Strapi Release: 4.1.3

TL;DR

Strapi v4.1.3 brings several enhancements and bug fixes to improve the overall user experience. This release allows special characters in enums, enables rate limiter configuration overrides for specific routes, fixes relation handling issues, improves documentation, and addresses a security vulnerability with media sanitization. Performance improvements for entities with many relations are also included, making the CMS more efficient for complex content structures.

Highlight of the Release

• Special characters now allowed in enums for more flexible content modeling
• Rate limiter configuration can be overridden for specific routes in Users & Permissions plugin
• Significant performance improvement when loading entities with many relations
• Fixed relation synchronization issues after server restarts
• Security enhancement for media sanitization

Migration Guide

No specific migration steps are required for this update. This is a patch release (v4.1.2 → v4.1.3) that includes enhancements and bug fixes without breaking changes.

For general migration information, refer to the official Strapi migration guides.

Upgrade Recommendations

This patch release contains important bug fixes and security improvements, making it a recommended upgrade for all Strapi users running version 4.1.2 or earlier in the 4.1.x series.

The security fix for media sanitization is particularly important, and users should update as soon as possible to ensure their applications are protected.

The update process should be straightforward:

npm install [email protected] --save
# or
yarn upgrade [email protected]

After updating, restart your Strapi application to apply the changes.

Bug Fixes

Content Manager Fixes

• Fixed synchronization of layouts when no relation is set, ensuring proper display after configuration changes
• Significantly improved loading time when opening entities with many related entities, addressing performance bottlenecks in the admin panel

Database Fixes

• Ensured the session primary key check is disabled during schema updates for MySQL, preventing potential update failures

Documentation Plugin Fixes

• Added required description in 200 response for better API documentation
• Set proper operationId in generated documentation for improved API client generation

Other Fixes

• Fixed redirect URL placeholder by adding missing /api path
• Added missing /api in redirectUrl placeholder for proper routing

New Features

Enhanced Enum Support

• Content Type Builder now allows special characters in enums, providing more flexibility when defining content models
• Enum values can now contain special characters, though they still cannot start with a number

Configurable Rate Limiting

• Users & Permissions plugin now allows overriding rate limiter configurations for specific routes
• This provides more granular control over API access patterns and security measures

Security Updates

Media Sanitization

• Fixed a security vulnerability related to media sanitization
• This update ensures proper sanitization of media files, preventing potential security exploits
• The fix addresses how media files are processed and validated within the system

Performance Improvements

Content Manager Performance

• Significantly improved loading time when opening entities with many related entities
• This enhancement is particularly noticeable for content types with complex relation structures, where previous versions could experience substantial delays when loading edit views

Database Operations

• Optimized schema update process for MySQL by ensuring session primary key checks are disabled during updates
• This improvement helps prevent unnecessary errors during database migrations and updates

Impact Summary

Strapi v4.1.3 delivers several quality-of-life improvements for developers and content editors. The ability to use special characters in enums provides more flexibility in content modeling, while the configurable rate limiting for specific routes offers better control over API security.

Performance improvements for entities with many relations will be particularly beneficial for projects with complex content structures, addressing a pain point that affected editing experience in previous versions.

The security fix for media sanitization is an important update that all users should apply to ensure their applications remain secure.

For MySQL users, the fix ensuring session primary key checks are disabled during schema updates resolves potential issues during database migrations.

Overall, this release enhances Strapi's stability, security, and performance without introducing breaking changes, making it a straightforward and recommended upgrade for all users.

Full Release Notes