIN.EXPERIMENTAL
+#              underline: true
+#
+#            flex_pages:
+#              type: section
+#              title: Flex Pages
+#
+#            pages.type:
+#              type: select
+#              label: PLUGIN_ADMIN.PAGES_TYPE
+#              highlight: regular
+#              help: PLUGIN_ADMIN.PAGES_TYPE_HELP
+#              options:
+#                regular: PLUGIN_ADMIN.REGULAR
+#                flex: PLUGIN_ADMIN.FLEX
+#
+#            pages.type:
+#              type: hidden
+
+
+

system/blueprints/flex/pages.yaml

@@ -104,7 +104,7 @@ config:
 
     edit:
       title:
-        template: "{% if object.root %}Root <small>( &lt;root&gt; ){% else %}{{ (form.value('header.title') ?? form.value('folder'))|e }} <small>( {{ (object.getRoute().toString(false) ?: '/')|e }} )</small>{% endif %}"
+        template: "{% if object.root %}Root <small>( &lt;root&gt; )</small>{% else %}{{ (form.value('header.title') ?? form.value('folder'))|e }} <small>( {{ (object.getRoute().toString(false) ?: '/')|e }} )</small>{% endif %}"
 
       # TODO: not used yet
       buttons:
@@ -184,9 +184,9 @@ config:
       # Fields to be searched
       fields:
         - key
+        - slug
         - menu
         - title
-        - name
 
 blueprints:
   configure:

system/blueprints/flex/user-accounts.yaml

@@ -122,6 +122,19 @@ config:
       fields:
         - key
         - email
+        - username
+        - fullname
+
+  relationships:
+    media:
+      type: media
+      cardinality: to-many
+    avatar:
+      type: media
+      cardinality: to-one
+#    roles:
+#      type: user-groups
+#      cardinality: to-many
 
 blueprints:
   configure:

system/blueprints/flex/user-groups.yaml

@@ -113,6 +113,7 @@ config:
       fields:
         - key
         - groupname
+        - readableName
         - description
 
 blueprints:

system/blueprints/pages/default.yaml

@@ -320,6 +320,18 @@ form:
 
               fields:
 
+                header.redirect_default_route:
+                  type: toggle
+                  toggleable: true
+                  label: PLUGIN_ADMIN.REDIRECT_DEFAULT_ROUTE
+                  help: PLUGIN_ADMIN.REDIRECT_DEFAULT_ROUTE_HELP
+                  config-highlight@: system.pages.redirect_default_route
+                  options:
+                    1: PLUGIN_ADMIN.YES
+                    0: PLUGIN_ADMIN.NO
+                  validate:
+                    type: bool
+
                 header.routes.default:
                   type: text
                   toggleable: true

system/blueprints/pages/external.yaml

@@ -1,7 +1,7 @@
-title: PLUGIN_ADMIN:EXTERNAL
+title: PLUGIN_ADMIN.EXTERNAL
 extends@:
-    type: default
-    context: blueprints://pages
+  type: default
+  context: blueprints://pages
 
 form:
   validation: loose
@@ -29,16 +29,16 @@ form:
               unset@: true
 
             header.external_url:
-                type: text
-                label: PLUGIN_ADMIN.EXTERNAL_URL
-                placeholder: https://getgrav.org
-                validate:
-                    required: true
+              type: text
+              label: PLUGIN_ADMIN.EXTERNAL_URL
+              placeholder: https://getgrav.org
+              validate:
+                required: true
+
         options:
           fields:
 
             publishing:
-
               fields:
 
                 header.date:

system/blueprints/pages/partials/security.yaml

@@ -51,17 +51,13 @@ form:
             type: bool
 
         header.permissions.authors:
-          type: list
+          type: array
           toggleable: true
+          value_only: true
+          placeholder_value: PLUGIN_ADMIN.USERNAME
           label: PLUGIN_ADMIN.PAGE_AUTHORS
           help: PLUGIN_ADMIN.PAGE_AUTHORS_HELP
 
-          fields:
-            value:
-              type: text
-              placeholder: PLUGIN_ADMIN.USERNAME
-              style: vertical
-
         header.permissions.groups:
           ignore@: true
           type: acl_picker

system/blueprints/user/account.yaml

@@ -11,10 +11,21 @@ form:
         avatar:
             type: file
             size: large
-            destination: 'user://accounts/avatars'
+            destination: 'account://avatars'
             multiple: false
             random_name: true
 
+        multiavatar_only:
+          type: conditional
+          condition: config.system.accounts.avatar == 'multiavatar'
+          fields:
+            avatar_hash:
+                type: text
+                label: ''
+                placeholder: 'e.g. dceaadcfda491f4e45'
+                description: PLUGIN_ADMIN.AVATAR_HASH
+                size: large
+
         content:
             type: section
             title: PLUGIN_ADMIN.ACCOUNT
@@ -107,6 +118,12 @@ form:
                     label: PLUGIN_ADMIN.2FA_SECRET
                     sublabel: PLUGIN_ADMIN.2FA_SECRET_HELP
 
+                yubikey_id:
+                    type: text
+                    label: PLUGIN_ADMIN.YUBIKEY_ID
+                    description: PLUGIN_ADMIN.YUBIKEY_HELP
+                    size: small
+                    maxlength: 12
 
 
 

system/config/media.yaml

@@ -28,6 +28,10 @@ types:
     type: image
     thumb: media/thumb-webp.png
     mime: image/webp
+  avif:
+    type: image
+    thumb: media/thumb.png
+    mime: image/avif
   gif:
     type: animated
     thumb: media/thumb-gif.png
@@ -91,7 +95,7 @@ types:
   aif:
     type: audio
     thumb: media/thumb-aif.png
-    mime: audio/aif
+    mime: audio/aiff
   txt:
     type: file
     thumb: media/thumb-txt.png
@@ -195,7 +199,7 @@ types:
   gz:
     type: file
     thumb: media/thumb-gz.png
-    mime: application/gzip
+    mime: application/x-gzip
   tar:
     type: file
     thumb: media/thumb-tar.png
@@ -207,8 +211,13 @@ types:
   js:
     type: file
     thumb: media/thumb-js.png
-    mime: application/javascript
+    mime: text/javascript
   json:
     type: file
     thumb: media/thumb-json.png
     mime: application/json
+  vcf:
+    type: file
+    thumb: media/thumb-vcf.png
+    mime: text/x-vcard
+

system/config/scheduler.yaml

@@ -0,0 +1,68 @@
+# Grav Scheduler Configuration
+
+# Default scheduler settings (backward compatible)
+defaults:
+  output: true
+  output_type: file
+  email: null
+
+# Status of individual jobs (enabled/disabled)
+status: {}
+
+# Custom scheduled jobs
+custom_jobs: {}
+
+# Modern scheduler features (disabled by default for backward compatibility)
+modern:
+  # Enable modern scheduler features
+  enabled: false
+  
+  # Number of concurrent workers (1 = sequential execution like legacy)
+  workers: 1
+  
+  # Job retry configuration
+  retry:
+    enabled: true
+    max_attempts: 3
+    backoff: exponential  # 'linear' or 'exponential'
+    
+  # Job queue configuration
+  queue:
+    path: user-data://scheduler/queue
+    max_size: 1000
+    
+  # Webhook trigger configuration
+  webhook:
+    enabled: false
+    token: null  # Set a secure token to enable webhook triggers
+    path: /scheduler/webhook
+    
+  # Health check endpoint
+  health:
+    enabled: true
+    path: /scheduler/health
+    
+  # Job execution history
+  history:
+    enabled: true
+    retention_days: 30
+    path: user-data://scheduler/history
+    
+  # Performance settings
+  performance:
+    job_timeout: 300  # Default timeout in seconds
+    lock_timeout: 10   # Lock acquisition timeout in seconds
+    
+  # Monitoring and alerts
+  monitoring:
+    enabled: false
+    alert_on_failure: true
+    alert_email: null
+    webhook_url: null
+    
+  # Trigger detection methods
+  triggers:
+    check_cron: true
+    check_systemd: true
+    check_webhook: true
+    check_external: true

system/config/security.yaml

@@ -32,8 +32,16 @@ xss_dangerous_tags:
     - base
 uploads_dangerous_extensions:
     - php
+    - php2
+    - php3
+    - php4
+    - php5
+    - phar
+    - phtml
     - html
     - htm
+    - shtml
+    - shtm
     - js
     - exe
 sanitize_svg: true

system/config/site.yaml

@@ -25,7 +25,7 @@ routes:
 #  '/new/(.*)': '/blog/$1'                  # Regex any /new/my-page URL to /blog/my-page Route
 
 blog:
-  route: '/blog'                            # Custom value added (accessible via system.blog.route)
+  route: '/blog'                            # Custom value added (accessible via site.blog.route)
 
 #menu:                                      # Menu Example
 #    - text: Source

system/config/system.yaml

@@ -28,6 +28,7 @@ languages:
   override_locale: false                         # Override the default or system locale with language specific one
   content_fallback: {}                           # Custom language fallbacks. eg: {fr: ['fr', 'en']}
   pages_fallback_only: false                     # DEPRECATED: Use `content_fallback` instead
+  debug: false                                   # Debug language detection
 
 home:
   alias: '/home'                                 # Default path for home, ie /
@@ -35,6 +36,7 @@ home:
 
 pages:
   type: regular                                  # EXPERIMENTAL: Page type: regular or flex
+  dirs: ['page://']                              # Advanced functionality, allows for multiple page paths
   theme: quark                                   # Default theme (defaults to "quark" theme)
   order:
     by: default                                  # Order pages by "default", "alpha" or "date"
@@ -96,9 +98,10 @@ cache:
   purge_at: '0 4 * * *'                          # How often to purge old file cache (using new scheduler)
   clear_at: '0 3 * * *'                           # How often to clear cache (using new scheduler)
   clear_job_type: 'standard'                     # Type to clear when processing the scheduled clear job `standard`|`all`
-  clear_images_by_default: true                  # By default grav will include processed images in cache clear, this can be disabled
+  clear_images_by_default: false                 # By default grav does not include processed images in cache clear, this can be enabled
   cli_compatibility: false                       # Ensures only non-volatile drivers are used (file, redis, memcache, etc.)
   lifetime: 604800                               # Lifetime of cached data in seconds (0 = infinite)
+  purge_max_age_days: 30                         # Maximum age of cache items in days before they are purged
   gzip: false                                    # GZip compress the page output
   allow_webserver_gzip: false                    # If true, `content-encoding: identity` but connection isn't closed before `onShutDown()` event
   redis:
@@ -127,11 +130,14 @@ assets:                                          # Configuration for Assets Mana
   js_pipeline: false                             # The JS pipeline is the unification of multiple JS resources into one file
   js_pipeline_include_externals: true            # Include external URLs in the pipeline by default
   js_pipeline_before_excludes: true              # Render the pipeline before any excluded files
+  js_module_pipeline: false                      # The JS Module pipeline is the unification of multiple JS Module resources into one file
+  js_module_pipeline_include_externals: true     # Include external URLs in the pipeline by default
+  js_module_pipeline_before_excludes: true       # Render the pipeline before any excluded files
   js_minify: true                                # Minify the JS during pipelining
   enable_asset_timestamp: false                  # Enable asset timestamps
   enable_asset_sri: false                        # Enable asset SRI
   collections:
-    jquery: system://assets/jquery/jquery-2.x.min.js
+    jquery: system://assets/jquery/jquery-3.x.min.js
 
 errors:
   display: 0                                     # Display either (1) Full backtrace | (0) Simple Error | (-1) System Error
@@ -141,6 +147,7 @@ log:
   handler: file                                 # Log handler. Currently supported: file | syslog
   syslog:
     facility: local6                            # Syslog facilities output
+    tag: grav                                   # Syslog tag. Default: "grav".
 
 debugger:
   enabled: false                                 # Enable Grav debugger and following settings
@@ -150,6 +157,7 @@ debugger:
     close_connection: true                       # Close the connection before calling onShutdown(). false for debugging
 
 images:
+  adapter: gd                                    # Image adapter to use: gd | imagick
   default_image_quality: 85                      # Default image quality to use when resampling images (85%)
   cache_all: false                               # Cache all image by default
   cache_perms: '0755'                            # MUST BE IN QUOTES!! Default cache folder perms. Usually '0755' or '0775'
@@ -162,6 +170,14 @@ images:
     retina_scale: 1                              # scale to adjust auto-sizes for better handling of HiDPI resolutions
   defaults:
     loading: auto                                # Let browser pick [auto|lazy|eager]
+    decoding: auto                               # Let browser pick [auto|sync|async]
+    fetchpriority: auto                          # Let browser pick [auto|high|low]
+  watermark:
+    image: 'system://images/watermark.png'       # Path to a watermark image
+    position_y: 'center'                         # top|center|bottom
+    position_x: 'center'                         # left|center|right
+    scale: 33                                    # percentage of watermark scale
+    watermark_all: false                         # automatically watermark all images
 
 media:
   enable_media_timestamp: false                  # Enable media timestamps
@@ -176,6 +192,7 @@ session:
   name: grav-site                                # Name prefix of the session cookie. Use alphanumeric, dashes or underscores only. Do not use dots in the session name
   uniqueness: path                               # Should sessions be `path` based or `security.salt` based
   secure: false                                  # Set session secure. If true, indicates that communication for this cookie must be over an encrypted transmission. Enable this only on sites that run exclusively on HTTPS
+  secure_https: true                             # Set session secure on HTTPS but not on HTTP. Has no effect if you have `session.secure: true`. Set to false if your site jumps between HTTP and HTTPS.
   httponly: true                                 # Set session HTTP only. If true, indicates that cookies should be used only over HTTP, and JavaScript modification is not allowed.
   samesite: Lax                                  # Set session SameSite. Possible values are Lax, Strict and None. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
   split: true                                    # Sessions should be independent between site and plugins (such as admin)
@@ -184,14 +201,21 @@ session:
 
 gpm:
   releases: stable                               # Set to either 'stable' or 'testing'
-  proxy_url:                                     # Configure a manual proxy URL for GPM (eg 127.0.0.1:3128)
-  method: 'auto'                                 # Either 'curl', 'fopen' or 'auto'. 'auto' will try fopen first and if not available cURL
-  verify_peer: true                              # Sometimes on some systems (Windows most commonly) GPM is unable to connect because the SSL certificate cannot be verified. Disabling this setting might help.
   official_gpm_only: true                        # By default GPM direct-install will only allow URLs via the official GPM proxy to ensure security
 
+http:
+  method: auto                                   # Either 'curl', 'fopen' or 'auto'. 'auto' will try fopen first and if not available cURL
+  enable_proxy: true                             # Enable proxy server configuration
+  proxy_url:                                     # Configure a manual proxy URL for GPM (eg 127.0.0.1:3128)
+  proxy_cert_path:                               # Local path to proxy certificate folder containing pem files
+  concurrent_connections: 5                      # Concurrent HTTP connections when multiplexing
+  verify_peer: true                              # Enable/Disable SSL verification of peer certificates
+  verify_host: true                              # Enable/Disable SSL verification of host certificates
+
 accounts:
   type: regular                                  # EXPERIMENTAL: Account type: regular or flex
   storage: file                                  # EXPERIMENTAL: Flex storage type: file or folder
+  avatar: gravatar                               # Avatar generator [multiavatar|gravatar]
 
 flex:
   cache:

system/defines.php

@@ -3,13 +3,13 @@
 /**
  * @package    Grav\Core
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.7.14');
+define('GRAV_VERSION', '1.7.49.1');
 define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
 define('GRAV_TESTING', false);
 
