HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Strapi

>

Releases

>

4.0.8

Strapi Release: 4.0.8

Tag Name: v4.0.8

Release Date: 2/16/2022

View Release
Strapi LogoStrapi

Open-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.

Open SourceHeadlessDeveloper-Friendly

TL;DR

Strapi v4.0.8 brings several enhancements and bug fixes to improve the developer experience. Key highlights include resizable fields in the Content Manager, improved security with password sanitization from filters, and better file handling for plugin development. The update also features UI improvements like drag-and-drop image uploads, audio previews, and fixes for date handling. This release focuses on stability, security, and quality-of-life improvements for Strapi developers.

Highlight of the Release

    • Resizable fields in Content Manager for better workspace customization
    • Enhanced security with password sanitization from filters
    • Audio preview support in content builder
    • Improved drag-and-drop functionality for image uploads
    • Fixed file path handling when generating components inside plugins
    • Better GraphQL support with SDL type definitions and schema generation options

Migration Guide

Upgrading to v4.0.8

This is a minor release with no breaking changes, so upgrading should be straightforward:

  1. Update your dependencies in package.json:

    "strapi": "4.0.8",
"strapi-admin": "4.0.8",
"strapi-plugin-*": "4.0.8"

  2. Run npm install or yarn to install the updated packages.

  3. Date Format Changes: Note that using date formats other than yyyy-MM-dd is now deprecated. If you're using custom date formats, you should update your code to use the standard format to avoid issues in future releases.

  4. GraphQL Users: If you're using the GraphQL plugin, you now have access to new configuration options for schema generation. Check the updated documentation for details on how to use these options.

  5. Sentry Plugin Users: If you're using the Sentry plugin, this update fixes an issue with error reporting. No action is required, but you may notice improved error tracking after updating.

Upgrade Recommendations

Recommendation Level: Recommended for all users

This update is recommended for all Strapi v4 users as it includes important security fixes, bug fixes, and quality-of-life improvements. The password sanitization from filters is particularly important for applications handling sensitive user data.

Priority for specific users:

  • High priority for users with public-facing applications handling sensitive data due to the security improvements
  • High priority for users experiencing issues with nested components, date handling, or plugin generation
  • Medium priority for users who would benefit from the new features like resizable fields or audio previews
  • Medium priority for GraphQL API users who need the new schema generation options

There are no breaking changes in this release, making it a safe upgrade for all production environments.

Bug Fixes

Fixed File Path Handling in Plugins

Corrected file paths when generating content types, APIs, controllers, middlewares, policies, and services inside plugins, ensuring proper functionality when developing with plugins.

Fixed Drag Ordering with Nested Components

Resolved an issue with drag ordering functionality when working with nested components, ensuring proper reordering of items.

Fixed Hot Reload in Admin

Fixed issues with hot reloading in the admin panel, improving the development experience by ensuring changes are properly reflected without requiring a full reload.

Date and DateTime Handling

  • Fixed an issue where clearing datetime or date fields didn't properly set the value to null
  • Improved date format handling with clear deprecation messages for formats different from yyyy-MM-dd
  • Fixed handling of DATE types from the database to prevent automatic casting to Date()

Sentry Plugin Integration

Fixed the Sentry plugin middleware calling the sendError function on the wrong object (Sentry SDK instead of the Sentry service), ensuring proper error reporting.

JSON Field Handling

Fixed handling of direct quotes in JSON fields to prevent parsing errors and ensure proper data storage and retrieval.

Users-Permissions Base URL

Removed extra '/' in baseURL in the Users-Permissions provider to prevent double slashes in redirect URLs.

New Features

Resizable Fields in Content Manager

Content editors can now resize fields in the Content Manager, allowing for better workspace customization based on content needs. This feature makes it easier to work with fields that contain varying amounts of content.

Audio Preview in Content Builder

Added support for audio file previews in the content builder, enhancing the media management experience. Content editors can now preview audio files directly in the interface without needing to download them first.

