@directus/api 22.0.0 → 22.1.1

package/dist/services/fields.js

@@ -621,7 +621,7 @@ export class FieldsService {
             }
         }
     }
-    addColumnToTable(table, field, alter = null) {
+    addColumnToTable(table, field, existing = null) {
         let column;
         // Don't attempt to add a DB column for alias / corrupt fields
         if (field.type === 'alias' || field.type === 'unknown')
@@ -662,45 +662,48 @@ export class FieldsService {
         else {
             throw new InvalidPayloadError({ reason: `Illegal type passed: "${field.type}"` });
         }
-        if (field.schema?.default_value !== undefined) {
-            if (typeof field.schema.default_value === 'string' &&
-                (field.schema.default_value.toLowerCase() === 'now()' || field.schema.default_value === 'CURRENT_TIMESTAMP')) {
+        const defaultValue = field.schema?.default_value !== undefined ? field.schema?.default_value : existing?.default_value;
+        if (defaultValue) {
+            const newDefaultValueIsString = typeof defaultValue === 'string';
+            const newDefaultIsNowFunction = newDefaultValueIsString && defaultValue.toLowerCase() === 'now()';
+            const newDefaultIsCurrentTimestamp = newDefaultValueIsString && defaultValue === 'CURRENT_TIMESTAMP';
+            const newDefaultIsSetToCurrentTime = newDefaultIsNowFunction || newDefaultIsCurrentTimestamp;
+            const newDefaultIsTimestampWithPrecision = newDefaultValueIsString && defaultValue.includes('CURRENT_TIMESTAMP(') && defaultValue.includes(')');
+            if (newDefaultIsSetToCurrentTime) {
                 column.defaultTo(this.knex.fn.now());
             }
-            else if (typeof field.schema.default_value === 'string' &&
-                field.schema.default_value.includes('CURRENT_TIMESTAMP(') &&
-                field.schema.default_value.includes(')')) {
-                const precision = field.schema.default_value.match(REGEX_BETWEEN_PARENS)[1];
+            else if (newDefaultIsTimestampWithPrecision) {
+                const precision = defaultValue.match(REGEX_BETWEEN_PARENS)[1];
                 column.defaultTo(this.knex.fn.now(Number(precision)));
             }
             else {
-                column.defaultTo(field.schema.default_value);
+                column.defaultTo(defaultValue);
             }
         }
-        if (field.schema?.is_nullable === false) {
-            if (!alter || alter.is_nullable === true) {
-                column.notNullable();
-            }
+        else {
+            column.defaultTo(null);
+        }
+        const isNullable = field.schema?.is_nullable ?? existing?.is_nullable ?? true;
+        if (isNullable) {
+            column.nullable();
         }
         else {
-            if (!alter || alter.is_nullable === false) {
-                column.nullable();
-            }
+            column.notNullable();
         }
         if (field.schema?.is_primary_key) {
             column.primary().notNullable();
         }
         else if (field.schema?.is_unique === true) {
-            if (!alter || alter.is_unique === false) {
+            if (!existing || existing.is_unique === false) {
                 column.unique();
             }
         }
         else if (field.schema?.is_unique === false) {
-            if (alter && alter.is_unique === true) {
+            if (existing && existing.is_unique === true) {
                 table.dropUnique([field.field]);
             }
         }
-        if (alter) {
+        if (existing) {
             column.alter();
         }
     }

package/dist/services/import-export.js

@@ -133,6 +133,8 @@ export class ImportService {
             };
             const PapaOptions = {
                 header: true,
+                // Trim whitespaces in headers, including the byte order mark (BOM) zero-width no-break space
+                transformHeader: (header) => header.trim(),
                 transform,
             };
             return new Promise((resolve, reject) => {
@@ -304,7 +306,6 @@ export class ExportService {
             const savedFile = await filesService.uploadOne(createReadStream(tmpFile.path), fileWithDefaults);
             if (this.accountability?.user) {
                 const notificationsService = new NotificationsService({
-                    accountability: this.accountability,
                     schema: this.schema,
                 });
                 const usersService = new UsersService({
@@ -333,7 +334,6 @@ Your export of ${collection} is ready. <a href="${href}">Click here to view.</a>
             logger.error(err, `Couldn't export ${collection}: ${err.message}`);
             if (this.accountability?.user) {
                 const notificationsService = new NotificationsService({
-                    accountability: this.accountability,
                     schema: this.schema,
                 });
                 await notificationsService.createOne({

