joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,040 Commits 2 Branches 18 Tags
c595b87b4e36d6cd74cbcbeb2c0e43bc1e768b62
Commit Graph

1443 Commits

Author SHA1 Message Date
Antoine Cormouls
87c7f076eb fix: Upgrade to GraphQL Apollo Server 5 and restrict GraphQL introspection (#9888) 
BREAKING CHANGE: Upgrade to Apollo Server 5 and GraphQL express 5 integration; GraphQL introspection now requires using `masterKey` or setting `graphQLPublicIntrospection: true`.
 2025-12-12 18:35:01 +01:00
Lucas Coratger
3ca85cd4a6 feat: Add GraphQL query cloudConfig to retrieve and mutation updateCloudConfig to update Cloud Config (#9947) 2025-12-03 19:55:30 +01:00
Mattia Faraci
f6ccef1d53 chore: Add objectParser for ObjectTypeAnnotation in Parse Server options (#9912) 2025-12-03 16:10:29 +01:00
Lucas Coratger
47521974ae feat: Add Parse Server option enableSanitizedErrorResponse to remove detailed error messages from responses sent to clients (#9944) 2025-11-28 19:48:35 +01:00
Lucas Coratger
50edb5ab4b fix: Server internal error details leaking in error messages returned to clients (#9937) 2025-11-23 13:51:42 +01:00
Manuel
38c9d2e359 test: Add tests for Parse.Query.includeAll for circular and self-referencing pointers (#9936) 2025-11-23 13:16:22 +01:00
Lucas Coratger
94cee5bfaf feat: Add beforePasswordResetRequest hook (#9906) 2025-11-19 14:57:28 +01:00
Manuel
c22cb0ae58 fix: Deprecation warning logged at server launch for nested Parse Server option even if option is explicitly set (#9934) 2025-11-17 19:43:32 +01:00
Manuel
7b9fa18f96 fix: Queries with object field authData.provider.id are incorrectly transformed to _auth_data_provider.id for custom classes (#9932) 2025-11-17 17:47:39 +01:00
Antoine Cormouls
7d5e9fcf3c fix: Race condition can cause multiple Apollo server initializations under load (#9929) 2025-11-17 16:18:39 +01:00
Antoine Cormouls
dafea21eb3 perf: Parse.Query.include now fetches pointers at same level in parallel (#9861) 2025-11-17 15:42:49 +01:00
Manuel
d3d4003570 fix: GridFSBucketAdapter throws when using some Parse Server specific options in MongoDB database options (#9915) 2025-11-08 18:41:45 +01:00
Lucas Coratger
4456b02280 feat: Add Parse Server option allowPublicExplain to allow Parse.Query.explain without master key (#9890) 2025-11-08 17:02:13 +01:00
Manuel
b760733b98 feat: Add MongoDB client event logging via database option logClientEvents (#9914) 2025-11-08 15:48:29 +01:00
Manuel
cff451eabd feat: Add support for more MongoDB driver options (#9911) 2025-11-07 21:41:59 +01:00
Manuel
1b661e98c8 feat: Add support for MongoDB driver options serverSelectionTimeoutMS, maxIdleTimeMS, heartbeatFrequencyMS (#9910) 2025-11-07 20:11:12 +01:00
Daniel
460a65cf61 feat: Allow option publicServerURL to be set dynamically as asynchronous function (#9803) 2025-11-07 19:18:58 +01:00
Manuel
97763863b7 fix: Uploading a file by providing an origin URL allows for Server-Side Request Forgery (SSRF); fixes vulnerability [GHSA-x4qj-2f4q-r4rx](https://github.com/parse-community/parse-server/security/advisories/GHSA-x4qj-2f4q-r4rx) (#9903) 2025-11-05 14:39:52 +01:00
Manuel
ea91aca142 feat: Add options to skip automatic creation of internal database indexes on server start (#9897) 2025-11-01 18:22:52 +01:00
Manuel
62dd3c565a fix: Indexes _email_verify_token for email verification and _perishable_token password reset are not created automatically (#9893) 2025-11-01 13:52:23 +01:00
mavriel@gmail.com
f49efaf5bb fix: Stale data read in validation query on Parse.Object update causes inconsistency between validation read and subsequent update write operation (#9859) 2025-10-24 20:58:44 +02:00
Antoine Cormouls
eb052d8e6a fix: Error in afterSave trigger for Parse.Role due to name field (#9883) 2025-10-22 14:12:51 +02:00
Antoine Cormouls
1815b019b5 fix: Warning logged when setting option databaseOptions.disableIndexFieldValidation (#9880) 2025-10-16 09:29:02 +02:00
Antoine Cormouls
abfa94cd6d fix: Security upgrade to parse 7.0.1 (#9877) 2025-10-15 18:39:37 +02:00
Antoine Cormouls
