By default, Statamic asset fields don’t validate size or file type. Recently I’ve had a bit of trouble with large image files clogging up the Git repo and image color being off due to the client uploading huge Tiff files.
To prevent this from now on, I decided to limit image uploads to the jpeg and png MIME types and add a maximum file size of ~20M.
validate:
- 'mimetypes:image/jpeg,image/png'
- 'max_filesize:20000'
It’s probably a good idea to define some validation rules that fit your project and provide them by default to prevent problems in the future.
PS: I generate webp
versions for each image served, that’s why I don’t allow more modern formats to be uploaded. This way I can make sure to always have a format that is supported everywhere as a fallback.