Bump parse-server from 2.8.2 to 4.1.0

Bumps parse-server from 2.8.2 to 4.1.0.

Release notes

*Sourced from [parse-server's releases](https://github.com/parse-community/parse-server/releases).* > ### 4.1.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.2...4.1.0) > _SECURITY RELEASE_: see [advisory](https://github.com/parse-community/parse-server/security/advisories/GHSA-h4mf-75hf-67w4) for details > - SECURITY FIX: Patch Regex vulnerabilities. See [3a3a5ee](https://github.com/parse-community/parse-server/commit/3a3a5eee5ffa48da1352423312cb767de14de269). Special thanks to [W0lfw00d](https://github.com/W0lfw00d) for identifying and [responsibly reporting](https://github.com/parse-community/parse-server/blob/master/SECURITY.md) the vulnerability. Thanks to [Antonio Davi Macedo Coelho de Castro](https://github.com/davimacedo) for the speedy fix. > > ### 4.0.2 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.1...4.0.2) > __BREAKING CHANGES:__ > 1. Remove Support for Mongo 3.2 & 3.4. The new minimum supported version is Mongo 3.6. > 2. Change username and email validation to be case insensitive. This change should be transparent in most use cases. The validation behavior should now behave 'as expected'. See [#6414](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6414) for details. > > FIX: attempt to get travis to deploy to npmjs again. See [#6475](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6457). Thanks to [Arthur Cinader](https://github.com/acinader). > > ### 4.0.1 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.0...4.0.1) > - FIX: correct 'new' travis config to properly deploy. See [#6452](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6452). Thanks to [Arthur Cinader](https://github.com/acinader). > - FIX: Better message on not allowed to protect default fields. See [#6439](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6439).Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > > ### 4.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/3.10.0...4.0.0) > - NEW: add hint option to Parse.Query [#6322](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6322). Thanks to [Steve Stencil](https://github.com/stevestencil) > - FIX: CLP objectId size validation fix [#6332](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6332). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Add volumes to Docker command [#6356](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6356). Thanks to [Kasra Bigdeli](https://github.com/githubsaturn) > - NEW: GraphQL 3rd Party LoginWith Support [#6371](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6371). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - FIX: GraphQL Geo Queries [#6363](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6363). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: GraphQL Nested File Upload [#6372](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6372). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: Granular CLP pointer permissions [#6352](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6352). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Add missing colon for customPages [#6393](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6393). Thanks to [Jerome De Leon](https://github.com/JeromeDeLeon) > NEW: `afterLogin` cloud code hook [#6387](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6387). Thanks to [David Corona](https://github.com/davesters) > - FIX: __BREAKING CHANGE__ Prevent new usernames or emails that clash with existing users' email or username if it only differs by case. For example, don't allow a new user with the name 'Jane' if we already have a user 'jane'. [#5634](https://github-redirect.dependabot.com/parse-community/parse-server/pull/5634). Thanks to [Arthur Cinader](https://github.com/acinader) > - FIX: Support Travis CI V2. [#6414](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6414). Thanks to [Diamond Lewis](https://github.com/dplewis) > - FIX: Prevent crashing on websocket error. [#6418](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6418). Thanks to [Diamond Lewis](https://github.com/dplewis) > - NEW: Allow protectedFields for Authenticated users and Public. [$6415](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6415). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Correct bug in determining GraphQL pointer errors when mutating. [#6413](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6431). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: Allow true GraphQL Schema Customization. [#6360](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6360). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - __BREAKING CHANGE__: Remove Support for Mongo version < 3.6 [#6445](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6445). Thanks to [Arthur Cinader](https://github.com/acinader) > > ### 4.0.1 > __BREAKING CHANGES:__ > 1. Remove Support for Mongo 3.2 & 3.4. The new minimum supported version is Mongo 3.6. > 2. Change username and email validation to be case insensitive. This change should be transparent in most use cases. The validation behavior should now behave 'as expected'. See [#6414](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6414) for details. > > - FIX: correct 'new' travis config to properly deploy. See [#6452](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6452). Thanks to [Arthur Cinader](https://github.com/acinader). > - FIX: Better message on not allowed to protect default fields. See [#6439](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6439).Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > > ### 4.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/3.10.0...4.0.0) > - NEW: add hint option to Parse.Query [#6322](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6322). Thanks to [Steve Stencil](https://github.com/stevestencil) > - FIX: CLP objectId size validation fix [#6332](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6332). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Add volumes to Docker command [#6356](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6356). Thanks to [Kasra Bigdeli](https://github.com/githubsaturn) > ... (truncated)

