Skip to content

v2.4.0

Compare
Choose a tag to compare
@vermario vermario released this 22 May 05:14
· 396 commits to main since this release

[2.4.0] 22.5.2024

  • Add separate consumer for previewing, prevent anonymous access to the GraphQL endpoint
  • Add authentication to grapqhl-codegen npm operations

This release improves security by closing off the GraphQL endpoint to unauthenticated requests.
Instead, we now setup and use two separate consumer entities associated with user roles with the appropriate permissions. We will use the consumer with higher permissions only when generating previews, and the one with regular permissions for all other operations.

This impacted also the npm run graphql-codegen operation used in development, which now will automatically get an authentication token from the Drupal backend when run.

Full Changelog: v2.3.0...v2.4.0