@@ -26,12 +26,12 @@ if (!defined('DS')) {
 // Absolute path to Grav root. This is where Grav is installed into.
 if (!defined('GRAV_ROOT')) {
     $path = rtrim(str_replace(DIRECTORY_SEPARATOR, DS, getenv('GRAV_ROOT') ?: getcwd()), DS);
-    define('GRAV_ROOT', $path);
+    define('GRAV_ROOT', $path ?: DS);
 }
 // Absolute path to Grav webroot. This is the path where your site is located in.
 if (!defined('GRAV_WEBROOT')) {
     $path = rtrim(getenv('GRAV_WEBROOT') ?: GRAV_ROOT, DS);
-    define('GRAV_WEBROOT', $path);
+    define('GRAV_WEBROOT', $path ?: DS);
 }
 // Relative path to user folder. This path needs to be located under GRAV_WEBROOT.
 if (!defined('GRAV_USER_PATH')) {
@@ -99,3 +99,6 @@ define('RAW_CONTENT', 1);
 define('TWIG_CONTENT', 2);
 define('TWIG_CONTENT_LIST', 3);
 define('TWIG_TEMPLATES', 4);
+
+// Filters
+define('GRAV_SANITIZE_STRING', 5001);

system/install.php

@@ -2,7 +2,7 @@
 /**
  * @package    Grav\Core
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 

system/languages/ar.yaml

@@ -51,6 +51,7 @@ GRAV:
     VALIDATION_FAIL: '<b>فشل التحقق من صحة:</b>'
     INVALID_INPUT: 'إدخال غير صحيح في'
     MISSING_REQUIRED_FIELD: 'حقل مطلوب مفقود:'
+    XSS_ISSUES: "مشاكل XSS محتملة تم اكتشافها في حقل '%s' '"
   MONTHS_OF_THE_YEAR:
     - 'كانون الثاني'
     - 'شباط'
@@ -72,6 +73,8 @@ GRAV:
     - 'الجمعة'
     - 'السبت'
     - 'الأحد'
+  YES: "نعم"
+  NO: "لا"
   CRON:
     EVERY: كل
     EVERY_HOUR: كل ساعة
@@ -80,3 +83,11 @@ GRAV:
     EVERY_DAY_OF_MONTH: كل يوم في الشهر
     EVERY_MONTH: ' كل شهر'
     TEXT_PERIOD: كل <b />
+    TEXT_MINS: ' في <b /> دقيقة(دقائق) بعد الساعة'
+    TEXT_TIME: ' في <b />:<b />'
+    TEXT_DOW: ' في <b />'
+    TEXT_MONTH: ' من <b />'
+    TEXT_DOM: ' في <b />'
+    ERROR1: الوسم %s غير مدعوم!
+    ERROR2: عدد عناصر غير صالح.
+    ERROR4: تعبير غير معروف

system/languages/bg.yaml

@@ -5,6 +5,7 @@ GRAV:
     BAD_DATE: Невалидна дата
     AGO: преди
     FROM_NOW: от сега
+    JUST_NOW: току що
     SECOND: секунда
     MINUTE: минута
     HOUR: час
@@ -60,3 +61,12 @@ GRAV:
     - 'петък'
     - 'събота'
     - 'неделя'
+  YES: "Да"
+  NO: "Не"
+  CRON:
+    EVERY: всеки
+    EVERY_HOUR: Всеки час
+    EVERY_MINUTE: Всяка минута
+    EVERY_DAY_OF_WEEK: Всеки ден от седмицата
+    EVERY_DAY_OF_MONTH: Всеки ден от месеца
+    EVERY_MONTH: Всеки месец

system/languages/ca.yaml

@@ -2,19 +2,20 @@
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# S'ha produït un error: Frontmatter invàlid\n\nRuta: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
+    - ''
     - 'informació'
-    - 'rice'
-    - 'money'
-    - 'species'
-    - 'series'
-    - 'fish'
-    - 'sheep'
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
   NICETIME:
     NO_DATE_PROVIDED: No s'ha proporcionat data
     BAD_DATE: Data invàlida
     AGO: abans
     FROM_NOW: des d'ara
+    JUST_NOW: Ara mateix
     SECOND: segon
     MINUTE: minut
     HOUR: hora
@@ -48,6 +49,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Ha fallat la validació:</b>'
     INVALID_INPUT: 'Entrada no vàlida a'
     MISSING_REQUIRED_FIELD: 'Falta camp obligatori:'
+    XSS_ISSUES: "Detectats potencials problemes XSS al camp '%s'"
   MONTHS_OF_THE_YEAR:
     - 'Gener'
     - 'Febrer'
@@ -69,3 +71,17 @@ GRAV:
     - 'Divendres'
     - 'Dissabte'
     - 'Diumenge'
+  YES: "Sí"
+  NO: "No"
+  CRON:
+    EVERY: cada
+    EVERY_HOUR: cada hora
+    EVERY_MINUTE: cada minut
+    EVERY_DAY_OF_WEEK: cada dia de la setmana
+    EVERY_DAY_OF_MONTH: cada dia del mes
+    EVERY_MONTH: cada mes
+    TEXT_PERIOD: Cada <b />
+    ERROR1: L'etiqueta %s no està suportada!
+    ERROR2: Nombre d'elements incorrecte
+    ERROR3: El jquery_element s'ha d'establir a la configuració de jqCron
+    ERROR4: Expressió no reconeguda

system/languages/cs.yaml

@@ -1,6 +1,6 @@
 ---
 GRAV:
-  FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Chyba: Chybný frontmatter\n\nPath: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Chyba: Chybná hlavička\n\nCesta: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
   INFLECTOR_PLURALS:
     '/(quiz)$/i': '\1zes'
     '/^(ox)$/i': '\1en'

system/languages/eo.yaml

@@ -0,0 +1,40 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Eraro: Nevalida Frontmatter\n\nVojo: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/sis$/i': 'j'
+  NICETIME:
+    FROM_NOW: ekde nun
+    JUST_NOW: Ĝuste nun
+    SECOND: sekundo
+    MINUTE: minuto
+    HOUR: horo
+    DAY: tago
+    WEEK: semajno
+    MONTH: monato
+    YEAR: jaro
+    DECADE: jardeko
+    SEC: sek.
+    MIN: min.
+    HR: horo
+    SECOND_PLURAL: sekundoj
+    MINUTE_PLURAL: minutoj
+    HOUR_PLURAL: horoj
+    DAY_PLURAL: tagoj
+    WEEK_PLURAL: semajnoj
+    MONTH_PLURAL: monatoj
+    YEAR_PLURAL: jaroj
+    DECADE_PLURAL: jardekoj
+  MONTHS_OF_THE_YEAR:
+    - 'januaro'
+    - 'februaro'
+    - 'marto'
+    - 'aprilo'
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''

system/languages/es.yaml

@@ -21,9 +21,9 @@ GRAV:
     'sex': 'sexos'
     'move': 'movido'
   INFLECTOR_ORDINALS:
-    'first': 'ro'
-    'second': 'do'
-    'third': 'ro'
+    'first': '.º'
+    'second': '.º'
+    'third': '.º'
   NICETIME:
     NO_DATE_PROVIDED: No se proporcionó fecha
     BAD_DATE: Fecha errónea
@@ -44,7 +44,7 @@ GRAV:
     WK: sem
     MO: mes
     YR: año
-    DEC: dic
+    DEC: déc
     SECOND_PLURAL: segundos
     MINUTE_PLURAL: minutos
     HOUR_PLURAL: horas
@@ -64,7 +64,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Falló la validación: </b>'
     INVALID_INPUT: 'Dato inválido en: '
     MISSING_REQUIRED_FIELD: 'Falta el campo requerido: '
-    XSS_ISSUES: "Se detectaron problemas XSS potenciales en el campo '%s'"
+    XSS_ISSUES: "Se detectaron potenciales problemas XSS en el campo '%s'"
   MONTHS_OF_THE_YEAR:
     - 'Enero'
     - 'Febrero'
@@ -86,7 +86,7 @@ GRAV:
     - 'Viernes'
     - 'Sábado'
     - 'Domingo'
-  YES: "Si"
+  YES: "Sí"
   NO: "No"
   CRON:
     EVERY: cada
@@ -96,12 +96,12 @@ GRAV:
     EVERY_DAY_OF_MONTH: cada día del mes
     EVERY_MONTH: cada mes
     TEXT_PERIOD: Cada <b />
-    TEXT_MINS: ' a <b /> minuto(s) despues de la hora'
+    TEXT_MINS: ' a <b /> minuto(s) después de la hora'
     TEXT_TIME: ' a <b />:<b />'
     TEXT_DOW: ' en <b />'
     TEXT_MONTH: ' de<b />'
     TEXT_DOM: ' en<b />'
-    ERROR1: La etiqueta %s no está soportada!
-    ERROR2: El número de elementos es erroneo
+    ERROR1: No se admite la etiqueta %s.
+    ERROR2: El número de elementos es erróneo
     ERROR3: El jquery_element debería establecerse en la configuración del jqCron
     ERROR4: Expresión no reconocida

system/languages/et.yaml

@@ -13,12 +13,12 @@ GRAV:
     '/(tive)s$/i': '\1'
     '/(hive)s$/i': '\1'
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
+    - ''
     - 'informatsioon'
     - 'riis'
     - 'raha'
-    - 'species'
-    - 'series'
+    - ''
+    - ''
     - 'kala'
     - 'lammas'
   INFLECTOR_IRREGULAR:
@@ -70,6 +70,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Kinnitamine nurjus:</b>'
     INVALID_INPUT: 'Vigane sisend:'
     MISSING_REQUIRED_FIELD: 'Nõutud väli puudub:'
+    XSS_ISSUES: "Tuvastasime '%s' väljal võimaliku XSS-riski"
   MONTHS_OF_THE_YEAR:
     - 'jaanuar'
     - 'veebruar'
@@ -91,11 +92,14 @@ GRAV:
     - 'reede'
     - 'laupäev'
     - 'pühapäev'
+  YES: "Jah"
+  NO: "Ei"
   CRON:
     EVERY: iga
     EVERY_HOUR: iga tund
     EVERY_MINUTE: iga minut
-    EVERY_DAY_OF_WEEK: iga nädala päev
+    EVERY_DAY_OF_WEEK: nädala igal päeval
+    EVERY_DAY_OF_MONTH: kuu igal päeval
     EVERY_MONTH: iga kuu
     TEXT_PERIOD: Iga <b />
     ERROR1: Silt %s pole toetatud!

system/languages/fi.yaml

@@ -45,12 +45,12 @@ GRAV:
     '/([ti])a$/i': '\1um'
     '/(n)ews$/i': '\1ews'
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
-    - 'information'
+    - ''
+    - ''
     - 'riisi'
     - 'raha'
     - 'lajit'
-    - 'series'
+    - ''
     - 'kala'
     - 'lammas'
   INFLECTOR_IRREGULAR:

system/languages/fr.yaml

@@ -22,8 +22,28 @@ GRAV:
     '/$/': 's'
   INFLECTOR_SINGULAR:
     '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1ix'
+    '/(vert|ind)ices$/i': '\1ex'
+    '/^(ox)en/i': '\1'
     '/(alias|status)es$/i': '\1'
     '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1ouse'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ovie'
+    '/(s)eries$/i': '\1eries'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
+    '/([ti])a$/i': '\1um'
+    '/(n)ews$/i': '\1ouvelles'
   INFLECTOR_UNCOUNTABLE:
     - 'équipement'
     - 'information'
@@ -58,10 +78,10 @@ GRAV:
     MONTH: mois
     YEAR: année
     DECADE: décennie
-    SEC: s
-    MIN: m
-    HR: h
-    WK: sem
+    SEC: sec.
+    MIN: min.
+    HR: hr.
+    WK: sem.
     MO: m
     YR: an
     DEC: déc
@@ -84,6 +104,7 @@ GRAV:
     VALIDATION_FAIL: '<b>La validation a échoué :</b>'
     INVALID_INPUT: 'Saisie non valide'
     MISSING_REQUIRED_FIELD: 'Champ obligatoire manquant :'
+    XSS_ISSUES: "Erreurs XSS probablement détectées dans le champ '%s'"
   MONTHS_OF_THE_YEAR:
     - 'janvier'
     - 'février'
@@ -105,6 +126,8 @@ GRAV:
     - 'vendredi'
     - 'samedi'
     - 'dimanche'
+  YES: "Oui"
+  NO: "Non"
   CRON:
     EVERY: chaque
     EVERY_HOUR: toutes les heures
@@ -118,7 +141,7 @@ GRAV:
     TEXT_DOW: ' sur <b/>'
     TEXT_MONTH: ' de <b />'
     TEXT_DOM: ' sur <b/>'
-    ERROR1: La balise %s n'est pas supportée!
+    ERROR1: La balise %s n'est pas prise en charge !
     ERROR2: Nombre invalide d'éléments
     ERROR3: L'élément jquery_element doit être défini dans les paramètres jqCron
     ERROR4: Expression non reconnue

system/languages/gl.yaml

@@ -104,6 +104,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Fallou a validación:</b>'
     INVALID_INPUT: 'Entrada incorrecta en'
     MISSING_REQUIRED_FIELD: 'Falta un campo requirido:'
+    XSS_ISSUES: "Detectáronse posibles problemas XSS no campo '% s'"
   MONTHS_OF_THE_YEAR:
     - 'xaneiro'
     - 'febreiro'
@@ -125,6 +126,8 @@ GRAV:
     - 'venres'
     - 'sábado'
     - 'domingo'
+  YES: "Si"
+  NO: "Non"
   CRON:
     EVERY: cada
     EVERY_HOUR: Cada hora

system/languages/he.yaml

@@ -1,11 +1,27 @@
 ---
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\nכותרת: %1$s\n---\n# שגיאה: Fronmatter לא חוקי\nנתיב: `%2$s`\n**%3$s**\n```\n%4$s\n```"
+  INFLECTOR_UNCOUNTABLE:
+    - 'ציוד'
+    - 'מידע'
+    - 'אורז'
+    - 'כסף'
+    - 'מינים'
+    - 'סדרה'
+    - 'דג'
+    - 'כבשה'
+  INFLECTOR_IRREGULAR:
+    'person': 'אנשים'
+    'man': 'גברים'
+    'child': 'ילדים'
+    'sex': 'מינים'
+    'move': 'מהלכים'
   NICETIME:
     NO_DATE_PROVIDED: לא סופק תאריך
     BAD_DATE: תאריך פגום
     AGO: לפני
     FROM_NOW: כרגע
+    JUST_NOW: כרגע
     SECOND: שנייה
     MINUTE: דקה
     HOUR: שעה
@@ -40,6 +56,7 @@ GRAV:
     VALIDATION_FAIL: '<b>האימות נכשל:</b>'
     INVALID_INPUT: 'קלט לא חוקי'
     MISSING_REQUIRED_FIELD: 'שדות חובה חסרים:'
+    XSS_ISSUES: "בעיות XSS פוטנציאליות זוהו בשדה '%s'"
   MONTHS_OF_THE_YEAR:
     - 'ינואר'
     - 'פברואר'
@@ -61,3 +78,22 @@ GRAV:
     - 'שישי'
     - 'שבת'
     - 'ראשון'
+  YES: "כן"
+  NO: "לא"
+  CRON:
+    EVERY: בכל
+    EVERY_HOUR: בכל שעה
+    EVERY_MINUTE: כל דקה
+    EVERY_DAY_OF_WEEK: כל יום בשבוע
+    EVERY_DAY_OF_MONTH: בכל יום בחודש
+    EVERY_MONTH: כל חודש
+    TEXT_PERIOD: כל  <b />
+    TEXT_MINS: 'ב <b /> דקות אחרי השעה'
+    TEXT_TIME: 'ב  <b />:<b />'
+    TEXT_DOW: 'ב  <b />'
+    TEXT_MONTH: 'של  <b />'
+    TEXT_DOM: 'ב  <b />'
+    ERROR1: התגית %s אינו נתמכת
+    ERROR2: מספר לא חוקי של משתנים.
+    ERROR3: יש להגדיר את ה-jquery_element להגדרות jqCron
+    ERROR4: ביטוי לא מזוהה

system/languages/hr.yaml

@@ -1,8 +1,9 @@
 ---
 GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nnaslov: %1$s\n---\n\n# Pogreška: nevažeći frontmatter\n\nPutanja datoteke: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
   INFLECTOR_UNCOUNTABLE:
     - 'oprema'
-    - 'informacije'
+    - 'informacija'
     - 'riža'
     - 'novac'
     - 'vrsta'
@@ -15,11 +16,17 @@ GRAV:
     'child': 'djeca'
     'sex': 'spolovi'
     'move': 'Pomakni'
+  INFLECTOR_ORDINALS:
+    'default': '.'
+    'first': '.'
+    'second': '.'
+    'third': '.'
   NICETIME:
     NO_DATE_PROVIDED: Datum nije upisan
     BAD_DATE: Pogrešan datum
     AGO: prije
     FROM_NOW: od sada
+    JUST_NOW: upravo sad
     SECOND: sekunda
     MINUTE: minuta
     HOUR: sat
@@ -29,6 +36,7 @@ GRAV:
     YEAR: godina
     DECADE: desetljeće
     SEC: sek
+    MIN: min
     HR: sat
     WK: t
     MO: m
@@ -53,6 +61,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Validacija nije uspjela:</b>'
     INVALID_INPUT: 'Pogrešan unos u'
     MISSING_REQUIRED_FIELD: 'Nedostaje obavezno polje:'
+    XSS_ISSUES: "Potencijalni XSS problemi otkriveni u polju '%s'"
   MONTHS_OF_THE_YEAR:
     - 'Siječanj'
     - 'Veljača'
@@ -74,3 +83,22 @@ GRAV:
     - 'Petak'
     - 'Subota'
     - 'Nedjelja'
+  YES: "Da"
+  NO: "Ne"
+  CRON:
+    EVERY: svaki
+    EVERY_HOUR: svaki sat
+    EVERY_MINUTE: svake minute
+    EVERY_DAY_OF_WEEK: svaki dan u tjednu
+    EVERY_DAY_OF_MONTH: svaki dan u mjesecu
+    EVERY_MONTH: svaki mjesec
+    TEXT_PERIOD: Svakih <b />
+    TEXT_MINS: ' u <b /> minut(e) nakon sata'
+    TEXT_TIME: ' u <b />:<b />'
+    TEXT_DOW: ' na <b />'
+    TEXT_MONTH: '  <b />'
+    TEXT_DOM: ' na <b />'
+    ERROR1: Oznaka %s nije podržana!
+    ERROR2: Pogrešan broj elemenata.
+    ERROR3: jquery_element treba postaviti u postavke jqCron
+    ERROR4: Izraz nije prepoznat

