feat: Update @parse/push-adapter to 7.0

[Moumouls]

Pull Request

• Report security issues confidentially.
• Any contribution is under this license.
• Link this pull request to an issue.

Issue

Closes: #9913

Approach

Some tests needed to be migrated to fetch, because they worked before by luck because of the indirect installation of "request" package

Tasks

• Add tests
• Add changes to documentation (guides, repository pages, code comments)

Summary by CodeRabbit

• Dependencies

  • Updated @parse/push-adapter to version 7.0.0

• Updates

  • Android push notifications now require Firebase Service Account credentials instead of legacy senderId/apiKey format

• Documentation

  • Improved README formatting, styling, and consistency across multiple sections

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant]

🚀 Thanks for opening this pull request!

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates the Parse push adapter infrastructure to support Firebase Service Account authentication. It bumps the push adapter dependency, updates test configurations to use a new service account structure instead of legacy credentials, refactors test HTTP requests to use async fetch, and updates documentation with formatting corrections.

Changes

Cohort / File(s)	Change Summary
Dependency Updates package.json	Bumps @parse/push-adapter from 6.11.0 to 7.0.0
Documentation README.md	Cosmetic and formatting updates: emphasis style changes, table formatting adjustments, code sample consistency (quoting and trailing commas), punctuation/spacing adjustments, and note block reformatting. No functional logic changes.
Push Adapter Configuration spec/AdapterLoader.spec.js, spec/helper.js	Changes Android push adapter configuration from simple senderId/apiKey fields to a nested firebaseServiceAccount object with full service account credentials (type, project_id, private_key_id, private_key, client_email, client_id, auth_uri, token_uri, auth_provider_x509_cert_url, client_x509_cert_url, universe_domain).
Test Helper Refactoring spec/ParseLiveQueryServer.spec.js	Replaces legacy callback-based HTTP requests with async fetch-based approach in setPermissionsOnClass helper: now uses PUT for updates and POST otherwise, includes JSON body with classLevelPermissions, adds Content-Type: application/json header, and throws on API errors. Minor formatting: cloudCodeHandler.handler arrow function body adjusted.
Source Code Comments src/Adapters/Push/PushAdapter.js	Updates comment to reflect that the default PushAdapter uses FCM instead of GCM for Android.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Firebase Service Account migration: Verify the complete service account structure is correctly reflected in both test configurations and is compatible with the updated @parse/push-adapter v7.0.0
• Async fetch implementation: Review error handling and response parsing logic in setPermissionsOnClass helper to ensure proper exception propagation
• Dependency breaking changes: Confirm the v7.0.0 bump of @parse/push-adapter is compatible with the service account configuration changes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title 'feat: Update @parse/push-adapter to 7.0' directly and clearly summarizes the main change—updating a dependency to version 7.0.
Description check	✅ Passed	The description includes a linked issue (9913), explains the approach (migrating tests to fetch), and marks relevant tasks as complete, but leaves some sections minimal.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[parseplatformorg]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9ed9af4 and ea4508f.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (6)

• README.md (34 hunks)
• package.json (1 hunks)
• spec/AdapterLoader.spec.js (1 hunks)
• spec/ParseLiveQueryServer.spec.js (3 hunks)
• spec/helper.js (1 hunks)
• src/Adapters/Push/PushAdapter.js (1 hunks)

🧰 Additional context used

🧠 Learnings (12)

📓 Common learnings

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-17T15:02:48.786Z
Learning: For Parse Server PRs, always suggest an Angular commit convention PR title that would make a meaningful changelog entry for developers. Update the PR title suggestion on every commit. The format should be: type(scope): description. Common types include feat, fix, perf, refactor, docs, test, chore. The scope should identify the subsystem (e.g., graphql, rest, push, security). The description should be action-oriented and clearly convey the change's impact to developers.

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-08T13:46:04.940Z
Learning: When reviewing Parse Server PRs that add new features, always check whether the feature is documented in the README.md file, though for new Parse Server options this is optional rather than required.

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-17T15:02:24.824Z
Learning: For Parse Server PRs, always suggest an Angular-style PR title that would make a meaningful changelog entry for developers. Update the PR title suggestion with every new commit to the PR.

📚 Learning: 2025-04-30T19:31:35.344Z

Learnt from: RahulLanjewar93
Repo: parse-community/parse-server PR: 9744
File: spec/ParseLiveQuery.spec.js:0-0
Timestamp: 2025-04-30T19:31:35.344Z
Learning: In the Parse Server codebase, the functions in QueryTools.js are typically tested through end-to-end behavior tests rather than direct unit tests, even though the functions are exported from the module.

