joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,712 Commits 2 Branches 18 Tags
871e5082a9fd768cee3012e26d3c8ddff5c2952c
Commit Graph

1706 Commits

Author SHA1 Message Date
Daniel
ff7f671c79 fix: Push adapter not loading on some versions of Node 22 (#9524) 2025-01-11 19:01:28 +01:00
Antoine Cormouls
7d8603f1c2 refactor: Upgrade to mongodb 6.10.0 (#9362) 2024-10-23 21:27:42 +02:00
Antoine Cormouls
3a9442a42f refactor: Upgrade to mime 4.0.4 (#9363) 2024-10-23 20:03:48 +02:00
Mohammad Ali
5f66c6a075 fix: Parse.Query.distinct fails due to invalid aggregate stage 'hint' (#9295) 2024-10-22 20:51:58 +02:00
Manuel
dfd5a8edbf ci: Add lint rule for mandatory curly braces (#9348) 2024-10-16 19:57:42 +02:00
Manuel
13ee52f0d1 fix: Custom object ID allows to acquire role privileges ([GHSA-8xq9-g7ch-35hg](https://github.com/parse-community/parse-server/security/advisories/GHSA-8xq9-g7ch-35hg)) (#9317) 2024-10-03 21:17:14 +02:00
Vahid Sane
1a2da4055a feat: Add support for asynchronous invocation of FilesAdapter.getFileLocation (#9271) 2024-08-27 17:09:19 +02:00
Diamond Lewis
90a1e4a200 feat: Add Cloud Code triggers Parse.Cloud.beforeSave and Parse.Cloud.afterSave for Parse Config (#9232) 2024-07-20 20:35:41 +02:00
Diamond Lewis
0319cee2db fix: Parse Server option maxLogFiles doesn't recognize day duration literals such as 1d to mean 1 day (#9215) 2024-07-18 15:41:59 +02:00
Diamond Lewis
35cadf9b83 feat: Add atomic operations for Cloud Config parameters (#9219) 2024-07-18 02:52:39 +02:00
Diamond Lewis
5fa58fe774 ci: Fix CI not testing with Postgres 16 and flaky test (#9210) 2024-07-17 17:51:13 +02:00
Manuel
77206d8044 fix: Parse Server databaseOptions nested keys incorrectly identified as invalid (#9213) 2024-07-17 17:48:33 +02:00
Manuel
7778471999 feat: Add Node 22 support (#9187) 2024-07-09 12:58:51 +02:00
Diamond Lewis
cf4c8807b9 feat: Add support for dot notation on array fields of Parse Object (#9115) 2024-07-08 23:29:58 +02:00
Diamond Lewis
ef1634bf1f feat: Upgrade to @parse/push-adapter 6.4.0 (#9182) 2024-07-08 22:23:57 +02:00
Manuel
284da09f45 fix: Invalid push notification tokens are not cleaned up from database for FCM API v2 (#9173) 2024-07-01 21:37:29 +02:00
Manuel
2edf1e4c03 fix: SQL injection when using Parse Server with PostgreSQL; fixes security vulnerability [GHSA-c2hr-cqg6-8j6r](https://github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r) (#9167) 2024-06-30 03:34:08 +02:00
Rahul Lanjewar
11d3e484df fix: Live query throws error when constraint notEqualTo is set to null (#8835) 2024-06-11 21:31:10 +02:00
Vivek Joshi
0a054e6b54 fix: Parse Server option extendSessionOnUse not working for session lengths < 24 hours (#9113) 2024-05-27 16:33:11 +02:00
Chris
9d0bd2badd fix: Facebook Limited Login not working due to incorrect domain in JWT validation (#9122) 2024-05-16 13:54:41 +02:00
Doug Drechsel
eba9dfff7b ci: Add test support for external database adapter (#8883) 2024-05-15 00:48:20 +02:00
Diamond Lewis
5b0efb22ef fix: Parse.Cloud.startJob and Parse.Push.send not returning status ID when setting Parse Server option directAccess: true (#8766) 2024-04-14 21:42:20 +02:00
Vivek Joshi
8758e6abb9 feat: Prevent Parse Server start in case of unknown option in server configuration (#8987) 2024-04-07 15:28:15 +02:00
Daniel
c277739623 fix: Rate limiting can fail when using Parse Server option rateLimit.redisUrl with clusters (#8632) 2024-03-24 02:17:21 +01:00
Daniel
b07ec15382 feat: Add server security check status security.enableCheck to Features Router (#8679) 2024-03-24 01:50:38 +01:00
Diamond Lewis
5f81efb429 feat: Add silent log level for Cloud Code (#8803) 2024-03-21 16:19:29 +01:00
Antoine Cormouls
907ad4267c fix: Required option not handled correctly for special fields (File, GeoPoint, Polygon) on GraphQL API mutations (#8915) 2024-03-20 23:32:56 +01:00
Antoine Cormouls
6d4663b47e refactor: Dry handleAuthData for safer code maintenance in the future (#9025) 2024-03-19 22:41:21 +01:00
Manuel
9f6e3429d3 fix: Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability [GHSA-6hh7-46r2-vf29](https://github.com/parse-community/parse-server/security/advisories/GHSA-6hh7-46r2-vf29) (#9024) 2024-03-19 17:42:00 +01:00
Daniel
ad4aa83983 feat: Upgrade to Parse JS SDK 5 (#9022) 2024-03-17 04:08:52 +01:00
Daniel
720d24e185 fix: CacheAdapter does not connect when using a CacheAdapter with a JSON config (#8633) 2024-03-15 17:46:06 +01:00
Daniel
2760381183 fix: Parse Server option fileExtensions default value rejects file extensions that are less than 3 or more than 4 characters long (#8699) 2024-03-10 15:11:27 +01:00
Onur
29624e0fae feat: Deprecation DEPPS5: Config option allowClientClassCreation defaults to false (#8849) 
BREAKING CHANGE: The Parse Server option `allowClientClassCreation` defaults to `false`.