system/languages/id.yaml

@@ -3,26 +3,72 @@ GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Error: Frontmatter tidak valid\n\nLokasi: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
   INFLECTOR_PLURALS:
     '/(quiz)$/i': '\1zes'
+    '/^(ox)$/i': '\1en'
+    '/([m|l])ouse$/i': '\1ice'
+    '/(matr|vert|ind)ix|ex$/i': '\1ices'
+    '/(x|ch|ss|sh)$/i': '\1es'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([^aeiouy]|qu)y$/i': '\1ies'
+    '/(hive)$/i': '\1s'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2ves'
+    '/sis$/i': 'ses'
+    '/([ti])um$/i': '\1a'
+    '/(buffal|tomat)o$/i': '\1oes'
+    '/(bu)s$/i': '\1ses'
+    '/(alias|status)/i': '\1es'
+    '/(octop|vir)us$/i': '\1i'
+    '/(ax|test)is$/i': '\1es'
+    '/s$/i': 's'
+    '/$/': 's'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1ix'
+    '/(vert|ind)ices$/i': '\1ex'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1ouse'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ovie'
+    '/(s)eries$/i': '\1eries'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
+    '/([ti])a$/i': '\1um'
+    '/(n)ews$/i': '\1ews'
   INFLECTOR_UNCOUNTABLE:
-    - 'peralatan'
-    - 'informasi'
-    - 'nasi'
-    - 'uang'
-    - 'spesies'
-    - 'rangkaian'
-    - 'ikan'
-    - 'domba'
+    - 'Peralatan'
+    - 'Informasi '
+    - 'Nasi'
+    - 'Uang'
+    - 'Jenis'
+    - 'Seri'
+    - 'Ikan'
+    - 'Domba'
   INFLECTOR_IRREGULAR:
-    'person': 'orang-orang'
-    'man': 'laki-laki'
-    'child': 'anak-anak'
-    'sex': 'jenis kelamin'
+    'person': 'Orang-orang'
+    'man': 'Pria'
+    'child': 'Balita'
+    'sex': 'Jenis Kelamin'
     'move': 'pindahkan'
+  INFLECTOR_ORDINALS:
+    'default': 'ke'
+    'first': 'pertama'
+    'second': 'nd'
+    'third': 'rd'
   NICETIME:
-    NO_DATE_PROVIDED: Tanggal tidak tersedia
+    NO_DATE_PROVIDED: Tidak ada tanggal yang disediakan
     BAD_DATE: Format tanggal salah
     AGO: yang lalu
-    FROM_NOW: dari saat ini
+    FROM_NOW: dari sekarang
     JUST_NOW: baru saja
     SECOND: detik
     MINUTE: menit
@@ -32,12 +78,12 @@ GRAV:
     MONTH: bulan
     YEAR: tahun
     DECADE: dekade
-    SEC: dtk
-    MIN: mnt
-    HR: j
-    WK: mng
-    MO: bln
-    YR: thn
+    SEC: detik
+    MIN: menit
+    HR: ' jam'
+    WK: minggu
+    MO: bulan
+    YR: tahun
     DEC: desimal
     SECOND_PLURAL: detik
     MINUTE_PLURAL: menit
@@ -47,17 +93,18 @@ GRAV:
     MONTH_PLURAL: bulan
     YEAR_PLURAL: tahun
     DECADE_PLURAL: dekade
-    SEC_PLURAL: dtk
-    MIN_PLURAL: mnt
-    HR_PLURAL: j
-    WK_PLURAL: mgg
-    MO_PLURAL: bln
-    YR_PLURAL: thn
+    SEC_PLURAL: detik
+    MIN_PLURAL: menit
+    HR_PLURAL: jam
+    WK_PLURAL: minggu
+    MO_PLURAL: bulan
+    YR_PLURAL: tahun
     DEC_PLURAL: dekade
   FORM:
     VALIDATION_FAIL: '<b>Validasi gagal:</b>'
     INVALID_INPUT: 'Input tidak valid di'
     MISSING_REQUIRED_FIELD: 'Data yang diperlukan belum terisi:'
+    XSS_ISSUES: "Isu berpotensial XSS terdeteksi dalam baris %s"
   MONTHS_OF_THE_YEAR:
     - 'Januari'
     - 'Februari'
@@ -76,22 +123,25 @@ GRAV:
     - 'Selasa'
     - 'Rabu'
     - 'Kamis'
-    - 'Jumat'
+    - 'Jum''at'
     - 'Sabtu'
     - 'Minggu'
+  YES: "Ya"
+  NO: "Tidak"
   CRON:
     EVERY: Setiap
     EVERY_HOUR: Setiap jam
     EVERY_MINUTE: Setiap menit
     EVERY_DAY_OF_WEEK: Setiap hari selama seminggu
-    EVERY_DAY_OF_MONTH: pada tanggal setiap bulannya
+    EVERY_DAY_OF_MONTH: Setiap hari dalam sebulan
     EVERY_MONTH: setiap bulan
     TEXT_PERIOD: Setiap <b />
+    TEXT_MINS: 'dalam <b />  menit setelah jam yang lalu'
     TEXT_TIME: ' pada <b />:<b />'
     TEXT_DOW: ' pada <b />'
     TEXT_MONTH: ' pada <b />'
     TEXT_DOM: ' pada <b />'
     ERROR1: Tag %s tidak didukung!
-    ERROR2: Jumlah elemen tidak valid
-    ERROR3: jquery_element harus ditetapkan ke pengaturan jqCron
-    ERROR4: Ekspresi tidak dikenali
+    ERROR2: Jumlah elemen yang buruk
+    ERROR3: jquery_element harus diatur ke dalam pengaturan jqCron
+    ERROR4: Ekspresi tidak dikenal

system/languages/is.yaml

@@ -2,14 +2,14 @@
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitill: %1$s\n---\n\n# Villa: Ógilt efni á forsíðu\n\nSlóð: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
+    - ''
     - 'upplýsingar'
-    - 'rice'
-    - 'money'
-    - 'species'
-    - 'series'
-    - 'fish'
-    - 'sheep'
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
+    - ''
   NICETIME:
     NO_DATE_PROVIDED: Engin dagsetning gefin
     BAD_DATE: Röng dagsetning

system/languages/ja.yaml

@@ -1,12 +1,12 @@
 ---
 GRAV:
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
+    - ''
     - '情報'
-    - 'rice'
+    - ''
     - 'お金'
-    - 'species'
-    - 'series'
+    - ''
+    - ''
     - '魚'
     - 'ヒツジ'
   INFLECTOR_IRREGULAR:

system/languages/ko.yaml

@@ -1,11 +1,23 @@
 ---
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# 오류: 무효의 Frontmatter\n\n경로: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_UNCOUNTABLE:
+    - '장비'
+    - '정보'
+    - ''
+    - ''
+    - ''
+    - '시리즈'
+    - '물고기'
+    - ''
+  INFLECTOR_IRREGULAR:
+    'person': '사람들'
   NICETIME:
     NO_DATE_PROVIDED: 제공된 날짜가 없습니다
     BAD_DATE: 잘못된 날짜
     AGO: 전
     FROM_NOW: 후
+    JUST_NOW: 방금
     SECOND: 초
     MINUTE: 분
     HOUR: 시간
@@ -40,6 +52,7 @@ GRAV:
     VALIDATION_FAIL: '<b>유효성 검사 실패:</b>'
     INVALID_INPUT: '잘못된 입력'
     MISSING_REQUIRED_FIELD: '누락 된 필수 필드:'
+    XSS_ISSUES: "'%s' 필드에서 잠재적인 XSS 문제가 감지되었습니다."
   MONTHS_OF_THE_YEAR:
     - '일월'
     - '이월'
@@ -61,3 +74,17 @@ GRAV:
     - '금요일'
     - '토요일'
     - '일요일'
+  YES: "네"
+  NO: "아니요"
+  CRON:
+    EVERY: 모두
+    EVERY_HOUR: 매 시간
+    EVERY_MINUTE: 매 분
+    EVERY_DAY_OF_WEEK: 일주일간 매일
+    EVERY_DAY_OF_MONTH: 일개월간 매일
+    EVERY_MONTH: 매달
+    TEXT_PERIOD: 모든 <b />
+    ERROR1: '%s 태그는 지원되지 않습니다. '
+    ERROR2: 잘못된 요소 수
+    ERROR3: jquery_element는 jqCron 설정에서 설정할 수 있습니다.
+    ERROR4: 인식할 수 없는 표현 

system/languages/lt.yaml

@@ -2,8 +2,8 @@
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Klaida: klaidinga įžanginė konfigūracija\n\nPath: `%2$s`\n\n**%3$s**\n\n```\n %4$s\n```"
   INFLECTOR_UNCOUNTABLE:
-    - 'equipment'
-    - 'information'
+    - ''
+    - ''
     - 'ryžiai'
     - 'pinigai'
     - 'prieskoniai'

system/languages/lv.yaml

@@ -0,0 +1,84 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nNosaukums: %1$s\n---\n\n# Kļūda: Nederīgs Frontmatter\n\nCeļš: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_ORDINALS:
+    'default': '.'
+    'first': '.'
+    'second': '.'
+    'third': '.'
+  NICETIME:
+    NO_DATE_PROVIDED: Nav norādīts datums
+    BAD_DATE: Nederīgs datums
+    AGO: iepriekš
+    FROM_NOW: no šī brīža
+    JUST_NOW: tikko
+    SECOND: sekundes
+    MINUTE: minūte
+    HOUR: stunda
+    DAY: diena
+    WEEK: nedēļa
+    MONTH: mēnesis
+    YEAR: gads
+    DECADE: dekāde
+    SEC: s
+    MIN: m
+    HR: st
+    WK: ned
+    MO: mēn.
+    YR: g.
+    DEC: dec
+    SECOND_PLURAL: sekundes
+    MINUTE_PLURAL: minūtes
+    HOUR_PLURAL: stundas
+    DAY_PLURAL: dienas
+    WEEK_PLURAL: nedēļas
+    MONTH_PLURAL: mēneši
+    YEAR_PLURAL: gadi
+    DECADE_PLURAL: desmitgades
+    SEC_PLURAL: s
+    MIN_PLURAL: m
+    HR_PLURAL: st.
+    WK_PLURAL: ned.
+    MO_PLURAL: mēn.
+    YR_PLURAL: g.
+    DEC_PLURAL: d
+  FORM:
+    VALIDATION_FAIL: '<b>Validācija neizdevās:</b>'
+    INVALID_INPUT: 'Nederīga ievade'
+    MISSING_REQUIRED_FIELD: 'Laukā trūkst datu'
+    XSS_ISSUES: "Atrastas iespējamas XSS problēmas laukā '%s'"
+  MONTHS_OF_THE_YEAR:
+    - 'Janvāris'
+    - 'Februāris'
+    - 'Marts'
+    - 'Aprīlis'
+    - 'Maijs'
+    - 'Jūnijs'
+    - 'Jūlijs'
+    - 'Augusts'
+    - 'Septembris'
+    - 'Oktobris'
+    - 'Novembris'
+    - 'Decembris'
+  DAYS_OF_THE_WEEK:
+    - 'Pirmdiena'
+    - 'Otrdiena'
+    - 'Trešdiena'
+    - 'Ceturtdiena'
+    - 'Piektdiena'
+    - 'Sestdiena'
+    - 'Svētdiena'
+  YES: "Jā"
+  NO: "Nē"
+  CRON:
+    EVERY: katru
+    EVERY_HOUR: katru stundu
+    EVERY_MINUTE: katru minūti
+    EVERY_DAY_OF_WEEK: katru nedēļas dienu
+    EVERY_DAY_OF_MONTH: katru mēneša dienu
+    EVERY_MONTH: katru mēnesi
+    TEXT_PERIOD: Katru <b />
+    ERROR1: Marķieris %s nav atbalstīts!
+    ERROR2: Nederīgs elementu skaits
+    ERROR3: jquery_element nevajadzētu definēt jqCron iestatījumos
+    ERROR4: Neatpazīta izteiksme

system/languages/mn.yaml

@@ -0,0 +1,147 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nГарчиг: %1$s\n---\n\n# Алдаа: Буруу Формат\n\nЗам: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/(quiz)$/i': '\1зүүд'
+    '/^(ox)$/i': '\1ууд'
+    '/([m|l])ouse$/i': '\1ууд'
+    '/(matr|vert|ind)ix|ex$/i': '\1иксүүд'
+    '/(x|ch|ss|sh)$/i': '\1үүд'
+    '/([^aeiouy]|qu)ies$/i': '\1үүд'
+    '/([^aeiouy]|qu)y$/i': '\1үүд'
+    '/(hive)$/i': '\1үүд'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2үүд'
+    '/sis$/i': 'үүд'
+    '/([ti])um$/i': '\1үүд'
+    '/(buffal|tomat)o$/i': '\1үүд'
+    '/(bu)s$/i': '\1үүд'
+    '/(alias|status)/i': '\1үүд'
+    '/(octop|vir)us$/i': '\1үүд'
+    '/(ax|test)is$/i': '\1үүд'
+    '/s$/i': 'үүд'
+    '/$/': 'үүд'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1икс'
+    '/(vert|ind)ices$/i': '\1икс'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1'
+    '/(cris|ax|test)es$/i': '\1'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1'
+    '/(s)eries$/i': '\1'
+    '/([^aeiouy]|qu)ies$/i': '\1үүд'
+    '/([lr])ves$/i': '\1'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1'
+    '/(^analy)ses$/i': '\1'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2үүд'
+    '/([ti])a$/i': '\1'
+    '/(n)ews$/i': '\1'
+  INFLECTOR_UNCOUNTABLE:
+    - 'тоног төхөөрөмж'
+    - 'Мэдээлэл'
+    - 'будаа'
+    - 'мөнгө'
+    - 'төрөл зүйл'
+    - 'цуврал'
+    - 'загас'
+    - 'хонь'
+  INFLECTOR_IRREGULAR:
+    'person': 'хүмүүс'
+    'man': 'эрчүүд'
+    'child': 'хүүхэд'
+    'sex': 'хүйс'
+    'move': 'хөдөлгөөн'
+  INFLECTOR_ORDINALS:
+    'default': 'th'
+    'first': 'st'
+    'second': 'nd'
+    'third': 'rd'
+  NICETIME:
+    NO_DATE_PROVIDED: Огноо алга
+    BAD_DATE: Буруу огноо
+    AGO: өмнө 
+    FROM_NOW: одооноос
+    JUST_NOW: дөнгөж сая
+    SECOND: секунд
+    MINUTE: минут
+    HOUR: цаг
+    DAY: өдөр
+    WEEK: долоо хоног
+    MONTH: сар
+    YEAR: он
+    DECADE: арван жил
+    SEC: сек
+    MIN: мин
+    HR: цаг
+    WK: д.х.
+    MO: сар
+    YR: он
+    DEC: арван жил
+    SECOND_PLURAL: секунд
+    MINUTE_PLURAL: минут
+    HOUR_PLURAL: цаг
+    DAY_PLURAL: өдрүүд
+    WEEK_PLURAL: долоо хоногууд
+    MONTH_PLURAL: сарууд
+    YEAR_PLURAL: онууд
+    DECADE_PLURAL: арван жилүүд
+    SEC_PLURAL: сек.-үүд
+    MIN_PLURAL: мин.-ууд
+    HR_PLURAL: цагууд
+    WK_PLURAL: д.х.-ууд
+    MO_PLURAL: сарууд
+    YR_PLURAL: жилүүд
+    DEC_PLURAL: арван жилүүд
+  FORM:
+    VALIDATION_FAIL: '<b>Баталгаажуулалт амжилтгүй боллоо:</b>'
+    INVALID_INPUT: 'Буруу өгөгдөл дараахид'
+    MISSING_REQUIRED_FIELD: 'Шаардлагатай талбар дутуу байна:'
+    XSS_ISSUES: "'%s' талбарт XSS -ийн болзошгүй асуудлууд илэрсэн"
+  MONTHS_OF_THE_YEAR:
+    - '1-р сар'
+    - '2-р сар'
+    - '3-р сар'
+    - '4-р сар'
+    - '5 сар'
+    - '6 сар'
+    - '7 сар'
+    - '8 сар'
+    - '9 сар'
+    - '10 сар'
+    - '11 сар'
+    - '12 сар'
+  DAYS_OF_THE_WEEK:
+    - 'Даваа гараг'
+    - 'Мягмар гараг'
+    - 'Лхагва гараг'
+    - 'Пүрэв гараг'
+    - 'Баасан гараг'
+    - 'Бямба гараг'
+    - 'Ням гараг'
+  YES: "Тийм"
+  NO: "Үгүй"
+  CRON:
+    EVERY: бүрийн
+    EVERY_HOUR: цаг бүрийн
+    EVERY_MINUTE: минут бүрийн
+    EVERY_DAY_OF_WEEK: долоо хоногийн өдөр болгонд
+    EVERY_DAY_OF_MONTH: сарын өдөр болгонд
+    EVERY_MONTH: сар болгон
+    TEXT_PERIOD: Бүрийн  <b />
+    TEXT_MINS: '  <b /> энэ сүүлийн цагийн минутад'
+    TEXT_TIME: '  <b />:<b /> -д'
+    TEXT_DOW: '  <b /> -д'
+    TEXT_MONTH: '  <b /> -ын'
+    TEXT_DOM: '  <b /> -т'
+    ERROR1: '%s -н утга нь дэмжигддэггүй!'
+    ERROR2: Элементүүдийн тоо хэмжээ буруу
+    ERROR3: jquery_element нь jqCron тохиргоонд хийгдсэн байх ёстой
+    ERROR4: Танигдаагүй илэрхийлэл

