Bump craftcms/cms from 3.5.14 to 3.7.55.2

[dependabot]

Bumps craftcms/cms from 3.5.14 to 3.7.55.2.

Changelog

Sourced from craftcms/cms's changelog.

3.7.55.2 - 2022-09-22

Security

• Fixed an XSS vulnerability.

3.7.55.1 - 2022-09-21

Fixed

• Fixed a bug where the “New category” button could be missing from the Categories index page. (#11977)
• Fixed a bug where Craft::t() and the |t Twig filter were modifying digit-dash-digit sequences. (#11980)
• Fixed PHP errors that occurred if webonyx/graphql-php 14.11.17 was installed. (#11979, webonyx/graphql-php#1221)

3.7.55 - 2022-09-20

Added

• Added craft\helpers\Image::targetDimensions().

Removed

• Removed the Punycode PHP library. (#11948)

Fixed

• Fixed a bug where image transforms weren’t always getting applied properly to all animation frames. (#11937)
• Fixed a bug where animated WebP images would lose their animation frames when transformed. (#11937)
• Fixed a bug where image transform dimensions could be calculated incorrectly when upscaleImages was false. (#11837)
• Fixed an error that occurred when setting a non-numeric width or height on an image transform. (#11837)
• Fixed a bug where relatedTo* arguments weren’t supported by children fields in GraphQL. (#11918)
• Fixed a bug where Image Editor and slideout action buttons were obstructed when the Debug Toolbar was enabled. (#11965)
• Fixed an error that occurred when installing Craft when MySQL’s sql_require_primary_key setting was enabled. (#11374)
• Fixed a bug where invalid entries could be duplicated via the “Save as a new entry” action, despite the duplication appearing to have failed with validation errors. (#11959)
• Fixed a PHP error that could occur in a potential race condition when calling craft\helpers\FileHelper::clearDirectory().
• Fixed a bug where Structure section entries that were duplicated via the “Save as a new entry” action on a provisional draft weren’t being placed within the structure properly.
• Fixed a bug where element’s searchScore properties would be set to null when their original score was below 1, rather than rounding to 0 or 1. (#11973)

3.7.54 - 2022-09-13

Changed

• Control panel menus now automatically reposition themselves when the window is resized.
• resave/* commands now have a --touch option. When passed, elements’ dateUpdated timestamps will be updated as they’re resaved. (#11849)
• Underscores within query param values that begin/end with * are now escaped, so they aren’t treated as wildcard characters by the like condition. (#11898)
• craft\services\Elements::resaveElements() now has a $touch argument.

Fixed

• Fixed a bug where element caches weren’t being invalidated during garbage collection, so hard-deleted elements could appear to still exist.
• Fixed an error that could occur when rendering front-end templates if there was a problem connecting to the database. (#11855)
• Fixed a bug where it was possible to save an asset with a focal point outside its cropped area. (#11875)
• Fixed a bug where the Assets index page wasn’t handling failed uploads properly. (#11866)
• Fixed a UI bug where renaming a newly-created volume subfolder didn’t appear to have any effect.
• Fixed a bug where empty URL fields would be marked as changed, even when no change was made to them. (#11908)
• Fixed a bug where transforming an animated GIF into a WebP file would only include the first frame. (#11889)

... (truncated)

Commits

• 7139213 3.7.55.2 - fixed an XSS vulnerability
• e59cfc7 Finish 3.7.55.1
• 7f1bb95 Prevent webonyx/graphql-php v14.11.7
• 41517b3 Revert "Improve range formatting"
• 329bcfa Fixed #11977
• 38a0117 Fixed @var types
• bbc36b1 Finish 3.7.55
• 13cc01f Fixed #11973
• 4f16229 Improve range formatting
• 7032a00 Structure fix part 2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.