@directus/api 35.1.0 → 35.2.0

package/dist/controllers/assets.js

@@ -6,7 +6,9 @@ import { getMilliseconds } from "../utils/get-milliseconds.js";
 import { ASSET_TRANSFORM_QUERY_KEYS, SYSTEM_ASSET_ALLOW_LIST } from "../constants.js";
 import { isValidUuid } from "../utils/is-valid-uuid.js";
 import database_default from "../database/index.js";
+import { validateAccess } from "../permissions/modules/validate-access/validate-access.js";
 import { PayloadService } from "../services/payload.js";
+import { FilesService } from "../services/files.js";
 import { AssetsService } from "../services/assets.js";
 import { getCacheControlHeader } from "../utils/get-cache-headers.js";
 import use_collection_default from "../middleware/use-collection.js";
@@ -170,6 +172,44 @@ router.get("/:pk/:filename?", async_handler_default(async (req, res, next) => {
 			}
 		}
 	}
+	const revalidate = env["ASSETS_CACHE_REVALIDATE"] === true;
+	if (revalidate) {
+		const ifNoneMatch = req.headers["if-none-match"];
+		const ifModifiedSince = req.headers["if-modified-since"];
+		if (ifNoneMatch || ifModifiedSince) {
+			if (req.accountability) await validateAccess({
+				accountability: req.accountability,
+				action: "read",
+				collection: "directus_files",
+				primaryKeys: [id]
+			}, {
+				knex: database_default(),
+				schema: req.schema
+			});
+			const fileRecord = await new FilesService({ schema: req.schema }).readOne(id, { fields: ["modified_on"] });
+			if (fileRecord?.modified_on) {
+				const modifiedOnTime = new Date(fileRecord.modified_on).getTime();
+				const etag = `"${Math.floor(modifiedOnTime / 1e3)}"`;
+				if (ifNoneMatch === etag) {
+					res.setHeader("Cache-Control", "max-age=0, must-revalidate");
+					res.setHeader("ETag", etag);
+					res.setHeader("Last-Modified", new Date(modifiedOnTime).toUTCString());
+					res.status(304);
+					return res.end();
+				}
+				if (ifModifiedSince) {
+					const ifModifiedSinceTime = new Date(ifModifiedSince).getTime();
+					if (Math.floor(modifiedOnTime / 1e3) <= Math.floor(ifModifiedSinceTime / 1e3)) {
+						res.setHeader("Cache-Control", "max-age=0, must-revalidate");
+						res.setHeader("ETag", etag);
+						res.setHeader("Last-Modified", new Date(modifiedOnTime).toUTCString());
+						res.status(304);
+						return res.end();
+					}
+				}
+			}
+		}
+	}
 	const { stream, file, stat } = await service.getAsset(id, {
 		transformationParams,
 		acceptFormat
@@ -178,12 +218,14 @@ router.get("/:pk/:filename?", async_handler_default(async (req, res, next) => {
 	res.attachment(filename);
 	res.setHeader("Content-Type", file.type);
 	res.setHeader("Accept-Ranges", "bytes");
-	res.setHeader("Cache-Control", getCacheControlHeader(req, getMilliseconds(env["ASSETS_CACHE_TTL"]), false, true));
+	if (revalidate) res.setHeader("Cache-Control", "max-age=0, must-revalidate");
+	else res.setHeader("Cache-Control", getCacheControlHeader(req, getMilliseconds(env["ASSETS_CACHE_TTL"]), false, true));
 	res.setHeader("Vary", vary.join(", "));
 	const unixTime = Date.parse(file.modified_on);
 	if (!Number.isNaN(unixTime)) {
 		const lastModifiedDate = new Date(unixTime);
 		res.setHeader("Last-Modified", lastModifiedDate.toUTCString());
+		res.setHeader("ETag", `"${Math.floor(unixTime / 1e3)}"`);
 	}
 	if (range) {
 		res.setHeader("Content-Range", `bytes ${range.start}-${range.end || stat.size - 1}/${stat.size}`);

