joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,319 Commits 2 Branches 18 Tags
b87daba0671a1b0b7b8d63bc671d665c91a04522
Commit Graph

1324 Commits

Author SHA1 Message Date
Antoine Cormouls
b87daba067 perf: Improved IP validation performance for masterKeyIPs, maintenanceKeyIPs (#8510) 2023-11-19 23:13:16 +01:00
Mattia Faraci
09fbeebba8 feat: Add compatibility for MongoDB Atlas Serverless and AWS Amazon DocumentDB with collation options enableCollationCaseComparison, transformEmailToLowercase, transformUsernameToLowercase (#8805) 2023-11-13 23:32:47 +01:00
Manuel
80b987d00d test: Improve test for $setOnInsert (#8793) 2023-10-25 20:32:58 +02:00
Manuel
f630a45aa5 feat: Add $setOnInsert operator to Parse.Server.database.update (#8791) 2023-10-25 19:13:27 +02:00
Manuel
fe02d3e8aa refactor: Server crash when uploading file without extension; fixes security vulnerability [GHSA-792q-q67h-w579](https://github.com/parse-community/parse-server/security/advisories/GHSA-792q-q67h-w579) (#8779) 2023-10-21 01:03:02 +02:00
Doug Drechsel
93af48a8b4 ci: Add ability to exclude tests via ID in testExclusionList.json (#8774) 2023-10-18 22:39:41 +02:00
Rikard Teodorsson
7d32d8934f fix: Context not passed to Cloud Code Trigger beforeFind when using Parse.Query.include (#8765) 2023-10-14 02:57:47 +02:00
Wes
77bbfb3f18 feat: Allow setting createdAt and updatedAt during Parse.Object creation with maintenance key (#8696) 2023-09-29 22:17:48 +02:00
Marc Derhammer
3d6d50e0af fix: Parse Server option fileUpload.fileExtensions fails to determine file extension if filename contains multiple dots (#8754) 2023-09-23 22:43:34 +02:00
Diamond Lewis
a9c34ef1e2 feat: Add context to Cloud Code Triggers beforeLogin and afterLogin (#8724) 2023-09-20 10:47:35 +02:00
Manuel
977edeaf28 test: Add tests for isGet parameter in Cloud Code trigger beforeFind (#8738) 2023-09-06 02:42:50 +02:00
Manuel
5954f0ffa0 refactor: Parse Pointer allows to access internal Parse Server classes and circumvent beforeFind query trigger (#8735) 2023-09-04 16:01:02 +02:00
Bartosz Marganiec
6a4a00ca7a fix: Parse Server option fileUpload.fileExtensions does not work with an array of extensions (#8688) 2023-07-18 00:34:46 +02:00
Daniel
c9b59719ec refactor: Change response types of TOTP adapter to match existing adapters (#8661) 2023-07-06 17:22:18 +02:00
Daniel
a9d376b61f feat: Add property Parse.Server.version to determine current version of Parse Server in Cloud Code (#8670) 2023-07-05 22:11:35 +02:00
Daniel
4e2000bc56 fix: Server does not start via CLI when auth option is set (#8666) 2023-07-04 13:16:55 +02:00
Corey
3f03bd3c6f refactor: Remove duplicate user index creation (#8662) 2023-06-30 01:15:58 +02:00
Manuel
31805c96ec refactor: Remote code execution via MongoDB BSON parser through prototype pollution; fixes security vulnerability [GHSA-462x-c3jw-7vr6](https://github.com/parse-community/parse-server/security/advisories/GHSA-462x-c3jw-7vr6) (#8676) 2023-06-28 23:38:14 +02:00
Daniel
cc079a40f6 feat: Add TOTP authentication adapter (#8457) 2023-06-23 17:57:57 +02:00
Daniel
068fb9e777 refactor: Add option to convert Parse.Object to instance in Cloud Function payload (#8646) 2023-06-23 16:29:54 +02:00
Daniel
44acd6d9ed feat: Add conditional email verification via dynamic Parse Server options verifyUserEmails, sendUserEmailVerification that now accept functions (#8425) 2023-06-20 12:10:25 +02:00
Manuel Trezza
24c0b03f5e Squashed commit of the following: 
commit 150627328f
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Sat May 20 23:24:03 2023 +0000

    chore(release): 6.2.0 [skip ci]

    # [6.2.0](https://github.com/parse-community/parse-server/compare/6.1.0...6.2.0) (2023-05-20)

    ### Features

    * Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` ([#8538](https://github.com/parse-community/parse-server/issues/8538)) ([a318e7b](a318e7bbaf))

commit a318e7bbaf
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Sun May 21 01:23:00 2023 +0200

    feat: Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` (#8538)

commit 832702dffd
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Mon May 1 21:50:23 2023 +0000

    chore(release): 6.1.0 [skip ci]

    # [6.1.0](https://github.com/parse-community/parse-server/compare/6.0.0...6.1.0) (2023-05-01)

    ### Bug Fixes

    * LiveQuery can return incorrectly formatted date ([#8456](https://github.com/parse-community/parse-server/issues/8456)) ([4ce135a](4ce135a4fe))
    * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([#8446](https://github.com/parse-community/parse-server/issues/8446)) ([22d2446](22d2446dfe))
    * Parameters missing in `afterFind` trigger of authentication adapters ([#8458](https://github.com/parse-community/parse-server/issues/8458)) ([ce34747](ce34747e8a))
    * Rate limiting across multiple servers via Redis not working ([#8469](https://github.com/parse-community/parse-server/issues/8469)) ([d9e347d](d9e347d741))
    * Security upgrade jsonwebtoken to 9.0.0 ([#8420](https://github.com/parse-community/parse-server/issues/8420)) ([f5bfe45](f5bfe4571e))

