🚀 A new era: Kirby 4 Get to know
Skip to content

Episode 71

24 Aug 2022

Here we are again with Kosmos issue 71. We are now already into our 7th year with this newsletter (yes, the first version was published on July 1st, 2016) and I still like preparing it and getting it out to you every single month, well almost.

Security patch for versions 3.5.0 to 3.7.3

Unfortunately, we were made aware of a security issue, which was published in the open before we were given a chance to fix it.

We have released security patches for Kirby versions 3.5.0 up to 3.7.3. These releases (, and 3.7.4) fix cross-site scripting (XSS) issues in the tags and multiselect fields. You can read more about the issues in the security advisories that are linked from the release notes of the respective patch releases. Please update your installations as soon as possible if you are possibly affected by this vulnerability.

Kirby 3.7.4

Today, we release Kirby 3.7.4 with a few interesting new features like HMR (Hot Module Reloading) for plugins that use kirbyup, a new Helpers::handleErrors() method for custom PHP error handling, and a new F::unlink() method for idempotent deletion of files and links. There are also some nice enhancements to check out in the changelog. This version is also the last 3.7.x release. We are now actively working towards Kirby 3.8.

Kirby in the wild

Everflow Water

Kirby plugins

The Kirby Hidden Characters plugin shows hidden characters (white spaces and paragraph endings) in all kind of input fields and their previews.

The popular Enhanced Toolbar Link Dialog plugin got an update and now not only works with the textarea field but in all other places where a link dialog is used, including blocks.


Mauro Chojrin gives an overview of the different types of automated testing and the available tools for different test types in PHP.

Traits, Interfaces, and Abstract Classes in PHP: What are they, what are the differences and when to prefer one over the other.

The PHP Sussex group on MeetUp schedules an online and in-person event about Using PHP on the command line on September 8, 2022.

Composer in Docker explains how you can use Composer in a Docker container without installing PHP or Composer on your local machine.


Bun is a rather new JavaScript toolset and runtime. Tomas Fernandez discusses how Bun compares to Node and Deno.

Louis Lazaris has compiled a collection of (online) image optimization tools.

Manuel Matuzovic on the big pros and small cons of using the CSS outline property.

Get your Largest Contentful Paint (LCP) image to load sooner with fetchpriority="high".

This & that

hookrelay is a (paid) service with a free tier that allows you to deliver webhooks to your customers.

Victor Ponamariov shares the pros and cons of putting forms into modals.

Replibyte is a fast tool to seed a development database with production data while keeping sensitive data safe using transformers.

In his article What they don't teach you about sockets, Macoy Madson shares his experience as a beginner implementing sockets.

With Alice, you create a lot of fixtures/fake data for use while developing or testing your application.

Hello boasts of being a search engine specifically for developers. Still in beta.