From a7fd0eaaed57d9f92dbc79780cc27710d279c623 Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Thu, 10 Jun 2021 00:04:08 +0200 Subject: [PATCH 01/24] test and code --- spec/ParseQuery.spec.js | 34 ++++++++++++++++++++ src/Adapters/Storage/Mongo/MongoTransform.js | 13 +++++--- 2 files changed, 43 insertions(+), 4 deletions(-) diff --git a/spec/ParseQuery.spec.js b/spec/ParseQuery.spec.js index e196280a5c..f4c59e031f 100644 --- a/spec/ParseQuery.spec.js +++ b/spec/ParseQuery.spec.js @@ -4318,6 +4318,40 @@ describe('Parse.Query testing', () => { } }); + it('deeply nested Pointers (issue #7413)', async function (done) { + const parent = new Parse.Object('Parent'); + const child1 = new Parse.Object('Child'); + const child2 = new Parse.Object('Child'); + + parent.set('subDocument', { child: child1 }); + parent.set('children', [ + { child: child1, count: 2 }, + { child: child2, count: 3 }, + ]); + await parent.save(); + + // equalTo + const resultsEq = await new Parse.Query('Parent').equalTo('children.child', child1).find(); + expect(resultsEq.length).toBe(1); + + // direct subDocument equalTo + const resultsSubDocument = await new Parse.Query('Parent') + .equalTo('subDocument.child', child1) + .find(); + expect(resultsSubDocument.length).toBe(1); + + // subDocument in + const resultsSubDocumentIn = await new Parse.Query('Parent') + .containedIn('subDocument.child', [child1]) + .find(); + expect(resultsSubDocumentIn.length).toBe(1); + + // containedIn + const results = await new Parse.Query('Parent').containedIn('children.child', [child1]).find(); + expect(results.length).toBe(1); + done(); + }); + it('include with *', async () => { const child1 = new TestObject({ foo: 'bar', name: 'ac' }); const child2 = new TestObject({ foo: 'baz', name: 'flo' }); diff --git a/src/Adapters/Storage/Mongo/MongoTransform.js b/src/Adapters/Storage/Mongo/MongoTransform.js index 5578077778..db3431fbdd 100644 --- a/src/Adapters/Storage/Mongo/MongoTransform.js +++ b/src/Adapters/Storage/Mongo/MongoTransform.js @@ -316,7 +316,7 @@ function transformQueryKeyValue(className, key, value, schema, count = false) { } // Handle query constraints - const transformedConstraint = transformConstraint(value, field, count); + const transformedConstraint = transformConstraint(value, key, field, count); if (transformedConstraint !== CannotTransform) { if (transformedConstraint.$text) { return { key: '$text', value: transformedConstraint.$text }; @@ -766,12 +766,16 @@ function relativeTimeToDate(text, now = new Date()) { // If it is not a valid constraint but it could be a valid something // else, return CannotTransform. // inArray is whether this is an array field. -function transformConstraint(constraint, field, count = false) { - const inArray = field && field.type && field.type === 'Array'; +function transformConstraint(constraint, restKey, field, count = false) { if (typeof constraint !== 'object' || !constraint) { return CannotTransform; } - const transformFunction = inArray ? transformInteriorAtom : transformTopLevelAtom; + + // transformer + const inArray = field && field.type && field.type === 'Array'; + const inSubDocument = restKey.includes('.'); + const transformFunction = + inArray || inSubDocument ? transformInteriorAtom : transformTopLevelAtom; const transformer = atom => { const result = transformFunction(atom, field); if (result === CannotTransform) { @@ -779,6 +783,7 @@ function transformConstraint(constraint, field, count = false) { } return result; }; + // keys is the constraints in reverse alphabetical order. // This is a hack so that: // $regex is handled before $options From 3973c5fb38696d1788c1c7dd49ab08ba6f89a130 Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Thu, 10 Jun 2021 01:19:21 +0200 Subject: [PATCH 02/24] start of changelog update --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0bd81b3fe8..5167a057e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -134,6 +134,7 @@ ___ - Add NPM package-lock version check to CI (Manuel Trezza) [#7333](https://github.com/parse-community/parse-server/pull/7333) - Fix incorrect LiveQuery events triggered for multiple subscriptions on the same class with different events [#7341](https://github.com/parse-community/parse-server/pull/7341) - Fix select and excludeKey queries to properly accept JSON string arrays. Also allow nested fields in exclude (Corey Baker) [#7242](https://github.com/parse-community/parse-server/pull/7242) +- Fix querying deep nested pointers (Olivier Allouch) ___ ## 4.5.0 From bea4707783febc0fc6ea055835ffbc517cd2b067 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Fri, 11 Jun 2021 00:56:37 +0300 Subject: [PATCH 03/24] fix: package.json & package-lock.json to reduce vulnerabilities (#7423) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-WS-1296835 --- package-lock.json | 16 ++++------------ package.json | 2 +- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3501e0bc5c..7c95516f5d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11719,29 +11719,21 @@ } }, "subscriptions-transport-ws": { - "version": "0.9.18", - "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.18.tgz", - "integrity": "sha512-tztzcBTNoEbuErsVQpTN2xUNN/efAZXyCyL5m3x4t6SKrEiTL2N8SaKWBFWM4u56pL79ULif3zjyeq+oV+nOaA==", + "version": "0.9.19", + "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", + "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", "requires": { "backo2": "^1.0.2", "eventemitter3": "^3.1.0", "iterall": "^1.2.1", "symbol-observable": "^1.0.4", - "ws": "^5.2.0" + "ws": "^5.2.0 || ^6.0.0 || ^7.0.0" }, "dependencies": { "symbol-observable": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" - }, - "ws": { - "version": "5.2.2", - "resolved": "https://registry.npmjs.org/ws/-/ws-5.2.2.tgz", - "integrity": "sha512-jaHFD6PFv6UgoIVda6qZllptQsMlDEJkTQcybzzXDYM1XO9Y8em691FGMPmM46WGyLU4z9KMgQN+qrux/nhlHA==", - "requires": { - "async-limiter": "~1.0.0" - } } } }, diff --git a/package.json b/package.json index 80ae8cec27..7a4c806db4 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "pluralize": "8.0.0", "redis": "3.1.2", "semver": "7.3.4", - "subscriptions-transport-ws": "0.9.18", + "subscriptions-transport-ws": "0.9.19", "tv4": "1.3.0", "uuid": "8.3.2", "winston": "3.3.3", From 61affe26293f7218e88878d027514d68975cfc8c Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Fri, 11 Jun 2021 00:59:16 +0300 Subject: [PATCH 04/24] fix: upgrade mongodb from 3.6.6 to 3.6.7 (#7425) Snyk has created this PR to upgrade mongodb from 3.6.6 to 3.6.7. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7c95516f5d..c741a04b59 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9058,14 +9058,14 @@ "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" }, "mongodb": { - "version": "3.6.6", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.6.tgz", - "integrity": "sha512-WlirMiuV1UPbej5JeCMqE93JRfZ/ZzqE7nJTwP85XzjAF4rRSeq2bGCb1cjfoHLOF06+HxADaPGqT0g3SbVT1w==", + "version": "3.6.7", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.7.tgz", + "integrity": "sha512-VXW2bWz47LhAEw0qs8Mk2zRgQwgbXH16KAwQFtylBu0zXO8rkQmA8ncsYbmICaVutZeINRlXYXG3MDIz90NM3g==", "requires": { "bl": "^2.2.1", "bson": "^1.1.4", "denque": "^1.4.1", - "optional-require": "^1.0.2", + "optional-require": "^1.0.3", "safe-buffer": "^5.1.2", "saslprep": "^1.0.0" } @@ -9754,9 +9754,9 @@ } }, "optional-require": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/optional-require/-/optional-require-1.0.2.tgz", - "integrity": "sha512-HZubVd6IfHsbnpdNF/ICaSAzBUEW1TievpkjY3tB4Jnk8L7+pJ3conPzUt3Mn/6OZx9uzTDOHYPGA8/AxYHBOg==" + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/optional-require/-/optional-require-1.0.3.tgz", + "integrity": "sha512-RV2Zp2MY2aeYK5G+B/Sps8lW5NHAzE5QClbFP15j+PWmP+T9PxlJXBOOLoSAdgwFvS4t0aMR4vpedMkbHfh0nA==" }, "optionator": { "version": "0.8.3", diff --git a/package.json b/package.json index 7a4c806db4..12b008f806 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "lodash": "4.17.21", "lru-cache": "5.1.1", "mime": "2.5.2", - "mongodb": "3.6.6", + "mongodb": "3.6.7", "mustache": "4.2.0", "parse": "3.2.0", "pg-monitor": "1.4.1", From bfdb6a93e8c0d78524820b32abaff174776520f3 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Fri, 