joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,550 Commits 2 Branches 18 Tags
fc0fef5922fdfebed0b7669e4e3d1d473d9e3486
Commit Graph

3550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Antonio Davi Macedo Coelho de Castro
fc0fef5922 Merge pull request from GHSA-23r4-5mxp-c7g5 (#7497) 
* Merge pull request from GHSA-23r4-5mxp-c7g5

* add anonymous login security fix

* add changelog entry

* update changelog

* Update package.json (#7498)

* Update package-lock.json (#7499)

Co-authored-by: Corey <coreyearleon@icloud.com>
 2021-08-18 19:03:54 +02:00
Samuel Denis-D'Ortun
c66a39fadc Remove quoted argument to fix issue on Windows (#7489) 2021-08-14 11:55:30 +02:00
Raschid J.F. Rafeally
8fddac39bf feat(AggregateRouter): support native mongodb syntax in aggregation pipelines (#7339) 2021-08-12 19:14:04 +02:00
Manuel
381e9bf014 bump node (#7487) 
node 14.17.4 to 14.17.5
node 12.22.4 to 12.22.5
 2021-08-11 23:32:13 +02:00
Manuel
fda07aa45d Add deprecation plan (#7485) 
* add deprecation plan

* Update DEPRECATIONS.md
 2021-08-10 22:55:16 +02:00
dependabot[bot]
f8c4f9fc54 chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#7484) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-10 13:16:16 -07:00
Manuel
ae1edeb2ac Bump CI (#7482) 
* mongodb 4.4.7 to 4.4.8

* node 14.17.3 to 14.17.4

* node 12.22.3 to 12.22.4

* mongodb 5.0.1 to 5.0.2
 2021-08-09 04:11:36 +02:00
Snyk bot
45d29cc58c fix: upgrade mongodb from 3.6.9 to 3.6.10 (#7474) 
Snyk has created this PR to upgrade mongodb from 3.6.9 to 3.6.10.

See this package in npm:
https://www.npmjs.com/package/mongodb

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-07-27 17:39:05 -07:00
Manuel
cc3cd23b93 Fix missing password policy definitions (#7225) 
* improved contribution guide for parameter groups

* improved resetTokenReuseIfValid docs

* improved resetTokenValidityDuration docs

* recreated definitions

* improved parameter group wording
 2021-07-27 00:23:42 +02:00
Corey
c8e822b958 Accept context via header X-Parse-Cloud-Context (#7437) 
* failing testcase

* add header

* switch to X-Parse-Cloud-Context header

* add back blank line that lint removed

* test replacing context header with body context. Add support for setting body with json string

* add back blank line

* cover error when _context body is wrong

* Update middlewares.js

* revert accidental status change

* make sure context always decodes to an object else throw error

* improve context object check

Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
 2021-07-25 21:17:03 -07:00
Snyk bot
c3b71ba5b6 [Snyk] Upgrade ws from 7.4.6 to 7.5.3 (#7457) 
* fix: upgrade ws from 7.4.6 to 7.5.0

Snyk has created this PR to upgrade ws from 7.4.6 to 7.5.0.

See this package in npm:
https://www.npmjs.com/package/ws

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

* changed logging for circular obj

* upgraded to ws 7.5.3

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-25 01:54:28 +02:00
Snyk bot
39f7c831e6 fix: upgrade @apollographql/graphql-playground-html from 1.6.28 to 1.6.29 (#7473) 
Snyk has created this PR to upgrade @apollographql/graphql-playground-html from 1.6.28 to 1.6.29.

See this package in npm:
https://www.npmjs.com/package/@apollographql/graphql-playground-html

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-07-24 12:42:57 +02:00
Snyk bot
c58bf57f51 fix: upgrade @apollographql/graphql-playground-html from 1.6.27 to 1.6.28 (#7411) 
Snyk has created this PR to upgrade @apollographql/graphql-playground-html from 1.6.27 to 1.6.28.

See this package in npm:
https://www.npmjs.com/package/@apollographql/graphql-playground-html

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 22:45:54 +02:00
Snyk bot
bbd7ee7313 fix: upgrade graphql from 15.5.0 to 15.5.1 (#7462) 
Snyk has created this PR to upgrade graphql from 15.5.0 to 15.5.1.

See this package in npm:
https://www.npmjs.com/package/graphql

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 20:13:26 +02:00
Snyk bot
a95ad89736 [Snyk] Security upgrade parse from 3.2.0 to 3.3.0 (#7464) 
* fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WS-1296835

* update user test

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 18:04:03 +02:00
Snyk bot
1fe47087a9 fix: upgrade apollo-server-express from 2.25.1 to 2.25.2 (#7465) 
Snyk has created this PR to upgrade apollo-server-express from 2.25.1 to 2.25.2.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 17:13:50 +02:00
Snyk bot
2b3355cb02 fix: upgrade graphql-tag from 2.12.4 to 2.12.5 (#7466) 
Snyk has created this PR to upgrade graphql-tag from 2.12.4 to 2.12.5.

