Skip to main content

Kinto Distribution

Project description

Kinto Distribution

travis

This repository contains:

  1. a Pip requirements file that combines all packages needed to run a Kinto server will a known good set of deps

  2. a configuration file to run it

To install it on a debian-based linux installation, make sure you have Python 2.x or 3.x with virtualenv, and run:

$ sudo apt-get install golang postgresql libpq-dev libffi-dev libssl-dev\
                       libsasl2-dev python-dev libldap2-dev
$ git clone https://github.com/Kinto/kinto-dist.git && cd kinto-dist
$ sudo -n -u postgres -s -- psql -c "CREATE DATABASE dbname ENCODING 'UTF8' TEMPLATE template0;" -U postgres
$ sudo -n -u postgres -s -- psql -c "CREATE USER admin WITH PASSWORD 'pass';" -U postgres
$ sudo -n -u postgres -s -- psql -c "GRANT ALL PRIVILEGES ON DATABASE dbname TO admin;" -U postgres
$ sudo -n -u postgres -s -- psql -c "ALTER DATABASE dbname SET TIMEZONE TO UTC;" -U postgres
$ make install

Last, you need to install and run the autograph signature server, whicg requires Golang:

$ GOPATH=`pwd`/.venv go get github.com/mozilla-services/autograph
$ .venv/bin/autograph -c .autograph.yml

To run the server:

$ make serve

To update kinto-admin:

$ make update-kinto-admin

CHANGELOG

This document describes changes between each past release as well as the version control of each dependency.

3.2.0 (2017-07-05)

kinto

kinto 7.1.0 → 7.3.1: https://github.com/Kinto/kinto/releases/tag/7.3.1

API

  • Filtering with like can now contain wild chars (eg. ?like_nobody=*you*). It is thus now impossible to search for the * character with this operator.

  • Handle querystring parameters as JSON encoded values to avoid treating number as number where they should be strings. (Kinto/kinto#1217)

  • Introduce has_ filter operator (Kinto/kinto#344).

API is now at version 1.17. See API changelog.

New features

  • Account plugin now allows account IDs to be email addresses (Kinto/kinto#1283).

Bug fixes

  • Make it illegal for a principal to be present in account_create_principals without also being in account_write_principals. Restricting creation of accounts to specified users only makes sense if those users are “admins”, which means they’re in account_write_principals. (Kinto/kinto#1281)

  • Fix a 500 when accounts without an ID are created (Kinto/kinto#1280).

  • Fix StatsD unparseable metric packets for the unique user counter (Kinto/kinto#1282)

  • Fix permissions endpoint when using account plugin (Kinto/kinto#1276)

  • Fix missing collection_count field in the rebuild-quotas script.

  • Fix bug causing validation to always succeed if no required fields are present.

  • Several changes to the handling of NULLs and how the full range of JSON values is compared in a storage backend (Kinto/kinto#1258, Kinto/kinto#1252, Kinto/kinto#1215, Kinto/kinto#1216, Kinto/kinto#1217 and Kinto/kinto#1257).

  • Fix requests output when running with make serve (Kinto/kinto#1242)

  • Fix pagination on permissions endpoint (Kinto/kinto#1157)

  • Fix pagination when max fetch storage is reached (Kinto/kinto#1266)

  • Fix schema validation when internal fields like id or last_modified are marked as required (Kinto/kinto#1244)

  • Restore error format for JSON schema validation errors (which was changed in Kinto/kinto#1245).

  • Fix bug in Postgres backend regarding the handling of combining filters and NULL values (Kinto/kinto#1291)

kinto-admin

kinto-admin 1.13.3 → 1.14.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.14.0

New features

  • Update kinto-http.js 4.3.3 (Kinto/kinto-admin#431)

  • Add support for the Kinto Account plugin. (Kinto/kinto-admin#439)

kinto-amo

kinto-amo 0.3.0 → 0.4.0: https://github.com/mozilla-services/kinto-amo/releases/tag/0.4.0

New features

  • Add support for cache control headers (If-None-Match and If-Modified-Since) (mozilla-services/kinto-amo#21)

3.1.2 (2017-06-28)

kinto-emailer

kinto-emailer 0.4.0 → 1.0.0: https://github.com/Kinto/kinto-emailer/releases/tag/1.0.0

Bug fixes

  • Fix crash when creating bucket with POST /buckets (fixes Kinto/kinto-emailer#43)

kinto-signer

kinto-signer 1.5.1 → 1.5.2: https://github.com/Kinto/kinto-signer/releases/tag/1.5.2

  • Catch cache invalidation errors and log the error. (Kinto/kinto-signer#186)

3.1.1 (2017-06-28)

kinto-signer

kinto-signer 1.5.0 → 1.5.1: https://github.com/Kinto/kinto-signer/releases/tag/1.5.1

  • Fix kinto-signer heartbeat. (Kinto/kinto-signer#182)

3.1.0 (2017-06-19)

kinto-signer

kinto-signer 1.4.0 → 1.5.0: https://github.com/Kinto/kinto-signer/releases/tag/1.5.0

New features

  • Add support for CloudFront path cache invalidation. (Kinto/kinto-signer#178)

# Configure the cloudfront distribution related to the server cache.
kinto.signer.distribution_id = E2XLCI5EUWMRON

3.0.1 (2017-06-12)

  • Install mozilla-cloud-services-logger. (#134)

3.0.0 (2017-06-12)

kinto

kinto 6.1.0 → 7.1.0: https://github.com/Kinto/kinto/releases/tag/7.1.0

Breaking changes

  • The flush endpoint is now a built-in plugin at kinto.plugins.flush and should be enabled using the includes section of the configuration file. KINTO_FLUSH_ENDPOINT_ENABLED environment variable is no longer supported. (#1147)

  • Settings with cliquet. prefix are not supported anymore.

  • Logging configuration now relies on standard Python logging module (#1150)

Before:

kinto.logging_renderer = kinto.core.logs.ClassicLogRenderer

Now:

[handler_console]
...
formatter = color

[formatters]
keys = color

[formatter_color]
class = logging_color_formatter.ColorFormatter
  • Forbid storing bytes in the cache backend. (#1143)

  • kinto.core.api was renamed to kinto.core.openapi (#1145)

  • Logging extra information on message must be done using the extra keyword (eg. logger.info('msg', extra={a=1}) instead of logger.info('msg', a=1)) (#1110, #1150)

  • Cache entries must now always have a TTL. The ttl parameter of cache.set() is now mandatory (fixes #960).

  • get_app_settings() from kinto.core.testing.BaseWebTest is now a class method (#1144)

Protocol

  • Groups can now be created with a simple PUT (fixes #793)

  • Batch requests now raise 400 on unknown attributes (#1163).

Protocol is now at version 1.16. See API changelog.

New features

  • Enforce the permission endpoint when the admin plugin is included (fixes #1059)

  • Access control failures are logged with WARN level (fixes #1074)

  • Added an experimental Accounts API which allow users to sign-up modify their password or delete their account (fixes #795)

  • delete() method from cache backend now returns the deleted value (fixes #1231)

  • kinto rebuild-quotas script was written that can be run to repair the damage caused by #1226 (fixes #1230).

Bug fixes

  • Fix Memory backend sometimes show empty permissions (#1045)

  • Allow to create default bucket with a PUT request and an empty body (fixes #1080)

  • Fix PostgreSQL backend when excluding a list of numeric values (fixes #1093)

  • Fix ignore_conflict storage backend create method parameter to keep the existing rather than overriding it. (#1134)

  • Fix impacted records of events generated by implicit creation in default bucket (#1137)

  • Removed Structlog binding and bottlenecks (fixes #603)

  • Fixed Swagger output with subpath and regex in pyramid routes (fixes #1180)

  • Fixed Postgresql errors when specifying empty values in querystring numeric filters. (fixes #1194)

  • Return a 400 Bad Request instead of crashing when the querystring contains bad characters. (fixes #1195)

  • Fix PostgreSQL backend from deleting records of the same name in other buckets and collections when deleting a bucket. (fixes #1209)

  • Fix race conditions on deletions with upsert in PostgreSQL storage.update() (fixes #1202)

  • Fix PostgreSQL backend race condition when replacing permissions of an object (fixes #1210)

  • Fix crash when deleting multiple buckets with quotas plugin enabled (fixes #1201)

  • The default_bucket plugin no longer sends spurious “created” events for buckets and collections that already exist. This causes the quotas plugin to no longer leak “quota” when used with the default_bucket plugin. (#1226)

  • Fix removal of timestamps when parent object is deleted (fixes #1233)

  • Do not allow to reuse deletion tokens (fixes #1171)

  • accounts plugin: fix exception on authentication. (#1224)

  • Fix crash with JSONSchema validation of unknown required properties (fixes #1243)

  • Fix bug on bucket deletion where other buckets could be deleted too if their id started with the same id

  • Fix permissions of accounts created with PUT by admin (ref #1248)

  • Fix ownership of accounts created with POST by admin (fixes #1248)

Internal changes

  • Do not keep the whole Kinto Admin bundle in the repo (fixes #1012)

  • Remove the email example from the custom code event listener tutorial (fixes #420)

  • Removed useless logging info from resource (ref #603)

  • Make sure prefixed userid is always first in principals

  • Run functional tests on PostgreSQL

  • Fix tests with Pyramid 1.9a

  • Removed useless deletions in quota plugin

  • Upgraded the kinto-admin to version 1.13.2

kinto-signer

kinto-signer 1.3.3 → 1.4.0: https://github.com/Kinto/kinto-signer/releases/tag/1.4.0

Internal changes

  • Upgrade to kinto 7.1

2.2.0 (2017-05-25)

kinto

kinto 6.0.8 → 6.1.0: https://github.com/Kinto/kinto/releases/tag/6.1.0

New feature

  • kinto rebuild-quotas script was written that can be run to repair the damage caused by #1226 (fixes #1230).

Bug fixes

  • The default_bucket plugin no longer sends spurious “created” events for buckets and collections that already exist. This causes the quotas plugin to no longer leak “quota” when used with the default_bucket plugin. (#1226)

  • Fix race conditions on deletions with upsert in PostgreSQL storage.update() (fixes #1202).

  • Fix PostgreSQL backend race condition when replacing permissions of an object (fixes #1210)

  • Fix missing package.json file in package. (#1222)

  • Fix removal of timestamps when parent object is deleted (fixes #1233)

2.1.3 (2017-05-04)

kinto

kinto 6.0.7 → 6.0.8: https://github.com/Kinto/kinto/releases/tag/6.0.8

Bug fixes

  • Prevent PostgreSQL backend from deleting records of the same name in other buckets and collections when deleting a bucket. (fixes Kinto/kinto#1209)

2.1.2 (2017-04-27)

kinto

kinto 6.0.6 → 6.0.7: https://github.com/Kinto/kinto/releases/tag/6.0.7

Bug fixes

  • Fix the kinto-admin to use PATCH instead of PUT when asking for a review.

2.1.1 (2017-04-26)

kinto

kinto 6.0.4 → 6.0.6: https://github.com/Kinto/kinto/releases/tag/6.0.6

Bug fixes

  • Return a 400 Bad Request instead of crashing when the querystring contains bad characters. (Kinto/kinto#1195)

  • Fixed Postgresql errors when specifying empty values in querystring numeric filters. (Kinto/kinto#1194)

  • Upgrade the kinto-admin to v1.13.3

kinto-admin

kinto-admin 1.13.2 → 1.13.3: https://github.com/Kinto/kinto-admin/releases/tag/v1.13.3

Bug fixes

  • Fix signoff plugin membership checks. (Kinto/kinto-admin#429). This was preventing using and navigating within signoff plugin views.

kinto-signer

kinto-signer 1.3.2 → 1.3.3: https://github.com/Kinto/kinto-signer/releases/tag/1.3.3

Bug fixes

  • Do not send ReviewApproved event when signing a collection that is already signed (Kinto/kinto-signer#174)

2.1.0 (2017-04-14)

kinto

kinto 6.0.1 → 6.0.4: https://github.com/Kinto/kinto/releases/tag/6.0.4

Bug fixes

  • Fixed Swagger when routes contain subpath/regexp (Kinto/kinto#1180)

kinto-attachment

kinto-attachment 2.0.0 → 2.0.1: https://github.com/Kinto/kinto-attachment/releases/tag/2.0.1

Bug fixes

  • Set request parameters before instantiating a record resource. (Kinto/kinto-attachment#127)

kinto-admin

kinto-admin 1.10.0 → 1.13.2: https://github.com/Kinto/kinto-admin/releases/tag/v1.13.2

New features

  • Add review/decline comments (Kinto/kinto-admin#417)

  • Limit number of collections listed in the sidebar. (Kinto/kinto-admin#410)

  • Collection full diff view improvements. (Kinto/kinto-admin#409)

  • Add support for Portier authentication. (Kinto/kinto-admin#395)

Bug fixes

  • Preload all collections to populate state. (Kinto/kinto-admin#418)

  • Order history entry target permissions consistently. (Kinto/kinto-admin#413)

  • Fix Portier broken redirect URL handling after successful auth when coming from the homepage (Kinto/kinto-admin#414)

  • Restore auth form contextual help. (Kinto/kinto-admin#396)

  • Fix broken post-auth redirections. (Kinto/kinto-admin#397)

  • Retrieve all paginated permissions. (Kinto/kinto-admin#400)

kinto-emailer

kinto-emailer 0.3.0 → 0.4.0: https://github.com/Kinto/kinto-emailer/releases/tag/0.4.0

New features

  • Add a validate_setup.py script to check that server can actually send emails

  • Add a kinto-send-email command to test the configuration (kinto/kinto-emailer#35)

Bug fixes

  • Fix sending notifications by decoupling it from transactions (kinto/kinto-emailer#38)

kinto-signer

kinto-signer 1.3.0 → 1.3.2: https://github.com/Kinto/kinto-signer/releases/tag/1.3.2

Bug fixes

  • Allow canonical_json to work with iterators. (Kinto/kinto-signer#167)

  • Fixed inconsistencies in ResourceChanged produced by Kinto signer (Kinto/kinto-signer#169)

  • Update e2e.py to be robust against kinto_client returning an iterator in Python 3. (Kinto/kinto-signer#165)

  • Send kinto-signer before committing since some database may have to be performed in the subscribers (Kinto/kinto-signer#172)

2.0.1 (2017-03-10)

kinto

kinto 6.0.0 → 6.0.1: https://github.com/Kinto/kinto/releases/tag/6.0.1

Bug fixes

  • Fix Memory backend sometimes show empty permissions (Kinto/kinto#1045)

  • Allow to create default bucket with a PUT request and an empty body (Kinto/kinto#1080)

  • Fix PostgreSQL backend when excluding a list of numeric values (Kinto/kinto#1093)

  • Fix ignore_conflict storage backend create method parameter to keep the existing rather than overriding it. (Kinto/kinto#1134)

  • Fix impacted records of events generated by implicit creation in default bucket (Kinto/kinto#1137)

kinto-ldap

kinto-ldap 0.3.0 → 0.3.1: https://github.com/Kinto/kinto-ldap/releases/tag/0.3.1

Bug fixes

  • Fix support with Kinto 6 and Python 3. (Kinto/kinto-ldap#18)

2.0.0 (2017-03-06)

Configuration Breaking Changes

  • kinto_changes must now be present in kinto.includes (eg. on read-only stacks) otherwise the monitoring endpoint won’t be accessible.

  • The configuration of kinto-changes has to be changed:

Before:

kinto.event_listeners = changes
kinto.event_listeners.changes.use = kinto_changes.listener
kinto.event_listeners.changes.http_host = website.domain.tld
kinto.event_listeners.changes.collections = /buckets/settings
                                            /buckets/blocklists/collections/certificates

Now:

kinto.changes.http_host = website.domain.tld
kinto.changes.resources = /buckets/settings
                          /buckets/blocklists/collections/certificates

kinto

kinto 5.4.1 → 6.0.0: https://github.com/Kinto/kinto/releases/tag/6.0.0

Breaking changes

  • Remove Python 2.7 support and upgrade to Python 3.5. (Kinto/kinto#1050)

  • Upgraded minimal PostgreSQL support to PostgreSQL 9.5 (Kinto/kinto#1056)

  • The --ini parameter is now after the subcommand name (Kinto/kinto#1095)

Protocol

  • Fixed If-Match behavior to match the RFC 2616 specification (Kinto/kinto#1102).

  • A 409 Conflict error response is now returned when some backend integrity constraint is violated (instead of 503) (Kinto/kinto#602)

Protocol is now at version 1.15. See API changelog.

Bug fixes

  • Prevent injections in the PostgreSQL permission backend (Kinto/kinto#1061)

  • Fix crash on If-Match: * (Kinto/kinto#1064)

  • Handle Integer overflow in querystring parameters. (Kinto/kinto#1076)

  • Flush endpoint now returns an empty JSON object instad of an HTML page (Kinto/kinto#1098)

  • Fix nested sorting key breaks pagination token. (Kinto/kinto#1116)

  • Remove deleted field from PUT requests over tombstones. (Kinto/kinto#1115)

  • Fix crash when preconditions are used on the permission endpoint (Kinto/kinto#1066)

  • Fixed resource timestamp upsert in PostgreSQL backend (Kinto/kinto#1125)

  • Fix pserve argument ordering with Pyramid 1.8 (Kinto/kinto#1095)

Internal changes

  • Update the upsert query to use an INSERT or UPDATE on CONFLICT behavior (Kinto/kinto#1055)

  • Permission schema children fields are now set during initialization instead of on deserialization (Kinto/kinto#1046).

  • Request schemas (including validation and deserialization) are now isolated by method and endpoint type (Kinto/kinto#1047).

  • Move generic API schemas (e.g TimeStamps and HeaderFields) from kinto.core.resource.schema to a sepate file on kinto.core.schema. (Kinto/kinto#1054)

  • Upgraded the kinto-admin to version 1.10.0 (Kinto/kinto#1086, Kinto/kinto#1128)

  • Upgrade to Pyramid 1.8 (Kinto/kinto#1087)

  • Use Cornice Swagger rather than merging YAML files to generate the OpenAPI spec.

  • Gracefully handle UnicityError with the default_bucket plugin and the PostgreSQL backend using PostgreSQL 9.5+ ON CONFLICT clause. (Kinto/kinto#1122)

kinto-attachment

kinto-attachment 1.1.2 → 2.0.0: https://github.com/Kinto/kinto-attachment/releases/tag/2.0.0

  • Remove Python 2.7 support and upgrade to Python 3.5. (Kinto/kinto-attachment#125)

kinto-changes

kinto-changes 0.5.0 → 1.0.0: https://github.com/Kinto/kinto-changes/releases/tag/1.0

Breaking changes

  • The change endpoint location is now hard-coded (/buckets/monitor/collections/changes/records) and cannot be configured.

  • The permissions principals cannot be specified anymore. The change endpoint is now always public.

  • The monitor bucket and changes collection are not required anymore and are not created anymore.

  • POST and DELETE are not supported on the changes endpoint anymore.

  • Individual entries (eg. /buckets/monitor/collections/changes/records/{id}) cannot be accessed anymore.

  • The listener was dropped. Configuration must be changed (see above)

kinto-signer

kinto-signer 1.2.0 → 1.3.0: https://github.com/Kinto/kinto-signer/releases/tag/1.3.0

  • Update e2e.py script to be compatible with Python 3.5 (Kinto/kinto-signer#165)

1.13.1 (2017-02-24)

kinto

kinto 5.4.0 → 5.4.1: https://github.com/Kinto/kinto/releases/tag/5.4.1

Bug fixes

  • Fix unexpected references on the swagger spec that failed validation. (Kinto/kinto#1108)

1.13.0 (2017-02-21)

amo2kinto

amo2kinto 1.6.0 → 1.7.2: https://github.com/mozilla-services/kinto-amo/releases/tag/1.7.2

Bug fixes

  • Fix XML exporter on missing blockID. (mozilla-services/amo2kinto#63)

kinto

kinto 5.3.5 → 5.3.6: https://github.com/Kinto/kinto/releases/tag/5.3.6

Bug fixes

  • Fix crash on If-Match: * (Kinto/kinto#1064)

  • Handle Integer overflow in querystring parameters. (Kinto/kinto#1076)

kinto-admin

kinto-admin 1.8.1 → 1.9.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.9.0

New Feature

  • Fix Kinto/kinto-admin#377, Kinto/kinto-admin#378: Allow dropping edited resource properties. (Kinto/kinto-admin#379)

  • Fix Kinto/kinto-admin#365: Render a JSON diff for history entries. (Kinto/kinto-admin#380)

  • Fix Kinto/kinto-admin#376: Denote readonly buckets & collections in the sidebar. (Kinto/kinto-admin#382)

  • Fix Kinto/kinto-admin#384: Live-searchable/filterable sidebar entries. (Kinto/kinto-admin#385)

  • Hide auth method selector when a single one is configured.

Bug fixes

  • Do not store passwords. Fixes #364 (#386)

1.12.1 (2017-02-08)

kinto

kinto 5.3.4 → 5.3.5: https://github.com/Kinto/kinto/releases/tag/5.3.5

Bug fixes

  • Prevent injections in the PostgreSQL permission backend (Kinto/kinto#1061)

1.12.0 (2017-02-02)

kinto

kinto 5.3.2 → 5.3.4: https://github.com/Kinto/kinto/releases/tag/5.3.4

Bug fixes

  • Update the upsert query to use an INSERT or UPDATE on CONFLICT behavior (Kinto/kinto#1055)

kinto-attachment

kinto-attachment 1.0.1 → 1.1.2: https://github.com/Kinto/kinto-attachment/releases/tag/1.1.2

New features

  • Expose the gzipped settings value in the capability (Kinto/kinto-attachment#117)

Bug fixes

  • Fixes crash when adding attachment to existing record with Kinto 5.3 (Kinto/kinto-attachment#120)

  • Fix invalid request when attaching a file on non UUID record id (Kinto/kinto-attachment#122)

1.11 (2017-01-31)

kinto

kinto 5.3.1 → 5.3.2: https://github.com/Kinto/kinto/releases/tag/5.3.2

Bug fixes

  • Retries to set value in PostgreSQL cache backend in case of BackendError (Kinto/kinto#1052)

1.10 (2017-01-30)

kinto

kinto 5.3.0 → 5.3.1: https://github.com/Kinto/kinto/releases/tag/5.3.1

Bug fixes

  • Retries to set value in PostgreSQL cache backend in case of IntegrityError (Kinto/kinto#1035)

  • Display Kinto-Admin version number in the footer. (Kinto/kinto#1040)

  • Configure the Kinto Admin auth methods from the server configuration (Kinto/kinto#1042)

kinto-emailer

kinto-emailer 0.3.0: https://github.com/Kinto/kinto-emailer/releases/tag/0.3.0

This package allows to send email notifications when something happens in a bucket or on a collection.

Emailing configuration is done in .ini whereas notifications configuration is done via the HTTP API within bucket or collection metadata.

kinto.includes = kinto_emailer

mail.default_sender = firefox-settings-notifs@mozilla.com
# mail.host = localhost
# mail.port = 25
# mail.username = None
# mail.password = None

See more details in Pyramid Mailer documentation.

kinto-fxa

kinto-fxa 2.3.0 → 2.3.1: https://github.com/Kinto/kinto-fxa/releases/tag/2.3.0

Bug fixes

  • Make sure that caching of token verification nevers prevents from authenticating requests (see Mozilla/PyFxA#48)

1.9 (2017-01-24)

kinto-signer

kinto 5.2.0 → 5.3.0: https://github.com/Kinto/kinto/releases/tag/5.3.0

Bug fixes

  • Fix crash with batch endpoint when list of requests contains trailing comma (Kinto/kinto#1024)

  • Cache backend transactions are not bound to the request/response cycle anymore (Kinto/kinto#879)

kinto-changes 1.1.1 → 1.2.0: https://github.com/Kinto/kinto-changes/releases/tag/1.2.0

Bug fixes

  • Do not always reset destination permissions

New features

  • Pyramid events are sent for each review step of the validation workflow (fixes #157)

  • Kinto Admin UI fields like displayFields attachment and sort are copied from the source to the preview and destination collections (if not set) (fixes #161)

kinto-admin 1.7.0 → 1.8.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.8.0

Bug fixes

  • Fix Kinto/kinto-admin#353: Show changes in review step even if no permission to approve

  • Fix Kinto/kinto-admin#248: Prevent crash on uiSchema validation when the entered JSON schema is invalid

  • Fix Kinto/kinto-admin#302: Make whole menu entry area clickable for collections

New features

  • Add a JSON editor for raw collection attributes. (Kinto/kinto-admin#116, Kinto/kinto-admin#371)

  • Don’t fail when fetching the list of buckets returns a HTTP 403. (Kinto/kinto-admin#370)

  • Retry requests once (Kinto/kinto-admin#368)

1.8 (2017-01-16)

kinto-changes

kinto-changes 0.4.0 → 0.5.0: https://github.com/Kinto/kinto-changes/releases/tag/0.5.0

Bug fixes

  • Do not force the timestamp of monitored entries, to avoid possible integrity errors (Kinto/kinto-changes#27)

kinto-signer

kinto-signer 1.0.0 → 1.1.1: https://github.com/Kinto/kinto-signer/releases/tag/1.1.1

Bug fixes

  • Fix consistency of setting names for per-collection workflows configuration (Kinto/kinto-signer#149)

  • Remove recursivity of events when requesting review (Kinto/kinto-signer#158)

1.7 (2017-01-12)

Kinto

kinto 5.1.0 → 5.2.0: https://github.com/Kinto/kinto/releases/tag/5.2.0

Protocol

New features

  • When admin is enabled, /v1/admin does not return 404 anymore, but now redirects to /v1/admin/ (with trailing slash).

Bug fixes

  • Add missing Total-Records field on DELETE header with plural endpoints (fixes Kinto/kinto#1000)

kinto-admin

kinto-admin 1.6.1 → 1.7.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.7.0

  • Added a TagsField form component (eg. devices list) (Kinto/kinto-admin#367)

1.6 (unreleased)

Upgrade notes

  • Replace kinto_admin by kinto.plugins.admin for kinto.includes setting in the INI file.

kinto.includes = kinto.plugins.admin
  • We can skip the history on the preview and production buckets:

kinto.history.exclude_resources = /buckets/blocklists
                                  /buckets/blocklists-preview

Kinto

kinto 4.3.6 → 5.1.0: https://github.com/Kinto/kinto/releases/tag/5.1.0

Protocol

  • Add support for JSON-Patch (RFC 6902).

  • Add support for JSON-Merge (RFC 7396).

  • Added a principals list to hello view when authenticated.

  • Added details attribute to 404 errors. (Kinto/kinto#818)

  • Add a basicauth capability when activated on the server. (Kinto/kinto#937)

  • Add ability to delete history entries using DELETE (Kinto/kinto#958)

New features

  • Added a new built-in plugin kinto.plugins.admin to serve the kinto admin.

  • Added a new parse_resource utility to kinto.core.utils

  • Add a setting to limit the maximum number of bytes cached in the memory backend. (Kinto/kinto#610)

  • Add a setting to exclude certain resources from being tracked by history (Kinto/kinto#964)

kinto-admin

kinto-admin 1.5.1 → 1.6.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.6.0

New features

  • Fix Kinto/kinto-admin#208: Generalized pagination. (Kinto/kinto-admin#352)

  • Fix Kinto/kinto-admin#208: Paginate history. (Kinto/kinto-admin#351)

  • Add support for gzipped option on attachments (Kinto/kinto-admin#358)

Bug fixes

  • Fix Kinto/kinto-admin#349: [signoff] Update the lastSigned timestamp. (Kinto/kinto-admin#362)

  • Fix Kinto/kinto-admin#350: work-in-progress infos (Kinto/kinto-admin#363)

  • Fix Kinto/kinto-admin#273: Prevent overriding members list in group edition form. (Kinto/kinto-admin#346)

  • Typo in capabilities property name (Kinto/kinto-admin#357)

kinto-fxa

kinto-fxa 2.2.0 → 2.3.0: https://github.com/mozilla-services/kinto-fxa/releases/2.3.0

  • Compatibility with Kinto 5

1.5 (2016-12-01)

  • Create a Dockerfile that matches Dockerflow. (#84)

1.4 (2016-11-28)

Kinto

kinto 4.3.4 → 4.3.6: https://github.com/Kinto/kinto-admin/releases/tag/4.3.6

Bug fixes

  • Fix crash in permission endpoint when merging permissions from settings and from permissions backend (fixes #926)

  • Fix crash in PostgreSQL backend when specified bound permissions is empty (fixes #906)

  • Fix response status for OPTION request on version redirection (fixes #852)

  • Fix crash in authorization policy when object ids contain unicode (fixes #931)

  • Permissions are now correctly removed from permission backend when a parent object is deleted (fixes #898)

  • Add deletion of multiple groups in API docs (#928)

  • Fix record_id attribute in history entries when several records are modified via a batch request (fixes #942)

kinto-admin

kinto-admin 1.5.0 → 1.5.1: https://github.com/Kinto/kinto-admin/releases/tag/1.5.1

Bug fixes

  • Fix #339: Fix server history not saved. (#342)

  • Fix #340: Fix broken saved session restore. (#341)

  • Fix #332: Display app version number in the footer. (#338)

  • Fix broken timeago helper. (#335)

  • Fix #336: Fix cannot save bucket attributes upon creation. (#337)

kinto-ldap

kinto-ldap 0.2.1 → 0.3.0: https://github.com/Kinto/kinto-ldap/releases/tag/0.3.0

New features

  • Support login from multiple DN from the same LDAP server (Kinto/kinto-ldap#16)

1.3 (2016-11-18)

Kinto

kinto 4.3.3 → 4.3.4: https://github.com/Kinto/kinto-admin/releases/tag/4.3.4

Bug fixes

  • Fix bug when two subfields are selected in partial responses (fixes Kinto/kinto#920)

kinto-admin

kinto-admin 1.4.3 → 1.5.0: https://github.com/Kinto/kinto-admin/releases/tag/1.5.0

New features

  • Auth form improvements (Kinto/kinto-admin#327, Kinto/kinto-admin#327#328)

  • Review workflow UI improvements. (Kinto/kinto-admin#319, Kinto/kinto-admin#322)

Bug fixes

  • Hide details on review step link when history capability is unavailable. (Kinto/kinto-admin#325)

  • Relative time fixes (Kinto/kinto-admin#324)

  • Workflow history of changes now only shows records (Kinto/kinto-admin#320)

  • Fix lost list of groups when using signoff plugin. (Kinto/kinto-admin#321)

1.2 (2016-11-15)

Kinto

kinto 4.3.2 → 4.3.3: https://github.com/Kinto/kinto-admin/releases/tag/4.3.3

Bug fixes

  • Fix crash when querystring parameter contains null string (fixes #882)

  • Permissions endpoint now exposes the user permissions defined in settings (fixes #909)

  • Fix crash when redirection path contains CRLF character (fixes #887)

kinto-admin

kinto-admin 1.4.2 → 1.4.3: https://github.com/Kinto/kinto-admin/releases/tag/1.4.3

Bug fixes

  • Fix #311: check object permissions via parents objects too (#312)

  • Fix #309: hide server URL from authentication form (#310)

1.1 (2016-11-09)

kinto-ldap

kinto-ldap 0.1.0 → 0.2.1: https://github.com/Kinto/kinto-ldap/releases/tag/0.2.1

New features

  • Set default value for multiauth.policy.ldap.use (fixes #3)

  • Add the plugin version in the hello view capabilities.

  • Add connection pool settings (fixes #10)

# kinto.ldap.pool_size = 10
# kinto.ldap.pool_retry_max = 3
# kinto.ldap.pool_retry_delay = .1
# kinto.ldap.pool_timeout = 30

Bug fixes

  • Fix heartbeat when server is unreachable (fixes #8)

  • Fix heartbeat that would always return False (#14)

  • Do not crash and log exception if LDAP when server is unreachable (fixes #9)

kinto-changes

kinto-changes 0.3.0 → 0.4.0: https://github.com/Kinto/kinto-changes/releases/tag/0.4.0

New features

  • Add the plugin version in the capability (Kinto/kinto-changes#20)

  • Add collections in the capability (Kinto/kinto-changes#18)

  • Add a specific setting to override global http_host value (Kinto/kinto-changes#24)

kinto.event_listeners.changes.http_host = firefox.settings.services.mozilla.com

kinto-admin

kinto-admin 1.4.1 → 1.4.2: https://github.com/Kinto/kinto-admin/releases/tag/1.4.2

Bug fixes

  • Fix #299: Fix broken attachment creation. (#305)

  • Fix #303: Fix attachment link in records list. (#306)

  • Fix #307: Always show hooks on collection records page (#308)

1.0 (2016-10-28)

kinto-admin

kinto-admin 1.4.1: https://github.com/Kinto/kinto-admin/releases/tag/v1.4.1

See changelog for kinto-admin 1.4.0

kinto-amo

kinto-amo 0.2.0 → 0.3.0: https://github.com/mozilla-services/kinto-amo/releases/tag/0.3.0

  • Enable preview XML endpoint:

kinto.amo.preview.addons = /buckets/blocklists-preview/collections/addons
kinto.amo.preview.plugins = /buckets/blocklists-preview/collections/plugins
kinto.amo.preview.gfx = /buckets/blocklists-preview/collections/gfx
kinto.amo.preview.certificates = /buckets/blocklists-preview/collections/certificates

Then you can access kinto-amo endpoints:

  • /v1/preview/3/{3550f703-e582-4d05-9a08-453d09bdfdc6}/47.0/

kinto-signer

kinto-signer 0.9.2 → 1.0.0: https://github.com/Kinto/kinto-signer/releases/tag/1.0.0

  • Review and group check features can be set/overriden by collection in settings:

kinto.signer.staging_certificates_group_check_enabled = true
kinto.signer.staging_certificates_to_review_enabled = true
kinto.signer.staging_certificates_editors_group = certificates-editors
kinto.signer.staging_certificates_reviewers_group = certificates-reviewers

You can also update the signer to configure preview there:

kinto.signer.resources =
  /buckets/staging/collections/addons;/buckets/blocklists-preview/collections/addons;/buckets/blocklists/collections/addons
  /buckets/staging/collections/plugins;/buckets/blocklists-preview/collections/plugins;/buckets/blocklists/collections/plugins
  /buckets/staging/collections/gfx;/buckets/blocklists-preview/collections/gfx;/buckets/blocklists/collections/gfx
  /buckets/staging/collections/certificates;/buckets/blocklists-preview/collections/certificates;/buckets/blocklists/collections/certificates

See changelog for kinto-dist 0.9.0 or kinto-signer documentation for more details about workflows.

kinto-fxa

kinto-fxa 2.1.0 → 2.2.0: https://github.com/mozilla-services/kinto-fxa/releases/2.2.0

0.9.1 (2016-10-06)

Kinto

kinto 4.3.0 → 4.3.1: https://github.com/Kinto/kinto/releases/tag/4.3.1

kinto-signer

kinto-signer 0.9.1 → 0.9.2: https://github.com/Kinto/kinto-signer/releases/tag/0.9.2

0.9.0 (2016-10-04)

Kinto

kinto 3.3.2 → 4.3.0: https://github.com/Kinto/kinto/releases/tag/4.3.0

Highlights

  • Redis backends were dropped from core, and are now packaged separately in kinto-redis

  • New /__version__ endpoint which reads a version.json file to expose what version has been deployed. Its location can be specified in the kinto.version_json_path setting (fixes #830)

  • New built-in plugin kinto.plugins.history to track history of changes per bucket from the Kinto Admin UI (must be added explicity in the ``kinto.includes`` setting)

  • kinto migrate now accepts a --dry-run option which details the operations to be made without executing them.

  • New built-in plugin kinto.plugins.quotas to set storage quotas per bucket/collection (c.f. Web Extensions storage)

  • The history and quotas plugins execution time is now monitored on StatsD (kinto.plugins.quotas and kinto.plugins.history) (#832)

  • The permissions attribute is now empty in the response if the user has not the permission to write on the object (Kinto/kinto#123)

  • Parent attributes are now readable if children creation is allowed (Kinto/kinto#803)

  • New kinto delete-collection command to delete a collection from the command-line.

kinto-admin

kinto-admin 1.3.0: https://github.com/Kinto/kinto-admin/releases/tag/v1.3.0

  • Add views for browsing a collection history (#196)

  • Updated kinto-http to v2.3.0.

  • Activate the signoff plugin to allow triggering a signature from the Admin.

kinto-signer

kinto-signer 0.7.3 → 0.9.1: https://github.com/Kinto/kinto-signer/releases/tag/0.9.0

The API can now optionally rely on a workflow and can check that users changing collection status belong to some groups (e.g. editors, reviewers). With that feature enabled, the signature of the collection will have to follow this workflow:

  • an editor will request a review by setting the collection status to to-review;

  • a preview collection will be updated and signed so that QA can validate the changes on the client side;

  • a reviewer — different from the last editor — will trigger the signature by setting the status to to-sign as before.

In order to enable this feature, the following procedure must be followed:

  • Change the resources settings to add a preview collection URL ({source};{preview};{destination})

..code-block:: ini

kinto.signer.resources =

/buckets/staging/collections/certificates;/buckets/preview/collections/certificates;/buckets/blocklists/collections/certificates

  • Enable the review and group check features:

..code-block:: ini

kinto.signer.to_review_enabled = true kinto.signer.group_check_enabled = true

  • Last, create editors and reviewers groups in the staging bucket, and add appropriate usernames to it. The groups can now be managed from the Kinto Admin UI. Otherwise via the command-line:

..code-block:: bash

$ echo ‘{“data”: {“members”: [”ldap:some@one.com”]}}’ |

http PUT $SERVER_URL/buckets/staging/groups/editors –auth=”admin:token”

$ echo ‘{“data”: {“members”: [”ldap:some@one.com”]}}’ |

http PUT $SERVER_URL/buckets/staging/groups/editors –auth=”admin:token”

0.8.2 (2016-09-12)

Upgrade to kinto 3.3.3

Bug fixes

  • Fix heartbeat transaction locks with PostgreSQL backends (fixes Kinto/kinto#804)

0.8.1 (2016-07-27)

  • Add the kinto-dist version in the plugin capability. (#40)

kinto-signer 0.7.2 → 0.7.3: https://github.com/Kinto/kinto-signer/releases/tag/0.7.3

Bug fixes

  • Fix signature inconsistency (timestamp) when several changes are sent from the source to the destination collection. Fixed e2e.py and validate_signature.py scripts (Kinto/kinto-signer#110)

Minor change

  • Add the plugin version in the capability. (Kinto/kinto-signer#108)

0.8.0 (2016-07-25)

Kinto

kinto 3.3.0 → 3.3.2: https://github.com/Kinto/kinto/releases/tag/3.3.2

Bug fixes

  • Fix Redis get_accessible_object implementation (kinto/kinto#725)

  • Fix bug where the resource events of a request targetting two groups/collection from different buckets would be grouped together (kinto/kinto#728)

kinto-signer

kinto-signer 0.7.1 → 0.7.2: https://github.com/Kinto/kinto-signer/releases/tag/0.7.2

Bug fixes

  • Provide the old value on destination records updates (kinto/kinto-signer#104)

  • Send create event when destination record does not exist yet.

  • Events sent by kinto-signer for created/updated/deleted objects in destination now show user_id as plugin:kinto-signer

0.7.0 (2016-07-19)

kinto-admin 1.2.0: https://github.com/Kinto/kinto-admin/releases/tag/1.2.0

Kinto

kinto 3.2.2 → 3.3.0: https://github.com/Kinto/kinto/releases/tag/3.3.0

API

  • Add new experimental endpoint GET /v1/permissions to retrieve the list of permissions granted on every kind of object (#600). Requires setting kinto.experimental_permissions_endpoint to be set to true.

API is now at version 1.8. See API changelog.

Bug fixes

  • Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints

  • Fix crash in memory backend with Python3 when filtering on unknown field

Kinto-attachment

kinto-attachment 0.7.0 → 0.8.0: https://github.com/Kinto/kinto-attachment/releases/tag/0.8.0

New features

  • Prevent attachment attributes to be modified manually (fixes Kinto/kinto-attachment#83)

Bug fixes

  • Fix crash when the file is not uploaded using attachment field name (fixes Kinto/kinto-attachment#57)

  • Fix crash when the multipart content-type is invalid.

  • Prevent crash when filename is not provided (fixes Kinto/kinto-attachment#81)

  • Update the call to the Record resource to use named attributes. (Kinto/kinto-attachment#97)

  • Show detailed error when data is not posted with multipart content-type.

  • Fix crash when submitted data is not valid JSON (fixes Kinto/kinto-attachment#104)

0.6.3 (2016-07-21)

  • Take the correct Kinto 3.2.4 version.

0.6.2 (2016-07-21)

  • Add integration test for every enabled plugins

Kinto

kinto 3.2.2 → 3.2.4: https://github.com/Kinto/kinto/releases/tag/3.2.4

Bug fixes

  • Fix bug where the resource events of a request targetting two groups/collection from different buckets would be grouped together (#728).

  • Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints

  • Fix crash in memory backend with Python3 when filtering on unknown field

  • Fix bug in object permissions with memory backend (#708)

  • Make sure the tombstone is deleted when the record is created with PUT. (#715)

  • Bump last_modified on record when provided value is equal to previous in storage update() method (#713)

kinto-signer

kinto-signer 0.7.0 → 0.7.1: https://github.com/Kinto/kinto-signer/releases/tag/0.7.1

Bug fix

  • Update the last_modified value when updating the collection status and signature (kinto/kinto-signer#97)

  • Trigger ResourceChanged events when the destination collection and records are updated during signing. This allows plugins like kinto-changes and kinto.plugins.history to catch the changes (kinto/kinto-signer#101)

0.6.1 (2016-07-13)

Kinto

kinto 3.2.1 → 3.2.2: https://github.com/Kinto/kinto/releases/tag/3.2.2

Bug fixes

  • Fix bug in object permissions with memory backend (#708)

  • Make sure the tombstone is deleted when the record is created with PUT. (#715)

  • Bump last_modified on record when provided value is equal to previous in storage update() method (#713)

0.6.0 (2016-05-25)

This release moves to the Kinto 3 series. This version merges Cliquet into kinto.core and all plugins have been updated to work with this change. This is a change to code structure, but there is a user-visible change, which is that settings referring to Cliquet module paths should now be updated to refer to kinto.core. module paths. For example:

kinto.cache_backend = cliquet.cache.postgresql

Should be changed to:

kinto.cache_backend = kinto.core.cache.postgresql

Kinto

kinto 2.1.2 → 3.2.0: https://github.com/Kinto/kinto/releases/tag/3.2.0

API

  • Added the GET /contribute.json endpoint for open-source information (fixes #607)

  • Allow record IDs to be any string instead of just UUIDs (fixes #655).

API is now at version 1.7. See API changelog.

New features

  • Major version update. Merged cliquet into kinto.core. This is intended to simplify the experience of people who are new to Kinto. Addresses #687.

  • Removed initialize_cliquet(), which has been deprecated for a while.

  • Removed cliquet_protocol_version. Kinto already defines incompatible API variations as part of its URL format (e.g. /v0, /v1). Services based on kinto.core are free to use http_api_version to indicate any additional changes to their APIs.

  • Simplify settings code. Previously, public_settings could be prefixed with a project name, which would be reflected in the output of the hello view. However, this was never part of the API specification, and was meant to be solely a backwards-compatibility hack for first-generation Kinto clients. Kinto public settings should always be exposed unprefixed. Applications developed against kinto.core can continue using these names even after they transition clients to the new implementation of their service.

  • kinto start now accepts a --port option to specify which port to listen to. Important: Because of a limitation in [Pyramid tooling](http://stackoverflow.com/a/21228232/147077), it won’t work if the port is hard-coded in your existing .ini file. Replace it by %(http_port)s or regenerate a new configuration file with kinto init.

  • Add support for pool_timeout option in Redis backend (fixes #620)

  • Add new setting kinto.heartbeat_timeout_seconds to control the maximum duration of the heartbeat endpoint (fixes #601)

Bug fixes

  • Fix internal storage filtering when an empty list of values is provided.

  • Authenticated users are now allowed to obtain an empty list of buckets on GET /buckets even if no bucket is readable (#454)

  • Fix enabling flush enpoint with KINTO_FLUSH_ENDPOINT_ENABLED environment variable (fixes #588)

  • Fix reading settings for events listeners from environment variables (fixes #515)

  • Fix principal added to write permission when a publicly writable object is created/edited (fixes #645)

  • Prevent client to cache and validate authenticated requests (fixes #635)

  • Fix bug that prevented startup if old Cliquet configuration values were still around (#633)

  • Fix crash when a cache expires setting is set for a specific bucket or collection. (#597)

  • Mark old cliquet backend settings as deprecated (but continue to support them). (#596)

  • Add an explicit message when the server is configured as read-only and the collection timestamp fails to be saved (ref Kinto/kinto#558)

  • Prevent the browser to cache server responses between two sessions. (#593)

  • Redirects version prefix to hello page when trailing_slash_redirect is enabled. (#700)

  • Fix crash when setting empty permission list with PostgreSQL permission backend (fixes Kinto/kinto#575)

  • Fix crash when type of values in querystring for exclude/include is wrong (fixes Kinto/kinto#587)

  • Fix crash when providing duplicated principals in permissions with PostgreSQL permission backend (fixes #702)

  • Add app.wsgi to the manifest file. This helps address Kinto/kinto#543.

  • Fix loss of data attributes when permissions are replaced with PUT (fixes Kinto/kinto#601)

  • Fix 400 response when posting data with id: "default" in default bucket.

  • Fix 500 on heartbeat endpoint when a check does not follow the specs and raises instead of returning false.

Kinto-attachment

kinto-attachment 0.5.0 → 0.7.0: https://github.com/Kinto/kinto-attachment/releases/tag/0.7.0

Breaking changes

  • When the gzip option is used during upload, the original attribute is now within the attachment information.

New features

  • Kinto 3.0 compatibility update

  • Add a kinto.attachment.extra.base_url settings to be exposed publicly. (#73)

  • Add the gzip option to automatically gzip files on upload (#85)

kinto-amo

kinto-amo 0.1.0 → 0.2.0: https://github.com/mozilla-services/kinto-amo/releases/tag/0.2.0

  • Kinto 3.0 compatibility update

kinto-changes

kinto-changes 0.2.0 → 0.3.0: https://github.com/Kinto/kinto-changes/releases/tag/0.3.0

  • Kinto 3.0 compatibility update

kinto-signer

kinto-signer 0.4.0 → 0.7.0: https://github.com/Kinto/kinto-signer/releases/tag/0.7.0

Breaking changes

  • The collection timestamp is now included in the payload prior to signing. Old clients won’t be able to verify the signature made by this version.

Bug fixes

  • Do not crash on record deletion if destination was never synced (Kinto/kinto-signer#82)

New features

  • Raise configuration errors if resources are not configured correctly (Kinto/kinto-signer#88)

kinto-fxa

cliquet-fxa 1.4.0 → kinto-fxa 2.0.0: https://github.com/mozilla-services/kinto-fxa/releases/tag/2.0.0

Breaking changes

  • Project renamed to Kinto-fxa to match the rename of cliquet to kinto.core.

  • The setting multiauth.policy.fxa.use must now be explicitly set to kinto_fxa.authentication.FxAOAuthAuthenticationPolicy

  • Kinto 3.0 compatibility update

Bug fixes

  • Fix checking of Authorization header when python is ran with -O (ref mozilla-services/cliquet#592)

kinto-ldap

kinto-ldap 0.1.0: https://github.com/Kinto/kinto-ldap/releases/tag/0.1.0

0.5.1 (2016-05-20)

Version control

0.5.0 (2016-05-17)

Version control

0.4.0 (2016-04-27)

Version control

0.3.0 (2016-04-18)

  • Fix kinto-attachment bucket setting in configuration example

Version control

Dependencies version were updated to:

0.2.0 (2016-03-22)

Version control

Dependencies version where updated to:

0.1.0 (2016-03-11)

Configuration changes

  • kinto.plugins.default_bucket plugin is no longer assumed. We invite users to check that the kinto.plugins.default_bucket is present in the includes setting if they expect it. (ref #495)

Version control

Dependencies version were updated to:

Project details


Release history Release notifications | RSS feed

This version

3.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kinto-dist-3.2.0.tar.gz (50.3 kB view hashes)

Uploaded Source

Built Distribution

kinto_dist-3.2.0-py2.py3-none-any.whl (32.0 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page