Strapi releases

5.45.1 (2026-05-11)

🔥 Bug fix

• prevent single-type switch crashes and refresh schema after CTB updates (c9db1321d837f8024f0f9f2c4ab38645b535613c)

❤️ Thank You

• Adrien L @Adzouz
• Ben Irvin
• Jamie Howard

5.45.0 (2026-05-06)

🚀 New feature

• extended ctb api for plugins (ad7cb5d5d7)
• sort based on publish status (#25689)
• admin: api token supports admin permissions and admin user ownership (#25657)
• content-manager: add Zod 4 foundation utilities (#25574)

🔥 Bug fix

• issue with plugin content type uid (f768670d38)
• style issues (2f42e5fe44)
• opt out of the ct backup strategy for plugin content types (5936814932)
• build errors (520ecfc6d5)
• enforce minimum length (f2b6c2bcd0)
• prevent trailing ? in URL when params is empty object (#25724, #25900)
• dynamically update rate limit prefix key based on route (#24818)
• admin: clean up lazy component registration warnings (#25015)
• admin: type addMenuLink with optional Component for menu-only links (#26198)
• content-manager: prevent crash on detached DZ component (#26148)
• content-type-builder: preserve plugin CT identity in AI chat transform (0be48848fa)
• database: run cleanOrderColumns updates sequentially (#26134)
• database: run cleanOrderColumns updates sequentially (#26134)
• review-workflows: implement incremental loading in assignee dropdown (#25967)
• upload: sharp concurrency and cache leads to OOM (#26046)

❤️ Thank You

• Adrien L @Adzouz
• Andrei L @unrevised6419
• Ben Irvin
• Boaz Poolman
• DMehaffy
• Dominik Juriga @dominik-juriga
• guoyangzhen
• Jamie Howard
• markkaylor
• Nico André
• Niels Kaspers @nielskaspers
• Pierre Wizla
• Ziyi @butcherZ

5.44.0 (2026-04-29)

🚀 New feature

• deploy to cloud homepage widget (#25774)

🔥 Bug fix

• add responseType to getFetchClient for non-JSON responses (#25974)
• prevent browser defaults for Ctrl+I and other modifier shortcuts in Firefox (#26050)
• contain absolute descendants in OverflowingItem (#26133)
• content-manager: prevent duplicate React key in homepage recent-documents widget (#26084)
• content-manager: optimize document layout hooks (#26005)
• database: make 5.0.0-02-created-document-id migration idempotent (#26045)
• document-service: support delete selection params (#25097)
• document-service: preserve self-referential relations during publish and discard (#25890)
• document-service: discard-draft 500 on self-referential manyToMany relations (#26152)
• i18n: preserve non-localized media when creating a locale (#26031)
• openapi: documentation plugin generates OpenAPI with incorrect ID parameter (#26067)
• review-workflows: pass locale params to useDocument in StageSelect and AssigneeSelect (#26104)
• types: align Service.Generic index signature with Controller.Generic (#25475)

📚 Documentation Changes

• add AGENTS.md universal agent guide (#26018)

⚙️ Chore

• release v5.43.0 update develop (#26100)
• upgrade contributor docs dependencies (#26073)
• deps: bump multiple dependencies (#26103)
• deps: bump @xmldom/xmldom from 0.8.12 to 0.8.13 (#26098)
• deps: bump and dedupe pinned subdeps (#26139)
• examples: migration performance benchmark harness + mariadb/sqlite + anti-pattern schemas (#26036)
• scripts/release: fix experimental peer dependencies install (#26083)

💅 Enhancement

• add ESM syntax support for Vite .mts config file (#25238)
• i18n: improve Russian translations of tours section in admin package (#25221)
• translations: update czech translations (#25824)

❤️ Thank You

• Adrien L @Adzouz
• akash-dabhi-qed @akash-dabhi-qed
• Ayoub Hidri @ayhid
• Bassel Kanso @Bassel17
• Ben Irvin
• DMehaffy
• Filip Ónodi @fonodi
• Jamie Howard @jhoward1994
• Kellen Bolger
• Laurens Kling @laurenskling
• Leonid Vinogradov
• Nico André
• otociulis @otociulis
• Simon Norris @cache-your-dreams
• Ziyi @butcherZ

5.43.0 (2026-04-22)

🚀 New feature

• core/*: introduce strapi.ai namespace (#25886)
• i18n: complete Dutch (nl) translations for admin panel (#25932)

🔥 Bug fix

• date picker sends date-only format to avoid deprecation warning (1508d5d8f3)
• bulk publish validation on required components in dz (#25687)
• use admin basename for 401 redirect path (#25458)
• auth providers generate unique username on conflict (#23853)
• webpack public path was missing a slash at the end (#22654)
• handle potential null userPermissions in Protect component (#24444)
• admin: add cursor pointer and fix click behavior on sortable table headers (#25418)
• admin: eliminate several browser race conditions (#26020)
• content-manager: blocks editor errors when image has formats: null (#26015)
• content-manager: use RBAC-aware populate in countDraftRelations (#25977)
• content-manager: don't allow locale to overwrite list view settings (#25437)
• content-manager: render ID column without number grouping (#25996)
• content-manager: apply i18n translations to dynamic zone component names (#25417)
• data-transfer: fix large transfer crashes; show transfer progress (#23479)
• upload: content-api does not return signed urls (#26034)
• upload-aws-s3: support root-level credentials and update AWS SDK (#25914)

⚙️ Chore

• update main README content (#25618)
• data-transfer: isIgnoredContentType helper for filtering (#26004)
• deps: bump undici from 6.24.1 to 6.25.0 (#26022)
• deps: bump follow-redirects from 1.15.11 to 1.16.0 (#26025)

💅 Enhancement

• strapi dev continue watching on build error (#25514)
• add list & delete admin user cli commands (#23022)
• data-transfer: improve progress UX (#25921)

🚨 Security

• upgrade to axios 1.15.1 (#26072)

❤️ Thank You

• Adrien L @Adzouz
• Akash Santra @Akash504-ai
• Bellian @Bellian
• Ben Irvin @innerdvations
• Benedikt Rötsch @axe312ger
• DMehaffy @derrickmehaffy
• Jamie Howard @jhoward1994
• Jan Willem Keizer @janwillemkeizer
• Jayesh Patel @itsmejay80
• Jesús Villar @Callm3thebreeze
• kdt523 @kdt523
• Marian Vonsien @mvo-zyres
• markkaylor @markkaylor
• Nico André @nclsndr
• Nikola Dinevski @ndinevski
• Paul Bratslavsky @PaulBratslavsky
• Schero D. @Schero94
• Simen @Eventyret
• Varun Chawla @veeceey

5.42.1 (2026-04-15)

🔥 Bug fix

• typo in Russian translation for upload button (#25946)
• fixed 9 typos, spelling errors, and duplicate words. (#25936)
• skip form onChange when markdown updates come from setValue (#25955)
• adjust typo in test (#25960)
• update snapshot (9b2501ceeb)
• increase test timeout (f50134dbae)
• preserve relations in fill from another locale (#25703)
• enable save button when re-ordering components or dynamic zones (#25959)
• made changes to resolve Firefox timepicker issue (#25129, #25438)
• admin: batch content manager permission checks and reuse session ability (#25911)
• core: add firstPublishedAt field to draft (#25947)
• document-service: preserve relations during publish (#25909)
• tests: type errors cause build to fail which cause tests to fail (072ad0d801)
• upload: cache busting for cross-origin images in crop (#25950)
• upload-aws-s3: trust S3 response Location URL for compatible providers (#25939)