system/languages/my.yaml

@@ -0,0 +1,147 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nခေါင်းစဥ်: %1$s\n---\n\n# အမှား - Frontmatter မမှန်ကန်ပါ\n\nလမ်းကြောင်း `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/(quiz)$/i': '\1zes'
+    '/^(ox)$/i': '\1en'
+    '/([m|l])ouse$/i': '\1ice'
+    '/(matr|vert|ind)ix|ex$/i': '\1ices'
+    '/(x|ch|ss|sh)$/i': '\1es'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([^aeiouy]|qu)y$/i': '\1ies'
+    '/(hive)$/i': '\1s'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2ves'
+    '/sis$/i': 'ses'
+    '/([ti])um$/i': '\1a'
+    '/(buffal|tomat)o$/i': '\1oes'
+    '/(bu)s$/i': '\1ses'
+    '/(alias|status)/i': '\1es'
+    '/(octop|vir)us$/i': '\1i'
+    '/(ax|test)is$/i': '\1es'
+    '/s$/i': 's'
+    '/$/': 's'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1ix'
+    '/(vert|ind)ices$/i': '\1ex'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1ouse'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ovie'
+    '/(s)eries$/i': '\1eries'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
+    '/([ti])a$/i': '\1um'
+    '/(n)ews$/i': '\1ews'
+  INFLECTOR_UNCOUNTABLE:
+    - 'ကိရိယာ'
+    - 'အချက်အလက်'
+    - 'ဆန်'
+    - 'ငွေ'
+    - 'မျိုးစိတ်'
+    - 'အတွဲများ'
+    - 'ငါး'
+    - 'သိုးများ'
+  INFLECTOR_IRREGULAR:
+    'person': 'လူ'
+    'man': 'ယောက်ျား'
+    'child': 'ကလေးများ'
+    'sex': 'လိင်'
+    'move': 'ရွှေ့ခြင်း'
+  INFLECTOR_ORDINALS:
+    'default': 'th'
+    'first': 'st'
+    'second': 'nd'
+    'third': 'rd'
+  NICETIME:
+    NO_DATE_PROVIDED: နေ့စွဲ မသတ်မှတ်ထား
+    BAD_DATE: ရက်စွဲမမှန်ပါ
+    AGO: လွန်ခဲ့တဲ့
+    FROM_NOW: ယခုမှ
+    JUST_NOW: အခုပဲ
+    SECOND: ဒုတိယ
+    MINUTE: မိနစ်
+    HOUR: နာရီ
+    DAY: နေ့
+    WEEK: တစ်ပတ်
+    MONTH: လ
+    YEAR: နှစ်
+    DECADE: ဆယ်စုနှစ်
+    SEC: စက္ကန့်
+    MIN: မိနစ်
+    HR: နာရီ
+    WK: တစ်ပတ်
+    MO: လ
+    YR: နှစ်
+    DEC: ဒီဇင်ဘာ
+    SECOND_PLURAL: စက္ကန့်
+    MINUTE_PLURAL: မိနစ်
+    HOUR_PLURAL: နာရီ
+    DAY_PLURAL: နေ့
+    WEEK_PLURAL: ရက်သတ္တပတ်
+    MONTH_PLURAL: လ
+    YEAR_PLURAL: နှစ်
+    DECADE_PLURAL: ဆယ်စုနှစ်များစွ
+    SEC_PLURAL: စက္ကန့်
+    MIN_PLURAL: မိနစ်
+    HR_PLURAL: နာရီ
+    WK_PLURAL: အပတ်
+    MO_PLURAL: လ
+    YR_PLURAL: နှစ်
+    DEC_PLURAL: ဆယ်စုနှစ်
+  FORM:
+    VALIDATION_FAIL: '<b> အတည်ပြုခြင်းမအောင်မြင်ပါ: </b>'
+    INVALID_INPUT: 'ထည့်သွင်းမှုမမှန်ပါ'
+    MISSING_REQUIRED_FIELD: 'လိုအပ်သောအကွက်ပျောက်နေသည်'
+    XSS_ISSUES: "XSS ပြဿနာ ဖြစ်နိုင်ချေ ကို '%s' အကွက်တွင် တွေ့"
+  MONTHS_OF_THE_YEAR:
+    - 'ဇန်နဝါရီ'
+    - 'ဖေဖော်ဝါရီ'
+    - 'မတ်'
+    - 'ဧပြီ'
+    - 'မေ'
+    - 'ဇွန်'
+    - 'ဇူလိုင်'
+    - 'သြဂုတ်'
+    - 'စက်တင်ဘာ'
+    - 'အောက်တိုဘာ'
+    - 'နိုဝင်ဘာ'
+    - 'ဒီဇင်ဘာ'
+  DAYS_OF_THE_WEEK:
+    - 'တနင်္လာ'
+    - ' အင်္ဂါ'
+    - 'ဗုဒ္ဓဟူး'
+    - 'ကြာသပတေး'
+    - 'သောကြာ'
+    - 'စနေ'
+    - 'တနင်္ဂနွေ'
+  YES: "လုပ်"
+  NO: "မလုပ်"
+  CRON:
+    EVERY: အမြဲတမ်း
+    EVERY_HOUR: နာရီတိုင်း
+    EVERY_MINUTE: မိနစ်တိုင်း
+    EVERY_DAY_OF_WEEK: တစ်ပတ်လုံး နေ့တိုင်း
+    EVERY_DAY_OF_MONTH: တစ်လလုံး နေ့တိုင်း
+    EVERY_MONTH: လစဉ်လတိုင်း
+    TEXT_PERIOD: </b>တိုင်း
+    TEXT_MINS: 'နာရီ ကျော်ပြီး <b /> မိနစ် တွင်'
+    TEXT_TIME: ' <b />:<b /> တွင် '
+    TEXT_DOW: '<b /> ပေါ်တွင်  '
+    TEXT_MONTH: '<b />၏ '
+    TEXT_DOM: '<b /> တွင် '
+    ERROR1: ဤ %s တက် ကိုပံ့ပိုးမထားပါ။
+    ERROR2: လိုအပ်သောထည့်သွင်း နာပတ် အမှားဖြစ်နေသည်
+    ERROR3: jquery_element ကို jqCron ဆက်တင် တွင်ထားရမည်
+    ERROR4: အသိအမှတ်မပြုသော အသုံးအနှုန်း

system/languages/nl.yaml

@@ -104,6 +104,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Validatie mislukt:</b>'
     INVALID_INPUT: 'Ongeldige invoer in'
     MISSING_REQUIRED_FIELD: 'Ontbrekend verplicht veld:'
+    XSS_ISSUES: "Mogelijke XSS-problemen ontdekt in '%s' veld"
   MONTHS_OF_THE_YEAR:
     - 'Januari'
     - 'Februari'
@@ -125,6 +126,8 @@ GRAV:
     - 'Vrijdag'
     - 'Zaterdag'
     - 'Zondag'
+  YES: "Ja"
+  NO: "Nee"
   CRON:
     EVERY: elke
     EVERY_HOUR: elk uur

system/languages/pl.yaml

@@ -6,10 +6,10 @@ GRAV:
   INFLECTOR_UNCOUNTABLE:
     - 'wyposażenie'
     - 'informacja'
-    - 'rice'
+    - ''
     - 'pieniądze'
-    - 'species'
-    - 'series'
+    - ''
+    - ''
     - 'ryba'
     - 'owca'
   INFLECTOR_IRREGULAR:

system/languages/pt.yaml

@@ -67,7 +67,7 @@ GRAV:
   NICETIME:
     NO_DATE_PROVIDED: Nenhuma data fornecida
     BAD_DATE: Data inválida
-    AGO: atrás
+    AGO: há
     FROM_NOW: a partir de agora
     JUST_NOW: mesmo agora
     SECOND: segundo
@@ -104,6 +104,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Falha na validação:</b>'
     INVALID_INPUT: 'Dados inseridos são inválidos em'
     MISSING_REQUIRED_FIELD: 'Campo obrigatório em falta:'
+    XSS_ISSUES: "Potenciais problemas de XSS detectados no campo '%s'"
   MONTHS_OF_THE_YEAR:
     - 'Janeiro'
     - 'Fevereiro'
@@ -125,6 +126,8 @@ GRAV:
     - 'Sexta-feira'
     - 'Sábado'
     - 'Domingo'
+  YES: "Sim"
+  NO: "Não"
   CRON:
     EVERY: cada
     EVERY_HOUR: cada hora

system/languages/ru.yaml

@@ -1,6 +1,16 @@
 ---
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Ошибка: недопустимое содержимое Frontmatter\n\nПуть: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_SINGULAR:
+    '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': "\\1\n"
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
   INFLECTOR_UNCOUNTABLE:
     - 'экипировка'
     - 'информация'

system/languages/si.yaml

@@ -0,0 +1,120 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nමාතෘකාව: %1$s\n---\n\n# දෝෂය: වලංගු නොවන ඉදිරිපස\n\nමාර්ගය: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/([m|l])ouse$/i': '\1අයිස්'
+    '/(matr|vert|ind)ix|ex$/i': '\1අයිස්'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2වෙස්'
+    '/([ti])um$/i': '\1අ'
+    '/(buffal|tomat)o$/i': '\1ඕඑස්'
+    '/(bu)s$/i': '\1සෙස්'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1 අප'
+    '/(cris|ax|test)es$/i': '\1 වේ'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1 භාවිතා කරන්න'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ඕවී'
+    '/(s)eries$/i': '\1මාලා'
+    '/(^analy)ses$/i': '\1සිස්'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2සිස්'
+    '/([ti])a$/i': '\1ම්'
+  INFLECTOR_UNCOUNTABLE:
+    - 'උපකරණ'
+    - 'විස්තර'
+    - 'සහල්'
+    - 'මුදල'
+    - 'විශේෂ'
+    - 'මාලාවක්'
+    - 'මාළු'
+    - 'බැටළුවන්'
+  INFLECTOR_IRREGULAR:
+    'person': 'මහජන'
+    'man': 'මිනිසුන්'
+    'child': 'දරුවන්'
+    'sex': 'ලිංගිකත්වය'
+    'move': 'චලනය කරයි'
+  INFLECTOR_ORDINALS:
+    'first': 'ශාන්ත'
+  NICETIME:
+    NO_DATE_PROVIDED: දිනයක් සපයා නැත
+    BAD_DATE: නරක දිනය
+    AGO: පෙර
+    FROM_NOW: මෙතැන් සිට
+    JUST_NOW: මේ දැන්
+    SECOND: දෙවැනි
+    MINUTE: මිනිත්තුව
+    HOUR: පැය
+    DAY: දින
+    WEEK: සතිය
+    MONTH: මස
+    YEAR: වර්ෂය
+    DECADE: දශකය
+    SEC: තත්පර
+    MIN: මිනි
+    HR: පැය
+    YR: වසර
+    DEC: දෙසැ
+    SECOND_PLURAL: තත්පර
+    MINUTE_PLURAL: මිනිත්තු
+    HOUR_PLURAL: පැය
+    DAY_PLURAL: දින
+    WEEK_PLURAL: සති
+    MONTH_PLURAL: මාස
+    YEAR_PLURAL: වසර
+    DECADE_PLURAL: දශක
+    SEC_PLURAL: තත්පර
+    MIN_PLURAL: මිනිත්තු
+    HR_PLURAL: පැය
+    WK_PLURAL: සති
+    YR_PLURAL: වසර
+    DEC_PLURAL: දෙසැ
+  FORM:
+    VALIDATION_FAIL: '<b>වලංගු කිරීම අසාර්ථක විය:</b>'
+    INVALID_INPUT: 'වලංගු නොවන ආදානය'
+    MISSING_REQUIRED_FIELD: 'අවශ්‍ය ක්ෂේත්‍රය අස්ථානගත වී ඇත:'
+    XSS_ISSUES: "විභව XSS ගැටළු '%s' ක්ෂේත්‍රයේ අනාවරණය විය"
+  MONTHS_OF_THE_YEAR:
+    - 'ජනවාරි'
+    - 'පෙබරවාරි'
+    - 'මාර්තු'
+    - 'අප්රේල්'
+    - 'මැයි'
+    - 'ජූනි'
+    - 'ජුලි'
+    - 'අගෝස්තු'
+    - 'සැප්තැම්බර්'
+    - 'ඔක්තෝම්බර්'
+    - 'නොවැම්බර්'
+    - 'දෙසැම්බර්'
+  DAYS_OF_THE_WEEK:
+    - 'සඳුදා'
+    - 'අඟහරුවාදා'
+    - 'බදාදා'
+    - 'බ්රහස්පතින්දා'
+    - 'සිකුරාදා'
+    - 'සෙනසුරාදා'
+    - 'ඉරිදා'
+  YES: "ඔව්"
+  NO: "නැත"
+  CRON:
+    EVERY: සෑම
+    EVERY_HOUR: සෑම පැයකටම
+    EVERY_MINUTE: සෑම විනාඩියකටම
+    EVERY_DAY_OF_WEEK: සතියේ සෑම දිනකම
+    EVERY_DAY_OF_MONTH: මාසයේ සෑම දිනකම
+    EVERY_MONTH: සෑම මාසයකම
+    TEXT_PERIOD: සෑම <b />
+    TEXT_MINS: ' පැයට පසු විනාඩි <b /> කින්'
+    TEXT_TIME: ' <b />:<b />ට'
+    TEXT_DOW: ' <b />මත'
+    TEXT_MONTH: ' <b />'
+    TEXT_DOM: ' <b />මත'
+    ERROR1: ටැගය %s සහාය නොදක්වයි!
+    ERROR2: නරක මූලද්රව්ය සංඛ්යාව
+    ERROR3: jquery_element jqCron සැකසුම් වලට සැකසිය යුතුය
+    ERROR4: හඳුනා නොගත් ප්‍රකාශනය

system/languages/sl.yaml

@@ -1,6 +1,17 @@
 ---
 GRAV:
   FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Napaka: Neveljavna Frontmatter\n\nPath: `%2$s`\n\n**%3$s ** \n\n```\n%4$s \n```"
+  INFLECTOR_UNCOUNTABLE:
+    - 'oprema'
+    - 'informacija'
+    - 'riž'
+    - 'denar'
+    - 'vrste'
+    - 'serija'
+    - 'riba'
+    - 'ovca'
+  INFLECTOR_IRREGULAR:
+    'person': 'ljudje'
   NICETIME:
     NO_DATE_PROVIDED: Datum ni na voljo
     BAD_DATE: Neveljaven datum
@@ -43,15 +54,15 @@ GRAV:
     - 'Januar'
     - 'Februar'
     - 'Marec'
-    - 'April'
+    - 'april'
     - 'Maj'
     - 'Junij'
     - 'Julij'
     - 'Avgust'
-    - 'September'
+    - 'september'
     - 'Oktober'
-    - 'November'
-    - 'December'
+    - 'november'
+    - 'december'
   DAYS_OF_THE_WEEK:
     - 'Ponedeljek'
     - 'Torek'
@@ -60,3 +71,15 @@ GRAV:
     - 'Petek'
     - 'Sobota'
     - 'Nedelja'
+  YES: "Da"
+  NO: "Ne"
+  CRON:
+    EVERY: vsak
+    EVERY_HOUR: vsako uro
+    EVERY_MINUTE: vsako minuto
+    EVERY_DAY_OF_WEEK: vsak dan v tednu
+    EVERY_DAY_OF_MONTH: vsak dan v mesecu
+    EVERY_MONTH: vsak mesec
+    ERROR1: Oznaka %s ni podprta!
+    ERROR2: Napačno število elementov.
+    ERROR4: Neznan izraz