Applied to files:

• package.json
• spec/ParseLiveQueryServer.spec.js

📚 Learning: 2025-11-17T15:02:48.786Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-17T15:02:48.786Z
Learning: For Parse Server PRs, always suggest an Angular commit convention PR title that would make a meaningful changelog entry for developers. Update the PR title suggestion on every commit. The format should be: type(scope): description. Common types include feat, fix, perf, refactor, docs, test, chore. The scope should identify the subsystem (e.g., graphql, rest, push, security). The description should be action-oriented and clearly convey the change's impact to developers.

Applied to files:

• README.md

📚 Learning: 2025-11-08T13:46:04.940Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-08T13:46:04.940Z
Learning: For new Parse Server options, verify that the option is documented in src/Options/index.js and that npm run definitions has been executed to reflect changes in src/Options/docs.js and src/Options/Definitions.js. README.md documentation is a bonus but not required for new options.

Applied to files:

• README.md

📚 Learning: 2025-09-21T15:43:32.265Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 9858
File: src/GraphQL/ParseGraphQLServer.js:176-178
Timestamp: 2025-09-21T15:43:32.265Z
Learning: The GraphQL playground feature in ParseGraphQLServer.js (applyPlayground method) is intended for development environments only, which is why it includes the master key in client-side headers.

Applied to files:

• README.md

📚 Learning: 2025-11-08T13:46:04.940Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-08T13:46:04.940Z
Learning: When reviewing Parse Server PRs that add new features, always check whether the feature is documented in the README.md file, though for new Parse Server options this is optional rather than required.

Applied to files:

• README.md

📚 Learning: 2025-11-17T15:02:24.824Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 0
File: :0-0
Timestamp: 2025-11-17T15:02:24.824Z
Learning: For Parse Server PRs, always suggest an Angular-style PR title that would make a meaningful changelog entry for developers. Update the PR title suggestion with every new commit to the PR.

Applied to files:

• README.md

📚 Learning: 2025-05-04T20:41:05.147Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 9445
File: spec/ParseLiveQuery.spec.js:1312-1338
Timestamp: 2025-05-04T20:41:05.147Z
Learning: New tests in the parse-server repository should use async/await with promise-based patterns rather than callback patterns with `done()`.

Applied to files:

• spec/ParseLiveQueryServer.spec.js

📚 Learning: 2025-05-09T09:59:06.289Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 9445
File: spec/ParseLiveQuery.spec.js:1340-1375
Timestamp: 2025-05-09T09:59:06.289Z
Learning: New tests in the parse-server repository should use async/await with promise-based patterns rather than callback patterns with `done()`. The preferred pattern is to create a Promise that resolves when an expected event occurs, then await that Promise.

Applied to files:

• spec/ParseLiveQueryServer.spec.js

📚 Learning: 2025-05-09T09:59:06.289Z

Learnt from: mtrezza
Repo: parse-community/parse-server PR: 9445
File: spec/ParseLiveQuery.spec.js:1340-1375
Timestamp: 2025-05-09T09:59:06.289Z
Learning: Tests in the parse-server repository should use promise-based approaches rather than callback patterns with `done()`. Use a pattern where a Promise is created that resolves when the event occurs, then await that promise.

Applied to files:

• spec/ParseLiveQueryServer.spec.js

📚 Learning: 2025-10-16T19:27:05.311Z

Learnt from: Moumouls
Repo: parse-community/parse-server PR: 9883
File: spec/CloudCodeLogger.spec.js:410-412
Timestamp: 2025-10-16T19:27:05.311Z
Learning: In spec/CloudCodeLogger.spec.js, the test "should log cloud function triggers using the silent log level" (around lines 383-420) is known to be flaky and requires the extra `await new Promise(resolve => setTimeout(resolve, 100))` timeout after awaiting `afterSavePromise` for reliability, even though it may appear redundant.

Applied to files:

• spec/ParseLiveQueryServer.spec.js

📚 Learning: 2025-08-27T09:08:34.252Z

Learnt from: EmpiDev
Repo: parse-community/parse-server PR: 9770
File: src/triggers.js:446-454
Timestamp: 2025-08-27T09:08:34.252Z
Learning: When analyzing function signature changes in Parse Server codebase, verify that call sites are actually incorrect before flagging them. Passing tests are a strong indicator that function calls are already properly aligned with new signatures.

Applied to files:

• spec/ParseLiveQueryServer.spec.js

🧬 Code graph analysis (1)

spec/ParseLiveQueryServer.spec.js (1)

spec/ParseGraphQLServer.spec.js (1)

• fetch (4-4)

🪛 Gitleaks (8.29.0)

spec/AdapterLoader.spec.js

[high] 112-112: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.

(private-key)

spec/helper.js

[high] 143-143: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.

(private-key)

🪛 LanguageTool

README.md

[grammar] ~331-~331: Ensure spelling is correct
Context: ...ailAdapterOptions, }, }, }); ``` Offical email adapters maintained by Parse Plat...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~772-~772: Use a hyphen to join words.
Context: ...Y --logLevel LOG_LEVEL` **Want new line delimited JSON error logs (for consumpti...

