HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Payload CMS

>

Releases

>

Release 1.6.12

Payload CMS Release: Release 1.6.12

Tag Name: v1.6.12

Release Date: 2/17/2023

View Release
Payload CMS LogoPayload CMS

Payload CMS is a modern, self-hosted headless content management system built with TypeScript, Node.js, and MongoDB. It's designed specifically for developers who want full control over their content management system while maintaining a powerful admin interface for content editors.

Open SourceDeveloper-FriendlyHeadless

TL;DR

PayloadCMS v1.6.12 brings enhanced developer flexibility with new examples and admin customization

This release focuses on improving developer experience by adding several new examples for authentication and virtual fields, while also fixing a query validation issue. The separation of admin root component from DOM rendering logic provides greater flexibility for customizing the admin UI. These changes primarily benefit developers building with PayloadCMS by providing clearer implementation patterns and more customization options.

Highlight of the Release

    • New authentication examples for both standard and GraphQL implementations
    • Virtual fields implementation example added
    • Separation of admin root component from DOM render logic for better customization
    • Fixed query validation to ensure only valid fields can be queried

Migration Guide

No migration steps are required for this release. The changes are primarily additive (new examples) or internal architectural improvements that don't break existing functionality.

For developers who have created custom implementations that directly interact with the admin UI rendering logic, you may want to review the changes to the admin root component separation to ensure your customizations remain compatible.

Upgrade Recommendations

This is a minor release with new examples and a bug fix. It's recommended to upgrade to benefit from:

  1. The query validation fix that improves security
  2. Access to new examples for authentication and virtual fields
  3. Improved admin UI customization capabilities

The upgrade should be straightforward with minimal risk as there are no breaking changes. Simply update your PayloadCMS dependency to version 1.6.12:

npm install [email protected]
# or
yarn add [email protected]

Bug Fixes

Query Validation Fix

  • Fixed an issue where invalid fields could be queried, potentially exposing unintended data
  • The system now properly validates query fields against the schema before processing
  • This improves both security and data integrity by ensuring only valid fields defined in the schema can be accessed through queries

New Features

Authentication Examples

  • Added standard authentication example to demonstrate best practices for implementing auth in PayloadCMS
  • Added GraphQL authentication example (#2115) showing how to implement auth specifically for GraphQL APIs
  • These examples provide developers with clear patterns to follow when implementing authentication

Virtual Fields Example

  • Added comprehensive example (#1990) demonstrating how to implement and use virtual fields in PayloadCMS
  • Shows how to create computed fields that don't persist to the database but are available in the API

Admin UI Architecture Improvements

  • Separated admin root component from DOM render logic
  • This architectural change allows for more flexible customization of the admin interface
  • Developers can now more easily override or extend admin UI components without affecting the core rendering logic

Security Updates

While not explicitly labeled as a security fix, the bug fix ensuring "only valid fields can be queried on" has security implications. This change prevents potential data exposure by validating query fields against the schema, ensuring users can only access fields they should have permission to query.

Performance Improvements

No specific performance improvements were highlighted in this release. The changes are primarily focused on developer experience, examples, and security fixes rather than performance optimizations.

Impact Summary

PayloadCMS v1.6.12 is primarily a developer-focused release that enhances the platform's documentation and customization capabilities through new examples and architectural improvements.

The addition of authentication examples for both standard and GraphQL implementations provides valuable reference material for developers implementing auth in their PayloadCMS projects. Similarly, the virtual fields example offers guidance on implementing computed fields.

The separation of the admin root component from DOM rendering logic represents an important architectural improvement that enables more flexible customization of the admin UI. This change will be particularly valuable for developers building custom admin interfaces.

The bug fix ensuring only valid fields can be queried improves the security posture of PayloadCMS applications by preventing potential data exposure through invalid queries.

Overall, while this release doesn't introduce major new features, it strengthens the developer experience through better examples, improved customization options, and enhanced security.

Full Release Notes

1.6.12 (2023-02-17)

Bug Fixes

  • ensures only valid fields can be queried on (1930bc2)

Features

Statistics:

File Changed154
Line Additions13,251
Line Deletions2,052
Line Changes15,303
Total Commits9

User Affected:

  • Gain access to new authentication examples for both standard and GraphQL implementations
  • Can reference the new virtual fields example for implementation guidance
  • Benefit from improved admin UI customization capabilities through separated component logic
  • Protected from potential security issues with the query validation fix

Contributors:

jacobsfletchjessrynkarjmikrut