GitHub release description about component: {} changes

default discord avatar
Martin R
2 months ago
7

It would be nice to have a warning in the GitHub release description about component: {} changes for views and fields like Account, text field, ...



The same goes for new security practices, for example, the recent draft changes where in some cases, drafts are shown even if drafts equal false. An example could be a photograph where the status is awaiting approval to allow publishing the photo, and it, by mistake, got published because of Payload CMS changes.



According to EU GDPR, all information must be secure by default, or we can get a substantial financial penalty. Else it's easy to end up in a breach of data and an insecure system.

  • discord user avatar
    jmikrut
    Payload Team
    2 months ago
    in some cases, drafts are shown even if drafts equal false


    i don't believe any of our recent changes would have affected this at all



    your access control should prevent users from seeing draft posts if that is the intention, via returning a query constraint to prevent them from seeing

    _status: { equals: 'draft' }


    that is unrelated to the

    ?draft=true

    argument



    but overall i completely agree, we are making some changes to use major / minor / patch versions more semantically



    and that will include being significantly more strict about communicating

    anything

    that can impact your projects

  • default discord avatar
    Martin R
    2 months ago

    That makes me happy 🍻

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.