joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,802 Commits 2 Branches 18 Tags
73380fba67cc9e01a996c558ccb030cb6d05effb
Commit Graph

1719 Commits

Author SHA1 Message Date
Daniel
533a60e218 refactor: Add internal method Utils.encodeForUrl for properly encoding email addresses for use in URLs (#9541) 2025-03-06 01:57:37 +01:00
Daniel
6258a6a112 fix: Using Parse Server option extendSessionOnUse does not correctly clear memory and functions as a debounce instead of a throttle (#8683) 2025-03-06 01:34:52 +01:00
Colin Ulin
e0480dfa8d feat: Upgrade to express 5.0.1 (#9530) 
BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
 2025-03-03 22:11:42 +01:00
Daniel
d21dd97336 fix: Remove username from email verification and password reset process (#8488) 
BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
 2025-03-02 02:32:43 +01:00
Mohammad Ali
bbc6bd4b3f fix: LiveQueryServer crashes using cacheAdapter on disconnect from Redis 4 server (#9616) 2025-02-24 02:48:10 +01:00
Daniel
6f1d161a2f feat: Add dynamic master key by setting Parse Server option masterKey to a function (#9582) 2025-02-12 22:23:18 +01:00
Daniel
889dbb5aee refactor: Upgrade to eslint 9.19.0 (#9580) 2025-02-01 15:32:43 +01:00
Daniel
59e46d0aea feat: Add TypeScript support (#9550) 2025-01-30 01:45:35 +01:00
Colin Ulin
5966068e96 feat: Add support for MongoDB databaseOptions keys autoSelectFamily, autoSelectFamilyAttemptTimeout (#9579) 2025-01-30 01:28:04 +01:00
Daniel
a68f71b3de refactor: Upgrade to commander 13.0.0 (#9574) 2025-01-29 06:04:54 +01:00
Colin Ulin
91618fe738 feat: Add support for MongoDB databaseOptions keys minPoolSize, connectTimeoutMS, socketTimeoutMS (#9522) 2025-01-28 02:21:40 +01:00
Daniel
5c5ad69b4a feat: Change default value of Parse Server option encodeParseObjectInCloudFunction to true (#9527) 
BREAKING CHANGE: The default value of Parse Server option `encodeParseObjectInCloudFunction` changes to `true`; the option has been deprecated and will be removed in a future version.
 2025-01-12 04:34:52 +01:00
Daniel
7f666292e8 feat: Deprecate PublicAPIRouter in favor of PagesRouter (#9526) 2025-01-12 01:59:40 +01:00
Daniel
ff7f671c79 fix: Push adapter not loading on some versions of Node 22 (#9524) 2025-01-11 19:01:28 +01:00
Antoine Cormouls
7d8603f1c2 refactor: Upgrade to mongodb 6.10.0 (#9362) 2024-10-23 21:27:42 +02:00
Antoine Cormouls
3a9442a42f refactor: Upgrade to mime 4.0.4 (#9363) 2024-10-23 20:03:48 +02:00
Mohammad Ali
5f66c6a075 fix: Parse.Query.distinct fails due to invalid aggregate stage 'hint' (#9295) 2024-10-22 20:51:58 +02:00
Manuel
dfd5a8edbf ci: Add lint rule for mandatory curly braces (#9348) 2024-10-16 19:57:42 +02:00
Manuel
13ee52f0d1 fix: Custom object ID allows to acquire role privileges ([GHSA-8xq9-g7ch-35hg](https://github.com/parse-community/parse-server/security/advisories/GHSA-8xq9-g7ch-35hg)) (#9317) 2024-10-03 21:17:14 +02:00
Vahid Sane
1a2da4055a feat: Add support for asynchronous invocation of FilesAdapter.getFileLocation (#9271) 2024-08-27 17:09:19 +02:00
Diamond Lewis
90a1e4a200 feat: Add Cloud Code triggers Parse.Cloud.beforeSave and Parse.Cloud.afterSave for Parse Config (#9232) 2024-07-20 20:35:41 +02:00
Diamond Lewis
0319cee2db fix: Parse Server option maxLogFiles doesn't recognize day duration literals such as 1d to mean 1 day (#9215) 2024-07-18 15:41:59 +02:00
Diamond Lewis
35cadf9b83 feat: Add atomic operations for Cloud Config parameters (#9219) 2024-07-18 02:52:39 +02:00
Diamond Lewis
5fa58fe774 ci: Fix CI not testing with Postgres 16 and flaky test (#9210) 2024-07-17 17:51:13 +02:00
Manuel
77206d8044 fix: Parse Server databaseOptions nested keys incorrectly identified as invalid (#9213) 2024-07-17 17:48:33 +02:00
Manuel
7778471999 feat: Add Node 22 support (#9187) 2024-07-09 12:58:51 +02:00
