- admin: disable account (4c995b603)
- auth: convert remaining auth-server db use to direct db access (a561ae1f3)
- deps: update deps and start ignoring @types/* in dependabot (694ff5f6a)
- deps: bump @sentry/node from 6.7.0 to 6.7.1 (b78095131)
- deps: bump @sentry/node from 6.5.1 to 6.7.0 (b6119a2c7)
- deps: update pm2 / dedupe (5d7653fa6)
No changes.
No changes.
- deps: updated some deps (fa895572c)
- deps: updated pm2 (34704ba14)
- deps: updated sentry/* packages (9095a1c13)
- deps-dev: bump nock from 13.0.11 to 13.1.0 (4d52527d8)
No changes.
- auth: create script to send subscription renewal reminder emails (178cec80a)
- deps: bump mocha from 7.2.0 to 8.4.0 (4b11eab5f)
- deps: update some deps (6fce48032)
- deps: added "yarn outdated" plugin + updated some deps (952e4f388)
No changes.
- emails: add tables and models for email history (16212769d)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- release: Add changelog notes and bump version for 204 (5b8356e11)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- deps: update convict (52e626866)
No changes.
No changes.
No changes.
- deps-dev: bump nock from 13.0.7 to 13.0.11 (f38836bf8)
- d426b981e Fix use of MySQL cluster read-only nodes (d426b981e)
No changes.
- deps-dev: bump nock from 13.0.5 to 13.0.7 (411638723)
- deps-dev: bump restify-clients from 2.6.9 to 3.1.0 (961ab2f2bd)
- deps: bump @sentry/node from 6.0.0 to 6.0.1 (3b6838b18)
- deps: bump @sentry/node from 5.29.1 to 6.0.0 (147825a5b)
No changes.
- 4e70b3f04 merge main->train-198 (4e70b3f04)
- deps: update eslint to v7 (7cf502be2)
No changes.
No changes.
No changes.
No changes.
- db: Create table to store PayPal customer information (10f4cae5a)
- deps: bump @sentry/node from 5.23.0 to 5.29.1 (0bc414ad2)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- deps: update node version to 14 (6c2b253c1)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- db: Create table to store user-customer relationship Because: (d994e2f56)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- deps: update yarn version and root level deps (da2e99729)
No changes.
- dependency updates (aaa549ed6)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- db: Set collation on stored procedure email fields, so mysql will use indexes. (044d7280e)
- aet: Add ecosystemAnonId to auth-db and mysql (49917be6c)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- auth: handle a password change requirement in login (c495177e8)
- README files: Fix dead links in READMEs (38624143e)
No changes.
No changes.
- local-dev: added fxa-shared and fxa-react to pm2 (c3780546b)
- build: fix paths to fxa-shared (21fe09b72)
- tsconfig: consolidate common tsconfig options (e565285b7)
- packages: use workspace references (81575019a)
- deps: update some dependencies (fec460f6d)
- format: mass reformat with prettier 2 and single config (cc595fc2b)
- deps: updated mocha to 7.1.2 (a5c1a339c)
No changes.
No changes.
No changes.
No changes.
- deps: Add exception for yargs-parser nsp advisory 1500 (b54877911)
No changes.
No changes.
No changes.
- all: update readmes across all packages to improve testing documentation (099163e94)
No changes.
No changes.
No changes.
- build: add a default dockerfile template to build.sh (4dd0b0007)
No changes.
No changes.
No changes.
- docker: created fxa-builder docker image (d4da8a360)
- db: modified procedures to set verifiedAt field when email gets verified (710542f6d)
No changes.
No changes.
No changes.
- emails: move all email normalization and equality checks to helper functions (ce1930f4b)
No changes.
No changes.
No changes.
- docs: update MySQL version and node version (dd56076df)
No changes.
No changes.
- deps: Updates to address nsp advisory 1179 (a5649db18)
No changes.
No changes.
No changes.
- monorepo: update default node version across packages (0f2d54071)
- cleanup: remove obsolete docker files (863e56163)
- deps: Updates to address nsp advisory 1488 (e47bc55ba)
No changes.
No changes.
