4.1.0

New features

• Show warning when http_scheme is not set to https (#706, thanks @Prashant-Surya)

Bug fixes

• Fix sorting/filtering history entries by date field
• On subobject filtering, return a 400 error response only if first level field
  is unknown (on resources with strict schema)

4.0.1

Bug fixes

• Return 400 error response when history is filtered with unknown field
• Fix crash on permissions endpoint when history is enabled (#774)
• Fix crash on history when interacting via the bucket plural endpoint (/buckets) (fixes #773)

Internal changes

• Fix documentation of errors codes (fixes #766)
• kinto.id_generator was removed from documentation since it does not
  behave as expected (fixes #757, thanks @doplumi)
  folder and a kinto.core.testing module was introduced for tests helpers
  (fixes #605)
• In documentation, link the notion of principals to the permissions page instead
  of glossary
• Add details about PATCH behaviour (fixes #566)

4.0.0

Breaking changes

• kinto --version was renamed kinto version
• ResourceChanged and AfterResourceChanged events now return
  old and new records for the delete action. (#751)
• Redis backends are not part of the core anymore. (#712).
  Use kinto_redis.cache instead of kinto.core.cache.redis
  Use kinto_redis.storage instead of kinto.core.storage.redis
  Use kinto_redis.permission instead of kinto.core.permission.redis
• Redis listener is not part of the core anymore. (#712)
  Use kinto.event_listeners.redis.use = kinto_redis.listeners instead of
  kinto.event_listeners.redis.use = kinto.core.listeners.redis
• Notion of unique fields was dropped from kinto.core resources.

Protocol

• Added a /__version__ endpoint with the version that has been deployed. (#747)
• Allow sub-object filtering on plural endpoints (e.g ?person.name=Eliot) (#345)
• Allow sub-object sorting on plural endpoints (e.g ?_sort=person.name) (#345)

Protocol is now at version 1.9. See API changelog_.

New features

• Added a new built-in plugin kinto.plugins.history that keeps track of every action
  that occured within a bucket and serves a stream of changes that can be synced.
  See API documentation.
• Added a new --dry-run option to command-line script migrate that will simulate
  migration operation without executing on the backend (thanks @lavish205! #685)
• Added ability to plug custom StatsD backend implementations via a new kinto.statsd_backend
  setting. Useful for Datadog™ integration for example (fixes #626).
• Added a delete-collection action to the kinto command. (#727)
• Added verbosity options to the kinto command. (#745)
• Added a built-in plugin that allows to define quotas per bucket or collection. (#752)

Bug fixes

• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together.
• Fix crash when an invalid UTF-8 character is provided in URL
• Fix crash when provided last_modified field is not divisible (e.g. string)

Internal changes

• Huge rework of documentation after the merge of Cliquet into kinto.core (#731)
• Improve the documentation about generating docs (fixes #615)
• Switch from cliquet-pusher to kinto-pusher in Dockerfile and tutorial.
• List posssible response status on every endpoint documentation (#736)
• Remove duplicated and confusing docs about generic resources
• Replace the term protocol by API in documentation (fixes #664)
• Add load tests presets (exhaustive, read, write) in addition to the existing random. Switched integration test make loadtest-check-simulation to run the exhaustive one (fixes #258)
• Remove former Cliquet load tests (#733)
• Add a flag to to run simulation load tests on default bucket. Uses blog
  bucket by default (#733)
• Add command-line documentation (#727)
• The --backend command-line option for kinto init is not accepted as first
  parameter anymore
• Improved parts of the FAQ (#744)
• Improve 404 and 403 error handling to make them customizable. (#748)
• kinto.core resources are now schemaless by default (fixes #719)

3.3.2

Bug fixes

• Fix Redis get_accessible_object implementation (#725)
• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together (#728)

3.2.4

Bug fixes

• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together (#728)

3.3.1

Protocol

• Add the permissions_endpoint capability when the kinto.experimental_permissions_endpoint is set. (#722)

3.3.0

Protocol

• Add new experimental endpoint GET /v1/permissions to retrieve the list of permissions
  granted on every kind of object (#600).
  Requires setting kinto.experimental_permissions_endpoint to be set to true.

Protocol is now at version 1.8. See API changelog.

Bug fixes

• Fix crash in authorization policy when requesting GET /buckets/collections (fixes #695)
• Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
  Regression introduced in 3.2.0 with #655.
• Fix crash with PostgreSQL storage backend is configured as read-only and reaching
  the records endpoint of an unknown collection (fixes #693, related #558)
• Fix events payloads for actions in the default bucket (fixes #704)
• Fix bug in object permissions with memory backend
• Make sure the tombstone is deleted when the record is created with PUT. (#715)
• Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
• Fix crash in memory backend with Python3 when filtering on unknown field

Internal changes

• Resource events constructors signatures were changed. The event payload is now
  built immediately when event is fired instead of during transactoin commit (#704).
• Fix crash when a resource is registered without record path.
• Changed behaviour of accessible objects in permissions backend when list of
  bound permissions is empty.
• Bump last_modified on record when provided value is equal to previous
  in storage update() method (#713)
• Add ability to delete records and purge tombstones with just the parent_id
  parameter (#711)
• Buckets deletion is now a lot more efficient, since every sub-objects are
  deleted with a single operation on storage backend (#711)
• Added get_objects_permissions() method in permission backend (#714)
• Changed get_accessible_objects(), get_authorized_principals() methods
  in permission backend (#714)
• Simplified and improved the code quality of kinto.core.authorization,
  mainly by keeping usage of get_bound_permissions callback in one place only.

3.2.3

Bug fixes

• Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
• Fix crash in memory backend with Python3 when filtering on unknown field

3.2.2

• Fix bug in object permissions with memory backend (#708)
• Make sure the tombstone is deleted when the record is created with PUT. (#715)
• Bump last_modified on record when provided value is equal to previous
  in storage update() method (#713)

3.2.1

Bug fixes

• Fix HTTP API version number exposed (1.7)
• Fix crash in authorization policy when requesting GET /buckets/collections (fixes #695)
• Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
  Regression introduced in 3.2.0 with #655.
• Fix crash with PostgreSQL storage backend is configured as read-only and reaching
  the records endpoint of an unknown collection (fixes #693, related #558)