7.0.1

7.0.1 (2025-10-15)

Bug Fixes

• Returned error for 5xx server response has incorrect format (#2755) (16a34d9)

7.0.1-alpha.1

7.0.1-alpha.1 (2025-10-15)

Bug Fixes

• Returned error for 5xx server response has incorrect format (#2755) (16a34d9)

7.0.0

7.0.0 (2025-10-14)

Caution

We recommend to skip this release as it contains a bug that introduces a breaking change in the format of Parse Server 5xx responses. The issue has been fixed in 7.0.1.

Bug Fixes

• Prototype Pollution vulnerability in SingleInstanceStateController; fixes security vulnerability GHSA-9g8m-v378-pcg3 (#2745) (9e7c1ba)
• HTTP status code 3XX redirection for Parse Server URL not handled properly (#2608) (58e7f58)
• Incorrect type in ParseObject.fetch parameter options (#2726) (dc78419)
• Missing error message when returning an internal server error (#2543) (f91f3f1)
• Prototype pollution in Parse.Object and internal APIs; fixes security vulnerability GHSA-9f2h-7v79-mxw (#2749) (0097398)
• Unhandled exception when calling Parse.Cloud.run with option value null (#2622) (#2623) (2818ed9)

Features

• Add Parse.File upload and download progress in browser and Node environments (#2503) (d3ca465)
• Add Uint8Array support for Parse.File data (#2548) (6f6bb66)
• Add option Parse.nodeLogging to fully log Parse.Object in Node.js environments (#1594) (de9d057)
• Remove Parse.serverAuthType, Parse.serverAuthToken infavor of CoreManager REQUEST_HEADERS config (#2639) (ddc66a1)

Performance Improvements

• Optimize bundle packaging with Vite (#2553) (a4b19e5)

BREAKING CHANGES

• The methods Parse.serverAuthType() and Parse.serverAuthToken() have been removed; use the CoreManager REQUEST_HEADER config to set authorization headers instead. (ddc66a1)

7.0.0-alpha.1

7.0.0-alpha.1 (2025-10-14)

Bug Fixes

• Prototype Pollution vulnerability in SingleInstanceStateController; fixes security vulnerability GHSA-9g8m-v378-pcg3 (#2745) (9e7c1ba)
• HTTP status code 3XX redirection for Parse Server URL not handled properly (#2608) (58e7f58)
• Incorrect type in ParseObject.fetch parameter options (#2726) (dc78419)
• Prototype pollution in Parse.Object and internal APIs; fixes security vulnerability GHSA-9f2h-7v79-mxw (#2749) (0097398)
• Unhandled exception when calling Parse.Cloud.run with option value null (#2622) (#2623) (2818ed9)

Features

• Add Parse.File upload and download progress in browser and Node environments (#2503) (d3ca465)
• Add option Parse.nodeLogging to fully log Parse.Object in Node.js environments (#1594) (de9d057)
• Remove Parse.serverAuthType, Parse.serverAuthToken infavor of CoreManager REQUEST_HEADERS config (#2639) (ddc66a1)

BREAKING CHANGES

• The methods Parse.serverAuthType() and Parse.serverAuthToken() have been removed; use the CoreManager REQUEST_HEADER config to set authorization headers instead. (ddc66a1)

6.2.0-alpha.3

6.2.0-alpha.3 (2025-04-15)

Performance Improvements

• Optimize bundle packaging with Vite (#2553) (a4b19e5)

6.2.0-alpha.2

6.2.0-alpha.2 (2025-04-07)

Bug Fixes

• Missing error message when returning an internal server error (#2543) (f91f3f1)

6.2.0-alpha.1

6.2.0-alpha.1 (2025-04-07)

Features

• Add Uint8Array support for Parse.File data (#2548) (6f6bb66)

6.1.1

6.1.1 (2025-04-04)

Bug Fixes

• Remove unused option sessionToken from Parse.Query.aggregate (#2547) (c7015ba)
• Security upgrade tar-fs from 2.1.1 to 2.1.2 (#2540) (44eeacd)

6.1.0-alpha.5

6.1.0-alpha.5 (2025-04-02)

Bug Fixes

• Remove unused option sessionToken from Parse.Query.aggregate (#2547) (c7015ba)

6.1.0-alpha.4

6.1.0-alpha.4 (2025-03-29)

Bug Fixes

• Security upgrade tar-fs from 2.1.1 to 2.1.2 (#2540) (44eeacd)