All Versions
309
Latest Version
Avg Release Cycle
12 days
Latest Release
73 days ago

Changelog History
Page 11

  • v2.104.0 Changes

    March 11, 2020
    • πŸ‘ apos.utils.get and apos.utils.post now return a promise if invoked without a callback. This means you may use await with them. It is up to you to provide a Promise polyfill if you use this feature without callbacks and intend to support IE11. For instance you could use the core-js library. These methods are similar to $.get and $.post but do not require jQuery. apos.utils.post supports Apostrophe's CSRF protection natively so you do not have to add an exception if you use it. These methods are available in lean frontend mode.
    • apos.utils.get no longer adds an unnecessary ? to the URL it fetches if data has no properties. In addition, apos.utils.get leaves the URL unchanged if data is null.
    • ⚠ Recursion warnings now include a hint to add a projection to pieces-widgets as well as more obvious joins.
    • ⚑️ Dependencies updated to reflect latest version of emulate-mongo-2-driver, which contains an important fix to count.
  • v2.103.1 Changes

    March 04, 2020
    • πŸš€ An incompatibility with apostrophe-headless was introduced in Apostrophe 2.102.0. This version addresses that incompatibility, however you must also upgrade apostrophe-headless to version 2.9.3. The issue had to do with a change that was made to allow users to intentionally clear default values in forms. We are updating our regression test procedures to ensure that if a new release of apostrophe would break the unit tests of apostrophe-headless, it will not be published until that issue is resolved.
  • v2.103.0 Changes

    March 02, 2020
    • Frustrations with conflict resolution have been much improved. First, Apostrophe no longer displays the "another user has taken control of the document" message multiple times in a row. Second, due to changes in what browsers allow to happen when you leave the page, beginning in version 2.102.0 Apostrophe displayed too many messages about a conflict with your own work in another tab. We no longer display these messages. However, if there really is work lost for the same document in another tab, Apostrophe will still tell you what happened in order to teach the habit of not editing the same page in two tabs simultaneously.
    • You may now use select schema field with dynamic choices as a filter in "Manage Pieces."
    • 🚚 required is now enforced on the server side for joinByOne. However, note that it is always possible for the document you joined with to be moved to the trash at a later time. You must therefore always check that the join was really loaded before relying on it. Thanks to Ricardo JosΓ© RodrΓ­guez Álvarez.
    • βͺ Hidden information at the bottom of certain modals has been restored to view.
  • v2.102.5 Changes

    February 26, 2020
    • πŸ‘ Explicitly require emulate-mongo-2-driver 1.2.1 or better, to address a bug in 1.2.0.
  • v2.102.4 Changes

    February 25, 2020
    • πŸ—„ Explicitly require emulate-mongo-2-driver 1.2.0 or better, which provides a deprecation-free wrapper for count and fixes bugs in the wrapper for aggregate.
  • v2.102.3 Changes

    February 24, 2020
    • ⚑️ Security fix for Prototype Override Protection Bypass vulnerability in the qs module. It appears this risk only occurs when our build Nunjucks filter is used in conjunction with a URL based on what the browser sent, rather than starting with the _url property of the page and adding parameters to that with build, thus it is not an issue "out of the box" in all or most ApostropheCMS sites. However the vulnerability should be patched promptly because it could definitely exist in current or future project level code that uses build. To eliminate the risk, update to this version of Apostrophe and make sure you "npm update" to get the required updated version of qs via Apostrophe's dependencies.

    • πŸš€ This version also corrects a bug that prevented the recently released disableInactiveAccounts feature from working.

  • v2.102.2 Changes

    February 11, 2020
    • βœ‚ Removed the restriction preventing the use of mongodb+srv connection URIs with MongoDB. emulate-mongo-2-driver has no problem with these, since it passes them on to the 3.x driver.
    • ⚑️ Updated dependency to emulate-mongo-2-driver 1.1.0, which knocks out 100% of the common MongoDB deprecation warnings when using Apostrophe, with one exception: you should set the useUnifiedTopology: true option yourself. We do not do this for you because we cannot break legacy configurations using other topologies. However most of you can just turn this option on and enjoy more reliable connections and no more warnings.

    πŸ”§ Here is how to configure that in Apostrophe:

    // in app.js, where your modules key is...
    modules: {
      'apostrophe-db': {
        connect: {
          useUnifiedTopology: true
        }
      }
    }
    
  • v2.102.1 Changes

    February 10, 2020
    • πŸ“Œ Temporarily pinned to less version 3.10.x to work around an upstream bug that broke πŸš€ deployments.
  • v2.102.0 Changes

    January 30, 2020
    • Apostrophe now displays "Saving... Saved" indicators near the context βœ… menu in the lower left indicator. In our UX tests, users often did not realize Apostrophe automatically saved their work and were concerned by the lack of an explicit save button. In addition, Apostrophe no longer πŸ”€ attempts to save your remaining changes via a synchronous HTTP request when you πŸ—„ close the page, because this is deprecated in all browsers and disabled in many. Instead, Apostrophe uses the standard "you have unsaved changes, are you sure you wish to leave this page?" dialog. Together with the "saving... saved" indicator, this provides a mechanism for preventing πŸ’» lost work that is robust in modern browsers.

    This does impact Apostrophe's "advisory locking" mechanism that warns users πŸ”€ if another user is already editing. Since we cannot guarantee a synchronous request to unlock the page will ever be received, we have instead shortened the expiration time for document locks to 30 seconds. Since these are refreshed every 5 seconds there should be no negative impacts in typical use.

    πŸ‘ Thanks to Freshworks for making this improvement possible via Apostrophe Enterprise Support.

    • πŸ†• New disableInactiveAccounts option, which can be set like so: javascript 'apostrophe-users': { disableInactiveAccounts: true }

    0️⃣ By default, users from the "admin" group are whitelisted and the inactivity period is 90 days. This can be changed:

    {
      // in your project level lib/modules/apostrophe-users/index.js file
      disableInactiveAccounts: {
        neverDisabledGroups: [ 'test', 'otherGroup' ],
        // After 30 days without logging in, the account is marked disabled
        // on next login attempt, until an admin explicitly enables it again
        inactivityDuration: 30
      }
    }
    
    • ⚑️ A longstanding bug relating to schemas has been fixed. Previously, if you attempted to clear a string field that had a def property, that field would be repopulated with the def value. This was never intended; def is only for the initial population of a newly created object. If you were relying on this bug, update your code to use apos.schemas.newInstance(schema) from the start so that you begin with an object that has the right defaults for each field. Note that pieces, pages, etc. already do this.

    • βž• Added a bodyAttributes block to outerLayoutBase.html. You may override this block to add new attributes to body without overriding the entire outerLayoutBase.html template. It is a best practice to not override this template, use the provided blocks.

    • Fields of type attachment with required not set to true now work properly.

    • You may now set the loginUrl option of the apostrophe-login module to change the login URL from /login to something else. Thanks to Giuseppe Monteleone for this contribution.

    • πŸ‘ help property is now supported for array fields.

    • Uploads with a capitalized file extension are now accepted where appropriate. Thanks to Fernando Figaroli for this contribution.

    • When editing a join with pages, a nonfunctional edit pencil icon is no longer displayed. Actual inline editing of page settings from another page may be a 3.0 feature.

  • v2.101.1 Changes

    January 08, 2020
    • πŸ›  Dependency on emulate-mongo-2-driver is now explicitly set to require at least version 1.0.3 to bring in various fixes.
    • Reported landscape and portrait properties of an image attachment object now correspond to the crop in use, if any.