Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Releases: keystonejs/keystone

19 March 2026

Choose a tag to compare

@emmatown emmatown released this 20 Mar 00:04

The following packages have been updated

@keystone-6/core@6.5.2

Bug Fixes

  • [core] Fix isFilterable bypass via cursor parameter in findMany query (#9790) @n0wsh

🚨 Security Updates

We have identified and fixed 1 security vulnerability

  • CVE-2026-33326 - {field}.isFilterable access control could be bypassed in findMany queries by passing a cursor. This could be used to confirm the existence of records by protected field values.

👀 Review

See 2025年05月06日...2026年03月19日 to compare with our previous release.

Contributors

n0wsh
Loading
sfodor, NetLancer, and JPrisk reacted with hooray emoji
3 people reacted

06 May 2025

Choose a tag to compare

@dcousens dcousens released this 05 May 23:28

The following packages have been updated

@keystone-6/core@6.5.1

Bug Fixes

Contributors

emmatown
Loading
NetLancer reacted with hooray emoji
1 person reacted

05 May 2025

Choose a tag to compare

@dcousens dcousens released this 05 May 03:38

The following packages have been updated

@keystone-6/core@6.5.0

New Features

  • [core] Add support for uniquely filtering items by 1-to-1 relationships (#9595) @dcousens

🚨 Security Updates 🚨

We have identified and fixed 1 security vulnerability

  • CVE-2025-46720 - Field-level isFilterable bypass for update and delete mutations

👀 Review

See 45d156b...b59946f to compare with our previous release.

Contributors

dcousens
Loading
NetLancer, arsekil, and dmythro reacted with thumbs up emoji dcousens and NetLancer reacted with eyes emoji
4 people reacted

24 February 2025

Choose a tag to compare

@emmatown emmatown released this 24 Feb 02:39
45d156b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/core@6.4.0

New Features

  • [core] Adds support for searching relationship fields in the list view (#9401) @dcousens

Bug Fixes

  • [core] Fixes Admin UI breaking in Safari (#9453) @emmatown
  • [core] Fixes list view ignoring .ui.listView.searchFields (#9401) @dcousens
  • [core] Fixes context.db missing types if they are omitted from GraphQL (#9402) @emmatown

💙 Acknowledgements

Lastly, thanks to @emmatown (#9459), @renovate (#9400,#9399,#9394) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年11月07日...2025年02月24日 to compare with our previous release.

Contributors

dcousens, renovate, and emmatown
Loading
biapar reacted with thumbs up emoji NetLancer, stuible, and devzom reacted with hooray emoji
4 people reacted

7 November 2024

Choose a tag to compare

@dcousens dcousens released this 07 Nov 03:43
b8beced
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/auth@8.1.0
@keystone-6/core@6.3.1
@keystone-6/fields-document@9.1.1
create-keystone-app@10.0.3

New Features

  • [auth] Updates the welcome page newsletter to include Thinkmill (#9335) @benderham

Bug Fixes

  • [core] Fix misleading error messages when importing .keystone/config.js (#9359) @marekryb
  • [core] Fixes serxer.maxFileSize parameter being ignored (#9348) @dcousens
  • [fields-document] Fixes URL validation bug by using encodeURI to preserve percent-encoded characters during validation. (#9326) @kidneyweakx
  • [core] Updates prisma minor version to 5.22.0 (#9391) @dcousens
  • [core] Fixes decimal field bug (#8597) by parsing to Decimal before lessThan / greaterThan checks (#9262) @kennedybaird
  • [create-keystone-app] Fix output formatting for CLI instructions (#9327) @iamandrewluca

💙 Acknowledgements

Lastly, thanks to @benderham (#9332,#9320), @dcousens (#9391,#9317,#9314), @iamandrewluca (#9361,#9327,#9328), @renovate (#9390,#9389,#9388,#9387,#9386,#9381,#9378,#9379,#9380,#9377,#9369,#9370,#9371,#9372,#9368,#9365,#9366,#9367,#9331,#9356,#9353,#9355,#9354,#9351,#9352,#9346,#9345,#9343,#9341,#9342,#9226,#9333,#9325,#9324,#9322,#9321,#9319) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年08月28日...2024年11月07日 to compare with our previous release.