⚙️ Chore

• fix typos in comments and docs (12dfbe97c9)
• adding finnish translation to Strapi Admin (#25620)
• fix typos in comments and docs (91407798c4)
• update Polish language translations (#23762)
• deps: bump lodash from 4.17.23 to 4.18.1 (#25919)
• deps: bump lodash-es from 4.17.23 to 4.18.1 (#25906)
• deps: bump nodemailer from 8.0.4 to 8.0.5 (#25963)
• deps: bump axios from 1.13.5 to 1.15.0 (#25980)
• deps: bump path-to-regexp from 8.4.1 to 8.4.2 (#25901)
• examples: delete config.server.url to restore port override capability (#26011)

❤️ Thank You

• Adrien L @Adzouz
• akash-dabhi-qed @akash-dabhi-qed
• Antti Tuppurainen
• Bassel Kanso @Bassel17
• Jamie Howard @jhoward1994
• Mark Kaylor @markkaylor
• mathildeleg @mathildeleg
• Michał Kleszczyński @Magiczne
• Nico André @nclsndr
• Shalabh Gupta @coding-shalabh
• Tony @tonytkachenko
• Yohaan Narayanan @yohaann196
• Yohei Yamamoto @NAM-MAN

5.42.0 (2026-04-08)

🚀 New feature

• removing A/B testing from the prompt Currently A/B testing opt-in isn't used, so removing it from the CLI (8d5b04ece4)
• changing sonar variable (0d822ade04)
• data-transfer: add directory export/import format (#25867)

🔥 Bug fix

• change return to continue in deleteRelations when using foreign keys (#25857)
• hide legacy options (da9cdfc640)
• contains filter no longer returns empty data (#25810)
• typos in documentation plugin README (4ff54bff36)
• admin: p is not function error (#25663)
• content-manager: pass component schemas when rebuilding list view headers (#25872)
• content-manager: wrap single type displayName with formatMessage (#25880)
• core: relation handling preserves order during unpublish/republish cycles (#25764)
• create-strapi-app: generate .yarnrc.yml for Yarn projects (#25869)
• documentation: use dist extensions path in production (#25863)

📚 Documentation Changes

• fix typos in documentation plugin README (8e11e41247)

⚙️ Chore

• add .claude directory to gitignore (e85aa81cdf)
• sonarqube variables like in their docs (40f9ecd6c7)
• deps: bump minimatch from 10.2.4 to 10.2.5 (#25879)
• deps: bump @xmldom/xmldom from 0.8.6 to 0.8.12 (#25877)
• deps: bump path-to-regexp from 8.2.0 to 8.4.0 (#25850)
• deps: bump undici from 6.24.0 to 6.24.1 (#25785)
• deps: bump handlebars from 4.7.7 to 4.7.9 (#25841)
• deps: bump yauzl from 3.2.0 to 3.2.1 (#25729)
• deps: bump bn.js from 4.12.0 to 4.12.3 (#25691)
• deps: bump js-yaml from 3.14.1 to 3.14.2 (#25680)
• deps: bump mdast-util-to-hast from 13.2.0 to 13.2.1 (#25681)
• deps: bump path-to-regexp from 8.4.0 to 8.4.1 (#25888)
• deps: bump simple-git from 3.21.0 to 3.32.3 (#25704)
• deps: bump file-type from 21.0.0 to 21.3.2 (#25728)
• deps: bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2 (#25693)
• deps: bump @octokit/request from 8.4.0 to 8.4.1 (#25694)
• deps: bump picomatch from 2.3.1 to 2.3.2 (#25828)
• deps: bump nodemailer from 8.0.1 to 8.0.4 (#25848)

❤️ Thank You

• Adrien L @Adzouz
• Adrien Lepoutre @Adzouz
• Alexandre BODIN
• Bassel Kanso @Bassel17
• Ben Irvin
• guoyangzhen
• Jamie Howard @jhoward1994
• Joshua Klinesmith
• Simon Norris

5.41.1 (2026-04-01)

🔥 Bug fix

• load inquirer async (043798dbe8)

❤️ Thank You

• Ben Irvin

5.41.0 (2026-04-01)

🔥 Bug fix

• use strapi.fetch for remote uploads (#25661)
• Content types with attributes named filters, sort, fields, or populate no longer cause 400 validation errors on populate queries and countDraftRelations (#21338, #25762)
• check devDependencies when resolving required admin deps (#22130)
• use max batch sizes per dialect (#25390)
• content-type-builder: default draftAndPublish to true in AI CTB (#25781)
• document-service: re-insert cascade-deleted bidirectional relations (#25725)
• graphql: expose status and hasPublishedVersion on non–D&P root queries for nested relations (#25763)
• homepage: render widgets progressively and batch permission checks (#25846)
• upload: allow removal of file type filter in media library (#25399)
• upload: row duplicate-key warning (#25670)
• upload: allow upload of files with empty MIME type (#25844)

⚙️ Chore

• deps: bump undici from 6.23.0 to 6.24.0 (#25731)
• deps: bump effect from 3.19.19 to 3.21.0 (#25796)
• scripts/check-package-versions: support Yarn catalog (#25625)

💅 Enhancement

• add customField parameter to extendFields (#22521)
• content-manager: add documentid in listview and editview (#25759)

🚨 Security

• package upgrades to remove deprecated versions of boolean, tar, and glob (#25776)

❤️ Thank You

• Adrien Foulon @Tofandel
• akash-dabhi-qed @akash-dabhi-qed
• Bassel Kanso @Bassel17
• Ben Irvin
• Daniil Barkov @giollord
• Kai Gritun
• mathildeleg @mathildeleg
• Nico André
• Shuhrat Dehkanov
• Ziyi @butcherZ

5.40.0 (2026-03-18)

🚀 New feature

• add package manager dropdown before version in bug report template (#25679)

🔥 Bug fix

• add maxwidth to documentactions menu (#25664)
• formatErrorMessages array values formatting (#24196)
• admin: alias singleton frontend deps in vite (#25682)
• content-manager: reduce excessive rerendering in components and dynamic zones (#25631)
• content-manager: skip non-draftAndPublish relations in countDraftRelations (#25453)
• i18n: show locale key in disabled select when editing locale (#25124)

📚 Documentation Changes

• fix docs links in README (#25715)

⚙️ Chore

• use https instead of git url in package.repository.url (#25698)
• content-manager: optimize relations handling in EditView component (#25683)
• core: parallelize and cache dynamic zone populate (#25685)

💅 Enhancement

• resolved filter editability on clicking filter tag (#24057)
• core: remove beta on Document API, enforce deprecation on EntityService API (#25744)

❤️ Thank You

• akash-dabhi-qed @akash-dabhi-qed
• Andrea Cappuccio @hood
• Bassel Kanso @Bassel17
• calm @calm329
• Jamie Howard @jhoward1994
• markkaylor
• mathildeleg @mathildeleg
• Nico André
• Nikolas Rimikis @Leptopoda
• Pierre Wizla
• Varun Chawla @veeceey

5.39.0 (2026-03-11)

🚀 New feature

• expand accordion by default when inserting a new component in a document (#24230)
• content-manager: filter list view by publication status (#25510)

🔥 Bug fix

• added shift+tab to blocks editors (#24122)
• single type publish permission error (#24754)
• es translations (#25655)
• typo 'compatability' to 'compatibility' in error messages (#25535)
• content-manager: export ContentManagerPlugin type for plugin dev… (#24149)
• content-manager: reduce excessive rerendering in relation fields (#25623)
• content-manager: reduce rerenders for conditional fields (#25617)
• content-releases: publish in right order to preserve relations (#25551)
• guided-tour: no overlay in dark mode (#25485)
• openapi: correctly merge plugin router prefix with route paths (#25616)
• types: fix document findOne params (#25613)
• upload: add crossOrigin attribute to image preview (#24946)

⚙️ Chore

• upgrade to glob 13 (#25610)
• upgrade better-sqlite3 to 12.6.2 (#25611)
• remove eslint-plugin-rxjs (#25612)
• upgrade koa to 20.8.4 and minimatch to 10.2.4 (#25624)
• eslintignore coverage (#25649)
• stop adding issues to GitHub projects in issues_handleLabel workflow (#25677)
• update package metadata (#25599)
• *: register vitest dependency in Yarn catalog (#25400)
• core/permissions: ensure engine properly merges conditions (#25569)
• deps: bump js-yaml from 3.14.1 to 3.14.2 (#24858)
• deps: bump qs from 6.14.2 to 6.15.0 (#25555)
• deps: bump jws from 3.2.2 to 3.2.3 (#24981)
• deps: bump elliptic from 6.5.7 to 6.6.1 (#24803)
• deps: bump serialize-javascript from 6.0.1 to 6.0.2 (#24841)
• deps: bump mdast-util-to-hast from 13.2.0 to 13.2.1 (#24950)
• deps: bump jws from 3.2.2 to 3.2.3 (#25652)
• deps: bump tar from 7.5.9 to 7.5.10 (#25642)
• deps: bump serialize-javascript from 6.0.1 to 6.0.2 (#25653)

🚨 Security

• upload: improve mimetype detection for uploads (#25177)

❤️ Thank You

• Adrien L
• Akash Santra @Akash504-ai
• akash-dabhi-qed @akash-dabhi-qed
• Ayoub Hidri @ayhid
• Bassel Kanso @Bassel17
• Ben Irvin
• Brandon Aaron @brandonaaron
• Daniel Garcia @dagadevelop
• Gouttfi @Gouttfi
• jeanvier
• markkaylor
• Nico André
• Nikolas Rimikis @Leptopoda
• Owen Rossi-Keen @Smoke3785

5.38.1 (2026-03-11)

Superseded on March 11, 2026 by v5.39.0 due to versioning mistake.
Please use v5.39.0.

5.38.0 (2026-03-04)

🚀 New feature

• content-manager: add relationOpenMode setting (modal/page/newTab) (#25433)
• email-nodemailer: upgrade to Nodemailer v8 with advanced email features and Admin UI capabilities (#25392)
• i18n: add missing french translations (#23093)

🔥 Bug fix

• typo 'recieved' to 'received' across codebase (#25541)
• markdown editor number list is created with wrong numbers (#24631)
• add i18n for boolean cell values (#22314)
• folder subtitles for folders without assets or subfolders (#22694)
• vite and webpack config when linking ds locally (#25530)
• types: add missing typing for proxy.koa config (#25575)

⚙️ Chore

• bump design-system to v2.2.0 (#25584)
• deps: bump rollup from 4.27.4 to 4.59.0 (#25566)
• upload: add import from url (#25496)

❤️ Thank You

• Adrien L
• Altay Akkus
• Ayoub Hidri @ayhid
• Daniel Garcia @dagadevelop
• Grégory Boutte
• Jorrit Schippers
• markkaylor
• mathildeleg @mathildeleg
• Schero D. @Schero94
• Tewson Seeoun @tewson

5.37.1 (2026-02-26)

🔥 Bug fix

• core: preserve component clone integrity in discard-drafts migration

❤️ Thank You

• Bassel Kanso @Bassel17
• Ben Irvin

5.37.0 (2026-02-26)

🔥 Bug fix

• improve subnav on mobile so it works with banner (#25450)
• layout page broken (#25501)
• add design-system to config (#25435)
• radix ui dialog dependency version (#25549)

📚 Documentation Changes

• fix typos in content-releases frontend intro (#25471)

⚙️ Chore

• add bot and contributor detection to community-label workflow (#25497)
  (https://github.com/strapi/strapi/pull/25494))
• docs: revise README for AWS S3 provider updates (#25449)

💅 Enhancement

• improve mobile ux of list view (#25366)

🚨 Security

• feature: add strictParam, addQueryParams, addInputParams (#25528)
• deps: upgrade to tar 7.5.9 (#25504)
• deps: upgrade multiple dependencies (#25506)
• deps: bump bn.js from 4.12.0 to 4.12.3 (#25521)
• deps: bump minimatch from 9.0.3 to 10.2.1 ([#25494]

❤️ Thank You

• Adrien L
• Ayoub Hidri @ayhid
• Ben Irvin
• mathildeleg @mathildeleg
• Pierre Wizla
• Simon Norris @cache-your-dreams
• Ziyi @butcherZ

5.36.1 (2026-02-18)

🔥 Bug fix

• handle undefined tours property (#25290)
• core: handle negative and zero min/max validation for number fields (#25409)
• history: improve error handling and batch deletion in cron jobs (#25425)
• migrations: speed up discard-drafts with bulk batches (#25293)
• ts: ignore generated .strapi folder (#25086)
• utils: bump preferred-pm to fix npm workspace detection (#25406)

⚙️ Chore

• add --no-build-admin option to 'strapi develop' command (#25415)
• */vitest: introduce Vitest and vitest-config package (#25286)
• ci: redirect question issues to GitHub Discussions (#25441)
• deps: bump @casl/ability from 6.5.0 to 6.7.5 (#25430)
• deps: bump qs from 6.14.1 to 6.14.2 (#25444)

🚨 Security

• upgrade to tar 7 (#25380)
• update react-router (#25391)
• deps: upgrade axios from v1.12.2 to v1.13.5 (#25427)

❤️ Thank You

• Andrei L @unrevised6419
• Bassel Kanso @Bassel17
• Ben Irvin
• DMehaffy
• Florent Baldino @Baldinof
• Jamie Howard @jhoward1994
• Jonas Thelemann
• Josh Stuible
• Nico André
• SARGUNESH S V @sargunesh25
• Simen @Eventyret

5.36.0 (2026-02-11)

🚀 New feature

• persistent list view settings (#24246)
• strapi/create: type strapi configs (#21859)
• upload-aws-s3: add extended configuration for S3-compatible providers (#25263)

🔥 Bug fix

• responsive drawer for content history (#25344)
• scrolling in sidenav also scroll content (#25379)
• match database package version (#25389)
• content-manager: preserve origin id when cloning, to fetch relations so they are corrected re-populated (#25307)
• preview-config: allow and await for async handler (#25396)
• upload-aws-s3: use baseUrl even if upload location lacks protocol (#23400)

💅 Enhancement

• improve mobile design for edit view forms (#25320)
• create-strapi-app: add --non-interactive mode for CI and scripts (#25373)

🚨 Security

• upgrade apollo to 4.13.0 (#25375)

❤️ Thank You

• Adrien L
• Andrei L @unrevised6419
• Ben Irvin
• Enrique Carpintero
• jayesh70599 @jayesh70599
• Marian Vonsien @mvo-zyres
• mathildeleg @mathildeleg
• Paul Bratslavsky @PaulBratslavsky
• Schero D. @Schero94

5.35.0 (2026-02-04)

🚀 New feature

• upload: add focal point picker for images (#25267)

🔥 Bug fix

• prevent bulk publish modal from closing during API refetch (#24632)
• update ko.json (#23501)
• mobile actions drawer in content manager edit view (#25243)
• upload: prevent asset deletion when clicking cancel on EditAssetDialog (#25318)

⚙️ Chore

• bump yarn 4.5 to 4.12 (#25284)

💅 Enhancement

• improve mobile design for content history forms (#25338)

🚨 Security

• update multiple subdependencies (#25337)

❤️ Thank You

• Adrien L
• Ben Irvin
• Dhruv Maradiya @Dhruv-Maradiya
• jayesh70599 @jayesh70599
• mathildeleg @mathildeleg
• Niceplugin @niceplugin
• Nico André
• Schero D. @Schero94

5.34.0 (2026-01-28)

🚀 New feature

• update german translations for various components (#24143)
• upload: add retroactive ai metadata generation (#25066)

🔥 Bug fix

• add missing labels to IT locale (#25217)
• form elements mobile adjustments (#25202)
• responsive cm header (#25203)
• run orphan removal for the 'related_type' column (#24833)
• adjust padding for cm subnav (#25253)
• admin: format input error message with values (#23932)
• i18n: ai translation losing unsupported fields (#25247)
• menu: render external links as anchors (#25269)

📚 Documentation Changes

• clarify strapi installation instructions in README (#25016)
• CONTRIBUTING: set link to latest version of .commitlintrc.ts (#25224)

⚙️ Chore

• update pinned elliptic (#25206)
• remove unused imports from react and @strapi/design-system (#25222)
• update pinned dependencies express, qs, body-parser (#25209)
• remove in-app marketplace (#24958)
• update lodash to 4.17.23 (#25244)
• deps: bump lodash-es from 4.17.21 to 4.17.23 (#25239)
• upload: setup future flag for media lib redesign work (#25229)
• ‎.github/workflows: bump outdated GitHub Actions versions (#25233)

💅 Enhancement

• responsiveness consistency for subnav (#25107)

🚨 Security

• update pinned mdast-utils (#25227)
• update pinned js-yaml, node-forge, tmp, and more (#25228)

❤️ Thank You

• Adrien L
• Ben Irvin
• Boaz Poolman
• Jair Ortiz @JairOrtizGutierrez
• Jamie Howard @jhoward1994
• Leonid Vinogradov @leon-win
• Lukas Eipert
• markkaylor
• mathildeleg @mathildeleg
• Nidhi Sharma @Nidhisharma4399
• Pádraic Slattery @pgoslatara
• Ziyi @butcherZ

5.33.4 (2026-01-21)

🔥 Bug fix

• await the async map inside v5 release actions migration (#25125)
• paste multi line code in blocks editor (#25184)
• reorder components and dz on mobile (#25197)
• missing property breaking build (#25205)
• added multiple prop for medialibrarydialog (#25069)
• handle component structure properly for conditional fields (#25219)

⚙️ Chore

• refactor blocks editor block api (#25176)
• bump design-system to v2.1.2 (#25174)
• remove all occurances of aiLicenseKey (#24908)
• refining the API request tracker to record success and statusCode (#24906)
• update pinned undici (#25211)
• integrate subscription info in backend trackers (#24909)
• deps: bump undici from 6.21.2 to 6.23.0 (#25193)

💅 Enhancement

• responsiveness consistency for main nav (#25104)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• Ben Irvin
• Garrett Heaver @garrettheaver
• Maksim Zhukau @MaksZhukov
• Marco A.
• mathildeleg @mathildeleg
• Rémi de Juvigny @remidej

5.33.3 (2026-01-14)

🔥 Bug fix

• add token refresh logic for react query (#25053)
• env helper default and generic types (#24881)
• documentation: align with Data.ID (#24976)
• upload: content-api does not check file type restriction config (#25167)
• users-permissions: implement session revocation on password changes (#25168)

📚 Documentation Changes

• add blocks editor contributor docs (#25135)
• add live preview contributor docs (#25152)
• fix typo 'recieve' -> 'receive' in layouts documentation (#25170)

⚙️ Chore

• update multiple packages to resolve vuln warnings (#25137)
• update security policy for strapi version 4 (#24751)

❤️ Thank You

• Ayoub Hidri @ayhid
• DMehaffy
• Eric Ferreira
• Jamie Howard @jhoward1994
• markkaylor
• Nico André
• Rémi de Juvigny @remidej
• Ziyi @butcherZ

:warning: Security Warning and Notice :warning:

Strapi was made aware of a vulnerably that were patched in this release, for now we are going to delay the detailed disclosure of the exact details on how to exploit it and how it was patched to give time for users to upgrade before we do public disclosure.

What's Changed

• fix(content-type-builder): make write APIs accessible in devMode only by @nclsndr in https://github.com/strapi/strapi/pull/25133

Full Changelog: https://github.com/strapi/strapi/compare/v4.26.0...v4.26.1

:warning: Security Warning and Notice :warning:

Strapi was made aware of a vulnerably that were patched in this release, for now we are going to delay the detailed disclosure of the exact details on how to exploit it and how it was patched to give time for users to upgrade before we do public disclosure.

5.33.2 (2026-01-08)

🔥 Bug fix

• content-type-builder: make write APIs accessible in devMode only (#25132)

⚙️ Chore

• remove unused media lib files (115aba1855)
• use design-system variables for preview (#25064)

❤️ Thank You

• HichamELBSI
• mathildeleg @mathildeleg
• Nico André

5.33.1 (2025-12-29)

🔥 Bug fix

• update cloud request limit (#25040)
• adapt header height when title changes (#25028)
• excessive rerenders on edit view (#25029)
• dynamically replace favicon if provided in app config (#25012)
• update iso-locales.json with en-mm (#24261)
• subnav height cutting list when too many elements (#24753)
• globe icon is shown even if field is not localized (#24890)
• validation issue in hidden fields when publishing (#24482)
• optimize images (#25047)
• types: adding missing config types (#24905)

⚙️ Chore

• add i18 languages (#23845)
• add Bosnian and Mongolian Cyrillic language support (#23928)

💅 Enhancement

• make the publishedAt attribute visible (#24619)

❤️ Thank You

• adarshjayan7574 @adarshjayan7574
• Adrien L
• Bassel Kanso @Bassel17
• Boaz Poolman
• James @Davda-James
• lintoncaldecott
• mathildeleg @mathildeleg
• Omid Astaraki @electather
• Rémi de Juvigny @remidej
• Vitaliy Podushkin

5.33.0 (2025-12-17)

🚀 New feature

• update iso-locales.json with pap & regional variants (#25000)
• core/core: content-type id schema is number | string (#24978)
• i18n: add Russian translations for all admin components (#24077)
• plugins/i18n: add missing locale for Luxembourgish (lb-LU) (#22551)

🔥 Bug fix

• added scrollbar in media modal (#24856)
• layout header to properly handle long text without breaking the layout (#24191)
• edit views configuration not clear (#24980)
• admin: guidedTourMeta can be undefined and error (#25021)
• graphql: precompute built-in query fields at schema build (#25017)
• tests/scripts: disable gpgsign for e2e commits (#24959)

⚙️ Chore

• .cursor: add worktrees support (#25025)
• docs: reference contributor docs link (#25026)

❤️ Thank You

• Adrien Foulon @Tofandel
• Bassel Kanso @Bassel17
• Deepak gupta @guptadeepak8
• Jerry @flammangj
• kajgiesbersflavour @kajgiesbersflavour
• Maksim Zhukau @MaksZhukov
• mathildeleg @mathildeleg
• Mohamed osama @mooka95
• Nico André