 2024-03-05 20:05:54 +01:00
Oussama Meglali
2170962a50 feat: Add support for MongoDB query comment (#8928) 2024-03-03 02:27:57 +01:00
Onur
105ae7c8a5 feat: Switch GraphQL server from Yoga v2 to Apollo v4 (#8959) 2024-03-02 02:06:47 +01:00
EhsanParsania
a7b5b38418 fix: Deny request if master key is not set in Parse Server option masterKeyIps regardless of ACL and CLP (#8957) 
BREAKING CHANGE: A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class.
 2024-03-01 18:37:07 +01:00
Manuel
cbefe770a7 fix: Improve PostgreSQL injection detection; fixes security vulnerability [GHSA-6927-3vr9-fxf2](https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2) which affects Parse Server deployments using a Postgres database (#8961) 2024-03-01 16:52:05 +01:00
Manuel
f5d6fc98e7 refactor: Upgrade ldapjs from 2.3.3 to 3.0.7 (#8947) 2024-02-26 21:05:10 +01:00
Onur
70c280ca57 feat: Node process exits with error code 1 on uncaught exception to allow custom uncaught exception handling (#8894) 
BREAKING CHANGE: Node process now exits with code 1 on uncaught exceptions, enabling custom handlers that were blocked by Parse Server's default behavior of re-throwing errors. This change may lead to automatic process restarts by the environment, unlike before.
 2024-02-16 00:18:29 +01:00
Onur
0cf58eb8d6 feat: Deprecation DEPPS6: Authentication adapters disabled by default (#8858) 
BREAKING CHANGE: Authentication adapters are disabled by default; to use an authentication adapter it needs to be explicitly enabled in the Parse Server authentication adapter option `auth.<provider>.enabled: true`
 2024-02-15 01:28:09 +01:00
Onur
e29845f8da feat: Deprecation DEPPS8: Parse Server option allowExpiredAuthDataToken defaults to false (#8860) 
BREAKING CHANGE: Parse Server option `allowExpiredAuthDataToken` defaults to `false`; a 3rd party authentication token will be validated every time the user tries to log in and the login will fail if the token has expired; the effect of this change may differ for different authentication adapters, depending on the token lifetime and the token refresh logic of the adapter
 2024-02-15 01:07:35 +01:00
Onur
38983e8e9b feat: Deprecation DEPPS9: LiveQuery fields option is renamed to keys (#8852) 
BREAKING CHANGE: LiveQuery `fields` option is renamed to `keys`
 2024-02-15 00:31:15 +01:00
Onur
4e6a375b51 feat: Deprecation DEPPS7: Remove deprecated Cloud Code file trigger syntax (#8855) 
BREAKING CHANGE: Cloud Code file trigger syntax has been aligned with object trigger syntax, for example `Parse.Cloud.beforeDeleteFile'` has been changed to `Parse.Cloud.beforeDelete(Parse.File, (request) => {})'`
 2024-02-14 22:54:30 +01:00
Antoine Cormouls
1aba6382c8 fix: GraphQL file upload fails in case of use of pointer or relation (#8721) 2024-02-14 21:44:42 +01:00
Manuel
633a9d25e4 feat: Add password validation via POST request for user with unverified email using master key and option ignoreEmailVerification (#8895) 2024-01-17 17:43:04 +01:00
Ziv Chen
66e36039d8 fix: Server crashes when receiving an array of Parse.Pointer in the request body (#8784) 2024-01-15 16:02:57 +01:00
Manuel
1eb95aeb41 fix: Incomplete user object in verifyEmail function if both username and email are changed (#8889) 2024-01-15 15:44:49 +01:00
Manuel
e315c137bf fix: Username is undefined in email verification link on email change (#8887) 2024-01-15 00:47:03 +01:00
Manuel
0023ce448a fix: Parse Server option emailVerifyTokenReuseIfValid: true generates new token on every email verification request (#8885) 2024-01-14 01:37:20 +01:00
Manuel
8adcbee112 feat: Add installationId, ip, resendRequest to arguments passed to verifyUserEmails on verification email request (#8873) 
BREAKING CHANGE: The `Parse.User` passed as argument if `verifyUserEmails` is set to a function is renamed from `user` to `object` for consistency with invocations of `verifyUserEmails` on signup or login; the user object is not a plain JavaScript object anymore but an instance of `Parse.User`
 2024-01-06 16:41:13 +01:00