All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
7.12.1 - 2022-05-11
- Unable to deploy without branding settings feature #532
7.12.0 - 2022-05-10
- Prompts support (both prompts settings and custom text for prompts) #530
- Custom domains support #527
7.11.1 - 2022-05-04
- Deployment of newly-created actions always failing due to "A draft must be in the 'built' state" error #524
- Undefined
updateRuleAuth0 SDK alias replaced with operationalrules.update#526
7.11.0 - 2022-04-28
- Intelligent scope detection, will skip resources when insufficient scope provided to designated application #517
- Inconsistencies between resource handlers with respect to empty, null and undefined values #512
7.10.0 - 2022-04-26
- Branding support for directory format #505
- More comprehensive support for deletions through
AUTH0_ALLOW_DELETE#509
7.9.0 - 2022-04-19
- Log streams support #495
##String keyword replacements now work when nested inside@@array replacements #504
7.8.0 - 2022-04-14
- Type declarations for more seamless integration into Typescript projects when used as a module #485
- Updated Winston from 2.3.x to 3.3.0 which applies fix for theoretical prototype pollution vulnerability #497
7.7.1 - 2022-04-07
- Deprecation warnings for now deprecated asset-specific exclusion configuration properties:
AUTH0_EXCLUDED_RULES,AUTH0_EXCLUDED_CLIENTS,AUTH0_EXCLUDED_DATABASES,AUTH0_EXCLUDED_CONNECTIONS,AUTH0_EXCLUDED_RESOURCE_SERVERS,AUTH0_EXCLUDED_DEFAULTS. See Resource Exclusion Proposal for details. #481
- Rules configs failing to update after regression prevented asset-specific overrides of Node Auth0 SDK methods #482
- Attack protection not replacing keywords #478
7.7.0 - 2022-04-06
- Exclusion of entire resource types via the
AUTH0_EXCLUDEDconfiguration parameter. See Resource Exclusion Proposal for details. #468
idle_session_lifetimeandsession_lifetimevalues properly ignored on update if inheriting default tenant values.#471
7.6.0 - 2022-03-25
- New branding template feature support #438
- Colliding
eparameter alias betweenexport_idsandenv#453
7.5.2 - 2022-03-15
- Resetting this version to be latest on NPM
7.5.1 - 2022-03-11
- Updating dead link in logging output #436
- Fixing
--envflag to properly dictate environment variable inheritance #432
7.5.0 - 2022-03-08
- Support for attack protection configuration management #428
- Excluded connection properties from getting deleted upon update #430
- Organizations in YAML format are skipped when not defined #388
7.4.0 - 2022-02-24
- Allowing @@ array variable replacement to work when wrapped in quotes #421
- Eliminated benign
client_metadatawarnings on import #416 - Fixing request abstraction from losing function scope, enabling Auth0 Node SDK updates #412
- Updating Auth0 Node SDK to 2.40.0 which fixes minor dependency vulnerability
7.3.7 - 2022-02-03
- Expose errors that may be silently missed in Actions #408
7.3.6 - 2022-02-02
- Fix errors caused by incompatibilities introduced by new versions of Auth0 SDK #406
7.3.5 - 2022-01-27
- Fix an error with the function context #403
7.3.4 - 2022-01-26
- Fix pagination #401
7.3.3 - 2022-01-26
- Fix pagination #400
- Security fixes from dependencies
7.3.2 - 2021-12-14
- Fixes dependency security issues
7.3.1 - 2021-09-21
- Error when authenticating with AUTH0_CLIENT_ID and AUTH0_CLIENT_SECRET with Node.js prior to v14
7.3.0 - 2021-09-20
- Allow set of AUTH0_AUDIENCE for custom domain #379 (credit @AliBazzi)
- Load file configured in customScripts for DB Connections #367 (credit @skukx)
- Security fixes from dependencies
7.2.1 - 2021-08-23
-
[IDS-3074] Updated structure when dumping orgs (#369)
Fixes an issue when exporting organizations as a directory, connections are not structured in the right way, causing the import to remove any connection on the organizations.
-
[DXEX-1721] Fix client metadata property deletion
Fixes an inconsistency between how we calculate changes on deep metadata-like objects and with how APIv2 expects such changes to be expressed when a property is deleted.
