v7.0.0 (2025-01-23)
- Updated to React 19.
- Rewrote most (nearly all) custom React elements to work with v19 (due to removal of
PropTypes).
- Rewrote most (nearly all) custom React elements to work with v19 (due to removal of
- Fixed (read: silenced) SASS deprecation warnings in Webpack config.
- Fixed security audits.
- Updated dependencies.
- Set minimum Node version to v22.13.
- Because of the upgrade to React 19, there are fairly major changes to the custom React elements.
v6.1.0 (2024-11-18)
- Updated dependencies.
- Fixed CHANGELOG.
- Set minimum Node version to v22.11, to help encourage updating.
- Updated self-updater to use SHA-512 for stronger file integrity, and future-proofing (also keeps in-line with Node standards).
v6.0.1 (2024-11-12)
- Updated Sails.
- Rebuilt
package-lock.json(it had several tweaks for security issues, which are no longer an issue).
v6.0.0 (2024-11-06)
- Made self-update a little smarter.
- Updated dependencies.
- Removed unneeded index.jsx.
v5.3.4 (2024-05-03)
- Fixed
ejsaudit warning. - Updated dependencies.
v5.3.3 (2024-04-29)
- Added
ignoreAssetsoption to the request logger. Should cut down noise a bit. - Re-installed dependencies to do a package-lock reset. Should fix issues reported by Snyk.
v5.3.2 (2024-04-22)
- Reworded the guide a bit, so it didn't sound so repetitive.
- Updated
fixted.
v5.3.1 (2024-04-22)
- Added a couple tips about TMUX to README.
v5.3.0 (2024-04-22)
- Added TMUX and self-update scripts.
- Updated README for the new scripts, and Aiven.io mention.
- Updated dependencies.
v5.2.3 (2024-04-09)
- Fixed issue with setup not setting DB SSL correctly.
- Fixed npm audit issues.
- Fixed metadata issue with Favicons.
- Updated dependencies.
v5.2.2 (2024-01-24)
- Fixed stupid mistake with README (no update to the badges).
- Commented out Codecov for now... It's reporting 0%, which is not true...
v5.2.1 (2024-01-24)
- Created the
.ncurcconfig file fornpm-check-updates. Doing this to "lock" Chai into v4 onncucalls. - Small tweak to
local.js.sample. - Updated dependencies.
v5.2.0 (2024-01-11)
- Made setup script handle DEV default DEK and session secret generation.
- NPM audit fix for
follow-redirects. - Updated dependencies.
v5.1.1 (2024-01-06)
- Minor corrections.
v5.1.0 (2024-01-06)
- Created the datastore wipe script, to clear LOCAL / DEVELOPMENT datastore(s). It's just like
DROPing the database. Will not run on PRODUCTION (or whenmigrate = 'safe'). - Converted
.mocharc.yml->.mocharc(JSON) to be more consistent. - Made the Ngrok script capable of installing
@ngrok/ngrokwhen needed. - Minor visual fix in security settings page.
- Built the "reactivate user" endpoint.
- Corrected "edit" and "delete" user routes to use ID in the route.
- Fixed issue in 2FA backup token generation, where it was possible to generate a pure number backup token. Now will ALWAYS have at least 1 letter.
- Updated dependencies.
v5.0.0 (2023-12-05)
- Made
app.jsexecutable, so now you can run./app.jsdirectly. - Rewrote how the Ngrok script reads Sails' config files (now uses Sails' internal config loader).
- Fixed Travis / Codecov integration (so now it's not running the test suite twice).
- Created the
enforceForeignKeysconfig option, to make testing PRODUCTION locally easier. - Changed the configuration for PRODUCTION's
DATA_ENCRYPTION_KEY. Will now throw an error on boot if not supplied. - Made
bootstrap.jsenforce use of eitherapp.jsorngrok.jsthrough detection ofNOT_FROM_SAILS_LIFTenvironment variable. - Created a new configuration file (
config/ngrok.js) for ngrok.js. - Fixed relative links in README.