system/languages/sr.yaml

@@ -104,6 +104,7 @@ GRAV:
     VALIDATION_FAIL: '<b>Провера неуспела:</b>'
     INVALID_INPUT: 'Неисправан унос у'
     MISSING_REQUIRED_FIELD: 'Недостаје обавезн поље:'
+    XSS_ISSUES: "Потенцијална грешка у XSS-у детектована у пољу '%s' "
   MONTHS_OF_THE_YEAR:
     - 'Јануар'
     - 'Фебруар'
@@ -125,6 +126,8 @@ GRAV:
     - 'Петак'
     - 'Субота'
     - 'Недеља'
+  YES: "Да"
+  NO: "Не"
   CRON:
     EVERY: сваки
     EVERY_HOUR: сваки сат

system/languages/sw.yaml

@@ -0,0 +1,147 @@
+---
+GRAV:
+  FRONTMATTER_ERROR_PAGE: "---\nkichwa: %1$s\n---\n\n# Kosa: Mbele ya Mbele\n\nNjia: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/(quiz)$/i': '\1zes'
+    '/^(ox)$/i': '\1en'
+    '/([m|l])ouse$/i': '\1ice'
+    '/(matr|vert|ind)ix|ex$/i': '\1ices'
+    '/(x|ch|ss|sh)$/i': '\1es'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([^aeiouy]|qu)y$/i': '\1ies'
+    '/(hive)$/i': '\1s'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2ves'
+    '/sis$/i': 'ses'
+    '/([ti])um$/i': '\1a'
+    '/(buffal|tomat)o$/i': '\1oes'
+    '/(bu)s$/i': '\1ses'
+    '/(alias|status)/i': '\1es'
+    '/(octop|vir)us$/i': '\1i'
+    '/(ax|test)is$/i': '\1es'
+    '/s$/i': 's'
+    '/$/': 's'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1ix'
+    '/(vert|ind)ices$/i': '\1ex'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1ouse'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ovie'
+    '/(s)eries$/i': '\1eries'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
+    '/([ti])a$/i': '\1um'
+    '/(n)ews$/i': '\1ews'
+  INFLECTOR_UNCOUNTABLE:
+    - 'vifaa'
+    - 'habari'
+    - 'mchele'
+    - 'pesa'
+    - 'spishi'
+    - 'mfululizo'
+    - 'samaki'
+    - 'kondoo'
+  INFLECTOR_IRREGULAR:
+    'person': 'watu'
+    'man': 'wanaume'
+    'child': 'watoto'
+    'sex': 'jinsia'
+    'move': 'songa'
+  INFLECTOR_ORDINALS:
+    'default': 'th'
+    'first': 'st'
+    'second': 'nd'
+    'third': 'rd'
+  NICETIME:
+    NO_DATE_PROVIDED: Hakuna tarehe iliyotolewa
+    BAD_DATE: Tarehe mbaya
+    AGO: zilizopita
+    FROM_NOW: kuanzia sasa
+    JUST_NOW: sasa hivi
+    SECOND: pili
+    MINUTE: dakika
+    HOUR: saa
+    DAY: siku
+    WEEK: wiki
+    MONTH: mwezi
+    YEAR: mwaka
+    DECADE: muongo
+    SEC: sec
+    MIN: min
+    HR: hr
+    WK: wk
+    MO: mo
+    YR: yr
+    DEC: dec
+    SECOND_PLURAL: sekunde
+    MINUTE_PLURAL: dakika
+    HOUR_PLURAL: masaa
+    DAY_PLURAL: siku
+    WEEK_PLURAL: wiki
+    MONTH_PLURAL: miezi
+    YEAR_PLURAL: miaka
+    DECADE_PLURAL: miongo
+    SEC_PLURAL: secs
+    MIN_PLURAL: mins
+    HR_PLURAL: hrs
+    WK_PLURAL: wks
+    MO_PLURAL: mos
+    YR_PLURAL: yrs
+    DEC_PLURAL: decs
+  FORM:
+    VALIDATION_FAIL: '<b> Uthibitishaji umeshindwa: </b>'
+    INVALID_INPUT: 'Ingizo batili katika'
+    MISSING_REQUIRED_FIELD: 'Sehemu inayokosekana inahitajika:'
+    XSS_ISSUES: "Masuala yanayowezekana ya XSS yamegunduliwa katika uwanja wa '% s"
+  MONTHS_OF_THE_YEAR:
+    - 'Januari'
+    - 'Februari'
+    - 'Machi'
+    - 'Aprili'
+    - 'Mei'
+    - 'Juni'
+    - 'Julai'
+    - 'Agosti'
+    - 'Septemba'
+    - 'Oktoba'
+    - 'Novemba'
+    - 'Desemba'
+  DAYS_OF_THE_WEEK:
+    - 'Jumatatu'
+    - 'Jumanne'
+    - 'Jumatano'
+    - 'Alhamisi'
+    - 'Ijumaa'
+    - 'Jumamosi'
+    - 'Jumapili'
+  YES: "Ndiyo"
+  NO: "Hapana"
+  CRON:
+    EVERY: kila
+    EVERY_HOUR: kila saa
+    EVERY_MINUTE: kila dakika
+    EVERY_DAY_OF_WEEK: kila siku ya juma
+    EVERY_DAY_OF_MONTH: kila siku ya mwezi
+    EVERY_MONTH: kila mwezi
+    TEXT_PERIOD: Kila <b />
+    TEXT_MINS: ' saa <b /> dakika (saa) zilizopita saa'
+    TEXT_TIME: ' saa <b />: <b />'
+    TEXT_DOW: ' kwenye <b />'
+    TEXT_MONTH: ' ya <b />'
+    TEXT_DOM: ' kwenye <b />'
+    ERROR1: Lebo% s haitumiki!
+    ERROR2: Idadi mbaya ya vitu
+    ERROR3: Jquery_element inapaswa kuwekwa kwenye mipangilio ya jqCron
+    ERROR4: Maneno yasiyotambulika

system/languages/th.yaml

@@ -1,11 +1,75 @@
 ---
 GRAV:
-  FRONTMATTER_ERROR_PAGE: "---\nชื่อเรื่อง: %1$s\n---\n\n# ข้อผิดพลาด: Invalid Frontmatter\n\nPath: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  FRONTMATTER_ERROR_PAGE: "---\ntitle: %1$s\n---\n\n# Error: Invalid Frontmatter\n\nPath: `%2$s`\n\n**%3$s**\n\n```\n%4$s\n```"
+  INFLECTOR_PLURALS:
+    '/(quiz)$/i': '\1zes'
+    '/^(ox)$/i': '\1en'
+    '/([m|l])ouse$/i': '\1ice'
+    '/(matr|vert|ind)ix|ex$/i': '\1ices'
+    '/(x|ch|ss|sh)$/i': '\1es'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([^aeiouy]|qu)y$/i': '\1ies'
+    '/(hive)$/i': '\1s'
+    '/(?:([^f])fe|([lr])f)$/i': '\1\2ves'
+    '/sis$/i': 'ses'
+    '/([ti])um$/i': '\1a'
+    '/(buffal|tomat)o$/i': '\1oes'
+    '/(bu)s$/i': '\1ses'
+    '/(alias|status)/i': '\1es'
+    '/(octop|vir)us$/i': '\1i'
+    '/(ax|test)is$/i': '\1es'
+    '/s$/i': 's'
+    '/$/': 's'
+  INFLECTOR_SINGULAR:
+    '/(quiz)zes$/i': '\1'
+    '/(matr)ices$/i': '\1ix'
+    '/(vert|ind)ices$/i': '\1ex'
+    '/^(ox)en/i': '\1'
+    '/(alias|status)es$/i': '\1'
+    '/([octop|vir])i$/i': '\1us'
+    '/(cris|ax|test)es$/i': '\1is'
+    '/(shoe)s$/i': '\1'
+    '/(o)es$/i': '\1'
+    '/(bus)es$/i': '\1'
+    '/([m|l])ice$/i': '\1ouse'
+    '/(x|ch|ss|sh)es$/i': '\1'
+    '/(m)ovies$/i': '\1ovie'
+    '/(s)eries$/i': '\1eries'
+    '/([^aeiouy]|qu)ies$/i': '\1y'
+    '/([lr])ves$/i': '\1f'
+    '/(tive)s$/i': '\1'
+    '/(hive)s$/i': '\1'
+    '/([^f])ves$/i': '\1fe'
+    '/(^analy)ses$/i': '\1sis'
+    '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/i': '\1\2sis'
+    '/([ti])a$/i': '\1um'
+    '/(n)ews$/i': '\1ews'
+  INFLECTOR_UNCOUNTABLE:
+    - 'อุปกรณ์'
+    - 'ข้อมูล'
+    - 'ข้าว'
+    - 'เงิน'
+    - 'สายพันธุ์'
+    - 'ซีรีส์'
+    - 'ปลา'
+    - 'แกะ'
+  INFLECTOR_IRREGULAR:
+    'person': 'คน'
+    'man': 'ผู้ชาย'
+    'child': 'เด็กเด็ก'
+    'sex': 'เพศ'
+    'move': 'ย้าย'
+  INFLECTOR_ORDINALS:
+    'default': 'th'
+    'first': 'st'
+    'second': 'nd'
+    'third': 'rd'
   NICETIME:
     NO_DATE_PROVIDED: ไม่มีวันที่ให้
     BAD_DATE: รูปแบบวันที่ผิด
     AGO: ที่ผ่านมา
     FROM_NOW: จากตอนนี้
+    JUST_NOW: เมื่อกี้
     SECOND: วินาที
     MINUTE: นาที
     HOUR: ชั่วโมง
@@ -17,6 +81,10 @@ GRAV:
     SEC: วิ
     MIN: นาที
     HR: ชม.
+    WK: wk
+    MO: mo
+    YR: yr
+    DEC: dec
     SECOND_PLURAL: วินาที
     MINUTE_PLURAL: นาที
     HOUR_PLURAL: ชั่วโมง
@@ -28,11 +96,15 @@ GRAV:
     SEC_PLURAL: วินาที
     MIN_PLURAL: นาที
     HR_PLURAL: ชั่วโมง
+    WK_PLURAL: wks
+    MO_PLURAL: mos
     YR_PLURAL: ปี
+    DEC_PLURAL: decs
   FORM:
     VALIDATION_FAIL: '<b>ตรวจสอบล้มเหลว: </b>'
     INVALID_INPUT: 'ป้อนข้อมูลไม่ถูกต้องใน'
     MISSING_REQUIRED_FIELD: 'ขาดข้อมูลที่จำเป็น:'
+    XSS_ISSUES: "ตรวจพบปัญหา XSS ที่เป็นไปได้ในฟิลด์ '%s'"
   MONTHS_OF_THE_YEAR:
     - 'มกราคม'
     - 'กุมภาพันธ์'
@@ -54,3 +126,22 @@ GRAV:
     - 'ศุกร์'
     - 'เสาร์'
     - 'อาทิตย์'
+  YES: "ใช่"
+  NO: "ไม่"
+  CRON:
+    EVERY: ทุก ๆ
+    EVERY_HOUR: ทุกชั่วโมง
+    EVERY_MINUTE: ทุกนาที
+    EVERY_DAY_OF_WEEK: ทุกวันในสัปดาห์
+    EVERY_DAY_OF_MONTH: ทุกวันของเดือน
+    EVERY_MONTH: ทุกเดือน
+    TEXT_PERIOD: ทุก ๆ <b />
+    TEXT_MINS: ' ที่ <b /> นาทีที่ผ่านไปแล้ว'
+    TEXT_TIME: ' เวลา <b />:<b />'
+    TEXT_DOW: ' บน <b />'
+    TEXT_MONTH: ' จาก <b />'
+    TEXT_DOM: ' บน <b />'
+    ERROR1: ไม่รองรับแท็ก %s!
+    ERROR2: จำนวนองค์ประกอบไม่ดี
+    ERROR3: ควรตั้งค่า jquery_element เป็นการตั้งค่า jqCron
+    ERROR4: นิพจน์ที่ไม่รู้จัก

system/languages/tr.yaml

@@ -82,6 +82,8 @@ GRAV:
     - 'Cuma'
     - 'Cumartesi'
     - 'Pazar'
+  YES: "Evet"
+  NO: "Hayır"
   CRON:
     EVERY: her
     EVERY_HOUR: saatte bir

system/languages/zh-cn.yaml

@@ -125,6 +125,8 @@ GRAV:
     - '星期五'
     - '星期六'
     - '星期日'
+  YES: "是"
+  NO: "否"
   CRON:
     EVERY: 每隔
     EVERY_HOUR: 每小时

system/languages/zh-tw.yaml

@@ -38,7 +38,9 @@ GRAV:
     YR_PLURAL: 年
     DEC_PLURAL: 十年
   FORM:
-    MISSING_REQUIRED_FIELD: 遺漏必填欄位：
+    VALIDATION_FAIL: '<b>確驗證失敗：</b>'
+    INVALID_INPUT: '無效輸入：'
+    MISSING_REQUIRED_FIELD: '遺漏必填欄位：'
   MONTHS_OF_THE_YEAR:
     - '一月'
     - '二月'
@@ -60,3 +62,18 @@ GRAV:
     - '星期五'
     - '星期六'
     - '星期日'
+  YES: "是"
+  NO: "否"
+  CRON:
+    EVERY: 每
+    EVERY_HOUR: 每小時
+    EVERY_MINUTE: 每分鐘
+    EVERY_DAY_OF_WEEK: 每一天
+    EVERY_DAY_OF_MONTH: 每一天
+    EVERY_MONTH: 每個月
+    TEXT_PERIOD: 每 <b />
+    TEXT_MINS: ' 的 <b /> 分'
+    TEXT_TIME: ' <b />:<b />'
+    TEXT_DOW: ' 的 <b />'
+    TEXT_MONTH: ' 的 <b />'
+    TEXT_DOM: ' 的 <b />'

system/languages/zh.yaml

@@ -125,6 +125,8 @@ GRAV:
     - '星期五'
     - '星期六'
     - '星期日'
+  YES: "是"
+  NO: "否"
   CRON:
     EVERY: 每隔
     EVERY_HOUR: 每小时

system/router.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Core
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -13,8 +13,25 @@ if (PHP_SAPI !== 'cli-server') {
 
 $_SERVER['PHP_CLI_ROUTER'] = true;
 
-if (is_file($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . $_SERVER['SCRIPT_NAME'])) {
-    return false;
+$root = $_SERVER['DOCUMENT_ROOT'];
+$path = $_SERVER['SCRIPT_NAME'];
+if ($path !== '/index.php' && is_file($root . $path)) {
+    if (!(
+        // Block all direct access to files and folders beginning with a dot
+        strpos($path, '/.') !== false
+        // Block all direct access for these folders
+        || preg_match('`^/(\.git|cache|bin|logs|backup|webserver-configs|tests)/`ui', $path)
+        // Block access to specific file types for these system folders
+        || preg_match('`^/(system|vendor)/(.*)\.(txt|xml|md|html|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$`ui', $path)
+        // Block access to specific file types for these user folders
+        || preg_match('`^/(user)/(.*)\.(txt|md|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$`ui', $path)
+        // Block all direct access to .md files
+        || preg_match('`\.md$`ui', $path)
+        // Block access to specific files in the root folder
+        || preg_match('`^/(LICENSE\.txt|composer\.lock|composer\.json|\.htaccess)$`ui', $path)
+    )) {
+        return false;
+    }
 }
 
