joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,126 Commits 2 Branches 18 Tags
b93c618bc23fcd8f22af3a37f74e3484e2b910c5
Commit Graph

1788 Commits

Author SHA1 Message Date
Joe Bain
b93c618bc2 Remove broken app ticket code and add some docs (incomplete)
Some checks failed
ci / Code Analysis (javascript) (push) Has been cancelled
Details
ci / Node Engine Check (push) Has been cancelled
Details
ci / Lint (push) Has been cancelled
Details
ci / Check Definitions (push) Has been cancelled
Details
ci / Circular Dependencies (push) Has been cancelled
Details
ci / Docker Build (push) Has been cancelled
Details
ci / NPM Lock File Version (push) Has been cancelled
Details
ci / Check Types (push) Has been cancelled
Details
ci / MongoDB 7, ReplicaSet (push) Has been cancelled
Details
ci / MongoDB 8, ReplicaSet (push) Has been cancelled
Details
ci / Node 20 (push) Has been cancelled
Details
ci / Node 22 (push) Has been cancelled
Details
ci / Redis Cache (push) Has been cancelled
Details
ci / PostgreSQL 16, PostGIS 3.5 (push) Has been cancelled
Details
ci / PostgreSQL 17, PostGIS 3.5 (push) Has been cancelled
Details
ci / PostgreSQL 18, PostGIS 3.6 (push) Has been cancelled
Details
release-automated / release (push) Has been cancelled
Details
release-automated / docker (push) Has been cancelled
Details
release-automated / docs (push) Has been cancelled
Details
2026-02-12 17:10:25 +00:00
Joe Bain
ce5dde808a Move nintendo and steam auth config to options file 2026-02-10 17:18:46 +00:00
Joe Bain
78b803abe7 Nintendo auth is working 2026-02-10 17:18:46 +00:00
Joe Bain
ef1d5f44e7 first draft of nintendo auth 2026-02-10 17:18:35 +00:00
Joe Bain
ca873bc238 steam auth working with web ticket api 2026-02-10 17:17:29 +00:00
Joe Bain
c0ef385a7b Added steam auth using encrypted application tickets 
Not tested working though yet
 2026-02-10 17:16:53 +00:00
Manuel
4c9c9489f0 feat: Add Parse.File.url validation with config fileUpload.allowedFileUrlDomains against SSRF attacks (#10044) 2026-02-07 17:03:39 +00:00
Manuel
9e07ca6d3b refactor: Bump prettier from 2.0.5 to 3.8.1 (#10042) 2026-02-07 01:11:09 +00:00
Manuel
a4265bb124 fix: Default HTML pages for password reset, email verification not found (#10041) 2026-02-06 16:30:13 +00:00
Palixir
ed98c15f90 feat: Add event information to verifyUserEmails, preventLoginWithUnverifiedEmail to identify invoking signup / login action and auth provider (#9963) 2026-02-06 03:48:35 +00:00
Copilot
d3d6e9e22a fix: AuthData validation incorrectly triggered on unchanged providers (#10025) 2026-02-06 02:03:34 +00:00
Manuel
e29910764d fix: Default HTML pages for password reset, email verification not found (#10034) 2026-02-06 01:42:54 +00:00
Manuel
1d3336d128 fix: MongoDB timeout errors unhandled and potentially revealing internal data (#10020) 2026-01-25 00:15:01 +01:00
Copilot
756c204220 feat: Add option databaseOptions.clientMetadata to send custom metadata to database server for logging and debugging (#10017) 2026-01-24 22:44:38 +01:00
dependabot[bot]
ba3e7602e6 refactor: Bump redis from 4.7.0 to 5.10.0 (#9994) 2026-01-17 22:09:44 +01:00
Manuel
fbcc938b5a fix: Server-Side Request Forgery (SSRF) in Instagram auth adapter [GHSA-3f5f-xgrj-97pf](https://github.com/parse-community/parse-server/security/advisories/GHSA-3f5f-xgrj-97pf) (#9988) 2025-12-16 02:24:37 +01:00
Rahul Lanjewar
a23b192466 feat: Log more debug info when failing to set duplicate value for field with unique values (#9919) 2025-12-14 16:39:17 +01:00
Copilot
8eeab8dc57 feat: Add support for custom HTTP status code and headers to Cloud Function response with Express-style syntax (#9980) 2025-12-14 15:24:51 +01:00
Lucas
f18f3073d7 feat: Add option logLevels.signupUsernameTaken to change log level of username already exists sign-up rejection (#9962) 2025-12-14 01:59:56 +01:00
Manuel
22d4622230 feat: Deprecation DEPPS113: Config option enableInsecureAuthAdapters defaults to false (#9982) 
BREAKING CHANGE: This release changes the config option `enableInsecureAuthAdapters` default to `false` (Deprecation DEPPS13).
 2025-12-14 01:24:00 +01:00
Antoine Cormouls
d5e76b01db feat: Upgrade to @parse/push-adapter 8.1.0 (#9938) 2025-12-12 21:46:17 +01:00
Manuel
c1c7e6976d feat: Deprecation DEPPS12: Database option allowPublicExplain defaults to false (#9975) 
BREAKING CHANGE: This release changes the MongoDB database option `allowPublicExplain` default to `false` (Deprecation DEPPS12).
 2025-12-12 21:07:07 +01:00
Manuel
8f877d42c0 feat: Deprecation DEPPS11: Replace PublicAPIRouter with PagesRouter (#9974) 
BREAKING CHANGE: This release replaces `PublicAPIRouter` with `PagesRouter` (Deprecation DEPPS11).