Loading
NetLancer, piyushchauhan2011, and dimlev reacted with hooray emoji
3 people reacted

28 August 2024

Choose a tag to compare

@dcousens dcousens released this 28 Aug 11:48
12fb38b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/core@6.3.0
create-keystone-app@10.0.2

New Features

  • [core] Adds keystone telemetry inform command to show an informed consent notice (#9292) @dcousens
  • [core] Adds context.transaction passthrough for prisma $transaction options (#9280) @acburdine
  • [core] Upgrade prisma to 5.19.0 (#9310) @renovate

Bug Fixes

🌱 New Contributors

Thanks to the following developers for making their first contributions to the project!

💙 Acknowledgements

Lastly, thanks to @dcousens (#9311,#9300,#9301,#9300), @renovate (#9305,#9307,#9306,#9308,#9296,#9297,#9295,#9283,#9260,#9281,#9284,#9282,#9279), @simonswiss (#9293,#9268) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年08月09日...2024年08月28日 to compare with our previous release.

Contributors

dcousens, simonswiss, and 3 other contributors
Loading

09 August 2024

Choose a tag to compare

@dcousens dcousens released this 09 Aug 02:23
295cc73
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/core@6.2.0
@keystone-6/fields-document@9.1.0
create-keystone-app@10.0.0

New Features

  • [core] Add support for lists with no fields in GraphQL (#9254) @dcousens
  • [core] Update esbuild to ^0.23.0 (#9264) @dcousens
  • [core] Update nextjs to version 14 (#9264) @dcousens
  • [core] Update prisma monorepo to version 5.17.0 (#9264) @dcousens
  • [fields-document] Fix @keystone-6/fields-document package breaking when compiling in SSR environments (#8717) (#9041) @marekryb
  • [core] Add exports for internal AdminUI pagination components Pagination, PaginationLabel and usePaginationParams for use in custom pages (#9152) @mikehazell
  • [core] Add support for developers to add esbuild.keystone.ts to the working directory to mutate the default esbuild configuration (#9235) @dcousens
  • [core] Add db.isNullable support for multiselect field type, defaulting to false (#9166) @acburdine
  • [core] Fix Prisma errors not showing when a Prisma migration errors internally (#9273) @dcousens
  • [create-keystone-app] Adds support for npm_config_user_agent for determining your package manager (#9102) @iamandrewluca

Bug Fixes

  • [core] Fix malformed uuid's from breaking relationship filters when using POSTGRESQL (#9155) @dcousens
  • [fields-document] Replace io-ts with zod internally (#9263) @dcousens
  • [core] Fix keystone prisma ... not returning the same error code as the Prisma engine (#9164) @renovate
  • [core] Fix list.ui.hide* defaulting to false when GraphQL is omitted (#9217) @dcousens
  • [core] Fix bigInt field type to throw if defaultValue: { kind: 'autoincrement' } and validation.isRequired is set (#9166) @acburdine
  • [core] Update built-in fields to use newer validate hook syntax (#9166) @acburdine

💙 Acknowledgements

Lastly, thanks to @dcousens (#9264,#9264,#9264,#9269,#9263,#9258,#9249,#9247,#9232,#9219,#9218,#9213,#9144), @direisc (#9170), @gautamsi (#9231,#9179), @ggpwnkthx (#9130), @iamandrewluca (#9102,#9125), @kennedybaird (#9272,#9252), @renovate (#9221,#9242,#9222,#9223,#9215,#9211,#9206,#9207,#9205,#9157,#9197,#9196,#9193,#9194,#9187,#9188,#9185,#9184,#9175,#9168,#9167,#9163,#9159,#9161,#9160,#9162,#9158,#9151,#9150,#9148,#9145,#9143,#9140,#9137,#9135,#9134,#9133), @simonswiss (#9267,#9251,#9257,#9255,#9202,#9228,#9227,#9220,#9198) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年04月30日...2024年08月09日 to compare with our previous release.

