v4.51.0

New

• feat: add FIXED_LINE_OR_MOBILE numbers to pass homeno validation #886
• feat: harden rate limits #909

Improvements

• refactor: inline form permissions check for presigned POST URL endpoints #863
• refactor: prepareEncryptSubmission to typescript #891
• refactor: validateAndProcessEncryptSubmission to typescript #887
• docs(public-form): add warning comment to GET endpoint in case of API refactor #897

Fixes

• fix: add request metadata to email data error log #915
• fix: backend validation does not prevent responses on hidden fields #809
• fix: include noopener, noreferrer to <a> tags that open in a new page #916

Dependency updates

• chore(deps-dev): bump @babel/core from 7.12.3 to 7.12.10 #878
• chore(deps-dev): bump @types/express-serve-static-core #905
• chore(deps-dev): bump @types/jest from 26.0.16 to 26.0.19 #906
• chore(deps-dev): bump @types/node from 14.14.11 to 14.14.14 #900
• chore(deps-dev): bump @typescript-eslint/parser from 4.9.0 to 4.10.0 #910
• chore(deps-dev): bump core-js from 3.6.5 to 3.8.1 #907
• chore(deps-dev): bump csv-parse from 4.14.1 to 4.14.2 #911
• chore(deps-dev): bump husky from 4.3.5 to 4.3.6 #877
• chore(deps-dev): bump jest from 26.6.2 to 26.6.3 #890
• chore(deps-dev): bump lint-staged from 10.5.2 to 10.5.3 #893
• fix: upgrade angular-moment from 1.2.0 to 1.3.0 #870
• fix: upgrade angular-ui-router from 1.0.26 to 1.0.28 #868
• fix: upgrade fp-ts from 2.8.6 to 2.9.0 #896
• fix: upgrade intl-tel-input from 12.1.16 to 12.4.0 #866
• fix: upgrade sortablejs from 1.10.2 to 1.12.0 #865
• fix: upgrade to use latest Node v12 #879
• fix: upgrade twilio from 3.51.0 to 3.52.0 #869
• fix(deps): bump @sentry/browser from 5.29.0 to 5.29.1 #899
• fix(deps): bump @sentry/integrations from 5.27.4 to 5.29.0 #888
• fix(deps): bump fp-ts from 2.9.0 to 2.9.1 #914
• fix(deps): bump mongoose from 5.10.18 to 5.11.8 #889
• fix(deps): bump opossum from 5.0.2 to 5.1.1 #898
• fix(deps): bump twilio from 3.52.0 to 3.54.1 #913
• fix(deps): bump uuid from 8.3.1 to 8.3.2 #892
• fix(deps): bump web-streams-polyfill from 2.1.1 to 3.0.1 #838
• fix(deps): run snyk wizard #876

v4.50.3

Hotfixes a bug where Singpass and Corppass responses were going through even when the JWT was not present.

v4.50.1

Fixes

• Email format validation should allow 126/163.com, align frontend and backend validation

v4.50.0

Improvements

• chore: improve logging when answer is undefined #856
• fix: Put email domain restriction behind verified-fields feature toggle #852
• refactor: migrate saveMetadataToDb to TypeScript #778
• refactor: migrate sendAdminEmail to TypeScript #781
• refactor: migrate isFormPublic middleware to TypeScript #791

Dependency upgrades

• fix: run npm audit fix #858
• fix(deps): bump angular-animate from 1.8.0 to 1.8.2 #860
• chore(deps-dev): bump @types/express from 4.17.8 to 4.17.9 #840
• chore(deps-dev): bump @types/express-serve-static-core #841
• chore(deps-dev): bump @types/mongodb from 3.5.34 to 3.6.3 #839
• chore(deps-dev): bump babel-loader from 8.2.1 to 8.2.2 #859

v4.49.1

Hotfix for v4.49.0. Includes fixes/logging to prevent/ascertain why server is crashing due to undefined variables (that should not be undefined).

Fixes

• feat: add typeguard for JWT payload 7169cfb
• feat: enclose createEmailData in try-catch 96d6399

v4.49.0

Big release full of improvements and refactors.