- mysql: Force MySQL connections to always use UTC timezone. (c97f9e5b8)
- skip some subscription-related tests on content-server for now (e573b52f5)
- subscriptions: remove accountSubscriptions table and procedures (cd0521557)
- contributing: update contact information to reflect move to Matrix (4e7082856)
No changes.
No changes.
- docker: don't rm /tmp after npm i (6fc34fc45)
No changes.
- keys: Add ability to enable/disable recovery key (dba5ee65d)
- coverage: Add coveralls coverage (932b70c3c)
- mem: Remove auth server db memory database (2fa9dce43)
No changes.
No changes.
- git: merge all package gitignores into single root-level gitignore (a238c3d27)
No changes.
- monorepo: remove stale references to travisci (9b4789125)
- node: updated node to v12 (7169a367e)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- audit: run npm audit on push instead of in ci (ccd3c2b07)
- deps: Fix a bunch of audit warnings (f8a1da3be)
- deps: Remove stale nsp exceptions from .nsprc files (f7324a1b2)
- deps: Get audit-filter working for all packages in monorepo (1b0141e2b)
- monorepo: eslint consolidation (0a5e3950f)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- keys: Explicitly track timestamp of last key rotation. (f8dbdfad9)
- tests: Fix secondary-emails test to account for nondeterministic result order. (59c9a8c1c)
No changes.
No changes.
No changes.
No changes.
No changes.
- deps: move auth server from shrinkwrap to package-lock (8e4af3095)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- release: Merge branch 'train-147' into train-148-merge-147 (66e170d45)
No changes.
- add vscode tasks for running tests and debugger (dac5e8b98)
No changes.
No changes.
No changes.
No changes.
No changes.
- build: npm audit fix (4839fcc5e)
- db: Reset
keysChangedAtto NULL if we don't know its correct value. (89a8423d4)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- subscriptions: bump account profileUpdatedAt when subscriptions are changed (8c21351b4)
- db: rename productName to productId (5d709f96d)
- deps: remove newrelic step one (675c08924)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- recovery: Clear recovery keys when resetting account (f1f93cc19)
- support-panel: call out stored procedures with specific grants (4450eccc9)
- ci: Remove CI config from within packages subdir. (66990a8f4)
No changes.
- support-panel: support live user queries (79534bc49)
- routes: securityEvents GET and DELETE added with uid (90750377b)
- docs: remove extra code indents that messed up formatting (ae014390d)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- package: manually bump version strings to 1.141.1 (737265b25)
No changes.
- subscriptions: implement reactivation of cancelled subscriptions (e0391a658)
- script: script for reading security events from db (ea21cf4e9)
- tests: add remote db tests for subscription cancellation (1bd4b2607)
- scripts: expect semi-colons in db migration script (1d1c630c1)
- format: fixed up COTRIBUTING.md files (a0422c6ae)
- subs: remove
|| []from call to db.fetchAccountSubscriptions (4f816d103) - style: added prettier precommit hook (2820ac733)
- style: added prettier to fxa-auth-db-mysql (963cdd235)
No changes.
No changes.
No changes.
- clients: Add a route for listing all attached clients. (13f0e20ad)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- subscriptions: support deferred cancellation of subscriptions (4ee71842d)
- tests: switch from insist to chai for assertions (e93fdf9aa)
No changes.
No changes.
No changes.
No changes.
- url: base, homepage, bug url updated for all packages in package.json (cee3dc741)
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
No changes.
- accounts: add ability to associate subscriptions with an account (e9ffe4374)
- package: update grunt to fix nsp warning in fxa-auth-db-mysql (0591237c0)
- db: remove old scrypt-hash dependency from auth db (42816c67a)
- packages: remove old release tagging scripts and docs (6f168c244)
No changes.
No changes.
No changes.
No changes.
