joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,430 Commits 2 Branches 18 Tags
60cf2dd05465ac71a85ed3a36299cd94d306bc8f
Commit Graph

4430 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Trezza
60cf2dd054 empty 2024-03-19 19:47:18 +01:00
semantic-release-bot
0d5acf3d9b chore(release): 7.0.0-beta.1 [skip ci] 
# [7.0.0-beta.1](https://github.com/parse-community/parse-server/compare/6.5.0-beta.1...7.0.0-beta.1) (2024-03-19)

### Bug Fixes

* CacheAdapter does not connect when using a CacheAdapter with a JSON config ([#8633](https://github.com/parse-community/parse-server/issues/8633)) ([720d24e](720d24e185))
* Conditional email verification not working in some cases if `verifyUserEmails`, `preventLoginWithUnverifiedEmail` set to functions ([#8838](https://github.com/parse-community/parse-server/issues/8838)) ([8e7a6b1](8e7a6b1480))
* Deny request if master key is not set in Parse Server option `masterKeyIps` regardless of ACL and CLP ([#8957](https://github.com/parse-community/parse-server/issues/8957)) ([a7b5b38](a7b5b38418))
* Docker image not published to Docker Hub on new release ([#8905](https://github.com/parse-community/parse-server/issues/8905)) ([a2ac8d1](a2ac8d133c))
* Docker version releases by removing arm/v6 and arm/v7 support ([#8976](https://github.com/parse-community/parse-server/issues/8976)) ([1f62dd0](1f62dd0f4e))
* GraphQL file upload fails in case of use of pointer or relation ([#8721](https://github.com/parse-community/parse-server/issues/8721)) ([1aba638](1aba6382c8))
* Improve PostgreSQL injection detection; fixes security vulnerability [GHSA-6927-3vr9-fxf2](https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2) which affects Parse Server deployments using a Postgres database ([#8961](https://github.com/parse-community/parse-server/issues/8961)) ([cbefe77](cbefe770a7))
* Incomplete user object in `verifyEmail` function if both username and email are changed ([#8889](https://github.com/parse-community/parse-server/issues/8889)) ([1eb95ae](1eb95aeb41))
* Parse Server option `emailVerifyTokenReuseIfValid: true` generates new token on every email verification request ([#8885](https://github.com/parse-community/parse-server/issues/8885)) ([0023ce4](0023ce448a))
* Parse Server option `fileExtensions` default value rejects file extensions that are less than 3 or more than 4 characters long ([#8699](https://github.com/parse-community/parse-server/issues/8699)) ([2760381](2760381183))
* Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability [GHSA-6hh7-46r2-vf29](https://github.com/parse-community/parse-server/security/advisories/GHSA-6hh7-46r2-vf29) ([#9024](https://github.com/parse-community/parse-server/issues/9024)) ([9f6e342](9f6e3429d3))
* Server crashes when receiving an array of `Parse.Pointer` in the request body ([#8784](https://github.com/parse-community/parse-server/issues/8784)) ([66e3603](66e36039d8))
* Username is `undefined` in email verification link on email change ([#8887](https://github.com/parse-community/parse-server/issues/8887)) ([e315c13](e315c137bf))