See this package in npm:
https://www.npmjs.com/package/graphql-tag

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 15:47:36 +02:00
Snyk bot
9923cd3869 fix: upgrade graphql-relay from 0.7.0 to 0.8.0 (#7467) 
Snyk has created this PR to upgrade graphql-relay from 0.7.0 to 0.8.0.

See this package in npm:
https://www.npmjs.com/package/graphql-relay

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
 2021-07-23 15:05:31 +02:00
Manuel
470382253d Add MongoDB 5.0 support + bump CI env (#7469) 
* bump CI env

* more bump

* more bump

* added mongodb 5.0

* added compatibility table entry

* added changelog entry

* added mongodb 5.0 to badge
 2021-07-23 14:25:11 +02:00
Manuel
250008d379 changed twitter API endpoint for oauth test (#7472) 2021-07-23 12:46:26 +02:00
Manuel
1594afec64 add runtime deprecation warning (#7451) 2021-07-12 20:14:35 +02:00
Manuel
05882bc3ec bumped node (#7452) 2021-07-03 15:20:23 +02:00
Snyk bot
682f1bf143 fix: upgrade apollo-server-express from 2.25.0 to 2.25.1 (#7449) 
Snyk has created this PR to upgrade apollo-server-express from 2.25.0 to 2.25.1.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-30 15:29:54 -07:00
Snyk bot
d36a53b2bf fix: upgrade subscriptions-transport-ws from 0.9.19 to 0.10.0 (#7450) 
Snyk has created this PR to upgrade subscriptions-transport-ws from 0.9.19 to 0.10.0.

See this package in npm:
https://www.npmjs.com/package/subscriptions-transport-ws

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-30 15:26:16 -07:00
Snyk bot
17cf1a46e5 fix: upgrade mongodb from 3.6.8 to 3.6.9 (#7445) 
Snyk has created this PR to upgrade mongodb from 3.6.8 to 3.6.9.

See this package in npm:
https://www.npmjs.com/package/mongodb

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-27 22:00:47 -07:00
Snyk bot
c36588e3c2 fix: upgrade mongodb from 3.6.7 to 3.6.8 (#7430) 
Snyk has created this PR to upgrade mongodb from 3.6.7 to 3.6.8.

See this package in npm:
https://www.npmjs.com/package/mongodb

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-23 22:38:05 -07:00
Snyk bot
4e5eba6c6c fix: upgrade apollo-server-express from 2.24.1 to 2.25.0 (#7435) 
Snyk has created this PR to upgrade apollo-server-express from 2.24.1 to 2.25.0.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-23 22:30:36 -07:00
Snyk bot
7df6c020b1 fix: upgrade ldapjs from 2.2.4 to 2.3.0 (#7436) 
Snyk has created this PR to upgrade ldapjs from 2.2.4 to 2.3.0.

See this package in npm:
https://www.npmjs.com/package/ldapjs

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-23 22:30:11 -07:00
Snyk bot
770e36ff43 fix: upgrade graphql-relay from 0.6.0 to 0.7.0 (#7443) 
Snyk has created this PR to upgrade graphql-relay from 0.6.0 to 0.7.0.

See this package in npm:
https://www.npmjs.com/package/graphql-relay

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-23 22:24:26 -07:00
Jason Posthuma
d8dc524c08 Add check for property (#7421) 
* Add check for property

* updated changelog

* Fixed logic returning false positive

* Added test case

* update change log
 2021-06-21 16:11:15 -07:00
Manuel
3a2afda911 bump node version (#7441) 2021-06-20 19:31:32 +02:00
Olle Jonsson
10695194b2 CHANGELOG: typo fix braking->breaking [ci skip] (#7432) 2021-06-15 13:25:04 +02:00
Manuel
f6a41729a7 bump mongo (#7429) 2021-06-10 17:36:20 -07:00
dependabot[bot]
0638e5e697 chore(deps): bump normalize-url from 4.5.0 to 4.5.1 (#7428) 
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-10 15:21:20 -07:00
Snyk bot
bfdb6a93e8 fix: upgrade apollo-server-express from 2.24.0 to 2.24.1 (#7424) 
Snyk has created this PR to upgrade apollo-server-express from 2.24.0 to 2.24.1.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-10 15:00:00 -07:00
Snyk bot
61affe2629 fix: upgrade mongodb from 3.6.6 to 3.6.7 (#7425) 
Snyk has created this PR to upgrade mongodb from 3.6.6 to 3.6.7.

