Payload CMS Release: Release 1.1.4

TL;DR

Payload CMS v1.1.4 introduces support for root endpoints, improves field-level access control for nested fields, and refines type generation for relationships. This release enhances developer flexibility with custom API endpoints while fixing important permission and TypeScript typing issues.

Highlight of the Release

• Added support for root-level API endpoints
• Fixed field-level access control for nested fields
• Improved TypeScript type generation for relationships
• Enhanced documentation for cell components and webpack configuration

Migration Guide

No migration steps are required for this release. The changes are backward compatible and should work with existing Payload applications without modification.

Upgrade Recommendations

This release is recommended for all Payload users, especially those who:

1. Use field-level access control on nested fields
2. Work with TypeScript and relationship fields
3. Need to implement custom API endpoints at the root level

The upgrade should be straightforward with no breaking changes:

npm install [email protected]
# or
yarn add [email protected]

Bug Fixes

Field Level Access for Nested Fields

Fixed an issue where field-level access control wasn't being properly applied to nested fields. Previously, permission checks might not have been correctly enforced for fields nested within arrays, blocks, or other complex field types. This fix ensures that access control is consistently applied at all levels of your content structure.

Type Generation for Relationships

Improved TypeScript type generation for relationship fields. The generated types now more accurately reflect the structure of related documents, providing better type safety and developer experience when working with relationships in TypeScript projects.

New Features

Root Endpoints Support

Payload now supports creating custom API endpoints at the root level of your API. This feature allows developers to define custom routes that aren't tied to a specific collection or global, providing more flexibility for implementing custom functionality.

Example usage:

// In your Payload config
export default buildConfig({
  // ...other config
  endpoints: [
    {
      path: '/custom-endpoint',
      method: 'get',
      handler: (req, res) => {
        res.json({ message: 'This is a custom root endpoint' });
      },
    },
  ],
});

This enhancement gives developers more freedom to extend Payload's API with custom functionality that doesn't necessarily map to collections or globals.

Security Updates

No specific security fixes were mentioned in this release, although the fix for field-level access control for nested fields does improve the security posture by ensuring permissions are correctly enforced throughout the content structure.

Performance Improvements

No specific performance improvements were highlighted in this release.

Impact Summary

Payload CMS v1.1.4 is a minor release that brings important improvements to the developer experience and permission handling. The addition of root endpoints expands the API customization capabilities, allowing for more flexible application architectures. The bug fixes for field-level access in nested fields and improved TypeScript type generation for relationships enhance both security and developer productivity.

The documentation improvements, including better examples for cell components and webpack configuration tips, further support developers in implementing and maintaining Payload-based applications. Overall, this release represents incremental but valuable improvements to the Payload ecosystem.

Full Release Notes