Hey everyone,
I didn’t plan to write today, but here we are.
Kirby 4.7.2
A couple of users with public folder setups reported yesterday that the hardening against path traversal unfortunately leads to an issue with thumbnail generation. We immediately worked on another patch release, which is available now: https://github.com/getkirby/kirby/releases/tag/4.7.2 The 3.x releases from yesterday are not affected. If you are not using a public folder setup, you are also not affected. Sorry to anyone who had to deal with the regression already!
Composerkit
Security releases and regressions are never fun, but we have a little goodie for you in return, which fits quite perfectly. At the last meetup in Düsseldorf, Gregor Meyer asked why we don’t provide an official “Composerkit” for those who use Composer on a daily basis. Good question! It’s not hard to switch to a Composer-based setup with Kirby, but it’s still something that you have to do manually with our existing kits.
We worked on that idea in the last couple days and 1.0.0 is now ready: https://github.com/getkirby/composerkit/ 
It’s basically the plainkit, but for Composer. It comes preconfigured with a public folder setup and a data folder structure, inspired by @tobimori’s fantastic Baukasten. This is also something that sets it apart from the plainkit and starterkit. It’s an ideal starting point for more advanced setups. In contrast to Baukasten, we still don’t have any form of opinionated frontend setup included. We think that this is something that should not be decided by us - especially since more opinionated boilerplates already exist.
You can start new projects with Composerkit by simply running:
composer create-project getkirby/composerkit my-kirby-site
You can use it also as a template on Github.
We hope you like it 