Even though it is a milestone release, it has very functional Configuration and Security APIs that are already in use in some production apps.
To pique your interest, here are a few of my favourite things available in this release of it:
- the pluginConfig variable added to all artefacts declared in plugins. This receives the namespaced Config values for the plugin, tying into the cool new doWithConfigOptions hook that lets plugins declare the configuration values that are valid – as well as default values and validators. See the docs
- The displayMessage method added to controllers and the g:displayMessage tag that renders the messages set by controllers. Along with their flash scope variants this eliminates more boiler plate from controllers, and provides a uniform mechanism for plugins and apps to use – your app views don’t need to know how a plugin passes a message to the view if the plugin uses these methods. See the docs
- The securityIdentity variable added to all Controllers, Services, Domains and TagLibs to provide the identity of the current logged in user, independent of the security plugin your code is using. This opens up app-defined security integration to all plugins – and using something like this would make the recent dependency injection exploits less likely. No need to inject any services into your domains to get the current user. See the docs
There’s a lot more to come, we’re really excited about the M2 release which will expose the public API for Navigation and Events.
Note that if you want to use the security API now in your apps and plugins, you will need to implement the security bridge for your chosen security provider.