-
-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Rate limiting across multiple servers via Redis not working #8469
Conversation
Thanks for opening this pull request! |
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## alpha #8469 +/- ##
==========================================
+ Coverage 94.30% 94.31% +0.01%
==========================================
Files 183 183
Lines 14484 14501 +17
==========================================
+ Hits 13659 13677 +18
+ Misses 825 824 -1
... and 2 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
This reverts commit 139635f.
I'm using the same PR title here as the feature isn't actually usable in the previous patch due to the typo. I think the issue was missed due to a number of flaky other tests, which I have addressed in #8468 |
This is an alpha fix, but unfortunately it will incorrectly appear also in beta and stable release changelogs because of semantic-release/changelog#303. I think the best way is to treat this as the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, rerunning failing CI jobs
# [6.1.0-alpha.7](6.1.0-alpha.6...6.1.0-alpha.7) (2023-03-10) ### Bug Fixes * Rate limiting across multiple servers via Redis not working ([#8469](#8469)) ([d9e347d](d9e347d))
🎉 This change has been released in version 6.1.0-alpha.7 |
# [6.1.0-beta.2](6.1.0-beta.1...6.1.0-beta.2) (2023-05-01) ### Bug Fixes * LiveQuery can return incorrectly formatted date ([#8456](#8456)) ([4ce135a](4ce135a)) * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([#8446](#8446)) ([22d2446](22d2446)) * Parameters missing in `afterFind` trigger of authentication adapters ([#8458](#8458)) ([ce34747](ce34747)) * Rate limiting across multiple servers via Redis not working ([#8469](#8469)) ([d9e347d](d9e347d)) ### Features * Add `afterFind` trigger to authentication adapters ([#8444](#8444)) ([c793bb8](c793bb8)) * Add rate limiting across multiple servers via Redis ([#8394](#8394)) ([34833e4](34833e4)) * Allow multiple origins for header `Access-Control-Allow-Origin` ([#8517](#8517)) ([4f15539](4f15539)) * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([#8443](#8443)) ([40c1961](40c1961))
🎉 This change has been released in version 6.1.0-beta.2 |
# [6.1.0](6.0.0...6.1.0) (2023-05-01) ### Bug Fixes * LiveQuery can return incorrectly formatted date ([#8456](#8456)) ([4ce135a](4ce135a)) * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([#8446](#8446)) ([22d2446](22d2446)) * Parameters missing in `afterFind` trigger of authentication adapters ([#8458](#8458)) ([ce34747](ce34747)) * Rate limiting across multiple servers via Redis not working ([#8469](#8469)) ([d9e347d](d9e347d)) * Security upgrade jsonwebtoken to 9.0.0 ([#8420](#8420)) ([f5bfe45](f5bfe45)) ### Features * Add `afterFind` trigger to authentication adapters ([#8444](#8444)) ([c793bb8](c793bb8)) * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([#8436](#8436)) ([b3b76de](b3b76de)) * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([#7551](#7551)) ([e5d610e](e5d610e)) * Add rate limiting across multiple servers via Redis ([#8394](#8394)) ([34833e4](34833e4)) * Allow multiple origins for header `Access-Control-Allow-Origin` ([#8517](#8517)) ([4f15539](4f15539)) * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([#8388](#8388)) ([a49e323](a49e323)) * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([#8443](#8443)) ([40c1961](40c1961))
🎉 This change has been released in version 6.1.0 |