5.32.0 (2025-12-10)

🚀 New feature

• core: adding clear button to boolean toggle (#24836)
• users-permissions: add refresh and logout actions to default permissions (#24877)

🔥 Bug fix

• playwright storage state (416a81b44e)
• don't translate enums with ai (#24965)
• change several file field types from string to text (#24931)
• added media to list of non localized fields (#24967)
• content-manager: blocks editor state always contains at least a paragraph block (#24990)
• content-type-builder: disable display of invisible content types (#24970)
• core/upload: rollback file name to string (#25004)
• graphql: graphql performance regression (#25017)

📚 Documentation Changes

• readme files explain shared code (dfcffa7413)

⚙️ Chore

• fix paths (099999c1d0)
• merge test runners (bb00d5e691)
• adding claude Reviewer (88b966db48)
• bump testing library dependencies (16b0f3c011)
• update pinned axios, glob, form-data, and sha.js (#25005)
• admin: guided tour should only display in development (#24907)

❤️ Thank You

• Adrien L
• Araksya Gevorgyan @araksyagevorgyan
• Bassel Kanso
• Ben Irvin
• DMehaffy
• HichamELBSI
• Jamie Howard @jhoward1994
• markkaylor
• Nico André
• Rémi de Juvigny @remidej
• Simon Norris

5.31.3 (2025-12-03)

🔥 Bug fix

• enter key trigger in edit view form (#24744)
• cli: transfer command ignores CLI flags and prompts unnecessarily (#24879)
• content-type-builder: ai chat message width and submit behavior (#24918)
• docs: enable contributor docs website to build locally (#24878)
• graphql: scope status filter inheritance to query tree (#24826)

⚙️ Chore

• update DS version to stable (18948ab6b4)
• update new Vietnamese keys and translations for the admin panel (#23710)
• replace deprecated Buffer.slice() with subarray() in encryption utils (#24904)
• admin: isolate ai apis to ee folder (#24834)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• HichamELBSI
• James Villarrubia @jamesvillarrubia
• markkaylor
• Nico André
• VitaHoang

5.31.2 (2025-11-20)

🔥 Hotfix

• revert: discard drafts migration (https://github.com/strapi/strapi/pull/24895)

5.31.1 (2025-11-19)

🚀 New feature

• media-library: add aria-selected and click handlers for better … (#23475)

🔥 Bug fix

• accessible responsive left menu (8f6b0444b7)
• bulk unpublish when creating a new locale (#24821)
• modifying&publishing locale should only update that locale (#24648)
• include locales to get last modified entries in widgets (#24647)
• optional chaining in getRetentionDays function (#24830)
• edit view dialog ui (#23353)
• show relations per locale in listview (#24805)
• global translation keys for bulk move modal (#22773)
• missing translations (#22800)
• added fix for not performing bulk actions when it is disabled (#21792)
• warn user on page reload/close if edit view has unsaved data (3c9d7923b3)
• add error notification when AI metadata save fails (#24611)
• unable to customize cors settings in graphql plugin (#22852)
• typescript error front test (#24845)
• contentTypes generation fails on negative number (#24056)
• unable to clear and save time only fields in the content manager… (#24675)
• add missing semicolon to core-contoller ts template (#24079)
• prevent list from jumping to top when selecting checkbox (#24146)
• admin: ai admin config can be set to true for non growth license (#24835)
• admin: ai disabled by default for growth license (#24868)
• content-manager: preserve fields with visible:false during form submission (#24849)
• core: max length on short text (#24794)
• core: allow description and placeholder be empty (#24799)
• db: replace discardDrafts calls in v5 migration with queries (#24798)
• upload: file-type does not support commonjs (#24848)

⚙️ Chore

• improve combobox to add new locale (#24806)
• replace act() calls with the right testing library api when it is necessary (b5ed02af8c)
• content-manager: fix deprecation in Tooltip usage (#23029)
• deps: bump cloudinary from 1.41.0 to 2.7.0 (#24831)
• deps: bump tar-fs from 2.1.1 to 2.1.4 (#24844)

💅 Enhancement

• improve package registry URL determination during Strapi upgrade (#22913)

❤️ Thank You

• Adrien L
• Araksya Gevorgyan @araksyagevorgyan
• Ayush @Ayushd785
• Bassel Kanso @Bassel17
• Ben Irvin
• Chaitya @chaitya-titan
• Daniel Garcia @dagadevelop
• Dmitry Maklygin @dmaklygin
• HichamELBSI
• Jorrit Schippers
• José Luis @SalahAdDin
• Lucas Boilly @lucasboilly
• markkaylor
• Marvin Mottet
• mathildeleg @mathildeleg
• Maxime Robert
• ndaemy @ndaemy
• Ocneanu Vlad @OcneanuVlad
• Razim Saidov @razims
• Sam Phillemon @Sam-Phillemon9493

Please note, this version has been deprecated on npm due to a data loss issue found within a bug fix.

5.31.0 (2025-11-12)

🚀 New feature

• upload: upload file type restriction (#24573)

🔥 Bug fix

• hint for min and max value add characters word to text fields only (#24772)
• get draft relations count from document with locale (#24785)

⚙️ Chore

• add support for node 24 (#24586)
• deps: bump brace-expansion (#23753)
• tests: add setupDatabaseReset utility (#24786)

❤️ Thank You

• Adrien L
• Araksya Gevorgyan @araksyagevorgyan
• Bassel Kanso @Bassel17
• markkaylor
• mathildeleg @mathildeleg

5.30.1 (2025-11-05)

🚀 New feature

• add support for new icon components that are already in the design system (8c44e3ecce)

🔥 Bug fix

• rerendering and flickering issue on i18n fields (#24605)
• nps survey responsiveness (c422f70d19)
• unable to click on the last row in media library modal (#24633)
• reset and publish enum default value (#24708)
• add script to configure husky on setup (#24714)
• prefill non translatable fields when creating new document locale (#24659)
• pagination count on query with locale=* (#24699)
• double go back button on mobile (6d6d78f1c4)
• navigate reset on query param change (93242b3945)
• update pt-br translations (#22400)
• prevent admins from deleting themselves (#24739)
• --no-verify flag on release commit (ef538d66b1)
• TypeScript: allow documentId as value in fields for document api (#22738)

⚙️ Chore

• bump swc libs (478d5a038e)
• replace singleselect by combobox for better ux (5b1587eb4e)
• update ai tracking events (#24758)
• bump playwright to latest (#24764)

💅 Enhancement

• add i18n ai loading indicator (#24749)
• enhance plugin generators (#24555)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• Boaz Poolman
• dannyweb @dagadevelop
• HichamELBSI
• markkaylor
• Mathilde Legrand
• mathildeleg @mathildeleg
• maxmag-soft @maxmag-soft
• Perry Fardella
• Rémi de Juvigny @remidej
• swerder @swerder

5.30.0 (2025-10-30)

🚀 New feature

• added additional attributes for link in richtext json blocks (#23431)
• i18n: update all translatable content (#24658)

🔥 Bug fix

• extending csp configs (#24571)
• input types (7a90cbc400)
• clean-component-join-table to fix non-DP entries not removing published relations (#24467)
• ios input zoom on focus (06dbbbd829)
• re-enable component cleanup script (#24652)
• don't trigger translations with no translateable content (#24718)
• i18n: locale picker not showing all authorized locales (#24325)
• i18n: use query engine to avoid marking published as modified (#24716)
• i18n: locale selector does not sort default locale first (#24722)
• i18n: revert query engine to use document service (#24726)