11 Jun 2021 01:00:00 +0300 Subject: [PATCH 05/24] fix: upgrade apollo-server-express from 2.24.0 to 2.24.1 (#7424) Snyk has created this PR to upgrade apollo-server-express from 2.24.0 to 2.24.1. See this package in npm: https://www.npmjs.com/package/apollo-server-express See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 198 ++++++++++++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 112 insertions(+), 88 deletions(-) diff --git a/package-lock.json b/package-lock.json index c741a04b59..d0f01ce7d3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -95,12 +95,9 @@ } }, "@apollographql/apollo-tools": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/@apollographql/apollo-tools/-/apollo-tools-0.5.0.tgz", - "integrity": "sha512-7IOZHVaKjBq44StXFJEITl4rxgZCsZFSWogAvIErKR9DYV20rt9bJ2mY5lCn+zghfGrweykjLb9g4TDxLg750w==", - "requires": { - "apollo-env": "^0.10.0" - } + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/@apollographql/apollo-tools/-/apollo-tools-0.5.1.tgz", + "integrity": "sha512-ZII+/xUFfb9ezDU2gad114+zScxVFMVlZ91f8fGApMzlS1kkqoyLnC4AJaQ1Ya/X+b63I20B4Gd+eCL8QuB4sA==" }, "@apollographql/graphql-playground-html": { "version": "1.6.27", @@ -1918,9 +1915,9 @@ } }, "@types/koa": { - "version": "2.13.1", - "resolved": "https://registry.npmjs.org/@types/koa/-/koa-2.13.1.tgz", - "integrity": "sha512-Qbno7FWom9nNqu0yHZ6A0+RWt4mrYBhw3wpBAQ3+IuzGcLlfeYkzZrnMq5wsxulN2np8M4KKeUpTodsOsSad5Q==", + "version": "2.13.3", + "resolved": "https://registry.npmjs.org/@types/koa/-/koa-2.13.3.tgz", + "integrity": "sha512-TaujBV+Dhe/FvmSMZJtCFBms+bqQacgUebk/M2C2tq8iGmHE/DDf4DcW2Hc7NqusVZmy5xzrWOjtdPKNP+fTfw==", "requires": { "@types/accepts": "*", "@types/content-disposition": "*", @@ -1955,15 +1952,6 @@ "resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.37.tgz", "integrity": "sha512-XYmBiy+ohOR4Lh5jE379fV2IU+6Jn4g5qASinhitfyO71b/sCo6MKsMLF5tc7Zf2CE8hViVQyYSobJNke8OvUw==" }, - "@types/node-fetch": { - "version": "2.5.10", - "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.5.10.tgz", - "integrity": "sha512-IpkX0AasN44hgEad0gEF/V6EgR5n69VEqPEgnmoM8GsIGro3PowbWs4tR6IhxUTyPLpOn+fiGG6nrQhcmoCuIQ==", - "requires": { - "@types/node": "*", - "form-data": "^3.0.0" - } - }, "@types/parse-json": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.0.tgz", @@ -2337,12 +2325,12 @@ } }, "apollo-cache-control": { - "version": "0.13.0", - "resolved": "https://registry.npmjs.org/apollo-cache-control/-/apollo-cache-control-0.13.0.tgz", - "integrity": "sha512-ImUXwVc/8K9QA3mQiKbKw8bOS4lMNL4DoP4hldIx+gwna8dgh3gBChgxW5guMOhcvH/55ximS7ZNWUglFmQY4Q==", + "version": "0.14.0", + "resolved": "https://registry.npmjs.org/apollo-cache-control/-/apollo-cache-control-0.14.0.tgz", + "integrity": "sha512-qN4BCq90egQrgNnTRMUHikLZZAprf3gbm8rC5Vwmc6ZdLolQ7bFsa769Hqi6Tq/lS31KLsXBLTOsRbfPHph12w==", "requires": { "apollo-server-env": "^3.1.0", - "apollo-server-plugin-base": "^0.12.0" + "apollo-server-plugin-base": "^0.13.0" } }, "apollo-cache-inmemory": { @@ -2424,21 +2412,10 @@ "apollo-server-env": "^3.1.0" } }, - "apollo-env": { - "version": "0.10.0", - "resolved": "https://registry.npmjs.org/apollo-env/-/apollo-env-0.10.0.tgz", - "integrity": "sha512-7Geot+eyOl4jzPi9beiszeDmEEVZOVT11LSlkQluF5eaCNaIvld+xklZxITZGI/Wr+PQX380YJgQt1ndR2GtOg==", - "requires": { - "@types/node-fetch": "^2.5.10", - "core-js": "^3.0.1", - "node-fetch": "^2.6.1", - "sha.js": "^2.4.11" - } - }, "apollo-graphql": { - "version": "0.9.2", - "resolved": "https://registry.npmjs.org/apollo-graphql/-/apollo-graphql-0.9.2.tgz", - "integrity": "sha512-+c/vqC2LPq3e5kO7MfBxDDiljzLog/THZr9Pd46HVaKAhHUxFL0rJEbT17VhjdOoZGWFWLYG7x9hiN6EQD1xZQ==", + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/apollo-graphql/-/apollo-graphql-0.9.3.tgz", + "integrity": "sha512-rcAl2E841Iko4kSzj4Pt3PRBitmyq1MvoEmpl04TQSpGnoVgl1E/ZXuLBYxMTSnEAm7umn2IsoY+c6Ll9U/10A==", "requires": { "core-js-pure": "^3.10.2", "lodash.sortby": "^4.7.0", @@ -2446,9 +2423,9 @@ }, "dependencies": { "core-js-pure": { - "version": "3.12.1", - "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.12.1.tgz", - "integrity": "sha512-1cch+qads4JnDSWsvc7d6nzlKAippwjUlf6vykkTLW53VSV+NkE6muGBToAjEA8pG90cSfcud3JgVmW2ds5TaQ==" + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.14.0.tgz", + "integrity": "sha512-YVh+LN2FgNU0odThzm61BsdkwrbrchumFq3oztnE9vTKC4KS2fvnPmcx8t6jnqAyOTCTF4ZSiuK8Qhh7SNcL4g==" } } }, @@ -2527,9 +2504,9 @@ } }, "apollo-reporting-protobuf": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/apollo-reporting-protobuf/-/apollo-reporting-protobuf-0.7.0.tgz", - "integrity": "sha512-PC+zDqPPJcseemqmvUEqFiDi45pz6UaPWt6czgmrrbcQ+9VWp6IEkm08V5xBKk7V1WGUw19YwiJ7kqXpcgVNyw==", + "version": "0.8.0", + "resolved": "https://registry.npmjs.org/apollo-reporting-protobuf/-/apollo-reporting-protobuf-0.8.0.tgz", + "integrity": "sha512-B3XmnkH6Y458iV6OsA7AhfwvTgeZnFq9nPVjbxmLKnvfkEl8hYADtz724uPa0WeBiD7DSFcnLtqg9yGmCkBohg==", "requires": { "@apollo/protobufjs": "1.2.2" } @@ -2553,38 +2530,47 @@ } }, "apollo-server-core": { - "version": "2.24.1", - "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.24.1.tgz", - "integrity": "sha512-+T7G2EsC5N/AVo0QJo13r1kFgJk0HTK55YlXbnpJl6qRUF8yKLXMittvIfTWge0uLQGzFzVRhDZ7AQMt/E1TGA==", + "version": "2.25.1", + "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.25.1.tgz", + "integrity": "sha512-10gVjvGv3uPfy7gUFQhgNhb66RorD1qX6yF4bTawm4S6JstkGrWYFJN5/48o7Mte+tATpXzAGiWu0l4wsYA/mA==", "requires": { "@apollographql/apollo-tools": "^0.5.0", "@apollographql/graphql-playground-html": "1.6.27", "@apollographql/graphql-upload-8-fork": "^8.1.3", "@josephg/resolvable": "^1.0.0", "@types/ws": "^7.0.0", - "apollo-cache-control": "^0.13.0", + "apollo-cache-control": "^0.14.0", "apollo-datasource": "^0.9.0", "apollo-graphql": "^0.9.0", - "apollo-reporting-protobuf": "^0.7.0", + "apollo-reporting-protobuf": "^0.8.0", "apollo-server-caching": "^0.7.0", "apollo-server-env": "^3.1.0", "apollo-server-errors": "^2.5.0", - "apollo-server-plugin-base": "^0.12.0", - "apollo-server-types": "^0.8.0", - "apollo-tracing": "^0.14.0", + "apollo-server-plugin-base": "^0.13.0", + "apollo-server-types": "^0.9.0", + "apollo-tracing": "^0.15.0", "async-retry": "^1.2.1", "fast-json-stable-stringify": "^2.0.0", - "graphql-extensions": "^0.14.0", + "graphql-extensions": "^0.15.0", "graphql-tag": "^2.11.0", "graphql-tools": "^4.0.8", "loglevel": "^1.6.7", "lru-cache": "^6.0.0", "sha.js": "^2.4.11", - "subscriptions-transport-ws": "^0.9.11", - "uuid": "^8.0.0", - "ws": "^6.0.0" + "subscriptions-transport-ws": "^0.9.19", + "uuid": "^8.0.0" }, "dependencies": { + "apollo-server-types": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", + "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", + "requires": { + "apollo-reporting-protobuf": "^0.8.0", + "apollo-server-caching": "^0.7.0", + "apollo-server-env": "^3.1.0" + } + }, "lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -2593,13 +2579,22 @@ "yallist": "^4.0.0" } }, - "ws": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz", - "integrity": "sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==", + "subscriptions-transport-ws": { + "version": "0.9.19", + "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", + "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", "requires": { - "async-limiter": "~1.0.0" + "backo2": "^1.0.2", + "eventemitter3": "^3.1.0", + "iterall": "^1.2.1", + "symbol-observable": "^1.0.4", + "ws": "^5.2.0 || ^6.0.0 || ^7.0.0" } + }, + "symbol-observable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", + "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" } } }, @@ -2618,9 +2613,9 @@ "integrity": "sha512-lO5oTjgiC3vlVg2RKr3RiXIIQ5pGXBFxYGGUkKDhTud3jMIhs+gel8L8zsEjKaKxkjHhCQAA/bcEfYiKkGQIvA==" }, "apollo-server-express": { - "version": "2.24.0", - "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.24.0.tgz", - "integrity": "sha512-wVoD53azxqVZt/i4yAm6cDDCXpbzr0AJpzOdNXVFW/KivInWEMF5ekCc80uMOawPeu78U7Skoc20akyvZKc+YA==", + "version": "2.24.1", + "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.24.1.tgz", + "integrity": "sha512-waBGJYG6Ht86RHMcTQLjy3YNeccg5IONe10qdm/kGbQVMXoE6KJB2VuNy/akRDPRvS6+tEt4v0XFSi7qQa4iXQ==", "requires": { "@apollographql/graphql-playground-html": "1.6.27", "@types/accepts": "^1.3.5", @@ -2629,7 +2624,7 @@ "@types/express": "4.17.11", "@types/express-serve-static-core": "4.17.19", "accepts": "^1.3.5", - "apollo-server-core": "^2.24.0", + "apollo-server-core": "^2.24.1", "apollo-server-types": "^0.8.0", "body-parser": "^1.18.3", "cors": "^2.8.5", @@ -2665,11 +2660,23 @@ } }, "apollo-server-plugin-base": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/apollo-server-plugin-base/-/apollo-server-plugin-base-0.12.0.tgz", - "integrity": "sha512-jnNIztYz34ImE7off0t9LwseGCR/J0H1wlbiBGvdXvQY+ZiMfVF2oF8KdSAPxG2vT6scvWP4GFS/FsZcOyP1Xw==", + "version": "0.13.0", + "resolved": "https://registry.npmjs.org/apollo-server-plugin-base/-/apollo-server-plugin-base-0.13.0.tgz", + "integrity": "sha512-L3TMmq2YE6BU6I4Tmgygmd0W55L+6XfD9137k+cWEBFu50vRY4Re+d+fL5WuPkk5xSPKd/PIaqzidu5V/zz8Kg==", "requires": { - "apollo-server-types": "^0.8.0" + "apollo-server-types": "^0.9.0" + }, + "dependencies": { + "apollo-server-types": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", + "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", + "requires": { + "apollo-reporting-protobuf": "^0.8.0", + "apollo-server-caching": "^0.7.0", + "apollo-server-env": "^3.1.0" + } + } } }, "apollo-server-types": { @@ -2680,15 +2687,25 @@ "apollo-reporting-protobuf": "^0.7.0", "apollo-server-caching": "^0.7.0", "apollo-server-env": "^3.1.0" + }, + "dependencies": { + "apollo-reporting-protobuf": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/apollo-reporting-protobuf/-/apollo-reporting-protobuf-0.7.0.tgz", + "integrity": "sha512-PC+zDqPPJcseemqmvUEqFiDi45pz6UaPWt6czgmrrbcQ+9VWp6IEkm08V5xBKk7V1WGUw19YwiJ7kqXpcgVNyw==", + "requires": { + "@apollo/protobufjs": "1.2.2" + } + } } }, "apollo-tracing": { - "version": "0.14.0", - "resolved": "https://registry.npmjs.org/apollo-tracing/-/apollo-tracing-0.14.0.tgz", - "integrity": "sha512-KH4mOoicZ2CQkEYVuNP9avJth59LwNqku3fKZ4S0UYE1RfxzIoLLsEyuY8MuJEgNdtKKfkX5G5Kn5Rp4LCJ4RQ==", + "version": "0.15.0", + "resolved": "https://registry.npmjs.org/apollo-tracing/-/apollo-tracing-0.15.0.tgz", + "integrity": "sha512-UP0fztFvaZPHDhIB/J+qGuy6hWO4If069MGC98qVs0I8FICIGu4/8ykpX3X3K6RtaQ56EDAWKykCxFv4ScxMeA==", "requires": { "apollo-server-env": "^3.1.0", - "apollo-server-plugin-base": "^0.12.0" + "apollo-server-plugin-base": "^0.13.0" } }, "apollo-upload-client": { @@ -4023,11 +4040,6 @@ "dev": true, "optional": true }, - "core-js": { - "version": "3.12.1", - "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.12.1.tgz", - "integrity": "sha512-Ne9DKPHTObRuB09Dru5AjwKjY4cJHVGu+y5f7coGn1E9Grkc3p2iBwE9AI/nJzsE29mQF7oq+mhYYRqOMFN1Bw==" - }, "core-js-compat": { "version": "3.10.1", "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.10.1.tgz", @@ -5007,9 +5019,9 @@ } }, "es-abstract": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.18.0.tgz", - "integrity": "sha512-LJzK7MrQa8TS0ja2w3YNLzUgJCGPdPOV1yVvezjNnS89D+VR08+Szt2mz3YB2Dck/+w5tfIq/RoUAFqJJGM2yw==", + "version": "1.18.3", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.18.3.tgz", + "integrity": "sha512-nQIr12dxV7SSxE6r6f1l3DtAeEYdsGpps13dR0TwJg1S8gyp4ZPgy3FZcHBgbiQqnoqSTb+oC+kO4UQ0C/J8vw==", "requires": { "call-bind": "^1.0.2", "es-to-primitive": "^1.2.1", @@ -5019,14 +5031,14 @@ "has-symbols": "^1.0.2", "is-callable": "^1.2.3", "is-negative-zero": "^2.0.1", - "is-regex": "^1.1.2", - "is-string": "^1.0.5", - "object-inspect": "^1.9.0", + "is-regex": "^1.1.3", + "is-string": "^1.0.6", + "object-inspect": "^1.10.3", "object-keys": "^1.1.1", "object.assign": "^4.1.2", "string.prototype.trimend": "^1.0.4", "string.prototype.trimstart": "^1.0.4", - "unbox-primitive": "^1.0.0" + "unbox-primitive": "^1.0.1" } }, "es-to-primitive": { @@ -6472,13 +6484,25 @@ "integrity": "sha512-OmaM7y0kaK31NKG31q4YbD2beNYa6jBBKtMFT6gLYJljHLJr42IqJ8KX08u3Li/0ifzTU5HjmoOOrwa5BRLeDA==" }, "graphql-extensions": { - "version": "0.14.0", - "resolved": "https://registry.npmjs.org/graphql-extensions/-/graphql-extensions-0.14.0.tgz", - "integrity": "sha512-DFtD8G+6rSj/Xhtb0IPh4A/sB/qcSEm9MTS221ESCx+axrsME92wGEsr7ihVjn1/tEEIy+9V5lUQOH/dHkCb0A==", + "version": "0.15.0", + "resolved": "https://registry.npmjs.org/graphql-extensions/-/graphql-extensions-0.15.0.tgz", + "integrity": "sha512-bVddVO8YFJPwuACn+3pgmrEg6I8iBuYLuwvxiE+lcQQ7POotVZxm2rgGw0PvVYmWWf3DT7nTVDZ5ROh/ALp8mA==", "requires": { "@apollographql/apollo-tools": "^0.5.0", "apollo-server-env": "^3.1.0", - "apollo-server-types": "^0.8.0" + "apollo-server-types": "^0.9.0" + }, + "dependencies": { + "apollo-server-types": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", + "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", + "requires": { + "apollo-reporting-protobuf": "^0.8.0", + "apollo-server-caching": "^0.7.0", + "apollo-server-env": "^3.1.0" + } + } } }, "graphql-list-fields": { diff --git a/package.json b/package.json index 12b008f806..ead7133374 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "@graphql-tools/utils": "6.2.4", "@parse/fs-files-adapter": "1.2.0", "@parse/push-adapter": "3.4.0", - "apollo-server-express": "2.24.0", + "apollo-server-express": "2.24.1", "bcryptjs": "2.4.3", "body-parser": "1.19.0", "commander": "5.1.0", From 0638e5e697c8ee2e75b7f42ac46c7385f1a3c483 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Jun 2021 15:21:20 -0700 Subject: [PATCH 06/24] chore(deps): bump normalize-url from 4.5.0 to 4.5.1 (#7428) Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index d0f01ce7d3..d2d672128a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9473,9 +9473,9 @@ "dev": true }, "normalize-url": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz", - "integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==", + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.1.tgz", + "integrity": "sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA==", "dev": true }, "npm-conf": { From f6a41729a7a3adc6bd5310cefb3458835b4abb58 Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Fri, 11 Jun 2021 02:36:20 +0200 Subject: [PATCH 07/24] bump mongo (#7429) --- .github/workflows/ci.yml | 4 ++-- README.md | 2 +- package.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b312c54c5..ad22983efc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -104,12 +104,12 @@ jobs: MONGODB_STORAGE_ENGINE: wiredTiger NODE_VERSION: 14.17.0 - name: MongoDB 4.0, ReplicaSet, WiredTiger - MONGODB_VERSION: 4.0.23 + MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger NODE_VERSION: 14.17.0 - name: MongoDB 4.0, Standalone, MMAPv1 - MONGODB_VERSION: 4.0.23 + MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: mmapv1 NODE_VERSION: 14.17.0 diff --git a/README.md b/README.md index b5f7826653..e4a8b6e269 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ Parse Server is continuously tested with the most recent releases of MongoDB to | Version | Latest Version | End-of-Life Date | Compatibility | |-------------|----------------|------------------|--------------------| -| MongoDB 4.0 | 4.0.23 | January 2022 | ✅ Fully compatible | +| MongoDB 4.0 | 4.0.25 | January 2022 | ✅ Fully compatible | | MongoDB 4.2 | 4.2.14 | TBD | ✅ Fully compatible | | MongoDB 4.4 | 4.4.6 | TBD | ✅ Fully compatible | diff --git a/package.json b/package.json index ead7133374..7bc2e0e2f2 100644 --- a/package.json +++ b/package.json @@ -111,7 +111,7 @@ "test:mongodb:runnerstart": "cross-env MONGODB_VERSION=${MONGODB_VERSION:=$npm_config_dbversion} MONGODB_TOPOLOGY=${MONGODB_TOPOLOGY:=standalone} MONGODB_STORAGE_ENGINE=${MONGODB_STORAGE_ENGINE:=wiredTiger} mongodb-runner start", "test:mongodb:testonly": "cross-env MONGODB_VERSION=${MONGODB_VERSION:=$npm_config_dbversion} MONGODB_TOPOLOGY=${MONGODB_TOPOLOGY:=standalone} MONGODB_STORAGE_ENGINE=${MONGODB_STORAGE_ENGINE:=wiredTiger} TESTING=1 jasmine", "test:mongodb": "npm run test:mongodb:runnerstart --dbversion=$npm_config_dbversion && npm run test:mongodb:testonly --dbversion=$npm_config_dbversion", - "test:mongodb:4.0.23": "npm run test:mongodb --dbversion=4.0.23", + "test:mongodb:4.0.25": "npm run test:mongodb --dbversion=4.0.25", "test:mongodb:4.2.14": "npm run test:mongodb --dbversion=4.2.14", "test:mongodb:4.4.6": "npm run test:mongodb --dbversion=4.4.6", "posttest:mongodb": "mongodb-runner stop", From 6deb7eca8f8026be8ef4ab6e1a871774926cab97 Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Sun, 13 Jun 2021 00:01:28 +0200 Subject: [PATCH 08/24] restriction to mongo testing --- spec/ParseQuery.