beiguancyc
diff --git a/‎.github/stale.yml
Lines changed: 22 additions & 0 deletions b/‎.github/stale.yml
Lines changed: 22 additions & 0 deletions
diff --git a/‎.nvmrc
Lines changed: 1 addition & 0 deletions b/‎.nvmrc
Lines changed: 1 addition & 0 deletions
diff --git a/‎.travis.yml
Lines changed: 1 addition & 5 deletions b/‎.travis.yml
Lines changed: 1 addition & 5 deletions
diff --git a/‎CHANGELOG.md
Lines changed: 21 additions & 2 deletions b/‎CHANGELOG.md
Lines changed: 21 additions & 2 deletions
diff --git a/‎CODE_OF_CONDUCT.md
Lines changed: 76 additions & 0 deletions b/‎CODE_OF_CONDUCT.md
Lines changed: 76 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md
Lines changed: 0 additions & 11 deletions b/‎CONTRIBUTING.md
Lines changed: 0 additions & 11 deletions
diff --git a/‎Dockerfile
Lines changed: 34 additions & 10 deletions b/‎Dockerfile
Lines changed: 34 additions & 10 deletions
diff --git a/‎Parse-Dashboard/app.js
Lines changed: 13 additions & 9 deletions b/‎Parse-Dashboard/app.js
Lines changed: 13 additions & 9 deletions
diff --git a/‎Parse-Dashboard/index.js
Lines changed: 27 additions & 4 deletions b/‎Parse-Dashboard/index.js
Lines changed: 27 additions & 4 deletions
diff --git a/‎Parse-Dashboard/parse-dashboard-config.json
Lines changed: 3 additions & 3 deletions b/‎Parse-Dashboard/parse-dashboard-config.json
Lines changed: 3 additions & 3 deletions
@@ -0,0 +1,22 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 45
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - good-first-pr
+  - up-for-grabs
+  - enhancement
+  - help wanted
+  - bug
+# Label to use when marking an issue as stale
+staleLabel: wontfix
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
@@ -0,0 +1 @@
+8.11
@@ -1,17 +1,13 @@
 language: node_js
 node_js:
-- '6.11'
-- '8.8'
+- '10.14'
 before_install:
   - npm install -g greenkeeper-lockfile@1
 before_script: 
   - ./scripts/before_script.sh
   - greenkeeper-lockfile-update
 after_script:
   - greenkeeper-lockfile-upload
-cache:
-  directories:
-    - node_modules
 deploy:
   provider: npm
   on:
 
@@ -1,8 +1,27 @@
 ## Parse Dashboard Changelog
+* _Contributing to this repo? Add info about your change here to be included in next release_
 
-### NEXT RELEASE
+### master
+[Full Changelog](https://github.com/parse-community/parse-dashboard/compare/1.3.0...master)
+
+### 1.3.0
+[Full Changelog](https://github.com/parse-community/parse-dashboard/compare/1.2.0...1.3.0)
+
+* Node 10 Support, thanks [Florent Vilmart](https://github.com/flovilmart)
+* Fix: Remove column dialog default values (#969), thanks to [Jonas Stendahl](https://github.com/JStonevalley)
+* Fix: Handle case of null in array (#922), thanks to [Abdullah Alsigar](https://github.com/agent3bood)
+* Fix: JSON file upload (#935), thanks to [joshuadiezmo](https://github.com/joshuadiezmo)
+* Fix: Set initial audience null (#910), thanks to [Paulo Reis](https://github.com/paulovitin)
+* Fix: Ensure we traverse the payloadJSON properly (#861), thanks [Florent Vilmart](https://github.com/flovilmart)
+* Improvements: Push Audiences (#813), thanks [Florent Vilmart](https://github.com/flovilmart)
+* Improvements: Docker Build
+* Feature: `preventSchemaEdits` option (#960), thanks to [Cyril Chandelier](https://github.com/cyrilchandelier)
+* Feature: Redirect to the first app browser when only a single app is registered (#958), thanks to [Cyril Chandelier](https://github.com/cyrilchandelier)
+* Feature: Add classname to browser title (#913), thanks to [Paulo Reis](https://github.com/paulovitin)
+* Feature: Support for Clone Object (#946), thanks to [Diamond Lewis](https://github.com/dplewis)
+* Feature: Add tvOS support to push targeting (#936), thanks to [Thomas Kollbach](https://github.com/toto)
+* Feature: When using username to login, display dashboard username (#800), thanks to [Abdullah Alsigar](https://github.com/agent3bood)
 
-* _Contributing to this repo? Add info about your change here to be included in next release_
 