⚙️ Chore

• restore complex attributes (b278fe35b6)
• add dynamic zone to about schema (09f2d1f056)
• remove unstableAILocalizations future flag (#24704)
• i18n: populate media fields (#24705)
• i18n: dispatch tracking event for ai feature (#24707)
• upload: add isAIMediaLibraryConfigured to every tracking event (#24671)

💅 Enhancement

• make ai chat auto open (#24653)
• set up ai token in memory cache (#24720)

❤️ Thank You

• Anas KABILA @KABILA-Anas
• Araksya Gevorgyan @araksyagevorgyan
• Bassel Kanso @Bassel17
• HichamELBSI
• Laurens Kling @laurenskling
• markkaylor
• Pratik Vora @pratikbusiness
• Rémi de Juvigny @remidej

What's Changed

• Releases: 4.25.24 by @Bassel17 in https://github.com/strapi/strapi/pull/24489
• enhancement: backport change database hash from md5 to sha25 to v4 by @derrickmehaffy in https://github.com/strapi/strapi/pull/24042

Full Changelog: https://github.com/strapi/strapi/compare/v4.25.24...v4.26.0

5.29.0 (2025-10-22)

🚀 New feature

• upload: fixing ordering issue (#24554)

🔥 Bug fix

• improve keyboard accessibility in Content-Type Builder (44b76c127c)
• added fix for i18n tooltips are not working (#21978)
• locales in localpicker component not order alphabetically (#22417)
• add await to prevent redirect during test (#24581)
• available locales when creating new lang entry (#24577)
• missing description field when configuring dynamic zones (#21738)
• number and boolean values in JSON fields break admin panel (#22737)
• fixed the margin issue for displayed field list in collection types setting (#22422)
• search in Content Type Builder and Content Manager doesn't return all results (#24173)
• display error details when loading email provider (#24588)
• add missing translation for email template title (#24589)
• pass context to cookie options in authentication and session-auth utilities (#24602)
• misleading error message when publish empty required components (#24608)
• responsive subnav (def6f0caab)
• fill from other locale creates empty components (6477a820a0)
• behaviour of i18n "Available In" column (#24620)
• show error notification when upload settings save fails (c1592b8bd8)
• invalidate all documents cache after a release publish (#24618)
• content-manager: non-unique keys for Dynamic Zone add above/below menu items (#22270)

⚙️ Chore

• french admin ui (#23336)
• assign different Content project (#24614)

💅 Enhancement

• add en language for Japan (#24534)

❤️ Thank You

• Adrien L
• Adrien Lepoutre
• Araksya Gevorgyan @araksyagevorgyan
• Archana Agivale
• Ayushd785
• Dhruv Maradiya @Dhruv-Maradiya
• Franck Kerbiriou @FranckKe
• HichamELBSI
• Jamie Howard @jhoward1994
• Jorrit Schippers
• Lucas Boilly @lucasboilly
• Marion Kamoike-Bouguet @oiorain
• mathildeleg @mathildeleg
• PapatMayuri @PapatMayuri
• Prafull Pandey @pandeyprafull
• qburst-pranavtv @qburst-pranavtv
• Sai Abhinav Gandesree @saiabhinav75
• Sam Phillemon @Sam-Phillemon9493
• Shahed @dev-shahed

5.28.0 (2025-10-15)

🚀 New feature

• homepage customization (#24354)

🔥 Bug fix

• reset selection when folder changes to hide bulk actions (#24533)
• find published relations on components (6a5663977e)
• remove extra 'x' in the template (9360ca44a8)
• display name of admin user instead of id in filters (#24532)
• ci: correct message from "close-inactive" job (#24391)
• upload: disable the edit button on media input if disabled (#24267)
• upload: broken link in breadcrumb for deeply nested folders (#22914)

📚 Documentation Changes

• fix small errors in e2e section (#24494)

⚙️ Chore

• lint (e1891a9c99)
• set up ai i18n future flag (#24553)
• upload: track ai usage (#24552)

💅 Enhancement

• cookie security configuration (#24524)

🚨 Security

• deps: update pinned versions of axios, tar-fs, form-data, and sha.js (#24569)

❤️ Thank You

• 0xflotus @0xflotus
• Abhigyan Pal @0bhi
• Adrien L
• Ahmad Alfy @ahmadalfy
• Ahmad El-Alfy @ahmadalfy
• Alexandre BODIN
• Ben Irvin
• Hugo Alliaume @Kocal
• Jamie Howard @jhoward1994
• markkaylor
• mathildeleg @mathildeleg
• Rémi de Juvigny @remidej

5.27.0 (2025-10-08)

🚀 New feature

• responsive navigation (#24455)
• ai generated image metadata (#24422)

🔥 Bug fix

• don't render ctb ai chatbot in production mode (#24519)
• scroll in sidenav (#24521)
• ai settings show up for licenses without ai (#24530)
• upload: use absolute server url for file url (#24522)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• markkaylor
• Rémi de Juvigny @remidej

5.26.0 (2025-10-06)

🚀 New feature

• ai: AI Chat for Schema Creation (#23730)

🔥 Bug fix

• allow submitting attachments to AI chat (#24498)
• add handling for AI credit limit exceeded error in chat component (#24500)

💅 Enhancement

• AI notification system improvements (#24505)

❤️ Thank You

• Bassel Kanso @Bassel17
• Ben Irvin @innerdvations
• Jamie Howard @jhoward1994

What's Changed

• fix: unique index recreation by @AlbertoCalvoRubio in https://github.com/strapi/strapi/pull/24423

New Contributors

• @AlbertoCalvoRubio made their first contribution in https://github.com/strapi/strapi/pull/24423

Full Changelog: https://github.com/strapi/strapi/compare/v4.25.23...v4.25.24

5.25.0 (2025-10-01)

🚀 New feature

• homepage: add endpoints for widget move and resize actions (#24358)

⚙️ Chore

• strapi DS v2.0.0-rc.30 bump (#24456)

❤️ Thank You

• Adrien L
• Araksya Gevorgyan @araksyagevorgyan

:warning: Security Warning and Notice :warning:

Strapi was made aware of a vulnerably that were patched in this release, for now we are going to delay the detailed disclosure of the exact details on how to exploit it and how it was patched to give time for users to upgrade before we do public disclosure.

5.24.2 (2025-09-29)

🚀 New feature

• Advanced Session Configuration (#24346)

🔥 Bug fix

• database is corrupt with orphaned relations (#24316)
• assert admin.auth.secret on bootstrap instead of init (a1b9cf7971)
• support auth.options config in sessions (#24460)
• stop repair script from running automatically (#24470)

❤️ Thank You

• @jhoward1994
• @markkaylor
• @Bassel17
• @innerdvations
• Ziyi @butcherZ
• Special thanks to @laurenskling for all the help debugging and testing!

⚠️ Notice on Admin JWT Changes

This release fundamentally changes how Admin Panel login and register JWTs work from 5.23.6.

If your project or plugins rely on undocumented functionality or internal behavior related to the Admin JWT, those implementations are very likely to break after upgrading and affect your ability to log in to the Strapi Admin Panel.

