Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: strapi-community/plugin-io
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 5.0.1
Choose a base ref
...
head repository: strapi-community/plugin-io
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 5.0.3
Choose a head ref
  • 3 commits
  • 6 files changed
  • 1 contributor

Commits on Dec 21, 2025

  1. Feat/v5 support (#103) 

    * feat: Strapi v5 Support with Dashboard Widget & Mobile-Optimized UI

## Features
- ✅ Strapi v5.3.2 compatibility with @strapi/sdk-plugin
- ✅ Dashboard widget showing real-time Socket.IO statistics
- ✅ Mobile-optimized Monitoring & Settings pages with responsive design
- ✅ Enhanced input fields (48px height, 16px font on mobile)
- ✅ Fixed GitHub Issues #95 (images collection) and #82 (CollectionTypes with relations)
- ✅ Entity Service API instead of deprecated db.query()
- ✅ Multi-language support (EN, DE, ES, FR, PT)

## UI/UX Improvements
- Modern styled-components for responsive layouts
- Touch-friendly inputs with proper sizing
- Hidden number spinners on mobile for better UX
- Gradient stat cards with hover effects
- Auto-refresh every 60 seconds to reduce database load

## Technical Changes
- Uses Entity Service API for proper relation handling
- Transform service for media and relation fields
- Proper sanitization and permission checks
- Redis adapter support for multi-server scaling
- Namespace support for isolated Socket.IO endpoints
- Role-based permissions with content-type granularity

* fix: Security & Transaction Fixes for Strapi v5

🔒 Security:
- Add sanitize-sensitive-fields middleware
- Filters password, tokens, secrets from Socket.IO events
- Recursive deep sanitization for nested objects

🔧 Transaction Fixes:
- Use transactionCtx.onCommit for lifecycle hooks
- Prevent 'Transaction query already complete' errors
- afterDelete uses raw() to avoid sanitization queries
- Disable bulkDeleteMany hooks (Strapi v5 transaction limitations)

✅ Event Matrix:
- Create (single/bulk): Full events with sanitization
- Update (single/bulk): Full events with sanitization
- Delete (single): ID-only events via raw()
- Delete (bulk): Disabled due to transaction conflicts

* fix: Remove eval() from transaction context loading

- Replace eval('require') with lazy-loaded require()
- Cleaner transaction context initialization
- No more build warnings
- Maintains same functionality for post-commit hooks

* refactor: apply Strapi v5 best practices

- Remove emoji from service welcome message
- Convert React default imports to named imports (3 files)
- Document legitimate Query Engine usage for admin::api-token
  * admin::api-token is Core Admin Entity
  * Follows official Strapi Core implementation
  * Source: strapi/strapi/packages/core/admin/server/strategies/api-token.js
- Build clean without warnings

Note: Using strapi.db.query() for admin::api-token is correct
per Strapi Core implementation

* chore: migrate to @strapi-community/plugin-io v5.0.0

- Rename package from strapi-plugin-io to @strapi-community/plugin-io
- Update version from 3.0.0 to 5.0.0 (matching Strapi v5)
- Modernize README with better structure and examples
- Update all documentation references to new package name
- Update repository URLs to strapi-community organization
- Update TypeScript import paths
- Remove internal DOCUMENTATION_UPDATE.md file
- Update migration guide with v5 versioning
- Enhance Getting Started guide
- Build and verify successful for v5.0.0

* fix: remove spinner buttons from number inputs in settings

- Hide increment/decrement buttons for cleaner UI
- Removed browser native spinners and Strapi NumberInput spinners
- Simplified CSS for number inputs
- Better mobile and desktop experience

* feat: improve dark mode support for monitoring page

- Replace hardcoded colors with Strapi theme system
- Use theme.colors.neutral0, neutral100, neutral150 etc.
- Proper background colors for cards and items
- Dark mode compatible shadows
- Better contrast in both light and dark modes
- Keep gradient header with white text for visual impact

* fix: add dark mode support for event type filter select

- Created StyledSelect component with theme-aware colors
- Removed hardcoded white background and border colors
- Added proper hover and focus states
- Dark mode compatible dropdown options

* docs: add comprehensive CHANGELOG.md

- Document v5.0.0 release with all breaking changes
- Include migration path from v2 to v5
- List all new features and improvements
- Document UI/UX improvements
- Add version support matrix
- Include deprecation notices
- Add upcoming features roadmap

* docs: comprehensive README documentation update

- Fix broken documentation links to non-existent files
- Remove invalid 'populate' option from contentTypes config examples
- Document all 12 helper functions with examples
- Add complete Monitoring Service documentation
- Add Entity Subscription helpers documentation
- Clarify admin panel structure and widget requirements (Strapi v5.13+)
- Update types.d.ts with entity subscription interfaces
- Update api-reference.json with new methods
- Update docs/api/io-class.md with entity subscription section
- Fix version references (3.x -> 5.x)

* ci: fix npm publish workflow

- Remove npm ci (not needed, dist is pre-built)
- Update actions to v4
- Use Node 20
- Add --access public for scoped package
- Include dist/ in repository for direct publish

* feat: add populate option for content type events

- Add populate configuration to content type schema (Zod)
- Implement refetch logic in lifecycle hooks for create/update events
- Support multiple populate formats: '*', true, string[], object
- Add TypeScript types for PopulateConfig
- Document populate option in README with examples
- Update npm-publish workflow to build before publish

Populate allows including relations in emitted Socket.IO events.
When configured, the plugin refetches entities with populated
relations after create/update operations before emitting.

