Skip to content

Ver. 0.9.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@Alex4386 Alex4386 released this 22 Aug 14:29
· 61 commits to main since this release
v0.9.0
93dd017
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Welcome back! It's been a long time.
We're now releasing meiliNG version 0.9.0! 🥳

This version introduces a lot of breaking changes and underlying code change.

What's new?

  • Major rewrite on how errors are handled.
  • Fastify Errors are now properly handled in meiliNG's format.
  • Developer mode now helps with your debug with detailed stacktrace on your response
  • Added sentry support!
  • Experimental "Swagger"/"OpenAPI 3.0" support.
  • /v1/admin/sessions/count endpoint is now implemented!
  • Fixed a bug on id_token generation that did not provide key id on JWT itself.
  • added user-land CRUD operation for e-mail and phone
  • Fixed isPrimary property was not properly handled via addPhone function call. oops.
  • Two Factor authentication now reached stable!
  • TOTP and WebAuthn Support!
  • Fixed several bugs on PGP signature 2FA flow
  • Rate limiting will now issued faster without DB query with runtime rate-limit cache
    (Special Thanks to someone DDoS-attacked our backend 🤦🏻, should done this from beginning)
  • administrative login support to specific session with /v1/admin/auth/login. This can be used for custom login flows such as oAuth2/SAML2 integration with third-party.
  • Mitigated potential prisma query injection vulnerability that @kjsman pointed out. Thanks!
  • Mitigated potential prototype pollution vulnerability that @kjsman pointed out
  • Fixed admin endpoints can not process GET queries if the query contains numeric characters only
  • Fixed /v1/admin/users/:userId/phones and /v1/admin/users/:userId/phones/:phoneId endpoints not working properly (no response, querying wrong db)
  • Fixed a bug that "Deleted" users could not be looked up via User.getDetailInfo.
  • Fixed a bug that /v1/admin endpoints return undefined on /v1/admin/users endpoint when deleted user occurrs
  • Fixed a bug that lead to unable to lookup any "Deleted" users via admin endpoints
  • Fixed obsolete eslint version
  • Updated Target Typescript version to 4.7.4
  • Updated Prisma to 4.1.1

Now that's a-lotta-features!

The following features are now deployed and available on Stella IT Accounts.
Thank you for choosing meiliNG!

Contributors

kjsman
Assets 2
Loading