For more information on the new feature configuration settings, please see the configuration docs for Users and Permissions and Admin Panel

⚠️ This version is deprecated. Please use 5.24.2 🙏

5.24.1 (2025-09-25)

includes release notes from deprecated 5.24.0

🚀 New feature

• Advanced Session Configuration (#24346)

🔥 Bug fix

• database is corrupt with orphaned relations (#24316)
• assert admin.auth.secret on bootstrap instead of init (a1b9cf7971)

❤️ Thank You

• @jhoward1994
• @markkaylor
• @Bassel17
• @innerdvations
• Special thanks to @laurenskling for all the help debugging and testing!

⚠️ Notice on Admin JWT Changes

This release does not introduce breaking changes in any documented Strapi APIs or functions.
However, it fundamentally changes how Admin Panel login and register JWTs work.

If your project or plugins rely on undocumented functionality or internal behavior related to the Admin JWT, those implementations are very likely to break after upgrading and affect your ability to log in to the Strapi Admin Panel.

For more information on the new feature configuration settings, please see the configuration docs for Users and Permissions and Admin Panel

⚠️ This version is deprecated. Revert to 5.23.6 for now 🙏

5.24.0 (2025-09-24)

🚀 New feature

• Advanced Session Configuration (#24346)

🔥 Bug fix

• database is corrupt with orphaned relations (#24316)

❤️ Thank You

• @jhoward1994
• @markkaylor
• @Bassel17
• @innerdvations
• Special thanks to @laurenskling for all the help debugging and testing!

⚠️ Notice on Admin JWT Changes

This release does not introduce breaking changes in any documented Strapi APIs or functions.
However, it fundamentally changes how Admin Panel login and register JWTs work.

If your project or plugins rely on undocumented functionality or internal behavior related to the Admin JWT, those implementations are very likely to break after upgrading and affect your ability to log in to the Strapi Admin Panel.

For more information on the new feature configuration settings, please see the configuration docs for Users and Permissions and Admin Panel

5.23.6 (2025-09-19)

🔥 Bug fix

• create UID from singular name instead of display name (#24408)

❤️ Thank You

• Ziyi @butcherZ

5.23.5 (2025-09-17)

🔥 Bug fix

• track only the api requests (#24167)

💅 Enhancement

• remove default notification title (#24337)

🚨 Security

• deps: update form-data, axios, and sha.js (#24389)

❤️ Thank You

• Ben Irvin
• Marco A.
• Marion Kamoike-Bouguet @oiorain
• Rémi de Juvigny @remidej

5.23.4 (2025-09-10)

🔥 Bug fix

• add support for custom field attributes in schema mapping (#24310)
• errors when trying to link design-system locally (#24247)
• saving deletion of optional components not working (#24317)

⚙️ Chore

• guided-tour: remove dead code (#24327)

❤️ Thank You

• Adrien L
• Jamie Howard @jhoward1994
• Jan Fässler @faessler
• markkaylor

5.23.3 (2025-09-04)

🔥 Bug fix

• syncing components in draft and publish relations (#24227)

❤️ Thank You

• Bassel Kanso @Bassel17

5.23.2 (2025-09-03)

🔥 Bug fix

• update route serialization utility to handle non-array values correctly (#24245)

⚙️ Chore

• change close stale issue github action (#24260)
• close stale issue starts from oldest issue (#24264)
• close stale exclude PRs. include all assignees. (#24265)
• stale issues remove dry run (#24270)
• label and close issues before 2022 (#24272)
• label and close issues before 2023 (#24278)
• label and close issues before 2024 (#24279)

❤️ Thank You

• Jamie Howard @jhoward1994
• Marion Kamoike-Bouguet @oiorain

5.23.1 (2025-08-27)

🔥 Bug fix

• add missing userid to amplitude events (3780331997)
• reordering dynamic zones messes up indexes during validation (#24195)
• corrected UI of searchbar on content manager (#23813)
• wrong count of non draftAndPublish entries (#24211)

⚙️ Chore

• implement a new prompt to enable A/B test and track the event (#24125)
• update guided tour tracking events (#24192)

❤️ Thank You

• Adrien L
• akash-dabhi-qed @akash-dabhi-qed
• markkaylor
• Maxime Castres @Mcastres
• Melo Ortega

5.23.0 (2025-08-20)

🚀 New feature

• CTB: add conditional fields form to custom fields advanced settings (#24175)

🔥 Bug fix

• wrong count for published entries in homepage widget (#24152)
• update tracking on homepage widgets (#24153)
• refactor openAPI log (#24182)

💅 Enhancement

• improve guided tour (#24094)

❤️ Thank You

• Adrien L
• Bas Broekhuizen
• Bassel Kanso @Bassel17
• markkaylor
• Ziyi @butcherZ

5.22.0 (2025-08-13)

🚀 New feature

• last activity homepage widget (#24068)

🔥 Bug fix

• homepage widgets adjustments (#24071)
• reordering newly created components in dz cause error on save (#24114)
• guided tour adds paddings to pages instead of using offset (#24170)

⚙️ Chore

• new workflow to tag issues before 2021 to prepare for cleanup - github issues management (#24098)
• change query to include parameters instead of filtering response in github action (#24116)
• revert uuid (#24067)

❤️ Thank You

• Adrien L
• Marion Kamoike-Bouguet @oiorain
• markkaylor

5.21.0 (2025-08-06)

🚀 New feature

• key statistics homepage widget (#23938)
• homepage upcoming releases widget (#23998)
• Added firstPublishedAt field which sets the datetime when a content is first published. (#22512, #23160)

🔥 Bug fix

• do not overwrite modified names in create ct modal (06dce79903)
• create relation and save flaky test (#24041)
• do not overwrite modified names in create ct modal (be03ffa02a)
• incorrect config won't run example app (#24063)
• color of release status icon (#23842)
• allow audit logs to be increased up to the license maximum (#24061)
• include encryption key in javascript template (#24076)
• update openapi package with correct configuration (#24099)
• core: handle time to dateTime and dateTime to time conversion with postgres (#24073)

⚙️ Chore

• overwrite names if displayName actually changes (687c4fd496)
• update guided tour documentation (#24046)
• add empty project to examples (#24049)
• improve getstarted dummy preview page (#24091)
• content-manager: fix typo in code comment (402f6df180)
• openapi: update dependencies to version 5.20.0 (7a83ebacc4)

❤️ Thank You

• Adrien L
• Ankit @ankit7201
• Bassel Kanso @Bassel17
• Ben Irvin
• DMehaffy
• Jamie Howard
• Jorrit Schippers
• markkaylor
• Rémi de Juvigny @remidej
• Simone
• Ziyi

:warning: Security Warning and Notice :warning:

Strapi was made aware of a vulnerably that were patched in this release, for now we are going to delay the detailed disclosure of the exact details on how to exploit it and how it was patched to give time for users to upgrade before we do public disclosure.