1.133.1 (2019-03-19)
- devices: Add ability to associate a device record with a refesh token. (1123e32)
1.133.0 (2019-03-19)
- devices: Add explicit deletes to replace
ON DELETE CASCADE. (75aba96) - package: update shrinkwrap (f629704)
1.132.0 (2019-03-05)
- deploy: upgrade to node 10 (f3bc954)
- deps: update nyc (db987c3)
- routes: Remove last vestiges of
sessionWithDeviceroute. (0e5115b)
- account: Add
profileChangedAtandkeysChangedAtto theaccountstable. (02e944c)
- demo: add some comments to pt-osc demo (c85cc7a)
- demo: set up triggers like pt-osc and check (ecb87b3)
1.130.0 (2019-02-05)
- ci: run tests on node 10 (5467e2f)
- crypto: fall back to node's scrypt implementation (932f2dd)
1.129.0 (2019-01-24)
- test: add a test script to add account rows (3aa09cd)
1.128.1 (2019-01-09)
- deps: reshrink to get ramda deps (260063b)
1.128.0 (2019-01-08)
- query: remove
ROW_COUNT()from remaining procedures (4e8b058) - query: update set primary email query to not check if email is verified (b9bc3c7)
- npm: update shrink script (96b3ce5)
1.127.0 (2018-12-11)
- scripts: ignore newly failing stored procedures (edf0bb4)
- scripts: check for FOREIGN KEY in migration lint script (82170eb)
- scripts: check for missing expected encodings on procedure args (daf2677)
- scripts: lint-ignore tables that already have foreign keys (3aeca8e)
- scripts: harmonise row count stuff with rest of lint script (6065fe8)
1.126.0 (2018-11-27)
- account: don't use
LOWER(uid)in account query (d2cfe49) - account: update accountRecord to specify charset for inEmail (a45c8a0)
- tests: Don't put binary data into fake email addresses. (5c83dec)
1.125.0 (2018-11-14)
- scripts: stop the explain script tripping over git grep colours (ff0ac5c)
- db: use mariadb-friendly drop index syntax (f01b520)
- scripts: lint-ignore consumeRecoveryCode_2 and setPrimaryEmail_3 (5ddf863)
- scripts: add ROW_COUNT() checks to the procedure-linting script (0eb0142)
1.124.1 (2018-11-02)
- package: update deps (d44e10f)
1.124.0 (2018-10-30)
1.123.3 (2018-10-30)
- accountRecord: Rollback
accountRecord_4due to unexplained performance issues. (034b3b0) - migration: Fix typo in SP name in reverse migration for 91. (5b08dba)
1.123.2 (2018-10-26)
- account: rollback
profileChangedAtmigration (4b4f7d4)
1.123.1 (2018-10-22)
1.123.0 (2018-10-16)
- account: delete recovery codes, recovery keys, security events on account delete (a8d0467)
- mem: ensure emailBounces are stored most-recent first (ccf6c3c)
- performance: Add index for scanning signinCodes by uid. (905e716)
- deps: Update deps to fix security warnings, remove nsp (5581297)
1.122.1 (2018-10-22)
1.122.0 (2018-10-02)
- account: add
profileChangedAtproperty to account table (24917b7)
1.121.1 (2018-10-18)
- account: update stored procedures to be more replication friendly (3c1dd5a)
1.121.0 (2018-09-18)
- scripts: disable the explain script in production (52447bb)
- scripts: tweak some old migrations to fix explain errors (9e9457c)
- scripts: add an ignore file for the explain script (b90688c)
- scripts: add script to automate MySQL EXPLAIN checks (31fff59)
1.120.0 (2018-09-06)
- devices: Reinstate device commands, with performance fixes. (#389) r=@vladikoff,@philboot (a01e4aa), closes #384 #384
- recovery: hash recovery key (fe12332)
