- Added
detailedTrace
to Logger events - Added new
_APP_STORAGE_PREVIEW_LIMIT
environment variable to configure maximum preview file size
- Fixed missing volume mount in Docker Compose
- Fixed upload with Bucket File permission
- Fixed custom ID validation in Console
- Fixed file preview with no
output
passed - Fixed GitHub issue URL in Console
- Fixed double PDOException logging
- Fixed functions cleanup when container is already initialized
- Fixed float input precision in Console
- Fixed search for terms that inlcude
@
characters - Fixed Bucket permissions
- Fixed file upload error in UI
- Fixed input field for float attributes in UI
- Fixed
appwrite-executor
restart behavior in docker-compose.yml
- Fixed global issue with write permissions
- Added missing
_APP_EXECUTOR_SECRET
environment variable for deletes worker - Increased execution
stdout
andstderr
from 8000 to 16384 character limit - Increased maximum file size for image preview to 20mb
- Fixed iOS platforms for origin validation by @stnguyen90 in appwrite#2907
- Fixed the Console UI redirect breaking the header and navigation
- Fixed timeout in Functions API to respect the environment variable
_APP_FUNCTIONS_TIMEOUT
- Fixed team invite to be invalid after successful use by @Malte2036 in appwrite#2593
- Synchronous function execution
- Improved functions execution times by alot
- Added a new worker to build deployments
- Functions are now executed differently and your functions need to be adapted Breaking Change
- Tags are now called Deployments Breaking Change
- Renamed
tagId
todeplyomentId
in collections Breaking Change - Updated event names from
function.tags.*
tofunction.deployments.*
Breaking Change - Java runtimes are currently not supported Breaking Change
- Added Buckets
- Buckets allow you to configure following settings:
- Maximum File Size
- Enabled/Disabled
- Encryption
- Anti Virus
- Allowed file extensions
- Permissions
- Bucket Level
- File Level
- Support for S3 and Digitalocean Spaces
- Efficiently process large files by loading only chunks
- Files larger then 5MB needs to be uploaded in chunks using Content-Range header. SDKs handle this internally Breaking Change
- Encryption, Compression is now limited to files smaller or equal to 20MB
- New UI in the console for uploading files with progress indication
- Concurrent file uploads
- Added
buckets.read
andbuckets.write
scope to API keys
- Renamed
providerToken
toproviderAccessToken
in sessions Breaking Change - New endpoint to refresh the OAuth Access Token
- OAuth sessions now include
providerAccessTokenExpiry
andproviderRefreshToken
- Notion and Stripe have been added to the OAuth Providers
- Microsoft OAuth provider now supports custom domains
- Renamed
sum
tototal
on multiple endpoints returning a list of resource Breaking Change - Added new
_APP_WORKER_PER_CORE
environment variable to configure the amount of internal workers per core for performance optimization
- Fixed issue with 36 character long custom IDs
- Fixed permission issues and is now more consistent and returns all resources
- Fixed total amount of documents not being updated
- Fixed issue with searching though memberships
- Fixed image preview rotation
- Fixed Database index names that contain SQL keywords
- Fixed UI to reveal long e-mail addresses on User list
- Fixed UI for Attribute default value field to reset after submit
- Fixed UI to check for new available version of Appwrite
- Fixed UI default values when creating Integer or Float attributes
- Removed
_project
prepend from internal Database Schema - Added dedicated internal permissions table for each Collection
- Remove
appwrite.io
andappwrite.test
from authorized domains for session verification
- Upgraded
redis
extenstion to version 5.3.7 - Upgraded
swoole
extenstion to version 4.8.7 - Upgraded GEO IP database to version March 2022
- Fix update membership roles (#2799)
- Fix migration to 0.12.x to populate search fields (#2799)
- Fix URL schema Validation to only allow http/https (#2801)
- Fix security vulnerability in the Console (#2778)
- Fix security vulnerability in the ACME-Challenge (#2780)
- Upgraded
redis
extenstion to version 5.3.6 - Upgraded
swoole
extenstion to version 4.8.6 - Upgraded
imagick
extenstion to version 3.7.0 - Upgraded GEO IP database to version February 2022
- Fixed some issues with the Migration
- Fixed the UI to add Variables to Functions
- Fixed wrong data type for String Attribute size
- Fixed Request stats on the console
- Fixed Realtime Connection stats with high number by abbreviation
- Fixed backward compatibility of account status attribute.
- Completely rewritten Database service: Breaking Change
- Collection rules are now attributes
- Filters for have been replaced with a new, more powerful syntax
- Custom indexes for more performant queries
- Enum Attributes
- Maximum
sum
returned does not exceed 5000 documents anymore Breaking Change - DEPRECATED Nested documents has been removed
- DEPRECATED Wildcard rule has been removed
- You can now set custom ID’s when creating following resources:
- User
- Team
- Function
- Project
- File
- Collection
- Document
- All resources with custom ID support required you to set an ID now
- Passing
unique()
will generate a unique ID
- Passing
- Auto-generated ID's are now 20 characters long
- Wildcard permissions
*
are nowrole:all
Breaking Change - Collections can be enabled and disabled
- Permissions are now found as top-level keys
$read
and$write
instead of nested under$permissions
- Accessing collections with insufficient permissions now return a
401
isntead of404
status code - Offset cannot be higher than 5000 now and cursor pagination is required
- Added Cursor pagination to all endpoints that provide pagination by offset
- Added new Usage worker to aggregate usage statistics
- Added new Database worker to handle heavy database tasks in the background
- Added detailed Usage statistics to following services in the Console:
- Users
- Storage
- Database
- You can now disable/enable following services in the Console:
- Account
- Avatars
- Database
- Locale
- Health
- Storage
- Teams
- Users
- Functions
- Fixed several memory leaks in the Console
- Added pagination to account activities in the Console
- Added following events from User service to Webhooks and Functions:
users.update.email
users.update.name
users.update.password
- Added new environment variables to enable error logging:
- The
_APP_LOGGING_PROVIDER
variable allows you to enable the logger set the value to one ofsentry
,raygun
,appsignal
. - The
_APP_LOGGING_CONFIG
variable configures authentication to 3rd party error logging providers. If using Sentry, this should be 'SENTRY_API_KEY;SENTRY_APP_ID'. If using Raygun, this should be Raygun API key. If using AppSignal, this should be AppSignal API key.
- The
- Added new environment variable
_APP_USAGE_AGGREGATION_INTERVAL
to configure the usage worker interval - Added negative rotation values to file preview endpoint
- Multiple responses from the Health service were changed to new (better) schema Breaking Change
- Method
health.getAntiVirus()
has been renamed tohealth.getAntivirus()
- Added following langauges to the Locale service:
- Latin
- Sindhi
- Telugu
- DEPRECATED Tasks service Breaking Change
- Fixed
/v1/avatars/initials
when no space in the name, will try to split by_
- Fixed all audit logs now saving all relevant informations
- Fixed Health endpoints for
db
andcache
- Increased minimum password length to 8 and removed maximum length
- Limited User Preferences to 65kb total size
- Upgraded Redis to 6.2
- Upgraded InfluxDB to 1.4.0
- Upgraded Telegraf to 1.3.0
- Fix security vulnerability in the Console (#2777)
- Fix security vulnerability in the ACME-Challenge (#2779)
- Upgraded redis extenstion to version 5.3.6
- Upgraded swoole extenstion to version 4.8.6
- Upgraded imagick extenstion to version 3.7.0
- Upgraded yaml extenstion to version 2.2.2
- Upgraded maxminddb extenstion to version 1.11.0
- Upgraded GEO IP database to version February 2022
- Added Swift Platform Support
- Added new Cloud Functions Runtimes:
- Swift 5.5
- Java 17
- Python 3.10
- Deno 1.12
- Deno 1.13
- Deno 1.14
- PHP 8.1
- Node 17
- Added translations:
- German
de
by @SoftCreatR in appwrite#1790 - Hebrew
he
by @Kokoden in appwrite#1846 - Oriya
or
by @Rutam21 in appwrite#1827 - Italian
it
by @ilmalte in appwrite#1824 - Portugese (Portugal)
