Tag Name: v4.25.15
Release Date: 10/30/2024
StrapiOpen-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.
Strapi v4.25.15 brings important bug fixes and a new OpenAPI documentation feature. This release addresses issues with API state not being cleared on logout and relation type existence checks, while also adding a new /openapi.json route to improve API documentation capabilities. These changes enhance security, stability, and developer experience for Strapi users.
/openapi.json route for standardized API documentationNo specific migration steps are required for this release. The changes are backward compatible and should not affect existing functionality. Simply update your Strapi installation to version 4.25.15 to benefit from the bug fixes and new features.
This release is recommended for all Strapi users, especially those concerned about security and API documentation. The bug fixes address important issues related to session management and data relationships, while the new OpenAPI documentation feature provides significant value for API-focused projects.
To upgrade:
npm install [email protected]
# or
yarn upgrade [email protected]
After upgrading, restart your Strapi application to apply the changes.
Fixed an issue where API state was not properly cleared when users logged out (#21947). This bug could potentially lead to security concerns and unexpected behavior when switching between user accounts. The fix ensures that all API state is properly reset upon logout, improving security and user session management.
Resolved a bug related to checking for relation type existence (#20167). This fix prevents potential errors when working with relations where the type might not be properly defined, improving the stability and reliability of the content management system when handling complex data relationships.
Strapi now provides a dedicated /openapi.json route that generates OpenAPI documentation for your API. This feature allows developers to:
This addition significantly enhances the developer experience by providing clear, structured documentation of the API surface.
The fix for API state not being cleared on logout (#21947) addresses a potential security concern. By ensuring that API state is properly cleared when users log out, this update helps prevent potential data leakage or unauthorized access that could occur if state from a previous session remained active.
No specific performance improvements were highlighted in this release. The changes focus primarily on bug fixes and feature enhancements rather than performance optimizations.
Strapi v4.25.15 delivers important improvements to security, stability, and developer experience. The fix for API state clearing on logout addresses a potential security vulnerability, ensuring proper session management. The relation type existence check fix improves system stability when working with complex data relationships.
The addition of the /openapi.json route represents a significant enhancement for API documentation, making Strapi more developer-friendly and interoperable with the broader API ecosystem. This feature aligns with industry standards for API documentation and enables better integration with third-party tools.
Overall, this release demonstrates Strapi's commitment to security, stability, and developer experience, with contributions from both the core team and the community, including first-time contributors.
Full Changelog: v4.25.14...v4.25.15