 $grav_index = 'index.php';

system/src/DOMLettersIterator.php

@@ -0,0 +1,165 @@
+<?php
+
+/**
+ * Iterates individual characters (Unicode codepoints) of DOM text and CDATA nodes
+ * while keeping track of their position in the document.
+ *
+ * Example:
+ *
+ *  $doc = new DOMDocument();
+ *  $doc->load('example.xml');
+ *  foreach(new DOMLettersIterator($doc) as $letter) echo $letter;
+ *
+ * NB: If you only need characters without their position
+ *     in the document, use DOMNode->textContent instead.
+ *
+ * @author porneL http://pornel.net
+ * @license Public Domain
+ * @url https://github.com/antoligy/dom-string-iterators
+ *
+ * @implements Iterator<int,string>
+ */
+final class DOMLettersIterator implements Iterator
+{
+    /** @var DOMElement */
+    private $start;
+    /** @var DOMElement|null */
+    private $current;
+    /** @var int */
+    private $offset = -1;
+    /** @var int|null */
+    private $key;
+    /** @var array<int,string>|null */
+    private $letters;
+
+    /**
+     * expects DOMElement or DOMDocument (see DOMDocument::load and DOMDocument::loadHTML)
+     *
+     * @param DOMNode $el
+     */
+    public function __construct(DOMNode $el)
+    {
+        if ($el instanceof DOMDocument) {
+            $el = $el->documentElement;
+        }
+
+        if (!$el instanceof DOMElement) {
+            throw new InvalidArgumentException('Invalid arguments, expected DOMElement or DOMDocument');
+        }
+
+        $this->start = $el;
+    }
+
+    /**
+     * Returns position in text as DOMText node and character offset.
+     * (it's NOT a byte offset, you must use mb_substr() or similar to use this offset properly).
+     * node may be NULL if iterator has finished.
+     *
+     * @return array
+     */
+    public function currentTextPosition(): array
+    {
+        return [$this->current, $this->offset];
+    }
+
+    /**
+     * Returns DOMElement that is currently being iterated or NULL if iterator has finished.
+     *
+     * @return DOMElement|null
+     */
+    public function currentElement(): ?DOMElement
+    {
+        return $this->current ? $this->current->parentNode : null;
+    }
+
+    // Implementation of Iterator interface
+
+    /**
+     * @return int|null
+     */
+    public function key(): ?int
+    {
+        return $this->key;
+    }
+
+    /**
+     * @return void
+     */
+    public function next(): void
+    {
+        if (null === $this->current) {
+            return;
+        }
+
+        if ($this->current->nodeType === XML_TEXT_NODE || $this->current->nodeType === XML_CDATA_SECTION_NODE) {
+            if ($this->offset === -1) {
+                preg_match_all('/./us', $this->current->textContent, $m);
+                $this->letters = $m[0];
+            }
+
+            $this->offset++;
+            $this->key++;
+            if ($this->letters && $this->offset < count($this->letters)) {
+                return;
+            }
+
+            $this->offset = -1;
+        }
+
+        while ($this->current->nodeType === XML_ELEMENT_NODE && $this->current->firstChild) {
+            $this->current = $this->current->firstChild;
+            if ($this->current->nodeType === XML_TEXT_NODE || $this->current->nodeType === XML_CDATA_SECTION_NODE) {
+                $this->next();
+                return;
+            }
+        }
+
+        while (!$this->current->nextSibling && $this->current->parentNode) {
+            $this->current = $this->current->parentNode;
+            if ($this->current === $this->start) {
+                $this->current = null;
+                return;
+            }
+        }
+
+        $this->current = $this->current->nextSibling;
+
+        $this->next();
+    }
+
+    /**
+     * Return the current element
+     * @link https://php.net/manual/en/iterator.current.php
+     *
+     * @return string|null
+     */
+    public function current(): ?string
+    {
+        return $this->letters ? $this->letters[$this->offset] : null;
+    }
+
+    /**
+     * Checks if current position is valid
+     * @link https://php.net/manual/en/iterator.valid.php
+     *
+     * @return bool
+     */
+    public function valid(): bool
+    {
+        return (bool)$this->current;
+    }
+
+    /**
+     * @return void
+     */
+    public function rewind(): void
+    {
+        $this->current = $this->start;
+        $this->offset = -1;
+        $this->key = 0;
+        $this->letters = [];
+
+        $this->next();
+    }
+}
+

system/src/DOMWordsIterator.php

@@ -0,0 +1,158 @@
+<?php
+
+/**
+ * Iterates individual words of DOM text and CDATA nodes
+ * while keeping track of their position in the document.
+ *
+ * Example:
+ *
+ *  $doc = new DOMDocument();
+ *  $doc->load('example.xml');
+ *  foreach(new DOMWordsIterator($doc) as $word) echo $word;
+ *
+ * @author pjgalbraith http://www.pjgalbraith.com
+ * @author porneL http://pornel.net (based on DOMLettersIterator available at http://pornel.net/source/domlettersiterator.php)
+ * @license Public Domain
+ * @url https://github.com/antoligy/dom-string-iterators
+ *
+ * @implements Iterator<int,string>
+ */
+
+final class DOMWordsIterator implements Iterator
+{
+    /** @var DOMElement */
+    private $start;
+    /** @var DOMElement|null */
+    private $current;
+    /** @var int */
+    private $offset = -1;
+    /** @var int|null */
+    private $key;
+    /** @var array<int,array<int,int|string>>|null */
+    private $words;
+
+    /**
+     * expects DOMElement or DOMDocument (see DOMDocument::load and DOMDocument::loadHTML)
+     *
+     * @param DOMNode $el
+     */
+    public function __construct(DOMNode $el)
+    {
+        if ($el instanceof DOMDocument) {
+            $el = $el->documentElement;
+        }
+
+        if (!$el instanceof DOMElement) {
+            throw new InvalidArgumentException('Invalid arguments, expected DOMElement or DOMDocument');
+        }
+
+        $this->start = $el;
+    }
+
+    /**
+     * Returns position in text as DOMText node and character offset.
+     * (it's NOT a byte offset, you must use mb_substr() or similar to use this offset properly).
+     * node may be NULL if iterator has finished.
+     *
+     * @return array
+     */
+    public function currentWordPosition(): array
+    {
+        return [$this->current, $this->offset, $this->words];
+    }
+
+    /**
+     * Returns DOMElement that is currently being iterated or NULL if iterator has finished.
+     *
+     * @return DOMElement|null
+     */
+    public function currentElement(): ?DOMElement
+    {
+        return $this->current ? $this->current->parentNode : null;
+    }
+
+    // Implementation of Iterator interface
+
+    /**
+     * Return the key of the current element
+     * @link https://php.net/manual/en/iterator.key.php
+     * @return int|null
+     */
+    public function key(): ?int
+    {
+        return $this->key;
+    }
+
+    /**
+     * @return void
+     */
+    public function next(): void
+    {
+        if (null === $this->current) {
+            return;
+        }
+
+        if ($this->current->nodeType === XML_TEXT_NODE || $this->current->nodeType === XML_CDATA_SECTION_NODE) {
+            if ($this->offset === -1) {
+                $this->words = preg_split("/[\n\r\t ]+/", $this->current->textContent, -1, PREG_SPLIT_NO_EMPTY|PREG_SPLIT_OFFSET_CAPTURE) ?: [];
+            }
+            $this->offset++;
+
+            if ($this->words && $this->offset < count($this->words)) {
+                $this->key++;
+                return;
+            }
+            $this->offset = -1;
+        }
+
+        while ($this->current->nodeType === XML_ELEMENT_NODE && $this->current->firstChild) {
+            $this->current = $this->current->firstChild;
+            if ($this->current->nodeType === XML_TEXT_NODE || $this->current->nodeType === XML_CDATA_SECTION_NODE) {
+                $this->next();
+                return;
+            }
+        }
+
+        while (!$this->current->nextSibling && $this->current->parentNode) {
+            $this->current = $this->current->parentNode;
+            if ($this->current === $this->start) {
+                $this->current = null;
+                return;
+            }
+        }
+
+        $this->current = $this->current->nextSibling;
+
+        $this->next();
+    }
+
+    /**
+     * Return the current element
+     * @link https://php.net/manual/en/iterator.current.php
+     * @return string|null
+     */
+    public function current(): ?string
+    {
+        return $this->words ? (string)$this->words[$this->offset][0] : null;
+    }
+
+    /**
+     * Checks if current position is valid
+     * @link https://php.net/manual/en/iterator.valid.php
+     * @return bool
+     */
+    public function valid(): bool
+    {
+        return (bool)$this->current;
+    }
+
+    public function rewind(): void
+    {
+        $this->current = $this->start;
+        $this->offset = -1;
+        $this->key = 0;
+        $this->words = [];
+
+        $this->next();
+    }
+}

system/src/Grav/Common/Assets.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -16,8 +16,8 @@ use Grav\Common\Assets\Traits\TestingAssetsTrait;
 use Grav\Common\Config\Config;
 use Grav\Framework\Object\PropertyObject;
 use RocketTheme\Toolbox\ResourceLocator\UniformResourceLocator;
+use function array_slice;
 use function call_user_func_array;
-use function count;
 use function func_get_args;
 use function is_array;
 
@@ -30,14 +30,21 @@ class Assets extends PropertyObject
     use TestingAssetsTrait;
     use LegacyAssetsTrait;
 
+    const LINK = 'link';
     const CSS = 'css';
     const JS = 'js';
+    const JS_MODULE = 'js_module';
+    const LINK_COLLECTION = 'assets_link';
     const CSS_COLLECTION = 'assets_css';
     const JS_COLLECTION = 'assets_js';
+    const JS_MODULE_COLLECTION = 'assets_js_module';
+    const LINK_TYPE = Assets\Link::class;
     const CSS_TYPE = Assets\Css::class;
     const JS_TYPE = Assets\Js::class;
+    const JS_MODULE_TYPE = Assets\JsModule::class;
     const INLINE_CSS_TYPE = Assets\InlineCss::class;
     const INLINE_JS_TYPE = Assets\InlineJs::class;
+    const INLINE_JS_MODULE_TYPE = Assets\InlineJsModule::class;
 
     /** @const Regex to match CSS and JavaScript files */
     const DEFAULT_REGEX = '/.\.(css|js)$/i';
@@ -48,15 +55,24 @@ class Assets extends PropertyObject
     /** @const Regex to match JavaScript files */
     const JS_REGEX = '/.\.js$/i';
 
+    /** @const Regex to match JavaScriptModyle files */
+    const JS_MODULE_REGEX = '/.\.mjs$/i';
+
     /** @var string */
     protected $assets_dir;
     /** @var string */
     protected $assets_url;
 
+    /** @var array */
+    protected $assets_link = [];
     /** @var array */
     protected $assets_css = [];
     /** @var array */
     protected $assets_js = [];
+    /** @var array  */
+    protected $assets_js_module = [];
+
+
 
     // Following variables come from the configuration:
     /** @var bool */
@@ -66,19 +82,17 @@ class Assets extends PropertyObject
     /** @var bool */
     protected $css_pipeline_before_excludes;
     /** @var bool */
-    protected $inlinecss_pipeline_include_externals;
-    /** @var bool */
-    protected $inlinecss_pipeline_before_excludes;
-    /** @var bool */
     protected $js_pipeline;
     /** @var bool */
     protected $js_pipeline_include_externals;
     /** @var bool */
     protected $js_pipeline_before_excludes;
     /** @var bool */
-    protected $inlinejs_pipeline_include_externals;
+    protected $js_module_pipeline;
     /** @var bool */
-    protected $inlinejs_pipeline_before_excludes;
+    protected $js_module_pipeline_include_externals;
+    /** @var bool */
+    protected $js_module_pipeline_before_excludes;
     /** @var array */
     protected $pipeline_options = [];
 
@@ -110,7 +124,7 @@ class Assets extends PropertyObject
 
         /** @var UniformResourceLocator $locator */
         $locator = $grav['locator'];
-        $this->assets_dir = $locator->findResource('asset://') . DS;
+        $this->assets_dir = $locator->findResource('asset://');
         $this->assets_url = $locator->findResource('asset://', false);
 
         $this->config($asset_config);
@@ -160,14 +174,27 @@ class Assets extends PropertyObject
      */
     public function add($asset)
     {
+        if (!$asset) {
+            return $this;
+        }
+
         $args = func_get_args();
 
         // More than one asset
         if (is_array($asset)) {
-            foreach ($asset as $a) {
-                array_shift($args);
-                $args = array_merge([$a], $args);
-                call_user_func_array([$this, 'add'], $args);
+            foreach ($asset as $index => $location) {
+                $params = array_slice($args, 1);
+                if (is_array($location)) {
+                    $params = array_shift($params);
+                    if (is_numeric($params)) {
+                        $params = [ 'priority' => $params ];
+                    }
+                    $params = [array_replace_recursive([], $location, $params)];
+                    $location = $index;
+                }
+
+                $params = array_merge([$location], $params);
+                call_user_func_array([$this, 'add'], $params);
             }
         } elseif (isset($this->collections[$asset])) {
             array_shift($args);
@@ -175,7 +202,8 @@ class Assets extends PropertyObject
             call_user_func_array([$this, 'add'], $args);
         } else {
             // Get extension
-            $extension = pathinfo(parse_url($asset, PHP_URL_PATH), PATHINFO_EXTENSION);
+            $path = parse_url($asset, PHP_URL_PATH);
+            $extension = $path ? Utils::pathinfo($path, PATHINFO_EXTENSION) : '';
 
             // JavaScript or CSS
             if ($extension !== '') {
@@ -184,6 +212,8 @@ class Assets extends PropertyObject
                     call_user_func_array([$this, 'addCss'], $args);
                 } elseif ($extension === 'js') {
                     call_user_func_array([$this, 'addJs'], $args);
+                } elseif ($extension === 'mjs') {
+                    call_user_func_array([$this, 'addJsModule'], $args);
                 }
             }
         }
@@ -201,14 +231,19 @@ class Assets extends PropertyObject
     protected function addType($collection, $type, $asset, $options)
     {
         if (is_array($asset)) {
-            foreach ($asset as $a) {
-                $this->addType($collection, $type, $a, $options);
+            foreach ($asset as $index => $location) {
+                $assetOptions = $options;
+                if (is_array($location)) {
+                    $assetOptions = array_replace_recursive([], $options, $location);
+                    $location = $index;
+                }
+                $this->addType($collection, $type, $location, $assetOptions);
             }
 
             return $this;
         }
 
-        if (($type === $this::CSS_TYPE || $type === $this::JS_TYPE) && isset($this->collections[$asset])) {
+        if ($this->isValidType($type) && isset($this->collections[$asset])) {
             $this->addType($collection, $type, $this->collections[$asset], $options);
             return $this;
         }
@@ -216,7 +251,9 @@ class Assets extends PropertyObject
         // If pipeline disabled, set to position if provided, else after
         if (isset($options['pipeline'])) {
             if ($options['pipeline'] === false) {
-                $exclude_type = ($type === $this::JS_TYPE || $type === $this::INLINE_JS_TYPE) ? $this::JS : $this::CSS;
+
+                $exclude_type = $this->getBaseType($type);
+
                 $excludes = strtolower($exclude_type . '_pipeline_before_excludes');
                 if ($this->{$excludes}) {
                     $default = 'after';
@@ -231,7 +268,13 @@ class Assets extends PropertyObject
         }
 
         // Add timestamp
-        $options['timestamp'] = $this->timestamp;
+        $timestamp_override = $options['timestamp'] ?? true;
+
+        if (filter_var($timestamp_override, FILTER_VALIDATE_BOOLEAN)) {
+            $options['timestamp'] = $this->timestamp;
+        } else {
+            $options['timestamp'] = null;
+        }
 
         // Set order
         $group = $options['group'] ?? 'head';
@@ -255,6 +298,16 @@ class Assets extends PropertyObject
         return $this;
     }
 
+    /**
+     * Add a CSS asset or a collection of assets.
+     *
+     * @return $this
+     */
+    public function addLink($asset)
+    {
+        return $this->addType($this::LINK_COLLECTION, $this::LINK_TYPE, $asset, $this->unifyLegacyArguments(func_get_args(), $this::LINK_TYPE));
+    }
+
     /**
      * Add a CSS asset or a collection of assets.
      *
@@ -295,6 +348,25 @@ class Assets extends PropertyObject
         return $this->addType($this::JS_COLLECTION, $this::INLINE_JS_TYPE, $asset, $this->unifyLegacyArguments(func_get_args(), $this::INLINE_JS_TYPE));
     }
 
+        /**
+     * Add a JS asset or a collection of assets.
+     *
+     * @return $this
+     */
+    public function addJsModule($asset)
+    {
+        return $this->addType($this::JS_MODULE_COLLECTION, $this::JS_MODULE_TYPE, $asset, $this->unifyLegacyArguments(func_get_args(), $this::JS_MODULE_TYPE));
+    }
+
+    /**
+     * Add an Inline JS asset or a collection of assets.
+     *
+     * @return $this
+     */
+    public function addInlineJsModule($asset)
+    {
+        return $this->addType($this::JS_MODULE_COLLECTION, $this::INLINE_JS_MODULE_TYPE, $asset, $this->unifyLegacyArguments(func_get_args(), $this::INLINE_JS_MODULE_TYPE));
+    }
 
     /**
      * Add/replace collection.
@@ -326,6 +398,9 @@ class Assets extends PropertyObject
 
             if ($key === 'position' && $value === 'pipeline') {
                 $type = $asset->getType();
+                if ($type === 'jsmodule') {
+                    $type = 'js_module';
+                }
 
                 if ($asset->getRemote() && $this->{strtolower($type) . '_pipeline_include_externals'} === false && $asset['position'] === 'pipeline') {
                     if ($this->{strtolower($type) . '_pipeline_before_excludes'}) {
@@ -386,7 +461,7 @@ class Assets extends PropertyObject
         $after_assets = $this->filterAssets($group_assets, 'position', 'after', true);
 
         // Pipeline
-        if ($this->{$pipeline_enabled}) {
+        if ($this->{$pipeline_enabled} ?? false) {
             $options = array_merge($this->pipeline_options, ['timestamp' => $this->timestamp]);
 
             $pipeline = new Pipeline($options);
@@ -418,9 +493,29 @@ class Assets extends PropertyObject
      * @param  array  $attributes
      * @return string
      */
-    public function css($group = 'head', $attributes = [])
+    public function css($group = 'head', $attributes = [], $include_link = true)
     {
-        return $this->render('css', $group, $attributes);
+        $output = '';
+
+        if ($include_link) {
+            $output = $this->link($group, $attributes);
+        }
+
+        $output .= $this->render(self::CSS, $group, $attributes);
+
+        return $output;
+    }
+
+    /**
+     * Build the CSS link tags.
+     *
+     * @param  string $group name of the group
+     * @param  array  $attributes
+     * @return string
+     */
+    public function link($group = 'head', $attributes = [])
+    {
+        return $this->render(self::LINK, $group, $attributes);
     }
 