pt-PT
by @OscarRG in appwrite#1820 - Portugese (Brazil)
pt-BR
by @renato04 in appwrite#1817 - Indonesian
id
by @Hrdtr in appwrite#1816 - Korean
ko
by @ssong in appwrite#1814 - Ukrainian
uk
by @daniloff200 in appwrite#1794 - Russian
ru
by @daniloff200 in appwrite#1795 - Belarusian
be
by @daniloff200 in appwrite#1796 - Arabic
ar
by @arsangamal in appwrite#1800 - Malay
ms
by @izqalan in appwrite#1806 - Gujarati
gu
by @honeykpatel in appwrite#1808 - Polish
pl
by @achromik in appwrite#1811 - Malayalam
ml
by @anoopmsivadas in appwrite#1813 - Croatian
hr
by @mbos2 in appwrite#1825 - Danish
da
by @Ganzabahl in appwrite#1829 - French
fr
by @Olyno in appwrite#1771 - Spanish
es
by @chuiizeet in appwrite#1833 - Vietnamese
vt
by @hdkhoasgt in appwrite#1880 - Kannada
kn
by @Nikhil-1503 in appwrite#1840 - Finnish
fi
by @minna-xD in appwrite#1847 - Thai
th
by @teeradon43 in appwrite#1851 - Persian
fa
by @aerabi in appwrite#1878 - Norwegian
no
by @NeonSpork in appwrite#1871 - Norwegian (Nynorsk)
nn
by @NeonSpork in appwrite#2019 - Norwegian (Bokmål)
nb
by @Exouxas in appwrite#1877 - Dutch
nl
by @ArtixAllMighty in appwrite#1879 - Sanskrit
sa
by @Rutam21 in appwrite#1895 - Nepali
ne
by @TheLearneer in appwrite#1807 - Swedish
sv
by @didair in appwrite#1948 - Hindi
hi
by @willtryagain in appwrite#1810 - Luxembourgish
lb
by @OscarRG in appwrite#1857 - Catalan
ca
by @und1n3 in appwrite#1875 - Chinese (Taiwan)
zh-TW
by @HelloSeaNation in appwrite#2134 - Chinese (PRC)
zh-CN
by @HelloSeaNation in appwrite#1836 - Bihari
bh
by @dazzlerkumar in appwrite#1841 - Romanian
ro
by @cristina-sirbu in appwrite#1868 - Slovak
sk
by @jakubhi in appwrite#1958 - Greek
el
by @kostapappas in appwrite#1992 - Assamese
as
by @PrerakMathur20 in appwrite#2023 - Esperanto
eo
by @tacoelho in appwrite#1927 - Irish
ga
by @ivernus in appwrite#2178 - Azerbaijani
az
by @aerabi in appwrite#2129 - Latvian
lv
by @RReiso in appwrite#2022 - Lithuanian
lt
by @mantasio in appwrite#2018 - Japanese
jp
by @takmar in appwrite#2177
- German
- Added new audio mime-types for viewing audio files on browsers by @eldadfux in appwrite#2239
- Fixed
sum
description by @eldadfux in appwrite#1659 - Fixed
Add Team Membership
parameter order by @deshankoswatte in appwrite#1818 - Fixed Storage File Preview on mobile devices by @m1ga in appwrite#2230
- Fixed
top-left
gravity onGet File Preview
endpoint by @lohanidamodar in appwrite#2249
- Fixed another memory leak in realtime service (#1627)
- Fixed memory leak in realtime service (#1606)
- Fixed function execution output now being UTF-8 encoded before saved (#1607)
- Fixed SSL certificates status not being updated (#1592)
- Fixed failing team invites on console (#1580)
- Improved error messages on Migration regarding invalid document structures (#1576)
- Fixed Console SDK endpoint to work with multiple proxies (#1575)
- Fixed last function environments variables being corrupt (#1577)
- Fixed
_APP_FUNCTIONS_CPUS
variable for cloud functions (#1568)
- Added Realtime (#948)
- Added Realtime statistics to the console (#948)
- Added Magic URL login (#1552)
- Refactored E-Mail template (#1422)
- Improved locale management (#1440)
- Added
$permissions
to execution response (#948) - Switch from using Docker CLI to Docker API by integrating utopia-php/orchestration (#1420)
- Added DOCKERHUB_PULL_USERNAME, DOCKERHUB_PULL_PASSWORD and DOCKERHUB_PULL_EMAIL env variables for pulling from private DockerHub repos (#1420)
- Added
updateName
,updateEmail
andupdatePassword
to Users service and console (#1547)
- Fixed MariaDB timeout after 24 hours (#1510)
- Fixed upgrading installation with customized
docker-compose.yml
file (#1513) - Fixed usage stats on the dashboard displaying invalid total users count (#1514)
- Fixed security vulnerability that exposes project ID's from other admin users (#1453)