package/dist/controllers/schema.js

@@ -4,7 +4,7 @@ import { respond } from "../middleware/respond.js";
 import { getVersionedHash } from "../utils/get-versioned-hash.js";
 import { SchemaService } from "../services/schema.js";
 import { InvalidPayloadError, UnsupportedMediaTypeError } from "@directus/errors";
-import { parseJSON } from "@directus/utils";
+import { parseJSON, toBoolean } from "@directus/utils";
 import express from "express";
 import { load } from "js-yaml";
 import Busboy from "busboy";
@@ -83,7 +83,7 @@ router.post("/diff", async_handler_default(schemaMultipartHandler), async_handle
 router.post("/apply", async_handler_default(schemaMultipartHandler), async_handler_default(async (req, res, next) => {
 	const service = new SchemaService({ accountability: req.accountability });
 	const diff = res.locals["upload"];
-	await service.apply(diff);
+	await service.apply(diff, { force: toBoolean(req.query["force"]) });
 	return next();
 }), respond);
 var schema_default = router;

package/dist/extensions/lib/installation/manager.js

@@ -7,10 +7,10 @@ import { useEnv } from "@directus/env";
 import { ErrorCode, ServiceUnavailableError, isDirectusError } from "@directus/errors";
 import { move, remove } from "fs-extra";
 import { Readable } from "node:stream";
+import PQueue from "p-queue";
 import { download } from "@directus/extensions-registry";
 import { EXTENSION_PKG_KEY, ExtensionManifest } from "@directus/extensions";
 import DriverLocal from "@directus/storage-driver-local";
-import Queue from "p-queue";
 import { extract } from "tar";
 
 //#region src/extensions/lib/installation/manager.ts
@@ -50,7 +50,7 @@ var InstallationManager = class {
 			if (!(await ExtensionManifest.parseAsync(packageFile))[EXTENSION_PKG_KEY]?.type) throw new Error(`Extension type not found in package.json`);
 			if (env["EXTENSIONS_LOCATION"]) {
 				const remoteDisk = (await getStorage()).location(env["EXTENSIONS_LOCATION"]);
-				const queue = new Queue({ concurrency: 1e3 });
+				const queue = new PQueue({ concurrency: 1e3 });
 				for await (const filepath of tmpStorage.list(extractedPath)) {
 					const readStream = await tmpStorage.read(filepath);
 					const remotePath = join(env["EXTENSIONS_PATH"], ".registry", versionId, filepath.substring(7));
@@ -74,7 +74,7 @@ var InstallationManager = class {
 	async uninstall(folder) {
 		if (env["EXTENSIONS_LOCATION"]) {
 			const remoteDisk = (await getStorage()).location(env["EXTENSIONS_LOCATION"]);
-			const queue = new Queue({ concurrency: 1e3 });
+			const queue = new PQueue({ concurrency: 1e3 });
 			const prefix = join(env["EXTENSIONS_PATH"], ".registry", folder);
 			for await (const filepath of remoteDisk.list(prefix)) queue.add(() => remoteDisk.delete(filepath));
 			await queue.onIdle();

package/dist/extensions/lib/sync/sync.js

@@ -13,8 +13,8 @@ import { useEnv } from "@directus/env";
 import { normalizePath } from "@directus/utils";
 import { dirname, join, relative, resolve, sep } from "node:path";
 import { pipeline } from "node:stream/promises";
+import PQueue from "p-queue";
 import { createWriteStream } from "node:fs";
-import Queue from "p-queue";
 import mid from "node-machine-id";
 
 //#region src/extensions/lib/sync/sync.ts
@@ -50,7 +50,7 @@ async function syncExtensions(options) {
 				return;
 			}
 		}
-		const queue = new Queue({ concurrency: 1e3 });
+		const queue = new PQueue({ concurrency: 1e3 });
 		const fileTracker = new SyncFileTracker();
 		const hasLocalFiles = await fileTracker.readLocalFiles(localExtensionsPath) > 0;
 		for await (const filepath of disk.list(remoteExtensionsPath)) {