-
Bump js-yaml from 3.x to 4.x and move to kacl (#371)
This PR bumps js-yaml from 3.x to 4.x in accordance with its migration guide. This bump means that we're able to use the default safe behaviour for both exports and imports.
Notably, this means that we won't end up with values like !tag:yaml.org,2002:js/undefined '' that are not at all human friendly and were problematic when we used the .safeLoad functionality.
7.2.0 - 2021-07-14
- Add runtime property for actions #364
7.1.1 - 2021-06-23
- Export tools module
- Fix exception when actions is undefined #361
- yargs should not be called when required as a module
7.1.0 - 2021-06-23
- Actions refactoring and fixes #356
- Bump [email protected]
7.0.0 - 2021-06-11
- MFA-1174 Support Recovery Codes
- Support for organizations
- Prompt link to Auth0 Docs upon insufficient scope
- Removed dependency on
auth0-source-control-extension-tools, the package is not part ofauth0-deploy-cli - Removed dependency on
auth-extension-tools
- Dropped Node.js 8 support
- Upstream node registry
- Security fixes from dependencies
6.0.0 - 2020-12-28
- This release has been withdrawn
5.5.7 - 2021-05-19
- Add Support Recovery Codes by bumping [email protected]
5.5.6 - 2021-04-21
- Fix EXCLUDE_PROPS behaviour for connections and databases.
5.5.5 - 2021-03-26
- Broken dependencies on 4.5.x range of source-countrol-extension-tools because of organizations.
5.5.4 - 2021-03-12
- Remove limit on permissions in roles
5.5.3 - 2021-03-10
- Add webauthn platform as a supported factor
5.5.2 - 2021-03-10
- Fix pagination when computing changes
5.5.1 - 2021-03-03
- Fix issues with retrieving more than 50 roles
5.5.0 - 2021-01-28
- Add support for
verify_email_by_codeemail template #309
5.3.2 - 2020-12-17
- Fix keyword mapping in client page templates [ESD-10528] #291
5.3.1 - 2020-11-16
- Fix report error exporting hooks by bumping [email protected] #289
- Add MFA factor webauthn-roaming support by bumping [email protected] #289
5.3.0 - 2020-11-05
- Return database
enabled_clientsin deterministic order #281
- Fix the structure of the example policies.json, and correct the guardianPolicies test to use
all-applicationsinstead ofall-application#278 - Fix pagination for specific API calls by bumping [email protected] #287
5.2.1 - 2020-09-23
- Issue with client grants deleted when using AUTH0_EXCLUDED_CLIENTS
5.2.0 - 2020-09-17
- Always sort custom database scripts alphabetically
5.1.6 - 2020-09-15
- Add new line support to JSON files generated in directory dumps
- Move write file method to common util
- Update
auth0-source-control-extension-tools
5.1.5 - 2020-08-13
- The --proxy_url option should work properly now. (Although only on Node >= 10).
5.1.4 - 2020-08-12
- Connections disabled when the client is added AUTH0_EXCLUDED_CLIENTS list.
5.1.3 - 2020-08-04
- Many entities were not being fetched via the Paging API properly.
5.1.3 - 2020-08-04
- Many entities were not being fetched via the Paging API properly.
5.1.0 - 2020-07-09
- Add support for three guardian/MFA-related features:
- Guardian Policies
- Guardian Phone factor selected provider
- Guardian Phone factor message types
- Adds support for Migrations
5.0.0 - 2020-06-04
- Allow excluding default values for emailProvider with
AUTH0_EXCLUDED_DEFAULTS#236
- [Breaking] Updated dependencies and deprecated support for Node versions earlier than 8 via babel@7 and dot-prop@5 #242
- pages: fix error when dumping error_page without html property #247
4.3.1 - 2020-05-20
- Fixed broken mkdirp package dependency
4.3.0 - 2020-05-18
-
Removed several unused dependencies:
- ajv
- e6-template-strings
- node-storage
- readline
- xregexp
4.2.2 - 2020-05-04
- Support for phone message hook added.
- Configurable connections directory with
AUTH0_CONNECTIONS_DIRECTORY.
- Remove data from verify email example to prevent copy and paste misuse.
