Bump payload from 3.78.0 to 3.79.1

[dependabot]

Bumps payload from 3.78.0 to 3.79.1.

Release notes

Sourced from payload's releases.

v3.79.1

v3.79.1 (2026-03-16)

🐛 Bug Fixes

• text field validation rejecting localized object values (#15932) (fac59c8)
• use Sec-Fetch-Site header for cookie authentication validation (#15751) (ef507a6)
• improved request origin retrieval (#15919) (f30d34f)
• generate:types inlines all blocks, add forceInlineBlocks property to use in plugin mcp (#15892) (6a9e367)
• update broken custom components docs link in config types jsdoc (#15794) (17aa1b5)
• run sanitizeWhereQuery for join query access result (#15891) (dc049fe)
• early return out of me access (#15883) (c6054c5)
• scope orderable join reordering by parent relation (#15842) (17a0d19)
• stricter input validation (#15868) (e474205)
• drizzle: avoid ts errors for payload generate:db-schema with circular references (#15895) (66a2efa)
• drizzle: error when using contains operator on hasMany select fields (#15865) (fba2438)
• drizzle: correctly apply query limit on polymorphic joins (#15652) (fe36dde)
• plugin-import-export: add space in zh translation for exportDocu… (#15833) (43d5596)
• plugin-mcp: bump @​modelcontextprotocol/sdk from 1.25.2 to 1.27.1 (#15942) (94d2249)
• storage-azure: add stream aborts for error handling and connection closure (#15768) (b2a03c9)
• ui: stale data modal incorrectly shown when user saves their own document (#15933) (a5d9388)
• ui: copy & pasting block content duplicates array items in editor UI (#15941) (9bcedc8)
• ui: deleted array item reappears after reorder with autosave (#15906) (752c15a)
• ui: use consistent empty state styling in relationship table (#15914) (93b90da)
• ui: clicking filtered Combobox entries fails to trigger selection (#15788) (de3e5ae)
• ui: document status shows changed after publishing specific locale (#15765) (b95df0b)
• ui: split only on first colon in toast error messages (#15894) (fd64504)
• ui: block clipboard paste causes duplicate ID errors in Postgres (#15863) (e7d6331)
• ui: monomorphic relationship fields don't support multi-select with in/not_in operators (#15886) (f71ef61)
• ui: equal column widths for block-drawer blocks (#15867) (07f7802)
• ui: isolate join table column preferences from list view (#15846) (649f117)
• ui: falling back to UTC timezones in timezone picker (#15841) (70099b7)

⚡ Performance

• richtext-lexical: 3-15x less main thread blocking via centralized toolbar state (#15832) (2bdf7ce)

📚 Documentation

• correct type name in editMenuItems client component example (#15904) (03b20d0)
• adds req to available args and wraps examples with proper String type conversions in nested-docs (#15931) (d2a0740)
• adds docs for logger config (#15927) (46e43fc)
• fix links to virtual relationship documentation in both Blocks and Array field documentation (#15888) (fff60c8)
• broken anchor link in blocks field table (#15887) (36c051a)
• examples: clarify MongoDB prerequisites in Mongo-backed examples (#15860) (2aa973f)
• plugin-mcp: updates MCP plugin documentation (#15729) (b97b4e7)

🧪 Tests

... (truncated)

Commits

• 25a0e16 chore(release): v3.79.1 [skip ci]
• e474205 fix: stricter input validation (#15868)
• fac59c8 fix: text field validation rejecting localized object values (#15932)
• ef507a6 fix: use Sec-Fetch-Site header for cookie authentication validation (#15751)
• f30d34f fix: improved request origin retrieval (#15919)
• 6a9e367 fix: generate:types inlines all blocks, add forceInlineBlocks property to u...
• 17aa1b5 fix: update broken custom components docs link in config types jsdoc (#15794)
• dc049fe fix: run sanitizeWhereQuery for join query access result (#15891)
• c6054c5 fix: early return out of me access (#15883)
• 17a0d19 fix: scope orderable join reordering by parent relation (#15842)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.