HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Payload CMS

>

Releases

>

3.0.0-beta.65

Payload CMS Release: 3.0.0-beta.65

Pre Release

Tag Name: v3.0.0-beta.65

Release Date: 7/15/2024

View Release
Payload CMS LogoPayload CMS

Payload CMS is a modern, self-hosted headless content management system built with TypeScript, Node.js, and MongoDB. It's designed specifically for developers who want full control over their content management system while maintaining a powerful admin interface for content editors.

Open SourceDeveloper-FriendlyHeadless

TL;DR

PayloadCMS v3.0.0-beta.65 introduces CORS header configuration capabilities and fixes several critical issues in rich text editors, email verification, and global tabs functionality. This release enhances developer flexibility with CORS settings while addressing important bugs that affected rich text editing and field display.

Highlight of the Release

    • Added support for configuring CORS allowed headers
    • Fixed rich text editor issues with nested fields and upload nodes
    • Corrected the behavior of the skipVerify option in the email-nodemailer adapter
    • Fixed custom tabs functionality in globals

Migration Guide

NodeMailer skipVerify Behavior Change

If you're using the skipVerify option in the NodeMailer adapter, be aware that its behavior has been corrected to match its intended purpose:

  • Before: skipVerify: true would verify the transport, and skipVerify: false would skip verification
  • After: skipVerify: true will skip verification, and skipVerify: false will verify the transport

Review your email configuration if you're using this option to ensure it behaves as expected after updating.

Upgrade Recommendations

This beta release contains important bug fixes for rich text editors, email configuration, and UI functionality. If you're already using PayloadCMS v3.0.0-beta series, upgrading to beta.65 is recommended, especially if you:

  1. Use rich text editors with nested fields or upload nodes
  2. Rely on the NodeMailer adapter for email functionality
  3. Use custom tabs in globals
  4. Need to configure CORS headers

As this is still a beta release, it's advisable to test thoroughly in a non-production environment before deploying to production.

Bug Fixes

Rich Text Editor Fixes

  • Upload Nodes with Extra Fields: Fixed an issue where newly created upload nodes with extra fields would not display those fields when opening the extra fields drawer (#7155)
  • Nested Field Recursion: Resolved a problem where nested field recursion for named tabs was not working properly
  • Rich Text Migration Detection: Fixed one-line migrators not detecting rich text migrations in nested fields

Email and Configuration Fixes

  • NodeMailer skipVerify Behavior: Corrected the skipVerify field in NodemailerAdapterArgs which was working in reverse of its intended behavior (#6790)
    • Previously: skipVerify = true → Verified transport; skipVerify = false → Did not verify transport
    • Now correctly: skipVerify = true → DO NOT verify transport; skipVerify = false → DO verify transport

UI and Functionality Fixes

  • Custom Tabs in Globals: Fixed an issue where custom tabs were not working properly in globals (#7148)

New Features

Configure CORS Allowed Headers

PayloadCMS now supports extending the Allowed Headers in CORS context. The cors property can be configured as an object with both origins and headers properties, giving developers more control over cross-origin resource sharing policies. This enhancement allows for more flexible API security configurations when integrating with frontend applications across different domains.

Security Updates

No explicit security fixes were mentioned in this release. However, the correction of the skipVerify behavior in the email-nodemailer adapter could have security implications as it relates to transport verification.

Performance Improvements

No specific performance improvements were highlighted in this release. The changes were primarily focused on new features, bug fixes, and documentation improvements.

Impact Summary

This release enhances PayloadCMS with more flexible CORS configuration options and fixes several important bugs that affected content editing and system configuration.

The addition of CORS header configuration gives developers more control over API security policies. The fixes to rich text editors improve the content editing experience, particularly when working with complex nested structures and upload nodes with extra fields.

The correction of the skipVerify behavior in the email-nodemailer adapter ensures that email transport verification works as intended, which is important for system reliability and security.

The documentation improvements for access control will help developers implement more effective permission systems.

Overall, this release focuses on improving developer experience, fixing edge cases in the rich text editing system, and enhancing configuration options for better security control.

Full Release Notes

v3.0.0-beta.65 (2024-07-15)

Features

Bug Fixes

  • richtext-lexical: newly created upload nodes with extra fields do not display fields when opening extra fields drawer (#7155) (35f7a9e)
  • richtext-*: nested field recursion for named tabs did not work (8c5a1f0)
  • richtext-lexical: one-line migrators not detecting richText migrations in nested fields (6d68a4a)
  • email-nodemailer: skipVerify behavior being reversed (#6790) (f494eba)
  • custom tabs not working in globals (#7148) (24f55c9)

Contributors

Statistics:

File Changed121
Line Additions1,340
Line Deletions904
Line Changes2,244
Total Commits13

User Affected:

  • Can now configure CORS allowed headers for better API security control
  • Will experience fixed behavior for the `skipVerify` option in email-nodemailer adapter
  • Will benefit from improved ESLint configurations for React hooks

Contributors:

AlessioGrpaulpopusJarrodMFleschJasperBeaurainGeorgeHulpoijacobsfletchdenolfe