Merge branch '5.x' into 5.next

josbeir · josbeir · commit f58f33de495e · 2026-02-18T17:54:57.000+01:00
diff --git a/docs/en/contributing/documentation.md b/docs/en/contributing/documentation.md
@@ -453,16 +453,16 @@ You can use `npx` to run the tools without installing them globally, or install
 ```bash [Using npx (Recommended)]
 # No installation needed - npx downloads and runs the tools
 npx cspell --config .github/cspell.json "docs/en/**/*.md"
-npx markdownlint-cli --config .github/markdownlint.json "docs/en/**/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/en/**/*.md"
 ```
 
 ```bash [Global Installation]
 # Install globally for faster execution
-npm install -g cspell markdownlint-cli
+npm install -g cspell markdownlint-cli2
 
 # Then run without npx
 cspell --config .github/cspell.json "docs/en/**/*.md"
-markdownlint-cli --config .github/markdownlint.json "docs/en/**/*.md"
+markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/en/**/*.md"
 ```
 
 :::
@@ -496,28 +496,30 @@ If cspell flags legitimate technical terms (class names, CakePHP-specific terms)
 
 ### Running Markdown Lint
 
-We use [markdownlint](https://github.com/DavidAnson/markdownlint) to maintain consistent markdown formatting:
+We use [markdownlint](https://github.com/DavidAnson/markdownlint) via
+[markdownlint-cli2](https://github.com/DavidAnson/markdownlint-cli2) to maintain
+consistent markdown formatting:
 
 ::: code-group
 
 ```bash [Single File]
 # Check a single file
-npx markdownlint-cli --config .github/markdownlint.json docs/en/your-file.md
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc docs/en/your-file.md
 ```
 
 ```bash [Directory]
 # Check all files in a directory
-npx markdownlint-cli --config .github/markdownlint.json "docs/en/controllers/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/en/controllers/*.md"
 ```
 
 ```bash [All Docs]
 # Check all English documentation
-npx markdownlint-cli --config .github/markdownlint.json "docs/en/**/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/en/**/*.md"
 ```
 
 ```bash [Auto-fix]
 # Automatically fix formatting issues
-npx markdownlint-cli --config .github/markdownlint.json --fix "docs/en/**/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc --fix "docs/en/**/*.md"
 ```
 
 :::
@@ -583,14 +585,14 @@ When you submit a pull request, our CI pipeline automatically runs:
 
 ```bash [Quick Check]
 # Validate markdown and spelling
-npx markdownlint-cli --config .github/markdownlint.json "docs/**/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/**/*.md"
 npx cspell --config .github/cspell.json "docs/**/*.md"
 node bin/check-links.js "docs/**/*.md"
 ```
 
 ```bash [Full Validation]
 # Run all CI checks locally
-npx markdownlint-cli --config .github/markdownlint.json "docs/**/*.md"
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc "docs/**/*.md"
 npx cspell --config .github/cspell.json "docs/**/*.md"
 node bin/check-links.js "docs/**/*.md"
 node --check config.js
@@ -599,7 +601,7 @@ jq empty toc_en.json
 
 ```bash [Single File]
 # Check your current file before committing
-npx markdownlint-cli --config .github/markdownlint.json docs/en/your-file.md
+npx markdownlint-cli2 --config .github/.markdownlint-cli2.jsonc docs/en/your-file.md
 npx cspell --config .github/cspell.json docs/en/your-file.md
 node bin/check-links.js docs/en/your-file.md
 ```
diff --git a/docs/en/orm/associations.md b/docs/en/orm/associations.md
@@ -465,8 +465,8 @@ Possible keys for hasMany association arrays include:
 - **strategy**: Defines the query strategy to use. Defaults to 'select'. The
   other valid value is 'subquery', which replaces the `IN` list with an
   equivalent subquery.
-- **saveStrategy**: Either 'append' or 'replace'. Defaults to 'append'. When 'append' the current
-  records are appended to any records in the database. When 'replace' associated
+- **saveStrategy**: Either `append` or `replace`. Defaults to `append`. When `append` the current
+  records are appended to any records in the database. When `replace` associated
   records not in the current set will be removed. If the foreign key is a nullable
   column or if `dependent` is true records will be orphaned.
 - **finder**: The finder method to use when loading associated records. See the
@@ -619,7 +619,7 @@ Possible keys for belongsToMany association arrays include:
 - **strategy**: Defines the query strategy to use. Defaults to 'select'. The
   other valid value is 'subquery', which replaces the `IN` list with an
   equivalent subquery.
-- **saveStrategy**: Either 'append' or 'replace'. Defaults to 'replace'.
+- **saveStrategy**: Either `append` or `replace`. Defaults to `replace`.
   Indicates the mode to be used for saving associated entities. The former will
   only create new links between both side of the relation and the latter will
   do a wipe and replace to create the links between the passed entities when
diff --git a/docs/en/tutorials-and-examples/cms/authentication.md b/docs/en/tutorials-and-examples/cms/authentication.md
@@ -16,7 +16,7 @@ enable new users to register.
 Use composer to install the Authentication Plugin:
 