commit 1506273 Author: semantic-release-bot <[email protected]> Date: Sat May 20 23:24:03 2023 +0000 chore(release): 6.2.0 [skip ci] # [6.2.0](parse-community/parse-server@6.1.0...6.2.0) (2023-05-20) ### Features * Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` ([parse-community#8538](parse-community#8538)) ([a318e7b](parse-community@a318e7b)) commit a318e7b Author: Manuel <[email protected]> Date: Sun May 21 01:23:00 2023 +0200 feat: Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` (parse-community#8538) commit 832702d Author: semantic-release-bot <[email protected]> Date: Mon May 1 21:50:23 2023 +0000 chore(release): 6.1.0 [skip ci] # [6.1.0](parse-community/parse-server@6.0.0...6.1.0) (2023-05-01) ### Bug Fixes * LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a)) * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446)) * Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747)) * Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d)) * Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45)) ### Features * Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8)) * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de)) * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e)) * Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4)) * Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539)) * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323)) * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961)) commit 18b63d1 Merge: f7eee19 f59d46c Author: Manuel <[email protected]> Date: Mon May 1 23:49:22 2023 +0200 build: Release (parse-community#8526)
commit 1506273 Author: semantic-release-bot <[email protected]> Date: Sat May 20 23:24:03 2023 +0000 chore(release): 6.2.0 [skip ci] # [6.2.0](parse-community/parse-server@6.1.0...6.2.0) (2023-05-20) ### Features * Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` ([parse-community#8538](parse-community#8538)) ([a318e7b](parse-community@a318e7b)) commit a318e7b Author: Manuel <[email protected]> Date: Sun May 21 01:23:00 2023 +0200 feat: Add new Parse Server option `fileUpload.fileExtensions` to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern `^[^hH][^tT][^mM][^lL]?$`, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to `['.*']` (parse-community#8538) commit 832702d Author: semantic-release-bot <[email protected]> Date: Mon May 1 21:50:23 2023 +0000 chore(release): 6.1.0 [skip ci] # [6.1.0](parse-community/parse-server@6.0.0...6.1.0) (2023-05-01) ### Bug Fixes * LiveQuery can return incorrectly formatted date ([parse-community#8456](parse-community#8456)) ([4ce135a](parse-community@4ce135a)) * Nested date is incorrectly decoded as empty object `{}` when fetching a Parse Object ([parse-community#8446](parse-community#8446)) ([22d2446](parse-community@22d2446)) * Parameters missing in `afterFind` trigger of authentication adapters ([parse-community#8458](parse-community#8458)) ([ce34747](parse-community@ce34747)) * Rate limiting across multiple servers via Redis not working ([parse-community#8469](parse-community#8469)) ([d9e347d](parse-community@d9e347d)) * Security upgrade jsonwebtoken to 9.0.0 ([parse-community#8420](parse-community#8420)) ([f5bfe45](parse-community@f5bfe45)) ### Features * Add `afterFind` trigger to authentication adapters ([parse-community#8444](parse-community#8444)) ([c793bb8](parse-community@c793bb8)) * Add option `schemaCacheTtl` for schema cache pulling as alternative to `enableSchemaHooks` ([parse-community#8436](parse-community#8436)) ([b3b76de](parse-community@b3b76de)) * Add Parse Server option `resetPasswordSuccessOnInvalidEmail` to choose success or error response on password reset with invalid email ([parse-community#7551](parse-community#7551)) ([e5d610e](parse-community@e5d610e)) * Add rate limiting across multiple servers via Redis ([parse-community#8394](parse-community#8394)) ([34833e4](parse-community@34833e4)) * Allow multiple origins for header `Access-Control-Allow-Origin` ([parse-community#8517](parse-community#8517)) ([4f15539](parse-community@4f15539)) * Deprecate LiveQuery `fields` option in favor of `keys` for semantic consistency ([parse-community#8388](parse-community#8388)) ([a49e323](parse-community@a49e323)) * Export `AuthAdapter` to make it available for extension with custom authentication adapters ([parse-community#8443](parse-community#8443)) ([40c1961](parse-community@40c1961)) commit 18b63d1 Merge: f7eee19 f59d46c Author: Manuel <[email protected]> Date: Mon May 1 23:49:22 2023 +0200 build: Release (parse-community#8526)
Pull Request
Issue
#8394 introduced a small typo causing the RedisCache CI to fail
Closes: #8394
Approach
Fixes typo
Tasks