HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Payload CMS

>

Releases

>

Release 1.6.14

Payload CMS Release: Release 1.6.14

Tag Name: v1.6.14

Release Date: 2/21/2023

View Release
Payload CMS LogoPayload CMS

Payload CMS is a modern, self-hosted headless content management system built with TypeScript, Node.js, and MongoDB. It's designed specifically for developers who want full control over their content management system while maintaining a powerful admin interface for content editors.

Open SourceDeveloper-FriendlyHeadless

TL;DR

PayloadCMS v1.6.14 brings numerous bug fixes and improvements to enhance user experience and developer workflow. This release addresses issues with file uploads, rich text editor functionality, TypeScript path customization, and admin UI translations. It also improves authentication flows for unverified users and adds new query capabilities for hidden fields. These changes make PayloadCMS more flexible, user-friendly, and robust for content management needs.

Highlight of the Release

    • Fixed authentication flow to prevent unverified users from logging in after password reset
    • Made sizes property optional on file uploads
    • Added support for custom TypeScript paths with generate:types command
    • Improved rich text editor link functionality
    • Added queryHiddenFields property to find operations
    • Added config option to disable $facet aggregation for performance

Migration Guide

This release contains no breaking changes and should be a safe upgrade from v1.6.13.

If you were relying on the behavior where users were automatically logged in after password reset (even if unverified), you'll need to update your authentication flow to account for this fix. Users will now need to complete verification before being able to log in.

If you were explicitly setting the sizes property on uploads, you can now make this optional in your code as PayloadCMS no longer requires it.

Upgrade Recommendations

This release is recommended for all PayloadCMS users as it contains important bug fixes and quality-of-life improvements.

To upgrade:

npm install [email protected]
# or
yarn add [email protected]
# or
pnpm add [email protected]

After upgrading, test your application thoroughly, especially if you rely on:

  • Password reset functionality
  • File uploads with the sizes property
  • TypeScript type generation with custom paths
  • Rich text editor link functionality

Bug Fixes

  • Authentication & Security:

    • Fixed issue where unverified users were being logged in after resetting password (#2131)
    • Improved overall reset password and verification workflow

  • Rich Text Editor:

    • Fixed issue allowing links to be populated without having relationship or upload enabled (#2134)
    • Removed custom header and gutter from rich text editor link drawer (#2120)

  • File Uploads:

    • Made sizes property optional on file uploads, create, and update operations (#2066)

  • TypeScript & Code Generation:

    • Fixed support for custom TypeScript paths with payload generate:types command (#2096)
    • Fixed JSON field type generation to properly follow RFC specifications (#2137)

  • Admin UI:

    • Fixed broken table in admin overview documentation
    • Added admin translations for filter operators (#2091)
    • Fixed locale validation for Monaco code editor (#2144)
    • Fixed collection pagination defaultLimit behavior (#2117)

  • Dependencies:

    • Locked dependency versions for compatibility with Node.js 16.x (#2146)

New Features

and Enhancements

  • Query Hidden Fields: Added new queryHiddenFields property to find operations, allowing developers to access fields that are normally hidden in query results (#2148)
  • Facet Aggregation Control: Added useFacet configuration option to disable MongoDB's $facet aggregation for performance optimization in certain scenarios (#2141)
  • Documentation Improvements: Added example local API script to help developers understand how to use Payload's local API

Security Updates

  • Authentication Flow Enhancement: Fixed a security issue where unverified users were being automatically logged in after resetting their password. This change ensures that proper verification steps are completed before granting access (#2131)

  • Improved Password Reset Workflow: Enhanced the overall password reset and verification workflow to follow security best practices and prevent potential authentication bypasses

Performance Improvements

  • MongoDB Query Optimization: Added useFacet configuration option that allows disabling MongoDB's $facet aggregation. This can significantly improve performance in scenarios where faceted queries are causing slowdowns or when working with large datasets (#2141)

  • Pagination Improvements: Fixed collection pagination defaultLimit behavior, ensuring more consistent and predictable performance when paginating through large collections (#2117)

Impact Summary

PayloadCMS v1.6.14 is primarily a maintenance release focused on bug fixes and quality-of-life improvements. The changes impact several key areas of the CMS including authentication flows, file uploads, rich text editing, and TypeScript integration.

The most significant improvements include fixing the authentication flow for unverified users during password reset, making the sizes property optional on file uploads, adding support for custom TypeScript paths, and introducing the ability to query hidden fields. These changes make PayloadCMS more flexible and robust for developers while improving the content editing experience.

For administrators and content editors, the fixes to the rich text editor, pagination, and admin UI translations provide a smoother and more intuitive experience. The performance optimization option for MongoDB facet queries can also be beneficial for applications dealing with large datasets.

Overall, this release enhances PayloadCMS's stability and usability without introducing breaking changes, making it a recommended upgrade for all users.

Full Release Notes

1.6.14 (2023-02-21)

Bug Fixes

  • #2091 admin translations for filter operators (#2143) (8a8c392)
  • #2096, allows custom ts paths with payload generate:types (686a616)
  • #2117 collection pagination defaultLimit (#2147) (2a4db38)
  • #2131, doesn't log in unverified user after resetting password (3eb85b1)
  • #2134, allows links to be populated without having relationship or upload enabled (32a0778)
  • #2148, adds queryHiddenFields property to find operation (15b6bb3)
  • checks locale is valid for monaco code editor (#2144) (40224ed)
  • generate proper json field type according to rfc (#2137) (7e88698)
  • removes custom header and gutter from rte link drawer #2120 (#2135) (6a7663b)
  • sizes property optional on upload (#2066) (79d047e)
  • useFacet config option to disable $facet aggregation (#2141) (b4a2074)

Statistics:

File Changed60
Line Additions752
Line Deletions190
Line Changes942
Total Commits23

User Affected:

  • Can now use custom TypeScript paths with `payload generate:types` command
  • File uploads no longer require the `sizes` property, making the API more flexible
  • Can use the new `queryHiddenFields` property in find operations to access hidden fields
  • Can disable `$facet` aggregation with the new `useFacet` config option for performance optimization

Contributors:

jmasdenolfejacobsfletchjmikrutjessrynkarDanRibbensChrisGV04