Releases: globus/static-data-portal
v3.0.3
v3.0.2
v3.0.1
v3.0.0
3.0.0 (2025-04-03)
We're happy to announce another major upgrade to the data portal, ready for your deployment!
If you have any questions or issues with your portal, feel free to open a GitHub Issue or contact Globus Support at support@globus.org.
New Features
We've made some big improvements to the browse collections interface, surfacing many of the filters you may be familiar with from the Globus web application. A collection preview has been added, revealing even more information about the collection before attempting to open.
Why a major release?
Internally, we've upgraded Next.js (15) and React (19) to their latest major versions – the portal code has been updated to reflect these changes. If you've only modified your application using content and the static.json file, no changes are required, but if you have altered the generator code (e.g. using overrides), these changes may require additional updates.
⚠ BREAKING CHANGES
- Upgrades core dependencies (Next.js + React) (#451)
Features
v2.1.0
2.1.0 (2024-11-15)
Features
- Adds "Clear Selected" button to the source file browser. (79058b6)
- Adds "Search All Collections" toggle in the search panel. (79058b6)
- Updates Destination search to hide collections the user does not have Transfer-related permissions on (by default) (#370) (79058b6)
Fixes
v2.0.0
2.0.0 (2024-10-29)
⚠ BREAKING CHANGES
The portal will now store authorization tokens in memory (previously localStorage) by default. This change underlines our commitment to providing a "secure by default" implementation.
How is In-Memory Storage More Secure?
When using our GitHub Template Repository to create a portal, your portal is automatically configured to deploy to GitHub Pages. Without a custom domain configuration, your application will be deployed to {username}.github.io/{repository-name}. Due to the same origin access policies of localStorage this means any application you1 deploy to GitHub pages would have access to items placed in localStorage by the portal. We believe this default behavior is the less secure option and can lead to unexpected behavior based on your GitHub account usage.
Explaining the Breaking Change
With this new default, the end-user experience around authorization will change to requiring users to authenticate when the portal's browser window is closed. Due to the nature of this change we have flagged this change as a "breaking change", resulting in a major version bump. While we do believe most users should update without making changes to their static.json file, we have included the ability to opt-in to the previous behavior of storing authorization information in localStorage. Before enabling this functionality, we recommend being aware of security best practices related to localStorage, using a custom domain for your portal to better lock down origin access, or having policies in place to avoid unintended access when using the default GitHub Pages domain.
To opt out of this change, a new property in the static.json has been added to enable localStorage storage of authorization data (data.attributes.features.useLocalStorage).
{
"_static": {
"generator": {
"name": "@globus/static-data-portal"
}
},
"data": {
"version": "1.0.0",
"attributes": {
"features": {
"useLocalStorage": true
}
}
}
}Features
-
localStorageis only available to applications on the same origin, which includes subdomain; Access is only shared with GitHub Pages applications or sites on the same account, not other GitHub account's deployments. ↩