Loading
stuible, NetLancer, lahirurane-rau, and YoungiiJC reacted with heart emoji
4 people reacted

30 April 2024

Choose a tag to compare

@dcousens dcousens released this 30 Apr 06:08
bd33f07
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/core@6.1.0

New Features

  • [core] Update prisma to 5.13.0 (#9112) @renovate
  • [core] Add config.db.extendPrismaClient to support extending the PrismaClient (#9114) @iamandrewluca
  • [core] Adds context.transaction for interactive transactions when using a context (#9122) @dcousens
  • [core] Adds keystone migrate create and keystone migrate apply (#9103) @dcousens

Bug Fixes

  • [core] Fix config.db.enableLogging types to align with Prisma 5 (#9100) @dcousens
  • [core] Fix keystone command help text to show where --frozen and --no-server are applicable (#9099) @dcousens

🌱 New Contributors

Thanks to the following developers for making their first contributions to the project!

💙 Acknowledgements

Lastly, thanks to @dcousens (#9117,#9097), @raveling (#9111), @renovate (#8970,#9118,#9116,#9108,#9109,#9107,#9098,#9093) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年04月16日...2024年04月30日 to compare with our previous release.

Contributors

dcousens, renovate, and 3 other contributors
Loading
NetLancer, unrevised6419, ObaidQatan, syahrizaldev, ttbarnes, dmythro, borisno2, LeanKhan, nickhsine, niklasramo, and mahd1ar reacted with hooray emoji NetLancer, unrevised6419, borisno2, and nickhsine reacted with heart emoji
11 people reacted

16 April 2024

Choose a tag to compare

@dcousens dcousens released this 16 Apr 01:47
6603187
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/auth@8.0.0
@keystone-6/cloudinary@8.0.0
@keystone-6/core@6.0.0
@keystone-6/fields-document@9.0.0

Breaking Changes

  • [core] Changes file and image to use random 128-bit base64url identifiers by default, not uuid (#9079) @dcousens
  • [core] Removes AdminUIConfig, DatabaseConfig, GraphQLConfig and ServerConfig from @keystone-6/core/types, and some unused types - instead use KeystoneConfig['ui'], KeystoneConfig['db'] and so on (#9085) @dcousens
  • [core] Removes @keystone-6/core/system from exports (#9085) @dcousens
  • [core] Upgrade @prisma/* packages to 5.12.1 (#9088) @dcousens, @borisno2
  • [core] Removes unused type parameters from types ListConfig and ListAdminUIConfig (#9083) @dcousens
  • [core] Remove the deprecated type parameters from the list and group functions (#9083) @dcousens
  • [core] Removes graphqlSchema parameter from extendHttpServer, use context.graphql.schema instead (#9083) @dcousens
  • [core] Moves config.extendGraphqlSchema to config.graphql.extendGraphqlSchema, similar to db.extendPrismaSchema (#9083) @dcousens
  • [core] Remove KeystoneConfig parameter from getAdditionalFiles function type (#9083) @dcousens
  • [core] Remove the deprecated context.exitSudo from KeystoneContext (#9083) @dcousens
  • [core] Remove context.experimental.initialisedLists, use context.__internal.lists (may break in patch) (#9083) @dcousens
  • [core] Remove ExtendGraphqlSchema type alias, use (schema: GraphQLSchema) => GraphQLSchema instead (with import type { GraphQLSchema } from 'graphql'). (#9083) @dcousens, @emmatown
  • [core] Remove the deprecated (#8721) config.server.healthCheck, use extendExpressApp instead (#9083) @dcousens
  • [core] Removes ListSchemaConfig type, use KeystoneConfig['lists'] instead (#9083) @dcousens
  • [core] Remove db.additionalPrismaDatasourceProperties, use extendPrismaSchema if needed (#9083) @dcousens
  • [core] Remove db.prismaPreviewFeatures, use extendPrismaSchema if needed (#9083) @dcousens
  • [core] Remove any type parameter from SessionStore/SessionStoreFunction types (#9083) @dcousens
  • [core] Remove deprecated config.db.useMigrations, use --with-migrations process argument or keystone prisma migrate [dev|deploy] instead (#9090) @dcousens
  • [core] Change keystone prisma behaviour to first require keystone build (or keystone dev) (#8776) @dcousens, @borisno2