- Fixed Abuse Limit keys for JWT and E-Mail confirmation (#1434)
- Fixed JWT session validation (#1408)
- Fixed passing valid JWT session to Cloud Functions (#1421)
- Fixed race condition when uploading and extracting bigger Cloud Functions (#1419)
- Fixed PDO Connection timeout (#1385)
- Removed unnecessary
app
resource and replace withutopia
(#1384) - Fixed missing quote in Functions Worker logs (#1375)
- Added support for Android
- Added a new Cloud Functions runtime for
- Java 16.0
- Java 11.0
- Node 16.0
- Dart 2.13
- Added a new gravity option when croping storage images using the file preview endpoint (#1260)
- Upgraded GEOIP DB file to Jun 2021 release (#1256)
- Added file created date to file info on the console (#1183)
- Added file size to file info on the console (#1183)
- Added internal support for connection pools for improved performance (#1278)
- Added new abstraction for workers executable files (#1276)
- Added a new API in the Users API to allow you to force update your user verification status (#1223)
- Using a fixed commit to avoid breaking changes for imagemagick extension (#1274)
- Updated the design of all the email templates (#1225)
- Refactored Devices page in Console: (#1167)
- Renamed Devices to Sessions
- Add Provider Icon to each Session
- Add Anonymous Account Placeholder
- Upgraded phpmailer version to 6.5.0 (#1317)
- Upgraded telegraf docker image version to v1.2.0
- Added new environment variables to the
telegraf
service: (#1202)- _APP_INFLUXDB_HOST
- _APP_INFLUXDB_PORT
- Added
expires
parameter to Account Recovery and Email Validation URL's - Added new endpoint to get a session based on it's ID (#1294)
- Added added a new version param to the migration script (#1342)
- Improved Queue Interval for all workers from 5 seconds to 1 (#1308 Thanks to @Meldiron)
- Renamed
env
param on/v1/functions
toruntime
(#1314) - Renamed
deleteUser
method in all SDKs todelete
(#1216)
- Fixed bug causing runtimes conflict and hanging executions when max Functions containers limit passed (#1288)
- Fixed 404 error when removing a project member on the Appwrite console (#1214)
- Fixed Swoole buffer output size to allow downloading files bigger than allowed size (#1189)
- Fixed ClamAV status when anti virus is not running (#1188)
- Fixed deleteSession which was removing cookieFallback from the localstorage on any logout instead of current session (#1206)
- Fixed Nepal flag (#1173)
- Fixed a bug in the Twitch OAuth adapter (#1209)
- Fixed missing session object when OAuth session creation event is triggered (#1208)
- Fixed bug where we didn't ignore the email case, converted all emails to lowercase internally (#1243)
- Fixed a console bug where you can't click a user with no name, added a placeholder for anonymous users (#1220)
- Fixed unique keys not being updated when changing a user's email address (#1301)
- Fixed a bug where decimal integers where wrongly used with database filters (#1349)
- Fixed potential XSS injection on the console
- Refactoring SSL generation to work on every request so no domain environment variable is required for SSL generation (#1133)
- Added Anonymous Login (RFC-010, #914)
- Added events for functions and executions (#971)
- Added JWT support (#784)
- Added ARM support (#726)
- New awesome image preview features, supports borderRadius, borderColor, borderWidth
- Split token & session models to become 2 different internal entities (#922)
- Added Dart 2.12 as a new Cloud Functions runtime (#989)
- Added option to disable email/password (#947)
- Added option to disable anonymous login (need to merge and apply changed) (#947)
- Added option to disable JWT auth (#947)
- Added option to disable team invites (#947)
- Option to limit number of users (good for app launches + root account PR) (#947)
