HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Strapi

>

Releases

>

4.25.3

Strapi Release: 4.25.3

Tag Name: v4.25.3

Release Date: 7/10/2024

View Release
Strapi LogoStrapi

Open-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.

Open SourceHeadlessDeveloper-Friendly

TL;DR

Strapi v4.25.3 is a minor release that includes a security update by bumping the glob package from 7.2.0 to 10.4.2, enhances the CLI to use project name from package.json by default, and updates the Cloud message in the homepage. This release focuses on security improvements and developer experience enhancements.

Highlight of the Release

    • Security improvement by updating glob package from 7.2.0 to 10.4.2
    • CLI enhancement to use project name from package.json by default
    • Updated Cloud message in the Strapi homepage

Migration Guide

No specific migration steps are required for this update. Follow the general update guide:

  1. Make a backup of your project
  2. Update your dependencies in package.json
  3. Run yarn install or npm install to update packages
  4. Restart your Strapi application

For detailed instructions, refer to the general update guide.

Upgrade Recommendations

It is recommended to upgrade to v4.25.3 as soon as possible, especially due to the security improvements from the glob package update. This is a minor release with minimal changes, so the upgrade process should be straightforward with low risk of breaking changes.

Follow the standard Strapi update procedure:

npm install [email protected] --save
# or
yarn upgrade [email protected]

After updating, restart your Strapi application and verify that everything works as expected.

Bug Fixes

No specific bug fixes were mentioned in this release.

New Features

CLI Enhancement

  • Default Project Name from package.json: The CLI now automatically uses the project name from package.json by default (#20479), improving developer experience by reducing manual configuration steps when working with Strapi projects.

Security Updates

Glob Package Update

  • Upgraded glob from 7.2.0 to 10.4.2: This security-focused update in the core/strapi package addresses potential vulnerabilities in the older version of the glob dependency (#20607).
  • Removed redundant files: As part of the glob update, the redundant packages/core/strapi/src/load/glob.ts file was removed, helping to maintain a cleaner codebase.

Performance Improvements

No specific performance improvements were mentioned in this release.

Impact Summary

This release primarily focuses on security improvements by updating the glob package to version 10.4.2, which addresses potential vulnerabilities in the older version. Additionally, it enhances developer experience with the CLI now using project name from package.json by default and updates the Cloud message in the homepage.

The impact is relatively minimal and focused on security and developer experience improvements. No breaking changes were introduced, making this a safe update for all Strapi users. The security update to the glob package is particularly important as it helps maintain the security posture of Strapi applications.

Full Release Notes

🚨 Security

⚙️ Chore

📚 Update and Migration Guides

  • General update guide can be found here
  • Migration guides can be found here 📚

Statistics:

File Changed62
Line Additions598
Line Deletions415
Line Changes1,013
Total Commits9

User Affected:

  • Benefits from security improvements with the updated glob package
  • Experiences improved CLI functionality with automatic project name detection from package.json
  • Sees updated Cloud messaging in the Strapi homepage

Contributors:

chrismuirurizalexandrebodinMarc-Roigabdallahmzsimotae14remidej