We're excited to announce our latest minor release, SilverStripe 4.3, which comes packing a number of improvements aimed at creating a better development experience for web teams, enhancing usability for Content Editors, and delivering higher performing websites.
As usual, this release follows semantic versioning, so it’s ready to be used in any current SilverStripe project right now.
The big news with this release is around improvements for more effective collaboration within the CMS, in particular, giving Content Editors more flexibility to review page history and restore archived pages. Creating a better archive experience has been in the works for some time and these improvements are a direct result of feedback we received through CMS user testing.
What’s new in SilverStripe 4.3?
An upgrade to the latest version introduces several new features to benefit Content Editors, including:
- New Page History Viewer for more flexibility to review page history
- Redesigned Archive section making deleted content more easily retrievable
- New CMS help menu to improve access to support when it’s needed
- Updated Share Draft Module for added convenience when collaborating on content
And for Developers:
- Lazy loading GridField to streamline editing
- GraphQL now supports multiple schemas to strengthen security and performance
- A more consistent search experience across CMS sections
- Other under-the-hood improvements to unlock faster CMS response times
- Several security updates
We unpack each of these new features below. Or, if you’re keen to get your upgrade underway now, we’ve provided some next steps.
For Content Editors
New page History Viewer
This release gives a new look and feel to the page History Viewer, allowing Content Editors to review the edit history of individual components (such as a content or file block) as well as a group of components sitting on a particular page, in a responsive view that’s intuitive to use.
Building on the functionality first implemented for content blocks through the commercially supported Elemental module, this new ReactJS History Viewer will become the default viewer for all page types. The new History Viewer extends coverage to include versioned objects of a generic type rather than just pages, and works better with larger data sets.
Redesigned Archive section
The ability to maintain good visibility of changes and access archived content is essential for a good CMS user experience. Particularly when collaborating on content with other teams within the CMS, it can provide confidence that if a mistake is made, it can be rolled back easily.
Archiving and restoring pages has been a somewhat hidden feature of the SilverStripe CMS and user testing led us to the conclusion that many users were unaware of where deleted pages were being stored or how to retrieve them. We set about improving this feature and wanted to get it right. A lot of research and planning went into redesigning the workflow.
SilverStripe 4.3 introduces a brand new Archive section that is more discoverable and easy to use, ensuring that CMS users are aware of the added functionality, and making custom content types easily retrievable.
The new Archive section supports pages, Elemental blocks (provided it’s installed), files (provided the site is configured to retain versions), and can be extended to support any other versioned data on your site.
New CMS help menu
There are situations where readily available support is essential. For example, when a CMS user encounters part of the interface for the first time or when certain function behaves unexpectedly.
With 4.3, we’ve given the CMS help menu an overhaul focusing on end-user functionality, resolving technical issues, providing more visibility of the wider SilverStripe ecosystem, and offering users multiple support avenues.
While the default links cover most support use cases, the CMS help menu is customisable, making it easy to add or remove links as required.
Changes to the CMS help menu include:
- The CMS help link has moved into a new CMS help menu incorporated into the SilverStripe logo.
- A feedback form has been provided so that users can share insights and we can continue to improve the CMS.
- The CMS version number is now more clearly visible in the menu and continues to show the full version details on hover.
- We discovered that developer documentation is often used by CMS users wanting to dive deeper into functionality, so documentation can now be accessed from the help menu.
Share draft content popover
The Share Draft Content module may not be core functionality but it is widely used, so we’ve given it a touch-up to align with the SilverStripe 4 UI.
If you’re not already using this module, check it out—it's a great time saver when collaborating on content creation. It adds an action menu to the CMS which produces a secure link for Content Editors to share with anyone, allowing non-CMS users to view draft page content.
For Developers
Lazy loading GridField
Most of the time, adding a GridField to your edit form imposes only a small cost, but with more complex queries and/or the addition of sophisticated components, it can get expensive quickly.
Since GridFields are often placed on their own tabs, the opportunity for lazy loading in this context was hard to ignore. In SilverStripe 4.3, developers can now streamline the editing experience by deferring the GridField rendering until it’s needed.
Adding lazy loading to your GridField is as simple as applying the GridFieldLazyLoader component. We’re already using it in the ‘Dependent Pages’ tab! Here’s how to use it:
use SilverStripe\Forms\GridField\GridFieldLazyLoader;
$myGridField->getConfig()->addComponent(new GridFieldLazyLoader());
GraphQL now supports multiple schemas
The SilverStripe GraphQL module previously followed the GraphQL Best Practice of using a single endpoint for the entire application, which requires opening up the /graphql endpoint to the public and co-locating your types and operations with the admin schema.
This led to bloat and performance issues, and also compromised security due to the unnecessary exposure of the /graphql endpoint. In the case of a SilverStripe site, there are actually at least two ‘applications’ per installation—the CMS and your project.
For both of these reasons, it was appropriate to move away from the best practice and support multiple endpoints. Here’s how it works:
- The admin /graphql endpoint has been moved to /admin/graphql
- A separate, empty schema is created for you out of the box by the GraphQL module
- By default, it is not routed, you’ll need to opt into that
SilverStripe\Control\Director:
rules:
graphql: ‘%$SilverStripe\GraphQL\Controller.default’
We’ve also done some housekeeping around the configuration layer, which now requires you to configure your schemas by their unique schema key.
Here's what your schema configuration would have looked like previously:
SilverStripe\GraphQL\Controller:
schema:
# your schema config here
And now:
SilverStripe\GraphQL\Manager:
schemas:
default:
# your schema config here
Read more in the GraphQL module documentation.
A consistent search experience
After many years of features being rolled out with different search experiences, the ability to search consistently was long overdue, so we’ve extended the CMS pattern library with a new search component that can be used in the majority of cases within the CMS.
Driven by ReactJS, the component has been built to work natively with pages, files, and GridField instances, and is responsive, intuitive, and easily customisable.
Under-the-hood CMS performance improvements
We’ve made a number of under-the-hood performance improvements, including the removal of several bottlenecks we’ve identified as contributing to increased response times of up to 10x. These improvements are most likely to benefit projects with large data sets, particularly in relation to pages.
Security updates
Several security updates are available in the 4.3 release, ranging from low to moderate severity including:
- GraphQL mutations are now CSRF protected
- dev/build now has its own URL token to thwart denial-of-service attacks
- Database credentials are no longer exposed on connection failure
- Table names are now escaped, closing an SQL injection vulnerability (PostgreSQL only)
Keen to get your upgrade underway?
Talk to your Digital Agency or Developer about upgrading
Haven’t got a Developer or Agency? No problem! Browse the SilverStripe Developer & Partner Directory and filter by location to find a SilverStripe Developer near you.
Developers, check out our documentation
Head to our Developer Docs to view the changelogs and the Upgrade Guide.
Are you an agency selling SilverStripe?
We’d love to hear about your customer experiences with upgrading to SilverStripe 4. Your answers will help focus our efforts in facilitating upgrades. Take the 5 minute survey here.
Post your comment
Comments
No one has commented on this page yet.
RSS feed for comments on this page | RSS feed for all comments