Content Toolkit

5.0.0-beta.2

Strapi Release: 5.0.0-beta.2

Pre Release

Tag Name: v5.0.0-beta.2

Release Date: 4/3/2024

View Release

Strapi

Open-source headless CMS built with Node.js. Provides developers with complete freedom in choosing their favorite tools and frameworks for frontend development.

Open Source Headless Developer-Friendly

TL;DR

Strapi v5.0.0-beta.2: Enhanced Features, Bug Fixes, and Performance Improvements

This beta release brings significant improvements to Strapi v5, including bulk content release capabilities, non-localized fields for internationalization, GraphQL GET query support, and various bug fixes. The release focuses on enhancing developer experience with better API organization, improved security with dependency updates, and refined content management workflows. This update is particularly valuable for developers working with internationalized content and those using GraphQL for their API needs.

Highlight of the Release

Bulk actions for content releases to manage multiple entries at once
Non-localized fields for internationalization to maintain consistency across languages
GraphQL GET query support with authentication for better caching and CDN integration
Database identifier shortening with migration support
Improved handling of relations with lazy loading
Security enhancements with dependency updates

Migration Guide

Database Identifier Shortening

This release includes a breaking change related to database identifiers. The identifiers have been shortened and an internal migration has been added. If you're using direct database queries or have custom code that relies on specific database identifier formats, you'll need to update your code accordingly.

API Registry Refactoring

The API registry has been refactored, which may affect custom plugins or extensions that interact with it directly. Review your custom code that interacts with the API registry to ensure compatibility.

Public Interface Cleanup

The public interface of strapi/strapi has been cleaned up, which may affect imports in custom code. If you're importing from internal paths that are no longer exposed, you'll need to update your imports to use the public API.

Package Structure Changes

Content Manager admin has been moved to its own package. If you have custom code that extends or modifies the Content Manager, you may need to update your imports and references.

Upgrade Recommendations

For Beta Testers

As this is a beta release (v5.0.0-beta.2), it's recommended for testing and evaluation purposes only. Do not use in production environments.

For those already using v5.0.0-beta.1, upgrading to beta.2 is recommended to benefit from the bug fixes and new features. Pay special attention to the database identifier shortening change if you have custom code that interacts directly with the database.

Before upgrading:

Create a complete backup of your database and project files
Review the breaking changes, especially regarding database identifiers
Test the upgrade in a development environment before applying to staging or production-like environments

After upgrading:

Test all custom plugins and extensions thoroughly
Verify that internationalized content works correctly, especially with the new non-localized fields feature
Check that GraphQL queries function as expected, particularly if you're using GET requests

Bug Fixes

Content Management Fixes

Fixed an issue where creating a new locale didn't pre-fill non-internationalized fields
Resolved a problem with locale validation when not creating content for all locales
Fixed relations lazy loading to improve performance and reliability
Corrected the capitalization in scheduling information for content releases
Fixed an issue where the edit release modal would close on error, causing loss of user input

Upload and File Management

Added support for private upload providers
Fixed file name sanitization when uploading images to prevent security issues
Refactored signing URL in Data Transfer Service (DTS)

Internationalization and Localization

Fixed timezone handling in content releases to ensure proper UTC time-based creation
Resolved component UID resolution issues

Admin Interface

Fixed the NotFoundPage to be properly within authenticated admin panel routes
Ensured purchase pages are shown correctly with Cloud plans

New Features

Bulk Actions for Content Releases

A major enhancement in this release is the addition of bulk actions for content releases. Content editors can now select multiple entries and perform actions like publish, unpublish, and add to release in a single operation. This significantly improves workflow efficiency when managing large amounts of content.

Non-localized Fields for Internationalization

The internationalization system now supports non-localized fields, allowing certain content to remain consistent across all language versions. This feature is particularly useful for content that should be identical regardless of locale, such as codes, identifiers, or globally standardized information. The UI now includes an earth icon to symbolize these localized fields.

GraphQL GET Query Support

GraphQL now supports GET queries with authentication, which is advantageous for caching, CDNs, and other performance optimizations. This removes an unnecessary restriction that previously blocked authenticated GET queries to the /graphql endpoint.

Zod Validation Integration

Initial integration of Zod for validation has been added, providing a more type-safe approach to data validation throughout the application. This lays the groundwork for more robust validation patterns in future releases.

Security Updates

Dependency Security Updates

Updated sanitize-html (and types) from 2.11.0 to 2.13.0 to address security advisory 1096639
Upgraded @koa/cors from 3.4.3 to 5.0.0 to fix security advisory 1095223

File Upload Security

Improved file name sanitization when uploading images to prevent potential security vulnerabilities

Performance Improvements

Relations and Data Handling

Improved relations lazy loading for better performance when working with related content
Cleaned up document service relation transforms for more efficient data processing
Simplified the history meta object for better performance and reduced complexity

Dependencies and Build Optimizations

Upgraded to Prettier 3.2.5 with support for dynamic imports of pure ESM
Upgraded Lerna and NX for better monorepo management
Upgraded Rimraf to 5.0.5 for improved file deletion performance
Removed React Helmet in favor of more modern alternatives
Upgraded @koa/cors from 3.4.3 to 5.0.0 for better CORS handling

Impact Summary

Strapi v5.0.0-beta.2 represents a significant step forward in the v5 development cycle, focusing on developer experience, content management workflows, and performance optimizations.

