All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
- Images now support arm64.
- Now REALLY
User-Agent: potber
instead ofUser-Agent: potber
on outgoing requests.
- Applied various improvements to logging.
- Now uses
User-Agent: potber
instead ofUser-Agent: potber
on outgoing requests.
- Attempting to create a thread in a board without the required permissions now properly raises a 403 status code.
- Updated dependencies.
- User accounts that have been locked permanently are no longer allowed to log into potber-api. User accounts that have been locked temporarily are not affected.
- Outgoing http requests now provide the
User-Agent: potber-api
http header.
- 💥 Breaking:
POST '/threads
route now uses a different payload format.
- Fixed some more encoding issues only affecting private messages.
- Bumped Dockerfile node version to 18.
- Fixed a critical bug that would prevent logins.
- Improved how metrics are being handled and added the
http_requests_total
metric.
- Implemented metrics endpoint for prometheus.
- Request/response logging now utilizes both middlewares and interceptors to also log requests that were turned down (e.g. due to CORS).
- Increased the timeout value for outgoing requests to 30 seconds.
- Fixed some exceptions in
/threads/:id
not being documented properly.
- CORS origins are now being logged on startup.
- Updated OpenAPI docs to better document certain fields of
UserResource
.
- Fixed typing of
SessionResource
.
- Added support for
nvm
.
- Fixed an issue that would lead to boolean string to not be cast properly by
TransformBooleanString
.
- When decoding a response, the decoder now attempts to automatically determine the encoding via the
Content-Type
header.
- Fixed an issue where the application would get confused about the session state if the user logs out globally via the forum's logout functionality.
- Fixed an issue where boolean string would not be transformed properly with implicit transformation enabled.
- Author profiles now include information about whether the author's account has been locked.
- Implemented
GET /usernames
endpoint. This endpoint returns filterable lists of usernames. - Implemented
POST /threads
endpoint. - Implemented
POST /privateMessages
endpoint. - Implemented
GET /privateMessages/:id/reply
endpoint. - Implemented
GET /privateMessages/:id/forward
endpoint.
- Implemented
PUT /privateMessages/:id/markAsUnread
endpoint. - Implemented
PUT /privateMessages/:id/moveToFolder
endpoint. - Implemented
DELETE /privateMessages/:id
endpoint. - Implemented
POST /posts/:id/report
endpoint.
- Performance improvements: Session validation no longer triggers redundant requests. Instead, the content of the JWT is no longer being validated (only the JWT itself is being validated) and additional validation is left to
forum.mods.de
.
- Added missing error documentation to
/privateMessages/
endpoints.
- HTML is now properly parsed when returning private message contents.
- The page no longer breaks when it conains a post by a deleted user (due to that post not having an avatar).
- 💥 Breaking: Quoting a post now works via the
/posts/:id/quote
endpoint. Thequote
query parameter on the/posts/:id
has been removed. - Private messages may now include the sender's avatar URL.
- Various fixes and improvements to private messages.
- User profiles now include information about the user account's age.
- Improved documentation in SwaggerUI endpoint.
- Passwords may now be up to 100 characters long.
- Attempting to open a private message that is not within your mailbox will now return 404 instead of 500.
- Umlauts in user profiles' ranks are now being parsed properly.
- Node version pinned to 16.
- Thread titles and subtitles that include HTML entities will now be parsed properly.
- Added /privateMessages annd /privateMessages/:id GET routes.
- Added /users/:id route.
- Added /healthz route for kubernetes.
- The API now outputs all avatar URLs as absolute URLs.
- The application was moved to a kubernetes environment. By that, the application gained several beneficial features like high availability or rolling updates.
- Deployment is now handled via Flux GitOps pipelines. Prior environments have been replaced with a staging and a production environment. Deployment to staging is triggerd via commits to master. Deployment to production is triggered via releasing semantic versioning tags.
- Session now includes active avatar URL.
- More fixes and improvements regarding encoding/decoding. Deprecated functions escape() and unescape() are no longer being used.
- Fixed an issue with the 'updateBoolean' query parameter not working properly on /thread/:id.
- Some fixes and improvements regarding encoding/decoding. Users with certain special characters should now be able to log in.