### Features

* Add `installationId` to arguments for `verifyUserEmails`, `preventLoginWithUnverifiedEmail` ([#8836](https://github.com/parse-community/parse-server/issues/8836)) ([a22dbe1](a22dbe16d5))
* Add `installationId`, `ip`, `resendRequest` to arguments passed to `verifyUserEmails` on verification email request ([#8873](https://github.com/parse-community/parse-server/issues/8873)) ([8adcbee](8adcbee112))
* Add `Parse.User` as function parameter to Parse Server options `verifyUserEmails`, `preventLoginWithUnverifiedEmail` on login ([#8850](https://github.com/parse-community/parse-server/issues/8850)) ([972f630](972f630016))
* Add password validation via POST request for user with unverified email using master key and option `ignoreEmailVerification` ([#8895](https://github.com/parse-community/parse-server/issues/8895)) ([633a9d2](633a9d25e4))
* Add support for MongoDB 7 ([#8761](https://github.com/parse-community/parse-server/issues/8761)) ([3de8494](3de8494a22))
* Add support for MongoDB query comment ([#8928](https://github.com/parse-community/parse-server/issues/8928)) ([2170962](2170962a50))
* Add support for Node 20, drop support for Node 14, 16 ([#8907](https://github.com/parse-community/parse-server/issues/8907)) ([ced4872](ced487246e))
* Add support for Postgres 16 ([#8898](https://github.com/parse-community/parse-server/issues/8898)) ([99489b2](99489b22e4))
* Allow `Parse.Session.current` on expired session token instead of throwing error ([#8722](https://github.com/parse-community/parse-server/issues/8722)) ([f9dde4a](f9dde4a9f8))
* Deprecation DEPPS5: Config option `allowClientClassCreation` defaults to `false` ([#8849](https://github.com/parse-community/parse-server/issues/8849)) ([29624e0](29624e0fae))
* Deprecation DEPPS6: Authentication adapters disabled by default ([#8858](https://github.com/parse-community/parse-server/issues/8858)) ([0cf58eb](0cf58eb8d6))
* Deprecation DEPPS7: Remove deprecated Cloud Code file trigger syntax ([#8855](https://github.com/parse-community/parse-server/issues/8855)) ([4e6a375](4e6a375b51))
* Deprecation DEPPS8:  Parse Server option `allowExpiredAuthDataToken` defaults to `false` ([#8860](https://github.com/parse-community/parse-server/issues/8860)) ([e29845f](e29845f8da))
* Deprecation DEPPS9: LiveQuery `fields` option is renamed to `keys` ([#8852](https://github.com/parse-community/parse-server/issues/8852)) ([38983e8](38983e8e9b))
* Node process exits with error code 1 on uncaught exception to allow custom uncaught exception handling ([#8894](https://github.com/parse-community/parse-server/issues/8894)) ([70c280c](70c280ca57))
* Switch GraphQL server from Yoga v2 to Apollo v4 ([#8959](https://github.com/parse-community/parse-server/issues/8959)) ([105ae7c](105ae7c8a5))
* Upgrade Parse Server Push Adapter to 5.0.2 ([#8813](https://github.com/parse-community/parse-server/issues/8813)) ([6ef1986](6ef1986c03))
* Upgrade to Parse JS SDK 5 ([#9022](https://github.com/parse-community/parse-server/issues/9022)) ([ad4aa83](ad4aa83983))

### Performance Improvements

* Improved IP validation performance for `masterKeyIPs`, `maintenanceKeyIPs` ([#8510](https://github.com/parse-community/parse-server/issues/8510)) ([b87daba](b87daba067))

### BREAKING CHANGES

* The Parse Server option `allowClientClassCreation` defaults to `false`. ([29624e0](29624e0))
* A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class. ([a7b5b38](a7b5b38))
* Node process now exits with code 1 on uncaught exceptions, enabling custom handlers that were blocked by Parse Server's default behavior of re-throwing errors. This change may lead to automatic process restarts by the environment, unlike before. ([70c280c](70c280c))
* Authentication adapters are disabled by default; to use an authentication adapter it needs to be explicitly enabled in the Parse Server authentication adapter option `auth.<provider>.enabled: true` ([0cf58eb](0cf58eb))
* Parse Server option `allowExpiredAuthDataToken` defaults to `false`; a 3rd party authentication token will be validated every time the user tries to log in and the login will fail if the token has expired; the effect of this change may differ for different authentication adapters, depending on the token lifetime and the token refresh logic of the adapter ([e29845f](e29845f))
* LiveQuery `fields` option is renamed to `keys` ([38983e8](38983e8))
* Cloud Code file trigger syntax has been aligned with object trigger syntax, for example `Parse.Cloud.beforeDeleteFile'` has been changed to `Parse.Cloud.beforeDelete(Parse.File, (request) => {})'` ([4e6a375](4e6a375))
* Removes support for Node 14 and 16 ([ced4872](ced4872))
* Removes support for Postgres 11 and 12 ([99489b2](99489b2))
* The `Parse.User` passed as argument if `verifyUserEmails` is set to a function is renamed from `user` to `object` for consistency with invocations of `verifyUserEmails` on signup or login; the user object is not a plain JavaScript object anymore but an instance of `Parse.User` ([8adcbee](8adcbee))
* `Parse.Session.current()` no longer throws an error if the session token is expired, but instead returns the session token with its expiration date to allow checking its validity ([f9dde4a](f9dde4a))
* `Parse.Query` no longer supports the BSON type `code`; although this feature was never officially documented, its removal is announced as a breaking change to protect deployments where it might be in use. ([3de8494](3de8494))
 2024-03-19 18:25:49 +00:00
Manuel
5c2c120021 build: Release beta (#9033) 2024-03-19 19:24:59 +01:00
Manuel Trezza
63d4880ebf empty 2024-03-19 18:47:57 +01:00
semantic-release-bot
09310a7700 chore(release): 7.0.0-alpha.29 [skip ci] 
# [7.0.0-alpha.29](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.28...7.0.0-alpha.29) (2024-03-19)