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/ParseQuery.spec.js b/spec/ParseQuery.spec.js index f4c59e031f..0ed2669858 100644 --- a/spec/ParseQuery.spec.js +++ b/spec/ParseQuery.spec.js @@ -4318,7 +4318,7 @@ describe('Parse.Query testing', () => { } }); - it('deeply nested Pointers (issue #7413)', async function (done) { + it_only_db('mongo')('deeply nested Pointers (issue #7413)', async function (done) { const parent = new Parse.Object('Parent'); const child1 = new Parse.Object('Child'); const child2 = new Parse.Object('Child'); From 10695194b21a3ae2d34f88704a50a5ac0890202c Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Tue, 15 Jun 2021 13:25:04 +0200 Subject: [PATCH 09/24] CHANGELOG: typo fix braking->breaking [ci skip] (#7432) --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0bd81b3fe8..9fb0b32bac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -100,7 +100,7 @@ ___ - Added Parse Server Security Check to report weak security settings (Manuel Trezza, dblythy) [#7247](https://github.com/parse-community/parse-server/issues/7247) - EXPERIMENTAL: Added new page router with placeholder rendering and localization of custom and feature pages such as password reset and email verification (Manuel Trezza) [#7128](https://github.com/parse-community/parse-server/pull/7128) - EXPERIMENTAL: Added custom routes to easily customize flows for password reset, email verification or build entirely new flows (Manuel Trezza) [#7231](https://github.com/parse-community/parse-server/pull/7231) -- Added Deprecation Policy to govern the introduction of braking changes in a phased pattern that is more predictable for developers (Manuel Trezza) [#7199](https://github.com/parse-community/parse-server/pull/7199) +- Added Deprecation Policy to govern the introduction of breaking changes in a phased pattern that is more predictable for developers (Manuel Trezza) [#7199](https://github.com/parse-community/parse-server/pull/7199) - Add REST API endpoint `/loginAs` to create session of any user with master key; allows to impersonate another user. (GormanFletcher) [#7406](https://github.com/parse-community/parse-server/pull/7406) ### Other Changes From 3a2afda91134d2a89b4f24c07fe5cb154c7fe6e7 Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Sun, 20 Jun 2021 19:31:32 +0200 Subject: [PATCH 10/24] bump node version (#7441) --- .github/workflows/ci.yml | 20 ++++++++++---------- README.md | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ad22983efc..5250aea05d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ on: branches: - '**' env: - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 PARSE_SERVER_TEST_TIMEOUT: 20000 jobs: check-ci: @@ -97,28 +97,28 @@ jobs: MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: MongoDB 4.2, ReplicaSet, WiredTiger MONGODB_VERSION: 4.2.14 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: MongoDB 4.0, ReplicaSet, WiredTiger MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: MongoDB 4.0, Standalone, MMAPv1 MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: mmapv1 - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: Redis Cache PARSE_SERVER_TEST_CACHE: redis MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: Node 12 MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: standalone @@ -170,16 +170,16 @@ jobs: include: - name: PostgreSQL 11, PostGIS 3.0 POSTGRES_IMAGE: postgis/postgis:11-3.0 - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: PostgreSQL 11, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:11-3.1 - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: PostgreSQL 12, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:12-3.1 - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 - name: PostgreSQL 13, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:13-3.1 - NODE_VERSION: 14.17.0 + NODE_VERSION: 14.17.1 fail-fast: false name: ${{ matrix.name }} timeout-minutes: 15 diff --git a/README.md b/README.md index e4a8b6e269..15dfaec113 100644 --- a/README.md +++ b/README.md @@ -115,7 +115,7 @@ Parse Server is continuously tested with the most recent releases of Node.js to | Version | Latest Version | End-of-Life Date | Compatibility | |------------|----------------|------------------|--------------------| | Node.js 12 | 12.22.1 | April 2022 | ✅ Fully compatible | -| Node.js 14 | 14.17.0 | April 2023 | ✅ Fully compatible | +| Node.js 14 | 14.17.1 | April 2023 | ✅ Fully compatible | | Node.js 15 | 15.14.0 | June 2021 | ✅ Fully compatible | #### MongoDB From d8dc524c08036b2f326730e1ed214ed7a76141cb Mon Sep 17 00:00:00 2001 From: Jason Posthuma Date: Tue, 22 Jun 2021 01:11:15 +0200 Subject: [PATCH 11/24] Add check for property (#7421) * Add check for property * updated changelog * Fixed logic returning false positive * Added test case * update change log --- CHANGELOG.md | 1 + spec/QueryTools.spec.js | 10 ++++++++++ src/LiveQuery/QueryTools.js | 3 +++ 3 files changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9fb0b32bac..ca20a427af 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -134,6 +134,7 @@ ___ - Add NPM package-lock version check to CI (Manuel Trezza) [#7333](https://github.com/parse-community/parse-server/pull/7333) - Fix incorrect LiveQuery events triggered for multiple subscriptions on the same class with different events [#7341](https://github.com/parse-community/parse-server/pull/7341) - Fix select and excludeKey queries to properly accept JSON string arrays. Also allow nested fields in exclude (Corey Baker) [#7242](https://github.com/parse-community/parse-server/pull/7242) +- Fix LiveQuery server crash when using $all query operator on a missing object key (Jason Posthuma) [#7421](https://github.com/parse-community/parse-server/pull/7421) ___ ## 4.5.0 diff --git a/spec/QueryTools.spec.js b/spec/QueryTools.spec.js index de4772a61c..7e09078dad 100644 --- a/spec/QueryTools.spec.js +++ b/spec/QueryTools.spec.js @@ -313,6 +313,16 @@ describe('matchesQuery', function () { expect(matchesQuery(player, orQuery)).toBe(true); }); + it('does not match $all query when value is missing', () => { + const player = { + id: new Id('Player', 'P1'), + name: 'Player 1', + score: 12, + }; + const q = { missing: { $all: [1, 2, 3] } }; + expect(matchesQuery(player, q)).toBe(false); + }); + it('matches an $and query', () => { const player = { id: new Id('Player', 'P1'), diff --git a/src/LiveQuery/QueryTools.js b/src/LiveQuery/QueryTools.js index 735788218b..905919ef61 100644 --- a/src/LiveQuery/QueryTools.js +++ b/src/LiveQuery/QueryTools.js @@ -253,6 +253,9 @@ function matchesKeyConstraints(object, key, constraints) { } break; case '$all': + if (!object[key]) { + return false; + } for (i = 0; i < compareTo.length; i++) { if (object[key].indexOf(compareTo[i]) < 0) { return false; From 770e36ff43c42e4ed3db73a30436079a0460a1f0 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 24 Jun 2021 08:24:26 +0300 Subject: [PATCH 12/24] fix: upgrade graphql-relay from 0.6.0 to 0.7.0 (#7443) Snyk has created this PR to upgrade graphql-relay from 0.6.0 to 0.7.0. See this package in npm: https://www.npmjs.com/package/graphql-relay See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 21 +++------------------ package.json | 2 +- 2 files changed, 4 insertions(+), 19 deletions(-) diff --git a/package-lock.json b/package-lock.json index d2d672128a..7284dfeebf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2884,11 +2884,6 @@ "dev": true, "optional": true }, - "async-limiter": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", - "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" - }, "async-retry": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.1.tgz", @@ -6511,19 +6506,9 @@ "integrity": "sha512-9TSAwcVA3KWw7JWYep5NCk2aw3wl1ayLtbMpmG7l26vh1FZ+gZexNPP+XJfUFyJa71UU0zcKSgtgpsrsA3Xv9Q==" }, "graphql-relay": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/graphql-relay/-/graphql-relay-0.6.0.tgz", - "integrity": "sha512-OVDi6C9/qOT542Q3KxZdXja3NrDvqzbihn1B44PH8P/c5s0Q90RyQwT6guhGqXqbYEH6zbeLJWjQqiYvcg2vVw==", - "requires": { - "prettier": "^1.16.0" - }, - "dependencies": { - "prettier": { - "version": "1.19.1", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-1.19.1.tgz", - "integrity": "sha512-s7PoyDv/II1ObgQunCbB9PdLmUcBZcnWOcxDh7O0N/UwDEsHyqkW+Qh28jW+mVuCdx7gLB0BotYI1Y6uI9iyew==" - } - } + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/graphql-relay/-/graphql-relay-0.7.0.tgz", + "integrity": "sha512-P8eS3IbZRhbfbcfud1Q6VPrIru4hchkb15MuOij+WQo9r0chD5NBIxiVjuRE2iG2EMHxIOrZb8LnMe82+YdITA==" }, "graphql-subscriptions": { "version": "1.2.1", diff --git a/package.json b/package.json index 7bc2e0e2f2..6993f67c58 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "follow-redirects": "1.14.1", "graphql": "15.5.0", "graphql-list-fields": "2.0.2", - "graphql-relay": "0.6.0", + "graphql-relay": "0.7.0", "graphql-tag": "2.12.4", "graphql-upload": "11.0.0", "intersect": "1.0.1", From 7df6c020b18b8ea9d04b718fa4e070be800b9268 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 24 Jun 2021 08:30:11 +0300 Subject: [PATCH 13/24] fix: upgrade ldapjs from 2.2.4 to 2.3.0 (#7436) Snyk has created this PR to upgrade ldapjs from 2.2.4 to 2.3.0. See this package in npm: https://www.npmjs.com/package/ldapjs See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7284dfeebf..34e22450c2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8024,9 +8024,9 @@ } }, "ldapjs": { - "version": "2.2.4", - "resolved": "https://registry.npmjs.org/ldapjs/-/ldapjs-2.2.4.tgz", - "integrity": "sha512-OoeAXPNPPt4D6qva2/p6rkCIHknyYFd42Vp8JhSazBs9BbkEBmoajzj2F0ElD3vR+yAuzIVCjqh1W4uR8dfn0A==", + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/ldapjs/-/ldapjs-2.3.0.tgz", + "integrity": "sha512-3Rbm3CS7vzTccpP1QnzKCEPok60L/b3BFlWU8r93P5oadCAaqCWEH9Td08crPnw4Ti20W8y0+ZKtFFNzxVu4kA==", "requires": { "abstract-logging": "^2.0.0", "asn1": "^0.2.4", diff --git a/package.json b/package.json index 6993f67c58..85d00ba18c 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "intersect": "1.0.1", "jsonwebtoken": "8.5.1", "jwks-rsa": "1.12.3", - "ldapjs": "2.2.4", + "ldapjs": "2.3.0", "lodash": "4.17.21", "lru-cache": "5.1.1", "mime": "2.5.2", From 4e5eba6c6c7bc6e643ac6477df15beea1ba60364 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 24 Jun 2021 08:30:36 +0300 Subject: [PATCH 14/24] fix: upgrade apollo-server-express from 2.24.1 to 2.25.0 (#7435) Snyk has created this PR to upgrade apollo-server-express from 2.24.1 to 2.25.0. See this package in npm: https://www.npmjs.com/package/apollo-server-express See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 85 +++++++---------------------------------------- package.json | 2 +- 2 files changed, 13 insertions(+), 74 deletions(-) diff --git a/package-lock.json b/package-lock.json index 34e22450c2..dca3601cb5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1987,9 +1987,9 @@ } }, "@types/ws": { - "version": "7.4.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-7.4.4.tgz", - "integrity": "sha512-d/7W23JAXPodQNbOZNXvl2K+bqAQrCMwlh/nuQsPSQk6Fq0opHoPrUw43aHsvSbIiQPr8Of2hkFbnz1XBFVyZQ==", + "version": "7.4.5", + "resolved": "https://registry.npmjs.org/@types/ws/-/ws-7.4.5.tgz", + "integrity": "sha512-8mbDgtc8xpxDDem5Gwj76stBDJX35KQ3YBoayxlqUQcL5BZUthiqP/VQ4PQnLHqM4PmlbyO74t98eJpURO+gPA==", "requires": { "@types/node": "*" } @@ -2561,16 +2561,6 @@ "uuid": "^8.0.0" }, "dependencies": { - "apollo-server-types": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", - "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", - "requires": { - "apollo-reporting-protobuf": "^0.8.0", - "apollo-server-caching": "^0.7.0", - "apollo-server-env": "^3.1.0" - } - }, "lru-cache": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", @@ -2578,23 +2568,6 @@ "requires": { "yallist": "^4.0.0" } - }, - "subscriptions-transport-ws": { - "version": "0.9.19", - "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", - "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", - "requires": { - "backo2": "^1.0.2", - "eventemitter3": "^3.1.0", - "iterall": "^1.2.1", - "symbol-observable": "^1.0.4", - "ws": "^5.2.0 || ^6.0.0 || ^7.0.0" - } - }, - "symbol-observable": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", - "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" } } }, @@ -2613,9 +2586,9 @@ "integrity": "sha512-lO5oTjgiC3vlVg2RKr3RiXIIQ5pGXBFxYGGUkKDhTud3jMIhs+gel8L8zsEjKaKxkjHhCQAA/bcEfYiKkGQIvA==" }, "apollo-server-express": { - "version": "2.24.1", - "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.24.1.tgz", - "integrity": "sha512-waBGJYG6Ht86RHMcTQLjy3YNeccg5IONe10qdm/kGbQVMXoE6KJB2VuNy/akRDPRvS6+tEt4v0XFSi7qQa4iXQ==", + "version": "2.25.0", + "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.25.0.tgz", + "integrity": "sha512-FCTisD+VB1LCcTjjhKvQZ/dkly83KVlioFMgcPjW1X/kzCznRT3aQoVn9bQHlzQr7NnpwFseb4Rhd2KKD4wKEA==", "requires": { "@apollographql/graphql-playground-html": "1.6.27", "@types/accepts": "^1.3.5", @@ -2624,8 +2597,8 @@ "@types/express": "4.17.11", "@types/express-serve-static-core": "4.17.19", "accepts": "^1.3.5", - "apollo-server-core": "^2.24.1", - "apollo-server-types": "^0.8.0", + "apollo-server-core": "^2.25.0", + "apollo-server-types": "^0.9.0", "body-parser": "^1.18.3", "cors": "^2.8.5", "express": "^4.17.1", @@ -2665,38 +2638,16 @@ "integrity": "sha512-L3TMmq2YE6BU6I4Tmgygmd0W55L+6XfD9137k+cWEBFu50vRY4Re+d+fL5WuPkk5xSPKd/PIaqzidu5V/zz8Kg==", "requires": { "apollo-server-types": "^0.9.0" - }, - "dependencies": { - "apollo-server-types": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", - "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", - "requires": { - "apollo-reporting-protobuf": "^0.8.0", - "apollo-server-caching": "^0.7.0", - "apollo-server-env": "^3.1.0" - } - } } }, "apollo-server-types": { - "version": "0.8.0", - "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.8.0.tgz", - "integrity": "sha512-adHJnHbRV2kWUY0VQY1M2KpSdGfm+4mX4w+2lROPExqOnkyTI7CGfpJCdEwYMKrIn3aH8HIcOH0SnpWRet6TNw==", + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", + "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", "requires": { - "apollo-reporting-protobuf": "^0.7.0", + "apollo-reporting-protobuf": "^0.8.0", "apollo-server-caching": "^0.7.0", "apollo-server-env": "^3.1.0" - }, - "dependencies": { - "apollo-reporting-protobuf": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/apollo-reporting-protobuf/-/apollo-reporting-protobuf-0.7.0.tgz", - "integrity": "sha512-PC+zDqPPJcseemqmvUEqFiDi45pz6UaPWt6czgmrrbcQ+9VWp6IEkm08V5xBKk7V1WGUw19YwiJ7kqXpcgVNyw==", - "requires": { - "@apollo/protobufjs": "1.2.2" - } - } } }, "apollo-tracing": { @@ -6486,18 +6437,6 @@ "@apollographql/apollo-tools": "^0.5.0", "apollo-server-env": "^3.1.0", "apollo-server-types": "^0.9.0" - }, - "dependencies": { - "apollo-server-types": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/apollo-server-types/-/apollo-server-types-0.9.0.tgz", - "integrity": "sha512-qk9tg4Imwpk732JJHBkhW0jzfG0nFsLqK2DY6UhvJf7jLnRePYsPxWfPiNkxni27pLE2tiNlCwoDFSeWqpZyBg==", - "requires": { - "apollo-reporting-protobuf": "^0.8.0", - "apollo-server-caching": "^0.7.0", - "apollo-server-env": "^3.1.0" - } - } } }, "graphql-list-fields": { diff --git a/package.json b/package.json index 85d00ba18c..c1231893f6 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "@graphql-tools/utils": "6.2.4", "@parse/fs-files-adapter": "1.2.0", "@parse/push-adapter": "3.4.0", - "apollo-server-express": "2.24.1", + "apollo-server-express": "2.25.0", "bcryptjs": "2.4.3", "body-parser": "1.19.0", "commander": "5.1.0", From c36588e3c2d16fab3f38aecc77f0e827bda38f95 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 24 Jun 2021 08:38:05 +0300 Subject: [PATCH 15/24] fix: upgrade mongodb from 3.6.7 to 3.6.8 (#7430) Snyk has created this PR to upgrade mongodb from 3.6.7 to 3.6.8. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index dca3601cb5..fc9bb96187 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9006,9 +9006,9 @@ "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" }, "mongodb": { - "version": "3.6.7", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.7.tgz", - "integrity": "sha512-VXW2bWz47LhAEw0qs8Mk2zRgQwgbXH16KAwQFtylBu0zXO8rkQmA8ncsYbmICaVutZeINRlXYXG3MDIz90NM3g==", + "version": "3.6.8", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.8.tgz", + "integrity": "sha512-sDjJvI73WjON1vapcbyBD3Ao9/VN3TKYY8/QX9EPbs22KaCSrQ5rXo5ZZd44tWJ3wl3FlnrFZ+KyUtNH6+1ZPQ==", "requires": { "bl": "^2.2.1", "bson": "^1.1.4", diff --git a/package.json b/package.json index c1231893f6..697cc2477e 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "lodash": "4.17.21", "lru-cache": "5.1.1", "mime": "2.5.2", - "mongodb": "3.6.7", + "mongodb": "3.6.8", "mustache": "4.2.0", "parse": "3.2.0", "pg-monitor": "1.4.1", From 17cf1a46e557b502b132c415b922508e032209a9 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Mon, 28 Jun 2021 08:00:47 +0300 Subject: [PATCH 16/24] fix: upgrade mongodb from 3.6.8 to 3.6.9 (#7445) Snyk has created this PR to upgrade mongodb from 3.6.8 to 3.6.9. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index fc9bb96187..e3a3ba384d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9006,9 +9006,9 @@ "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" }, "mongodb": { - "version": "3.6.8", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.8.tgz", - "integrity": "sha512-sDjJvI73WjON1vapcbyBD3Ao9/VN3TKYY8/QX9EPbs22KaCSrQ5rXo5ZZd44tWJ3wl3FlnrFZ+KyUtNH6+1ZPQ==", + "version": "3.6.9", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.6.9.tgz", + "integrity": "sha512-1nSCKgSunzn/CXwgOWgbPHUWOO5OfERcuOWISmqd610jn0s8BU9K4879iJVabqgpPPbA6hO7rG48eq+fGED3Mg==", "requires": { "bl": "^2.2.1", "bson": "^1.1.4", diff --git a/package.json b/package.json index 697cc2477e..8dd4768459 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "lodash": "4.17.21", "lru-cache": "5.1.1", "mime": "2.5.2", - "mongodb": "3.6.8", + "mongodb": "3.6.9", "mustache": "4.2.0", "parse": "3.2.0", "pg-monitor": "1.4.1", From d36a53b2bfade99942e3c9b827c9abb38d2de26b Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 1 Jul 2021 01:26:16 +0300 Subject: [PATCH 17/24] fix: upgrade subscriptions-transport-ws from 0.9.19 to 0.10.0 (#7450) Snyk has created this PR to upgrade subscriptions-transport-ws from 0.9.19 to 0.10.0. See this package in npm: https://www.npmjs.com/package/subscriptions-transport-ws See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 40 +++++++++++++++++++++++++++++++++++++--- package.json | 2 +- 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index e3a3ba384d..3568dc3fda 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2568,6 +2568,23 @@ "requires": { "yallist": "^4.0.0" } + }, + "subscriptions-transport-ws": { + "version": "0.9.19", + "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", + "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", + "requires": { + "backo2": "^1.0.2", + "eventemitter3": "^3.1.0", + "iterall": "^1.2.1", + "symbol-observable": "^1.0.4", + "ws": "^5.2.0 || ^6.0.0 || ^7.0.0" + } + }, + "symbol-observable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", + "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" } } }, @@ -2629,6 +2646,23 @@ "@types/qs": "*", "@types/range-parser": "*" } + }, + "subscriptions-transport-ws": { + "version": "0.9.19", + "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", + "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", + "requires": { + "backo2": "^1.0.2", + "eventemitter3": "^3.1.0", + "iterall": "^1.2.1", + "symbol-observable": "^1.0.4", + "ws": "^5.2.0 || ^6.0.0 || ^7.0.0" + } + }, + "symbol-observable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", + "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" } } }, @@ -11667,9 +11701,9 @@ } }, "subscriptions-transport-ws": { - "version": "0.9.19", - "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.9.19.tgz", - "integrity": "sha512-dxdemxFFB0ppCLg10FTtRqH/31FNRL1y1BQv8209MK5I4CwALb7iihQg+7p65lFcIl8MHatINWBLOqpgU4Kyyw==", + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/subscriptions-transport-ws/-/subscriptions-transport-ws-0.10.0.tgz", + "integrity": "sha512-k28LhLn3abJ1mowFW+LP4QGggE0e3hrk55zXbMHyAeZkCUYtC0owepiwqMD3zX8DglQVaxnhE760pESrNSEzpg==", "requires": { "backo2": "^1.0.2", "eventemitter3": "^3.1.0", diff --git a/package.json b/package.json index 8dd4768459..05d2ab1c4a 100644 --- a/package.json +++ b/package.json @@ -53,7 +53,7 @@ "pluralize": "8.0.0", "redis": "3.1.2", "semver": "7.3.4", - "subscriptions-transport-ws": "0.9.19", + "subscriptions-transport-ws": "0.10.0", "tv4": "1.3.0", "uuid": "8.3.2", "winston": "3.3.3", From 682f1bf14388e134fbd993e274f5738ec2e57e02 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 1 Jul 2021 01:29:54 +0300 Subject: [PATCH 18/24] fix: upgrade apollo-server-express from 2.25.0 to 2.25.1 (#7449) Snyk has created this PR to upgrade apollo-server-express from 2.25.0 to 2.25.1. See this package in npm: https://www.npmjs.com/package/apollo-server-express See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 22 +++++++++++----------- package.json | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3568dc3fda..536bfb9218 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2423,9 +2423,9 @@ }, "dependencies": { "core-js-pure": { - "version": "3.14.0", - "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.14.0.tgz", - "integrity": "sha512-YVh+LN2FgNU0odThzm61BsdkwrbrchumFq3oztnE9vTKC4KS2fvnPmcx8t6jnqAyOTCTF4ZSiuK8Qhh7SNcL4g==" + "version": "3.15.2", + "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.15.2.tgz", + "integrity": "sha512-D42L7RYh1J2grW8ttxoY1+17Y4wXZeKe7uyplAI3FkNQyI5OgBIAjUfFiTPfL1rs0qLpxaabITNbjKl1Sp82tA==" } } }, @@ -2530,9 +2530,9 @@ } }, "apollo-server-core": { - "version": "2.25.1", - "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.25.1.tgz", - "integrity": "sha512-10gVjvGv3uPfy7gUFQhgNhb66RorD1qX6yF4bTawm4S6JstkGrWYFJN5/48o7Mte+tATpXzAGiWu0l4wsYA/mA==", + "version": "2.25.2", + "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-2.25.2.tgz", + "integrity": "sha512-lrohEjde2TmmDTO7FlOs8x5QQbAS0Sd3/t0TaK2TWaodfzi92QAvIsq321Mol6p6oEqmjm8POIDHW1EuJd7XMA==", "requires": { "@apollographql/apollo-tools": "^0.5.0", "@apollographql/graphql-playground-html": "1.6.27", @@ -2603,9 +2603,9 @@ "integrity": "sha512-lO5oTjgiC3vlVg2RKr3RiXIIQ5pGXBFxYGGUkKDhTud3jMIhs+gel8L8zsEjKaKxkjHhCQAA/bcEfYiKkGQIvA==" }, "apollo-server-express": { - "version": "2.25.0", - "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.25.0.tgz", - "integrity": "sha512-FCTisD+VB1LCcTjjhKvQZ/dkly83KVlioFMgcPjW1X/kzCznRT3aQoVn9bQHlzQr7NnpwFseb4Rhd2KKD4wKEA==", + "version": "2.25.1", + "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-2.25.1.tgz", + "integrity": "sha512-9idHkV3umcIDdq/NIQEC2D6zZ0QtaMRVCbeRcDgm9uWWiX3ulK5ICdHbNBu5UHXkDmKjfZiGaCWBZti0MsRQAg==", "requires": { "@apollographql/graphql-playground-html": "1.6.27", "@types/accepts": "^1.3.5", @@ -2614,7 +2614,7 @@ "@types/express": "4.17.11", "@types/express-serve-static-core": "4.17.19", "accepts": "^1.3.5", - "apollo-server-core": "^2.25.0", + "apollo-server-core": "^2.25.1", "apollo-server-types": "^0.9.0", "body-parser": "^1.18.3", "cors": "^2.8.5", @@ -2622,7 +2622,7 @@ "graphql-subscriptions": "^1.0.0", "graphql-tools": "^4.0.8", "parseurl": "^1.3.2", - "subscriptions-transport-ws": "^0.9.16", + "subscriptions-transport-ws": "^0.9.19", "type-is": "^1.6.16" }, "dependencies": { diff --git a/package.json b/package.json index 05d2ab1c4a..a9f5bfed5e 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "@graphql-tools/utils": "6.2.4", "@parse/fs-files-adapter": "1.2.0", "@parse/push-adapter": "3.4.0", - "apollo-server-express": "2.25.0", + "apollo-server-express": "2.25.1", "bcryptjs": "2.4.3", "body-parser": "1.19.0", "commander": "5.1.0", From 05882bc3ecdce8831c46ba584fee6baea573fa96 Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Sat, 3 Jul 2021 15:20:23 +0200 Subject: [PATCH 19/24] bumped node (#7452) --- .github/workflows/ci.yml | 22 +++++++++++----------- README.md | 4 ++-- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5250aea05d..4d1aa01e59 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ on: branches: - '**' env: - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 PARSE_SERVER_TEST_TIMEOUT: 