(QB_NEW_EN_HYPHEN)

---

[style] ~772-~772: In American English, abbreviations like “etc.” require a period.
Context: ...on by CloudWatch, Google Cloud Logging, etc)?** Pass the JSON_LOGS environment va...

(ETC_PERIOD)

🪛 markdownlint-cli2 (0.18.1)

README.md

189-189: Link text should be descriptive

(MD059, descriptive-link-text)

---

823-823: Bare URL used

(MD034, no-bare-urls)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (15)

• GitHub Check: PostgreSQL 18, PostGIS 3.6
• GitHub Check: MongoDB 6, ReplicaSet
• GitHub Check: PostgreSQL 16, PostGIS 3.5
• GitHub Check: PostgreSQL 17, PostGIS 3.5
• GitHub Check: Node 20
• GitHub Check: MongoDB 8, ReplicaSet
• GitHub Check: PostgreSQL 15, PostGIS 3.5
• GitHub Check: Node 22
• GitHub Check: PostgreSQL 15, PostGIS 3.4
• GitHub Check: Docker Build
• GitHub Check: Node 18
• GitHub Check: Redis Cache
• GitHub Check: PostgreSQL 15, PostGIS 3.3
• GitHub Check: MongoDB 7, ReplicaSet
• GitHub Check: Benchmarks

🔇 Additional comments (6)

src/Adapters/Push/PushAdapter.js (1)

11-12: Documentation accurately updated.

The comment correctly reflects that FCM (Firebase Cloud Messaging) is now used instead of the deprecated GCM (Google Cloud Messaging). This aligns with the push adapter upgrade.

spec/ParseLiveQueryServer.spec.js (2)

157-175: LGTM! Test helper modernized to async/await.

The refactoring from callback-based HTTP requests to async fetch with proper error handling aligns with modern testing practices. The function correctly:

• Uses async/await instead of callbacks
• Determines HTTP method (PUT for updates, POST otherwise)
• Includes proper headers and JSON body
• Handles errors appropriately

Based on learnings: New tests in Parse Server should use async/await patterns.

---

632-632: Minor formatting improvement.

The empty function body is now consistently formatted.

README.md (1)

1-1154: Documentation formatting improvements.

The README updates are purely cosmetic, improving consistency in:

• Emphasis styling
• Table formatting
• Code sample formatting
• Punctuation and spacing

No functional documentation changes detected.

spec/helper.js (1)

139-152: Default test configuration updated consistently.

The default test configuration now uses the new firebaseServiceAccount structure, ensuring all tests that rely on defaultConfiguration will use the correct format for @parse/push-adapter 7.0.

This change is consistent with the update in spec/AdapterLoader.spec.js.

Note: The Gitleaks warning about the private key on line 143 is expected—this is mock test data shared across test files.

package.json (1)

29-29: Verify implementation aligns with @parse/push-adapter 7.0.0 breaking changes and update PR title.

The 7.0.0 release includes a breaking change: removal of Google Cloud Messaging (GCM) API and migration to FCM HTTP v1 API, requiring a service account JSON instead of the legacy apiKey. Your configuration shift claim is verified as accurate. The codebase specs already reference the correct firebaseServiceAccount structure, but verify that all implementation code properly supports this migration (e.g., authentication flows, error handling, legacy API references removed).

Consider updating the PR title to clearly signal the breaking change per Angular convention:

feat(push)!: upgrade to @parse/push-adapter 7.0 with FCM HTTP v1 migration

The ! denotes a breaking change and the description conveys the impact to users who must migrate authentication.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Breaking change: verify migration documentation exists.

The Android push configuration has changed from a simple senderId/apiKey structure to requiring a complete Firebase service account JSON object. This is a breaking change that will require all Parse Server users with Android push configured to update their configuration.

Ensure that:

1. Migration documentation exists explaining how users obtain their Firebase service account JSON
2. The changelog clearly marks this as a BREAKING CHANGE
3. The Parse Server upgrade guide includes this migration step

Note: The Gitleaks warning about the private key on line 112 is expected—this is mock test data, not a real credential.

---

🌐 Web query:

Where can users find documentation on obtaining a Firebase service account JSON file for Parse Server push notifications?