- Added 2 new endpoints to the projects API to allow new settings
- Enabled 501 errors (Not Implemented) from the error handler
- Added Python 3.9 as a new Cloud Functions runtime (#1044)
- Added Deno 1.8 as a new Cloud Functions runtime (#989)
- Upgraded to PHP 8.0 (#713)
- ClamAV is now disabled by default to allow lower min requirements for Appwrite (#1064)
- Added a new env var named
_APP_LOCALE
that allow to change the defaulten
locale value (#1056) - Updated all the console bottom control to be consistent. Dropped the
+
icon (#1062) - Added Response Models for Documents and Preferences (#1075, #1102)
- Added new endpoint to update team membership roles (#1142)
- Removed DB connection from webhooks worker for improved performance (#1150)
- Fixed default value for HTTPS force option
- Fixed form array casting in dashboard (#1070)
- Fixed collection document rule form in dashboard (#1069)
- Bugs in the Teams API:
- Fixed incorrect audit worker event names (#1143)
- Increased limit of memberships fetched in
createTeamMembership
to 2000 (#1143) - Fixed exception thrown when SSL certificate is already stored in the database (#1151)
- Fixed user delete button in the Appwrite console (#1216)
- Fixed missing placeholder for user name when empty (#1220)
- Rename
deleteuser
todelete
on Users Api (#1089) - Environment variable
_APP_FUNCTIONS_ENVS
renamed to_APP_FUNCTIONS_RUNTIMES
(#1101) - Only logged in users can execute functions (for guests, use anonymous login) (#976)
- Only the user who has triggered the execution get access to the relevant execution logs (#1045)
- Function execution environment variable
APPWRITE_FUNCTION_EVENT_PAYLOAD
renamed toAPPWRITE_FUNCTION_EVENT_DATA
(#1045) - Function execution environment variable
APPWRITE_FUNCTION_ENV_NAME
renamed toAPPWRITE_FUNCTION_RUNTIME_NAME
(#1101) - Function execution environment variable
APPWRITE_FUNCTION_ENV_VERSION
renamed toAPPWRITE_FUNCTION_RUNTIME_VERSION
(#1101) - Introduces rate limits for:
- Team invite (10 requests in every 60 minutes per IP address) (#1088)
- Rename param
inviteId
to the more accuratemembershipId
in the Teams API (#1129)
- When creating new resources from the client API, the current user gets both read & write permissions by default. (#1007)
- Added timestamp to errors logs on the HTTP API container (#1002)
- Added verbose tests output on the terminal and CI (#1006)
- Upgraded utopia-php/abuse to version 0.4.0
- Upgraded utopia-php/analytics to version 0.2.0
- Fixed certificates worker error on successful operations (#1010)
- Fixed head requests not responding (#998)
- Fixed bug when using auth credential for the Redis container (#993)
- Fixed server warning logs on 3** redirect endpoints (#1013)
- Better error logs on appwrite certificates worker
- Added option for Redis authentication
- Force adding a security email on setup
- SMTP is now disabled by default, no dummy SMTP is included in setup
- Added a new endpoint that returns the server and SDKs latest versions numbers #941
- Custom data strings, userId, and JWT available for cloud functions #967
- Upgraded redis extension lib to version 5.3.3
- Upgraded maxmind extension lib to version 1.10.0
- Upgraded utopia-php/cli lib to version 0.10.0
- Upgraded matomo/device-detector lib to version 4.1.0
- Upgraded dragonmantank/cron-expression lib to version 3.1.0
- Upgraded influxdb/influxdb-php lib to version 1.15.2
- Upgraded phpmailer/phpmailer lib to version 6.3.0
- Upgraded adhocore/jwt lib to version 1.1.2
- Upgraded domnikl/statsd to slickdeals/statsd version 3.0
- Updated missing storage env vars
- Fixed a bug, that added a wrong timezone offset to user log timestamps
- Fixed a bug, that Response format header was not added in the access-control-allow-header list.