 ### 1.2.0
 * Fix: Filtering with a 1-digit number (#831), thanks to [Pascal Giguère](https://github.com/pgiguere1)
 
@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [email protected]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq
@@ -18,22 +18,11 @@ We actively welcome your pull requests.
 4. If you've updated/added an UI component, please add a screenshot.
 5. If you've fixed an issue or added features, add what you've changed to the CHANGELOG.
 6. Ensure the test suite passes.
-7. If you haven't already, complete the Contributor License Agreement ("CLA").
-
-## Contributor License Agreement ("CLA")
-In order to accept your pull request, we need you to submit a CLA. You only need
-to do this once to work on any of Facebook's open source projects.
-
-Complete your CLA here: <https://code.facebook.com/cla>
 
 ## Issues
 We use GitHub issues to track public bugs. Please ensure your description is
 clear and has sufficient instructions to be able to reproduce the issue.
 
-Facebook has a [bounty program](https://www.facebook.com/whitehat/) for the safe
-disclosure of security bugs. In those cases, please go through the process
-outlined on that page and do not file a public issue.
-
 ## License
 By contributing to Parse Dashboard, you agree that your contributions will be licensed
 under its license.
@@ -1,11 +1,35 @@
-FROM node:8-slim
-ENV NPM_CONFIG_LOGLEVEL error
+#
+# --- Base Node Image ---
+FROM node:8-alpine AS base
+
 WORKDIR /src
-ADD . /src
-RUN cd /src \
- && npm install \
- && npm run build \
- && npm cache clear --force \
- && rm -rf ~/.npm \
- && rm -rf /var/lib/apt/lists/*
-ENTRYPOINT ["npm", "run", "dashboard"]
+
+# Copy package.json first to benefit from layer caching
+COPY package*.json ./
+RUN npm install --only=production
+# Copy production node_modules aside for later
+RUN cp -R node_modules prod_node_modules
+# Install remaining dev dependencies
+RUN npm install
+
+COPY . /src
+
+# Run all webpack build steps
+RUN npm run prepublish && npm run build
+
+
+#
+# --- Production Image ---
+FROM node:8-alpine AS release
+WORKDIR /src
+
+# Copy production node_modules
+COPY --from=base /src/prod_node_modules /src/node_modules
+COPY --from=base /src/package*.json /src/
+
+# Copy compiled src dirs
+COPY --from=base /src/Parse-Dashboard/ /src/Parse-Dashboard/
+
+USER node
+
+ENTRYPOINT ["node", "Parse-Dashboard/index.js"]
@@ -88,16 +88,17 @@ module.exports = function(config, options) {
         req.connection.remoteAddress === '127.0.0.1' ||
         req.connection.remoteAddress === '::ffff:127.0.0.1' ||
         req.connection.remoteAddress === '::1';
-      if (!requestIsLocal && !req.secure && !options.allowInsecureHTTP) {
-        //Disallow HTTP requests except on localhost, to prevent the master key from being transmitted in cleartext
-        return res.send({ success: false, error: 'Parse Dashboard can only be remotely accessed via HTTPS' });
-      }
+      if (!options.dev && !requestIsLocal) {
+        if (!req.secure && !options.allowInsecureHTTP) {
+          //Disallow HTTP requests except on localhost, to prevent the master key from being transmitted in cleartext
+          return res.send({ success: false, error: 'Parse Dashboard can only be remotely accessed via HTTPS' });
+        }
 
-      if (!requestIsLocal && !users) {
-        //Accessing the dashboard over the internet can only be done with username and password
-        return res.send({ success: false, error: 'Configure a user to access Parse Dashboard remotely' });
+        if (!users) {
+          //Accessing the dashboard over the internet can only be done with username and password
+          return res.send({ success: false, error: 'Configure a user to access Parse Dashboard remotely' });
+        }
       }
-
       const authentication = req.user;
 
       const successfulAuth = authentication && authentication.isAuthenticated;
@@ -139,7 +140,7 @@ module.exports = function(config, options) {
 
       //They didn't provide auth, and have configured the dashboard to not need auth
       //(ie. didn't supply usernames and passwords)
-      if (requestIsLocal) {
+      if (requestIsLocal || options.dev) {
         //Allow no-auth access on localhost only, if they have configured the dashboard to not need auth
         return res.json(response);
       }
@@ -202,6 +203,9 @@ module.exports = function(config, options) {
       if (users && (!req.user || !req.user.isAuthenticated)) {
         return res.redirect(`${mountPath}login`);
       }
+      if (users && req.user && req.user.matchingUsername ) {
+        res.append('username', req.user.matchingUsername);
+      }
       res.send(`<!DOCTYPE html>
         <head>
           <link rel="shortcut icon" type="image/x-icon" href="${mountPath}favicon.ico" />
 
