5.5.0

5.5.0 (2023-05-20)

Features

• Add new Parse Server option fileUpload.fileExtensions to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern ^[^hH][^tT][^mM][^lL]?$, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to ['.*'] (#8537) (196e05f)

6.1.0-alpha.12

6.1.0-alpha.12 (2023-05-19)

Bug Fixes

• GridFS file storage doesn't work with certain enableSchemaHooks settings (#8467) (d4cda4b)

6.1.0-alpha.11

6.1.0-alpha.11 (2023-05-17)

Features

• extendSessionOnUse to automatically renew Parse Sessions (#8505) (6f885d3)

6.1.0-alpha.10

6.1.0-alpha.10 (2023-05-12)

Bug Fixes

• Cloud Code Trigger afterSave executes even if not set (#8520) (afd0515)

6.1.0-alpha.9

6.1.0-alpha.9 (2023-05-09)

Features

• Add option to change the log level of logs emitted by Cloud Functions (#8530) (2caea31)

6.1.0

6.1.0 (2023-05-01)

Bug Fixes

• LiveQuery can return incorrectly formatted date (#8456) (4ce135a)
• Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) (22d2446)
• Parameters missing in afterFind trigger of authentication adapters (#8458) (ce34747)
• Rate limiting across multiple servers via Redis not working (#8469) (d9e347d)
• Security upgrade jsonwebtoken to 9.0.0 (#8420) (f5bfe45)

Features

• Add afterFind trigger to authentication adapters (#8444) (c793bb8)
• Add option schemaCacheTtl for schema cache pulling as alternative to enableSchemaHooks (#8436) (b3b76de)
• Add Parse Server option resetPasswordSuccessOnInvalidEmail to choose success or error response on password reset with invalid email (#7551) (e5d610e)
• Add rate limiting across multiple servers via Redis (#8394) (34833e4)
• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)
• Deprecate LiveQuery fields option in favor of keys for semantic consistency (#8388) (a49e323)
• Export AuthAdapter to make it available for extension with custom authentication adapters (#8443) (40c1961)

6.1.0-beta.2

6.1.0-beta.2 (2023-05-01)

Bug Fixes

• LiveQuery can return incorrectly formatted date (#8456) (4ce135a)
• Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) (22d2446)
• Parameters missing in afterFind trigger of authentication adapters (#8458) (ce34747)
• Rate limiting across multiple servers via Redis not working (#8469) (d9e347d)

Features

• Add afterFind trigger to authentication adapters (#8444) (c793bb8)
• Add rate limiting across multiple servers via Redis (#8394) (34833e4)
• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)
• Export AuthAdapter to make it available for extension with custom authentication adapters (#8443) (40c1961)

6.1.0-alpha.8

6.1.0-alpha.8 (2023-05-01)

Features

• Allow multiple origins for header Access-Control-Allow-Origin (#8517) (4f15539)

5.4.3

5.4.3 (2023-03-22)

Bug Fixes

• Unable to create new role if beforeSave hook exists (#8474) (4f0f0ec)

6.1.0-alpha.7

6.1.0-alpha.7 (2023-03-10)

Bug Fixes

• Rate limiting across multiple servers via Redis not working (#8469) (d9e347d)