Improved

• chore: enhance jest test reliability #800
• chore: improve default submission error message #796
• chore: log errors from concatResponse #817
• docs: remove dangling commas from mongo scripts #794
• feat: add ie11 specific styling for new template forms #834
• feat: improve email mode messaging #825
• feat: misc UX fixes #833
• feat: tighten submission validation #751
• fix: Travis Jest test not downloading mongo binary fast enough #826
• ref: migrate copy template form flow to TypeScript  #793
• ref: migrate create new form api flow to TypeScript #806
• ref: migrate DELETE /{formId}/adminform endpoint flow to TypeScript #753
• ref: migrate duplicate admin form endpoint to TypeScript #789
• ref: migrate endpoint for getting admin form to TypeScript  #807
• ref: migrate GET adminform/template endpoint to TypeScript #823
• ref: migrate transfer ownership flow to TypeScript #718
• refactor: convert Captcha to service #827
• refactor: migrate date validator to ts #749
• refactor: migrate decimal validator to ts #750
• refactor: migrate prepareEmailSubmission to TypeScript #752
• refactor: migrate validate- and receiveEmailSubmission to TypeScript #755
• refactor/core: migrate & rename core controller to HomeController in TypeScript #788
• test: raise global statement threshold #795

Bug fixes

• fix: tear out response hash #837
• fix: wrap initDate in a new Date object to avoid reference to minDate #816
• fix: close create form modal when create form fails #824

Dependency upgrades

• chore(deps-dev): bump @opengovsg/mockpass from 2.5.6 to 2.6.0 #821
• chore(deps-dev): bump @types/express-serve-static-core #801
• chore(deps-dev): bump @types/helmet from 0.0.48 to 4.0.0 #697
• chore(deps-dev): bump @types/jest from 26.0.15 to 26.0.16 #812
• chore(deps-dev): bump @types/node from 14.14.10 to 14.14.11 #829
• chore(deps-dev): bump @types/node from 14.14.7 to 14.14.10 #813
• chore(deps-dev): bump @typescript-eslint/parser from 4.7.0 to 4.9.0 #803
• chore(deps-dev): bump csv-parse from 4.12.0 to 4.14.1 #745
• chore(deps-dev): bump eslint-config-prettier from 6.15.0 to 7.0.0 #810
• chore(deps-dev): bump eslint-plugin-simple-import-sort #820
• chore(deps-dev): bump husky from 4.3.0 to 4.3.5 #819
• chore(deps-dev): bump prettier from 2.2.0 to 2.2.1 #785
• chore(deps-dev): bump type-fest from 0.18.0 to 0.20.2 #782
• fix(deps): bump @sentry/browser from 5.27.3 to 5.28.0 #774
• fix(deps): bump @sentry/browser from 5.28.0 to 5.29.0 #831
• fix(deps): bump aws-sdk from 2.783.0 to 2.802.0 #783
• fix(deps): bump aws-sdk from 2.802.0 to 2.805.0 #818
• fix(deps): bump file-saver from 2.0.2 to 2.0.5 #784
• fix(deps): bump libphonenumber-js from 1.7.55 to 1.9.5 #798
• fix(deps): bump libphonenumber-js from 1.9.5 to 1.9.6 #832
• fix(deps): bump neverthrow from 2.7.1 to 3.0.0 #797
• fix(deps): bump validator from 13.1.17 to 13.5.1 #811
• fix(deps): bump whatwg-fetch from 3.4.1 to 3.5.0 #804

v4.48.2

This release contains a hotfix which returns HTTP 400 instead of 500 when an answer is undefined.

v4.48.1

This release contains a hotfix for v4.48.0

v4.48.1

• Revert "fix: backend validation does not prevent responses on hidden fields (#736)"

v4.48.0

New

• chore: add Go and Postman tips on Share tab #759
• feat: remove .oa file from allowed file types #731
• feat(utils): add exhaustive switch case typeguard #729

Improvements

• ref: migrate get feedback flow to TypeScript #735
• ref: migrate stream feedback flow to TypeScript #733
• refactor: migrate mobile number validator to ts #713
• refactor: migrate radio button validator to ts #723
• refactor: migrate rating validator to ts #724
• refactor(field-validation): simplify #734
• feat: migrate get encrypt metadata endpoint controller to TypeScript #711