The addition of bulk actions for content releases addresses a key workflow pain point, allowing content editors to manage multiple entries simultaneously. This can dramatically improve efficiency for teams working with large content volumes.

The non-localized fields feature for internationalization solves a common challenge in multilingual content management, ensuring consistency across languages where needed while still allowing localization elsewhere.

GraphQL GET query support enhances API flexibility, particularly for scenarios involving caching and CDNs, which can lead to better performance for end users.

Database identifier shortening may require attention from developers with custom code, but provides long-term benefits for database management.

Security improvements through dependency updates address known vulnerabilities, keeping Strapi installations safer.

Overall, this beta release demonstrates Strapi's commitment to improving both developer and content editor experiences while maintaining a focus on performance and security.

Full Release Notes

What's Changed

fix: add support for private upload providers by @Bassel17 in #19863
Solve foreign key error on push transfers by @christiancp100 in #19870
fix(content-releases): fix creation of utc time based when sending to back by @Feranchz in #19865
fix(admin): show purchase pages also with Cloud plans and change message by @simotae14 in #19855
enhancement(database)!: add db identifier shortening and migration by @innerdvations in #19732
chore(deps): bump sanitize-html (and types) from 2.11.0 to 2.13.0 by @derrickmehaffy in #19922
chore: allow graphql get request with authentication by @alexandrebodin in #19916
fix: relations lazy loading by @Marc-Roig in #19932
chore(deps): bump @koa/cors from 3.4.3 to 5.0.0 by @derrickmehaffy in #19921
Feat(releases): Bulk Release by @madhurisandbhor in #19891
chore: refactor api registry by @alexandrebodin in #19920
fix(plugin-graphql): allow to use GET queries for graphql by @mcfedr in #19168
Update README.md by @baristopuz in #19719
fix(content-releases): fix flaky FE unit tests by @simotae14 in #19927
fix:issue on do not validate locale if not creating for all locales by @binar1 in #19799
fix: sanitize file name when uploading image by @Marc-Roig in #19913
chore: cleanup public interface of strapi/strapi by @alexandrebodin in #19931
chore(admin): remove react-helmet by @christiancp100 in #19923
fix: Creating a new locale doesn't pre-fill the non-internationalized fields by @derrickmehaffy in #18773
chore: upgrade rimraf to 5.0.5 by @innerdvations in #19877
release: 5.0.0-beta.1 by @Marc-Roig in #19939
chore: init zod usage by @alexandrebodin in #19917
fix: clean document service relation transforms by @Marc-Roig in #19859
chore: move CM admin to own package by @joshuaellis in #19929
fix(releases): Scheduling info capitalization by @madhurisandbhor in #19945
test(e2e): close 'saved' notification box after confirming it exists by @innerdvations in #19941
test(e2e): close notification boxes after confirming they exist by @innerdvations in #19947
chore: upgrade prettier to 3.2.5 (poc for dynamic imports of pure esm) by @innerdvations in #19876
chore: fix #19349 by @alexandrebodin in #19967
docs: upgrade to docusaurus 3.1.1 by @innerdvations in #19969
[v5] fix: move NotFoundPage into authenticated admin panel routes by @MattieBelt in #19968
feat(i18n): non localized fields by @jhoward1994 in #19720
fix(releases): On edit release error dont close modal by @madhurisandbhor in #19946
test: restructure test dirs by @innerdvations in #19948
fix(docs): fix comment that breaks docs build by @innerdvations in #19987
chore: move remaining api-tests tests to tests/api by @innerdvations in #19991
chore(history): simplify the meta object by @markkaylor in #19990
fix: name validation by @innerdvations in #19995
chore: move cli-tests to tests/cli by @innerdvations in #19992
fix: middleware type by @alexandrebodin in #20004
chore: add document-id migration by @alexandrebodin in #19514
fix(i18n): remove strapi dep to fix circular deps by @joshuaellis in #20011
Upgrade lerna - nx by @alexandrebodin in #20010

New Contributors

@mcfedr made their first contribution in #19168
@baristopuz made their first contribution in #19719
@binar1 made their first contribution in #19799

Full Changelog: v5.0.0-beta.1...v5.0.0-beta.2

Statistics:

File Changed300

Line Additions6,460

Line Deletions14,248

Line Changes20,708

Total Commits80

User Affected:

Benefit from GraphQL GET query support for better caching and CDN integration
Access to improved API organization with refactored API registry
Can leverage Zod for validation in their custom code
Need to adapt to shortened database identifiers if using direct database queries
Can use private upload providers for more secure file management