feat: Deprecation DEPPS113: Config option enableInsecureAuthAdapters defaults to false (#9982)
BREAKING CHANGE: This release changes the config option `enableInsecureAuthAdapters` default to `false` (Deprecation DEPPS13).
This commit is contained in:
Manuel
GitHub
@@ -16,6 +16,7 @@ The following is a list of deprecations, according to the [Deprecation Policy](h
|
|||||||
| DEPPS10 | Encode `Parse.Object` in Cloud Function and remove option `encodeParseObjectInCloudFunction` | [#8634](https://github.com/parse-community/parse-server/issues/8634) | 6.2.0 (2023) | 9.0.0 (2026) | removed | - |
|
| DEPPS10 | Encode `Parse.Object` in Cloud Function and remove option `encodeParseObjectInCloudFunction` | [#8634](https://github.com/parse-community/parse-server/issues/8634) | 6.2.0 (2023) | 9.0.0 (2026) | removed | - |
|
||||||
| DEPPS11 | Replace `PublicAPIRouter` with `PagesRouter` | [#7625](https://github.com/parse-community/parse-server/issues/7625) | 8.0.0 (2025) | 9.0.0 (2026) | removed | - |
|
| DEPPS11 | Replace `PublicAPIRouter` with `PagesRouter` | [#7625](https://github.com/parse-community/parse-server/issues/7625) | 8.0.0 (2025) | 9.0.0 (2026) | removed | - |
|
||||||
| DEPPS12 | Database option `allowPublicExplain` defaults to `false` | [#7519](https://github.com/parse-community/parse-server/issues/7519) | 8.5.0 (2025) | 9.0.0 (2026) | removed | - |
|
| DEPPS12 | Database option `allowPublicExplain` defaults to `false` | [#7519](https://github.com/parse-community/parse-server/issues/7519) | 8.5.0 (2025) | 9.0.0 (2026) | removed | - |
|
||||||
|
| DEPPS13 | Config option `enableInsecureAuthAdapters` defaults to `false` | [#9667](https://github.com/parse-community/parse-server/pull/9667) | 8.0.0 (2025) | 9.0.0 (2026) | removed | - |
|
||||||
|
|
||||||
[i_deprecation]: ## "The version and date of the deprecation."
|
[i_deprecation]: ## "The version and date of the deprecation."
|
||||||
[i_removal]: ## "The version and date of the planned removal."
|
[i_removal]: ## "The version and date of the planned removal."
|
||||||
|
|||||||
@@ -49,6 +49,7 @@ describe('Security Check Groups', () => {
|
|||||||
config.masterKey = 'insecure';
|
config.masterKey = 'insecure';
|
||||||
config.security.enableCheckLog = true;
|
config.security.enableCheckLog = true;
|
||||||
config.allowClientClassCreation = true;
|
config.allowClientClassCreation = true;
|
||||||
|
config.enableInsecureAuthAdapters = true;
|
||||||
config.graphQLPublicIntrospection = true;
|
config.graphQLPublicIntrospection = true;
|
||||||
await reconfigureServer(config);
|
await reconfigureServer(config);
|
||||||
|
|
||||||
|
|||||||
@@ -15,6 +15,4 @@
|
|||||||
*
|
*
|
||||||
* If there are no deprecations, this must return an empty array.
|
* If there are no deprecations, this must return an empty array.