package/dist/services/items.js

@@ -370,7 +370,7 @@ export class ItemsService {
             knex: this.knex,
         });
         ast = await processAst({ ast, action: 'read', accountability: this.accountability }, { knex: this.knex, schema: this.schema });
-        const records = await runAst(ast, this.schema, {
+        const records = await runAst(ast, this.schema, this.accountability, {
             knex: this.knex,
             // GraphQL requires relational keys to be returned regardless
             stripNonRequested: opts?.stripNonRequested !== undefined ? opts.stripNonRequested : true,

package/dist/services/meta.js

@@ -45,14 +45,14 @@ export class MetaService {
                 action: 'read',
                 policies,
                 accountability: this.accountability,
-                ...(collection ? { collections: [collection] } : {}),
             }, context);
-            const rules = dedupeAccess(permissions);
+            const collectionPermissions = permissions.filter((permission) => permission.collection === collection);
+            const rules = dedupeAccess(collectionPermissions);
             const cases = rules.map(({ rule }) => rule);
             const filter = {
                 _or: cases,
             };
-            const result = applyFilter(this.knex, this.schema, dbQuery, filter, collection, {}, cases);
+            const result = applyFilter(this.knex, this.schema, dbQuery, filter, collection, {}, cases, permissions);
             hasJoins = result.hasJoins;
         }
         if (hasJoins) {
@@ -70,6 +70,7 @@ export class MetaService {
         let filter = query.filter || {};
         let hasJoins = false;
         let cases = [];
+        let permissions = [];
         if (this.accountability && this.accountability.admin === false) {
             const context = { knex: this.knex, schema: this.schema };
             await validateAccess({
@@ -78,13 +79,13 @@ export class MetaService {
                 collection,
             }, context);
             const policies = await fetchPolicies(this.accountability, context);
-            const permissions = await fetchPermissions({
+            permissions = await fetchPermissions({
                 action: 'read',
                 policies,
                 accountability: this.accountability,
-                ...(collection ? { collections: [collection] } : {}),
             }, context);
-            const rules = dedupeAccess(permissions);
+            const collectionPermissions = permissions.filter((permission) => permission.collection === collection);
+            const rules = dedupeAccess(collectionPermissions);
             cases = rules.map(({ rule }) => rule);
             const permissionsFilter = {
                 _or: cases,
@@ -97,7 +98,7 @@ export class MetaService {
             }
         }
         if (Object.keys(filter).length > 0) {
-            ({ hasJoins } = applyFilter(this.knex, this.schema, dbQuery, filter, collection, {}, cases));
+            ({ hasJoins } = applyFilter(this.knex, this.schema, dbQuery, filter, collection, {}, cases, permissions));
         }
         if (query.search) {
             applySearch(this.knex, this.schema, dbQuery, query.search, collection);

package/dist/services/permissions.js

@@ -1,5 +1,8 @@
 import { ForbiddenError } from '@directus/errors';
+import { uniq } from 'lodash-es';
 import { clearSystemCache } from '../cache.js';
+import { fetchPermissions } from '../permissions/lib/fetch-permissions.js';
+import { fetchPolicies } from '../permissions/lib/fetch-policies.js';
 import { withAppMinimalPermissions } from '../permissions/lib/with-app-minimal-permissions.js';
 import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
 import { ItemsService } from './items.js';
@@ -105,27 +108,24 @@ export class PermissionsService extends ItemsService {
                 .catch(() => { });
         }));
         if (schema?.singleton && itemPermissions.update.access) {
-            const query = {
-                filter: {
-                    _and: [
-                        ...(this.accountability?.role ? [{ role: { _eq: this.accountability.role } }] : []),
-                        { collection: { _eq: collection } },
-                        { action: { _eq: updateAction } },
-                    ],
-                },
-                fields: ['presets', 'fields'],
-            };
-            try {
-                const result = await this.readByQuery(query);
-                const permission = result[0];
-                if (permission) {
-                    itemPermissions.update.presets = permission['presets'];
-                    itemPermissions.update.fields = permission['fields'];
+            const context = { schema: this.schema, knex: this.knex };
+            const policies = await fetchPolicies(this.accountability, context);
+            const permissions = await fetchPermissions({ policies, accountability: this.accountability, action: updateAction, collections: [collection] }, context);
+            let fields = [];
+            let presets = {};
+            for (const permission of permissions) {
+                if (permission.fields && fields[0] !== '*') {
+                    fields = uniq([...fields, ...permission.fields]);
+                    if (fields.includes('*')) {
+                        fields = ['*'];
+                    }
+                }
+                if (permission.presets) {
+                    presets = { ...(presets ?? {}), ...permission.presets };
                 }
             }
-            catch {
-                // No permission
-            }
+            itemPermissions.update.fields = fields;
+            itemPermissions.update.presets = presets;
         }
         return itemPermissions;
     }