     /**
@@ -430,8 +525,71 @@ class Assets extends PropertyObject
      * @param  array  $attributes
      * @return string
      */
-    public function js($group = 'head', $attributes = [])
+    public function js($group = 'head', $attributes = [], $include_js_module = true)
     {
-        return $this->render('js', $group, $attributes);
+        $output = $this->render(self::JS, $group, $attributes);
+
+        if ($include_js_module) {
+            $output .= $this->jsModule($group, $attributes);
+        }
+
+        return $output;
+    }
+
+    /**
+     * Build the Javascript Modules tags
+     *
+     * @param string $group
+     * @param array $attributes
+     * @return string
+     */
+    public function jsModule($group = 'head', $attributes = [])
+    {
+        return $this->render(self::JS_MODULE, $group, $attributes);
+    }
+
+    /**
+     * @param string $group
+     * @param array $attributes
+     * @return string
+     */
+    public function all($group = 'head', $attributes = [])
+    {
+        $output = $this->css($group, $attributes, false);
+        $output .= $this->link($group, $attributes);
+        $output .= $this->js($group, $attributes, false);
+        $output .= $this->jsModule($group, $attributes);
+        return $output;
+    }
+
+    /**
+     * @param class-string $type
+     * @return bool
+     */
+    protected function isValidType($type)
+    {
+        return in_array($type, [self::CSS_TYPE, self::JS_TYPE, self::JS_MODULE_TYPE]);
+    }
+
+    /**
+     * @param class-string $type
+     * @return string
+     */
+    protected function getBaseType($type)
+    {
+        switch ($type) {
+            case $this::JS_TYPE:
+            case $this::INLINE_JS_TYPE:
+                $base_type = $this::JS;
+                break;
+            case $this::JS_MODULE_TYPE:
+            case $this::INLINE_JS_MODULE_TYPE:
+                $base_type = $this::JS_MODULE;
+                break;
+            default:
+                $base_type = $this::CSS;
+        }
+
+        return $base_type;
     }
 }

system/src/Grav/Common/Assets/BaseAsset.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -15,6 +15,7 @@ use Grav\Common\Grav;
 use Grav\Common\Uri;
 use Grav\Common\Utils;
 use Grav\Framework\Object\PropertyObject;
+use RocketTheme\Toolbox\File\File;
 use SplFileInfo;
 
 /**
@@ -25,8 +26,9 @@ abstract class BaseAsset extends PropertyObject
 {
     use AssetUtilsTrait;
 
-    protected const CSS_ASSET = true;
-    protected const JS_ASSET = false;
+    protected const CSS_ASSET = 1;
+    protected const JS_ASSET = 2;
+    protected const JS_MODULE_ASSET = 3;
 
     /** @var string|false */
     protected $asset;
@@ -68,7 +70,7 @@ abstract class BaseAsset extends PropertyObject
      * @param array $elements
      * @param string|null $key
      */
-    public function __construct(array $elements = [], $key = null)
+    public function __construct(array $elements = [], ?string $key = null)
     {
         $base_config = [
             'group' => 'head',
@@ -91,6 +93,10 @@ abstract class BaseAsset extends PropertyObject
      */
     public function init($asset, $options)
     {
+        if (!$asset) {
+            return false;
+        }
+
         $config = Grav::instance()['config'];
         $uri = Grav::instance()['uri'];
 
@@ -182,16 +188,21 @@ abstract class BaseAsset extends PropertyObject
     public static function integrityHash($input)
     {
         $grav = Grav::instance();
+        $uri = $grav['uri'];
 
         $assetsConfig = $grav['config']->get('system.assets');
 
-        if ( !empty($assetsConfig['enable_asset_sri']) && $assetsConfig['enable_asset_sri'] )
-        {
-            $dataToHash = file_get_contents( GRAV_WEBROOT . $input);
+        if (!self::isRemoteLink($input) && !empty($assetsConfig['enable_asset_sri']) && $assetsConfig['enable_asset_sri']) {
+            $input = preg_replace('#^' . $uri->rootUrl() . '#', '', $input);
+            $asset = File::instance(GRAV_WEBROOT . $input);
 
-            $hash = hash('sha256', $dataToHash, true);
-            $hash_base64 = base64_encode($hash);
-            return ' integrity="sha256-' . $hash_base64 . '"';
+            if ($asset->exists()) {
+                $dataToHash = $asset->content();
+                $hash = hash('sha256', $dataToHash, true);
+                $hash_base64 = base64_encode($hash);
+
+                return ' integrity="sha256-' . $hash_base64 . '"';
+            }
         }
 
         return '';
@@ -238,6 +249,7 @@ abstract class BaseAsset extends PropertyObject
      *
      * @return array
      */
+    #[\ReturnTypeWillChange]
     public function jsonSerialize()
     {
         return ['type' => $this->getType(), 'elements' => $this->getElements()];
@@ -253,6 +265,19 @@ abstract class BaseAsset extends PropertyObject
      */
     protected function cssRewrite($file, $dir, $local)
     {
-        return;
+        return '';
+    }
+
+    /**
+     * Finds relative JS urls() and rewrites the URL with an absolute one
+     *
+     * @param string $file the css source file
+     * @param string $dir local relative path to the css file
+     * @param bool $local is this a local or remote asset
+     * @return string
+     */
+    protected function jsRewrite($file, $dir, $local)
+    {
+        return '';
     }
 }

system/src/Grav/Common/Assets/BlockAssets.php

@@ -0,0 +1,207 @@
+<?php
+
+/**
+ * @package    Grav\Common\Assets
+ *
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
+ * @license    MIT License; see LICENSE file for details.
+ */
+
+namespace Grav\Common\Assets;
+
+use Grav\Common\Assets;
+use Grav\Common\Config\Config;
+use Grav\Common\Grav;
+use Grav\Framework\ContentBlock\HtmlBlock;
+use function strlen;
+
+/**
+ * Register block assets into Grav.
+ */
+class BlockAssets
+{
+    /**
+     * @param HtmlBlock $block
+     * @return void
+     */
+    public static function registerAssets(HtmlBlock $block): void
+    {
+        $grav = Grav::instance();
+
+        /** @var Assets $assets */
+        $assets = $grav['assets'];
+
+        $types = $block->getAssets();
+        foreach ($types as $type => $groups) {
+            switch ($type) {
+                case 'frameworks':
+                    static::registerFrameworks($assets, $groups);
+                    break;
+                case 'styles':
+                    static::registerStyles($assets, $groups);
+                    break;
+                case 'scripts':
+                    static::registerScripts($assets, $groups);
+                    break;
+                case 'links':
+                    static::registerLinks($assets, $groups);
+                    break;
+                case 'html':
+                    static::registerHtml($assets, $groups);
+                    break;
+            }
+        }
+    }
+
+    /**
+     * @param Assets $assets
+     * @param array $list
+     * @return void
+     */
+    protected static function registerFrameworks(Assets $assets, array $list): void
+    {
+        if ($list) {
+            throw new \RuntimeException('Not Implemented');
+        }
+    }
+
+    /**
+     * @param Assets $assets
+     * @param array $groups
+     * @return void
+     */
+    protected static function registerStyles(Assets $assets, array $groups): void
+    {
+        $grav = Grav::instance();
+
+        /** @var Config $config */
+        $config = $grav['config'];
+
+        foreach ($groups as $group => $styles) {
+            foreach ($styles as $style) {
+                switch ($style[':type']) {
+                    case 'file':
+                        $options = [
+                            'priority' => $style[':priority'],
+                            'group' => $group,
+                            'type' => $style['type'],
+                            'media' => $style['media']
+                        ] + $style['element'];
+
+                        $assets->addCss(static::getRelativeUrl($style['href'], $config->get('system.assets.css_pipeline')), $options);
+                        break;
+                    case 'inline':
+                        $options = [
+                            'priority' => $style[':priority'],
+                            'group' => $group,
+                            'type' => $style['type'],
+                        ] + $style['element'];
+
+                        $assets->addInlineCss($style['content'], $options);
+                        break;
+                }
+            }
+        }
+    }
+
+    /**
+     * @param Assets $assets
+     * @param array $groups
+     * @return void
+     */
+    protected static function registerScripts(Assets $assets, array $groups): void
+    {
+        $grav = Grav::instance();
+
+        /** @var Config $config */
+        $config = $grav['config'];
+
+        foreach ($groups as $group => $scripts) {
+            $group = $group === 'footer' ? 'bottom' : $group;
+
+            foreach ($scripts as $script) {
+                switch ($script[':type']) {
+                    case 'file':
+                        $options = [
+                            'group' => $group,
+                            'priority' => $script[':priority'],
+                            'src' => $script['src'],
+                            'type' => $script['type'],
+                            'loading' => $script['loading'],
+                            'defer' => $script['defer'],
+                            'async' => $script['async'],
+                            'handle' => $script['handle']
+                        ] + $script['element'];
+
+                        $assets->addJs(static::getRelativeUrl($script['src'], $config->get('system.assets.js_pipeline')), $options);
+                        break;
+                    case 'inline':
+                        $options = [
+                            'priority' => $script[':priority'],
+                            'group' => $group,
+                            'type' => $script['type'],
+                            'loading' => $script['loading']
+                        ] + $script['element'];
+
+                        $assets->addInlineJs($script['content'], $options);
+                        break;
+                }
+            }
+        }
+    }
+
+    /**
+     * @param Assets $assets
+     * @param array $groups
+     * @return void
+     */
+    protected static function registerLinks(Assets $assets, array $groups): void
+    {
+        foreach ($groups as $group => $links) {
+            foreach ($links as $link) {
+                $href = $link['href'];
+                $options = [
+                    'group' => $group,
+                    'priority' => $link[':priority'],
+                    'rel' => $link['rel'],
+                ] + $link['element'];
+
+                $assets->addLink($href, $options);
+            }
+        }
+    }
+
+    /**
+     * @param Assets $assets
+     * @param array $groups
+     * @return void
+     */
+    protected static function registerHtml(Assets $assets, array $groups): void
+    {
+        if ($groups) {
+            throw new \RuntimeException('Not Implemented');
+        }
+    }
+
+    /**
+     * @param string $url
+     * @param bool $pipeline
+     * @return string
+     */
+    protected static function getRelativeUrl($url, $pipeline)
+    {
+        $grav = Grav::instance();
+
+        $base = rtrim($grav['base_url'], '/') ?: '/';
+
+        if (strpos($url, $base) === 0) {
+            if ($pipeline) {
+                // Remove file timestamp if CSS pipeline has been enabled.
+                $url = preg_replace('|[?#].*|', '', $url);
+            }
+
+            return substr($url, strlen($base) - 1);
+        }
+        return $url;
+    }
+}

system/src/Grav/Common/Assets/Css.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -22,7 +22,7 @@ class Css extends BaseAsset
      * @param array $elements
      * @param string|null $key
      */
-    public function __construct(array $elements = [], $key = null)
+    public function __construct(array $elements = [], ?string $key = null)
     {
         $base_options = [
             'asset_type' => 'css',

system/src/Grav/Common/Assets/InlineCss.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -22,7 +22,7 @@ class InlineCss extends BaseAsset
      * @param array $elements
      * @param string|null $key
      */
-    public function __construct(array $elements = [], $key = null)
+    public function __construct(array $elements = [], ?string $key = null)
     {
         $base_options = [
             'asset_type' => 'css',

system/src/Grav/Common/Assets/InlineJs.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -22,7 +22,7 @@ class InlineJs extends BaseAsset
      * @param array $elements
      * @param string|null $key
      */
-    public function __construct(array $elements = [], $key = null)
+    public function __construct(array $elements = [], ?string $key = null)
     {
         $base_options = [
             'asset_type' => 'js',

system/src/Grav/Common/Assets/InlineJsModule.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * @package    Grav\Common\Assets
+ *
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
+ * @license    MIT License; see LICENSE file for details.
+ */
+
+namespace Grav\Common\Assets;
+
+use Grav\Common\Utils;
+
+/**
+ * Class InlineJs
+ * @package Grav\Common\Assets
+ */
+class InlineJsModule extends BaseAsset
+{
+    /**
+     * InlineJs constructor.
+     * @param array $elements
+     * @param string|null $key
+     */
+    public function __construct(array $elements = [], ?string $key = null)
+    {
+        $base_options = [
+            'asset_type' => 'js_module',
+            'attributes' => ['type' => 'module'],
+            'position' => 'after'
+        ];
+
+        $merged_attributes = Utils::arrayMergeRecursiveUnique($base_options, $elements);
+
+        parent::__construct($merged_attributes, $key);
+    }
+
+    /**
+     * @return string
+     */
+    public function render()
+    {
+        return '<script' . $this->renderAttributes(). ">\n" . trim($this->asset) . "\n</script>\n";
+    }
+
+}

system/src/Grav/Common/Assets/Js.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -22,7 +22,7 @@ class Js extends BaseAsset
      * @param array $elements
      * @param string|null $key
      */
-    public function __construct(array $elements = [], $key = null)
+    public function __construct(array $elements = [], ?string $key = null)
     {
         $base_options = [
             'asset_type' => 'js',

system/src/Grav/Common/Assets/JsModule.php

@@ -0,0 +1,49 @@
+<?php
+
+/**
+ * @package    Grav\Common\Assets
+ *
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
+ * @license    MIT License; see LICENSE file for details.
+ */
+
+namespace Grav\Common\Assets;
+
+use Grav\Common\Utils;
+
+/**
+ * Class Js
+ * @package Grav\Common\Assets
+ */
+class JsModule extends BaseAsset
+{
+    /**
+     * Js constructor.
+     * @param array $elements
+     * @param string|null $key
+     */
+    public function __construct(array $elements = [], ?string $key = null)
+    {
+        $base_options = [
+            'asset_type' => 'js_module',
+            'attributes' => ['type' => 'module']
+        ];
+
+        $merged_attributes = Utils::arrayMergeRecursiveUnique($base_options, $elements);
+
+        parent::__construct($merged_attributes, $key);
+    }
+
+        /**
+     * @return string
+     */
+    public function render()
+    {
+        if (isset($this->attributes['loading']) && $this->attributes['loading'] === 'inline') {
+            $buffer = $this->gatherLinks([$this], self::JS_MODULE_ASSET);
+            return '<script' . $this->renderAttributes() . ">\n" . trim($buffer) . "\n</script>\n";
+        }
+
+        return '<script src="' . trim($this->asset) . $this->renderQueryString() . '"' . $this->renderAttributes() . $this->integrityHash($this->asset) . "></script>\n";
+    }
+}

system/src/Grav/Common/Assets/Link.php

@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * @package    Grav\Common\Assets
+ *
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
+ * @license    MIT License; see LICENSE file for details.
+ */
+
+namespace Grav\Common\Assets;
+
+use Grav\Common\Utils;
+
+/**
+ * Class Link
+ * @package Grav\Common\Assets
+ */
+class Link extends BaseAsset
+{
+    /**
+     * Css constructor.
+     * @param array $elements
+     * @param string|null $key
+     */
+    public function __construct(array $elements = [], ?string $key = null)
+    {
+        $base_options = [
+            'asset_type' => 'link',
+        ];
+
+        $merged_attributes = Utils::arrayMergeRecursiveUnique($base_options, $elements);
+
+        parent::__construct($merged_attributes, $key);
+    }
+
+    /**
+     * @return string
+     */
+    public function render()
+    {
+        return '<link href="' . trim($this->asset) . $this->renderQueryString() . '"' . $this->renderAttributes() . $this->integrityHash($this->asset) . ">\n";
+    }
+}

system/src/Grav/Common/Assets/Pipeline.php

@@ -3,15 +3,15 @@
 /**
  * @package    Grav\Common\Assets
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
 namespace Grav\Common\Assets;
 
-use Grav\Common\Assets\BaseAsset;
 use Grav\Common\Assets\Traits\AssetUtilsTrait;
 use Grav\Common\Config\Config;
+use Grav\Common\Filesystem\Folder;
 use Grav\Common\Grav;
 use Grav\Common\Uri;
 use Grav\Common\Utils;
@@ -29,11 +29,15 @@ class Pipeline extends PropertyObject
 {
     use AssetUtilsTrait;
 
-    protected const CSS_ASSET = true;
-    protected const JS_ASSET = false;
+    protected const CSS_ASSET = 1;
+    protected const JS_ASSET = 2;
+    protected const JS_MODULE_ASSET = 3;
 