- Fixed a bug where countryName is unknown on sessions (#933)
- Added missing event users.update.prefs (#952)
- Fixed bug not allowing to reset document permissions (#977)
- Fixed an XSS vulnerability in the Appwrite console
- Improved Webhooks and added new system events - Learn more
- Added response to /locale/languages API with a list of languages (@TorstenDittmann ,#351)
- Added a new route in the Avatars API to get user initials avatar (#386)
- Added API response payload structure info and examples to the docs site (#381)
- Added support for Brotli compression (@PedroCisnerosSantana, @Rohitub222, #310)
- New deletion worker (#521)
- New maintenance worker - cleaning up system logs and other optimizations (#766)
- New email worker - all emails are now sent asynchronously for improved performance (@TorstenDittmann ,#402)
- Moved all Appwrite container logs to STDOUT & STDERR (#389)
- New Doctor CLI to debug the Appwrite server (#415)
- Added container names to docker-compose.yml (@drandell)
- Optimised function execution by using fully-qualified function calls
- Added support for boolean 'true' and 'false' in query strings alongside 1 and 0
- Updated storage calculation to match IEC standards
- Now using Alpine as base Docker image
- Switch standard dev ports to 95xx prefix (#780)
- User & Team name max length is now 128 chars and not 100 for better API consistency
- Collection name max length is now 128 chars and not 256 for better API consistency
- Project name max length is now 128 chars and not 100 for better API consistency
- Webhook name max length is now 128 chars and not 256 for better API consistency
- API Key name max length is now 128 chars and not 256 for better API consistency
- Task name max length is now 128 chars and not 256 for better API consistency
- Platform name max length is now 128 chars and not 256 for better API consistency
- Webhooks payloads are now exactly the same as any of the API response objects, documentation added
- Added new locale: Marathi -mr (@spielers)
- New and consistent response format for all API object + new response examples in the docs
- Removed user roles attribute from user object (can be fetched from /v1/teams/memberships) **
- Removed type attribute from session object response (used only internally)
- ** - might be changed before merging to master
- Added fallback option to 0.6 format for backward compatibility with any changes (@christyjacob4 #772)
- Added option to disable mail sending by setting an empty SMTP host value (#730)
- Upgraded installation script (#490)
- Added new environment variables for ClamAV hostname and port (#780)
- New OAuth adapter for Box.com (@armino-dev - #420)
- New OAuth adapter for PayPal sandbox (@armino-dev - #420)
- New OAuth adapter for Tradeshift (@armino-dev - #855)
- New OAuth adapter for Tradeshift sandbox (@armino-dev - #855)
- Introducing new permssion types: role:guest & role:member
- Disabled rate-limits on server side integrations
- Refactored migration script
- Updated grid for OAuth2 providers list in the console (#413)
- Added Google Fonts to Appwrite for offline availability
- Added option to delete user from the console (@PineappleIOnic - #538)
- Added option to delete team from the console (#380)
- Added option to view team members from the console (#378)
- Add option to assign new team members to a team from the console and the API (#379)
- Added Select All Checkbox for on Console API key Scopes Screen (#477)
- Added pagination and search for team memberships route (#387)
- Added pagination for projects list on the console home page.
- UI performance & accessibility improvements (#406)
- New UI micro-interactions and CSS fixes (@AnatoleLucet)
- Added toggle to hide/show secret keys and passwords inside the dashboard (@kodumbeats, #535)
- Upgraded QR codes generator library (@PedroCisnerosSantana - #475)
- Upgraded Traefik image to version 2.3
- Upgraded MariaDB to version 10.5.5
- Upgraded Redis Docker image to version 6.0 (alpine)
- Upgraded Influxdb Docker image to version 1.8 (alpine)
- Upgraded Redis Resque queue library to version 1.3.6 (#319)
- Upgraded ClamAV container image to version 1.0.11 (#412)
- Upgraded device detector to version 3.12.6
- Upgraded GEOIP DB file to Feb 2021 release
- Deprecated
first
andlast
query params for documents list route in the database API - Deprecated Deprecated Pubjabi Translations ('pn')
- Deprecated
PATCH /account/prefs
is now updating the prefs payload and not just merging it - Deprecated
PATCH /users/:userId/prefs
is now updating the prefs payload and not just merging it - Switched order of limit and offset params in all the SDKs
listDocuments
method for better consistency - Default
limit
param value in all the SDKslistDocuments
method is now 25 for better consistency
- Fixed a bug that caused blocked users to be able to create sessions (#777)