package/dist/types/database.d.ts

@@ -1,3 +1,3 @@
-export type Driver = 'mysql' | 'pg' | 'cockroachdb' | 'sqlite3' | 'oracledb' | 'mssql';
+export type Driver = 'mysql2' | 'pg' | 'cockroachdb' | 'sqlite3' | 'oracledb' | 'mssql';
 export declare const DatabaseClients: readonly ["mysql", "postgres", "cockroachdb", "sqlite", "oracle", "mssql", "redshift"];
 export type DatabaseClient = (typeof DatabaseClients)[number];

package/dist/utils/apply-query.d.ts

@@ -1,4 +1,4 @@
-import type { Aggregate, Filter, Query, SchemaOverview } from '@directus/types';
+import type { Aggregate, Filter, Permission, Query, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';
 import type { AliasMap } from './get-column-path.js';
 export declare const generateAlias: (size?: number | undefined) => string;
@@ -11,7 +11,7 @@ type ApplyQueryOptions = {
 /**
  * Apply the Query to a given Knex query builder instance
  */
-export default function applyQuery(knex: Knex, collection: string, dbQuery: Knex.QueryBuilder, query: Query, schema: SchemaOverview, cases: Filter[], options?: ApplyQueryOptions): {
+export default function applyQuery(knex: Knex, collection: string, dbQuery: Knex.QueryBuilder, query: Query, schema: SchemaOverview, cases: Filter[], permissions: Permission[], options?: ApplyQueryOptions): {
     query: Knex.QueryBuilder<any, any>;
     hasJoins: boolean;
     hasMultiRelationalFilter: boolean;
@@ -34,7 +34,7 @@ export declare function applySort(knex: Knex, schema: SchemaOverview, rootQuery:
 };
 export declare function applyLimit(knex: Knex, rootQuery: Knex.QueryBuilder, limit: any): void;
 export declare function applyOffset(knex: Knex, rootQuery: Knex.QueryBuilder, offset: any): void;
-export declare function applyFilter(knex: Knex, schema: SchemaOverview, rootQuery: Knex.QueryBuilder, rootFilter: Filter, collection: string, aliasMap: AliasMap, cases: Filter[]): {
+export declare function applyFilter(knex: Knex, schema: SchemaOverview, rootQuery: Knex.QueryBuilder, rootFilter: Filter, collection: string, aliasMap: AliasMap, cases: Filter[], permissions: Permission[]): {
     query: Knex.QueryBuilder<any, any>;
     hasJoins: boolean;
     hasMultiRelationalFilter: boolean;

