Merge branch 'master' into update-import-paths-in-snippets

.circleci/template.yml

@@ -335,7 +335,6 @@ workflows:
             branches:
               only:
                 - master
-                - master-it84
                 - stable
                 - release
 

CONTRIBUTING.md

@@ -1,4 +1,4 @@
 Contributing
-========================================
+============
 
 See the [official contributors' guide to CKEditor 5](https://ckeditor.com/docs/ckeditor5/latest/framework/contributing/contributing.html) to learn more.

docs/_snippets/features/mathtype.js

@@ -85,3 +85,14 @@ ClassicEditor
 	.catch( err => {
 		console.error( err.stack );
 	} );
+
+// MathType has a WASM telemetry file that esbuild fails to generate. Because
+// the code works fine without it, then we accept the error during a scan.
+const metaElement = document.createElement( 'meta' );
+
+metaElement.name = 'x-cke-crawler-ignore-patterns';
+metaElement.content = JSON.stringify( {
+	'response-failure': 'wasm'
+} );
+
+document.head.appendChild( metaElement );

docs/getting-started/integrations-cdn/angular.md

@@ -200,13 +200,8 @@ export class MyComponent {
 An instance of the {@link module:watchdog/contextwatchdog~ContextWatchdog `ContextWatchdog`} class that is responsible for providing the same context to multiple editor instances and restarting the whole structure in case of crashes.
 
 ```ts
-import CKSource from 'path/to/custom/build';
 import { loadCKEditorCloud } from '@ckeditor/ckeditor5-angular';
 
-const Context = CKSource.Context;
-const Editor = CKSource.Editor;
-const ContextWatchdog = CKSource.ContextWatchdog;
-
 @Component( {
 	// ...
 } )
@@ -223,9 +218,14 @@ export class MyComponent {
 
 	private _setupEditor( cloud ) {
 		const {
-			ClassicEditor
+			ClassicEditor,
+			ContextWatchdog,
+			Context
 		} = cloud.CKEditor;
-		const contextConfig = {};
+
+		const contextConfig = {
+			// Your context configuration.
+		};
 
 		this.Editor = ClassicEditor;
 		this.ready = false;

docs/getting-started/integrations/angular.md

@@ -264,11 +264,7 @@ export class MyComponent {
 An instance of the {@link module:watchdog/contextwatchdog~ContextWatchdog `ContextWatchdog`} class that is responsible for providing the same context to multiple editor instances and restarting the whole structure in case of crashes.
 
 ```ts
-import CKSource from 'path/to/custom/build';
-
-const Context = CKSource.Context;
-const Editor = CKSource.Editor;
-const ContextWatchdog = CKSource.ContextWatchdog;
+import { Editor, Context, ContextWatchdog } from 'ckeditor5';
 
 @Component( {
 	// ...

docs/umberto.json

@@ -46,6 +46,8 @@
 		"api/module_html-embed_inserthtmlembedcommand-InsertHtmlEmbedCommand.html": "api/module_html-embed_htmlembedcommand-HtmlEmbedCommand.html",
 		"api/module_html-embed_updatehtmlembedcommand.html": "api/module_html-embed_htmlembedcommand.html",
 		"api/module_html-embed_updatehtmlembedcommand-UpdateHtmlEmbedCommand.html": "api/module_html-embed_htmlembedcommand-HtmlEmbedCommand.html",
+		"api/module_link_utils-ManualDecorator.html": "api/module_link_utils_manualdecorator-ManualDecorator.html",
+		"api/module_link_utils-AutomaticDecorators.html": "api/module_link_utils_automaticdecorators-AutomaticDecorators.html",
 		"api/module_list_checktodolistcommand.html": "api/module_list_todolist_checktodolistcommand.html",
 		"api/module_list_checktodolistcommand-CheckTodoListCommand.html": "api/module_list_todolist_checktodolistcommand-CheckTodoListCommand.html",
 		"api/module_list_converters.html": "api/module_list_list_converters.html",

docs/updating/update-to-43.md

@@ -14,9 +14,83 @@ modified_at: 2024-07-31
 	You may try removing the `package-lock.json` or `yarn.lock` files (if applicable) and reinstalling all packages before rebuilding the editor. For best results, make sure you use the most recent package versions.
 </info-box>
 