64f104e5c5 feat: Add request context middleware for config and dependency injection in hooks (#8480) 2025-10-14 20:16:31 +02:00
EmpiDev
0b4740714c feat: Allow returning objects in Parse.Cloud.beforeFind without invoking database query (#9770) 2025-10-14 18:13:28 +02:00
Antoine Cormouls
1b2347524c feat: Disable index-field validation to create index for fields that don't yet exist (#8137) 2025-10-10 00:03:52 +02:00
Manuel
7cb962a028 feat: Add regex option u for unicode support in Parse.Query.matches for MongoDB (#9867) 2025-10-03 16:38:41 +02:00
Rahul Lanjewar
89fad468c3 feat: Add option keepUnknownIndexes to retain indexes which are not specified in schema (#9857) 2025-10-03 14:35:34 +02:00
Manuel
847a274cdb fix: MongoDB aggregation pipeline with $dateSubtract from $$NOW returns no results (#9822) 2025-07-13 02:44:08 +02:00
Manuel
c58b2eb6eb fix: Data schema exposed via GraphQL API public introspection (GHSA-48q3-prgv-gm4w) (#9819) 2025-07-10 04:25:09 +02:00
Manuel
2c29756038 refactor: Add a few lint rules to test files in /spec (#9815) 2025-07-04 20:24:08 +02:00
Rahul Lanjewar
0db3a6ff27 fix: Parse.Query.containedIn and matchesQuery do not work with nested objects (#9738) 2025-05-03 12:52:31 +02:00
Diamond Lewis
ed69e03acf ci: Fix flaky sendVerificationEmail tests (#9692) 2025-04-15 17:25:42 +01:00
Diamond Lewis
9de6999e25 perf: Add details to error message in Parse.Query.aggregate (#9689) 2025-04-07 21:54:18 +02:00
Diamond Lewis
af40af51f3 ci: Fix flaky LiveQuery tests (#9694) 2025-04-07 04:01:36 +02:00
Daniel
f49c371c13 feat: Upgrade Parse JS SDK from 6.0.0 to 6.1.0 (#9686) 2025-04-02 00:09:53 +01:00
Diamond Lewis
aed918d310 fix: Parse Server doesn't shutdown gracefully (#9634) 2025-03-27 21:38:51 +01:00
Daniel
b2beaa86ff feat: Add Cloud Code triggers Parse.Cloud.beforeFind(Parse.File)and Parse.Cloud.afterFind(Parse.File) (#8700) 2025-03-27 18:22:14 +01:00
Daniel
12b5d781dc feat: Add default ACL (#8701) 2025-03-24 15:15:27 +01:00
Manuel
5ef0440c8e fix: Authentication provider credentials are usable across Parse Server apps; fixes security vulnerability [GHSA-837q-jhwx-cmpv](https://github.com/parse-community/parse-server/security/advisories/GHSA-837q-jhwx-cmpv) (#9667) 2025-03-21 10:49:09 +01:00
Diamond Lewis
97d4a9e783 refactor: Bump to jasmine 5.6.0 (#9453) 2025-03-11 21:34:14 +01:00
Daniel
533a60e218 refactor: Add internal method Utils.encodeForUrl for properly encoding email addresses for use in URLs (#9541) 2025-03-06 01:57:37 +01:00
Daniel
6258a6a112 fix: Using Parse Server option extendSessionOnUse does not correctly clear memory and functions as a debounce instead of a throttle (#8683) 2025-03-06 01:34:52 +01:00
Colin Ulin
e0480dfa8d feat: Upgrade to express 5.0.1 (#9530) 
BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
 2025-03-03 22:11:42 +01:00
Daniel
bf9db75e86 feat: Upgrade to Parse JS SDK 6.0.0 (#9624) 
BREAKING CHANGE: This upgrades to the Parse JS SDK 6.0.0. See the [change log](https://github.com/parse-community/Parse-SDK-JS/releases/tag/6.0.0) of the Parse JS SDK for breaking changes and more details.
 2025-03-03 00:47:40 +01:00
Daniel
d21dd97336 fix: Remove username from email verification and password reset process (#8488) 
BREAKING CHANGE: This removes the username from the email verification and password reset process to prevent storing personally identifiable information (PII) in server and infrastructure logs. Customized HTML pages or emails related to email verification and password reset may need to be adapted accordingly. See the new templates that come bundled with Parse Server and the [migration guide](https://github.com/parse-community/parse-server/blob/alpha/8.0.0.md) for more details.
 2025-03-02 02:32:43 +01:00
Mohammad Ali
bbc6bd4b3f fix: LiveQueryServer crashes using cacheAdapter on disconnect from Redis 4 server (#9616) 2025-02-24 02:48:10 +01:00
Daniel
6f1d161a2f feat: Add dynamic master key by setting Parse Server option masterKey to a function (#9582) 2025-02-12 22:23:18 +01:00
Daniel
889dbb5aee refactor: Upgrade to eslint 9.19.0 (#9580) 2025-02-01 15:32:43 +01:00