Diamond Lewis
cf4c8807b9 feat: Add support for dot notation on array fields of Parse Object (#9115) 2024-07-08 23:29:58 +02:00
Diamond Lewis
ef1634bf1f feat: Upgrade to @parse/push-adapter 6.4.0 (#9182) 2024-07-08 22:23:57 +02:00
Manuel
284da09f45 fix: Invalid push notification tokens are not cleaned up from database for FCM API v2 (#9173) 2024-07-01 21:37:29 +02:00
Manuel
2edf1e4c03 fix: SQL injection when using Parse Server with PostgreSQL; fixes security vulnerability [GHSA-c2hr-cqg6-8j6r](https://github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r) (#9167) 2024-06-30 03:34:08 +02:00
Rahul Lanjewar
11d3e484df fix: Live query throws error when constraint notEqualTo is set to null (#8835) 2024-06-11 21:31:10 +02:00
Vivek Joshi
0a054e6b54 fix: Parse Server option extendSessionOnUse not working for session lengths < 24 hours (#9113) 2024-05-27 16:33:11 +02:00
Chris
9d0bd2badd fix: Facebook Limited Login not working due to incorrect domain in JWT validation (#9122) 2024-05-16 13:54:41 +02:00
Doug Drechsel
eba9dfff7b ci: Add test support for external database adapter (#8883) 2024-05-15 00:48:20 +02:00
Diamond Lewis
5b0efb22ef fix: Parse.Cloud.startJob and Parse.Push.send not returning status ID when setting Parse Server option directAccess: true (#8766) 2024-04-14 21:42:20 +02:00
Vivek Joshi
8758e6abb9 feat: Prevent Parse Server start in case of unknown option in server configuration (#8987) 2024-04-07 15:28:15 +02:00
Daniel
c277739623 fix: Rate limiting can fail when using Parse Server option rateLimit.redisUrl with clusters (#8632) 2024-03-24 02:17:21 +01:00
Daniel
b07ec15382 feat: Add server security check status security.enableCheck to Features Router (#8679) 2024-03-24 01:50:38 +01:00
Diamond Lewis
5f81efb429 feat: Add silent log level for Cloud Code (#8803) 2024-03-21 16:19:29 +01:00
Antoine Cormouls
907ad4267c fix: Required option not handled correctly for special fields (File, GeoPoint, Polygon) on GraphQL API mutations (#8915) 2024-03-20 23:32:56 +01:00
Antoine Cormouls
6d4663b47e refactor: Dry handleAuthData for safer code maintenance in the future (#9025) 2024-03-19 22:41:21 +01:00
Manuel
9f6e3429d3 fix: Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability [GHSA-6hh7-46r2-vf29](https://github.com/parse-community/parse-server/security/advisories/GHSA-6hh7-46r2-vf29) (#9024) 2024-03-19 17:42:00 +01:00
Daniel
ad4aa83983 feat: Upgrade to Parse JS SDK 5 (#9022) 2024-03-17 04:08:52 +01:00
Daniel
720d24e185 fix: CacheAdapter does not connect when using a CacheAdapter with a JSON config (#8633) 2024-03-15 17:46:06 +01:00
Daniel
2760381183 fix: Parse Server option fileExtensions default value rejects file extensions that are less than 3 or more than 4 characters long (#8699) 2024-03-10 15:11:27 +01:00
Onur
29624e0fae feat: Deprecation DEPPS5: Config option allowClientClassCreation defaults to false (#8849) 
BREAKING CHANGE: The Parse Server option `allowClientClassCreation` defaults to `false`.
 2024-03-05 20:05:54 +01:00
Oussama Meglali
2170962a50 feat: Add support for MongoDB query comment (#8928) 2024-03-03 02:27:57 +01:00
Onur
105ae7c8a5 feat: Switch GraphQL server from Yoga v2 to Apollo v4 (#8959) 2024-03-02 02:06:47 +01:00
EhsanParsania
a7b5b38418 fix: Deny request if master key is not set in Parse Server option masterKeyIps regardless of ACL and CLP (#8957) 
BREAKING CHANGE: A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class.
 2024-03-01 18:37:07 +01:00
Manuel
cbefe770a7 fix: Improve PostgreSQL injection detection; fixes security vulnerability [GHSA-6927-3vr9-fxf2](https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2) which affects Parse Server deployments using a Postgres database (#8961) 2024-03-01 16:52:05 +01:00