TL;DR

Payload CMS v0.9.0 removes the sanitization of configurations before plugins are instantiated, giving plugin developers more flexibility and control. This change allows plugins to modify any part of the configuration without being limited by premature sanitization, enabling more powerful plugin capabilities.

Highlight of the Release

• Configuration sanitization now happens after plugins are instantiated
• Plugin developers have more control over the configuration process
• Enables more powerful plugin capabilities by allowing access to unsanitized configurations

Migration Guide

Migration Notes

If you've developed custom plugins for Payload, you should be aware that your plugin code will now run before configuration sanitization occurs. This means:

1. Your plugins can now modify previously inaccessible parts of the configuration
2. You may need to handle raw configuration data differently than before
3. If your plugin relied on sanitized configuration data, you might need to implement your own sanitization or adjust your code accordingly

For most users who simply use Payload and its plugins, no migration steps are necessary.

Upgrade Recommendations

This release contains a significant change to how plugins interact with configurations, but doesn't introduce breaking changes for most users.

• Plugin Developers: Review your plugin code to ensure it works correctly with unsanitized configurations. This change offers new opportunities to enhance your plugins.
• Regular Payload Users: Standard upgrade is recommended. If you use custom plugins, check with the plugin developers about compatibility.
• Production Environments: Test the upgrade with your specific plugin setup before deploying to production.

To upgrade, run:

npm install [email protected]
# or
yarn add [email protected]

Bug Fixes

No specific bug fixes were mentioned in this release.

New Features

Removed Configuration Sanitization Before Plugin Instantiation

In previous versions, Payload would sanitize configurations before plugins were instantiated, which limited what plugin developers could modify. With v0.9.0, this sanitization step has been removed from the early configuration process, allowing plugins to:

• Access and modify raw configuration data
• Make changes to any part of the configuration without restrictions
• Implement more advanced customizations that may have been impossible before

This change gives plugin developers significantly more flexibility and power when extending Payload's functionality.

Security Updates

No security fixes were mentioned in this release.

Performance Improvements

No specific performance improvements were mentioned in this release.

Impact Summary

This release fundamentally changes how Payload handles configuration sanitization in relation to plugins. By removing the sanitization step before plugin instantiation, Payload gives plugin developers significantly more power and flexibility.

The change enables plugin developers to access and modify raw configuration data before it gets sanitized, opening up new possibilities for plugin functionality that wasn't possible before. This architectural change doesn't introduce new user-facing features directly but instead enhances the plugin development experience and enables the creation of more powerful plugins.

For most users who don't develop plugins, this change will be invisible but potentially beneficial as it may enable plugin authors to create more feature-rich extensions. Plugin developers will need to be aware that their code now runs in a different context of the configuration lifecycle.

Full Release Notes