package/dist/utils/apply-query.js

@@ -5,6 +5,7 @@ import { clone, isPlainObject } from 'lodash-es';
 import { customAlphabet } from 'nanoid/non-secure';
 import { getHelpers } from '../database/helpers/index.js';
 import { applyCaseWhen } from '../database/run-ast/utils/apply-case-when.js';
+import { getCases } from '../permissions/modules/process-ast/lib/get-cases.js';
 import { getColumnPath } from './get-column-path.js';
 import { getColumn } from './get-column.js';
 import { getRelationInfo } from './get-relation-info.js';
@@ -15,7 +16,7 @@ export const generateAlias = customAlphabet('abcdefghijklmnopqrstuvwxyz', 5);
 /**
  * Apply the Query to a given Knex query builder instance
  */
-export default function applyQuery(knex, collection, dbQuery, query, schema, cases, options) {
+export default function applyQuery(knex, collection, dbQuery, query, schema, cases, permissions, options) {
     const aliasMap = options?.aliasMap ?? Object.create(null);
     let hasJoins = false;
     let hasMultiRelationalFilter = false;
@@ -42,7 +43,7 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
     // you're actually allowed to read
     const filter = joinFilterWithCases(query.filter, cases);
     if (filter) {
-        const filterResult = applyFilter(knex, schema, dbQuery, filter, collection, aliasMap, cases);
+        const filterResult = applyFilter(knex, schema, dbQuery, filter, collection, aliasMap, cases, permissions);
         if (!hasJoins) {
             hasJoins = filterResult.hasJoins;
         }
@@ -58,6 +59,7 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
                 aliasMap,
                 cases,
                 table: collection,
+                permissions,
             }, {
                 knex,
                 schema,
@@ -261,7 +263,7 @@ export function applyOffset(knex, rootQuery, offset) {
         getHelpers(knex).schema.applyOffset(rootQuery, offset);
     }
 }
-export function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap, cases) {
+export function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap, cases, permissions) {
     const helpers = getHelpers(knex);
     const relations = schema.relations;
     let hasJoins = false;
@@ -349,24 +351,27 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
                     if (relationType === 'o2a') {
                         pkField = knex.raw(getHelpers(knex).schema.castA2oPrimaryKey(), [pkField]);
                     }
-                    const subQueryBuilder = (filter) => (subQueryKnex) => {
-                        const field = relation.field;
-                        const collection = relation.collection;
-                        const column = `${collection}.${field}`;
-                        subQueryKnex
-                            .select({ [field]: column })
-                            .from(collection)
-                            .whereNotNull(column);
-                        applyQuery(knex, relation.collection, subQueryKnex, { filter }, schema, cases);
-                    };
                     const childKey = Object.keys(value)?.[0];
-                    if (childKey === '_none') {
-                        dbQuery[logical].whereNotIn(pkField, subQueryBuilder(Object.values(value)[0]));
-                        continue;
-                    }
-                    else if (childKey === '_some') {
-                        dbQuery[logical].whereIn(pkField, subQueryBuilder(Object.values(value)[0]));
-                        continue;
+                    if (childKey === '_none' || childKey === '_some') {
+                        const subQueryBuilder = (filter, cases) => (subQueryKnex) => {
+                            const field = relation.field;
+                            const collection = relation.collection;
+                            const column = `${collection}.${field}`;
+                            subQueryKnex
+                                .select({ [field]: column })
+                                .from(collection)
+                                .whereNotNull(column);
+                            applyQuery(knex, relation.collection, subQueryKnex, { filter }, schema, cases, permissions);
+                        };
+                        const { cases: subCases } = getCases(relation.collection, permissions, []);
+                        if (childKey === '_none') {
+                            dbQuery[logical].whereNotIn(pkField, subQueryBuilder(Object.values(value)[0], subCases));
+                            continue;
+                        }
+                        else if (childKey === '_some') {
+                            dbQuery[logical].whereIn(pkField, subQueryBuilder(Object.values(value)[0], subCases));
+                            continue;
+                        }
                     }
                 }
                 if (filterPath.includes('_none') || filterPath.includes('_some')) {

package/dist/utils/get-address.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node/http.js" />
+/// <reference types="pino-http" />
+import * as http from 'http';
+export declare function getAddress(server: http.Server): string | undefined;

package/dist/utils/get-address.js

@@ -0,0 +1,13 @@
+import * as http from 'http';
+export function getAddress(server) {
+    const address = server.address();
+    if (address === null) {
+        // Before the 'listening' event has been emitted or after calling server.close()
+        return;
+    }
+    if (typeof address === 'string') {
+        // unix path
+        return address;
+    }
+    return `${address.address}:${address.port}`;
+}

package/dist/utils/get-column.d.ts

@@ -1,10 +1,14 @@
-import type { Filter, Query, SchemaOverview } from '@directus/types';
+import type { Filter, Permission, Query, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';
-type GetColumnOptions = {
-    query?: Query | undefined;
-    cases?: Filter[];
+type FunctionColumnOptions = {
+    query: Query;
+    cases: Filter[];
+    permissions: Permission[];
+};
+type OriginalCollectionName = {
     originalCollectionName?: string | undefined;
 };
+type GetColumnOptions = OriginalCollectionName | (FunctionColumnOptions & OriginalCollectionName);
 /**
  * Return column prefixed by table. If column includes functions (like `year(date_created)`), the
  * column is replaced with the appropriate SQL

package/dist/utils/get-column.js

@@ -29,8 +29,13 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
             }
             const result = fn[functionName](table, columnName, {
                 type,
-                query: options?.query,
-                cases: options?.cases,
+                relationalCountOptions: isFunctionColumnOptions(options)
+                    ? {
+                        query: options.query,
+                        cases: options.cases,
+                        permissions: options.permissions,
+                    }
+                    : undefined,
                 originalCollectionName: options?.originalCollectionName,
             });
             if (alias) {
@@ -47,3 +52,6 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
     }
     return knex.ref(`${table}.${column}`);
 }
+function isFunctionColumnOptions(options) {
+    return !!options && 'query' in options;
+}