See this package in npm:
https://www.npmjs.com/package/mongodb

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-06-10 14:59:16 -07:00
Snyk bot
bea4707783 fix: package.json & package-lock.json to reduce vulnerabilities (#7423) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WS-1296835
 2021-06-10 14:56:37 -07:00
GormanFletcher
129f7bfa9b Add support for master key clients to create user sessions (#7406) 
* 6641: Implement support for user impersonation: master key clients can log in as any user, without access to the user's credentials, and without presuming the user already has a session

* reworded changelog

* rebuilt package lock

* fit test

* using lodash flatMap

* bump to node 12 for postgres test

* revert test fit

* add node version to postgres CI

* revert package-lock

Co-authored-by: gormanfletcher <git@gormanfletcher.com>
Co-authored-by: Manuel <5673677+mtrezza@users.noreply.github.com>
 2021-06-04 18:55:00 -05:00
Manuel
754c127d96 bump ci env (#7415) 
* bumped node version

* bumped mongodb
 2021-06-03 22:39:46 +02:00
Corey
6d13aeae2c Fix select exclude queries (#7242) 
* fix keys and excludeKeys to work with JSON array strings

* make excludeKeys test more robust

* add changelog

* add select([]) functionality to fix)

* update changelog

* update keys

* add exclude test

* add select REST test and exclude JS SDK test

* add more tests

* add additional exclude test

* improved select test for testing JSON string array in REST

* improved exclude test for testing JSON string array in REST

* check for parse keys

* make include look like keys and excludeKeys

* nit

* Exclude nexted child fields

* add updates and show failing testcases

* working

* add more tests

* even more test cases

* use await for added tests

* lint

* Add suggestions
 2021-06-03 14:54:44 -05:00
Snyk bot
5abbeeb8d1 fix: upgrade winston-daily-rotate-file from 4.5.4 to 4.5.5 (#7407) 
Snyk has created this PR to upgrade winston-daily-rotate-file from 4.5.4 to 4.5.5.

See this package in npm:
https://www.npmjs.com/package/winston-daily-rotate-file

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-31 08:36:52 -07:00
Snyk bot
8976ecc4a9 fix: upgrade follow-redirects from 1.14.0 to 1.14.1 (#7408) 
Snyk has created this PR to upgrade follow-redirects from 1.14.0 to 1.14.1.

See this package in npm:
https://www.npmjs.com/package/follow-redirects

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-30 22:25:27 -07:00
Snyk bot
d915bacee7 fix: package.json & package-lock.json to reduce vulnerabilities (#7405) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WS-1296835
 2021-05-27 16:50:50 -07:00
Tom Fox
4253feed7d fix links (#7403) 2021-05-26 17:54:11 -07:00
Snyk bot
4f80a5f4af fix: upgrade winston-daily-rotate-file from 4.5.3 to 4.5.4 (#7402) 
Snyk has created this PR to upgrade winston-daily-rotate-file from 4.5.3 to 4.5.4.

See this package in npm:
https://www.npmjs.com/package/winston-daily-rotate-file

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-25 15:40:31 -07:00
Kartal Kaan Bozdoğan
5e7c9d2e1a Fixed a bug affecting updates to nested pointers (#7392) 
* Fixed a bug affecting updates to nested pointers
  Also created unit tests

* Marked the regression test for #7391 as pending for postgre
  The issue is not fixed yet
Use cont instead of var
 2021-05-25 15:33:40 -07:00
Snyk bot
8099cb05a4 fix: upgrade graphql-tag from 2.12.2 to 2.12.4 (#7396) 
Snyk has created this PR to upgrade graphql-tag from 2.12.2 to 2.12.4.

See this package in npm:
https://www.npmjs.com/package/graphql-tag

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-24 21:18:16 -07:00
Snyk bot
d365f1f7cb fix: upgrade pg-promise from 10.10.1 to 10.10.2 (#7399) 
Snyk has created this PR to upgrade pg-promise from 10.10.1 to 10.10.2.

See this package in npm:
https://www.npmjs.com/package/pg-promise

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-24 14:43:59 -07:00
dependabot[bot]
581f822cba chore(deps): bump browserslist from 4.16.3 to 4.16.6 (#7400) 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.16.3 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.16.3...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-24 14:40:34 -07:00
Snyk bot
ff5755b05a fix: upgrade apollo-server-express from 2.23.0 to 2.24.0 (#7395) 
Snyk has created this PR to upgrade apollo-server-express from 2.23.0 to 2.24.0.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
 2021-05-24 09:26:47 -07:00