- scripts: remove nonsense (but harmless) comparison of bool to -1 (#394) r=@vladikoff (13ca415)
1.119.1 (2018-08-23)
- devices: Reinstate device commands, with performance fixes. (#389) r=@vladikoff,@philboot (a01e4aa), closes #384 #384
- db: ensure mem db behaves like mysql db (8d5d55f)
1.119.0 (2018-08-21)
- db: ensure mem db behaves like mysql db (8d5d55f)
1.118.1 (2018-08-18)
- db: stop calling the upsertAvailableCommands procedure (06554f5)
1.118.0 (2018-08-14)
- restify: set keepAliveTimeout correctly on api.server object (#381) (afc376c)
- restify: set server.keepAliveTimeout to 120s, similar to in node6 (#380) (5ece670)
1.117.0 (2018-07-24)
- tests: move local utils tests so they get run by npm t (#377) r=@vladikoff (677d02b)
- ci: update to circle 2 (#375) r=@vbudhram (5d7b35b)
- recovery: update account recovery GET/DEL to not accept recoveryKeyId (#374), r=@rfk (29b9b4b)
1.116.0 (2018-07-11)
- package: update shrinkwrap (98755f7)
- release: Merge mozilla/train-115 into master r=@shane-tomlinson (b5c0f0e)
- scripts: add boilerplate to detect missing migrations (7ef4c66)
- recovery: Use base32 for recovery code generation (#372), r=@vbudhram (77a6fdd)
1.115.0 (2018-06-27)
1.114.1 (2018-06-13)
- docker: base image node:8-alpine and upgrade to npm6 (c66d3f0)
1.114.0 (2018-06-13)
- devices: Allow devices to register "available commands". (#354); r=philbooth,eoger (10bb799)
1.113.1 (2018-05-30)
- devices: Revert "available commands" for train-113. (#360); r=jrgm (cbe7981)
1.113.0 (2018-05-30)
- ci: Remove coveralls from travis config. (#355) (c94fe0b)
- devices: Allow devices to register "available commands". (#354); r=philbooth,eoger (69816f6)
- recovery: Add initial account recovery support (#357), r=@rfk, @philbooth (f6716ad)
1.112.0 (2018-05-16)
- deps: update to restify 7.1 and mysql 2.15 (#351), r=@rfk (4415850)
- restify: set a sane max param length value for restify (d84c827)
- restify: update param size (bb78be2)
- changelog: Add an "acknowledgements" section to some changelog entries. (#350) (5a27b0a)
1.111.0 (2018-05-02)
- npm: update shrinkwrap to npm 5.8 (#344) r=@jrgm (a841d06)
- tests: increase timeout on recovery code tests (#339), r=@jrgm (f202197)
- node: update to node 8 (#341) r=@jrgm (8bcc7dd)
- db: Fixes #340 Remove column createdAt on recoveryCode table (#342), r=@vbudhram (1b59224), closes #340 [(#342](https://github.com/(/issues/342)
1.110.0 (2018-04-18)
- codes: remove current recovery codes before applying migration (#337), r=@rfk (23cbc61)
- codes: update recovery code requirements (#333), r=@philbooth (2ca7d9f)
- devices: Rename pushbox capability to messages and add messages.sendtab capability (#335) (5a1535a)
1.109.0 (2018-04-04)
- codes: drop all codes when one is consumed (#326) r=@rfk (f6ab498)
- node: Use Node.js v6.14.0 (#332) (1400a26)
- unblock: update consume unblock code (#330) r=@vladikoff (9bdb47b)
- verify: update verifyWithMethod to update a session verification status (#329), r=@philb (9c433ba)
- mysql: Add config option for REQUIRED_SQL_MODES. (#334) r=@philbooth,@vladikoff (a229ddc)
- mysql: STRICT_ALL_TABLES and NO_ENGINE_SUBSTITUTION required in sql (#327) r=@vladikoff (c226b07)
Thanks to Yusuf Yazir [email protected] for suggesting a security improvement in the handling of unblock codes (Bug 1368827).