### Bug Fixes

* Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability [GHSA-6hh7-46r2-vf29](https://github.com/parse-community/parse-server/security/advisories/GHSA-6hh7-46r2-vf29) ([#9024](https://github.com/parse-community/parse-server/issues/9024)) ([9f6e342](9f6e3429d3))
 2024-03-19 16:42:50 +00:00
Manuel
9f6e3429d3 fix: Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability [GHSA-6hh7-46r2-vf29](https://github.com/parse-community/parse-server/security/advisories/GHSA-6hh7-46r2-vf29) (#9024) 2024-03-19 17:42:00 +01:00
semantic-release-bot
901aaf8cd3 chore(release): 7.0.0-alpha.28 [skip ci] 
# [7.0.0-alpha.28](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.27...7.0.0-alpha.28) (2024-03-17)

### Features

* Upgrade to Parse JS SDK 5 ([#9022](https://github.com/parse-community/parse-server/issues/9022)) ([ad4aa83](ad4aa83983))
 2024-03-17 03:09:34 +00:00
Daniel
ad4aa83983 feat: Upgrade to Parse JS SDK 5 (#9022) 2024-03-17 04:08:52 +01:00
Parse Platform
1c2bb7ca28 refactor: Security upgrade follow-redirects from 1.15.5 to 1.15.6 (#9017) 2024-03-16 10:09:28 +01:00
Oussama Meglali
ba098970df test: Fix flaky tests for comment in MongoDB query (#9015) 2024-03-15 22:53:25 +01:00
semantic-release-bot
1ffc48fd08 chore(release): 7.0.0-alpha.27 [skip ci] 
# [7.0.0-alpha.27](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.26...7.0.0-alpha.27) (2024-03-15)

### Bug Fixes

* CacheAdapter does not connect when using a CacheAdapter with a JSON config ([#8633](https://github.com/parse-community/parse-server/issues/8633)) ([720d24e](720d24e185))
 2024-03-15 16:46:57 +00:00
Daniel
720d24e185 fix: CacheAdapter does not connect when using a CacheAdapter with a JSON config (#8633) 2024-03-15 17:46:06 +01:00
dependabot[bot]
2065897dc6 refactor: Bump jsdoc from 3.6.3 to 4.0.2 (#9014) 2024-03-14 18:07:34 +01:00
dependabot[bot]
37e3934a85 refactor: Bump express-rate-limit from 6.7.0 to 6.11.2 (#9007) 2024-03-13 17:45:47 +01:00
dependabot[bot]
6f20e54cce refactor: Bump @babel/cli from 7.10.0 to 7.23.9 (#9004) 2024-03-12 13:12:30 +01:00
dependabot[bot]
a5050df7fe refactor: Bump winston from 3.11.0 to 3.12.0 (#9002) 2024-03-11 21:46:41 +01:00
dependabot[bot]
90e103528d refactor: Bump @apollo/server from 4.10.0 to 4.10.1 (#9000) 2024-03-11 19:45:19 +01:00
semantic-release-bot
c7b2068329 chore(release): 7.0.0-alpha.26 [skip ci] 
# [7.0.0-alpha.26](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.25...7.0.0-alpha.26) (2024-03-10)