- Fixed an issue where Special characters in APP_OPENSSL_KEY_V1 env caused an error (#732)
- Fixed an issue where Account webhook doesn't trigger through the console (#493)
- Fixed case sensitive country flag code (#526)
- Fixed redirect to Appwrite login page when deep link is provided (#427)
- Fixed an issue where Creating documents fails for parent documents would result in an error (#514)
- Fixed an issue with Email Sending Problem using external smtp (#707)
- Fixed an issue where you could not remove a key from User Prefs (#316)
- Fixed an issue where events are not fully visible in the console (#492)
- Fixed an issue where UI would wrongly validate integers (#394)
- Fixed an issue where graphs were cut in mobile view (#376)
- Fixed URL issue where console/ would not display list of projects (#372)
- Fixed output of /v1/health/queue/certificates returning wrong data
- Fixed bug where team members count was wrong in some cases
- Fixed network calculation for uploaded files
- Fixed a UI bug preventing float values in numeric fields
- Fixed scroll positioning when moving rules order up & down
- Fixed missing validation for database documents key length (32 chars)
- Grammar fix for pt-br email templates (@rubensdemelo)
- Fixed update form labels and tooltips for Flutter Android apps
- Fixed missing custom scopes param for OAuth2 session create API route
- Fixed wrong JSON validation when creating and updating database documents
- Fixed bug where max file size was limited to a max of 10MB
- Fixed bug preventing the deletion of the project logo
- Fixed Bug when trying to overwrite OAuth cookie in the Flutter SDK
- Fixed OAuth redirect when using the self-hosted instance default success URL (#454)
- Fixed bug denying authentication with Github OAuth provider
- Fixed a bug making read permission overwrite write permission in some cases
- Fixed consistent property names in databases by enforcing camel case
- Access to Health API now requires authentication with an API Key with access to
health.read
scope allowed - Added option to force HTTPS connection to the Appwrite server (_APP_OPTIONS_FORCE_HTTPS)
- Now using your
_APP_SYSTEM_EMAIL_ADDRESS
as the email address for issuing and renewing SSL certificates - Block iframe access to Appwrite console using the
X-Frame-Options
header. - Fixed
roles
param input validator - API Keys are now stored encrypted
- Disabled domains whitelist ACL for the Appwrite console
- New OAuth adapter for sign-in with Apple
- Fixed custom domain not setting correct domain
- Fixed wrong SDK method type in avatars browser route
- Fixed bug denied public documents (*) to be accessed by guest users
- Fixed cache-control issue not allowing collection UI to update properly
- Fixed a bug where single permission tag in the console was not being saved
- Added missing webhooks events in the console
- Added missing option to delete project
- Fixed a bug where the session was not set properly when the API used an IP with a non-standard port as hostname
- Fixed bug where requests number on the dashboard was hidden when the number got too long
- Permission fields are not required for file creation or update
- [low severity] Patch for email library (https://github.com/advisories/GHSA-f7hx-fqxw-rvvj)
- Fix for Google OAuth provider not working properly
- Fix for login error when using a remote host with non-default ports
- Removed empty activity tab on the document editor
- Changed upgrade script name to ‘migrate’ to better reflect what it actually does
- Fixed bug where after clicking the cancel option in the confirmation dialog the button got disabled
- Fixed a small grammar error in the documents list screen
- New collections UI with ability to create and update a collection
- New documents UI with ability to create and update a document
- Added support for Flutter iOS & Android apps
- Added support for default DB document values
- Exposed health API to all the server SDKs
- New locale for Khmer
- Added TypeScript type hinting to the JS SDK (@zevektor)
- Added LTR/RTL support for markdown editor
- Added cachebuster to version number on footer
- New OAuth logos
- Minor fixes to the dark mode theme
- Added JSON view for a project user
- Removed setKey and setMode methods from all client SDKs
- Updated all the REST API query params to be in camelCase
- Normalized locale phone codes response body
- Fixed project users logout button
- Fixed wrong target in database back link
- Fixed bug where multiple unique attribute were allowed
- Blocked forms from being submitted unlimited times
- Fixed missing attributes in user account
- Delayed SSL init when server startup for traefik to be ready for HTTP challenge
- Enabled easy access to the upgrade tool from the terminal
- Upgraded core API PHP version to 7.4
- New database rule validation options
- Allow non-web platform to skip origin header