20000 jobs: check-ci: @@ -97,33 +97,33 @@ jobs: MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: MongoDB 4.2, ReplicaSet, WiredTiger MONGODB_VERSION: 4.2.14 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: MongoDB 4.0, ReplicaSet, WiredTiger MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: replicaset MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: MongoDB 4.0, Standalone, MMAPv1 MONGODB_VERSION: 4.0.25 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: mmapv1 - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: Redis Cache PARSE_SERVER_TEST_CACHE: redis MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: Node 12 MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: standalone MONGODB_STORAGE_ENGINE: wiredTiger - NODE_VERSION: 12.22.1 + NODE_VERSION: 12.22.2 - name: Node 15 MONGODB_VERSION: 4.4.6 MONGODB_TOPOLOGY: standalone @@ -170,16 +170,16 @@ jobs: include: - name: PostgreSQL 11, PostGIS 3.0 POSTGRES_IMAGE: postgis/postgis:11-3.0 - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: PostgreSQL 11, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:11-3.1 - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: PostgreSQL 12, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:12-3.1 - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 - name: PostgreSQL 13, PostGIS 3.1 POSTGRES_IMAGE: postgis/postgis:13-3.1 - NODE_VERSION: 14.17.1 + NODE_VERSION: 14.17.2 fail-fast: false name: ${{ matrix.name }} timeout-minutes: 15 diff --git a/README.md b/README.md index 15dfaec113..335516cde8 100644 --- a/README.md +++ b/README.md @@ -114,8 +114,8 @@ Parse Server is continuously tested with the most recent releases of Node.js to | Version | Latest Version | End-of-Life Date | Compatibility | |------------|----------------|------------------|--------------------| -| Node.js 12 | 12.22.1 | April 2022 | ✅ Fully compatible | -| Node.js 14 | 14.17.1 | April 2023 | ✅ Fully compatible | +| Node.js 12 | 12.22.2 | April 2022 | ✅ Fully compatible | +| Node.js 14 | 14.17.2 | April 2023 | ✅ Fully compatible | | Node.js 15 | 15.14.0 | June 2021 | ✅ Fully compatible | #### MongoDB From 1594afec6421bea31e732dff9b21eb099898bc3a Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Mon, 12 Jul 2021 20:14:35 +0200 Subject: [PATCH 20/24] add runtime deprecation warning (#7451) --- CHANGELOG.md | 2 +- CONTRIBUTING.md | 4 ++- spec/Deprecator.spec.js | 18 ++++++++++--- src/Deprecator/Deprecator.js | 50 ++++++++++++++++++++++++++++++++++-- 4 files changed, 67 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ca20a427af..86b5081bbb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -135,7 +135,7 @@ ___ - Fix incorrect LiveQuery events triggered for multiple subscriptions on the same class with different events [#7341](https://github.com/parse-community/parse-server/pull/7341) - Fix select and excludeKey queries to properly accept JSON string arrays. Also allow nested fields in exclude (Corey Baker) [#7242](https://github.com/parse-community/parse-server/pull/7242) - Fix LiveQuery server crash when using $all query operator on a missing object key (Jason Posthuma) [#7421](https://github.com/parse-community/parse-server/pull/7421) - +- Added runtime deprecation warnings (Manuel Trezza) [#7451](https://github.com/parse-community/parse-server/pull/7451) ___ ## 4.5.0 [Full Changelog](https://github.com/parse-community/parse-server/compare/4.4.0...4.5.0) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a761f91955..201aeecf6f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -182,7 +182,9 @@ If you change or remove an existing feature that would lead to a breaking change - Use a default value that falls back to existing behavior. - Add a deprecation definition in `Deprecator/Deprecations.js` that will output a deprecation warning log message on Parse Server launch, for example: > DeprecationWarning: The Parse Server option 'example' will be removed in a future release. - + +For deprecations that can only be determined ad-hoc during runtime, for example Parse Query syntax deprecations, use the `Deprecator.logRuntimeDeprecation()` method. + Deprecations become breaking changes after notifying developers through deprecation warnings for at least one entire previous major release. For example: - `4.5.0` is the current version - `4.6.0` adds a new optional feature and a deprecation warning for the existing feature diff --git a/spec/Deprecator.spec.js b/spec/Deprecator.spec.js index 7e0e28df3d..3af5d10c31 100644 --- a/spec/Deprecator.spec.js +++ b/spec/Deprecator.spec.js @@ -21,16 +21,28 @@ describe('Deprecator', () => { const logSpy = spyOn(logger, 'warn').and.callFake(() => {}); await reconfigureServer(); - expect(logSpy.calls.all()[0].args[0]).toContain(deprecations[0].optionKey); - expect(logSpy.calls.all()[0].args[0]).toContain(deprecations[0].changeNewDefault); + expect(logSpy.calls.all()[0].args[0]).toEqual( + `DeprecationWarning: The Parse Server option '${deprecations[0].optionKey}' default will change to '${deprecations[0].changeNewDefault}' in a future version.` + ); }); it('does not log deprecation for new default if option is set manually', async () => { deprecations = [{ optionKey: 'exampleKey', changeNewDefault: 'exampleNewDefault' }]; spyOn(Deprecator, '_getDeprecations').and.callFake(() => deprecations); - const logSpy = spyOn(Deprecator, '_log').and.callFake(() => {}); + const logSpy = spyOn(Deprecator, '_logOption').and.callFake(() => {}); await reconfigureServer({ [deprecations[0].optionKey]: 'manuallySet' }); expect(logSpy).not.toHaveBeenCalled(); }); + + it('logs runtime deprecation', async () => { + const logger = require('../lib/logger').logger; + const logSpy = spyOn(logger, 'warn').and.callFake(() => {}); + const options = { usage: 'Doing this', solution: 'Do that instead.' }; + + Deprecator.logRuntimeDeprecation(options); + expect(logSpy.calls.all()[0].args[0]).toEqual( + `DeprecationWarning: ${options.usage} is deprecated and will be removed in a future version. ${options.solution}` + ); + }); }); diff --git a/src/Deprecator/Deprecator.js b/src/Deprecator/Deprecator.js index 5ab0bb43ee..27033c946d 100644 --- a/src/Deprecator/Deprecator.js +++ b/src/Deprecator/Deprecator.js @@ -22,11 +22,41 @@ class Deprecator { // If default will change, only throw a warning if option is not set if (changeNewDefault != null && options[optionKey] == null) { - Deprecator._log({ optionKey, changeNewDefault, solution }); + Deprecator._logOption({ optionKey, changeNewDefault, solution }); } } } + /** + * Logs a deprecation warning for a parameter that can only be determined dynamically + * during runtime. + * + * Note: Do not use this to log deprecations of Parse Server options, but add such + * deprecations to `Deprecations.js` instead. See the contribution docs for more + * details. + * + * For consistency, the deprecation warning is composed of the following parts: + * + * > DeprecationWarning: `usage` is deprecated and will be removed in a future version. + * `solution`. + * + * - `usage`: The deprecated usage. + * - `solution`: The instruction to resolve this deprecation warning. + * + * For example: + * > DeprecationWarning: `Prefixing field names with dollar sign ($) in aggregation query` + * is deprecated and will be removed in a future version. `Reference field names without + * dollar sign prefix.` + * + * @param {Object} options The deprecation options. + * @param {String} options.usage The usage that is deprecated. + * @param {String} [options.solution] The instruction to resolve this deprecation warning. + * Optional. It is recommended to add an instruction for the convenience of the developer. + */ + static logRuntimeDeprecation(options) { + Deprecator._logGeneric(options); + } + /** * Returns the deprecation definitions. * @returns {Array} The deprecations. @@ -35,8 +65,24 @@ class Deprecator { return Deprecations; } + /** + * Logs a generic deprecation warning. + * + * @param {Object} options The deprecation options. + * @param {String} options.usage The usage that is deprecated. + * @param {String} [options.solution] The instruction to resolve this deprecation warning. + * Optional. It is recommended to add an instruction for the convenience of the developer. + */ + static _logGeneric({ usage, solution }) { + // Compose message + let output = `DeprecationWarning: ${usage} is deprecated and will be removed in a future version.