joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,971 Commits 2 Branches 18 Tags
460a65cf612f4c86af8038cafcc7e7ffe9eb8440
Commit Graph

1427 Commits

Author SHA1 Message Date
Daniel
460a65cf61 feat: Allow option publicServerURL to be set dynamically as asynchronous function (#9803) 2025-11-07 19:18:58 +01:00
Manuel
97763863b7 fix: Uploading a file by providing an origin URL allows for Server-Side Request Forgery (SSRF); fixes vulnerability [GHSA-x4qj-2f4q-r4rx](https://github.com/parse-community/parse-server/security/advisories/GHSA-x4qj-2f4q-r4rx) (#9903) 2025-11-05 14:39:52 +01:00
Manuel
ea91aca142 feat: Add options to skip automatic creation of internal database indexes on server start (#9897) 2025-11-01 18:22:52 +01:00
Manuel
62dd3c565a fix: Indexes _email_verify_token for email verification and _perishable_token password reset are not created automatically (#9893) 2025-11-01 13:52:23 +01:00
mavriel@gmail.com
f49efaf5bb fix: Stale data read in validation query on Parse.Object update causes inconsistency between validation read and subsequent update write operation (#9859) 2025-10-24 20:58:44 +02:00
Antoine Cormouls
eb052d8e6a fix: Error in afterSave trigger for Parse.Role due to name field (#9883) 2025-10-22 14:12:51 +02:00
Antoine Cormouls
1815b019b5 fix: Warning logged when setting option databaseOptions.disableIndexFieldValidation (#9880) 2025-10-16 09:29:02 +02:00
Antoine Cormouls
abfa94cd6d fix: Security upgrade to parse 7.0.1 (#9877) 2025-10-15 18:39:37 +02:00
Antoine Cormouls
64f104e5c5 feat: Add request context middleware for config and dependency injection in hooks (#8480) 2025-10-14 20:16:31 +02:00
EmpiDev
0b4740714c feat: Allow returning objects in Parse.Cloud.beforeFind without invoking database query (#9770) 2025-10-14 18:13:28 +02:00
Antoine Cormouls
1b2347524c feat: Disable index-field validation to create index for fields that don't yet exist (#8137) 2025-10-10 00:03:52 +02:00
Manuel
7cb962a028 feat: Add regex option u for unicode support in Parse.Query.matches for MongoDB (#9867) 2025-10-03 16:38:41 +02:00
Rahul Lanjewar
89fad468c3 feat: Add option keepUnknownIndexes to retain indexes which are not specified in schema (#9857) 2025-10-03 14:35:34 +02:00
Manuel
847a274cdb fix: MongoDB aggregation pipeline with $dateSubtract from $$NOW returns no results (#9822) 2025-07-13 02:44:08 +02:00
Manuel
c58b2eb6eb fix: Data schema exposed via GraphQL API public introspection (GHSA-48q3-prgv-gm4w) (#9819) 2025-07-10 04:25:09 +02:00
Manuel
2c29756038 refactor: Add a few lint rules to test files in /spec (#9815) 2025-07-04 20:24:08 +02:00
Rahul Lanjewar
0db3a6ff27 fix: Parse.Query.containedIn and matchesQuery do not work with nested objects (#9738) 2025-05-03 12:52:31 +02:00
Diamond Lewis
ed69e03acf ci: Fix flaky sendVerificationEmail tests (#9692) 2025-04-15 17:25:42 +01:00
Diamond Lewis
9de6999e25 perf: Add details to error message in Parse.Query.aggregate (#9689) 2025-04-07 21:54:18 +02:00
Diamond Lewis
af40af51f3 ci: Fix flaky LiveQuery tests (#9694) 2025-04-07 04:01:36 +02:00
Daniel
f49c371c13 feat: Upgrade Parse JS SDK from 6.0.0 to 6.1.0 (#9686) 2025-04-02 00:09:53 +01:00
Diamond Lewis
aed918d310 fix: Parse Server doesn't shutdown gracefully (#9634) 2025-03-27 21:38:51 +01:00
Daniel
b2beaa86ff feat: Add Cloud Code triggers Parse.Cloud.beforeFind(Parse.File)and Parse.Cloud.afterFind(Parse.File) (#8700) 2025-03-27 18:22:14 +01:00
Daniel
12b5d781dc feat: Add default ACL (#8701) 2025-03-24 15:15:27 +01:00
Manuel
5ef0440c8e fix: Authentication provider credentials are usable across Parse Server apps; fixes security vulnerability [GHSA-837q-jhwx-cmpv](https://github.com/parse-community/parse-server/security/advisories/GHSA-837q-jhwx-cmpv) (#9667) 2025-03-21 10:49:09 +01:00
Diamond Lewis
97d4a9e783 refactor: Bump to jasmine 5.6.0 (#9453) 2025-03-11 21:34:14 +01:00
Daniel
533a60e218 refactor: Add internal method Utils.encodeForUrl for properly encoding email addresses for use in URLs (#9541) 2025-03-06 01:57:37 +01:00
Daniel
6258a6a112 fix: Using Parse Server option extendSessionOnUse does not correctly clear memory and functions as a debounce instead of a throttle (#8683) 2025-03-06 01:34:52 +01:00
Colin Ulin
e0480dfa8d feat: Upgrade to express 5.0.1 (#9530) 
BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
 2025-03-03 22:11:42 +01:00
Daniel
bf9db75e86 feat: Upgrade to Parse JS SDK 6.0.0 (#9624) 
BREAKING CHANGE: This upgrades to the Parse JS SDK 6.0.0. See the [change log](https://github.com/parse-community/Parse-SDK-JS/releases/tag/6.0.0) of the Parse JS SDK for breaking changes and more details.