package/dist/extensions/manager.js

@@ -8,7 +8,6 @@ import { getSchema } from "../utils/get-schema.js";
 import { deleteFromRequireCache } from "../utils/delete-from-require-cache.js";
 import getModuleDefault from "../utils/get-module-default.js";
 import { importFileUrl } from "../utils/import-file-url.js";
-import { JobQueue } from "../utils/job-queue.js";
 import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
 import { getExtensionsSettings } from "./lib/get-extensions-settings.js";
 import { getExtensions } from "./lib/get-extensions.js";
@@ -30,6 +29,7 @@ import { pathToRelativeUrl, processId } from "@directus/utils/node";
 import { fileURLToPath } from "node:url";
 import { HYBRID_EXTENSION_TYPES } from "@directus/constants";
 import { dirname, join as join$1, relative, resolve, sep } from "node:path";
+import PQueue from "p-queue";
 import os from "node:os";
 import { APP_SHARED_DEPS } from "@directus/extensions";
 import { generateExtensionsEntrypoint } from "@directus/extensions/node";
@@ -97,7 +97,7 @@ var ExtensionManager = class {
 	* Used to prevent race conditions when reloading extensions. Forces each reload to happen in
 	* sequence.
 	*/
-	reloadQueue = new JobQueue();
+	reloadQueue = new PQueue({ concurrency: 1 });
 	/**
 	* Used to prevent race condition when reading extension data while reloading extensions
 	*/
@@ -248,7 +248,7 @@ var ExtensionManager = class {
 			resolve$1 = res;
 			reject = rej;
 		});
-		this.reloadQueue.enqueue(async () => {
+		this.reloadQueue.add(async () => {
 			if (this.isLoaded) {
 				const prevExtensions = clone(this.extensions);
 				await this.unload();

package/dist/flows.js

@@ -8,7 +8,6 @@ import emitter_default from "./emitter.js";
 import { getSchema } from "./utils/get-schema.js";
 import { ActivityService } from "./services/activity.js";
 import { getService } from "./utils/get-service.js";
-import { JobQueue } from "./utils/job-queue.js";
 import { scheduleSynchronizedJob, validateCron } from "./utils/schedule.js";
 import { RevisionsService } from "./services/revisions.js";
 import { services_exports } from "./services/index.js";
@@ -22,6 +21,7 @@ import { pick } from "lodash-es";
 import { Action } from "@directus/constants";
 import { isSystemCollection } from "@directus/system-data";
 import { get as get$1 } from "micromustache";
+import PQueue from "p-queue";
 
 //#region src/flows.ts
 let flowManager;
@@ -41,15 +41,15 @@ var FlowManager = class {
 	triggerHandlers = [];
 	operationFlowHandlers = {};
 	webhookFlowHandlers = {};
-	reloadQueue;
+	reloadQueue = new PQueue({ concurrency: 1 });
 	envs;
 	constructor() {
 		const env = useEnv();
-		const logger = useLogger();
-		this.reloadQueue = new JobQueue();
 		this.envs = env["FLOWS_ENV_ALLOW_LIST"] ? pick(env, toArray(env["FLOWS_ENV_ALLOW_LIST"])) : {};
-		useBus().subscribe("flows", (event) => {
-			if (event["type"] === "reload") this.reloadQueue.enqueue(async () => {
+		const messenger = useBus();
+		const logger = useLogger();
+		messenger.subscribe("flows", (event) => {
+			if (event.type === "reload") this.reloadQueue.add(async () => {
 				if (this.isLoaded) {
 					await this.unload();
 					await this.load();
@@ -70,6 +70,7 @@ var FlowManager = class {
 		this.operations.delete(id);
 	}
 	async runOperationFlow(id, data, context) {
+		if (this.reloadQueue.pending > 0) await this.reloadQueue.onIdle();
 		const logger = useLogger();
 		if (!(id in this.operationFlowHandlers)) {
 			logger.warn(`Couldn't find operation triggered flow with id "${id}"`);
@@ -79,6 +80,7 @@ var FlowManager = class {
 		return handler(data, context);
 	}
 	async runWebhookFlow(id, data, context) {
+		if (this.reloadQueue.pending > 0) await this.reloadQueue.onIdle();
 		const logger = useLogger();
 		if (!(id in this.webhookFlowHandlers)) {
 			logger.warn(`Couldn't find webhook or manual triggered flow with id "${id}"`);

package/dist/services/collections.js

@@ -47,6 +47,7 @@ var CollectionsService = class CollectionsService {
 		if (!("collection" in payload)) throw new InvalidPayloadError({ reason: `"collection" is required` });
 		if (typeof payload.collection !== "string" || payload.collection === "") throw new InvalidPayloadError({ reason: `"collection" must be a non-empty string` });
 		if (payload.collection.startsWith("directus_")) throw new InvalidPayloadError({ reason: `Collections can't start with "directus_"` });
+		if (payload.collection.includes("/")) throw new InvalidPayloadError({ reason: `Collection name can't contain "/"` });
 		payload.collection = await this.helpers.schema.parseCollectionName(payload.collection);
 		const nestedActionEvents = [];
 		try {

