Version 11
Version 11.1.2
New Comment Endpoints
We've introduced a dedicated directus_comments collection, replacing the previous system that used directus_activity
for comments. While new comment endpoints have been added, existing endpoints remain functional.
Comment primary keys are now UUIDs instead of numeric values, which may impact custom type checking implementations.
SDK Comment Function Uses New Endpoints
The internal comment endpoints in the Directus SDK have been updated to reflect this change. To avoid errors, ensure your Directus version is compatible with the latest SDK when using comment functions.
Migrate to CommentsService in Extensions
Extensions using the ActivityService to manage comments should migrate to the new CommentsService.
Version 11.1.1
Dropped support for the SendGrid email transport option
The SendGrid abstraction for nodemailer is no longer supported, so we have dropped it's usage from Directus. Users of
SendGrid should update their configuration to use their SendGrid account's SMTP Relay configuration instead.
Version 11.0.0
Directus 11 introduces policies, a new concept within access control configuration. Permissions are no longer held in roles, but instead in policies. Policies can be attached to roles and also directly to users.
While users can still only have one direct role, roles can now also be nested within roles. A user's permissions are now an aggregate of all policies attached directly to them, to their role, and any nested roles.
Changes to Object Properties
Object properties have changed and moved. This should only impact users who use and rely on the users, roles, and permissions endpoints.
Users
Users now have one additional property - policies, which is a many-to-many relationship to policies.
Roles
Roles no longer hold admin_access, app_access, enforce_tfa, or ip_access. These have been moved to policies.
Roles now have one additional property - children, which is a one-to-many relationship to roles.
Permissions
Permissions are no longer attached to a role. This has been changed to a policy.
Requests for Missing Fields Now Fail
If you are requesting fields that do not exist anymore, your requests will throw an error. To fix this, either put fields back into your data model or remove them from the request.
M2A Fields Now Require Collection Name
If you are requesting Many-to-Any (M2A) fields without collection name, they will throw an error. To fix this, you need to put the collection name you are targeting. This is true regardless of level or if using REST/GraphQL.
Changes for Extension Developers
Properties Returned from usersStore
The usersStore has a role object that previously contained the admin_access, app_access, and enforce_tfa
properties. These are now returned directly in the user object.
preRegisterCheck Data Structure
If you use the preRegisterCheck guard function in your module extension to determine whether it is shown, it now
receives a different data structure. It previously received a list of permission objects. Now, it receives the same data
returned from the new Get Current User Permissions
endpoint.
Replaced mysql with mysql2
The database client library mysql has been replaced with
mysql2, which is a continuation of the former. The client is used to connect
to MySQL/MariaDB databases.
If you're using MySQL/MariaDB, please note that:
mysql2leads to cross-collection queries (filtering on relations) with stricter charset comparison. Therefore, ensure again that the value of the config optionDB_CHARSET/DB_CHARSET_NUMBERmatches the charset of your tables.- Values of type "Decimal" are now returned as a
stringinstead of anumber, which ensures that the precision is preserved.