⚠️ This release removes prior Deprecations and includes Code Modifications

Changelog

Unique contributors: 19

PRs merged: 76

Features

• allow Redirect to use navigate options.replace #4704 by @odjhey
• Use GraphQL Yoga #4712 by @ardatan
• Send a 'ready' message to parent process if api server was spawned #4744 by @cannikin
• Adds baremetal deploy strategy #4750 by @cannikin
• Add yarn 3 to create redwood app template #4761 by @jtoar
• Auth Provider: Update Nhost to V2 #4770 by @nunopato
  • See Code Modification section below
• Add flightcontrol deploy command #4788 by @beerose
• Add Layer0 deploy command to CLI and docs #4886 by @tristanlee85
• Cleanup deprecated features #4856 by @callingmedic911
  • DEPRECATION: see section below
• Sets Secure cookie attribute in config template to be dependent on NODE_ENV #4722 by @cannikin
  • BREAKING: see sections below
• Pretty print query in DevFatalErrorPage for better DX and readability #4696 by @dthyresson
  • BREAKING: see sections below
• Update private routes and Set to use roles vs role #4681 by @dthyresson
  • BREAKING: see sections below
• netlify build with rw record #4618 by @aguscha333
  • RW Record is an experimental package. This release requires a Code Modification to deploy on Netlify

Fixed

• Catch getToken error and set token to null #4669 by @kengreeff
• Fix react/prop-types lint warnings #4674 by @callingmedic911
• fix(auth): hasRole handles when currentUser.roles is a string #4678 by @dac09
• Allow requireAuth directive to be used with a string or array of strings #4680 by @dthyresson
• Allow the number 0 for numericality validation values #4700 by @kwstewar
• Fix failing codemod test for RedwoodDevFatalErrorPage #4723 by @dthyresson
• Check for gql documents before running codegen #4728 by @Tobbe
• Serverles api template: Fix spelling #4736 by @Tobbe
• graphql-server types: Fix/format jsdocs #4737 by @Tobbe
• dbAuth: Prevent futureExpiresDate from changing when referenced in tests #4742 by @cannikin
• Service Validations - Adds error message for FormError fields #4756 by @dthyresson
• feat: only wrap affected resolver functions by using the 'onSchemaChange' hook with 'mapSchema' instead of the 'onResolverCalled' hook. #4760 by @n1ru4l
• When mocking a cell, set the id value as a String or Number based on the type of primary key #4778 by @dthyresson
• Always generate 200.html as part of web build | Change #4782 by @dac09
• Generate CRUD by default for SDL and Services to mitigate issues in GraphQL used in cells #4785 by @dthyresson
• Service Validations: Returns error message as an array in faked extensions #4792 by @cannikin
• Copy fix from learn PR #222 #4803 by @jtoar
• Copy fix from learn PR #221 #4804 by @jtoar
• Copy fix from learn PR #218 #4805 by @jtoar
• Reverse logic in smoke test for setting yarn 1 #4806 by @jtoar
• Copy fix from learn PR #217 #4807 by @jtoar
• Copy fix from learn PR #213 #4808 by @jtoar
• Copy fix from learn PR #207 #4809 by @jtoar
• Copy fix from learn PR #198 #4810 by @jtoar
• Fix import in tutorial #4838 by @jtoar
• change flightcontrol setup to use yarn v3 and change cookie config #4843 by @flybayer
• Update algolia config #4851 by @jtoar
• Fix URL of all tutorial path #4852 by @simoncrypta
• Fix linting warnings on new gql function #4859 by @dac09
• Handle case when requestContext is undefined getting protocol #4864 by @dthyresson
• Make doc links to relative file paths #4866 by @jtoar
• Fix Request object passed to Yoga #4870 by @ardatan
• Fix favicon on docs site #4874 by @jtoar
• Fix favicon for docs site (continued) #4875 by @jtoar
• Try using URL for favicon #4876 by @jtoar
• event.requestContext can be optional for domain name #4877 by @dthyresson
• GraphQL Yoga / Rework multi and non-multi query string param handling when building request #4883 by @dthyresson
• add rw-server bin to core bins #4889 by @thedavidprice
• Fallback to localhost for hostname correctly and respect base64 encoded event bodies #4891 by @ardatan
• Use Node's Buffer.from to decode base64 instead of atob #4892 by @ardatan
• Fix link to docs/contributing #4893 by @jtoar

