Apostrophe 3.54.0 Structured logging, doc template library improvements, and fixes

[BoDonkey]

Bonjour, Builders of the Web!

We have made it back to our normally scheduled release schedule after a couple of hectic cycles. The big news for this release is the addition of structured logging resources to the Apostrophe core.

Example of login event:

@apostrophecms/login: incorrect-password
{
 module: '@apostrophecms/login',
 type: 'incorrect-password',
 severity: 'info',
 username: 'admin',
 ip: '192.0.2.0',
 attempts: 10,
 requestId: 'clle4c7ue000kbelsgx2kbbs4'
}

I know what IP I'm blocking!

Now it is easier to keep track of logins, add third-party logging packages (example configurations for Pino, Winston, and Bunyan are in our documentation), and create customized log events to serve all your devops needs!

Along the way, we also added customized logging events to our @apostrophecms/login-hcaptcha, @apostrophecms/login-recaptcha, and @apostrophecms/login-totp extensions. Remember, unless you update your Apostrophe core package too, these new releases will not work correctly.

Our big feature release from last cycle, doc template library, got some love in the form of both UI improvements to exclude some pieces from the library (like users) and enable developers to exclude custom modules. Check out the Changelogs below and start building your library!

The Apostrophe core received multiple improvements, changes, and fixes this cycle. This includes better handling of piece-type index page localization - thanks to our wonderful Discord community for bringing this to our attention!

For this next cycle, we are working on document sharing between sites and designing a new look with greater functionality for our Assembly multisite dashboard. To keep up with all the upcoming Apostrophe development and to suggest new features, check out our Product Roadmap. Remember npm update gets you the latest and greatest right in your project!

Apostrophe 3.54.0

Adds

• Add @apostrophecms/log module to allow structured logging. All modules have logDebug, logInfo, logWarn and logError methods now. See the documentation for more details.
• Add @apostrophecms/settings translations.
• Add the ability to have custom modals for batch operations.
• Add the possibility to display utility operations inside a 3-dots menu on the page manager, the same way it is done for the docs manager.
• Custom context operations now accept a moduleIf property, which tests options at the module level
  the same way that if tests properties of the document to determine if the operation should be
  offered for a particular document. Note that not all options are passed to the front end unless
  getBrowserData is extended to suit the need.
• Move Pages Manager modal business logic to a mixin.
• Add column.extraWidth option (number) for AposTreeHeader.vue to allow control over the tree cell width.
• Move AposDocContextMenu.vue business logic to a mixin.
• Move Pages Manager modal business logic to a mixin. Add column.extraWidth option (number) for AposTreeHeader.vue to allow control over the tree cell width.

Changes

• Rename misleading projection parameter into options in self.find method signature for
  @apostrophecms/any-doc-type, @apostrophecms/any-page-type & @apostrophecms/piece-type.
  This was never really a projection in A3, so it is not a backwards compatibility issue.
• Hide save button during in-context editing if the document is autopublished.
• Beginning with this release, the correct moduleName for typical
  actions on the context document is automatically passed to the
  modal associated with a custom context operation, unless moduleName
  is explicitly specified. The moduleName parameter to addContextOperation
  is no longer required and should not be passed at all in most cases
  (just pass the object argument). If you do wish to specify a moduleName
  to override that prop given to the modal, then it is recommended to pass
  it as a moduleName property of the object, not as a separate argument.
  For backwards compatibility the two-argument syntax is still permitted.

Fixes

• Resolved data integrity issue with certain page tree operations by inferring the best peer to position the page relative to rather
  than attempting to remember the most recent move operation.
• Fixes a downstream bug in the getFieldsByCategory method in the AposEditorMixin.js by checking for a property before accessing it.
• In Nunjucks templates, data.url now includes any sitewide and locale URL prefixes. This fixes local prefixing for pagination of piece-type index pages.
• Changes were detected in various fields such as integers, which caused the "Update" button to be active even when there was no actual modification in the doc.
• Fix a bug that prevented adding multiple operations in the same batch operation group.
• The getTarget method of the page module should use findForEditing to make sure it is able to see
  pages that would be filtered out of a public view by project level or npm module overrides.

Apostrophe 3.x modules

@apostrophecms/login-totp 1.1.0

This login verification module adds a TOTP (Time-based One-Time Password) check when any user logs into the site, compatible with Google Authenticator or any TOTP app.
When activated, it will ask unregistered users to add a token to their app through a QR code. Once done, it will ask users to enter the code provided by their app after the initial login step.

Adds

• Add totp-complete and totp-invalid-token structured logging events.

@apostrophecms/login-recaptcha 1.1.0

This login verification module adds a reCAPTCHA check when any user logs into the site. It uses reCAPTCHA v3, which means that the test is invisible aside from a reCAPTCHA logo at the bottom of the screen.

Adds

• Add recaptcha-complete and recaptcha-invalid-token structured logging events.

@apostrophecms/login-hcaptcha 1.2.0

This login verification module adds a hCaptcha check when any user logs into the site.

Adds

• Add hcaptcha-complete and hcaptcha-invalid-token structured logging events.

Pro modules

@apostrophecms-pro/doc-template-library 1.1.0

This module solves the "blank page problem" for developers and product managers, and makes it faster for editors to create content. doc-template-library allows for the configuration of default widgets and pre-populated content on piece or page templates, and to re-use existing layouts. Contact us or visit our new pricing page to learn more.

Adds

• Pass moduleName to toolbar manager in order to add the ability to have custom modals for batch operations.
• hasTemplates: false option can be set on any piece type module, and templates have been disabled for
  several standard types for which they do not make sense.

Fixes

• Several additional inappropriate types are now excluded from the template feature by default.
• "Save As Template" no longer appears for inappropriate types (requires corresponding update of the apostrophe module).