Merge branch 'docker' into cbaker6-patch-1

netreconlab · Jan 21, 2024 · b9b7e1b · b9b7e1b
2 parents 72d70fc + 8851797
commit b9b7e1b
Show file tree

Hide file tree

Showing 7 changed files with 39 additions and 52 deletions.
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -18,7 +18,7 @@ concurrency:
 jobs:
   build:
 
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     permissions:
       contents: read
       packages: write
@@ -47,7 +47,7 @@ jobs:
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           flavor: |
-             latest=false
+             latest=true
 
       - name: Build and push Docker image
         uses: docker/build-push-action@v3

diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
 ############################################################
 # Build stage
 ############################################################
-FROM node:lts-alpine AS build
+FROM node:18-alpine AS build
 
 RUN apk --no-cache add git
 WORKDIR /tmp
@@ -24,7 +24,7 @@ RUN npm ci --omit=dev --ignore-scripts \
 ############################################################
 # Release stage
 ############################################################
-FROM node:lts-alpine AS release
+FROM node:18-alpine AS release
 
 VOLUME /parse-server/cloud /parse-server/config
 

diff --git a/changelogs/CHANGELOG_release.md b/changelogs/CHANGELOG_release.md
@@ -1,3 +1,30 @@
+# [6.4.0](https://github.com/parse-community/parse-server/compare/6.3.1...6.4.0) (2023-11-16)
+
+
+### Bug Fixes
+
+* Parse Server option `fileUpload.fileExtensions` does not work with an array of extensions ([#8688](https://github.com/parse-community/parse-server/issues/8688)) ([6a4a00c](https://github.com/parse-community/parse-server/commit/6a4a00ca7af1163ea74b047b85cd6817366b824b))
+* Redis 4 does not reconnect after unhandled error ([#8706](https://github.com/parse-community/parse-server/issues/8706)) ([2b3d4e5](https://github.com/parse-community/parse-server/commit/2b3d4e5d3c85cd142f85af68dec51a8523548d49))
+* Remove config logging when launching Parse Server via CLI ([#8710](https://github.com/parse-community/parse-server/issues/8710)) ([ae68f0c](https://github.com/parse-community/parse-server/commit/ae68f0c31b741eeb83379c905c7ddfaa124436ec))
+* Server does not start via CLI when `auth` option is set ([#8666](https://github.com/parse-community/parse-server/issues/8666)) ([4e2000b](https://github.com/parse-community/parse-server/commit/4e2000bc563324389584ace3c090a5c1a7796a64))
+
+### Features
+
+* Add conditional email verification via dynamic Parse Server options `verifyUserEmails`, `sendUserEmailVerification` that now accept functions ([#8425](https://github.com/parse-community/parse-server/issues/8425)) ([44acd6d](https://github.com/parse-community/parse-server/commit/44acd6d9ed157ad4842200c9d01f9c77a05fec3a))
+* Add property `Parse.Server.version` to determine current version of Parse Server in Cloud Code ([#8670](https://github.com/parse-community/parse-server/issues/8670)) ([a9d376b](https://github.com/parse-community/parse-server/commit/a9d376b61f5b07806eafbda91c4e36c322f09298))
+* Add TOTP authentication adapter ([#8457](https://github.com/parse-community/parse-server/issues/8457)) ([cc079a4](https://github.com/parse-community/parse-server/commit/cc079a40f6849a0e9bc6fdc811e8649ecb67b589))
+
+### Performance Improvements
+
+* Improve performance of recursive pointer iterations ([#8741](https://github.com/parse-community/parse-server/issues/8741)) ([45a3ed0](https://github.com/parse-community/parse-server/commit/45a3ed0fcf2c0170607505a1550fb15896e705fd))
+
+## [6.3.1](https://github.com/parse-community/parse-server/compare/6.3.0...6.3.1) (2023-10-20)
+
+
+### Bug Fixes
+
+* Server crash when uploading file without extension; fixes security vulnerability [GHSA-792q-q67h-w579](https://github.com/parse-community/parse-server/security/advisories/GHSA-792q-q67h-w579) ([#8781](https://github.com/parse-community/parse-server/issues/8781)) ([fd86278](https://github.com/parse-community/parse-server/commit/fd86278919556d3682e7e2c856dfccd5beffbfc0))
+
 # [6.3.0](https://github.com/parse-community/parse-server/compare/6.2.2...6.3.0) (2023-09-16)
 
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "6.4.0-alpha.3",
+  "version": "6.4.0",
   "description": "An express module providing a Parse-compatible API server",
   "main": "lib/index.js",
   "repository": {

diff --git a/spec/ParseFile.spec.js b/spec/ParseFile.spec.js
@@ -1364,7 +1364,7 @@ describe('Parse.File testing', () => {
       );
     });
 
-    it('works with a period in the file name', async () => {
+    it('allows file without extension', async () => {
       await reconfigureServer({
         fileUpload: {
           enableForPublic: true,
@@ -1376,7 +1376,7 @@ describe('Parse.File testing', () => {
         'X-Parse-REST-API-Key': 'rest',
       };
 
-      const values = ['file.png.html', 'file.txt.png.html', 'file.png.txt.html'];
+      const values = ['filenamewithoutextension'];
 
       for (const value of values) {
         await expectAsync(
@@ -1388,47 +1388,7 @@ describe('Parse.File testing', () => {
           }).catch(e => {
             throw new Error(e.data.error);
           })
-        ).toBeRejectedWith(
-          new Parse.Error(Parse.Error.FILE_SAVE_ERROR, `File upload of extension html is disabled.`)
-        );
-      }
-    });
-
-    it('works to stop invalid filenames', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileExtensions: ['^[^hH][^tT][^mM][^lL]?$'],
-        },
-      });
-      const headers = {
-        'X-Parse-Application-Id': 'test',
-        'X-Parse-REST-API-Key': 'rest',
-      };
-
-      const values = [
-        '!invalid.png',
-        '.png',
-        '.html',
-        ' .html',
-        '.png.html',
-        '~invalid.png',
-        '-invalid.png',
-      ];
-
-      for (const value of values) {
-        await expectAsync(
-          request({
-            method: 'POST',
-            headers: headers,
-            url: `http://localhost:8378/1/files/${value}`,
-            body: '<html></html>\n',
-          }).catch(e => {
-            throw new Error(e.data.error);
-          })
-        ).toBeRejectedWith(
-          new Parse.Error(Parse.Error.INVALID_FILE_NAME, `Filename contains invalid characters.`)
-        );
+        ).toBeResolved();
       }
     });
 

diff --git a/src/Routers/FilesRouter.js b/src/Routers/FilesRouter.js
@@ -159,9 +159,9 @@ export class FilesRouter {
       } else if (contentType && contentType.includes('/')) {
         extension = contentType.split('/')[1];
       }
-      extension = extension.split(' ').join('');
+      extension = extension?.split(' ')?.join('');
 
-      if (!isValidExtension(extension)) {
+      if (extension && !isValidExtension(extension)) {
         next(
           new Parse.Error(
             Parse.Error.FILE_SAVE_ERROR,