+## Update to CKEditor&nbsp;5 v43.3.1
+
+Released on November 6, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.3.1))
+
+For the entire list of changes introduced in version 43.3.1, see the [release notes for CKEditor&nbsp;5 v43.3.1](https://github.com/ckeditor/ckeditor5/releases/tag/v43.3.1).
+
+Below are the most important changes that require your attention when upgrading to CKEditor&nbsp;5 v43.3.1.
+
+### Reverted icon change
+
+We had to revert a change introduced in v43.3.0 related to the icons export in one of our packages. This was due to unforeseen TypeScript issues in some setups.
+
+## Update to CKEditor&nbsp;5 v43.3.0
+
+Released on October 29, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.3.0))
+
+For the entire list of changes introduced in version 43.3.0, see the [release notes for CKEditor&nbsp;5 v43.3.0](https://github.com/ckeditor/ckeditor5/releases/tag/v43.3.0).
+
+Below are the most important changes that require your attention when upgrading to CKEditor&nbsp;5 v43.3.0.
+
+### Performance improvements
+
+We have improved how the editor handles the document structure by making it more reliable and efficient to access specific elements and verify their positions.
+
+* **Node index and offset caching**: The `Node` and `NodeList` elements now cache index and offset values, reducing the need for recalculations and significantly boosting overall performance during model operations.
+* **Selection range validation**: The newly implemented `Position#isValid()` method is also utilized to better validate selection ranges, ensuring more consistent behavior in various editing scenarios.
+* **Performance improvements in numbers**: The editor now loads content between **3x and, in some cases, up to 6x faster, depending on the type and size of the content**. For instance, where a specific 200-page document previously took almost 25 seconds to load, the time has now been reduced to just 3.5 seconds.
+
+**We’re committed to ongoing performance enhancements**, so you can expect even faster, smoother experience in future updates.
+
+### Export to Word watermark support
+
+A new configuration option has been added to include a watermark when exporting documents to Word, providing additional flexibility in document branding and protection.
+
+## Update to CKEditor&nbsp;5 v43.2.0
+
+Released on October 15, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.2.0))
+
+For the entire list of changes introduced in version 43.2.0, see the [release notes for CKEditor&nbsp;5 v43.2.0](https://github.com/ckeditor/ckeditor5/releases/tag/v43.2.0).
+
+Below are the most important changes that require your attention when upgrading to CKEditor&nbsp;5 v43.2.0.
+
+### Notable improvements
+
+* **Operational Transformation Stability**: Significant changes have been made to the OT system, enhancing the undo functionality and real-time collaboration, especially in conflict resolution scenarios. These improvements ensure smoother editor operations during complex interactions.
+* **Performance Improvements**: We have merged several community-driven performance enhancements, that optimize the editor’s core engine. While no changes to the editor’s logic were made, these updates improve overall efficiency and responsiveness.
+
+### More imports available via `ckeditor5` and `ckeditor5-premium-features` indexes
+
+As users transition to new installation methods (v42.0.0+) with `ckeditor5` and `ckeditor5-premium-features` as the main packages, we are continuously addressing missing imports for less common classes, functions, types, and utilities, broadening their availability. Since our TypeScript rewrite (v37.0.0), imports can now be made directly through the package indexes, simplifying integration. As many users historically imported from `src`, we encourage you to try the new version and report any missing imports. In the future, we are considering removing `src` from published packages to reduce package size, so the more feedback we receive, the better and more stable API we will provide.
+
+## Update to CKEditor&nbsp;5 v43.1.1
+
+Released on September 25, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.1.1))
+
+For the entire list of changes introduced in version 43.1.0, see the [release notes for CKEditor&nbsp;5 v43.1.0](https://github.com/ckeditor/ckeditor5/releases/tag/v43.1.0).
+
+Below are the most important changes that require your attention when upgrading to CKEditor&nbsp;5 v43.1.0.
+
+### Vulnerability fix
+
+During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package ([`CVE-2024-45613`](https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-rgg8-g5x8-wr9v)). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.
+
+This vulnerability affects **only** installations where the editor configuration meets the following criteria:
+
+1. The [**Block Toolbar**](https://ckeditor.com/docs/ckeditor5/latest/getting-started/setup/toolbar.html#block-toolbar) plugin is enabled.
+2. One of the following plugins is also enabled:
+	* [**General HTML Support**](https://ckeditor.com/docs/ckeditor5/latest/features/html/general-html-support.html) with a configuration that permits unsafe markup.
+	* [**HTML Embed**](https://ckeditor.com/docs/ckeditor5/latest/features/html/html-embed.html).
+
+You can read more details in the relevant [security advisory](https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-rgg8-g5x8-wr9v) and [contact us](https://ckeditor.com/contact/) if you have more questions.
+
+Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce **theoretical and unexploitable issues**. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, to increase the overall security posture of our software.
+
 ## Update to CKEditor&nbsp;5 v43.1.0
 
-_Released on September 5, 2024._
+Released on September 5, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.1.0))
 
 For the entire list of changes introduced in version 43.1.0, see the [release notes for CKEditor&nbsp;5 v43.1.0](https://github.com/ckeditor/ckeditor5/releases/tag/v43.1.0).
 