Chore

• Auth smoke tests #4673 by @dac09
• Remove supertokens-node from packages/api dependencies #4715 by @dthyresson
• jwtVerifier: Remove unreachable code #4734 by @Tobbe
• useRequireAuth: Refactor to make it easier to read #4738 by @Tobbe
• Move tutorial and docs into main repo #4749 by @jtoar
• [Renovate] Ignore @types/lru-cache #4759 by @jtoar
• (docs) update link to Tutorial forms section #4771 by @thedavidprice
• Update links and codeblocks in tutorial #4781 by @jtoar
• Documents how to regenerate just SDL #4787 by @dthyresson
• Skip v44.x updateJestConfig codemod test #4789 by @dac09
• Reorg codemod for dev fatal error page #4790 by @dac09
• Chore: Change yarn cache key, to bust invalid cache #4791 by @dac09
• Updates Saving Data section with Service Validations #4796 by @cannikin
• Consider not running CI on changes to docs #4816 by @jtoar
• Copy content and fixes from redwoodjs.com #4819 by @jtoar
• (docs) add Flightcontrol.dev Deploy #4826 by @thedavidprice
• Minor tweaks to the "regenerate" docs #4841 by @Tobbe
• Reorgnize tutorial into chapters #4855 by @cannikin
• Change reference link to the docs #4845 by @joriswill
• Remove pre-v1 warning #4865 by @thedavidprice
• Restore some redwood-iness to the docs styles #4881 by @jtoar

Package Dependencies

Removed Deprecations and Breaking Changes

This release removes prior deprecations and has breaking changes.

Removed binary rw-api-server; replaced with rw-server [side]

This bin is used for running the Fastify server, which is called when you run yarn rw serve.

Projects should use yarn rw-server api. Also takes web positional (or both).

dbAuth: removed COOKIE_META cookies

PR #4722 dbAuth cookie config has moved to api/src/function/auth.js for better customization. See:

• https://redwoodjs.com/docs/authentication#cookie-config

Refer to Code Modification below to update.

DevFatalErrorPage now pretty prints query

PR #4696 updates src/components/FatalErrorPage.tsx

Refer to Code Modification below to update.

Private routes and Set now use roles (instead of role)

PR #4681 Changes the use of Router role to be replaced by roles plural.

Projects using role for RBAC will need to make a Code Modification

Code Modifications

Update DevFatalErrorPage

We've made a small change to FatalErrorPage make sure your bundle sizes are as small as possible!
If you only have the default FatalErrorPage, you can run our automatic codemod to pull in the latest changes.

npx @redwoodjs/codemods@canary update-dev-fatal-error-page

If you've customised your error page, just a small tweak is needed:

// src/components/FatalErrorPage.tsx
if (process.env.NODE_ENV === 'development') {
-  RedwoodDevFatalErrorPage = require('@redwoodjs/web').DevFatalErrorPage
+  RedwoodDevFatalErrorPage = require('@redwoodjs/web/dist/components/DevFatalErrorPage').DevFatalErrorPage
}

Update roles for role in Private routes and Sets

Projects using roles and RBAC will need to change any prop in Routes.ts|js named role to roles. The value can be a string or array of strings, which is consistent with previous behavior.

Example:

- <Private unauthenicated="home" role="admin">
+ <Private unauthenicated="home" roles="admin">

Netlify Deploy: Update .toml

PR #4782 improves prerender performance on Jamstack deploy providers. For most cases, the changes are automatic.

It is recommended that projects deploying to Netlify should update netlify.toml:

[[redirects]]
   from = "/*"
-  to = "/index.html"
+  to = "/200.html"
   status = 200
 `

Nhost Auth: Upgrade to v2

PR #4770 updates Nhost Auth provider to use Nhost v2.

Existing projects using Nhost need to use the new Nhost SDK. Make the following changes to Auth.ts|js:

- import { createClient } from 'nhost-js-sdk'
+ import { NhostClient } from '@nhost/nhost-js'

- const nhostClient = createClient({
-  baseUrl: 'url'
+ const nhostClient = new NhostClient({
+  backendUrl: 'url' 
})

dbAuth: Set Secure Cookie Attribute in Config Template

If you're using dbAuth with the new cookie config that we added to api/src/functions/auth.js in the last release, you'll need to make a change if you use Safari as your dev browser, or if you access your dev server at a host other than localhost (you may have noticed that you can't stay logged in).

Change the Secure config to this:

cookie: {
  HttpOnly: true,
  Path: '/',
  SameSite: 'Strict',
- Secure: true,
+ Secure: process.env.NODE_ENV !== 'development' ? true : false,
},

This will set the cookie to not secure when in a development environment, but otherwise true everywhere else (like in production). Chrome has an exception that you can set a secure cookie over HTTP, but only if the domain is localhost. Safari does not have this exception!

Deploy Redwood Record on Netlify (experimental)

See #4618

Redwood Record datamodel file
In order to fix the Netlify deploy when using Redwood Record the datamodel.json generated by running yarn rw record init was moved and will now be tracked under git.

How to Update
If you are using the RedwoodRecord lib the only thing you have to do is run yarn rw record init again and you'll be good to go.