joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,014 Commits 2 Branches 18 Tags
47521974aeafcf41102be62f19612a4ab0a4837f
Commit Graph

1760 Commits

Author SHA1 Message Date
Lucas Coratger
47521974ae feat: Add Parse Server option enableSanitizedErrorResponse to remove detailed error messages from responses sent to clients (#9944) 2025-11-28 19:48:35 +01:00
Manuel
12beb8f6ee fix: Parse Server option rateLimit.zone does not use default value ip (#9941) 2025-11-23 14:09:25 +01:00
Lucas Coratger
50edb5ab4b fix: Server internal error details leaking in error messages returned to clients (#9937) 2025-11-23 13:51:42 +01:00
Lucas Coratger
69a925879e refactor: Add lint rules for no unused vars and unused import (#9940) 2025-11-22 22:12:34 +01:00
Lucas Coratger
94cee5bfaf feat: Add beforePasswordResetRequest hook (#9906) 2025-11-19 14:57:28 +01:00
Manuel
c22cb0ae58 fix: Deprecation warning logged at server launch for nested Parse Server option even if option is explicitly set (#9934) 2025-11-17 19:43:32 +01:00
Manuel
7b9fa18f96 fix: Queries with object field authData.provider.id are incorrectly transformed to _auth_data_provider.id for custom classes (#9932) 2025-11-17 17:47:39 +01:00
Antoine Cormouls
7d5e9fcf3c fix: Race condition can cause multiple Apollo server initializations under load (#9929) 2025-11-17 16:18:39 +01:00
Antoine Cormouls
dafea21eb3 perf: Parse.Query.include now fetches pointers at same level in parallel (#9861) 2025-11-17 15:42:49 +01:00
Manuel
d3d4003570 fix: GridFSBucketAdapter throws when using some Parse Server specific options in MongoDB database options (#9915) 2025-11-08 18:41:45 +01:00
Lucas Coratger
4456b02280 feat: Add Parse Server option allowPublicExplain to allow Parse.Query.explain without master key (#9890) 2025-11-08 17:02:13 +01:00
Manuel
b760733b98 feat: Add MongoDB client event logging via database option logClientEvents (#9914) 2025-11-08 15:48:29 +01:00
Manuel
cff451eabd feat: Add support for more MongoDB driver options (#9911) 2025-11-07 21:41:59 +01:00
Manuel
1b661e98c8 feat: Add support for MongoDB driver options serverSelectionTimeoutMS, maxIdleTimeMS, heartbeatFrequencyMS (#9910) 2025-11-07 20:11:12 +01:00
Daniel
460a65cf61 feat: Allow option publicServerURL to be set dynamically as asynchronous function (#9803) 2025-11-07 19:18:58 +01:00
Manuel
97763863b7 fix: Uploading a file by providing an origin URL allows for Server-Side Request Forgery (SSRF); fixes vulnerability [GHSA-x4qj-2f4q-r4rx](https://github.com/parse-community/parse-server/security/advisories/GHSA-x4qj-2f4q-r4rx) (#9903) 2025-11-05 14:39:52 +01:00
Manuel
fa245cbb5f fix: Add problematic MIME types to default value of Parse Server option fileUpload.fileExtensions (#9902) 2025-11-05 12:13:30 +01:00
Manuel
ea91aca142 feat: Add options to skip automatic creation of internal database indexes on server start (#9897) 2025-11-01 18:22:52 +01:00
Manuel
62dd3c565a fix: Indexes _email_verify_token for email verification and _perishable_token password reset are not created automatically (#9893) 2025-11-01 13:52:23 +01:00
Antoine Cormouls
b298cccd9f feat: Add Parse Server option verifyServerUrl to disable server URL verification on server launch (#9881) 2025-10-25 18:01:58 +02:00
mavriel@gmail.com
f49efaf5bb fix: Stale data read in validation query on Parse.Object update causes inconsistency between validation read and subsequent update write operation (#9859) 2025-10-24 20:58:44 +02:00
Antoine Cormouls
eb052d8e6a fix: Error in afterSave trigger for Parse.Role due to name field (#9883) 2025-10-22 14:12:51 +02:00
Manuel
178bd5c5e2 fix: Server URL verification before server is ready (#9882) 2025-10-19 21:25:46 +02:00
Antoine Cormouls