1.108.0 (2018-03-20)
- buffers: convert remaining Buffer to Buffer.from r=@vladikoff (5092779), closes #316
- db: remove database configuration option, hardcode 'fxa' (#314) r=@vladikoff (c2e21dd), closes #290
- email: Use email buffer for DEL ‘/email/:email’ route (#315), r=@vladikoff, @vbudhram (cc6e08b)
- test: correct promises error handling (#325) r=@eoger (7effcb3)
- api: remove bufferization from db layer (818edcf)
- devices: Devices capabilities (#320) r=@philbooth (4808a1c)
- node: update to node v6.13.1 r=@jbuck (7727d88)
- totp: initial recovery codes (#319), r=@philbooth (995d52b)
1.108.0 (2018-03-20)
- buffers: convert remaining Buffer to Buffer.from r=@vladikoff (5092779), closes #316
- db: remove database configuration option, hardcode 'fxa' (#314) r=@vladikoff (c2e21dd), closes #290
- email: Use email buffer for DEL ‘/email/:email’ route (#315), r=@vladikoff, @vbudhram (cc6e08b)
- test: correct promises error handling (#325) r=@eoger (7effcb3)
- api: remove bufferization from db layer (818edcf)
- devices: Devices capabilities (#320) r=@philbooth (4808a1c)
- node: update to node v6.13.1 r=@jbuck (7727d88)
- totp: initial recovery codes (#319), r=@philbooth (995d52b)
1.107.1 (2018-03-21)
- emails: Make all request paths containing an email use hex encoding. (#1); r=philbooth (6059aca)
1.107.0 (2018-03-07)
- tests: cleanup
sessionTokenendpoints and docs, r=@philbooth, @rfk (da2e9ef)
- totp: Add initial totp session verification logic (#309), r=@philbooth (ee19e1b)
- totp: vlad updates for totp (#313) r=@vladikoff (f6d603c)
1.106.0 (2018-02-21)
- token: Fix mem verifyTokenCode (#303), r=@rfk, @philbooth (6a4fb67), closes [(#303](https://github.com/(/issues/303)
- deps: update deps, fix nsp (#308) r=@philbooth (0d874f9), closes [(#308](https://github.com/(/issues/308)
- sessions: Add support for reauth on an existing session. (#305); r=philbooth (fdff3e9)
- totp: Add totp management api (#299), r=@philbooth (9b8efcb)
1.105.0 (2018-02-06)
- tests: make tests more independent (#293), r=@philbooth, @rfk (c7d3638)
1.104.0 (2018-01-23)
- pruning: Avoid accidental full-table scans when pruning session tokens. (#295); r=philboo (5c6622c)
- scripts: add SET NAMES to reverse migration boilerplate (#296), r=@vbudhram (0790b89)
- devices: return session token id from deleteDevice (a2dd244)
1.103.0 (2018-01-09)
- node: use node 6.12.3 (#291) r=@vladikoff (6080c0c)
1.101.0 (2017-11-29)
- codes: add support for verifying token short code (#287) r=@vladikoff,@rfk (ac0b814)
- dbserver: clean up the db server package (#289) r=@rfk (c3d8e6e)
1.100.0 (2017-11-15)
- newrelic: futureproofing comment and up to [email protected] with npm run shrink (#285) r=@vl (bfc1963)
- newrelic: newrelic native requires make, python, gyp, c++; update node 6.12.0 (#286) r=@vl (4b7e696)
- travis: run tests with 6 and current stable (failure not allowed anymore) (c4e0e98)
1.98.0 (2017-10-26)
- docker: Update to node v6.11.5 for security fix (7cc3251)
1.97.0 (2017-10-04)
- db: prune session tokens (again) (67bd8fb)
1.96.1 (2017-09-20)
- db: call latest version of the prune stored procedure (#281) r=vladikoff (2c34f2e)
1.96.0 (2017-09-19)
- tokens: revert session-token pruning (ecde71b)
1.95.1 (2017-09-12)
- mysql: update all device procedures to use utf8mb4 (#276) r=jbuck,rfk (7d22ad8)
- tokens: prune old session tokens that have no device record (8fad575)
1.95.0 (2017-09-06)
- docs: update node version in docs to 6 (63fbdf2)
- schema: add a pushEndpointExpired column to devices (d8e93c4)
1.94.1 (2017-08-23)
- db: add utf8mb4 support (#267) r=rfk (549d39f)
1.94.0 (2017-08-21)
- ci: remove node4 test targets from travis-ci (#270) r=vladikoff (9523d02)
- email: Remove emailRecord depreciation (#269), r=@philbooth (0a7c2c6)
- schema: add a uaFormFactor column to sessionTokens (#271) r=vladikoff (774b6c1)
1.93.0 (2017-08-09)
- docker: update to node 6 (#266) r=jbuck (7b13cea)
1.92.0 (2017-07-26)
- scripts: add a script to generate migration boilerplate (#261) r=vladikoff (45949c5)
- tests: don't make eslint a prerequisite for the tests (#258), r=@vbudhram (ddae438)
1.91.2 (2017-07-17)
- schema: drop the uaFormFactor column from sessionTokens (#262), r=@vbudhram (f23098a)
1.91.1 (2017-07-12)
- nodejs: upgrade to 4.8.4 for security fixes (450e931)
1.91.0 (2017-07-12)
- email: Add change email (#254), r=@philbooth (7253d09)
- email: correctly return
createdAtwhen using accountRecord (#256), r=@philbooth (70a1a39) - schema: add a uaFormFactor column to sessionTokens (e99bc19)
1.90.0 (2017-06-28)
- eslint: update to latest eslint (#252) r=vbudhram (1157bb2)
- train: uplift train 89 (#253), r=@philbooth (06944e8)
- db: store flowIds with signinCodes (3fac7d7)
- email: Update procedures to use email table (#245), r=@philbooth, @rfk (b896063)
- tokens: Add ability to reset accounts tokens (#249), r=@philbooth (92199bc)
1.89.3 (2017-06-21)
- email: Don't use subquery on email verify update (#251), r=@jbuck (102dea4)
1.89.2 (2017-06-21)
- email: Remove temporary table from
accountEmailsquery (#250), r=@rfk, @jbuck (e9d0335)
1.89.1 (2017-06-14)
- email: Add email table migration script (#247), r=@rfk, @jbuck (9ef8cbf)
1.89.0 (2017-06-13)
- db: enable signinCode expiry (2b53553)
- email: Keep account email and emails table in sync (#241), r=@rfk, @philbooth (78d5559)
- test: refactor our tests to use Mocha instead of TAP (0441ea9)
1.87.0 (2017-05-17)
- docs: update authors and node.js version in README (5610b92)
- email: Use correct delete account procedure (#231) (4a16bf3)
- docker: Use official node image & update to Node.js v4.8.2 (#225) r=vladikoff (2298e38)
- docker: add custom feature branch (#237) r=jrgm (d21a8df)
- email: Add get email endpoint (#227), r=@vladikoff, @rfk (8f5653c)
- signinCodes: migration and endpoints for signinCodes table (#235), r=@vbudhram (b740793)
- tokens: prune tokens older than 3 months (#224) r=vladikoff (fdc19c1), closes #219
1.86.0 (2017-05-01)
- docs: update authors and node.js version in README (6d89d30)
- docker: Use official node image & update to Node.js v4.8.2 (#225) r=vladikoff (2298e38)
- email: Add get email endpoint (#227), r=@vladikoff, @rfk (8f5653c)
- tokens: prune tokens older than 3 months (#224) r=vladikoff (fdc19c1), closes #219
1.85.0 (2017-04-18)
- install: add formatter to main package.json (#222) (f4cb995)
- security: escape json output (#220) r=vladikoff (13b9f70)
- dependencies: update all our production dependencies (#217) r=vladikoff (e008849)
0.83.0 (2017-03-21)
- config: Add environment variable for ipHmacKey (65f6d78)
- emailBounces: receive the email parameter in the url as hex (e1c078b)
- security-events: Correctly handle tokenless security events in mem backend (#215) r=vladikoff,sea (0f816cb)
- email: Add support for adding additional emails (#211), r=@seanmonstar, @rfk (1c436c9)
0.82.0 (2017-03-06)
- docker: add docker via Circle CI (#212) r=jbuck,seanmonstar (8f913be), closes #208
- sessions: update the sessions query to include device information (#203) r=vbudhram (70dcc5b)
0.81.0 (2017-02-23)
- email: Return
createdAtwhen calling db.emailRecord (#209), r=@rfk (1a226cc) - reminders: adjust mysql procedures (#200) r=rfk (4b6a92d)
- style: replace tab char with a space (#207) r=rfk (44470ad)
- db: add emailBounces table (4fe29fa)
- tokens: add prune token maxAge and update pruning (#206); r=rfk (699c352)
- tokens: get the device associated with a tokenVerificationId (#204) r=vladikoff (7f45075)
0.76.0 (2016-12-13)
- schema: Complete final phase of several previous migrations (7eddbc9)
0.75.0 (2016-11-30)
- bufferize: Only bufferize params we explicitly want as buffers. (#182); r=philbooth (a461769)
- bufferize: Only bufferize params we explicitly want as buffers. (#187) r=vladikoff (aad12bb)
- bufferize: revert the extra bufferize logic (e913a66)
0.74.0 (2016-11-15)
- lint: Include ./bin/*.js in eslint coverage (6c8eeba)
- securityEvents: Stop writing to the
securityEvents.tokenIdcolumn. (1e3763d)
- eventLog: Remove the unused "eventLog" feature. (a138e76)
0.72.0 (2016-10-19)
- securityEvents: Tweak securityEvents db queries based on @jrgm feedback (ffa5561)
0.71.0 (2016-10-05)
- travis: drop node 0.10 test config (c1b1841)
- travis: add node 6 explicitly to travis (#175) r=vladikoff (c1556ab)
- unblock: add unblockCode support (12fb9df)
0.70.0 (2016-09-24)
0.69.0 (2016-09-09)
- db: don't return zombie devices from accountDevices (6e5c2db)
- db: Fix the typo (7bfdf91)
- db: Update resetAccount to not delete from accountUnlockCodes (616602a)
- shrinkwrap: refresh shrinkwrap (83d94d4)
- newrelic: add optional newrelic integration (fca7e2e)
- db: Remove account unlock related code. (340e299)
0.68.0 (2016-08-24)
- db: ensure that devices get deleted with session tokens (840dda6)
- db: use an index when deleting device records by sessionToken id. (f5bbb60)
- scripts: add process.exit to populate script (7820fdc)
- scripts: ensure changelog is updated sanely (24376cc)
- scripts: add device records to the populate script (c235696)
- fix(deps): update dev dependencies #143
- fix(deps): update prod dependencies #144
- chore(readme): update travis status badge url
- fix(tests): switch coverage tool, add coveralls #145
- chore(deps): update to latest request and sinon #148
- feat(db): Remove account lockout #147
- fix(db): remove createAccountResetToken stored procedure and endpoint #154
- refactor(db): remove openId #153
- feat(db): Record whether we must verify each unverified token #155
- feat(db): implement verification state for key fetch tokens #138
- chore(travis): drop node 0.12 support #139
- feat(reminders): add verification reminders #127
- chore(mozlog): update from [email protected] to 2.0.5 #140
- chore(scripts): sort scripts alphabetically #140
- chore(shrinkwrap): add "npm run shrinkwrap" script #140
- feat(mx-stats): Add a script to print stats on popular mail providers #134
- feat(db): store push keys according to the current implementation #133
- feat(db): implement new token verification logic #132
- fix(logging): log connection config and charset info at startup #131
- fix(tests): adjust notifier tests monkeypatching to accept mozlog signature #130
- fix(logging): adjust logging method calls to use mozlog signature #130
- fix(tests): enforce mozlog rules in test logger #130
- fix(db): expunge devices in resetAccount sproc #128
- feat(devices): added sessionWithDevice endpoint
- chore(dependencies): upgrade mozlog to 2.0.3
- feat(docker): Additional Dockerfile for self-hosting #121
- docs(contributing): Mention git commit guidelines #122
- chore(deps): Update mysql package dependency to latest version #112
- fix(tests): Upgrade test runner and fix some test declarations #112
- fix(travis): build and test on 0.10, 0.12 and 4.x, and allow failure on >= 5.x
- chore(shrinkwrap): update npm-shrinkwrap.json
- fix(db): fix memory-store initialisation of device fields to null #117
- fix(version): print out constructor class name; adds /version alias #118
- chore(nsp): re-added shrinkwrap validation to travis
- fix(server): fix bad route parameter name
- feat(db): update devices to match new requirements
- reverted some dependencies to previous versions due to #113
- feat(db): add device registration and management endpoints #110
- feat(db): add endpoint to return a user's sessions #102
- feat(db): return accountCreatedAt from sessionToken stored procedure #105
- chore(metadata): Update package metadata for stand-alone server lib. #106
- fix(metrics): measure request count and time in perf tests - #97
- fix(metrics): append delimiter to metrics output - #94
- chore(version): generate legacy-format output for ./config/version.json - #101
- chore(metrics): add script for creating dummy session tokens - #100
- chore(metrics): report latency in performance tests - #99
- chore(eslint): change complexity rule - #96
- chore(metrics): add scripts for perf-testing metrics queries - #88
- There are no longer separate fxa-auth-db-mysql and fxa-auth-db-server repositories - assemble all db repos - #56
- preliminary support for authenticating with OpenID - #78
- feat(db): add script for reporting metrics #80
- feat(db): store user agent and last-access time in sessionTokens - #65
- refactor(config): Use human-readable duration values in config - #62
- fix(tests): used a randomized openid url - #92
- fix(db): default user-agent fields to null in memory backend - #90
- fix(server): prevent insane bufferization of non-hex parameters - #89
- chore(configs): eliminate sub-directory dotfiles - #69
- chore(package): expose scripts for running and testing db-mem - #71
- chore(project): merge db-server project admin/config stuff to top level - #74
- chore(docs): update readme and api docs for merged repos - #76
- reshuffle package.json (use file paths, not file: url) - #77
- chore(coverage): exclude fxa-auth-db-server/node_modules from coverage checks - #82
- fix(tests): pass server object to backend tests - #63
- refactor(db): remove verifyHash from responses - #48
- chore(shrinkwrap): update shrinkwrap for verifyHash removal - #61
- chore(shrinkwrap): update shrinkwrap, principally to head of fxa-auth-db-server - #63
- feat(api): Return the account email address on passwordChangeToken - #59
- chore(travis): Tell Travis to use #fxa-bots - #60
- fix(notifications): always return a promise from db.processUnpublishedEvents, fixes #49 - #52
- fix(npm): Update npm-shrinkwrap to include the last version of fxa-auth-db-server - #50
- chore(cleanup): Fixed some syntax errors reported by ESLint - #55
- fix(db): Return 400 on incorrect password - #53
- refactor(db): Remove old stored procedures that are no longer used - #57
- fix(npm): Update npm-shrinkwrap to include the last version of fxa-auth-db-server - #50
- Added checkPassword_1 stored procedure - #45
- Use array for Mysql read() bound parameters - #45
- chore(license): Update license to be SPDX compliant - #46
- refactor(lib): move most things into lib/
- build(travis): Test on both io.js v1 and v2
- chore(shrinkwrap): update shrinkwrap picking up lib changes in fxa-auth-db-server
- refactor(db): Change table access in stored procedures to be consistent - #36
- fix(db): Fix reverse patches 8->7 and 9->8 - #38
- fix(package): Remove uuid completely since no longer needed - #37
- chore(package): Update to [email protected] - #39
- chore(copyright): Update to grunt-copyright v0.2.0 - #40
- chore(test): Test on node.js v0.10, v0.12 and the latest io.js - #41
- there was no train-35 for fxa-auth-db-mysql
- feat(events): Publish account events to notification server in a background loop - #25
- Note: this feature is disabled by default (see 'config.notifications.publishUrl'), and will not be enabled in train-34
- fix(notifier): allow us to use the json secret key from the auth-server directly for the notifier - #29
- fix(db): do not set createdAt, verifierSetAt or normalizedEmail here - #31
- fix(logging): load the logger from the new location - #32
- fix(release): add tasks "grunt version" and "grunt version:patch" to - #34
- chore(tests): Remove console logging during test run - #25
- chore(tests): Don't assume log.info message order during tests - #25
- chore(tests): Remove some apparently-unused files in 'test' directory - #25
- chore(package.json): add extra fields related to the repo - #30
- chore(shrinkwrap): update shrinkwrap - #33
- Log account activity events for later publishing to notification service - #20
- Fix tests to do more reliable error-message detection - #20
- Correctly pass pool name when getting a connection - #23
- Use mozlog for logging - #21
- Log memory-usage stats emitted by fxa-auth-db-server - #24
- Some documentation and packaging tweaks - #17, #18
- Add ability to mark an account as "locked" for security reasons - #7
- Add support for docker-based development workflow - #13
- Only fail with a DB patch level less than the one expected
- (hotfix) regenerated npm-shrinkwrap.json that uses the correct version of fxa-auth-db-server - #15