Enhancement
Major
Detail
Bugfix
Detail
#26484
In-app template for grid and tables: Function "Verifier for use as list item" does not get component model
#26885
Constraints on declarative forms with arguments from a container reference lead to errors for new elements
#26922
With generated subject classes, a default provider of an attribute in a non-structure class does not get a create context
Enhancement
For hashing passwords, a "pepper" can be configured in the application, which is included in the hash. This makes it more difficult for the attacker to calculate a hash without this information.
This value should be specified in the configuration in encrypted form.
Code migration
The value of the configuration com.top_logic.base.security.password.hashing.Argon2Hashing.Config#getPepper() must be encrypted (see maintenance page EncodeConfigurationValues.jsp). Alternatively, the prefix unencrypted: can be used for the value.
Test
No test.