package/dist/utils/sanitize-query.js

@@ -95,7 +95,7 @@ function sanitizeAggregate(rawAggregate) {
             aggregate = parseJSON(rawAggregate);
         }
         catch {
-            logger.warn('Invalid value passed for filter query parameter.');
+            logger.warn('Invalid value passed for aggregate query parameter.');
         }
     }
     for (const [operation, fields] of Object.entries(aggregate)) {

package/dist/utils/transaction.js

@@ -1,3 +1,4 @@
+import { isObject } from '@directus/utils';
 import {} from 'knex';
 import { getDatabaseClient } from '../database/index.js';
 import { useLogger } from '../logger/index.js';
@@ -18,16 +19,7 @@ export const transaction = async (knex, handler) => {
         }
         catch (error) {
             const client = getDatabaseClient(knex);
-            /**
-             * This error code indicates that the transaction failed due to another
-             * concurrent or recent transaction attempting to write to the same data.
-             * This can usually be solved by restarting the transaction on client-side
-             * after a short delay, so that it is executed against the latest state.
-             *
-             * @link https://www.cockroachlabs.com/docs/stable/transaction-retry-error-reference
-             */
-            const COCKROACH_RETRY_ERROR_CODE = '40001';
-            if (client !== 'cockroachdb' || error?.code !== COCKROACH_RETRY_ERROR_CODE)
+            if (!shouldRetryTransaction(client, error))
                 throw error;
             const MAX_ATTEMPTS = 3;
             const BASE_DELAY = 100;
@@ -40,7 +32,7 @@ export const transaction = async (knex, handler) => {
                     return await knex.transaction((trx) => handler(trx));
                 }
                 catch (error) {
-                    if (error?.code !== COCKROACH_RETRY_ERROR_CODE)
+                    if (!shouldRetryTransaction(client, error))
                         throw error;
                 }
             }
@@ -50,3 +42,28 @@ export const transaction = async (knex, handler) => {
         }
     }
 };
+function shouldRetryTransaction(client, error) {
+    /**
+     * This error code indicates that the transaction failed due to another
+     * concurrent or recent transaction attempting to write to the same data.
+     * This can usually be solved by restarting the transaction on client-side
+     * after a short delay, so that it is executed against the latest state.
+     *
+     * @link https://www.cockroachlabs.com/docs/stable/transaction-retry-error-reference
+     */
+    const COCKROACH_RETRY_ERROR_CODE = '40001';
+    /**
+     * SQLITE_BUSY is an error code returned by SQLite when an operation can't be
+     * performed due to a locked database file. This often arises due to multiple
+     * processes trying to simultaneously access the database, causing potential
+     * data inconsistencies. There are a few mechanisms to handle this case,
+     * one of which is to retry the complete transaction again
+     * on client-side after a short delay.
+     *
+     * @link https://www.sqlite.org/rescode.html#busy
+     */
+    const SQLITE_BUSY_ERROR_CODE = 'SQLITE_BUSY';
+    return (isObject(error) &&
+        ((client === 'cockroachdb' && error['code'] === COCKROACH_RETRY_ERROR_CODE) ||
+            (client === 'sqlite' && error['code'] === SQLITE_BUSY_ERROR_CODE)));
+}

package/dist/websocket/controllers/graphql.js

@@ -1,9 +1,9 @@
-import { useEnv } from '@directus/env';
 import { CloseCode, MessageType, makeServer } from 'graphql-ws';
 import { useLogger } from '../../logger/index.js';
 import { bindPubSub } from '../../services/graphql/subscription.js';
 import { GraphQLService } from '../../services/index.js';
 import { getSchema } from '../../utils/get-schema.js';
+import { getAddress } from '../../utils/get-address.js';
 import { authenticateConnection } from '../authenticate.js';
 import { handleWebSocketError } from '../errors.js';
 import { ConnectionParams, WebSocketMessage } from '../messages.js';
@@ -14,7 +14,6 @@ export class GraphQLSubscriptionController extends SocketController {
     gql;
     constructor(httpServer) {
         super(httpServer, 'WEBSOCKETS_GRAPHQL');
-        const env = useEnv();
         this.server.on('connection', (ws, auth) => {
             this.bindEvents(this.createClient(ws, auth));
         });
@@ -31,7 +30,7 @@ export class GraphQLSubscriptionController extends SocketController {
             },
         });
         bindPubSub();
-        logger.info(`GraphQL Subscriptions started at ws://${env['HOST']}:${env['PORT']}${this.endpoint}`);
+        logger.info(`GraphQL Subscriptions started at ws://${getAddress(httpServer)}${this.endpoint}`);
     }
     bindEvents(client) {
         const closedHandler = this.gql.opened({