💡 Result:

You can find step‑by‑step instructions in the Firebase docs (generate a service account JSON under Project settings → Service accounts / “Generate new private key”). (firebase.google.com)

Parse Server’s push documentation and its push‑adapter README also reference using that Firebase service account JSON (firebaseServiceAccount / path) for FCM configuration. (github.com)

Citations:

• 1: https://firebase.google.com/docs/admin/setup?utm_source=openai
• 2: https://github.com/parse-community/parse-server-push-adapter?utm_source=openai

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Search for changelog entries about Android push configuration breaking change
find . -type f -name "CHANGELOG*" -o -name "changelog*" -o -name "HISTORY*" | head -20

Length of output: 124

---

🏁 Script executed:

#!/bin/bash
# Search for upgrade guide or migration documentation
find . -type f \( -name "*UPGRADE*" -o -name "*upgrade*" -o -name "*MIGRATION*" -o -name "*migration*" \) -type f | head -20

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check push-adapter references in documentation
rg -i "firebaseServiceAccount|firebase.*service.*account" --type=md -A 2 -B 2 | head -100

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Search for references to Android push or FCM configuration changes
rg -i "android.*push|fcm.*config|breaking.*change" --type=md | head -50

Length of output: 9400

---

🏁 Script executed:

#!/bin/bash
# Check README for push configuration documentation
rg -i "push.*notification|firebase.*account" README.md -A 3 -B 1 | head -60

Length of output: 269

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Search all changelogs for push-adapter or FCM breaking changes
rg -i "push-adapter|@parse/push|fcm|firebase" ./CHANGELOG.md ./changelogs/ -A 2 -B 1 | head -150

Length of output: 9895

---

🏁 Script executed:

#!/bin/bash
# Check DEPRECATIONS.md for any push-related deprecations
cat DEPRECATIONS.md | head -100

Length of output: 4791

---

🏁 Script executed:

#!/bin/bash
# Look at the test file to understand what change is being tested
cat spec/AdapterLoader.spec.js | grep -A 30 -B 5 "firebaseServiceAccount" | head -80

Length of output: 2928

---

🏁 Script executed:

#!/bin/bash
# Search for any documentation about push configuration in docs or guides
find . -type f -name "*.md" -exec grep -l "push.*configuration\|android.*push" {} \; | head -20

Length of output: 0

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Check package.json for push-adapter version
grep -A 2 -B 2 "parse/push-adapter\|push-adapter" package.json

Length of output: 165

---

🏁 Script executed:

#!/bin/bash
# Search README for any push configuration guidance
grep -n -i "push\|fcm\|android" README.md | head -30

Length of output: 184

---

🏁 Script executed:

#!/bin/bash
# Search for any docs folder with push documentation
find . -type f -name "*.md" -path "*/doc*" -o -path "*/guide*" 2>/dev/null | head -20

Length of output: 0

---

🏁 Script executed:

#!/bin/bash
# Check if there's any migration info in the push adapter options/config documentation
find . -type f -name "*.md" | xargs grep -l "firebaseServiceAccount" 2>/dev/null

Length of output: 0

---

Breaking change in push-adapter 7.0.0 lacks adequate migration documentation in Parse Server.

The test confirms that Parse Server now uses @parse/push-adapter 7.0.0, which introduces a breaking change to Android push configuration (from simple senderId/apiKey to full Firebase service account JSON). However, Parse Server's own documentation does not guide users through this migration:

• README.md only links generically to external "Push Notifications quick start" without explaining the configuration change
• CHANGELOG/changelogs do not explicitly mark the push-adapter 7.0.0 upgrade as a BREAKING CHANGE
• No migration or upgrade guide exists in the repository

Users upgrading Parse Server to versions that include push-adapter 7.0.0 will encounter configuration errors without guidance. Parse Server should add to README.md or create an upgrade guide explaining:

1. The configuration change (old vs new format)
2. How to obtain Firebase service account JSON
3. Migration steps for existing deployments

🧰 Tools

🪛 Gitleaks (8.29.0)

[high] 112-112: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.

(private-key)

🤖 Prompt for AI Agents

In spec/AdapterLoader.spec.js around lines 108 to 121, the test and review point
out that the upgrade to @parse/push-adapter 7.0.0 is a breaking change (Android
push config moved from senderId/apiKey to full Firebase service account JSON)
but the repo lacks migration docs; update the repository documentation by adding
a clear upgrade note and migration guide: modify README.md (or add
docs/upgrading/push-adapter-7.md) to explicitly document the old vs new
configuration formats, step-by-step instructions to obtain a Firebase service
account JSON, and example migration steps for existing Parse Server deployments,
and update the CHANGELOG to mark push-adapter 7.0.0 as a BREAKING CHANGE
referencing the new docs.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.08%. Comparing base (94cee5b) to head (ea4508f).
⚠️ Report is 1 commits behind head on alpha.

Additional details and impacted files

@@           Coverage Diff           @@
##            alpha    #9938   +/-   ##
=======================================
  Coverage   93.08%   93.08%           
=======================================
  Files         187      187           
  Lines       15275    15275           
  Branches      177      177           
=======================================
  Hits        14219    14219           
  Misses       1044     1044           
  Partials       12       12           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.