New Features

  • [core] KS_PRISMA_ERRORS are now logged with console.error on the server (#8776) @dcousens

Bug Fixes

  • [core] Fix --no-server being ignored by keystone start (#9090) @dcousens

💙 Acknowledgements

Lastly, thanks to @dcousens (#9087,#9094,#9087), @renovate (#9096,#9095,#9086,#9084,#9080) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年04月02日...2024年04月16日 to compare with our previous release.

Contributors

dcousens, renovate, and 2 other contributors
Loading
JoinThisBand, Arthur-Ruthenberg, and niklasramo reacted with hooray emoji aleygues, NetLancer, and acburdine reacted with rocket emoji
6 people reacted

02 April 2024

Choose a tag to compare

@dcousens dcousens released this 02 Apr 01:56
0f7760f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The following packages have been updated

@keystone-6/auth@7.0.3
@keystone-6/core@5.8.0

New Features

  • [core] Adds {field}.hooks.validate.[create|update|delete] hooks, deprecates validateInput and validateDelete (throws if incompatible) (#9057) @dcousens
  • [core] Adds {list}.hooks.validate.[create|update|delete] hooks, deprecates validateInput and validateDelete (#9056) @dcousens
  • [core] Add async to extendHttpServer, to support await on startup (#9026) @dcousens

Bug Fixes

  • [auth] Fix createInitial* and send*MagicAuthLink to throw if the expected type from sessionStrategy.start is not a string (#9018) @dcousens
  • [core] Use db.idField of { kind: 'number', kind: 'Int' } internally for singletons (#9027) @dcousens
  • [core] Fixes the text field type to accept a defaultValue of null (#9057) @dcousens
  • [core] Fix image field type to use consistent sub-field ordering (#9017) @dcousens
  • [core] Fix config.server.cors type preventing value of false (#9026) @dcousens
  • [core] Fix defaultIsFilterable and defaultIsOrderable types preventing value of true (#8809) @dcousens
  • [core] Fix global locking by dropping global p-limit on context.query/context.db (#8809) @dcousens
  • [core] Deprecates extendHttpServer's graphqlSchema argument, use context.graphql.schema instead (#9028) @dcousens
  • [core] Fix static relationship resolution errors to conform to nominal error structure (#9042) @dcousens
  • [core] Fixes createExpressApp to use context.graphql.schema, not the GraphQLSchema argument (#9029) @dcousens
  • [core] Deprecates ExtendGraphQLSchema type, use type (schema: GraphQLSchema) => GraphQLSchema instead (#9029) @dcousens

🌱 New Contributors

Thanks to the following developers for making their first contributions to the project!

💙 Acknowledgements

Lastly, thanks to @dcousens (#9071,#9071,#9071,#9071,#9068,#9055,#9053,#9048,#9043,#9034,#9033,#9032,#9015,#9016,#9012,#9011), @molomby (#9047), @renovate (#9060,#9059,#9065,#9044,#9045,#9050,#9040,#9031,#9030,#9024,#9021,#9020,#9022,#8952) for changes not shown above, but none-the-less appreciated.

👀 Review

See 2024年02月07日...2024年04月02日 to compare with our previous release.

Contributors

dcousens, dagrinchi, and 4 other contributors
Loading
notdatkunal and stefusilviu reacted with heart emoji VeoScript, NetLancer, and aleygues reacted with rocket emoji
5 people reacted
Previous 1 3 4 5 6 7
Previous

AltStyle によって変換されたページ (->オリジナル) /