### Bug Fixes

* Parse Server option `fileExtensions` default value rejects file extensions that are less than 3 or more than 4 characters long ([#8699](https://github.com/parse-community/parse-server/issues/8699)) ([2760381](2760381183))
 2024-03-10 14:12:11 +00:00
Daniel
2760381183 fix: Parse Server option fileExtensions default value rejects file extensions that are less than 3 or more than 4 characters long (#8699) 2024-03-10 15:11:27 +01:00
dependabot[bot]
3fbd926b80 refactor: Bump husky from 4.3.8 to 9.0.11 (#8996) 2024-03-09 17:28:11 +01:00
dependabot[bot]
41f009db4e refactor: Bump @babel/plugin-transform-flow-strip-types from 7.9.0 to 7.23.3 (#8994) 2024-03-09 15:52:57 +01:00
dependabot[bot]
fbf6d41a00 refactor: Bump jose from 4.15.4 to 4.15.5 (#8998) 2024-03-09 14:42:25 +01:00
dependabot[bot]
a56fb76433 refactor: Bump semver from 7.5.4 to 7.6.0 (#8995) 2024-03-08 18:16:01 +01:00
dependabot[bot]
98edbdbd4b refactor: Bump @babel/preset-env from 7.10.0 to 7.24.0 (#8993) 2024-03-08 01:51:30 +01:00
dependabot[bot]
3de9acc006 refactor: Bump form-data from 3.0.0 to 4.0.0 (#8983) 2024-03-06 15:16:33 +01:00
dependabot[bot]
cf99570c75 refactor: Bump @babel/core from 7.20.2 to 7.24.0 (#8992) 2024-03-06 14:43:07 +01:00
dependabot[bot]
21458ff502 refactor: Bump @apollo/client from 3.6.1 to 3.9.5 (#8990) 2024-03-06 14:25:20 +01:00
Parse Platform
7773d3b5ef refactor: Upgrade graphql-list-fields from 2.0.2 to 2.0.4 (#8980) 2024-03-06 13:55:30 +01:00
Parse Platform
d3f0886707 refactor: Upgrade @apollo/server from 4.9.3 to 4.10.0 (#8978) 2024-03-06 11:37:04 +01:00
dependabot[bot]
2988c450e1 refactor: Bump @graphql-tools/schema from 9.0.4 to 10.0.3 (#8984) 2024-03-06 11:00:53 +01:00
dependabot[bot]
042d69614e refactor: Upgrade @parse/push-adapter from 5.0.2 to 5.1.1 (#8986) 2024-03-06 10:14:42 +01:00
semantic-release-bot
edd416b647 chore(release): 7.0.0-alpha.25 [skip ci] 
# [7.0.0-alpha.25](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.24...7.0.0-alpha.25) (2024-03-05)

### Features

* Deprecation DEPPS5: Config option `allowClientClassCreation` defaults to `false` ([#8849](https://github.com/parse-community/parse-server/issues/8849)) ([29624e0](29624e0fae))

### BREAKING CHANGES

* The Parse Server option `allowClientClassCreation` defaults to `false`. ([29624e0](29624e0))
 2024-03-05 19:08:50 +00:00
Onur
29624e0fae feat: Deprecation DEPPS5: Config option allowClientClassCreation defaults to false (#8849) 
BREAKING CHANGE: The Parse Server option `allowClientClassCreation` defaults to `false`.
 2024-03-05 20:05:54 +01:00
semantic-release-bot
fe1e4d9775 chore(release): 7.0.0-alpha.24 [skip ci] 
# [7.0.0-alpha.24](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.23...7.0.0-alpha.24) (2024-03-05)

### Bug Fixes

* Docker version releases by removing arm/v6 and arm/v7 support ([#8976](https://github.com/parse-community/parse-server/issues/8976)) ([1f62dd0](1f62dd0f4e))
 2024-03-05 07:55:28 +00:00
Corey
1f62dd0f4e fix: Docker version releases by removing arm/v6 and arm/v7 support (#8976) 2024-03-05 08:54:42 +01:00
semantic-release-bot
f9c39edcbc chore(release): 7.0.0-alpha.23 [skip ci] 
# [7.0.0-alpha.23](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.22...7.0.0-alpha.23) (2024-03-03)