package/dist/services/schema.js

@@ -19,10 +19,10 @@ var SchemaService = class {
 		if (this.accountability?.admin !== true) throw new ForbiddenError();
 		return await getSnapshot({ database: this.knex });
 	}
-	async apply(payload) {
+	async apply(payload, options) {
 		if (this.accountability?.admin !== true) throw new ForbiddenError();
 		const currentSnapshot = await this.snapshot();
-		if (!validateApplyDiff(payload, this.getHashedSnapshot(currentSnapshot))) return;
+		if (!validateApplyDiff(payload, this.getHashedSnapshot(currentSnapshot), options?.force)) return;
 		await applyDiff(currentSnapshot, payload.diff, { database: this.knex });
 	}
 	async diff(snapshot, options) {

package/dist/services/versions.js

@@ -136,34 +136,35 @@ var VersionsService = class VersionsService extends ItemsService {
 			knex: this.knex,
 			schema: this.schema
 		});
-		const activityService = new ActivityService({
-			knex: this.knex,
-			schema: this.schema
-		});
-		const revisionsService = new RevisionsService({
-			knex: this.knex,
-			schema: this.schema
-		});
 		const { item, collection, delta: existingDelta } = version;
-		const activity = await activityService.createOne({
-			action: Action.VERSION_SAVE,
-			user: this.accountability?.user ?? null,
-			collection,
-			ip: this.accountability?.ip ?? null,
-			user_agent: this.accountability?.userAgent ?? null,
-			origin: this.accountability?.origin ?? null,
-			item
-		});
 		const helpers = getHelpers(this.knex);
 		let revisionDelta = await payloadService.prepareDelta(delta);
-		await revisionsService.createOne({
-			activity,
-			version: key,
-			collection,
-			item,
-			data: revisionDelta,
-			delta: revisionDelta
-		});
+		const trackingAccountability = this.schema.collections[collection]?.accountability ?? null;
+		if (trackingAccountability !== null) {
+			const activity = await new ActivityService({
+				knex: this.knex,
+				schema: this.schema
+			}).createOne({
+				action: Action.VERSION_SAVE,
+				user: this.accountability?.user ?? null,
+				collection,
+				ip: this.accountability?.ip ?? null,
+				user_agent: this.accountability?.userAgent ?? null,
+				origin: this.accountability?.origin ?? null,
+				item
+			});
+			if (trackingAccountability === "all") await new RevisionsService({
+				knex: this.knex,
+				schema: this.schema
+			}).createOne({
+				activity,
+				version: key,
+				collection,
+				item,
+				data: revisionDelta,
+				delta: revisionDelta
+			});
+		}
 		revisionDelta = revisionDelta ? revisionDelta : null;
 		const date = new Date(helpers.date.writeTimestamp((/* @__PURE__ */ new Date()).toISOString()));
 		deepMapObjects(revisionDelta, (object, path) => {

package/dist/utils/validate-diff.js

@@ -53,13 +53,17 @@ const applyJoiSchema = Joi.object({
 /**
 * Validates the diff against the current schema snapshot.
 *
+* @param applyDiff The diff to validate with the expected hash
+* @param currentSnapshotWithHash The current snapshot with hash to validate against
+* @param force When true bypass hash validation. Use with caution as this can lead to unintended consequences, only use when the diff can be applied irrespective of the current schema.
+*
 * @returns True if the diff can be applied (valid & not empty).
 */
-function validateApplyDiff(applyDiff, currentSnapshotWithHash) {
+function validateApplyDiff(applyDiff, currentSnapshotWithHash, force = false) {
 	const { error } = applyJoiSchema.validate(applyDiff);
 	if (error) throw new InvalidPayloadError({ reason: error.message });
 	if (applyDiff.diff.collections.length === 0 && applyDiff.diff.fields.length === 0 && applyDiff.diff.systemFields.length === 0 && applyDiff.diff.relations.length === 0) return false;
-	if (applyDiff.hash === currentSnapshotWithHash.hash) return true;
+	if (applyDiff.hash === currentSnapshotWithHash.hash || force) return true;
 	for (const diffCollection of applyDiff.diff.collections) {
 		const collection = diffCollection.collection;
 		if (diffCollection.diff[0]?.kind === DiffKind.NEW) {
@@ -97,7 +101,7 @@ function validateApplyDiff(applyDiff, currentSnapshotWithHash) {
 			if (!currentSnapshotWithHash.relations.find((r) => r.collection === diffRelation.collection && r.field === diffRelation.field)) throw new InvalidPayloadError({ reason: `Provided diff is trying to delete relation "${relation}" but it does not exist. Please generate a new diff and try again` });
 		}
 	}
-	throw new InvalidPayloadError({ reason: `Provided hash does not match the current instance's schema hash, indicating the schema has changed after this diff was generated. Please generate a new diff and try again` });
+	throw new InvalidPayloadError({ reason: `Provided hash does not match the current instance's schema hash, indicating the schema has changed after this diff was generated. Please generate a new diff and try again or use the "force" query parameter to bypass this check` });
 }
 