4.2.1 - 2020-04-06
- Fixed rules' reorder to avoid order collisions by updating
auth0-source-control-extension-tools
4.2.0 - 2020-03-28
- When importing SAML database connections, support client name in the
options.idpinitiated.client_idproperty. - When exporting SAML database connections, convert client ID to client name.
4.1.0 - 2020-03-28
- When exporting a mailgun email provider, a placholder api key will be included in the export..
4.0.3 - 2020-03-18
- Programmatic usage will not complain about args. #215
4.0.2 - 2020-02-28
- Included Deploy CLI version number in User-Agent header.
- If no command line arguments are passed, the usage statement will be printed.
4.0.1 - 2020-02-05
- Update
auth0-source-control-extension-tools
- Fixed import and export errors when roles and hooks are not available
4.0.0 - 2020-01-29
- Add support for Hooks and Hook Secrets
- Update
auth0,auth0-extension-tools,auth0-source-control-extension-tools, andjs-yaml
3.6.7 - 2020-01-08
- Fixed a crash when no roles are present in a tenant during an export
3.6.5 - 2019-12-19
- Add readonly flag
remove_stale_idp_attributes
3.6.4 - 2019-12-04
- Update
https-proxy-agentandjs-yaml
3.6.3 - 2019-11-04
- Add
AUTH0_API_MAX_RETRIESsupport
3.6.2 - 2019-10-18
- Fix mapping for passwordless email connection template
3.6.1 - 2019-09-27
- Removed
--verboseoption
3.6.0 - 2019-08-26
- Update
auth0-extension-tools
- Clear empty descriptions on roles
3.5.0 - 2019-08-14
- Ability to exclude connections and databases (AUTH0_EXCLUDED_CONNECTIONS & AUTH0_EXCLUDED_DATABASES)
- Excludes for yaml import
3.4.0 - 2019-07-15
- Load email template for passwordless email connection from external html file #124
- Load custom_login_page template for client from external html file #138
3.3.2 - 2019-07-11
- pin minor version of source-control-tools@~3.4.1
3.3.1 - 2019-06-13
allowed_clients,allowed_logout_urls,allowed_originsandcallbacksproperties of theclientcan no longer be exported asnull
3.3.0 - 2019-04-22
- Support for roles and permissions export and import
3.2.0 - 2019-04-12
- Secrets (
rules configsand databasesoptions.configuration) can no longer be exported
3.1.3 - 2019-04-03
- Clearing empty tenant flags on
import
3.1.2 - 2019-03-22
3.1.1 - 2019-03-15
- Exit status code on error #107
3.1.0 - 2019-03-14
AUTH0_EXCLUDED_CLIENTSoption has been added to the config. Works similar toAUTH0_EXCLUDED_RULESandAUTH0_EXCLUDED_RESOURCE_SERVERS. #102
3.0.2 - 2019-03-12
- Remove empty
flagsproperty from tenant settings #104
3.0.1 - 2019-03-04
- fix readonly
flags.enable_sso
3.0.0 - 2019-03-04
- Options added to the config:
INCLUDED_PROPS- enables export of properties that are excluded by default (e.g.client_secret)EXCLUDED_PROPS- provides ability to exclude any unwanted properties from exported objects
--stripoption has been removed fromexportcommand. Now IDs will be stripped by default.AUTH0_EXPORT_IDENTIFIERS: trueor--export_idscan be used to override.
2.3.3 - 2019-03-04
- backport readonly
flags.enable_sso
2.3.2 - 2019-03-02
- set
enable_ssoandsandbox_versionas readonly properties - alias
export = dumpandimport = deployfor programmatic usage
2.3.1 - 2019-02-27
- convert non-integer
session_lifetimeto minutes #95 - update
auth0-source-control-extension-tools- Fix email provider export
- Process empty arrays of databases
2.3.0 - 2019-02-21
- Empty arrays in the
tenant.yaml(clients: []) will now lead to deleting all relevant records from the tenant. #89 - Update environment variable explanation in READMEs. #90
- Sanitize file and folder names. #92
2.2.5 - 2019-02-04
- Fix for using the wrong proxy reference. #80
2.2.4 - 2019-01-17
- Added 'name' prop to pages examples #76
- Fix various schema validation issues. auth0-extensions/auth0-source-control-extension-tools PRs #52 thru #57
- Update package dependency which contains security vulnerabilities.