 ```bash
-composer require "cakephp/authentication:~4.0"
+composer require "cakephp/authentication:^4.0"
 ```
 
 ## Adding Password Hashing
@@ -45,7 +45,7 @@ Because we want to hash the password each time it is set, we'll use a mutator/se
 CakePHP will call a convention based setter method any time a property is set in one of your
 entities. Let's add a setter for the password in **src/Model/Entity/User.php**:
 
-```php {3,12-18}
+```php {4,12-18}
 <?php
 namespace App\Model\Entity;
 
@@ -109,7 +109,7 @@ In **src/Application.php**, add the following imports:
 use Authentication\AuthenticationService;
 use Authentication\AuthenticationServiceInterface;
 use Authentication\AuthenticationServiceProviderInterface;
-use Authentication\Identifier\AbstractIdentifier;
+use Authentication\Identifier\PasswordIdentifier;
 use Authentication\Middleware\AuthenticationMiddleware;
 use Psr\Http\Message\ServerRequestInterface;
 ```
@@ -123,11 +123,9 @@ class Application extends BaseApplication
 {
 ```
 
-Then add the following methods:
+Then add the following to your `middleware()` method:
 
-::: code-group
-
-```php [middleware()]
+```php
 // src/Application.php
 public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
 {
@@ -142,7 +140,9 @@ public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
 }
 ```
 
-```php [getAuthenticationService()]
+Next, add the `getAuthenticationService()` method:
+
+```php
 // src/Application.php
 public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
 {
@@ -160,8 +160,8 @@ public function getAuthenticationService(ServerRequestInterface $request): Authe
     ]);
 
     $fields = [
-        AbstractIdentifier::CREDENTIAL_USERNAME => 'email',
-        AbstractIdentifier::CREDENTIAL_PASSWORD => 'password',
+        PasswordIdentifier::CREDENTIAL_USERNAME => 'email',
+        PasswordIdentifier::CREDENTIAL_PASSWORD => 'password',
     ];
 
     // Load the authenticators. Session should be first.
@@ -175,23 +175,20 @@ public function getAuthenticationService(ServerRequestInterface $request): Authe
             'action' => 'login',
         ],
         'identifier' => [
-            'Authentication.Password' => [
-                'fields' => $fields,
-            ],
+            'className' => 'Authentication.Password',
+            'fields' => $fields,
         ],
     ]);
 
     return $service;
 }
 ```
 
-:::
-
 ### Configuring the AppController
 
 In your `AppController` class add the following code:
 
-```php {7}
+```php {8}
 // src/Controller/AppController.php
 public function initialize(): void
 {
@@ -232,9 +229,8 @@ If you visit your site, you'll get an "infinite redirect loop" so let's fix that
 
 In your `UsersController`, add the following code:
 
-::: code-group
-
-```php [UsersController.php]
+```php
+// src/Controller/UsersController.php
 public function beforeFilter(\Cake\Event\EventInterface $event): void
 {
     parent::beforeFilter($event);
@@ -260,7 +256,10 @@ public function login()
 }
 ```
 
-```php [templates/Users/login.php]
+Next, add the template for your login action:
+
+```php
+<!-- templates/Users/login.php -->
 <div class="users form content">
     <?= $this->Flash->render() ?>
     <h3>Login</h3>
@@ -277,8 +276,6 @@ public function login()
 </div>
 ```
 
-:::
-
 Now the login page will allow us to correctly login into the application.
 Test it by requesting any page of your site. After being redirected
 to the `/users/login` page, enter the email and password you
@@ -291,7 +288,7 @@ We need to add a couple more details to configure our application.
 We want all `view` and `index` pages accessible without logging in so we'll add this specific
 configuration in AppController:
 
-```php {6}
+```php {7}
 // in src/Controller/AppController.php
 public function beforeFilter(\Cake\Event\EventInterface $event): void
 {
@@ -336,7 +333,7 @@ If you try to visit **/users/add** without being logged in, you will be
 redirected to the login page. We should fix that as we want to allow people to
 sign up for our application. In the `UsersController` update the `beforeFilter`:
 
-```php {3}
+```php {2}
 // In UsersController::beforeFilter()
 $this->Authentication->allowUnauthenticated(['login', 'add']);
 ```
diff --git a/docs/en/tutorials-and-examples/cms/authorization.md b/docs/en/tutorials-and-examples/cms/authorization.md
@@ -7,7 +7,7 @@ description: "Implement authorization in CakePHP CMS with policy classes. Contro
 
 With users now able to login to our CMS, we want to apply authorization rules
 to ensure that each user only edits the posts they own. We'll use the
-[authorization plugin](https://book.cakephp.org/authorization/2) to do this.
+[authorization plugin](https://book.cakephp.org/authorization/3) to do this.
 
 ## Installing Authorization Plugin
 
@@ -40,9 +40,11 @@ use Authorization\Policy\OrmResolver;
 
 Add the `AuthorizationServiceProviderInterface` to the implemented interfaces on your application:
 
-    class Application extends BaseApplication
-        implements AuthenticationServiceProviderInterface,
-        AuthorizationServiceProviderInterface
+```php {2-3}
+class Application extends BaseApplication
+    implements AuthenticationServiceProviderInterface,
+    AuthorizationServiceProviderInterface
+```
 
 Then add the following to your `middleware()` method:
 