|
||||||
*/
|
*/
|
||||||
module.exports = [
|
module.exports = [];
|
||||||
{ optionKey: 'enableInsecureAuthAdapters', changeNewDefault: 'false' },
|
|
||||||
];
|
|
||||||
|
|||||||
@@ -244,9 +244,9 @@ module.exports.ParseServerOptions = {
|
|||||||
enableInsecureAuthAdapters: {
|
enableInsecureAuthAdapters: {
|
||||||
env: 'PARSE_SERVER_ENABLE_INSECURE_AUTH_ADAPTERS',
|
env: 'PARSE_SERVER_ENABLE_INSECURE_AUTH_ADAPTERS',
|
||||||
help:
|
help:
|
||||||
'Enable (or disable) insecure auth adapters, defaults to true. Insecure auth adapters are deprecated and it is recommended to disable them.',
|
'Optional. Enables insecure authentication adapters. Insecure auth adapters are deprecated and will be removed in a future version. Defaults to `false`.',
|
||||||
action: parsers.booleanParser,
|
action: parsers.booleanParser,
|
||||||
default: true,
|
default: false,
|
||||||
},
|
},
|
||||||
enableSanitizedErrorResponse: {
|
enableSanitizedErrorResponse: {
|
||||||
env: 'PARSE_SERVER_ENABLE_SANITIZED_ERROR_RESPONSE',
|
env: 'PARSE_SERVER_ENABLE_SANITIZED_ERROR_RESPONSE',
|
||||||
|
|||||||
@@ -44,7 +44,7 @@
|
|||||||
* @property {Boolean} enableAnonymousUsers Enable (or disable) anonymous users, defaults to true
|
* @property {Boolean} enableAnonymousUsers Enable (or disable) anonymous users, defaults to true
|
||||||
* @property {Boolean} enableCollationCaseComparison Optional. If set to `true`, the collation rule of case comparison for queries and indexes is enabled. Enable this option to run Parse Server with MongoDB Atlas Serverless or AWS Amazon DocumentDB. If `false`, the collation rule of case comparison is disabled. Default is `false`.
|
* @property {Boolean} enableCollationCaseComparison Optional. If set to `true`, the collation rule of case comparison for queries and indexes is enabled. Enable this option to run Parse Server with MongoDB Atlas Serverless or AWS Amazon DocumentDB. If `false`, the collation rule of case comparison is disabled. Default is `false`.
|
||||||
* @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
|
* @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
|
||||||
* @property {Boolean} enableInsecureAuthAdapters Enable (or disable) insecure auth adapters, defaults to true. Insecure auth adapters are deprecated and it is recommended to disable them.
|
* @property {Boolean} enableInsecureAuthAdapters Optional. Enables insecure authentication adapters. Insecure auth adapters are deprecated and will be removed in a future version. Defaults to `false`.
|
||||||
* @property {Boolean} enableSanitizedErrorResponse If set to `true`, error details are removed from error messages in responses to client requests, and instead a generic error message is sent. Default is `true`.
|
* @property {Boolean} enableSanitizedErrorResponse If set to `true`, error details are removed from error messages in responses to client requests, and instead a generic error message is sent. Default is `true`.
|
||||||
* @property {String} encryptionKey Key for encrypting your files
|
* @property {String} encryptionKey Key for encrypting your files
|
||||||
* @property {Boolean} enforcePrivateUsers Set to true if new users should be created without public read and write access.
|
* @property {Boolean} enforcePrivateUsers Set to true if new users should be created without public read and write access.
|
||||||
|
|||||||
@@ -167,9 +167,9 @@ export interface ParseServerOptions {
|
|||||||
/* Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication
|
/* Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication
|
||||||
:ENV: PARSE_SERVER_AUTH_PROVIDERS */
|
:ENV: PARSE_SERVER_AUTH_PROVIDERS */
|
||||||
auth: ?{ [string]: AuthAdapter };
|
auth: ?{ [string]: AuthAdapter };
|
||||||
/* Enable (or disable) insecure auth adapters, defaults to true. Insecure auth adapters are deprecated and it is recommended to disable them.
|
/* Optional. Enables insecure authentication adapters. Insecure auth adapters are deprecated and will be removed in a future version. Defaults to `false`.
|
||||||
:ENV: PARSE_SERVER_ENABLE_INSECURE_AUTH_ADAPTERS
|
:ENV: PARSE_SERVER_ENABLE_INSECURE_AUTH_ADAPTERS
|
||||||
:DEFAULT: true */
|
:DEFAULT: false */
|
||||||
enableInsecureAuthAdapters: ?boolean;
|
enableInsecureAuthAdapters: ?boolean;
|
||||||
/* Max file size for uploads, defaults to 20mb
|
/* Max file size for uploads, defaults to 20mb
|
||||||
:DEFAULT: 20mb */
|
:DEFAULT: 20mb */
|
||||||
|
|||||||
Reference in New Issue
Block a user