Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: protected fields exposed via LiveQuery (GHSA-crrq-vr9j-fxxh) #8074

Merged
merged 2 commits into from
Jun 30, 2022
Merged

fix: protected fields exposed via LiveQuery (GHSA-crrq-vr9j-fxxh) #8074

merged 2 commits into from
Jun 30, 2022

Conversation

mtrezza
Copy link
Member

@mtrezza mtrezza commented Jun 26, 2022

No description provided.

@parse-github-assistant
Copy link

parse-github-assistant bot commented Jun 26, 2022
edited
Loading

Thanks for opening this pull request!

  • ❌ Please edit your post and use the provided template when creating a new pull request. This helps everyone to understand your post better and asks for essential information to quicker review the pull request.

@codecov
Copy link

codecov bot commented Jun 26, 2022
edited
Loading

Codecov Report

Merging #8074 (deb5172) into release-4.x.x (8580a52) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@              Coverage Diff               @@
##           release-4.x.x    #8074   +/-   ##
==============================================
  Coverage          93.82%   93.82%           
==============================================
  Files                170      170           
  Lines              12502    12521   +19     
==============================================
+ Hits               11730    11748   +18     
- Misses               772      773    +1
Impacted Files Coverage Δ
src/Controllers/DatabaseController.js 95.22% <100.00%> (+<0.01%) ⬆️
src/LiveQuery/ParseCloudCodePublisher.js 100.00% <100.00%> (ø)
src/LiveQuery/ParseLiveQueryServer.js 95.18% <100.00%> (+0.14%) ⬆️
src/Routers/FilesRouter.js 87.60% <100.00%> (+0.53%) ⬆️
src/RestWrite.js 93.60% <0.00%> (-0.17%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6286d2e...deb5172. Read the comment docs.

@mtrezza mtrezza closed this Jun 26, 2022
@mtrezza mtrezza reopened this Jun 30, 2022
@mtrezza mtrezza changed the title fix release 4.x.x fix: protected fields exposed via LiveQuery ([GHSA-crrq-vr9j-fxxh](https://github.com/parse-community/parse-server/security/advisories/GHSA-crrq-vr9j-fxxh)) Jun 30, 2022
@mtrezza mtrezza merged commit 054f3e6 into parse-community:release-4.x.x Jun 30, 2022
@mtrezza mtrezza changed the title fix: protected fields exposed via LiveQuery ([GHSA-crrq-vr9j-fxxh](https://github.com/parse-community/parse-server/security/advisories/GHSA-crrq-vr9j-fxxh)) fix: protected fields exposed via LiveQuery (GHSA-crrq-vr9j-fxxh) Jun 30, 2022
mtrezza added a commit that referenced this pull request Jun 30, 2022
@mtrezza
fix: protected fields exposed via LiveQuery; this removes protected f…
309f64c 
…ields from the client response; this may be a breaking change if your app is currently expecting to receive these protected fields ([GHSA-crrq-vr9j-fxxh](GHSA-crrq-vr9j-fxxh)) (#8074) (#8073)
parseplatformorg pushed a commit that referenced this pull request Jun 30, 2022
@semantic-release-bot
chore(release): 4.10.13 [skip ci]
4748e9b 
## [4.10.13](4.10.12...4.10.13) (2022-06-30)

### Bug Fixes

* protected fields exposed via LiveQuery; this removes protected fields from the client response; this may be a breaking change if your app is currently expecting to receive these protected fields ([GHSA-crrq-vr9j-fxxh](GHSA-crrq-vr9j-fxxh)) ([#8074](#8074)) ([054f3e6](054f3e6))
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 4.10.13

@parseplatformorg parseplatformorg added the state:released-4.x.x Released as LTS version label Jun 30, 2022
@parse-github-assistant
Copy link

The label state:released-4.x.x cannot be used here.

@parse-github-assistant parse-github-assistant bot removed the state:released-4.x.x Released as LTS version label Jun 30, 2022
parseplatformorg pushed a commit that referenced this pull request Jun 30, 2022
@semantic-release-bot
chore(release): 5.2.4 [skip ci]
e42be5c 
## [5.2.4](5.2.3...5.2.4) (2022-06-30)

### Bug Fixes

* protected fields exposed via LiveQuery; this removes protected fields from the client response; this may be a breaking change if your app is currently expecting to receive these protected fields ([GHSA-crrq-vr9j-fxxh](GHSA-crrq-vr9j-fxxh)) (#8074) ([#8073](#8073)) ([309f64c](309f64c))
@snyk-bot snyk-bot mentioned this pull request Jul 2, 2022
Closed
@mtrezza mtrezza deleted the fix-release-4.x.x branch July 2, 2022 09:21
This was referenced Oct 30, 2022
Open
Open
@tkhieu tkhieu mentioned this pull request Dec 4, 2022
Open
@madztheo madztheo mentioned this pull request Dec 4, 2022
Open
@ninadhatkar ninadhatkar mentioned this pull request Dec 4, 2022
Open
@digitake digitake mentioned this pull request Dec 4, 2022
Open
@harshmalik harshmalik mentioned this pull request Dec 5, 2022
Open
@hegemon70 hegemon70 mentioned this pull request Dec 5, 2022
Open
@hopetambala hopetambala mentioned this pull request Dec 5, 2022
Open
@hopetambala hopetambala mentioned this pull request Nov 28, 2023
Open
@hopetambala hopetambala mentioned this pull request Dec 19, 2023
Open
@hopetambala hopetambala mentioned this pull request Mar 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mtrezza @parseplatformorg