Skip to content

6.17.0
Compare
Choose a tag to compare
@github-actions github-actions released this 23 Jul 14:19
· 1066 commits to main since this release
v6.17.0
bddd2a8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

@comet/admin@6.17.0

Minor Changes

  • 7ecc30e: Add color prop to CometLogo

    It now supports a colored and a white version of the logo.

Patch Changes

  • 536e95c: Fix error dialog to show GraphQL errors again

    Previously, GraphQL errors without an http status code didn't trigger an error dialog anymore.

  • ec4685b: Prevent unintended width: 100% on nested InputBase components inside FieldContainer and Field components

    FieldContainer (and therefore Field) needs to set the with of the InputBase it wraps to 100%.
    This also caused deeply nested InputBase components, e.g., inside a Dialog, to get this width and break the styling of these components, as they are not intended to be styled by FieldContainer.

@comet/cms-admin@6.17.0

Minor Changes

  • 9ddf655: Require a file extension when changing the filename in the DAM

    Previously, files in the DAM could be renamed without restrictions.
    Files could have invalid extensions (for their mimetype) or no extension at all.
    This theoretically made the following attack possible:

    1. Creating a dangerous .exe file locally
    2. Renaming it to .jpg locally
    3. Uploading the file as a .jpg
    4. Renaming it to .exe in the DAM
    5. The file is now downloaded as .exe

    Now, filenames must always have an extension that matches their mimetype.
    This is enforced in the admin and API.
    Existing files without an extension are automatically assigned an extension via a DB migration.

Patch Changes

  • 987fe9a: Fix DocumentInterface.updateMutation type

    The type for the input variable needs to be DocumentOutput, not DocumentInput.

@comet/cms-api@6.17.0

Minor Changes

  • 9ddf655: Require a file extension when changing the filename in the DAM

    Previously, files in the DAM could be renamed without restrictions.
    Files could have invalid extensions (for their mimetype) or no extension at all.
    This theoretically made the following attack possible:

    1. Creating a dangerous .exe file locally
    2. Renaming it to .jpg locally
    3. Uploading the file as a .jpg
    4. Renaming it to .exe in the DAM
    5. The file is now downloaded as .exe

    Now, filenames must always have an extension that matches their mimetype.
    This is enforced in the admin and API.
    Existing files without an extension are automatically assigned an extension via a DB migration.

  • 9ddf655: Loosen the filename slugification rules

    When uploading a file to the DAM, the filename is automatically slugified.
    Previously, the slugification used pretty strict rules without a good reason.

    Now, the rules were loosened allowing uppercase characters and most special characters.
    Also, slugify now uses the locale en instead of de for special character replacements.

Patch Changes

  • 5a9c49a: CronJobModule: Fix job creation if resulting name exceeds 63 characters
Assets 2
Loading