@@ -40,7 +114,7 @@ The tables' user interface now clearly indicates the default border settings. It
 
 ## Update to CKEditor&nbsp;5 v43.0.0
 
-_Released on August 7, 2024._
+Released on August 7, 2024. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v43.0.0))
 
 For the entire list of changes introduced in version 43.0.0, see the [release notes for CKEditor&nbsp;5 v43.0.0](https://github.com/ckeditor/ckeditor5/releases/tag/v43.0.0).
 
@@ -155,3 +229,8 @@ You can skip this section if you have not read the [Migrating custom plugins](ht
 
 3. Open the `scripts/build-dist.mjs` file and look for the `name` object key in the second `build()` step. This value represents the global variable under which your plugin is available in the UMD build and should currently match the name of your package. UMD is an alternative build format that we provide for those who cannot use JavaScript modules in their applications. We encourage you to update this value to `CKEDITOR_PLUGIN_X`, where `X` uniquely identifies your plugin. We recommend using only uppercase letters and underscores (`_`).
 
+### Minor breaking changes in this release
+
+* **Reverted `config.sanitizeHtml`.** In v43.0.0 we made a decision to move `config.htmlEmbed.sanitizeHtml` to a top-level property `config.sanitizeHtml`. However, we realized that it was a wrong decision to expose such a sensitive property in a top-level configuration property. Starting with v43.1.0 you should again use `config.htmlEmbed.sanitizeHtml` and/or `config.mergeFields.sanitizeHtml`. The editor will throw an error if `config.sanitizeHtml` is used. See the [migration guide](https://ckeditor.com/docs/ckeditor5/latest/updating/guides/update-to-43.html#reverted-recently-introduced-configsanitizehtml) for additional context behind this decision.
+* **[ai](https://www.npmjs.com/package/@ckeditor/ckeditor5-ai)**: The structure and presentation of the list of AI commands in the toolbar have changed (a flat filtered list is now a nested menu). Additionally, if your integration customizes this user interface, please ensure your integration code is up-to-date.
+* **[ui](https://www.npmjs.com/package/@ckeditor/ckeditor5-ui)**: The default `[aria-label]` provided by `InlineEditableUIView` is now `'Rich Text Editor. Editing area: [root name]'` (previously: `'Editor editing area: [root name]'`). You can use the `options.label` constructor property to adjust the label.

docs/updating/update-to-44.md

@@ -14,9 +14,47 @@ modified_at: 2024-11-28
 	You may try removing the `package-lock.json` or `yarn.lock` files (if applicable) and reinstalling all packages before rebuilding the editor. For best results, make sure you use the most recent package versions.
 </info-box>
 
+## Update to CKEditor&nbsp;5 v 44.3.0
+
+Released on March 5, 2025. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v44.3.0))
+
+### Fixed link decorators
+
+We fixed the behavior of the multiple manual link decorators that set the `rel` attribute. The fix happened so deep in the engine that we improved the overall performance of the editor slightly as well.
+
+### New `EmptyBlock` plugin
+
+Starting this release, a new `EmptyBlock` plugin prevents adding `&nbsp;` to the output data of blocks, works similarly to the [`fillEmptyBlocks`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITOR_config.html#cfg-fillEmptyBlocks) configuration in CKEditor 4.
+
+### Enhanced support for the `<hr>` element
+
+We have enhanced support for the `<hr>` element in the [General HTML Support](https://ckeditor.com/docs/ckeditor5/latest/features/html/general-html-support.html) plugin. Now, the attributes of the `<hr>` element are properly preserved if configuration allows it.
+
+## Enhanced emoji support
+
+We enhanced emoji support for better compatibility with users' devices.
+
+### Minor breaking changes in this release
+
+* **[engine](https://www.npmjs.com/package/@ckeditor/ckeditor5-engine)**: The `ViewConsumable.consumablesFromElement()` is removed and replaced with the `view.Element#_getConsumables()` internal method. You should use `ViewConsumable.createFrom()` to create consumables if needed.
+* **[engine](https://www.npmjs.com/package/@ckeditor/ckeditor5-engine)**: The `ViewElementConsumables` now accepts and outputs only normalized data. The `ViewConsumable` still accepts normalized or non-normalized input.
+* **[engine](https://www.npmjs.com/package/@ckeditor/ckeditor5-engine)**: The `Matcher#match()` and `Matcher#matchAll()` output is now normalized. The `MatchResult#match` now contains normalized data compatible with changes in the `ViewConsumable`.
+
+## Update to CKEditor&nbsp;5 v 44.2.1
+
+Released on February 20, 2025. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v44.2.1))
+
+### Vulnerability removed
+
+During a recent internal audit, we identified a cross-site scripting (XSS) vulnerability in the CKEditor 5 real-time collaboration package ([`CVE-2025-25299`](https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-j3mm-wmfm-mwvh)). This vulnerability can lead to unauthorized JavaScript code execution and affects user markers, which represent users' positions within the document.
+
+This vulnerability affects only installations with [real-time collaborative editing](https://ckeditor.com/docs/ckeditor5/latest/features/collaboration/real-time-collaboration/real-time-collaboration.html) enabled.
+
+You can read more details in the relevant [security advisory](https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-j3mm-wmfm-mwvh) and [contact us](mailto:[email protected]) if you have more questions.
+
 ## Update to CKEditor&nbsp;5 v 44.2.0
 