@@ -16,6 +16,7 @@ const program = require('commander');
 program.option('--appId [appId]', 'the app Id of the app you would like to manage.');
 program.option('--masterKey [masterKey]', 'the master key of the app you would like to manage.');
 program.option('--serverURL [serverURL]', 'the server url of the app you would like to manage.');
+program.option('--dev', 'Enable development mode. This will disable authentication and allow non HTTPS connections. DO NOT ENABLE IN PRODUCTION SERVERS');
 program.option('--appName [appName]', 'the name of the app you would like to manage. Optional.');
 program.option('--config [config]', 'the path to the configuration file');
 program.option('--host [host]', 'the host to run parse-dashboard');
@@ -35,6 +36,7 @@ const mountPath = program.mountPath || process.env.MOUNT_PATH || '/';
 const allowInsecureHTTP = program.allowInsecureHTTP || process.env.PARSE_DASHBOARD_ALLOW_INSECURE_HTTP;
 const cookieSessionSecret = program.cookieSessionSecret || process.env.PARSE_DASHBOARD_COOKIE_SESSION_SECRET;
 const trustProxy = program.trustProxy || process.env.PARSE_DASHBOARD_TRUST_PROXY;
+const dev = program.dev;
 
 if (trustProxy && allowInsecureHTTP) {
   console.log("Set only trustProxy *or* allowInsecureHTTP, not both.  Only one is needed to handle being behind a proxy.");
@@ -52,6 +54,25 @@ let configUserId = program.userId || process.env.PARSE_DASHBOARD_USER_ID;
 let configUserPassword = program.userPassword || process.env.PARSE_DASHBOARD_USER_PASSWORD;
 let configSSLKey = program.sslKey || process.env.PARSE_DASHBOARD_SSL_KEY;
 let configSSLCert = program.sslCert || process.env.PARSE_DASHBOARD_SSL_CERT;
+
+function handleSIGs(server) {
+  const signals = {
+    'SIGINT': 2,
+    'SIGTERM': 15
+  };
+  function shutdown(signal, value) {
+    server.close(function () {
+      console.log('server stopped by ' + signal);
+      process.exit(128 + value);
+    });
+  }
+  Object.keys(signals).forEach(function (signal) {
+    process.on(signal, function () {
+      shutdown(signal, signals[signal]);
+    });
+  });
+}
+
 if (!program.config && !process.env.PARSE_DASHBOARD_CONFIG) {
   if (configServerURL && configMasterKey && configAppId) {
     configFromCLI = {
@@ -114,14 +135,15 @@ p.then(config => {
 
   const app = express();
 
-  if (allowInsecureHTTP || trustProxy) app.enable('trust proxy');
+  if (allowInsecureHTTP || trustProxy || dev) app.enable('trust proxy');
 
   config.data.trustProxy = trustProxy;
-  let dashboardOptions = { allowInsecureHTTP: allowInsecureHTTP, cookieSessionSecret: cookieSessionSecret };
+  let dashboardOptions = { allowInsecureHTTP, cookieSessionSecret, dev };
   app.use(mountPath, parseDashboard(config.data, dashboardOptions));
+  let server;
   if(!configSSLKey || !configSSLCert){
     // Start the server.
-    const server = app.listen(port, host, function () {
+    server = app.listen(port, host, function () {
       console.log(`The dashboard is now available at http://${server.address().address}:${server.address().port}${mountPath}`);
     });
   } else {
@@ -130,13 +152,14 @@ p.then(config => {
     var privateKey = fs.readFileSync(configSSLKey);
     var certificate = fs.readFileSync(configSSLCert);
 
-    const server = require('https').createServer({
+    server = require('https').createServer({
       key: privateKey,
       cert: certificate
     }, app).listen(port, host, function () {
       console.log(`The dashboard is now available at https://${server.address().address}:${server.address().port}${mountPath}`);
     });
   }
+  handleSIGs(server);
 }, error => {
   if (error instanceof SyntaxError) {
     console.log('Your config file contains invalid JSON. Exiting.');
 
@@ -1,8 +1,8 @@
 {
   "apps": [{
-    "serverURL": "",
-    "appId": "",
-    "masterKey": "",
+    "serverURL": "http://localhost:1337/parse",
+    "appId": "hello",
+    "masterKey": "world",
     "appName": "",
     "iconName": "",
     "primaryBackgroundColor": "",