### Features

* Add support for MongoDB query comment ([#8928](https://github.com/parse-community/parse-server/issues/8928)) ([2170962](2170962a50))
 2024-03-03 01:28:51 +00:00
Oussama Meglali
2170962a50 feat: Add support for MongoDB query comment (#8928) 2024-03-03 02:27:57 +01:00
dependabot[bot]
afcafdba1e refactor: Bump winston-daily-rotate-file from 4.7.1 to 5.0.0 (#8970) 2024-03-02 17:10:19 +01:00
dependabot[bot]
a84ecc9fec refactor: Bump commander from 10.0.1 to 12.0.0 (#8969) 2024-03-02 16:51:18 +01:00
dependabot[bot]
9d3030f6a8 refactor: Bump madge from 5.0.1 to 6.1.0 (#8971) 2024-03-02 16:29:36 +01:00
dependabot[bot]
dfea561f44 refactor: Upgrade ansi-regex from 3.0.0 to 5.0.1 (#8967) 2024-03-02 15:36:32 +01:00
Manuel
0613174b34 ci: Add dependabot config to use proper commit prefix in PR title (#8968) 2024-03-02 14:56:21 +01:00
Parse Platform
dbe8b72d8a refactor: Security upgrade @apollo/server from 4.9.2 to 4.9.3 (#8964) 2024-03-02 14:38:26 +01:00
semantic-release-bot
9293ce8ca5 chore(release): 7.0.0-alpha.22 [skip ci] 
# [7.0.0-alpha.22](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.21...7.0.0-alpha.22) (2024-03-02)

### Features

* Switch GraphQL server from Yoga v2 to Apollo v4 ([#8959](https://github.com/parse-community/parse-server/issues/8959)) ([105ae7c](105ae7c8a5))
 2024-03-02 01:07:38 +00:00
Onur
105ae7c8a5 feat: Switch GraphQL server from Yoga v2 to Apollo v4 (#8959) 2024-03-02 02:06:47 +01:00
semantic-release-bot
01c97f7ab7 chore(release): 7.0.0-alpha.21 [skip ci] 
# [7.0.0-alpha.21](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.20...7.0.0-alpha.21) (2024-03-01)

### Bug Fixes

* Deny request if master key is not set in Parse Server option `masterKeyIps` regardless of ACL and CLP ([#8957](https://github.com/parse-community/parse-server/issues/8957)) ([a7b5b38](a7b5b38418))

### BREAKING CHANGES

* A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class. ([a7b5b38](a7b5b38))
 2024-03-01 17:37:52 +00:00
EhsanParsania
a7b5b38418 fix: Deny request if master key is not set in Parse Server option masterKeyIps regardless of ACL and CLP (#8957) 
BREAKING CHANGE: A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class.
 2024-03-01 18:37:07 +01:00
semantic-release-bot
5452c8f41f chore(release): 7.0.0-alpha.20 [skip ci] 
# [7.0.0-alpha.20](https://github.com/parse-community/parse-server/compare/7.0.0-alpha.19...7.0.0-alpha.20) (2024-03-01)

### Bug Fixes

* Improve PostgreSQL injection detection; fixes security vulnerability [GHSA-6927-3vr9-fxf2](https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2) which affects Parse Server deployments using a Postgres database ([#8961](https://github.com/parse-community/parse-server/issues/8961)) ([cbefe77](cbefe770a7))
 2024-03-01 15:53:21 +00:00
Manuel
cbefe770a7 fix: Improve PostgreSQL injection detection; fixes security vulnerability [GHSA-6927-3vr9-fxf2](https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2) which affects Parse Server deployments using a Postgres database (#8961) 2024-03-01 16:52:05 +01:00
dependabot[bot]
9c85e63354 refactor: Bump es5-ext from 0.10.62 to 0.10.63 (#8953) 2024-02-27 14:42:32 +01:00