- Limited console dashboard to show max 5 alerts at the same time
- Added more webhooks events
- Normalized all webhooks event names
- Added support for SameSite cookie option with fallback cookie for old clients
- Added a new Discord OAuth adapter
- Added a new Twitch OAuth adapter
- Added a new Spotify OAuth adapter
- Added a new Yahoo OAuth adapter
- Added a new Salesforce OAuth adapter
- Added a new Yandex OAuth adapter
- Added a new Paypal OAuth adapter
- Added a new Bitly OAuth adapter
- Upgraded MariaDB image to version 1.0.2
- Upgraded SMTP image to version 1.0.1
- File upload route (POST /v1/storage/files) now accept a single file per request
- Added ENV vars to change system email sender name and address
- Usage for requests made by project admin in the console are not counted as API usage
- Added ENV var to change default file upload size limit. New default value is 100MB
- Added option to delete file directly from the dashboard
- Added option to view file preview from the dashboard
- Added option to add custom domains with auto SSL certificate generator
- Fixed bug where user status was saved as a string instead of an integer
- Fixed gravatar icons not showing up correctly on the console
- Fixed code location of project not found error
- Fixed bug where tags element would ignore tab key for parsing new tags
- Fixed OAuth login error saying project UID is missing when its not
- Fixed wrong input validation for user preferences
- Merged Auth and Account service route to make the API REST compatible
- Added 5 new locales for locale service and email templates (is, ml, th, fo, ph, pn)
- 2 stage Docker build
- Limit HTTP origin check only to browser integrations
- Updated new Brexit date to 31-01-2020
- Added a version number to sign in and signup pages for easier debugging of issues
- Preparation for adding SameSite cookie option support
- Using native Docker volumes for setup for better cross-platform support and easier management of read/write permissions
- Added support for custom SSL certificates without needing to set a proxy
- Added project UID validation check when making an API call. This should help developers to understand our authentication errors better.
- Updated ClamAV docker image to version 1.0.7
- Updated MariaDB docker image to version 1.0.1
- Core Docker image size reduced to 127MB
- PHP-FPM security patch fix - Upgraded PHP version to 7.3.12 [Major]
- Remove executable permission from avatars files [Minor]
- Updated SDK Generator Twig dependency with security issue: https://www.exploit-db.com/exploits/44102 [Minor]
- New loading message when creating a new project
- Fixed broken redirect URL when creating a new project
- Fixed broken modal when a user password is too short
- Fixed issue denying the creation of session cookies on localhosts with port other than 80 or 443
- Fixed bug that prevented actual file size calculation
- Fixed MariaDB SQL abuse table time field-type
- Fixed error message not showing up in console failed signup
- Fixed cookie session not being appropriately set when accessing the console from IP hostname
- OAuth path is now /auth/login/oauth instead of /auth/oauth and /auth/oauth/callback is now /auth/login/oauth/callback, this is for better consistency with new login methods we will introduce in the future
- Changed file attribute sizeCompressed to sizeActual to better reflect server logic
- Added 19 new locales for locale service and email templates (af, ar, bn, cz, hu, hy, jv, ko, lt, ml, no, ru, si, sq, sv, ta, vi, zh-cn, zh-tw)
- New users service routes to allow updates pref and name update
- New OAuth adapters (Amazon, Dropbox, Microsoft, Slack, VK)
- Added support for ES6 require statements in JS SDK
- New Locale API route for fetching a list of continents
- Fix for typos in PT-BR translations
- Fix for UI crash when project user was missing a name
- Fix for it locale including the en templates by mistake
- Fix for UI not showing user's prefs properly
- Fixed 401 unexpected error when no permission passed in creation of a new resource
- users/deleteUsersSession method name changed to users/deleteUserSession in all SDKs for better consistency
- Added option to limit access to the Appwrite console
- Added option to disable abuse check and rate limits
- Added input field with the server API endpoint for easy access
- Added new OAuth providers for Google, Bitbucket, and GitLab
- Added 15 new locales for locale service and email templates (cat, de, es, fi, fr, gr, hi, id, it, nl, pt-br, pt-pt, ro, tr, ua)
- Improved test coverage for the project and synced DEV & CI environments settings
- Fixed bug not allowing to update OAuth providers settings
- Fixed some broken API examples in docs
- Fixed bug that caused the Appwrite container to change DB directory file permissions.
- Changed auth service 'redirect' param to 'confirm' for better clarity
- Updated all SDKs to sync with API changes