- Created the
setup.jsscript for easy interactive configuration. - Made
npm run create:admininteractive. - Updated dependencies.
v4.3.1 (2023-11-05)
- Removed
@ngrok/ngrokfrom dependencies. Not supposed to be pre-installed.
v4.3.0 (2023-11-04)
- Fixed the "create user" modal.
- Fixed the pagination bar when
pages= 0. - Added small css tweaks for light / dark theme transitions.
- Updated Node LTS version for docker / package.
- Removed
omit=optionalfrom.npmrc. - Replaced code coverage files with Codecov.
- Updated dependencies.
- Replaced
ngrokwith official@ngrok/ngrokin ngrok.js.
v4.2.4 (2023-10-30)
- Fixed Bootstrap build. (Missing dark-mode file.)
- Built light / dark / auto switch for admin.
- Updated dependencies.
v4.2.3 (2023-10-03)
- Minor consistency tweaks.
- Added Discord button to README.
- Updated dependencies.
v4.2.2 (2023-09-13)
- Added in a new configuration to enable/disable automatic request logging.
- Updated dependencies.
v4.2.1 (2023-04-23)
- Removed optional dependencies from
package.json, as the setup would remove optional dependencies when installing new packages without use of--include=optional... - Changed use of
NGROK_URL->BASE_URL. - Renamed
NGROK_AUTH->NGROK_TOKENto avoid confusion with thengrok.jsconfig optionauth. - Added some Ngrok config options.
- Updated dependencies.
v4.2.0 (2023-04-20)
- Built a script for
Ngrok, which will build assets, start Sails, and create an Ngrok tunnel (to the configured PORT). - Built 2FA (2-Factor Authentication) capabilities.
- Added
appNameas a config option. - Added
createdByto theUsermodel. - Added
sails-hook-autoreloadsupport (must manually install). - Built session expiration handling.
- Built password changing modal / API.
- Made session data saving automatic, and work with both sessions / API tokens.
- Fixed some README quirks.
- Removed unneeded React imports (because of the Babel transform). For more info, read this announcement (from 2020...).
- Updated React links to use their new domain.
- Removed
serve-staticin favor ofexpress.static. - Updated dependencies.
- Moved CSRF secret storage from the
datacolumn, to its own column, so it can easily be encrypted/decrypted in theSessionmodel. - Changed how API tokens are handled. So now, when using an API token, the ID must be given first, then the token, seperated by a colon.
Example:Authorizationheader is:tokenID:apiToken(orBearer tokenID:apiToken). This is becausetokenis now an encrypted column. - Renamed
sails.helpers.updateCsrf->sails.helpers.updateCsrfAndExpiryto reflect the session expiry update. - Renamed
req.requestId/env.req.requestId->req.id/env.req.idto better match general convention. - Renamed
process.env->appConfigin the Webpack config (a variable used to pass data down to the frontend). What was I doing?!...
v4.1.1 (2023-03-14)
- Fixed a stupid mistake in
api/controllers/admin/get-users.js. - Updated dependencies.
v4.1.0 (2023-03-13)
- Alphabetized the scripts in
package.json. - Added custom configuration options to the main
README. - Updated dependencies.
- Reworked how tests are run, so they are a bit more organized in a nested tree for reporting.
- Added JSDoc comments to most helpers to aid with auto-completion (some helpers aren't meant to be used outside of automation).
- Added some
READMEfiles to a few key folders. - Added table of contents to README.
- Renamed
sails.config.logSensitiveData->sails.config.security.requestLogger.logSensitiveData. - Rewrote the
keepModelsSafehelper to better handle dates (Javascript or Moment). - Changed
sails.helpers.getErrorMessagesto be a synchronous function. - Changed
sails.helpers.simplifyErrorsto be a synchronous function. - Changed
sails.helpers.generateTokento useSHA512instead ofSHA256, doubling the size of tokens (64 -> 128).
- Switching
Moment.js->Luxonper Moment's recommendations. There are a few difference to be aware of: https://moment.github.io/luxon/#/moment. Display formats are also different between the 2.
v4.0.1 (2023-02-19)
- Updated GitHub CodeQL config.
- Regenerated package-lock.json to use version 3.
- Manually updated
package-lock.jsonto clearnpm auditissues. - Updated dependencies.