package/dist/websocket/controllers/rest.js

@@ -1,7 +1,7 @@
-import { useEnv } from '@directus/env';
 import { parseJSON } from '@directus/utils';
 import emitter from '../../emitter.js';
 import { useLogger } from '../../logger/index.js';
+import { getAddress } from '../../utils/get-address.js';
 import { WebSocketError, handleWebSocketError } from '../errors.js';
 import { WebSocketMessage } from '../messages.js';
 import SocketController from './base.js';
@@ -9,11 +9,10 @@ const logger = useLogger();
 export class WebSocketController extends SocketController {
     constructor(httpServer) {
         super(httpServer, 'WEBSOCKETS_REST');
-        const env = useEnv();
         this.server.on('connection', (ws, auth) => {
             this.bindEvents(this.createClient(ws, auth));
         });
-        logger.info(`WebSocket Server started at ws://${env['HOST']}:${env['PORT']}${this.endpoint}`);
+        logger.info(`WebSocket Server started at ws://${getAddress(httpServer)}${this.endpoint}`);
     }
     bindEvents(client) {
         client.on('parsed-message', async (message) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "22.0.0",
+  "version": "22.1.1",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -99,7 +99,7 @@
     "graphql-ws": "5.16.0",
     "helmet": "7.1.0",
     "icc": "3.0.0",
-    "inquirer": "9.3.5",
+    "inquirer": "9.3.6",
     "ioredis": "5.4.1",
     "ip-matching": "2.1.2",
     "isolated-vm": "4.7.2",
@@ -143,35 +143,35 @@
     "sharp": "0.33.4",
     "snappy": "7.2.2",
     "stream-json": "1.8.0",
-    "tar": "7.4.2",
+    "tar": "7.4.3",
     "tsx": "4.16.5",
     "wellknown": "0.5.0",
     "ws": "8.18.0",
     "zod": "3.23.8",
-    "zod-validation-error": "3.3.0",
-    "@directus/constants": "12.0.0",
-    "@directus/app": "13.0.0",
-    "@directus/env": "2.0.0",
+    "zod-validation-error": "3.3.1",
+    "@directus/app": "13.1.0",
     "@directus/errors": "1.0.0",
-    "@directus/format-title": "11.0.0",
-    "@directus/extensions": "2.0.0",
-    "@directus/extensions-sdk": "12.0.0",
+    "@directus/env": "3.0.0",
+    "@directus/constants": "12.0.0",
     "@directus/extensions-registry": "2.0.0",
-    "@directus/pressure": "2.0.0",
+    "@directus/extensions": "2.0.0",
+    "@directus/extensions-sdk": "12.0.1",
+    "@directus/format-title": "11.0.0",
     "@directus/memory": "2.0.0",
     "@directus/schema": "12.0.0",
+    "@directus/pressure": "2.0.0",
     "@directus/specs": "11.0.0",
     "@directus/storage": "11.0.0",
     "@directus/storage-driver-azure": "11.0.0",
-    "@directus/storage-driver-gcs": "11.0.0",
-    "@directus/storage-driver-local": "11.0.0",
     "@directus/storage-driver-cloudinary": "11.0.0",
+    "@directus/storage-driver-gcs": "11.0.0",
     "@directus/storage-driver-s3": "11.0.0",
+    "@directus/storage-driver-local": "11.0.0",
     "@directus/storage-driver-supabase": "2.0.0",
     "@directus/system-data": "2.0.0",
-    "@directus/validation": "1.0.0",
     "@directus/utils": "12.0.0",
-    "directus": "11.0.0"
+    "@directus/validation": "1.0.0",
+    "directus": "11.0.2"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -209,11 +209,12 @@
     "@vitest/coverage-v8": "1.5.3",
     "copyfiles": "2.4.1",
     "form-data": "4.0.0",
+    "get-port": "7.1.0",
     "knex-mock-client": "2.0.1",
     "typescript": "5.4.5",
     "vitest": "1.5.3",
-    "@directus/random": "1.0.0",
     "@directus/tsconfig": "2.0.0",
+    "@directus/random": "1.0.0",
     "@directus/types": "12.0.0"
   },
   "optionalDependencies": {