 2025-03-03 00:47:40 +01:00
Daniel
d21dd97336 fix: Remove username from email verification and password reset process (#8488) 
BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
 2025-03-02 02:32:43 +01:00
Mohammad Ali
bbc6bd4b3f fix: LiveQueryServer crashes using cacheAdapter on disconnect from Redis 4 server (#9616) 2025-02-24 02:48:10 +01:00
Daniel
6f1d161a2f feat: Add dynamic master key by setting Parse Server option masterKey to a function (#9582) 2025-02-12 22:23:18 +01:00
Daniel
889dbb5aee refactor: Upgrade to eslint 9.19.0 (#9580) 2025-02-01 15:32:43 +01:00
Daniel
59e46d0aea feat: Add TypeScript support (#9550) 2025-01-30 01:45:35 +01:00
Colin Ulin
5966068e96 feat: Add support for MongoDB databaseOptions keys autoSelectFamily, autoSelectFamilyAttemptTimeout (#9579) 2025-01-30 01:28:04 +01:00
Daniel
a68f71b3de refactor: Upgrade to commander 13.0.0 (#9574) 2025-01-29 06:04:54 +01:00
Colin Ulin
91618fe738 feat: Add support for MongoDB databaseOptions keys minPoolSize, connectTimeoutMS, socketTimeoutMS (#9522) 2025-01-28 02:21:40 +01:00
Daniel
34636be5b7 test: Add test for saving file without extension (#9535) 2025-01-16 15:33:12 +01:00
Manuel
871e5082a9 feat: Increase required minimum MongoDB versions to 6.0.19, 7.0.16, 8.0.4 (#9531) 
BREAKING CHANGE: This releases increases the required minimum MongoDB versions to `6.0.19`, `7.0.16`, `8.0.4` and removes support for MongoDB `4`, `5`.
 2025-01-12 01:44:10 +01:00
Manuel
d097929e1c ci: Fix invalid MongoDB version ranges for tests (#9474) 2024-12-09 01:18:57 +01:00
Antoine Cormouls
7d8603f1c2 refactor: Upgrade to mongodb 6.10.0 (#9362) 2024-10-23 21:27:42 +02:00
Antoine Cormouls
412e72463e refactor: Upgrade apollo-upload-client from 17.0.0 to 18.0.1 (#9031) 2024-10-23 19:40:37 +02:00
Mohammad Ali
5f66c6a075 fix: Parse.Query.distinct fails due to invalid aggregate stage 'hint' (#9295) 2024-10-22 20:51:58 +02:00
Manuel
dfd5a8edbf ci: Add lint rule for mandatory curly braces (#9348) 2024-10-16 19:57:42 +02:00
Manuel
13ee52f0d1 fix: Custom object ID allows to acquire role privileges ([GHSA-8xq9-g7ch-35hg](https://github.com/parse-community/parse-server/security/advisories/GHSA-8xq9-g7ch-35hg)) (#9317) 2024-10-03 21:17:14 +02:00
Vahid Sane
1a2da4055a feat: Add support for asynchronous invocation of FilesAdapter.getFileLocation (#9271) 2024-08-27 17:09:19 +02:00
Doug Drechsel
2a63129ff6 test: Add more test IDs (#9285) 2024-08-16 21:21:56 +02:00
Manuel
9552a4cbee ci: Fix test exclusion list in combination with other exclusions (#9277) 2024-08-13 22:13:19 +02:00
Diamond Lewis
9fd707092e ci: Add test retry logic for flaky tests (#9218) 2024-08-11 14:24:50 +02:00