Bug fixes

• fix: backend validation does not prevent responses on hidden fields #736
• fix(AdminFormRoutes): add Joi validation on /submission endpoint #712

Misc

• chore: update travis to have multiple ci stages #742
• docs: add script for unlisting array of forms #714

Dependency upgrades

• fix(deps): bump angular-messages from 1.8.1 to 1.8.2 #725
• fix(deps): bump celebrate from 13.0.3 to 13.0.4 #756
• fix(deps): bump express-rate-limit from 5.1.3 to 5.2.3 #726
• fix(deps): bump mongoose from 5.10.15 to 5.10.18 #758
• fix(deps): bump opossum from 5.0.1 to 5.0.2 #738
• fix(deps): bump winston-cloudwatch from 2.3.2 to 2.4.0 #728
• chore(deps-dev): bump @babel/preset-env from 7.12.1 to 7.12.7 #740
• chore(deps-dev): bump @types/mongoose from 5.10.0 to 5.10.1 #746
• chore(deps-dev): bump eslint from 7.13.0 to 7.14.0 #741
• chore(deps-dev): bump lint-staged from 10.5.1 to 10.5.2 #722
• chore(deps-dev): bump prettier from 2.1.2 to 2.2.0 #709
• chore(deps-dev): bump stylelint from 13.6.1 to 13.8.0 #721
• chore(deps-dev): bump ts-jest from 26.4.1 to 26.4.4 #720
• chore(deps-dev): bump ts-mock-imports from 1.3.0 to 1.3.1 #747

v4.47.0

v4.47.0

New

• feat: update TOU + PP, update public form footer #682
• feat: add feature request link in admin navbar #676
• feat: Increase attachment size options #668

Improvements

• feat: change 'Verified?' on SMS config to 'OTP verification' #678
• ref: migrate feedback/count endpoint handler flow to TypeScript #706
• ref: extract assert permission levels helper functions #703
• refactor: migrate Singpass and Corppass code to TypeScript #701
• refactor: migrate home phone number validator to ts #704
• refactor: use neverthrow for exceptions #634
• refactor: migrate utils/permission-levels to admin-form.types #694
• ref: migrate get single encrypt submission flow to TypeScript #670
• feat: introduce CodeQL static analyzer #655
• refactor: extract temporary types into express.locals #683
• build: add lockfile-lint to CI #651

Fixes

• fix: check duplicate MyInfo fields #702
• fix: early return on undefined verification signature e67bb8b

Dependency updates

• chore(deps-dev): bump sinon from 9.2.0 to 9.2.1 #710
• chore(deps-dev): bump @opengovsg/mockpass from 2.5.5 to 2.5.6 #708
• chore(deps-dev): bump @types/mongodb from 3.5.33 to 3.5.34 #700
• fix(deps): bump twilio from 3.50.0 to 3.51.0 #699
• chore(deps-dev): bump jasmine-core from 3.5.0 to 3.6.0 #698
• fix(deps): bump angular-resource from 1.8.1 to 1.8.2 #689
• fix(deps): bump @sentry/integrations from 5.27.3 to 5.27.4 #688
• chore(deps-dev): bump htmlhint from 0.14.1 to 0.14.2 #687
• chore(deps-dev): bump eslint-plugin-jest from 24.0.2 to 24.1.3 #685
• fix(deps): bump jwt-decode from 3.1.1 to 3.1.2 #674
• fix(deps): bump mongoose from 5.10.14 to 5.10.15 #673
• fix(deps): bump fp-ts from 2.8.5 to 2.8.6 #672
• fix(deps): bump moment-timezone from 0.5.31 to 0.5.32 #675
• fix(deps): bump angular-sanitize from 1.8.1 to 1.8.2 #671
• chore(deps-dev): bump @types/mongodb from 3.5.27 to 3.5.33 #661
• chore(deps-dev): bump @types/ejs from 3.0.4 to 3.0.5 #660
• fix(deps): bump axios from 0.20.0 to 0.21.0 #658
• chore(deps-dev): bump lint-staged from 10.4.0 to 10.5.1 #657
• chore: bump version to v4.46.1 375df4f

v4.46.1 (hotfix)

Fixes

• fix: check for undefined-ness on attachmentMetadata 46d3357
• fix: early return on undefined verification signature e67bb8b