`; + output += solution ? ` ${solution}` : ''; + logger.warn(output); + } + /** * Logs a deprecation warning for a Parse Server option. + * * @param {String} optionKey The option key incl. its path, e.g. `security.enableCheck`. * @param {String} envKey The environment key, e.g. `PARSE_SERVER_SECURITY`. * @param {String} changeNewKey Set the new key name if the current key will be replaced, @@ -48,7 +94,7 @@ class Deprecator { * automatically added to the message. It should only contain the instruction on how * to resolve this warning. */ - static _log({ optionKey, envKey, changeNewKey, changeNewDefault, solution }) { + static _logOption({ optionKey, envKey, changeNewKey, changeNewDefault, solution }) { const type = optionKey ? 'option' : 'environment key'; const key = optionKey ? optionKey : envKey; const keyAction = From 6a39cfe4699032856f4442dc73473b7179fc26ec Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Thu, 10 Jun 2021 00:04:08 +0200 Subject: [PATCH 21/24] test and code --- spec/ParseQuery.spec.js | 34 ++++++++++++++++++++ src/Adapters/Storage/Mongo/MongoTransform.js | 13 +++++--- 2 files changed, 43 insertions(+), 4 deletions(-) diff --git a/spec/ParseQuery.spec.js b/spec/ParseQuery.spec.js index e196280a5c..f4c59e031f 100644 --- a/spec/ParseQuery.spec.js +++ b/spec/ParseQuery.spec.js @@ -4318,6 +4318,40 @@ describe('Parse.Query testing', () => { } }); + it('deeply nested Pointers (issue #7413)', async function (done) { + const parent = new Parse.Object('Parent'); + const child1 = new Parse.Object('Child'); + const child2 = new Parse.Object('Child'); + + parent.set('subDocument', { child: child1 }); + parent.set('children', [ + { child: child1, count: 2 }, + { child: child2, count: 3 }, + ]); + await parent.save(); + + // equalTo + const resultsEq = await new Parse.Query('Parent').equalTo('children.child', child1).find(); + expect(resultsEq.length).toBe(1); + + // direct subDocument equalTo + const resultsSubDocument = await new Parse.Query('Parent') + .equalTo('subDocument.child', child1) + .find(); + expect(resultsSubDocument.length).toBe(1); + + // subDocument in + const resultsSubDocumentIn = await new Parse.Query('Parent') + .containedIn('subDocument.child', [child1]) + .find(); + expect(resultsSubDocumentIn.length).toBe(1); + + // containedIn + const results = await new Parse.Query('Parent').containedIn('children.child', [child1]).find(); + expect(results.length).toBe(1); + done(); + }); + it('include with *', async () => { const child1 = new TestObject({ foo: 'bar', name: 'ac' }); const child2 = new TestObject({ foo: 'baz', name: 'flo' }); diff --git a/src/Adapters/Storage/Mongo/MongoTransform.js b/src/Adapters/Storage/Mongo/MongoTransform.js index 5578077778..db3431fbdd 100644 --- a/src/Adapters/Storage/Mongo/MongoTransform.js +++ b/src/Adapters/Storage/Mongo/MongoTransform.js @@ -316,7 +316,7 @@ function transformQueryKeyValue(className, key, value, schema, count = false) { } // Handle query constraints - const transformedConstraint = transformConstraint(value, field, count); + const transformedConstraint = transformConstraint(value, key, field, count); if (transformedConstraint !== CannotTransform) { if (transformedConstraint.$text) { return { key: '$text', value: transformedConstraint.$text }; @@ -766,12 +766,16 @@ function relativeTimeToDate(text, now = new Date()) { // If it is not a valid constraint but it could be a valid something // else, return CannotTransform. // inArray is whether this is an array field. -function transformConstraint(constraint, field, count = false) { - const inArray = field && field.type && field.type === 'Array'; +function transformConstraint(constraint, restKey, field, count = false) { if (typeof constraint !== 'object' || !constraint) { return CannotTransform; } - const transformFunction = inArray ? transformInteriorAtom : transformTopLevelAtom; + + // transformer + const inArray = field && field.type && field.type === 'Array'; + const inSubDocument = restKey.includes('.'); + const transformFunction = + inArray || inSubDocument ? transformInteriorAtom : transformTopLevelAtom; const transformer = atom => { const result = transformFunction(atom, field); if (result === CannotTransform) { @@ -779,6 +783,7 @@ function transformConstraint(constraint, field, count = false) { } return result; }; + // keys is the constraints in reverse alphabetical order. // This is a hack so that: // $regex is handled before $options From 3efe6f67ef3fad313473f0be8f59c11fba57b84f Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Wed, 14 Jul 2021 01:15:13 +0200 Subject: [PATCH 22/24] fix changelog message --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 86b5081bbb..4c627629d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -136,7 +136,8 @@ ___ - Fix select and excludeKey queries to properly accept JSON string arrays. Also allow nested fields in exclude (Corey Baker) [#7242](https://github.com/parse-community/parse-server/pull/7242) - Fix LiveQuery server crash when using $all query operator on a missing object key (Jason Posthuma) [#7421](https://github.com/parse-community/parse-server/pull/7421) - Added runtime deprecation warnings (Manuel Trezza) [#7451](https://github.com/parse-community/parse-server/pull/7451) -___ +- Fix querying deep nested pointers (Olivier Allouch) [#7526](https://github.com/parse-community/parse-server/pull/7426)___ + ## 4.5.0 [Full Changelog](https://github.com/parse-community/parse-server/compare/4.4.0...4.5.0) ### Breaking Changes From 5b8204727da08f66da9a5fc8c64b57a540caf1bf Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Sun, 13 Jun 2021 00:01:28 +0200 Subject: [PATCH 23/24] restriction to mongo testing --- spec/ParseQuery.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/ParseQuery.spec.js b/spec/ParseQuery.spec.js index f4c59e031f..0ed2669858 100644 --- a/spec/ParseQuery.spec.js +++ b/spec/ParseQuery.spec.js @@ -4318,7 +4318,7 @@ describe('Parse.Query testing', () => { } }); - it('deeply nested Pointers (issue #7413)', async function (done) { + it_only_db('mongo')('deeply nested Pointers (issue #7413)', async function (done) { const parent = new Parse.Object('Parent'); const child1 = new Parse.Object('Child'); const child2 = new Parse.Object('Child'); From 0e215eafd6b4cfefd7cdb9fd928231953d26ced8 Mon Sep 17 00:00:00 2001 From: Olivier Allouch Date: Wed, 14 Jul 2021 01:28:12 +0200 Subject: [PATCH 24/24] unnecessary comments removal --- spec/ParseQuery.spec.js | 4 ---- src/Adapters/Storage/Mongo/MongoTransform.js | 1 - 2 files changed, 5 deletions(-) diff --git a/spec/ParseQuery.spec.js b/spec/ParseQuery.spec.js index 0ed2669858..220c2c19b0 100644 --- a/spec/ParseQuery.spec.js +++ b/spec/ParseQuery.spec.js @@ -4330,23 +4330,19 @@ describe('Parse.Query testing', () => { ]); await parent.save(); - // equalTo const resultsEq = await new Parse.Query('Parent').equalTo('children.child', child1).find(); expect(resultsEq.length).toBe(1); - // direct subDocument equalTo const resultsSubDocument = await new Parse.Query('Parent') .equalTo('subDocument.child', child1) .find(); expect(resultsSubDocument.length).toBe(1); - // subDocument in const resultsSubDocumentIn = await new Parse.Query('Parent') .containedIn('subDocument.child', [child1]) .find(); expect(resultsSubDocumentIn.length).toBe(1); - // containedIn const results = await new Parse.Query('Parent').containedIn('children.child', [child1]).find(); expect(results.length).toBe(1); done(); diff --git a/src/Adapters/Storage/Mongo/MongoTransform.js b/src/Adapters/Storage/Mongo/MongoTransform.js index db3431fbdd..45e4edb0d7 100644 --- a/src/Adapters/Storage/Mongo/MongoTransform.js +++ b/src/Adapters/Storage/Mongo/MongoTransform.js @@ -771,7 +771,6 @@ function transformConstraint(constraint, restKey, field, count = false) { return CannotTransform; } - // transformer const inArray = field && field.type && field.type === 'Array'; const inSubDocument = restKey.includes('.'); const transformFunction =