diff --git a/CHANGELOG.md b/CHANGELOG.md
index cbe2903158fa..efb902c3dcdf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
# Changelog
+## [v4.7.2](https://github.com/codeigniter4/CodeIgniter4/tree/v4.7.2) (2026-03-24)
+[Full Changelog](https://github.com/codeigniter4/CodeIgniter4/compare/v4.7.1...v4.7.2)
+
+### Fixed Bugs
+
+* fix: preserve JSON body when CSRF token is sent in header by @michalsn in https://github.com/codeigniter4/CodeIgniter4/pull/10064
+
## [v4.7.1](https://github.com/codeigniter4/CodeIgniter4/tree/v4.7.1) (2026-03-22)
[Full Changelog](https://github.com/codeigniter4/CodeIgniter4/compare/v4.7.0...v4.7.1)
diff --git a/phpdoc.dist.xml b/phpdoc.dist.xml
index 4c589ae8c5b0..f5a5f247f456 100644
--- a/phpdoc.dist.xml
+++ b/phpdoc.dist.xml
@@ -10,7 +10,7 @@
api/cache/
-
+ system
diff --git a/system/CodeIgniter.php b/system/CodeIgniter.php
index 9ce220bd1fa1..3e60ebdfb49d 100644
--- a/system/CodeIgniter.php
+++ b/system/CodeIgniter.php
@@ -55,7 +55,7 @@ class CodeIgniter
/**
* The current version of CodeIgniter Framework
*/
- public const CI_VERSION = '4.7.2-dev';
+ public const CI_VERSION = '4.7.2';
/**
* App startup time.
diff --git a/user_guide_src/source/changelogs/v4.7.2.rst b/user_guide_src/source/changelogs/v4.7.2.rst
index d38dbdc8c183..c202c52637eb 100644
--- a/user_guide_src/source/changelogs/v4.7.2.rst
+++ b/user_guide_src/source/changelogs/v4.7.2.rst
@@ -2,7 +2,7 @@
Version 4.7.2
#############
-Release Date: Unreleased
+Release Date: March 24, 2026
**4.7.2 release of CodeIgniter4**
@@ -10,27 +10,13 @@ Release Date: Unreleased
:local:
:depth: 3
-********
-BREAKING
-********
-
-***************
-Message Changes
-***************
-
-*******
-Changes
-*******
-
-************
-Deprecations
-************
-
**********
Bugs Fixed
**********
-- **Security:** Fixed a bug where the CSRF filter could corrupt JSON request bodies after successful verification when the CSRF token was provided via the ``X-CSRF-TOKEN`` header. This caused ``IncomingRequest::getJSON()`` to fail on valid ``application/json`` requests.
+- **Security:** Fixed a bug where the CSRF filter could corrupt JSON request bodies after successful
+ verification when the CSRF token was provided via the ``X-CSRF-TOKEN`` header.
+ This caused ``IncomingRequest::getJSON()`` to fail on valid ``application/json`` requests.
See the repo's
`CHANGELOG.md `_
diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py
index 7f8bfc3b3f75..7fa5ade71d7e 100644
--- a/user_guide_src/source/conf.py
+++ b/user_guide_src/source/conf.py
@@ -26,7 +26,7 @@
version = '4.7'
# The full version, including alpha/beta/rc tags.
-release = '4.7.1'
+release = '4.7.2'
# -- General configuration ---------------------------------------------------
diff --git a/user_guide_src/source/installation/upgrade_472.rst b/user_guide_src/source/installation/upgrade_472.rst
index 7d6ea1061d3a..92498b8d0878 100644
--- a/user_guide_src/source/installation/upgrade_472.rst
+++ b/user_guide_src/source/installation/upgrade_472.rst
@@ -12,18 +12,6 @@ Please refer to the upgrade instructions corresponding to your installation meth
:local:
:depth: 2
-**********************
-Mandatory File Changes
-**********************
-
-****************
-Breaking Changes
-****************
-
-*********************
-Breaking Enhancements
-*********************
-
*************
Project Files
*************
@@ -44,7 +32,7 @@ and it is recommended that you merge the updated versions with your application:
Config
------
-- @TODO
+- No config files were changed in this release.
All Changes
===========
@@ -52,4 +40,4 @@ All Changes
This is a list of all files in the **project space** that received changes;
many will be simple comments or formatting that have no effect on the runtime:
-- @TODO
+- No project files were changed in this release.