Content Toolkit

3.0.0-beta.17.7

Strapi Release: 3.0.0-beta.17.7

Tag Name: v3.0.0-beta.17.7

Release Date: 11/29/2019

Open-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.

Open Source Headless Developer-Friendly

TL;DR

Strapi v3.0.0-beta.17.7 brings important documentation updates, security fixes, and UI enhancements. This release includes new guides for customizing admin panels and data responses, improved Russian translations, and critical security fixes for MongoDB. It also addresses authentication issues and enhances documentation with Docker references and Google Analytics integration.

Highlight of the Release

Security fix for MongoDB aggregate policy verifications
New guide for customizing admin panels and plugins
New guide for data response customization
Updated Russian translations for the admin panel
Fixed email case sensitivity in password reset functionality
Added Docker deployment references in documentation

Migration Guide

No specific migration steps are required for this update. This is a beta release update from v3.0.0-beta.17.6 to v3.0.0-beta.17.7 that primarily includes documentation improvements and bug fixes.

However, MongoDB users should update promptly to address the security vulnerability fixed in this release.

Upgrade Recommendations

MongoDB Users: Immediate upgrade is strongly recommended due to the security fix for aggregate policy verifications.
All Other Users: Standard upgrade is recommended to benefit from the documentation improvements and bug fixes.

To upgrade:

Update your package.json to reference the new version:
```
"strapi": "3.0.0-beta.17.7"
```
Run npm install or yarn to install the updated packages.
Restart your Strapi application.

As this is a beta release, always back up your data before upgrading.

Bug Fixes

Email Case Sensitivity: Fixed issue #4559 where the forgot password function wasn't properly handling email case sensitivity. Emails are now converted to lowercase during the password reset process, ensuring consistent behavior regardless of how users enter their email address.
Documentation Website Navigation: Fixed broken link in the top menu of the documentation website (issue #4576), improving navigation experience.
Documentation Build Process: Resolved issues with the documentation build process that were causing errors.
PM2 Guide Link: Updated link to the PM2 deployment guide to ensure users are directed to the correct resource.

New Features

New Documentation Guides

Admin and Plugin Customization Guide: New comprehensive documentation on how to customize the admin panel and plugins, giving developers more flexibility in tailoring the Strapi interface to their needs.
Data Response Customization Guide: Added detailed documentation on how to customize API data responses, allowing developers to format and structure API outputs according to specific requirements.
Docker Deployment Reference: New documentation section covering Docker deployment options for Strapi applications, making containerized deployments more accessible.
Google Analytics Integration: Added Google Analytics to the documentation site to better understand user behavior and improve documentation based on usage patterns.

Security Updates

MongoDB Aggregate Policy Verifications: Critical hotfix for MongoDB aggregate policy verifications (PR #4624). This addresses a security vulnerability that could potentially allow unauthorized access to data through MongoDB's aggregate operations by bypassing policy verifications. All MongoDB users should update immediately to ensure proper security controls are in place.

Performance Improvements

No specific performance improvements were mentioned in this release. The changes primarily focus on documentation enhancements, security fixes, and bug fixes.

Impact Summary

This release primarily enhances documentation and fixes security and functional bugs. The most significant impact is for MongoDB users who need to update immediately to address a security vulnerability in aggregate policy verifications.

Developers will benefit from new customization guides for admin panels and data responses, making it easier to tailor Strapi to specific project needs. Russian-speaking users will appreciate the improved translations in the admin interface.

The documentation improvements, including Docker references and fixed navigation, provide better resources for all users. The email case normalization fix ensures more consistent behavior in the authentication system.

While this is an incremental beta release, the security fix for MongoDB users makes it an important update for affected deployments.

Full Release Notes

💅 Enhancement

[Admin] Update Russian translation for admin panel (#4584) @sulakin
[Documentation] Fix docs website link in the top menu (#4600) @lauriejim
[Documentation] Add a docker ref in the docs (#4611) @lauriejim
[Documentation] Display a deprecated message docs alpha (#4612) @lauriejim
[Documentation] Add GA in the docs (#4620) @lauriejim

🐛 Bug fix

[Plugin] Fix lowercase the email in the forgot password function (#4599) @lauriejim
[Plugin] Hotfix mongo aggregate policy verifications (#4624) @alexandrebodin

Statistics:

File Changed18

Line Additions680

Line Deletions372

Line Changes1,052

Total Commits53

User Affected:

Access to new guides for customizing admin panels and data responses
Fixed MongoDB security vulnerability affecting data access policies
Docker deployment reference documentation added
Email case sensitivity bug fixed in password reset functionality