Apostrophe 3.38.0 New module events, a host of useful modules, and general fixes

[BoDonkey]

Hello JavaScript Aficionados!

This release sees several changes to core module emit events. While these events were added to aid the MongoDB Atlas global sharding module that comes out next cycle, feel free to use them in your custom handlers!

Previously, any URL that was capitalized, while the slug was lowercase, would fail. Now, unless the @apostrophecms/page module is passed an option of redirectFailedUpperCaseUrls: false, uppercase URLs that would return a 404 are converted to lowercase and tried again.

On the topic of fixes, editors will appreciate that attempting to upload an image that is too small will now trigger a clear notification rather than an error. Additionally, the minimum size will be listed in the Edit Image modal. Other fixes include updating the aposMode property of previous document versions to prevent problems with localization. Note: this fix will run a migration on first start-up.

In addition, we reviewed a whole bunch of existing A3 modules that were released as beta and never officially marked stable. Since no fixes have been needed, here’s a big roundup of useful A3 modules that are officially stable as of… now! Maybe you missed ‘em:

• @apostrophecms/anchors
• @apostrophecms/cache-redis
• @apostrophecms/passport-bridge
• @apostrophecms/security-headers
• @apostrophecms/login-recaptcha
• @apostrophecms/login-totp
• @apostrophecms/piece-type-exporter

Scroll down to read more!

Moving into our next cycle, as mentioned, global sharding will be released and we are currently deep in the weeds of designing another enterprise module to set per document permissions.

Until next time, what is your favorite Apostrophe schema field, and why is it the inline array?

Apostrophe 3.38.0

Adds

• Emit a beforeSave event from the @apostrophecms:notification module, with req and the notification as arguments, in order to give the possibility to override the notification.
• Emit a beforeInsert event from the @apostrophecms:attachment module, with req and the doc as arguments, in order to give the possibility to override the attachment.
• Emit a beforeSaveSafe event from the @apostrophecms:user module, with req, safeUser and user as arguments, in order to give the possibility to override properties of the safeUser object which contains password hashes and other information too sensitive to be stored in the aposDocs collection.
• Automatically convert failed uppercase URLs to their lowercase version - can be disabled with redirectFailedUpperCaseUrls: false in @apostrophecms/page/index.js options. This only comes into play if a 404 is about to happen.
• Automatically convert country codes in locales like xx-yy to xx-YY before passing them to i18next, which is strict about uppercase country codes.

Fixes

• Documents kept as the previous version for undo purposes were not properly marked as such, breaking the public language switcher in some cases. This was fixed and a migration was added for existing data.
• Uploading an image in an apostrophe area with minSize requirements will not trigger an unexpected error anymore. If the image is too small, a notification will be displayed with the minimum size requirements. The Edit Image modal will now display the minimum size requirements, if any, above the Browse Images field.
• Some browsers saw the empty POST response for new notifications as invalid XML. It will now return an empty JSON object with the Content-Type set to application/json.

Apostrophe 3.x modules

@apostrophecms/login-hcaptcha 1.1.0

This module causes the login page to display an hCaptcha prompt, requiring the user to prove they are human before logging in.

Fixes

• Remove auto trigger hCaptcha workflow. The user now needs to manually check the box to start the hCaptcha workflow.

@apostrophecms/anchors v1.0.0

This Anchors module adds a wrapping element with an anchor linking target around all widgets. Developers may customize or opt-out individual widget types.

Adds

• Declared stable. No code changes. Minor doc improvements.

@apostrophecms/cache-redis v1.0.0

This module enhances the core caching module, @apostrophecms/cache, to use Redis rather than MongoDB. This module does not set up the actual Redis store, but instead allows Apostrophe to access an existing Redis store through the standard Apostrophe caching API and an internal Redis client.

Adds

• Declared stable. No code changes

@apostrophecms/passport-bridge v1.0.0

apostrophe-passport works together with passport-google-oauth20, passport-gitlab2 and similar passport strategy modules to let users log in to Apostrophe CMS sites via Google, Gitlab and other identity providers. This feature is often called federation or single sign-on.

Adds

• Declared stable. No code changes.

@apostrophecms/security-headers v1.0.0

This module sends the modern HTTP security headers that are expected by various security scanners. The default settings are strict in most regards, so see below for adjustments you may wish to make.

Adds

• Declared stable. No code changes.

@apostrophecms/login-recaptcha v1.0.0

This login verification module adds a reCAPTCHA check when any user logs into the site. It uses reCAPTCHA v3, which means that the test is invisible aside from a reCAPTCHA logo at the bottom of the screen.

Adds

• Declared stable. No code changes.

@apostrophecms/login-totp v1.0.0

This login verification module adds a TOTP (Time-based One-Time Password) check when any user logs into the site, compatible with Google Authenticator or any TOTP app.
When activated, it will ask unregistered users to add a token to their app through a QR code. Once done, it will ask users to enter the code provided by their app after the initial login step.

Adds

• Declared stable. No code changes.

@apostrophecms/piece-type-exporter v1.0.0

This module adds an optional export feature to all piece type modules in an Apostrophe project. This feature enables exporting published pieces of piece types where it is configured. Requires Apostrophe 3.

Adds

• Declared stable after many quiet moons of no code changes.

@apostrophecms/form v1.1.0

Allow ApostropheCMS editors to build their own forms. They can then place any form in one or more content areas across the website.

Adds

• Emit new event beforeSaveSubmission. The event receives req, { form, data, submission } allowing an opportunity to modify submission just before it is saved to the MongoDB collection. For most purposes the submission event is more useful.

Fixes

• Fixes missing root widget class when classPrefix option is set.

Enterprise modules

@apostrophecms-pro/cypress-tools v1.0.0-beta.4

Automated functional browser tests are an important part of quality assurance for enterprise websites and web applications. Cypress is an industry-standard, open-source library for carrying out automated functional browser tests. This module provides a collection of conveniences for testing ApostropheCMS sites and applications within Cypress. Contact us or visit our new pricing page to learn more.

Adds

• Add danger type to findNotification

Utilities

alpha-beta-scanner v1.0.0

Scans your github organization or personal account for projects whose current package.json file declares them to be of alpha or beta quality. Version numbers starting with 0. are also reported.

Adds

First release