6.3.0-alpha.1 (2023-06-18)

Bug Fixes

• Cloud Code Trigger afterSave executes even if not set (#8520) (afd0515)
• GridFS file storage doesn't work with certain enableSchemaHooks settings (#8467) (d4cda4b)
• Inaccurate table total row count for PostgreSQL (#8511) (0823a02)
• LiveQuery server is not shut down properly when handleShutdown is called (#8491) (967700b)
• Rate limit feature is incompatible with Node 14 (#8578) (f911f2c)
• Unnecessary log entries by extendSessionOnUse (#8562) (fd6a007)

Features

• extendSessionOnUse to automatically renew Parse Sessions (#8505) (6f885d3)
• Add new Parse Server option preventSignupWithUnverifiedEmail to prevent returning a user without session token on sign-up with unverified email address (#8451) (82da308)
• Add option to change the log level of logs emitted by Cloud Functions (#8530) (2caea31)
• Add support for $eq query constraint in LiveQuery (#8614) (656d673)
• Add zones for rate limiting by ip, user, session, global (#8508) (03fba97)
• Allow Parse.Object pointers in Cloud Code arguments (#8490) (28aeda3)

Reverts

• fix: Inaccurate table total row count for PostgreSQL (6722110)

6.3.0-beta.1 (2023-06-10)

Bug Fixes

• Cloud Code Trigger afterSave executes even if not set (#8520) (afd0515)
• GridFS file storage doesn't work with certain enableSchemaHooks settings (#8467) (d4cda4b)
• Inaccurate table total row count for PostgreSQL (#8511) (0823a02)
• LiveQuery server is not shut down properly when handleShutdown is called (#8491) (967700b)
• Rate limit feature is incompatible with Node 14 (#8578) (f911f2c)
• Unnecessary log entries by extendSessionOnUse (#8562) (fd6a007)

Features

• Add new Parse Server option extendSessionOnUse to automatically renew Parse Sessions (#8505) (6f885d3)
• Add new Parse Server option preventSignupWithUnverifiedEmail to prevent returning a user without session token on sign-up with unverified email address (#8451) (82da308)
• Add option to change the log level of logs emitted by Cloud Functions (#8530) (2caea31)
• Add support for $eq query constraint in LiveQuery (#8614) (656d673)
• Add zones for rate limiting by ip, user, session, global (#8508) (03fba97)
• Allow Parse.Object pointers in Cloud Code arguments (#8490) (28aeda3)

Reverts

• fix: Inaccurate table total row count for PostgreSQL (6722110)

6.1.0-alpha.20 (2023-06-09)

Features

• Add zones for rate limiting by ip, user, session, global (#8508) (03fba97)

6.1.0-alpha.19 (2023-06-08)

Bug Fixes

• LiveQuery server is not shut down properly when handleShutdown is called (#8491) (967700b)

6.1.0-alpha.18 (2023-06-08)

Features

• Add support for $eq query constraint in LiveQuery (#8614) (656d673)

6.1.0-alpha.17 (2023-06-07)

Features

• Add new Parse Server option preventSignupWithUnverifiedEmail to prevent returning a user without session token on sign-up with unverified email address (#8451) (82da308)

6.1.0-alpha.16 (2023-05-28)

Reverts

• fix: Inaccurate table total row count for PostgreSQL (6722110)

6.1.0-alpha.15 (2023-05-28)

Bug Fixes

• Inaccurate table total row count for PostgreSQL (#8511) (0823a02)

6.1.0-alpha.14 (2023-05-27)

Bug Fixes

• Unnecessary log entries by extendSessionOnUse (#8562) (fd6a007)

Features

• Allow Parse.Object pointers in Cloud Code arguments (#8490) (28aeda3)

6.1.0-alpha.13 (2023-05-25)

Bug Fixes

• Rate limit feature is incompatible with Node 14 (#8578) (f911f2c)

5.5.1 (2023-05-23)

Bug Fixes

• Security upgrade @parse/push-adapter from 4.1.2 to 4.1.3 (#8571) (8e83cac)

6.2.0 (2023-05-20)

Features

• Add new Parse Server option fileUpload.fileExtensions to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern ^[^hH][^tT][^mM][^lL]?$, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to ['.*'] (#8538) (a318e7b)

5.5.0 (2023-05-20)

Features

• Add new Parse Server option fileUpload.fileExtensions to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern ^[^hH][^tT][^mM][^lL]?$, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to ['.*'] (#8537) (196e05f)

6.1.0-alpha.12 (2023-05-19)

Bug Fixes

• GridFS file storage doesn't work with certain enableSchemaHooks settings (#8467) (d4cda4b)

6.1.0-alpha.11 (2023-05-17)

Features

• extendSessionOnUse to automatically renew Parse Sessions (#8505) (6f885d3)

6.1.0-alpha.10 (2023-05-12)

Bug Fixes

• Cloud Code Trigger afterSave executes even if not set (#8520) (afd0515)

6.1.0-alpha.9 (2023-05-09)

Features

• Add option to change the log level of logs emitted by Cloud Functions (#8530) (2caea31)

6.1.0 (2023-05-01)

Bug Fixes

• LiveQuery can return incorrectly formatted date (#8456) (4ce135a)
• Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) (22d2446)
• Parameters missing in afterFind trigger of authentication adapters (#8458) (ce34747)
• Rate limiting across multiple servers via Redis not working (#8469) (d9e347d)
• Security upgrade jsonwebtoken to 9.0.0 (#8420) (f5bfe45)

Features

• Add afterFind trigger to authentication adapters (#8444) (c793bb8)
• Add option schemaCacheTtl for schema cache pulling as alternative to enableSchemaHooks (#8436) (b3b76de)
• Add Parse Server option resetPasswordSuccessOnInvalidEmail to choose success or error response on password reset with invalid email (#7551) (e5d610e)
• Add rate limiting across multiple servers via Redis (#8394) (34833e4)
• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)
• Deprecate LiveQuery fields option in favor of keys for semantic consistency (#8388) (a49e323)
• Export AuthAdapter to make it available for extension with custom authentication adapters (#8443) (40c1961)

6.1.0-beta.2 (2023-05-01)

Bug Fixes

• LiveQuery can return incorrectly formatted date (#8456) (4ce135a)
• Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) (22d2446)
• Parameters missing in afterFind trigger of authentication adapters (#8458) (ce34747)
• Rate limiting across multiple servers via Redis not working (#8469) (d9e347d)

Features

• Add afterFind trigger to authentication adapters (#8444) (c793bb8)
• Add rate limiting across multiple servers via Redis (#8394) (34833e4)
• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)
• Export AuthAdapter to make it available for extension with custom authentication adapters (#8443) (40c1961)

6.1.0-alpha.8 (2023-05-01)

Features

• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)