github parse-community/parse-server 4.5.0

Full Changelog


  • FIX: Consistent casing for afterLiveQueryEvent. The afterLiveQueryEvent was introduced in 4.4.0 with inconsistent casing for the event names, which was fixed in 4.5.0. #7023. Thanks to dblythy.
  • FIX: Properly handle serverURL and publicServerUrl in Batch requests. #7049. Thanks to Zach Goldberg.
  • IMPROVE: Prevent invalid column names (className and length). #7053. Thanks to Diamond Lewis.
  • IMPROVE: GraphQL: Remove viewer from logout mutation. #7029. Thanks to Antoine Cormouls.
  • IMPROVE: GraphQL: Optimize on Relation. #7044. Thanks to Antoine Cormouls.
  • NEW: Include sessionToken in onLiveQueryEvent. #7043. Thanks to dblythy.
  • FIX: Definitions for accountLockout and passwordPolicy. #7040. Thanks to dblythy.
  • FIX: Fix typo in server definitions for emailVerifyTokenReuseIfValid. #7037. Thanks to dblythy.
  • SECURITY FIX: LDAP auth stores password in plain text. See GHSA-4w46-w44m-3jq3 for more details about the vulnerability and da905a3 for the fix. Thanks to Fabian Strachanski.
  • NEW: Reuse tokens if they haven't expired. #7017. Thanks to dblythy.
  • NEW: Add LDAPS-support to LDAP-Authcontroller. #7014. Thanks to Fabian Strachanski.
  • FIX: (beforeSave/afterSave): Return value instead of Parse.Op for nested fields. #7005. Thanks to Diamond Lewis.
  • FIX: (beforeSave): Skip Sanitizing Database results. #7003. Thanks to Diamond Lewis.
  • FIX: Fix includeAll for querying a Pointer and Pointer array. #7002. Thanks to Corey Baker.
  • FIX: Add encryptionKey to src/options/index.js. #6999. Thanks to dblythy.
  • IMPROVE: Update PostgresStorageAdapter.js. #6989. Thanks to Vitaly Tomilov.
latest releases: 4.10.3, 4.10.2, 4.10.1...
9 months ago