Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.


CMS 4.9 is here and it's jam-packed!

This release is jam-packed full of exciting improvements. Better website performance out of the box? Check. Stronger CMS account management of logged-in devices? Check. A new release pattern that gives faster access to bug fixes? Check. There’s even more too!

Read post

A new version of Silverstripe CMS is out and it’s full of things to get you excited! Below we’ll cover new features for both those using the CMS and development teams maintaining projects. It’s packed full of enhancements so take your time to have a read and get your project upgrades booked!

As usual, this release follows semantic versioning, so it’s ready to be used in any current Silverstripe CMS project right now.

What's new in Silverstripe CMS 4.9?

One key headline for this release is the introduction of lazy loading for images being displayed on the front end of your website. We’re really excited about this feature as it brings a positive impact on how your website loads for your visitors. We’ve also been working hard refining a feature that gives CMS users more control over what devices they stay logged in on—providing safe and secure options for streamlining how you log into your CMS.

Other notable points include:

  • Enforced image dimensions, supporting web page visual stability;
  • CMS module recipes are being released in a way that gives better access to bug fixes;
  • An upgrade to the CMS email service; and
  • A special notice to projects using the Common Web Platform CMS module recipes.

We’ll unpack each of these new features below, or if you’re keen to get your upgrade underway now, we’ve provided some next steps.

Improved website performance with image lazy loading

Lazy-loading images on a website is a key web performance feature that all websites should benefit from. We’ve seen site owners increasingly rely on website metrics like Google’s Core Web Vitals to quantify the user experience of their site and to identify opportunities to improve. Lazy-loading is a fantastic way that Silverstripe CMS can support your projects right from the start.

Lazy-loading delays the loading of an image on a web page until your website visitor has scrolled to the image. Excluding the load of the image until it’s needed results in the web page loading faster for the visitor, while also having benefits:

  • For those on low speed or limited internet connections, only the images that they navigate to will be downloaded, conserving their bandwidth.
  • Conserving server resources, where your website infrastructure only renders the images if it’s needed. This is especially true for high-traffic websites with heavy amounts of images.

Sponsored by the Open Source CMS Fund, this work ensures that Silverstripe CMS is providing a positive impact for web performance by default.

With a straightforward upgrade to this CMS release, content editors will now see:

  • Lazy loading turned on for all images on your website.
  • The ability to disable lazy loading on a per-image basis within the CMS—something that’s relevant if the image is expected to be in view as soon as the webpage is loaded (often known as ‘above the fold’).
Screenshot showing lazy loading feature

A new ‘help tip’ will guide you through the option to lazy load images when inserting files.

While developers will see features to control this feature, such as:

  • The ability to globally opt-out—if you already have a custom lazy loading implementation; and
  • Easy configuration at the page template level to turn lazy loading on a per-image basis off—if it’s expected to be in view on page load.

We’re expecting this to have a positive impact right across the board for Silverstripe CMS projects and can’t wait to provide future case studies of the performance improvements that projects receive. We recommend having a look at Google’s Core Web Vitals metrics and assess your own projects score to see how lazy loading with Silverstripe CMS helps.

Enforced image dimensions

A side benefit of the image lazy loading work is that almost all images will now have their dimensions pre-defined before the web page loads them. Taking note from Google’s Core Web Vitals metrics, this will have a positive impact on your project’s Cumulative Layout Shift (CLS) metric.

Having image dimensions pre-defined allows web browsers to know how much space an image will take up on a webpage before it’s loaded—removing the poor experience you might be familiar with where the content of the page starts jumping as images load and take their space.

You can read further about why the CLS metric is important for creating a good website visitor experience on Google’s blog.

Better control over your logged-in devices

With this upgrade, CMS users will now be able to see and maintain each session where they currently are logged in to the CMS.

Screenshot of managing devices in the CMS

Device detail is shown to help you quickly identify your logged-in devices.

We know that a lot of people will spend the majority of their day in and out of their CMS—a task that can be tiring if it means logging in every time (especially if you also have multi-factor authentication installed!). A key goal of this feature is to bring more confidence to the ‘Keep me signed in for 30 days’ toggle available when logging in. If you know your device is secure, this new feature gives you a new ability to view any device where you are logged in, and if necessary, the ability to log out of that device from a secondary one.

By default, CMS administrators will not be able to view other user’s logged-in devices, but this is possible to implement. Developers will find information on how to implement this in the module developer documentation. 

Show me the bug fixes!

Developers will know that a common (and recommended) way of managing Silverstripe CMS core dependencies are through what’s called the silverstripe/recipe-cms module. This module recipe allows project maintainers to install the key Silverstripe CMS dependencies without the need to manually keep track of individual module versions—a definite time saver.

From this release onwards, this recipe will have slightly looser composer restraints, allowing projects to upgrade to patch versions (containing bug fixes) for the core modules contained in each recipe. Previously, these recipes were locked to a specific version and as we’ve heard from many developers made it very difficult to adopt future patch releases without ejecting from the recipes completely.

If this concept of a recipe is new to you, or you just want to find out more, a new page has been created for developers in the CMS documentation.

A special note for projects using the Common Web Platform CMS Recipe

Until September 2021, Silverstripe maintained a specialised version of Silverstripe CMS for the New Zealand Government and related New Zealand public-sector agencies. This version was called the Common Web Platform (CWP for short).

The CWP CMS release has been discontinued. CWP projects must migrate their codebase off the latest CWP recipe back to the regular Silverstripe CMS release to continue receiving CMS updates.

Prior to upgrading to CMS 4.9, project developers should follow the guidance outlined in the documentation created to migrate away from the CWP CMS recipe. Information on this is also outlined in the 4.9 changelog and has been emailed to CWP Stack Managers.

Please note that this will not have an impact on the feature-set of your project, nor will it affect how your project is currently hosted. This is a development task that must be followed to ensure that your project continues to receive CMS upgrades through the standard Silverstripe CMS release line—no longer following the ‘CWP 2.x’ versioning convention.

Patched security vulnerabilities

As always, prioritising security vulnerabilities is a priority for the maintainers of Silverstripe CMS. This release includes patches to address two vulnerabilities that were responsibly disclosed to the Silverstripe CMS Core Committer team. 

Please see the release changelog for the details of these patched vulnerabilities.

There's still more!

Please be sure to view the CMS 4.9 changelog for full details of this release. As well as a number of enhancements and fixes made by open-source contributors (thank you!) there is also an important note on upgrading the CMS transport layer for sending emails.

Keen to get your upgrade underway?

Talk to your Digital Agency or Developer about upgrading

Haven’t got a Developer or Agency? No problem! Browse the Silverstripe CMS Developer Network or the Silverstripe Professional Partner Directory and filter by location to find a Silverstripe CMS Developer near you.

Developers, check out our documentation

This release announcement does not cover the full detail of what is included in the release. Be sure to review the full changelog before planning your next site upgrade.

Head to our Developer Docs to view the CMS 4.9 changelog.


About the author
Bryn Whyman

Bryn is one of SilverStripe's Product Owners. He's here to make sure our users are given a megaphone to have their ideas heard and ensure our products allow them to excel and enrich their communities.

Post your comment


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments