build(deps): bump parse-server from 6.5.5 to 7.0.0 in /apps/OpenSignServer

[dependabot[bot]]

Bumps parse-server from 6.5.5 to 7.0.0.

Release notes

Sourced from parse-server's releases.

7.0.0

7.0.0 (2024-03-19)

Bug Fixes

• CacheAdapter does not connect when using a CacheAdapter with a JSON config (#8633) (720d24e)
• Conditional email verification not working in some cases if verifyUserEmails, preventLoginWithUnverifiedEmail set to functions (#8838) (8e7a6b1)
• Context not passed to Cloud Code Trigger beforeFind when using Parse.Query.include (#8765) (7d32d89)
• Deny request if master key is not set in Parse Server option masterKeyIps regardless of ACL and CLP (#8957) (a7b5b38)
• Docker image not published to Docker Hub on new release (#8905) (a2ac8d1)
• Docker version releases by removing arm/v6 and arm/v7 support (#8976) (1f62dd0)
• GraphQL file upload fails in case of use of pointer or relation (#8721) (1aba638)
• Improve PostgreSQL injection detection; fixes security vulnerability GHSA-6927-3vr9-fxf2 which affects Parse Server deployments using a Postgres database (#8961) (cbefe77)
• Incomplete user object in verifyEmail function if both username and email are changed (#8889) (1eb95ae)
• Parse Server option emailVerifyTokenReuseIfValid: true generates new token on every email verification request (#8885) (0023ce4)
• Parse Server option fileExtensions default value rejects file extensions that are less than 3 or more than 4 characters long (#8699) (2760381)
• Parse Server option fileUpload.fileExtensions fails to determine file extension if filename contains multiple dots (#8754) (3d6d50e)
• Security bump @​babel/traverse from 7.20.5 to 7.23.2 (#8777) (2d6b3d1)
• Security upgrade graphql from 16.6.0 to 16.8.1 (#8758) (71dfd8a)
• Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability GHSA-6hh7-46r2-vf29 (#9024) (9f6e342)
• Server crashes when receiving an array of Parse.Pointer in the request body (#8784) (66e3603)
• Username is undefined in email verification link on email change (#8887) (e315c13)

Features

• Add $setOnInsert operator to Parse.Server.database.update (#8791) (f630a45)
• Add installationId to arguments for verifyUserEmails, preventLoginWithUnverifiedEmail (#8836) (a22dbe1)
• Add installationId, ip, resendRequest to arguments passed to verifyUserEmails on verification email request (#8873) (8adcbee)
• Add Parse.User as function parameter to Parse Server options verifyUserEmails, preventLoginWithUnverifiedEmail on login (#8850) (972f630)
• Add compatibility for MongoDB Atlas Serverless and AWS Amazon DocumentDB with collation options enableCollationCaseComparison, transformEmailToLowercase, transformUsernameToLowercase (#8805) (09fbeeb)
• Add context to Cloud Code Triggers beforeLogin and afterLogin (#8724) (a9c34ef)
• Add password validation via POST request for user with unverified email using master key and option ignoreEmailVerification (#8895) (633a9d2)
• Add support for MongoDB 7 (#8761) (3de8494)
• Add support for MongoDB query comment (#8928) (2170962)
• Add support for Node 20, drop support for Node 14, 16 (#8907) (ced4872)
• Add support for Postgres 16 (#8898) (99489b2)
• Allow Parse.Session.current on expired session token instead of throwing error (#8722) (f9dde4a)
• Allow setting createdAt and updatedAt during Parse.Object creation with maintenance key (#8696) (77bbfb3)
• Deprecation DEPPS5: Config option allowClientClassCreation defaults to false (#8849) (29624e0)
• Deprecation DEPPS6: Authentication adapters disabled by default (#8858) (0cf58eb)
• Deprecation DEPPS7: Remove deprecated Cloud Code file trigger syntax (#8855) (4e6a375)
• Deprecation DEPPS8: Parse Server option allowExpiredAuthDataToken defaults to false (#8860) (e29845f)
• Deprecation DEPPS9: LiveQuery fields option is renamed to keys (#8852) (38983e8)
• Node process exits with error code 1 on uncaught exception to allow custom uncaught exception handling (#8894) (70c280c)
• Switch GraphQL server from Yoga v2 to Apollo v4 (#8959) (105ae7c)
• Upgrade Parse Server Push Adapter to 5.0.2 (#8813) (6ef1986)
• Upgrade to Parse JS SDK 5 (#9022) (ad4aa83)

Performance Improvements

... (truncated)

Commits

• c83de8c chore(release): 7.0.0 [skip ci]
• 4c74b2b build: Release (#9034)
• 60cf2dd empty
• 0d5acf3 chore(release): 7.0.0-beta.1 [skip ci]
• 5c2c120 build: Release beta (#9033)
• 63d4880 empty
• 09310a7 chore(release): 7.0.0-alpha.29 [skip ci]
• 9f6e342 fix: Server crashes on invalid Cloud Function or Cloud Job name; fixes securi...
• 901aaf8 chore(release): 7.0.0-alpha.28 [skip ci]
• ad4aa83 feat: Upgrade to Parse JS SDK 5 (#9022)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
open-sign	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Mar 25, 2024 0:50am

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.