1815b019b5 fix: Warning logged when setting option databaseOptions.disableIndexFieldValidation (#9880) 2025-10-16 09:29:02 +02:00
Antoine Cormouls
64f104e5c5 feat: Add request context middleware for config and dependency injection in hooks (#8480) 2025-10-14 20:16:31 +02:00
EmpiDev
0b4740714c feat: Allow returning objects in Parse.Cloud.beforeFind without invoking database query (#9770) 2025-10-14 18:13:28 +02:00
Antoine Cormouls
1b2347524c feat: Disable index-field validation to create index for fields that don't yet exist (#8137) 2025-10-10 00:03:52 +02:00
Manuel
7cb962a028 feat: Add regex option u for unicode support in Parse.Query.matches for MongoDB (#9867) 2025-10-03 16:38:41 +02:00
Rahul Lanjewar
89fad468c3 feat: Add option keepUnknownIndexes to retain indexes which are not specified in schema (#9857) 2025-10-03 14:35:34 +02:00
Alan Maulana Rahman
7b5395c5d4 fix: GraphQL playground shows blank page (#9858) 2025-09-21 17:45:07 +02:00
Manuel
847a274cdb fix: MongoDB aggregation pipeline with $dateSubtract from $$NOW returns no results (#9822) 2025-07-13 02:44:08 +02:00
Manuel
c58b2eb6eb fix: Data schema exposed via GraphQL API public introspection (GHSA-48q3-prgv-gm4w) (#9819) 2025-07-10 04:25:09 +02:00
Thomas Foricher
e98733cbac perf: Remove saving Parse Cloud Job request parameters in internal collection _JobStatus (#8343) 2025-05-14 21:24:56 +02:00
Rahul Lanjewar
0db3a6ff27 fix: Parse.Query.containedIn and matchesQuery do not work with nested objects (#9738) 2025-05-03 12:52:31 +02:00
Diamond Lewis
e86718fc59 feat: Add TypeScript definitions (#9693) 2025-04-15 12:59:58 +01:00
Diamond Lewis
9de6999e25 perf: Add details to error message in Parse.Query.aggregate (#9689) 2025-04-07 21:54:18 +02:00
Daniel
f49c371c13 feat: Upgrade Parse JS SDK from 6.0.0 to 6.1.0 (#9686) 2025-04-02 00:09:53 +01:00
Diamond Lewis
aed918d310 fix: Parse Server doesn't shutdown gracefully (#9634) 2025-03-27 21:38:51 +01:00
Daniel
b2beaa86ff feat: Add Cloud Code triggers Parse.Cloud.beforeFind(Parse.File)and Parse.Cloud.afterFind(Parse.File) (#8700) 2025-03-27 18:22:14 +01:00
Daniel
12b5d781dc feat: Add default ACL (#8701) 2025-03-24 15:15:27 +01:00
Manuel
5ef0440c8e fix: Authentication provider credentials are usable across Parse Server apps; fixes security vulnerability [GHSA-837q-jhwx-cmpv](https://github.com/parse-community/parse-server/security/advisories/GHSA-837q-jhwx-cmpv) (#9667) 2025-03-21 10:49:09 +01:00
Daniel
533a60e218 refactor: Add internal method Utils.encodeForUrl for properly encoding email addresses for use in URLs (#9541) 2025-03-06 01:57:37 +01:00
Daniel
6258a6a112 fix: Using Parse Server option extendSessionOnUse does not correctly clear memory and functions as a debounce instead of a throttle (#8683) 2025-03-06 01:34:52 +01:00
Colin Ulin
e0480dfa8d feat: Upgrade to express 5.0.1 (#9530) 
BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
 2025-03-03 22:11:42 +01:00
Daniel
d21dd97336 fix: Remove username from email verification and password reset process (#8488) 
BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
 2025-03-02 02:32:43 +01:00
Mohammad Ali
bbc6bd4b3f fix: LiveQueryServer crashes using cacheAdapter on disconnect from Redis 4 server (#9616) 2025-02-24 02:48:10 +01:00
Daniel
6f1d161a2f feat: Add dynamic master key by setting Parse Server option masterKey to a function (#9582) 2025-02-12 22:23:18 +01:00
Daniel
889dbb5aee refactor: Upgrade to eslint 9.19.0 (#9580) 2025-02-01 15:32:43 +01:00
Daniel
59e46d0aea feat: Add TypeScript support (#9550) 2025-01-30 01:45:35 +01:00
Colin Ulin
5966068e96 feat: Add support for MongoDB databaseOptions keys autoSelectFamily, autoSelectFamilyAttemptTimeout (#9579) 2025-01-30 01:28:04 +01:00