 2025-12-12 20:55:39 +01:00
Manuel
a2d3dbe972 feat: Deprecation DEPPS10: Encode Parse.Object in Cloud Function and remove option encodeParseObjectInCloudFunction (#9973) 
BREAKING CHANGE: This release encodes `Parse.Object` in Cloud Function and removes option `encodeParseObjectInCloudFunction` (Deprecation DEPPS10).
 2025-12-12 20:46:35 +01:00
Lucas
fa8723b3d1 feat: Update route patterns to use path-to-regexp v8 syntax (#9942) 
BREAKING CHANGE: Route pattern syntax across cloud routes and rate-limiting now use the new path-to-regexp v8 syntax; see the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/9.0.0.md) for more details.
 2025-12-12 19:36:27 +01:00
Antoine Cormouls
87c7f076eb fix: Upgrade to GraphQL Apollo Server 5 and restrict GraphQL introspection (#9888) 
BREAKING CHANGE: Upgrade to Apollo Server 5 and GraphQL express 5 integration; GraphQL introspection now requires using `masterKey` or setting `graphQLPublicIntrospection: true`.
 2025-12-12 18:35:01 +01:00
Lucas Coratger
3ca85cd4a6 feat: Add GraphQL query cloudConfig to retrieve and mutation updateCloudConfig to update Cloud Config (#9947) 2025-12-03 19:55:30 +01:00
Mattia Faraci
f6ccef1d53 chore: Add objectParser for ObjectTypeAnnotation in Parse Server options (#9912) 2025-12-03 16:10:29 +01:00
Lucas Coratger
47521974ae feat: Add Parse Server option enableSanitizedErrorResponse to remove detailed error messages from responses sent to clients (#9944) 2025-11-28 19:48:35 +01:00
Manuel
12beb8f6ee fix: Parse Server option rateLimit.zone does not use default value ip (#9941) 2025-11-23 14:09:25 +01:00
Lucas Coratger
50edb5ab4b fix: Server internal error details leaking in error messages returned to clients (#9937) 2025-11-23 13:51:42 +01:00
Lucas Coratger
69a925879e refactor: Add lint rules for no unused vars and unused import (#9940) 2025-11-22 22:12:34 +01:00
Lucas Coratger
94cee5bfaf feat: Add beforePasswordResetRequest hook (#9906) 2025-11-19 14:57:28 +01:00
Manuel
c22cb0ae58 fix: Deprecation warning logged at server launch for nested Parse Server option even if option is explicitly set (#9934) 2025-11-17 19:43:32 +01:00
Manuel
7b9fa18f96 fix: Queries with object field authData.provider.id are incorrectly transformed to _auth_data_provider.id for custom classes (#9932) 2025-11-17 17:47:39 +01:00
Antoine Cormouls
7d5e9fcf3c fix: Race condition can cause multiple Apollo server initializations under load (#9929) 2025-11-17 16:18:39 +01:00
Antoine Cormouls
dafea21eb3 perf: Parse.Query.include now fetches pointers at same level in parallel (#9861) 2025-11-17 15:42:49 +01:00
Manuel
d3d4003570 fix: GridFSBucketAdapter throws when using some Parse Server specific options in MongoDB database options (#9915) 2025-11-08 18:41:45 +01:00
Lucas Coratger
4456b02280 feat: Add Parse Server option allowPublicExplain to allow Parse.Query.explain without master key (#9890) 2025-11-08 17:02:13 +01:00
Manuel
b760733b98 feat: Add MongoDB client event logging via database option logClientEvents (#9914) 2025-11-08 15:48:29 +01:00
Manuel
cff451eabd feat: Add support for more MongoDB driver options (#9911) 2025-11-07 21:41:59 +01:00
Manuel
1b661e98c8 feat: Add support for MongoDB driver options serverSelectionTimeoutMS, maxIdleTimeMS, heartbeatFrequencyMS (#9910) 2025-11-07 20:11:12 +01:00
Daniel
460a65cf61 feat: Allow option publicServerURL to be set dynamically as asynchronous function (#9803) 2025-11-07 19:18:58 +01:00
Manuel
97763863b7 fix: Uploading a file by providing an origin URL allows for Server-Side Request Forgery (SSRF); fixes vulnerability [GHSA-x4qj-2f4q-r4rx](https://github.com/parse-community/parse-server/security/advisories/GHSA-x4qj-2f4q-r4rx) (#9903) 2025-11-05 14:39:52 +01:00
Manuel
fa245cbb5f fix: Add problematic MIME types to default value of Parse Server option fileUpload.fileExtensions (#9902) 2025-11-05 12:13:30 +01:00
Manuel
ea91aca142 feat: Add options to skip automatic creation of internal database indexes on server start (#9897) 2025-11-01 18:22:52 +01:00
Manuel
62dd3c565a fix: Indexes _email_verify_token for email verification and _perishable_token password reset are not created automatically (#9893) 2025-11-01 13:52:23 +01:00
Antoine Cormouls
b298cccd9f feat: Add Parse Server option verifyServerUrl to disable server URL verification on server launch (#9881) 2025-10-25 18:01:58 +02:00
mavriel@gmail.com
f49efaf5bb fix: Stale data read in validation query on Parse.Object update causes inconsistency between validation read and subsequent update write operation (#9859) 2025-10-24 20:58:44 +02:00
Antoine Cormouls
eb052d8e6a fix: Error in afterSave trigger for Parse.Role due to name field (#9883) 2025-10-22 14:12:51 +02:00