- Updated Node min requirement to 18.14.
v4.0.0 (2023-02-11)
- More work on automated tests and utilities.
- Updated dependencies.
- Removed
md5/sha1/uuidpackages, in favor of Node built-ins.
- Renamed tests entry point (
test/hooks.js->test/startTests.js).
v3.2.1 (2022-11-16)
- Downgraded SASS to prevent issues with deprecations.
v3.2.0 (2022-11-16)
- Built out PnwedPasswords.com (HaveIBeenPwned.com) API functionality into
is-password-validhelper. - Can be disabled in config/security.js.
- FINALLY removed the usage of
res._headers, so no more annoying deprecation message. - Simplified stored session data.
- Updated dependencies.
v3.1.1 (2022-09-08)
- Made improvements to SASS files for new Bootstrap version.
- Updated dependencies.
v3.1.0 (2022-09-05)
- Built start of new user management page, mostly for proof-of-concept purposes.
- Built "semi-smart" pagination front-end components. More tweaks are required.
v3.0.3 (2022-08-18)
- Fixed an issue with
webpack-dev-server's reload issue with complex routes (/admin/dashboard would fail to render properly on reload). - Updated usage of
substr->substringthroughout the project. - Updated dependencies (except Bootstrap v5.1.3 -> v5.2.0, because it fails to compile with SASS).
v3.0.2 (2022-04-23)
- Rebuilt ENV variables table, again.
- Updated dependencies.
v3.0.1 (2022-04-13)
- Created the
.travis.ymlfile.
v3.0.0 (2022-04-13)
- Fixed the reloading issue when using Webpack Dev Server.
v3.0.0-beta (2022-03-19)
- Fixed this CHANGELOG (incorrect date).
- Updated Dockerfile and package.json to new Node LTS v16.13 requirement.
- Fixed a bug in the
forceUppercaseOnFirstfunction in theUser model. - Changed default connections to datastores to have SSL enabled (must now explicitly disable SSL connections for remote servers).
- Removed use of global model names, in-favor of
sails.modelsusage (for consistency, and to more easily allow disabling of global models).
- Updated to React v18. See: the upgrade guide to React 18.
- Updated to React Router DOM v6. See: the v5 -> v6 migration guide. This requires a MAJOR overhaul of how routes are handled.
- Moved some controllers into a "common" folder, instead of the "admin" folder (as they could be used outside of admin controls).
- There is an issue with the Webpack dev server, and the way React routes are handled. Currently, if you aren't loading from an entry point (like /admin), and you refresh the page (on like /admin/dashboard), nothing renders. While this is not an issue for built assets, it is an issue if you are working with the auto-reload dev server. I'm still working on a fix for this, and suspect it's an issue from moving to the new React Router.
v2.0.0 (2021-10-24)
- Updated all dependencies to most recent versions.
- Built out more tests to get better coverage.
- Created this CHANGELOG.
- Updated to Bootstrap v5 and React-Bootstrap v2. There are several breaking changes between Bootstrap v4 and Bootstrap v5, see the migration documentation for the complete list of breaking changes. Also see the React-Bootstrap migration guide.
- Changed default connections to datastores to have SSL enabled (must now explicitly disable SSL connections for remote servers).
v1.9.0 (2020-08-30)
- Created a better handling of the custom API layer for React. Removed need for
<APIConsumer>in favor of state. - Updated the React demo to use a navbar.
- Removed
<APIConsumer>. Must now pass around a state property (or some other form of variable).
v1.8.1 (2020-08-30)
- Created API token handling (bearer tokens). Should only be used over HTTPs or for local testing tools.
- Added a
<noscript>message to the entry template.
v1.8.0 (2020-08-26)
- Removed need for EJS to have Sails serve the different entry points (marketing vs admin).
v1.7.0 (2020-08-25)
- Created pagination helpers; one for model queries, one for API output.
- Created README in
.idea(IntelliJ) folder.
v1.6.0 (2020-08-16)
- Created
Dockerfile. - Added a few more comments.
- Updated NPM packages.
- Built better testing for project hook.
v1.5.2 (2020-08-10)
- Fixed webpack config.
- Made
isLoggedInpolicy clear cookie if not logged in.