GraphQL Schema Generation Options

New configuration options have been added to generate GraphQL schema and types, giving developers more control over their GraphQL API. This includes the ability to benefit from Nexus types context and processing for SDL type definitions.

Web Marketplace Access

Added direct links to the web marketplace from the admin panel, making it easier to discover and install plugins and extensions for your Strapi application.

Security Updates

Password Sanitization from Filters

Enhanced security by implementing password sanitization from filters, preventing sensitive information from being exposed in logs or error messages. This is an important security improvement that helps protect user credentials and sensitive data.

Dependency Updates for Security

Several dependencies have been updated to address security vulnerabilities, including:

  • follow-redirects (updated to 1.14.8)
  • vm2 (updated to 3.9.7)

These updates patch known security issues in these dependencies, ensuring a more secure application environment.

Performance Improvements

Optimized Verify Function

The verify function has been refactored and optimized for better performance, improving authentication processes.

Enhanced Filters Sanitization

Filters sanitization has been improved for better performance and security, including the removal of dynamic zone filters that could impact performance.

Dependency Updates

Several dependencies have been updated to their latest compatible versions, including:

  • Sharp (in upload plugin)
  • webpack-dev-server
  • eslint-plugin-react-hooks
  • chokidar
  • and other development dependencies

These updates ensure better performance and compatibility with modern development environments.

Impact Summary

Strapi v4.0.8 is a quality-focused release that enhances security, fixes several important bugs, and adds useful features to improve the developer and content editor experience.

The security improvements, particularly password sanitization from filters, make this an important update for applications handling sensitive user data. The bug fixes address several pain points reported by the community, including issues with nested components, date handling, and plugin development.

For content editors, the addition of resizable fields, audio previews, and improved drag-and-drop functionality creates a more flexible and user-friendly content management experience. Developers will appreciate the improved CLI command descriptions, better GraphQL support, and fixed file path handling for plugin development.

This release demonstrates Strapi's commitment to security, stability, and user experience improvements. The absence of breaking changes makes this a safe and recommended upgrade for all Strapi v4 users.

Full Release Notes

🚀 Feature

💅 Enhancement

🚨 Security

🐛 Bug fix

  • [core:admin] Enable to drop image to upload dialog in edit view (#12266) @iicdii
  • [core:admin] Fixed hot reload in admin (#12413) @yasudacloud
  • [core:admin] Clear datetime or date should set value to null (#12445) @smoothdvd
  • [core:content-manager] Handle direct quotes in JSON field (#12474) @petersg83
  • [core:content-manager] Fixing Drag ordering bug with Nested Component. (#12504) @godzzo
  • [core:database] Deprecate for Date format different from yyyy-MM-dd + don't cast DATE from DB to Date() (#12234) @petersg83
  • [plugin:documentation] Fix custom settings override (#12465) @markkaylor
  • [plugin:i18n] Add all non-localized fields (media, compo, dz) in /get-non-localized-fields response (#12183) @petersg83
  • [plugin:sentry] Fix sentry plugin calling sendError on wrong object (#12067) @derweili
  • [plugin:users-permissions] remove extra '/' in baseURL (#12410) @smoothdvd

🌏 Translation

  • [core:admin] feat: fix typo & add missing translations for Chinese (Simplified) (#12112) @imfangli

📚 Migration guides can be found here 📚

Statistics:

File Changed161
Line Additions3,407
Line Deletions2,329
Line Changes5,736
Total Commits193

User Affected:

  • Benefit from improved CLI command descriptions for better clarity
  • Can now generate GraphQL schema and types with new configuration options
  • Fixed file path issues when generating components inside plugins
  • Better handling of JSON fields with direct quotes
  • Improved date format handling with clear deprecation messages

Contributors:

tuxuumansunnysonxderweiliimfangliConvlypetersg83marincataniicdiigu-stavabdonrdremidejsmoothdvdyasudacloudronronscelestesalexandrebodinsoupettedependabot[bot]markkaylorMcastresgodzzoHichamELBSIElhebertkonstantinmuenstermsioen