@redwoodjs/core 0.32.2

v0.32.2

on Node.js NPM

v0.32 Highlights 🎉

☂️ <Set> now takes the prop private to mark a set of routes as Private

For those who like to be less verbose, you can now mark a whole set of Routes as private, without wrapping it in an explicit <Private> block. All the juicy details here: Redwood Router docs

🔐 Secure Services by default (experimental)

Auth is hard. So is accidentally exposing functionality to the interwebs because you forgot to check for auth in your graphQL query. This release we're shipping some nifty tricks that make your services secure by default, so we can finally say Auth is was hard. Make sure you read the upgrade guide below to add this functionality to your existing Redwood app.

• Forum Announcement and Discussion Thread
• Redwood Services Doc

📖 Redwood Security Docs

In addition to documentation about securing Services, Redwood contributors have added and updated many docs with security-specific content, from general overviews to best practices to How-tos. Take a look:

• Redwood Security
• Serverless Function Security Considerations
• Webhooks
• GraphQL Security

Fixed

• Lock engines package.json: node 14.x, yarn 1.x (#2474) 6661670 @Tobbe
• Fix babel loose warnings & SVG import (#2475) 9d854ec @dac09
• Call any included onClick before navigating with <Link> and <NavLink> (#2346) 740ca2d @cannikin
• Fix runtime error "Cannot find module 'prettier'" (#2498) 2e2048a @peterp
• Update error message to reference "rules" instead of "before" 130507c @cannikin
• Stop msw from prompting for the file (#2512) caa4298 @jtoar

Added

• MSW integration: update package, expose additional features (#2063) 4852a6c @msutkowski
• Decode Nhost JWT and add in needed claims and roles for API side (#2350) dace5ef @dthyresson
• Allow private prop on Set (#2364) cb50977 @Tobbe
• Create github workflow to publish release candidate (#2399) ccde222 @renansoares
• Secure Services with beforeResolver (#2272) 064a34d @cannikin
• Pass service args through to beforeResolver verification functions (#2363) 30aec82 @cannikin

Changed

• Rework and Cleanup Seed template for Typescript and multiple inserts (#2432) fe57eed @dthyresson
• Tidies auth template by removing verbose comments (#2433) 6fd86c4 @dthyresson
• Silences log output when in Test environment and with Webhook verifiers (#2491) a6db163 @dthyresson
• improve rw upgrade command and remove "publish PR packages" option (#2497) 0fb8a3b @dac09
• Ignore dev.db-journal (#2496) f19481b @bozdoz
• Bump ts-morph in rw/structure (#2415) 281fda3 @dac09
• upgrade React (et al.) to v17.0.2 (#2375) 7fe4da6 @thedavidprice
• upgrade prisma v2.22.1 (#2493) eb1872f @thedavidprice
• upgrade eslint v7.25.0 and other eslint packages (#2391) 9d8e255 @thedavidprice
• Upgrade @typescript-eslint to v4.22 (dependabot) (#2366) d497c16 @thedavidprice

Breaking ⚠️

Nothing to see here! 🙈

How to Upgrade

Code Modifications

1. Bump React and React-dom versions; remove resolutions

Redwood internally bumped to React v17.0.2. Update the versions in your project's web/package.json (example file):

// web/package.json

-     "react": "^17.0.1",
-     "react-dom": "^17.0.1"
+     "react": "^17.0.2",
+     "react-dom": "^17.0.2"

And then remove the resolutions from package.json, which are no longer necessary (example file):

// ./package.json

-  },
-   "resolutions": {
-     "react": "17.0.1",
-     "react-dom": "17.0.1"
  }

2. Update .gitignore

If you are using SQLite, you might want to add the following to your project's .gitignore, which will exclude the file dev.db-journal from git commits:

- dev.db
+ dev.db*

Upgrade Packages to v0.32.x from v0.31.x

Run the following command within your App's directory:

yarn redwood upgrade

Ensure yarn has installed everything correctly by running:

yarn install --force

Upgrading from an earlier version?

Please follow the "how to upgrade" sections for each newer version here 👉 https://github.com/redwoodjs/redwood/releases, as there may be manual codemods needed for each version.

Upgrading to a version that is not the latest?

The command yarn rw upgrade will always upgrade to the latest (i.e. most recent) Redwood version. If you need to upgrade incrementally to a earlier, specific release, use the --tag option. For example, if you need to upgrade from v0.27.0 to v0.28.4, run the following command:

yarn redwood upgrade --tag 0.28.4

Need help or having trouble upgrading packages?

See this forum topic for manual upgrade instructions and general upgrade help.