 //#endregion

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "35.1.0",
+  "version": "35.2.0",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -121,7 +121,7 @@
     "keyv": "5.5.3",
     "knex": "3.1.0",
     "ldapts": "8.1.3",
-    "liquidjs": "10.25.5",
+    "liquidjs": "10.25.7",
     "lodash-es": "4.18.1",
     "marked": "16.4.1",
     "micromustache": "8.0.3",
@@ -166,30 +166,29 @@
     "zod": "4.1.12",
     "zod-validation-error": "4.0.2",
     "@directus/ai": "1.3.1",
-    "@directus/app": "15.9.0",
+    "@directus/env": "5.8.0",
+    "@directus/app": "15.10.0",
     "@directus/errors": "2.3.1",
-    "@directus/extensions": "3.0.24",
-    "@directus/env": "5.7.1",
+    "@directus/extensions": "3.0.25",
     "@directus/constants": "14.3.0",
-    "@directus/extensions-registry": "3.0.25",
+    "@directus/extensions-registry": "3.0.26",
+    "@directus/extensions-sdk": "17.1.4",
     "@directus/format-title": "12.1.2",
-    "@directus/extensions-sdk": "17.1.3",
-    "@directus/pressure": "3.0.21",
-    "@directus/memory": "3.1.7",
+    "@directus/memory": "3.1.8",
     "@directus/schema": "13.0.8",
-    "@directus/specs": "13.0.0",
-    "@directus/schema-builder": "0.0.19",
-    "@directus/storage-driver-azure": "12.0.21",
+    "@directus/pressure": "3.0.22",
     "@directus/storage": "12.0.4",
-    "@directus/storage-driver-gcs": "12.0.21",
-    "@directus/storage-driver-s3": "12.1.7",
-    "@directus/storage-driver-cloudinary": "12.0.21",
-    "@directus/storage-driver-supabase": "3.0.21",
+    "@directus/storage-driver-cloudinary": "12.0.22",
+    "@directus/storage-driver-azure": "12.0.22",
+    "@directus/specs": "13.0.0",
+    "@directus/storage-driver-gcs": "12.0.22",
     "@directus/storage-driver-local": "12.0.4",
-    "@directus/system-data": "4.4.0",
-    "@directus/utils": "13.4.0",
-    "directus": "11.17.3",
-    "@directus/validation": "2.0.22"
+    "@directus/storage-driver-s3": "12.1.8",
+    "@directus/storage-driver-supabase": "3.0.22",
+    "@directus/utils": "13.4.1",
+    "@directus/validation": "2.0.23",
+    "directus": "11.17.4",
+    "@directus/system-data": "4.4.0"
   },
   "devDependencies": {
     "@directus/tsconfig": "4.0.0",
@@ -231,8 +230,8 @@
     "knex-mock-client": "3.0.2",
     "typescript": "5.9.3",
     "vitest": "3.2.4",
-    "@directus/schema-builder": "0.0.19",
-    "@directus/types": "15.0.2"
+    "@directus/schema-builder": "0.0.20",
+    "@directus/types": "15.0.3"
   },
   "optionalDependencies": {
     "@keyv/redis": "3.0.1",

package/dist/utils/job-queue.js

@@ -1,24 +0,0 @@
-//#region src/utils/job-queue.ts
-var JobQueue = class {
-	running;
-	jobs;
-	constructor() {
-		this.running = false;
-		this.jobs = [];
-	}
-	enqueue(job) {
-		this.jobs.push(job);
-		if (!this.running) this.run();
-	}
-	async run() {
-		this.running = true;
-		while (this.jobs.length > 0) await this.jobs.shift()();
-		this.running = false;
-	}
-	get size() {
-		return this.jobs.length;
-	}
-};
-
-//#endregion
-export { JobQueue };