* security: add sensitive fields protection for all emitted data

- Add recursive removal of sensitive fields (password, token, apiKey, etc.)
- Support custom sensitiveFields in plugin config
- Apply sanitization to both emit() and raw() methods
- Update TypeScript types and documentation

Default blocked fields: password, resetPasswordToken, confirmationToken,
refreshToken, accessToken, secret, apiKey, privateKey, token, salt, hash

* ci: improve npm publish workflow with best practices

- Add build job for PR/push validation
- Add npm cache for faster CI
- Verify plugin structure before publish
- Check version matches release tag
- Support npm tags: latest, beta, alpha, next
- Add post-publish verification
- Upload build artifacts between jobs

* fix: correct peerDependencies and remove legacy-peer-deps workaround

- Remove @strapi/sdk-plugin from peerDependencies (build-only dep)
- Use flexible version ranges for peerDependencies
- Mark design-system and icons as optional peers
- Remove --legacy-peer-deps from CI workflow

* chore: update devDependencies to latest compatible versions

- @strapi/strapi: 5.3.2 -> 5.33.0
- @strapi/design-system: 2.0.0-rc.30 -> 2.0.2
- @strapi/icons: 2.0.0-rc.30 -> 2.0.2
- prettier: 3.6.2 -> 3.7.4
- eslint: 8.57.0 -> 8.57.1
- eslint-config-prettier: 9.1.0 -> 9.1.2

Note: React 18, react-router-dom 6, zod 3 kept for Strapi v5 compatibility

* ci: add manual workflow_dispatch trigger for npm publish

- Allow manual publishing via GitHub Actions UI
- Select npm tag (latest, beta, next) when manually triggered
- Skip version check for manual dispatch

* chore: bump version to 5.0.1
    @Schero94
    Schero94 authored Dec 21, 2025
    Configuration menu
    Copy the full SHA
    8c0945e View commit details
    Browse the repository at this point in the history

  2. Main v5 (#104) 

    * feat: Strapi v5 Support with Dashboard Widget & Mobile-Optimized UI

## Features
- ✅ Strapi v5.3.2 compatibility with @strapi/sdk-plugin
- ✅ Dashboard widget showing real-time Socket.IO statistics
- ✅ Mobile-optimized Monitoring & Settings pages with responsive design
- ✅ Enhanced input fields (48px height, 16px font on mobile)
- ✅ Fixed GitHub Issues #95 (images collection) and #82 (CollectionTypes with relations)
- ✅ Entity Service API instead of deprecated db.query()
- ✅ Multi-language support (EN, DE, ES, FR, PT)

## UI/UX Improvements
- Modern styled-components for responsive layouts
- Touch-friendly inputs with proper sizing
- Hidden number spinners on mobile for better UX
- Gradient stat cards with hover effects
- Auto-refresh every 60 seconds to reduce database load

## Technical Changes
- Uses Entity Service API for proper relation handling
- Transform service for media and relation fields
- Proper sanitization and permission checks
- Redis adapter support for multi-server scaling
- Namespace support for isolated Socket.IO endpoints
- Role-based permissions with content-type granularity

* fix: Security & Transaction Fixes for Strapi v5

🔒 Security:
- Add sanitize-sensitive-fields middleware
- Filters password, tokens, secrets from Socket.IO events
- Recursive deep sanitization for nested objects

🔧 Transaction Fixes:
- Use transactionCtx.onCommit for lifecycle hooks
- Prevent 'Transaction query already complete' errors
- afterDelete uses raw() to avoid sanitization queries
- Disable bulkDeleteMany hooks (Strapi v5 transaction limitations)

✅ Event Matrix:
- Create (single/bulk): Full events with sanitization
- Update (single/bulk): Full events with sanitization
- Delete (single): ID-only events via raw()
- Delete (bulk): Disabled due to transaction conflicts

* fix: Remove eval() from transaction context loading

- Replace eval('require') with lazy-loaded require()
- Cleaner transaction context initialization
- No more build warnings
- Maintains same functionality for post-commit hooks

* refactor: apply Strapi v5 best practices

- Remove emoji from service welcome message
- Convert React default imports to named imports (3 files)
- Document legitimate Query Engine usage for admin::api-token
  * admin::api-token is Core Admin Entity
  * Follows official Strapi Core implementation
  * Source: strapi/strapi/packages/core/admin/server/strategies/api-token.js
- Build clean without warnings

Note: Using strapi.db.query() for admin::api-token is correct
per Strapi Core implementation