     /** @const Regex to match CSS urls */
-    protected const CSS_URL_REGEX = '{url\(([\'\"]?)(.*?)\1\)}';
+    protected const CSS_URL_REGEX = '{url\(([\'\"]?)(.*?)\1\)|(@import)\s+([\'\"])(.*?)\4}';
+
+    /** @const Regex to match JS imports */
+    protected const JS_IMPORT_REGEX = '{import.+from\s?[\'|\"](.+?)[\'|\"]}';
 
     /** @const Regex to match CSS sourcemap comments */
     protected const CSS_SOURCEMAP_REGEX = '{\/\*# (.*?) \*\/}';
@@ -88,7 +92,14 @@ class Pipeline extends PropertyObject
         $uri = Grav::instance()['uri'];
 
         $this->base_url = rtrim($uri->rootUrl($config->get('system.absolute_urls')), '/') . '/';
-        $this->assets_dir = $locator->findResource('asset://') . DS;
+        $this->assets_dir = $locator->findResource('asset://');
+        if (!$this->assets_dir) {
+            // Attempt to create assets folder if it doesn't exist yet.
+            $this->assets_dir = $locator->findResource('asset://', true, true);
+            Folder::mkdir($this->assets_dir);
+            $locator->clearCache();
+        }
+
         $this->assets_url = $locator->findResource('asset://', false);
     }
 
@@ -115,14 +126,13 @@ class Pipeline extends PropertyObject
 
         // Compute uid based on assets and timestamp
         $json_assets = json_encode($assets);
-        $uid = md5($json_assets . $this->css_minify . $this->css_rewrite . $group);
+        $uid = md5($json_assets . (int)$this->css_minify . (int)$this->css_rewrite . $group);
         $file = $uid . '.css';
         $relative_path = "{$this->base_url}{$this->assets_url}/{$file}";
 
-        $buffer = null;
-
-        if (file_exists($this->assets_dir . $file)) {
-            $buffer = file_get_contents($this->assets_dir . $file) . "\n";
+        $filepath = "{$this->assets_dir}/{$file}";
+        if (file_exists($filepath)) {
+            $buffer = file_get_contents($filepath) . "\n";
         } else {
             //if nothing found get out of here!
             if (empty($assets)) {
@@ -141,7 +151,7 @@ class Pipeline extends PropertyObject
 
             // Write file
             if (trim($buffer) !== '') {
-                file_put_contents($this->assets_dir . $file, $buffer);
+                file_put_contents($filepath, $buffer);
             }
         }
 
@@ -163,7 +173,7 @@ class Pipeline extends PropertyObject
      * @param array $attributes
      * @return bool|string     URL or generated content if available, else false
      */
-    public function renderJs($assets, $group, $attributes = [])
+    public function renderJs($assets, $group, $attributes = [], $type = self::JS_ASSET)
     {
         // temporary list of assets to pipeline
         $inline_group = false;
@@ -182,10 +192,9 @@ class Pipeline extends PropertyObject
         $file = $uid . '.js';
         $relative_path = "{$this->base_url}{$this->assets_url}/{$file}";
 
-        $buffer = null;
-
-        if (file_exists($this->assets_dir . $file)) {
-            $buffer = file_get_contents($this->assets_dir . $file) . "\n";
+        $filepath = "{$this->assets_dir}/{$file}";
+        if (file_exists($filepath)) {
+            $buffer = file_get_contents($filepath) . "\n";
         } else {
             //if nothing found get out of here!
             if (empty($assets)) {
@@ -193,7 +202,7 @@ class Pipeline extends PropertyObject
             }
 
             // Concatenate files
-            $buffer = $this->gatherLinks($assets, self::JS_ASSET);
+            $buffer = $this->gatherLinks($assets, $type);
 
             // Minify if required
             if ($this->shouldMinify('js')) {
@@ -204,7 +213,7 @@ class Pipeline extends PropertyObject
 
             // Write file
             if (trim($buffer) !== '') {
-                file_put_contents($this->assets_dir . $file, $buffer);
+                file_put_contents($filepath, $buffer);
             }
         }
 
@@ -218,6 +227,19 @@ class Pipeline extends PropertyObject
         return $output;
     }
 
+        /**
+     * Minify and concatenate JS files.
+     *
+     * @param array $assets
+     * @param string $group
+     * @param array $attributes
+     * @return bool|string     URL or generated content if available, else false
+     */
+    public function renderJs_Module($assets, $group, $attributes = [])
+    {
+        $attributes['type'] = 'module';
+        return $this->renderJs($assets, $group, $attributes, self::JS_MODULE_ASSET);
+    }
 
     /**
      * Finds relative CSS urls() and rewrites the URL with an absolute one
@@ -235,9 +257,14 @@ class Pipeline extends PropertyObject
         // Find any css url() elements, grab the URLs and calculate an absolute path
         // Then replace the old url with the new one
         $file = (string)preg_replace_callback(self::CSS_URL_REGEX, function ($matches) use ($dir, $local) {
+            $isImport = count($matches) > 3 && $matches[3] === '@import';
 
-            $old_url = $matches[2];
-
+            if ($isImport) {
+                $old_url = $matches[5];
+            } else {
+                $old_url = $matches[2];
+            }
+ 
             // Ensure link is not rooted to web server, a data URL, or to a remote host
             if (preg_match(self::FIRST_FORWARDSLASH_REGEX, $old_url) || Utils::startsWith($old_url, 'data:') || $this->isRemoteLink($old_url)) {
                 return $matches[0];
@@ -249,9 +276,49 @@ class Pipeline extends PropertyObject
                 $old_url = ltrim($old_url, '/');
             }
 
-            $new_url = ($local ? $this->base_url: '') . $old_url;
+            $new_url = ($local ? $this->base_url : '') . $old_url;
 
-            return str_replace($matches[2], $new_url, $matches[0]);
+            if ($isImport) {
+                return str_replace($matches[5], $new_url, $matches[0]);
+            } else {
+                return str_replace($matches[2], $new_url, $matches[0]);
+            }
+        }, $file);
+
+        return $file;
+    }
+
+    /**
+     * Finds relative JS urls() and rewrites the URL with an absolute one
+     *
+     * @param string $file the css source file
+     * @param string $dir local relative path to the css file
+     * @param bool $local is this a local or remote asset
+     * @return string
+     */
+    protected function jsRewrite($file, $dir, $local)
+    {
+        // Find any js import elements, grab the URLs and calculate an absolute path
+        // Then replace the old url with the new one
+        $file = (string)preg_replace_callback(self::JS_IMPORT_REGEX, function ($matches) use ($dir, $local) {
+
+            $old_url = $matches[1];
+
+            // Ensure link is not rooted to web server, a data URL, or to a remote host
+            if (preg_match(self::FIRST_FORWARDSLASH_REGEX, $old_url) || $this->isRemoteLink($old_url)) {
+                return $matches[0];
+            }
+
+            // clean leading /
+            $old_url = Utils::normalizePath($dir . '/' . $old_url);
+            $old_url = str_replace('/./', '/', $old_url);
+            if (preg_match(self::FIRST_FORWARDSLASH_REGEX, $old_url)) {
+                $old_url = ltrim($old_url, '/');
+            }
+
+            $new_url = ($local ? $this->base_url : '') . $old_url;
+
+            return str_replace($matches[1], $new_url, $matches[0]);
         }, $file);
 
         return $file;

system/src/Grav/Common/Assets/Traits/AssetUtilsTrait.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets\Traits
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -62,15 +62,13 @@ trait AssetUtilsTrait
      * Download and concatenate the content of several links.
      *
      * @param  array $assets
-     * @param  bool $css
+     * @param  int $type
      * @return string
      */
-    protected function gatherLinks(array $assets, $css = true)
+    protected function gatherLinks(array $assets, int $type = self::CSS_ASSET): string
     {
         $buffer = '';
-
-
-        foreach ($assets as $id => $asset) {
+        foreach ($assets as $asset) {
             $local = true;
 
             $link = $asset->getAsset();
@@ -102,21 +100,25 @@ trait AssetUtilsTrait
             }
 
             // Double check last character being
-            if (!$css) {
+            if ($type === self::JS_ASSET || $type === self::JS_MODULE_ASSET) {
                 $file = rtrim($file, ' ;') . ';';
             }
 
             // If this is CSS + the file is local + rewrite enabled
-            if ($css && $this->css_rewrite) {
+            if ($type === self::CSS_ASSET && $this->css_rewrite) {
                 $file = $this->cssRewrite($file, $relative_dir, $local);
             }
 
+            if ($type === self::JS_MODULE_ASSET) {
+                $file = $this->jsRewrite($file, $relative_dir, $local);
+            }
+
             $file = rtrim($file) . PHP_EOL;
             $buffer .= $file;
         }
 
         // Pull out @imports and move to top
-        if ($css) {
+        if ($type === self::CSS_ASSET) {
             $buffer = $this->moveImports($buffer);
         }
 
@@ -135,7 +137,7 @@ trait AssetUtilsTrait
 
         $imports = [];
 
-        $file = (string)preg_replace_callback($regex, function ($matches) use (&$imports) {
+        $file = (string)preg_replace_callback($regex, static function ($matches) use (&$imports) {
             $imports[] = $matches[0];
 
             return '';
@@ -156,6 +158,10 @@ trait AssetUtilsTrait
         $no_key = ['loading'];
 
         foreach ($this->attributes as $key => $value) {
+            if ($value === null) {
+                continue;
+            }
+
             if (is_numeric($key)) {
                 $key = $value;
             }
@@ -186,6 +192,7 @@ trait AssetUtilsTrait
         $querystring = '';
 
         $asset = $asset ?? $this->asset;
+        $attributes = $this->attributes;
 
         if (!empty($this->query)) {
             if (Utils::contains($asset, '?')) {
@@ -196,7 +203,7 @@ trait AssetUtilsTrait
         }
 
         if ($this->timestamp) {
-            if (Utils::contains($asset, '?') || $querystring) {
+            if ($querystring || Utils::contains($asset, '?')) {
                 $querystring .=  '&' . $this->timestamp;
             } else {
                 $querystring .= '?' . $this->timestamp;

system/src/Grav/Common/Assets/Traits/LegacyAssetsTrait.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets\Traits
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 

system/src/Grav/Common/Assets/Traits/TestingAssetsTrait.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Assets\Traits
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -285,6 +285,15 @@ trait TestingAssetsTrait
             return $this;
         }
 
+        // Add JavaScript Module files
+        if ($pattern === self::JS_MODULE_REGEX) {
+            foreach ($files as $file) {
+                $this->addJsModule($file);
+            }
+
+            return $this;
+        }
+
         // Unknown pattern.
         foreach ($files as $asset) {
             $this->add($asset);

system/src/Grav/Common/Backup/Backups.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Backup
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -104,8 +104,8 @@ class Backups
      */
     public function getBackupDownloadUrl($backup, $base_url)
     {
-        $param_sep = $param_sep = Grav::instance()['config']->get('system.param_sep', ':');
-        $download = urlencode(base64_encode(basename($backup)));
+        $param_sep = Grav::instance()['config']->get('system.param_sep', ':');
+        $download = urlencode(base64_encode(Utils::basename($backup)));
         $url      = rtrim(Grav::instance()['uri']->rootUrl(true), '/') . '/' . trim(
             $base_url,
             '/'
@@ -144,9 +144,8 @@ class Backups
     public static function getTotalBackupsSize()
     {
         $backups = static::getAvailableBackups();
-        $size = array_sum(array_column($backups, 'size'));
 
-        return $size ?? 0;
+        return $backups ? array_sum(array_column($backups, 'size')) : 0;
     }
 
     /**
@@ -219,10 +218,10 @@ class Backups
         if ($locator->isStream($backup_root)) {
             $backup_root = $locator->findResource($backup_root);
         } else {
-            $backup_root = rtrim(GRAV_ROOT . $backup_root, '/');
+            $backup_root = rtrim(GRAV_ROOT . $backup_root, DS) ?: DS;
         }
 
-        if (!file_exists($backup_root)) {
+        if (!$backup_root || !file_exists($backup_root)) {
             throw new RuntimeException("Backup location: {$backup_root} does not exist...");
         }
 

system/src/Grav/Common/Browser.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 

system/src/Grav/Common/Cache.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 
@@ -141,7 +141,7 @@ class Cache extends Getters
         $uniqueness = substr(md5($uri->rootUrl(true) . $this->config->key() . GRAV_VERSION), 2, 8);
 
         // Cache key allows us to invalidate all cache on configuration changes.
-        $this->key = ($prefix ? $prefix : 'g') . '-' . $uniqueness;
+        $this->key = ($prefix ?: 'g') . '-' . $uniqueness;
         $this->cache_dir = $grav['locator']->findResource('cache://doctrine/' . $uniqueness, true, true);
         $this->driver_setting = $this->config->get('system.cache.driver');
         $this->driver = $this->getCacheDriver();
@@ -170,24 +170,75 @@ class Cache extends Getters
     }
 
     /**
-     * Deletes the old out of date file-based caches
+     * Deletes old cache files based on age
      *
      * @return int
      */
     public function purgeOldCache()
     {
-        $cache_dir = dirname($this->cache_dir);
-        $current = basename($this->cache_dir);
+        // Get the max age for cache files from config (default 30 days)
+        $max_age_days = $this->config->get('system.cache.purge_max_age_days', 30);
+        $max_age_seconds = $max_age_days * 86400; // Convert days to seconds
+        $now = time();
         $count = 0;
-
+        
+        // First, clean up old orphaned cache directories (not the current one)
+        $cache_dir = dirname($this->cache_dir);
+        $current = Utils::basename($this->cache_dir);
+        
         foreach (new DirectoryIterator($cache_dir) as $file) {
             $dir = $file->getBasename();
             if ($dir === $current || $file->isDot() || $file->isFile()) {
                 continue;
             }
-
-            Folder::delete($file->getPathname());
-            $count++;
+            
+            // Check if directory is old and empty or very old (90+ days)
+            $dir_age = $now - $file->getMTime();
+            if ($dir_age > 7776000) { // 90 days
+                Folder::delete($file->getPathname());
+                $count++;
+            }
+        }
+        
+        // Now clean up old cache files within the current cache directory
+        if (is_dir($this->cache_dir)) {
+            $iterator = new \RecursiveIteratorIterator(
+                new \RecursiveDirectoryIterator($this->cache_dir, \RecursiveDirectoryIterator::SKIP_DOTS),
+                \RecursiveIteratorIterator::CHILD_FIRST
+            );
+            
+            foreach ($iterator as $file) {
+                if ($file->isFile()) {
+                    $file_age = $now - $file->getMTime();
+                    if ($file_age > $max_age_seconds) {
+                        @unlink($file->getPathname());
+                        $count++;
+                    }
+                }
+            }
+        }
+        
+        // Also clean up old files in compiled cache
+        $grav = Grav::instance();
+        $compiled_dir = $this->config->get('system.cache.compiled_dir', 'cache://compiled');
+        $compiled_path = $grav['locator']->findResource($compiled_dir, true);
+        
+        if ($compiled_path && is_dir($compiled_path)) {
+            $iterator = new \RecursiveIteratorIterator(
+                new \RecursiveDirectoryIterator($compiled_path, \RecursiveDirectoryIterator::SKIP_DOTS),
+                \RecursiveIteratorIterator::CHILD_FIRST
+            );
+            
+            foreach ($iterator as $file) {
+                if ($file->isFile()) {
+                    $file_age = $now - $file->getMTime();
+                    // Compiled files can be kept longer (60 days)
+                    if ($file_age > ($max_age_seconds * 2)) {
+                        @unlink($file->getPathname());
+                        $count++;
+                    }
+                }
+            }
         }
 
         return $count;
@@ -618,11 +669,7 @@ class Cache extends Getters
      */
     public function isVolatileDriver($setting)
     {
-        if (in_array($setting, ['apc', 'apcu', 'xcache', 'wincache'])) {
-            return true;
-        }
-
-        return false;
+        return in_array($setting, ['apc', 'apcu', 'xcache', 'wincache'], true);
     }
 
     /**
@@ -636,8 +683,10 @@ class Cache extends Getters
     {
         /** @var Cache $cache */
         $cache = Grav::instance()['cache'];
-        $deleted_folders = $cache->purgeOldCache();
-        $msg = 'Purged ' . $deleted_folders . ' old cache folders...';
+        $deleted_items = $cache->purgeOldCache();
+        
+        $max_age = $cache->config->get('system.cache.purge_max_age_days', 30);
+        $msg = 'Purged ' . $deleted_items . ' old cache items (files older than ' . $max_age . ' days)';
 
         if ($echo) {
             echo $msg;

system/src/Grav/Common/Composer.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 

system/src/Grav/Common/Config/CompiledBase.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Config
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */
 

system/src/Grav/Common/Config/CompiledBlueprints.php

@@ -3,7 +3,7 @@
 /**
  * @package    Grav\Common\Config
  *
- * @copyright  Copyright (c) 2015 - 2021 Trilby Media, LLC. All rights reserved.
+ * @copyright  Copyright (c) 2015 - 2025 Trilby Media, LLC. All rights reserved.
  * @license    MIT License; see LICENSE file for details.
  */