✨ New Features
- API
- #12201 Add new export experience (by @rijkvanzanten)
- #12088 Allow configuring overrides for the openid-client (by @rijkvanzanten)
- #12025 Add support for import ip deny list (by @rijkvanzanten)
- #12006 add --dry-run flag to
schema apply
CLI command (by @sjones6)
- App
- #12201 Add new export experience (by @rijkvanzanten)
- #12154 Upgrade table layout (by @rijkvanzanten)
🚀 Improvements
- App
- #12229 Style updates (by @benhaynes)
- #12223 Tweak tags placeholder for clarity (by @azrikahar)
- #12220 Add direct download option to files interface (by @rijkvanzanten)
- #12157 Group groups in field select, add search when number of fields exceeds 20 (by @rijkvanzanten)
- #12085 Add Croatian to available-languages.yaml (by @nrozic)
- #12050 Hide nav resize handle when it is not open (by @azrikahar)
- #12048 Add Edit Role context menu in User Directory (by @azrikahar)
- #12001 Form error validation improvements (by @azrikahar)
- API
- #12020 Allow configuring /assets endpoint CSP separately (by @rijkvanzanten)
🐛 Bug Fixes
- API
- #12235 Fix nested relational limit for m2o fetching (by @rijkvanzanten)
- #12216 Improvements to WYSIWYG interface (by @licitdev)
- #12208 Export authorization service (by @licitdev)
- #12193 add cdn domain in CSP directives for in app docs (by @azrikahar)
- #12087 Make sure mysql error extraction won't error on slice (by @rijkvanzanten)
- #12076 Fix deep relational offset (by @licitdev)
- #12017 Add lock for system cache (by @licitdev)
- #12011 Fix query limit -1 for o2m queries (by @azrikahar)
- #11538 fix M2O field deletion (by @azrikahar)
- App
- #12222 fix number input step up/down when undefined (by @azrikahar)
- #12218 Fix WYSIWYG link keyboard shortcut and add parent anchor tag detection (by @licitdev)
- #12192 use type json for select-color presets options field (by @azrikahar)
- #12169 M2A interface collection name layout fix (by @d1rOn)
- #12162 Prevent null field/collection translations from being merged (by @azrikahar)
- #12153 fix: display related translations (by @yassilah)
- #12060 Fix cropper aspect ratio not activating crop (by @licitdev)
- #12047 Fix user info sidebar last access timestamp (by @azrikahar)
- #12037 Close WYSIWYG fullscreen when opening drawer or dialog (by @licitdev)
- #12034 Hide raw value copy paste button if unsupported by browser (by @licitdev)
- #11990 Rich-text-html interface fix (by @d1rOn)
🧽 Optimizations
- App
- #12092 Remove outline prop from v-icons (by @azrikahar)
📝 Documentation
- #12094 Update hooks.md - add system collection "files", fix payload parameter (by @Dominic-Marcelino)
- #12038 Docs: Settings (by @erondpowell)
- #11728 Docs: User Directory (by @erondpowell)
- #11330 Docs: Filters (by @erondpowell)
⚠️ CORS Warning
The previous defaults were very permissive to make getting started as easy as possible, but leaving the CORS settings this open can be a security issue. The safer default is to have it disabled completely, and allow an explicit opt-in (ideally with exact domains, rather than the match-origin true).
To go back to the way things were before this release, set CORS_ENABLED=true
and CORS_ORIGIN=true
. That being said, it's highly recommended to use a domain allow-list, like CORS_ORIGIN=https://directus.io
.
Directus refs/tags/v9.7.0