-_Released on February 12, 2025._
+Released on February 12, 2025. ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v44.2.0))
 
 ### Enhanced Source Code Editing
 
@@ -47,9 +85,25 @@ Here comes the final batch of the planned performance improvements in the editor
 
 We are greatly satisfied with the improved editor loading times. At the same time, we acknowledge some other problematic areas, and we will keep delivering more performance-related improvements in the future.
 
+### Minor breaking changes in this release
+
+* **[engine](https://www.npmjs.com/package/@ckeditor/ckeditor5-engine)**: `Mapper#registerViewToModelLength()` is now deprecated and will be removed in one of the upcoming releases. This method is useful only in obscure and complex converters, where model element, or a group of model elements, are represented differently in the view. We believe that every feature using a custom view-to-model length callback can be rewritten in a way that this mechanism is no longer necessary. Note: if this method is used, the caching mechanism for `Mapper` will be turned off which may degrade performance when handling big documents. Note: this method is used by the deprecated legacy lists feature. As a result, you will not experience the performance improvements if you are still using the deprecated legacy lists feature.
+* **[image](https://www.npmjs.com/package/@ckeditor/ckeditor5-image)**: Starting this release, images that have `[height]` and `[width]` attributes set will automatically receive the `[loading="lazy"]` attribute in the editing area. This happens only for the content loaded into the editor, the data output produced by the editor remains the same. The reason for this change is to improve user experience in documents that may contain hundreds of images.
+* **[list](https://www.npmjs.com/package/@ckeditor/ckeditor5-list)**: The `lower-alpha` and `upper-alpha` list styles are now upcasted to `lower-latin` and `upper-latin` styles.
+* **[merge-fields](https://www.npmjs.com/package/@ckeditor/ckeditor5-merge-fields)**: The `MergeFieldsEditing#getLabel()` method will now return `null` instead of the merge field id if the merge field definition was not found or it did not contain the `label` property.
+* **[basic-styles](https://www.npmjs.com/package/@ckeditor/ckeditor5-basic-styles)**: Elements which contains the `[style]` attribute with `word-wrap: break-word` will not be converted to `<code>`. See [#17789](https://github.com/ckeditor/ckeditor5/issues/17789).
+
+## Update to CKEditor&nbsp;5 v44.1.0
+
+Released on December 16, 2024 ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v44.1.0)).
+
+### Minor breaking changes in this release
+
+* **[utils](https://www.npmjs.com/package/@ckeditor/ckeditor5-utils)**: `spliceArray` now modifies the target array and does not accept a fourth (`count`) argument.
+
 ## Update to CKEditor&nbsp;5 v44.0.0
 
-_Released on December 2, 2024._
+Released on December 2, 2024 ([See full release  notes](https://github.com/ckeditor/ckeditor5/releases/tag/v44.0.0)).
 
 For the entire list of changes introduced in version 44.0.0, see the [release notes for CKEditor&nbsp;5 v44.0.0](https://github.com/ckeditor/ckeditor5/releases/tag/v44.0.0).
 
@@ -100,3 +154,7 @@ The new self-service plans make accessing CKEditor Premium Features easier than
 Plans are managed through a new, dedicated [Customer Portal](https://portal.ckeditor.com/), where you can access license keys, track usage, manage billing, and submit support requests-all from one place.
 
 Learn more about the [different plans available](https://ckeditor.com/pricing/) or start your [14-day free trial](https://portal.ckeditor.com/checkout?plan=free).
+
+### Major breaking changes in this release
+
+* `config.licenseKey` is now a required property in the editor configuration. Use `'GPL'` for installations under the GPL terms. See [#17317](https://github.com/ckeditor/ckeditor5/issues/17317).