HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Payload CMS

>

Releases

>

Release 0.5.10

Payload CMS Release: Release 0.5.10

Tag Name: v0.5.10

Release Date: 4/14/2021

View Release
Payload CMS LogoPayload CMS

Payload CMS is a modern, self-hosted headless content management system built with TypeScript, Node.js, and MongoDB. It's designed specifically for developers who want full control over their content management system while maintaining a powerful admin interface for content editors.

Open SourceDeveloper-FriendlyHeadless

TL;DR

Payload CMS v0.5.10 fixes an authentication issue in GraphQL resolvers where the collectionSlug was not being properly passed through the me authentication process. This ensures proper authentication context when using the GraphQL API.

Highlight of the Release

    • Fixed authentication issue in GraphQL me resolver
    • Improved security by ensuring proper collection context during authentication

Migration Guide

No migration steps are required for this release. The fix is backward compatible and should work automatically after upgrading.

Upgrade Recommendations

This is a recommended upgrade for all users who utilize GraphQL with authentication in their Payload CMS implementation, particularly those using the me resolver. The update is minor and fixes an authentication issue without introducing breaking changes.

Bug Fixes

GraphQL Authentication Fix

  • Fixed an issue where the collectionSlug was not being properly passed through the me authentication process for GraphQL resolvers
  • This ensures that GraphQL queries using the me resolver now have the proper collection context for authentication
  • The fix addresses potential authentication inconsistencies between REST and GraphQL APIs

New Features

No new features were added in this release.

Security Updates

While not explicitly labeled as a security fix, the authentication improvement for GraphQL resolvers enhances security by ensuring proper authentication context is maintained when using the me resolver in GraphQL queries.

Performance Improvements

No specific performance improvements were included in this release.

Impact Summary

This release addresses a specific authentication issue in the GraphQL API where the collectionSlug was not being properly passed through the me authentication process. While small in scope (only 32 additions and 9 deletions across 6 files), this fix is important for maintaining consistent authentication behavior between REST and GraphQL APIs. Users who rely on authenticated GraphQL queries, particularly those using the me resolver, will benefit from this update as it ensures proper authentication context is maintained.

Full Release Notes

0.5.10 (2021-04-14)

Bug Fixes

  • feeds collectionSlug through me auth for graphql resolver (9ee2f9c)

Statistics:

File Changed6
Line Additions32
Line Deletions9
Line Changes41
Total Commits3

User Affected:

  • Developers using the GraphQL API with authentication will now have proper authentication context
  • Applications that rely on the `me` resolver in GraphQL queries will now function correctly

Contributors:

jacobsfletchjmikrut