* chore: migrate to @strapi-community/plugin-io v5.0.0

- Rename package from strapi-plugin-io to @strapi-community/plugin-io
- Update version from 3.0.0 to 5.0.0 (matching Strapi v5)
- Modernize README with better structure and examples
- Update all documentation references to new package name
- Update repository URLs to strapi-community organization
- Update TypeScript import paths
- Remove internal DOCUMENTATION_UPDATE.md file
- Update migration guide with v5 versioning
- Enhance Getting Started guide
- Build and verify successful for v5.0.0

* fix: remove spinner buttons from number inputs in settings

- Hide increment/decrement buttons for cleaner UI
- Removed browser native spinners and Strapi NumberInput spinners
- Simplified CSS for number inputs
- Better mobile and desktop experience

* feat: improve dark mode support for monitoring page

- Replace hardcoded colors with Strapi theme system
- Use theme.colors.neutral0, neutral100, neutral150 etc.
- Proper background colors for cards and items
- Dark mode compatible shadows
- Better contrast in both light and dark modes
- Keep gradient header with white text for visual impact

* fix: add dark mode support for event type filter select

- Created StyledSelect component with theme-aware colors
- Removed hardcoded white background and border colors
- Added proper hover and focus states
- Dark mode compatible dropdown options

* docs: add comprehensive CHANGELOG.md

- Document v5.0.0 release with all breaking changes
- Include migration path from v2 to v5
- List all new features and improvements
- Document UI/UX improvements
- Add version support matrix
- Include deprecation notices
- Add upcoming features roadmap

* docs: comprehensive README documentation update

- Fix broken documentation links to non-existent files
- Remove invalid 'populate' option from contentTypes config examples
- Document all 12 helper functions with examples
- Add complete Monitoring Service documentation
- Add Entity Subscription helpers documentation
- Clarify admin panel structure and widget requirements (Strapi v5.13+)
- Update types.d.ts with entity subscription interfaces
- Update api-reference.json with new methods
- Update docs/api/io-class.md with entity subscription section
- Fix version references (3.x -> 5.x)

* ci: fix npm publish workflow

- Remove npm ci (not needed, dist is pre-built)
- Update actions to v4
- Use Node 20
- Add --access public for scoped package
- Include dist/ in repository for direct publish

* feat: add populate option for content type events

- Add populate configuration to content type schema (Zod)
- Implement refetch logic in lifecycle hooks for create/update events
- Support multiple populate formats: '*', true, string[], object
- Add TypeScript types for PopulateConfig
- Document populate option in README with examples
- Update npm-publish workflow to build before publish

Populate allows including relations in emitted Socket.IO events.
When configured, the plugin refetches entities with populated
relations after create/update operations before emitting.

* security: add sensitive fields protection for all emitted data

- Add recursive removal of sensitive fields (password, token, apiKey, etc.)
- Support custom sensitiveFields in plugin config
- Apply sanitization to both emit() and raw() methods
- Update TypeScript types and documentation

Default blocked fields: password, resetPasswordToken, confirmationToken,
refreshToken, accessToken, secret, apiKey, privateKey, token, salt, hash

* ci: improve npm publish workflow with best practices

- Add build job for PR/push validation
- Add npm cache for faster CI
- Verify plugin structure before publish
- Check version matches release tag
- Support npm tags: latest, beta, alpha, next
- Add post-publish verification
- Upload build artifacts between jobs

* fix: correct peerDependencies and remove legacy-peer-deps workaround

- Remove @strapi/sdk-plugin from peerDependencies (build-only dep)
- Use flexible version ranges for peerDependencies
- Mark design-system and icons as optional peers
- Remove --legacy-peer-deps from CI workflow

* chore: update devDependencies to latest compatible versions

- @strapi/strapi: 5.3.2 -> 5.33.0
- @strapi/design-system: 2.0.0-rc.30 -> 2.0.2
- @strapi/icons: 2.0.0-rc.30 -> 2.0.2
- prettier: 3.6.2 -> 3.7.4
- eslint: 8.57.0 -> 8.57.1
- eslint-config-prettier: 9.1.0 -> 9.1.2

Note: React 18, react-router-dom 6, zod 3 kept for Strapi v5 compatibility

* ci: add manual workflow_dispatch trigger for npm publish

- Allow manual publishing via GitHub Actions UI
- Select npm tag (latest, beta, next) when manually triggered
- Skip version check for manual dispatch

* chore: bump version to 5.0.1

* feat: strapi v5 support with populate, sensitive fields, and CI/CD

* ci: simplified workflow for main-v5
    @Schero94
    Schero94 authored Dec 21, 2025
    Configuration menu
    Copy the full SHA
    808b2d1 View commit details
    Browse the repository at this point in the history

  3. fix: Publishing version 5.0.3 to npm 

    fix: Publishing version 5.0.3 to npm
    @Schero94
    Schero94 authored Dec 21, 2025
    Configuration menu
    Copy the full SHA
    792a0ec View commit details
    Browse the repository at this point in the history
Loading