Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: Release #8526

Merged
merged 40 commits into from
May 1, 2023
Merged

build: Release #8526

merged 40 commits into from
May 1, 2023

Conversation

mtrezza
Copy link
Member

@mtrezza mtrezza commented May 1, 2023

No description provided.

mtrezza and others added 30 commits January 31, 2023 16:35
# [6.0.0-alpha.31](parse-community/parse-server@6.0.0-alpha.30...6.0.0-alpha.31) (2023-01-31)

### Bug Fixes

* Parse Server option `requestKeywordDenylist` can be bypassed via Cloud Code Webhooks or Triggers; fixes security vulnerability [GHSA-xprv-wvh7-qqqx](GHSA-xprv-wvh7-qqqx) ([parse-community#8302](parse-community#8302)) ([6728da1](parse-community@6728da1))
* Prototype pollution via Cloud Code Webhooks; fixes security vulnerability [GHSA-93vw-8fm5-p2jf](GHSA-93vw-8fm5-p2jf) ([parse-community#8305](parse-community#8305)) ([60c5a73](parse-community@60c5a73))
* Remote code execution via MongoDB BSON parser through prototype pollution; fixes security vulnerability [GHSA-prm5-8g2m-24gg](GHSA-prm5-8g2m-24gg) ([parse-community#8295](parse-community#8295)) ([50eed3c](parse-community@50eed3c))
# [6.0.0-alpha.33](parse-community/parse-server@6.0.0-alpha.32...6.0.0-alpha.33) (2023-02-17)

### Features

* Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323))
… choose success or error response on password reset with invalid email (parse-community#7551)
# [6.0.0-alpha.34](parse-community/parse-server@6.0.0-alpha.33...6.0.0-alpha.34) (2023-02-24)

### Features

* Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e))
# [6.0.0-alpha.35](parse-community/parse-server@6.0.0-alpha.34...6.0.0-alpha.35) (2023-02-27)

### Features

* Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de))
# [6.1.0-beta.1](parse-community/parse-server@6.0.0...6.1.0-beta.1) (2023-03-02)

### Bug Fixes

* Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45))

### Features

* Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de))
* Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e))
* Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323))
# [6.1.0-alpha.1](parse-community/parse-server@6.0.0...6.1.0-alpha.1) (2023-03-03)

### Bug Fixes

* Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45))

### Features

* Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de))
* Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e))
* Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323))
* Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961))
# [6.1.0-alpha.2](parse-community/parse-server@6.1.0-alpha.1...6.1.0-alpha.2) (2023-03-05)

### Bug Fixes

* Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446))
# [6.1.0-alpha.3](parse-community/parse-server@6.1.0-alpha.2...6.1.0-alpha.3) (2023-03-06)

### Features

* Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8))
# [6.1.0-alpha.4](parse-community/parse-server@6.1.0-alpha.3...6.1.0-alpha.4) (2023-03-06)

### Bug Fixes

* Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747))
# [6.1.0-alpha.5](parse-community/parse-server@6.1.0-alpha.4...6.1.0-alpha.5) (2023-03-06)

### Bug Fixes

* LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a))
# [6.1.0-alpha.6](parse-community/parse-server@6.1.0-alpha.5...6.1.0-alpha.6) (2023-03-06)

### Features

* Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4))
dblythy and others added 10 commits March 10, 2023 17:43
# [6.1.0-alpha.7](parse-community/parse-server@6.1.0-alpha.6...6.1.0-alpha.7) (2023-03-10)

### Bug Fixes

* Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d))
# [6.1.0-alpha.8](parse-community/parse-server@6.1.0-alpha.7...6.1.0-alpha.8) (2023-05-01)

### Features

* Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539))
# [6.1.0-beta.2](parse-community/parse-server@6.1.0-beta.1...6.1.0-beta.2) (2023-05-01)

### Bug Fixes

* LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a))
* Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446))
* Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747))
* Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d))

### Features

* Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8))
* Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4))
* Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539))
* Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961))
@parse-github-assistant
Copy link

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant bot changed the title build: release build: Release May 1, 2023
@parse-github-assistant
Copy link

Thanks for opening this pull request!

  • ❌ Please link an issue that describes the reason for this pull request, otherwise your pull request will be closed. Make sure to write it as Closes: #123 in the PR description, so I can recognize it.

@mtrezza mtrezza merged commit 18b63d1 into parse-community:release May 1, 2023
@mtrezza mtrezza deleted the build-release branch May 1, 2023 21:50
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 6.1.0

@parseplatformorg parseplatformorg added the state:released Released as stable version label May 1, 2023
mtrezza added a commit to mtrezza/parse-server that referenced this pull request Jun 10, 2023
commit 1506273
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Sat May 20 23:24:03 2023 +0000

    chore(release): 6.2.0 [skip ci]

    # [6.2.0](parse-community/parse-server@6.1.0...6.2.0) (2023-05-20)

    ### Features

    * Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` ([parse-community#8538](parse-community#8538)) ([a318e7b](parse-community@a318e7b))

commit a318e7b
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Sun May 21 01:23:00 2023 +0200

    feat: Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` (parse-community#8538)

commit 832702d
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Mon May 1 21:50:23 2023 +0000

    chore(release): 6.1.0 [skip ci]

    # [6.1.0](parse-community/parse-server@6.0.0...6.1.0) (2023-05-01)

    ### Bug Fixes

    * LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a))
    * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446))
    * Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747))
    * Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d))
    * Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45))

    ### Features

    * Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8))
    * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de))
    * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e))
    * Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4))
    * Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539))
    * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323))
    * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961))

commit 18b63d1
Merge: f7eee19 f59d46c
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Mon May 1 23:49:22 2023 +0200

    build: Release (parse-community#8526)
mtrezza added a commit to mtrezza/parse-server that referenced this pull request Jun 10, 2023
commit 1506273
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Sat May 20 23:24:03 2023 +0000

    chore(release): 6.2.0 [skip ci]

    # [6.2.0](parse-community/parse-server@6.1.0...6.2.0) (2023-05-20)

    ### Features

    * Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` ([parse-community#8538](parse-community#8538)) ([a318e7b](parse-community@a318e7b))

commit a318e7b
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Sun May 21 01:23:00 2023 +0200

    feat: Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` (parse-community#8538)

commit 832702d
Author: semantic-release-bot <semantic-release-bot@martynus.net>
Date:   Mon May 1 21:50:23 2023 +0000

    chore(release): 6.1.0 [skip ci]

    # [6.1.0](parse-community/parse-server@6.0.0...6.1.0) (2023-05-01)

    ### Bug Fixes

    * LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a))
    * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446))
    * Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747))
    * Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d))
    * Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45))

    ### Features

    * Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8))
    * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de))
    * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e))
    * Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4))
    * Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539))
    * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323))
    * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961))

commit 18b63d1
Merge: f7eee19 f59d46c
Author: Manuel <5673677+mtrezza@users.noreply.github.com>
Date:   Mon May 1 23:49:22 2023 +0200

    build: Release (parse-community#8526)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
state:released Released as stable version
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants