1 | # History
|
2 | ## 5.3.0
|
3 | - Support for webid-oidc with DPop tokens
|
4 |
|
5 | ## 5.3.0 Upgrade Notes
|
6 | You may have a `.db/oidc/op/provider.json` file that was generated by an older version
|
7 | of node-solid-server, which may still specify `"response_types_supported"` without listing
|
8 | `"id_token code"`. You can move this file out of the way and restart node-solid-server,
|
9 | it will be created again. See https://github.com/solid/node-solid-server/issues/1433 for
|
10 | more info.
|
11 |
|
12 | ## 5.0.0
|
13 |
|
14 | - Node versions greater than 8 are supported.
|
15 | - Changes to vocabulary use:
|
16 | - `solid:inbox` is deprecated in favour of `ldp:inbox`.
|
17 | - `acl:defaultForNew` is deprecated in favour of `acl:default`.
|
18 | - Terms of Service may be added and enforced for new registrations,
|
19 | but is disabled by default.
|
20 | - DELETE operations on a resource now require that the user has write permissions on
|
21 | the file's container
|
22 | - Improved support for logout ensures users can use different
|
23 | identities.
|
24 | - The profile container is now public readable by default.
|
25 | - Access Control:
|
26 | - The Access Control List system has undergone extensive
|
27 | changes. Security has been tightened, and some unsafe practices that
|
28 | where web apps was authorized access in the past are now not
|
29 | permitted.
|
30 | - The browser-reported `Origin` header will now be checked by
|
31 | default, and the ACL system can be used to restrict access
|
32 | to applications for added security.
|
33 | - Users can add `trustedApp` entries to their profile using a new databrowser pane.
|
34 | You will see an 'A' icon added while you view a Person's profile URL
|
35 | with the data browser (might have to hit refresh in your browser and make sure you
|
36 | are viewing a WebId URL like https://localhost:8443/profile/card#me).
|
37 | - Logging is now verbose by default so the `-v` option has been
|
38 | removed and a `--quiet` option has been added to mute the log.
|
39 | - To be bug compliant with 4.x releases, if a rule for public readable
|
40 | root / does not exist, it will check in /index.html.acl (see issue #1063)
|
41 | - Command line options are now kebab-cased rather than camelCased,
|
42 | config options may be both.
|
43 | - Resource with no extension now have '$.ttl' appended in the filename (see upgrades notes below).
|
44 | - Many smaller fixes.
|
45 |
|
46 | #### 5.0.0 Upgrade Notes
|
47 |
|
48 | - As of v5.0.0, all Turtle files need an extension. (**Intervention needed when updating from < 5.0.0!**)
|
49 | - **How to upgrade?**
|
50 | 1. Stop the server.
|
51 | 2. Update node-solid-server to 5.0.0.
|
52 | 3. Make a backup of your `data/` and `config/` folders.
|
53 | 4. Invoke `solid migrate-legacy-resources -v`.
|
54 | This makes the files in your `data/` and `config/` folders
|
55 | automatically compatible with the new system.
|
56 | You only need to do this once.
|
57 | Different data folders can be migrated as well with the `-p` option:
|
58 | `solid migrate-legacy-resources -p my/custom/data/folder -v`
|
59 | 5. You can now start the server again as usual.
|
60 | - **Why?**
|
61 | Before version 5.0.0, `https://pod.example/profile/card`
|
62 | would map to `file:///solid/profile/card`, with the _assumption_
|
63 | that it uses content-type `text/turtle`.
|
64 | Now, this URL will map to `file:///solid/profile/card$.ttl` instead,
|
65 | which makes the content-type automatically detectable.
|
66 | This fixes many of the old Content-Type-related bugs.
|
67 | _More information: https://www.w3.org/DesignIssues/HTTPFilenameMapping.html_
|
68 |
|
69 | ## 4.4.0
|
70 |
|
71 | - Introduce a quota system. Delete the /settings/serverSide.ttl in the
|
72 | user's POD to disable, or edit to fit your resource constraints.
|
73 |
|
74 | #### Changelog is incomplete for much of the 4.x series
|
75 |
|
76 | ## 4.1.0
|
77 |
|
78 | - Add support for Group Access Control Lists.
|
79 | - Fix `Vary` header.
|
80 | - Improve the registration page.
|
81 | - Fix globbing.
|
82 | - Fix the use of allow handler.
|
83 | - Misc. cleanups and improvements.
|
84 | - Add .well-known folder and set up with public access.
|
85 |
|
86 | ## 4.0.0
|
87 | - OIDC is now supported as authentication method in addition to WebID-TLS.
|
88 | - Both Node.js 6 and 8 are now supported.
|
89 | - The server now accepts N3 patches.
|
90 | - Responses now contain a WAC-Allow header, listing the access permissions
|
91 | for the current user and non-authenticated users.
|
92 | - The `authProxy` configuration parameter has been added,
|
93 | enabling back-end servers to serve authenticated content.
|
94 | It accepts an object of path/server pairs
|
95 | (such as `/my/path": "http://localhost:2345/app"`).
|
96 | The Solid server acts as a reverse proxy for these paths, forwarding requests
|
97 | to the back-end server along with the authenticated user (`User` header)
|
98 | and the host through which Solid is being accessed (`Forwarded` header).
|
99 | - The `acceptCertificateHeader` configuration parameter has been added.
|
100 | This allows WebID-TLS authentication behind a reverse proxy such as NGINX:
|
101 | the reverse proxy should be configured to pass the client certificate
|
102 | in a certain header, which is then read by a (non-public) Solid server.
|
103 | - Self-signed certificates are no longer trusted in production.
|
104 | To allow self-signed certificates (for testing purposes), use `bin/solid-test`,
|
105 | which sets `NODE_TLS_REJECT_UNAUTHORIZED=0` and `--no-reject-unauthorized`.
|
106 | - On POST requests, an extension will be appended to the file.
|
107 | - Server logging is now more concise.
|
108 | - Express server injection is now supported
|
109 | - The root route (e.g. `/`) now displays a public home page.
|
110 | - Several other bugfixes
|
111 |
|
112 | #### 4.0.0 Upgrade Notes
|
113 | - The `proxy` configuration parameter has been deprecated and
|
114 | renamed to `corsProxy` to better distinguish it from `authProxy`.
|
115 | - The `idp` configuration parameter has been deprecated and
|
116 | renamed to `multiuser` to better identify its purpose.
|
117 | - Cross-domain cookie-based authentication has been removed for security reasons.
|
118 | We instead recommend https://github.com/solid/solid-auth-client.
|
119 | - Clients should not include an extension in the slug of POST requests
|
120 | (they never should have), as the server now adds an extension.
|
121 |
|
122 | ## 3.5.0
|
123 |
|
124 | - Major refactoring of Account Creation classes (new account resources are now
|
125 | initialized from a customizable account directory template)
|
126 | - Disable crashing `verifyDelegator()` code in `allow()` handler
|
127 | - Add support for HTTP COPY of external resources
|
128 | - Fix URI encoding in file listing and decoding to get file names
|
129 | - Fix issue where requesting a different format (e.g. `text/turtle`) of a
|
130 | JSON-LD resource crashed the server
|
131 |
|
132 | #### 3.5.0 Upgrade Notes
|
133 |
|
134 | - New config parameter: `serverUri` - Solid server uri (with protocol,
|
135 | hostname and port), defaults to `https://localhost:8443`. In multi-user
|
136 | (`"idp": true`) mode, new account directories are now created based on this
|
137 | `serverUri` parameter. For example, if the `config.json` contains the entry
|
138 | `"serverUri": "https://example.com"`, a new account for `alice` will create
|
139 | a subdirectory `alice.example.com` in the directory specified by the `root`
|
140 | config parameter.
|
141 | - New account template system. On first server startup, the contents of the
|
142 | `default-account-template` source folder get copied to `config/account-template`.
|
143 | When a new account is created, a copy is made of that new account template
|
144 | directory for the user. Server operators can customize the contents of this
|
145 | new account template for their server installation.
|
146 | - Email template system. Similarly to the new account template, the Welcome
|
147 | email that gets sent out on new user registration is generated from the
|
148 | customizable local `config/email-templates/welcome.js` template file, which
|
149 | gets copied from `default-email-templates` source folder on first startup.
|
150 |
|
151 | ## 3.4.0
|
152 |
|
153 | - Fix handling/url-encoding of container names
|
154 | - Allow video skip with Accept-Ranges
|
155 | - In a directory listing, add the media type class when we know it
|
156 | - Add the trailing slash on the URI of a folder listed within a folder
|
157 |
|
158 | ## 3.3.0
|
159 |
|
160 | - Refactor acl checker to use solid-permissions lib
|
161 | - Various DataBrowser fixes, dataBrowserOption option to specify path of db file
|
162 |
|
163 | ## 3.2.0
|
164 |
|
165 | - Refactor to use external solid-namespace library
|
166 | - Move debrack() to utils.js, remove unused vocab/rdf.js functions
|
167 | - Switch from node-mime to mime-types lib
|
168 | - Refactor acl.js to prep for external solid-permissions lib
|
169 | - Fix crash on PATCH request with no Content-Type
|
170 |
|
171 | ## 3.1.0
|
172 |
|
173 | - Misc fixes and features (see commit log)
|
174 | - Implemented COPY verb
|
175 |
|
176 | ## 3.0.0
|
177 | - feat Discover WebID from root account https://github.com/solid/node-solid-server/pull/371
|
178 | - feat: Server capabilities https://github.com/solid/node-solid-server/pull/365
|
179 | - feat: pass app in createServer https://github.com/solid/node-solid-server/pull/357
|
180 | - breaking: Accounts API https://github.com/solid/node-solid-server/pull/339
|
181 |
|
182 | ## 2.3.0
|
183 | - feat: added Capability discovery https://github.com/solid/node-solid-server/pull/347
|
184 |
|
185 | ## 2.2.0
|
186 | - feat: added `--auth` https://github.com/solid/node-solid-server/pull/346
|
187 |
|
188 | ## 2.1.0
|
189 | - patch: Proxy https://github.com/solid/node-solid-server/pull/343 https://github.com/solid/node-solid-server/pull/342
|
190 | - feat: added Account Recovery
|
191 | - feat: added Token Service
|
192 | - feat: added ldp.graph
|
193 |
|
194 | ## 2.0.0
|
195 |
|
196 | - feat: added Welcome Email
|
197 | - feat: added Email Service
|
198 | - other: `ldnode` turns into `solid-server`
|