Change8

v5.10.3

📦 strapi
1 features🐛 9 fixes🔧 1 symbols

Summary

Version 5.10.3 patches a security vulnerability and includes numerous bug fixes primarily focused on password validation limits and error reporting, alongside adding an email ratelimit middleware.

Migration Steps

  1. Upgrade to version 5.10.3 immediately due to a patched security vulnerability. Detailed disclosure is being delayed.

✨ New Features

  • Added new email ratelimit middleware and applied it to admin password reset.

🐛 Bug Fixes

  • Fixed password creation and update to enforce a 72 byte maximum.
  • Fixed validation to not check byte length on empty values.
  • Improved error messages by including the path.
  • Fixed validation issues on front-end forms.
  • Corrected validation message shape.
  • Added max length constraint to users-permissions password.
  • Fixed flaky tests.
  • Fixed password validation tests.
  • Applied advanced permissions in content manager home widgets.

🔧 Affected Symbols

users-permissions