5.20.0 (2025-07-30)

🚀 New feature

• add conditional fields e2e tests (#23843)

🔥 Bug fix

• document_id must appear in the GROUP BY clause (947c3a83d8)
• resolved filter overlapping issue by changing z-index (#23953)
• update autocomplete attribute in RelationsInput component to filter by contains (#23579)
• add reducer to be able to mutate widgets in register function (#23908)
• resolved filter overlap with datepicker by reducing zIndex of filter … (#23884)
• conditional validation preview publish (#23894)
• port comparison (6e535cb756)
• add full support for wildcards (33c610560b)
• handle undefined origins (77cb37d43d)
• prevent full screen loader regression in preview page (#24038)
• support wildcards in arrays of origins (4754eca8ef)
• prevent validation error when updating user without password change (#23898)
• content-type-builder: fix schema validation when max is equal to min (#24032)

⚙️ Chore

• fix test types (5ea30a044e)
• remove old guided tour and set the new one as stable (#24003)
• clean up logic (5302884290)
• replace node-schedule with strapi.cron service (e648c19c20)

💅 Enhancement

• promote preview configuration docs (#23961)

❤️ Thank You

• Adrien L
• akash-dabhi-qed @akash-dabhi-qed
• Ben Irvin
• Dhruv Chheda @chhedadhruv
• Giulio Montagner @giu1io
• ioleo
• markkaylor
• Michal Kos @michalkos
• Rémi de Juvigny @remidej
• Simone
• Ulysse Prygiel @ulybu

What's Changed

• security(deps): upgrade koa 2.16.1 by @innerdvations in https://github.com/strapi/strapi/pull/23682
• enhancement: add a way to register a u&p provider on v4 by @derrickmehaffy in https://github.com/strapi/strapi/pull/23207

5.19.0 (2025-07-23)

🚀 New feature

• add preview device selector (#23985)
• cloud-cli: support async project creation notifications (a970fea681)

🔥 Bug fix

• sign file URLs in upload service and in graphql (#23834)

⚙️ Chore

• useScopedPersistentState custom hook (83c9d185c6)
• update settings sidebar links ui (ef8b017af0)
• improve types (cafab34e06)

❤️ Thank You

• Giulio Montagner @giu1io
• markkaylor
• mazzucchelli @mazzucchelli
• Rémi de Juvigny @remidej
• Ziyi

5.18.1 (2025-07-16)

🚀 New feature

• homepage widget entries chart (#23903)

🔥 Bug fix

• add Introduction step in the Single collection Edit view (#23943)
• yarn build issue (#23906)

⚙️ Chore

• round arrow, adjust offsets, add border none back (590c24ce65)
• remove fragment (8ed7454f69)
• strapi DS v2.0.0-rc.29 bump (#23937)
• update cloud plugin to add Free plan (#23934)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• mariekirsch @mariekirsch
• Mark Kaylor
• markkaylor
• Rémi de Juvigny @remidej
• Simone

5.18.0 (2025-07-09)

🚀 New feature

• homepage widget profile (#23829)
• homepage widget assigned to me (#23848)

🔥 Bug fix

• preserve non-localized fields when updating localized content for new locale (#23830)
• use documentId as mainField fallback (#23796)
• make upgrade tool work with a proxy (#23847)
• added missing e2e test for homepage profile widget (#23850)
• resolve labels overflowing issue in Api-Token creation Permissions Accordian. (#23526)
• guided tour test types (#23877)
• fix condition loss on relation field (#23885)
• release build process (#23917)
• api-tokens: update lastUsedAt if it's null (#23870)

⚙️ Chore

• strapi DS v2.0.0-rc.28 bump (cedd719a48)

❤️ Thank You

• Adrien L
• Bassel Kanso @Bassel17
• markkaylor
• PapatMayuri @PapatMayuri
• Rémi de Juvigny @remidej
• Simone
• Simone Taeggi
• Ziyi

5.17.0 (2025-07-02)

🚀 New feature

• content-manager: conditional fields (#23616)

🔥 Bug fix

• design of user status (#23771)
• locale selector dropdown showing incorrect status in content man… (#23434)
• remove policy from license-limit-info that breaks releases (#23424)
• media library new folder not created when hitting enter (#22735)
• Cleaner fallback for documents and audio files in the Media Libr… (#22378)
• update of logo (#23749)

⚙️ Chore

• track widgets usage (#23809)

❤️ Thank You

• Adrien L
• Bassel Kanso
• Dhruv Maradiya @Dhruv-Maradiya
• DMehaffy
• Mohamed Dilshad
• Rémi de Juvigny @remidej
• Yatin Gaikwad @yatin166

5.16.1 (2025-06-25)

🔥 Bug fix

• resolved the issue with search field not closing (#22415)
• standardization of the menu items (#23264)
• add the disabled state of the creatable button with no permissions (#23630)
• graphql: draft and publish document does not forward root query args (#23737)
• upload: import cropperjs css by styled components (#23707)

⚙️ Chore

• strapi DS v2.0.0-rc.27 bump (#23775)

❤️ Thank You

• Lucas Boilly @lucasboilly
• Manoj M S @Manoj-M-S
• markkaylor
• Simone

5.16.0 (2025-06-17)

🚀 New feature

• uid: add regex attribute (#23141)

🔥 Bug fix

• updated word break property for word wrap around (#23265, #23430)
• design issues (#23719)
• serve the correct document when we duplicate a document with a locale different than the default one (#23709)
• display name of upload plugin in roles settings (#23739)
• min/max value for components not clear (#23741)
• bulk publish mutliple locales does not validate required media (#23750)
• content-manager: documentId missing from fields for the view and… (#23604)
• upload: draggable element style (#22098)

⚙️ Chore

• content-type-builder: add DidUpdateCTBSchema event (#23651)
• upgrade formidable to 3.5.4 (#23722)
• strapi DS v2.0.0-rc.26 bump (#23752)

💅 Enhancement

• debounce blocks editor update (#23681)

🚨 Security

• update docusaurus (#23721)

❤️ Thank You

• Adrien L
• Ankit @ankit7201
• Arsen @ar53n
• Aurélien MANCA
• Ben Irvin
• Jamie Howard @jhoward1994
• markkaylor
• Rémi de Juvigny @remidej
• Simone

5.15.1 (2025-06-11)

🔥 Bug fix

• repeatable components should not load relations when creating a new entry (#22549)
• one to many relations returns published and draft versions (#23673)
• default timezone releases issue (#23629)
• content-manager: ui issue when too many elements in dz in configure the view (6711be04e4)
• content-manager: dragging moves incorrect field in configure the view (#23602)
• upload: switching tab when updating pagination (2f28b9dcef)

⚙️ Chore

• move generateFileName to image-manipulation to allow overriding (7de63df3ae)
• create strapi mock for test (9c04fd0da8)
• update nodemailer from 6.9.1 to 6.10.1 (#23678)
• strapi DS v2.0.0-rc.25 bump (c1c86417e9)

💅 Enhancement

• prevent edit view unnecessary rerenders (#23667)
• types: export configuration Shared types (#22620)
• debounce blocks editor update (#23681)

❤️ Thank You

• Adrien L
• Adrien Lepoutre
• DMehaffy
• Laurens Kling
• markkaylor
• Rémi de Juvigny @remidej
• unrevised6419 @unrevised6419

5.15.0 (2025-06-04)

🚀 New feature

• cli: Introduce the Growth Trial prompt (#23498)

🔥 Bug fix

• fixed cancel and publish button from dialog modal of bulk publish #20809 (#20809)
• improve type signature core-store getter (#23593)
• blocks ui (#23311)
• avoid history data loss when license is missing (#23562)
• issue #23572 support undefined allowed types (#23572)
• header behind other elements (0dc28a7d00)
• ctb custom field need to allow extra configs (32feefe431)
• content-type: improve field validation logic in permission settings (#23581)
• document-service: implement document ID uniqueness check and add corresponding tests (#23577)

⚙️ Chore

• upgrade vite, axios, tar-fs (#23652)

🚨 Security

• upgrade koa to 2.16.1 (#23654)

❤️ Thank You

• Adrien Lepoutre
• Alexandre BODIN
• Arthur Moreau
• Ben Irvin
• dhoko @dhoko
• Jamie Howard @jhoward1994
• Lucas Boilly @lucasboilly
• PapatMayuri
• Rémi de Juvigny @remidej