Conversation
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…triggers from `protectedFields` (#10288)
# [9.7.0-alpha.1](9.6.1...9.7.0-alpha.1) (2026-03-23) ### Features * Add `protectedFieldsTriggerExempt` option to exempt Cloud Code triggers from `protectedFields` ([#10288](#10288)) ([1610f98](1610f98))
…ed fields from save responses (#10289)
# [9.7.0-alpha.2](9.7.0-alpha.1...9.7.0-alpha.2) (2026-03-23) ### Features * Add `protectedFieldsSaveResponseExempt` option to strip protected fields from save responses ([#10289](#10289)) ([4f7cb53](4f7cb53))
# [9.7.0-alpha.3](9.7.0-alpha.2...9.7.0-alpha.3) (2026-03-23) ### Bug Fixes * Maintenance key blocked from querying protected fields ([#10290](#10290)) ([7c8b213](7c8b213))
…gacyApi: false` (#10293)
# [9.7.0-alpha.4](9.7.0-alpha.3...9.7.0-alpha.4) (2026-03-24) ### Bug Fixes * Missing error messages in Parse errors ([#10304](#10304)) ([f128048](f128048))
# [9.7.0-alpha.5](9.7.0-alpha.4...9.7.0-alpha.5) (2026-03-25) ### Bug Fixes * Postgres query on non-existent column throws internal server error ([#10308](#10308)) ([c5c4325](c5c4325))
# [9.7.0-alpha.11](9.7.0-alpha.10...9.7.0-alpha.11) (2026-03-28) ### Bug Fixes * Cloud function validator bypass via prototype chain traversal ([GHSA-vpj2-qq7w-5qq6](https://github.com/parse-community/parse-server/security/advisories/GHSA-vpj2-qq7w-5qq6)) ([#10342](#10342)) ([dc59e27](dc59e27))
# [9.7.0-alpha.12](9.7.0-alpha.11...9.7.0-alpha.12) (2026-03-29) ### Bug Fixes * GraphQL complexity validator exponential fragment traversal DoS ([GHSA-mfj6-6p54-m98c](GHSA-mfj6-6p54-m98c)) ([#10344](#10344)) ([f759bda](f759bda))
# [9.7.0-alpha.13](9.7.0-alpha.12...9.7.0-alpha.13) (2026-03-29) ### Features * Add support for `partialFilterExpression` in MongoDB storage adapter ([#10346](#10346)) ([8dd7bf2](8dd7bf2))
# [9.7.0-alpha.14](9.7.0-alpha.13...9.7.0-alpha.14) (2026-03-29) ### Bug Fixes * Session field immutability bypass via falsy-value guard ([GHSA-f6j3-w9v3-cq22](GHSA-f6j3-w9v3-cq22)) ([#10347](#10347)) ([9080296](9080296))
# [9.7.0-alpha.15](9.7.0-alpha.14...9.7.0-alpha.15) (2026-03-29) ### Bug Fixes * Batch login sub-request rate limit uses IP-based keying ([#10349](#10349)) ([63c37c4](63c37c4))
# [9.7.0-alpha.16](9.7.0-alpha.15...9.7.0-alpha.16) (2026-03-29) ### Bug Fixes * LiveQuery protected-field guard bypass via array-like logical operator value ([GHSA-mmg8-87c5-jrc2](GHSA-mmg8-87c5-jrc2)) ([#10350](#10350)) ([f63fd1a](f63fd1a))
# [9.7.0-alpha.17](9.7.0-alpha.16...9.7.0-alpha.17) (2026-03-29) ### Bug Fixes * Cloud Code trigger context vulnerable to prototype pollution ([#10352](#10352)) ([d5f5128](d5f5128))
…ount` and `modifiedCount` from `DatabaseController.update` with `many: true` (#10353)
# [9.7.0-alpha.18](9.7.0-alpha.17...9.7.0-alpha.18) (2026-03-30) ### Features * Extend storage adapter interface to optionally return `matchedCount` and `modifiedCount` from `DatabaseController.update` with `many: true` ([#10353](#10353)) ([aea7596](aea7596))
|
🚀 Thanks for opening this pull request! We appreciate your effort in improving the project. Please let us know once your pull request is ready for review. Tip
Note Please respond to review comments from AI agents just like you would to comments from a human reviewer. Let the reviewer resolve their own comments, unless they have reviewed and accepted your commit, or agreed with your explanation for why the feedback was incorrect. Caution Pull requests must be written using an AI agent with human supervision. Pull requests written entirely by a human will likely be rejected, because of lower code quality, higher review effort and the higher risk of introducing bugs. Please note that AI review comments on this pull request alone do not satisfy this requirement. |
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## release #10354 +/- ##
===========================================
- Coverage 92.55% 92.51% -0.04%
===========================================
Files 192 192
Lines 16484 16554 +70
Branches 227 231 +4
===========================================
+ Hits 15256 15315 +59
- Misses 1208 1217 +9
- Partials 20 22 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
🎉 This change has been released in version 9.7.0 |
3 participants
Release
This pull request was created automatically according to the release cycle.
Warning
Only use
Merge Committo merge this pull request. Do not useRebase and MergeorSquash and Merge.