    ### Features

    * Add `afterFind` trigger to authentication adapters ([#8444](https://github.com/parse-community/parse-server/issues/8444)) ([c793bb8](c793bb88e7))
    * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([#8436](https://github.com/parse-community/parse-server/issues/8436)) ([b3b76de](b3b76de71b))
    * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([#7551](https://github.com/parse-community/parse-server/issues/7551)) ([e5d610e](e5d610e5e4))
    * Add rate limiting across multiple servers via Redis ([#8394](https://github.com/parse-community/parse-server/issues/8394)) ([34833e4](34833e42ee))
    * Allow multiple origins for header `Access-Control-Allow-Origin` ([#8517](https://github.com/parse-community/parse-server/issues/8517)) ([4f15539](4f15539ac2))
    * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([#8388](https://github.com/parse-community/parse-server/issues/8388)) ([a49e323](a49e323d5a))
    * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([#8443](https://github.com/parse-community/parse-server/issues/8443)) ([40c1961](40c196153b))

commit 18b63d1da7
Merge: f7eee19d f59d46c9
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Mon May 1 23:49:22 2023 +0200

    build: Release (#8526)
 2023-06-10 23:11:12 +02:00
Daniel
03fba97e05 feat: Add zones for rate limiting by ip, user, session, global (#8508) 2023-06-09 13:27:56 +02:00
Daniel
967700bdbc fix: LiveQuery server is not shut down properly when handleShutdown is called (#8491) 2023-06-08 11:04:49 +02:00
Corey
656d673cf5 feat: Add support for $eq query constraint in LiveQuery (#8614) 2023-06-08 04:04:58 +02:00
Daniel
82da30842a feat: Add new Parse Server option preventSignupWithUnverifiedEmail to prevent returning a user without session token on sign-up with unverified email address (#8451) 2023-06-07 21:51:53 +02:00
Corey
5eb690c1c5 refactor: Incorrect spelling in hooks error message (#8585) 2023-05-28 12:58:16 +02:00
Daniel
c2e4f8369b refactor: Upgrade lru-cache from 7.12.0 to 9.1.1 (#8559) 2023-05-25 23:59:42 +02:00
Daniel
28aeda3f16 feat: Allow Parse.Object pointers in Cloud Code arguments (#8490) 2023-05-25 22:02:33 +02:00
Daniel
a005874776 refactor: Upgrade commander from 5.1.0 to 10.0.1 (#8557) 2023-05-22 17:11:50 +02:00
Manuel
a27482c57e refactor: Add new Parse Server option fileUpload.fileExtensions to restrict file upload by file extension (#8539) 2023-05-21 01:31:52 +02:00
Daniel
d4cda4b26c fix: GridFS file storage doesn't work with certain enableSchemaHooks settings (#8467) 2023-05-19 08:41:48 +02:00
Daniel
6f885d36b9 feat: extendSessionOnUse to automatically renew Parse Sessions (#8505) 2023-05-17 19:49:25 +02:00
Diamond Lewis
afd0515e20 fix: Cloud Code Trigger afterSave executes even if not set (#8520) 2023-05-12 02:39:54 +02:00
alljinx
2caea310be feat: Add option to change the log level of logs emitted by Cloud Functions (#8530) 2023-05-09 15:03:00 +02:00
Marc Derhammer
4f15539ac2 feat: Allow multiple origins for header Access-Control-Allow-Origin (#8517) 2023-05-01 22:25:22 +02:00
Daniel
65e5879e42 ci: Fix flaky tests (#8468) 2023-03-10 23:54:05 +01:00
Daniel
34833e42ee feat: Add rate limiting across multiple servers via Redis (#8394) 2023-03-06 17:43:15 +01:00
Daniel
4ce135a4fe fix: LiveQuery can return incorrectly formatted date (#8456) 2023-03-06 11:26:06 +01:00
Daniel
ce34747e8a fix: Parameters missing in afterFind trigger of authentication adapters (#8458) 2023-03-06 03:18:00 +01:00
Daniel
c793bb88e7 feat: Add afterFind trigger to authentication adapters (#8444) 2023-03-06 01:35:15 +01:00
Corey
87cab09b6a refactor: Upgrade pg-promise to 11.3.0 and pg-monitor to 2.0.0 (#8453) 2023-03-06 00:16:04 +01:00
Daniel
22d2446dfe fix: Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) 2023-03-05 01:22:19 +01:00
Daniel
b3b76de71b feat: Add option schemaCacheTtl for schema cache pulling as alternative to enableSchemaHooks (#8436) 2023-02-27 01:55:47 +01:00
Daniel
e5d610e5e4 feat: Add Parse Server option resetPasswordSuccessOnInvalidEmail to choose success or error response on password reset with invalid email (#7551) 2023-02-24 20:30:48 +01:00
Daniel
a49e323d5a feat: Deprecate LiveQuery fields option in favor of keys for semantic consistency (#8388) 2023-02-17 13:24:33 +01:00
Daniel
f5bfe4571e fix: Security upgrade jsonwebtoken to 9.0.0 (#8420) 2023-02-07 12:45:30 +01:00
Daniel
9092874a9a feat: Upgrade to Parse JavaScript SDK 4 (#8332) 2023-01-26 10:49:03 +01:00
Daniel
c114dc8831 fix: Rate limiter may reject requests that contain a session token (#8399) 2023-01-25 14:35:39 +01:00
Daniel
fc92faac75 feat: Add ParseQuery.watch to trigger LiveQuery only on update of specific fields (#8028) 2023-01-16 12:32:22 +01:00