Changelog

*Sourced from [parse-server's changelog](https://github.com/parse-community/parse-server/blob/master/CHANGELOG.md).* > ### 4.1.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.2...4.1.0) > _SECURITY RELEASE_: see [advisory](https://github.com/parse-community/parse-server/security/advisories/GHSA-h4mf-75hf-67w4) for details > - SECURITY FIX: Patch Regex vulnerabilities. See [3a3a5ee](https://github.com/parse-community/parse-server/commit/3a3a5eee5ffa48da1352423312cb767de14de269). Special thanks to [W0lfw00d](https://github.com/W0lfw00d) for identifying and [responsibly reporting](https://github.com/parse-community/parse-server/blob/master/SECURITY.md) the vulnerability. Thanks to [Antonio Davi Macedo Coelho de Castro](https://github.com/davimacedo) for the speedy fix. > > ### 4.0.2 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.1...4.0.2) > __BREAKING CHANGES:__ > 1. Remove Support for Mongo 3.2 & 3.4. The new minimum supported version is Mongo 3.6. > 2. Change username and email validation to be case insensitive. This change should be transparent in most use cases. The validation behavior should now behave 'as expected'. See [#6414](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6414) for details. > > FIX: attempt to get travis to deploy to npmjs again. See [#6475](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6457). Thanks to [Arthur Cinader](https://github.com/acinader). > > ### 4.0.1 > [Full Changelog](https://github.com/parse-community/parse-server/compare/4.0.0...4.0.1) > - FIX: correct 'new' travis config to properly deploy. See [#6452](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6452). Thanks to [Arthur Cinader](https://github.com/acinader). > - FIX: Better message on not allowed to protect default fields. See [#6439](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6439).Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > > ### 4.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/3.10.0...4.0.0) > - NEW: add hint option to Parse.Query [#6322](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6322). Thanks to [Steve Stencil](https://github.com/stevestencil) > - FIX: CLP objectId size validation fix [#6332](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6332). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Add volumes to Docker command [#6356](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6356). Thanks to [Kasra Bigdeli](https://github.com/githubsaturn) > - NEW: GraphQL 3rd Party LoginWith Support [#6371](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6371). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - FIX: GraphQL Geo Queries [#6363](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6363). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: GraphQL Nested File Upload [#6372](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6372). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: Granular CLP pointer permissions [#6352](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6352). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Add missing colon for customPages [#6393](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6393). Thanks to [Jerome De Leon](https://github.com/JeromeDeLeon) > NEW: `afterLogin` cloud code hook [#6387](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6387). Thanks to [David Corona](https://github.com/davesters) > - FIX: __BREAKING CHANGE__ Prevent new usernames or emails that clash with existing users' email or username if it only differs by case. For example, don't allow a new user with the name 'Jane' if we already have a user 'jane'. [#5634](https://github-redirect.dependabot.com/parse-community/parse-server/pull/5634). Thanks to [Arthur Cinader](https://github.com/acinader) > - FIX: Support Travis CI V2. [#6414](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6414). Thanks to [Diamond Lewis](https://github.com/dplewis) > - FIX: Prevent crashing on websocket error. [#6418](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6418). Thanks to [Diamond Lewis](https://github.com/dplewis) > - NEW: Allow protectedFields for Authenticated users and Public. [$6415](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6415). Thanks to [Old Grandpa](https://github.com/BufferUnderflower) > - FIX: Correct bug in determining GraphQL pointer errors when mutating. [#6413](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6431). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: Allow true GraphQL Schema Customization. [#6360](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6360). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - __BREAKING CHANGE__: Remove Support for Mongo version < 3.6 [#6445](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6445). Thanks to [Arthur Cinader](https://github.com/acinader) > > ### 3.10.0 > [Full Changelog](https://github.com/parse-community/parse-server/compare/3.9.0...3.10.0) > - FIX: correct and cover ordering queries in GraphQL [#6316](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6316). Thanks to [Antonio Davi Macedo Coelho de Castro](https://github.com/davimacedo) > - NEW: GraphQL support for reset password email [#6301](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6301). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - FIX: Add default limit to GraphQL fetch [#6304](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6304). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - DOCS: use bash syntax highlighting [#6302](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6302). Thanks to [Jerome De Leon](https://github.com/JeromeDeLeon) > - NEW: Add max log file option [#6296](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6296). Thanks to [Diamond Lewis](https://github.com/dplewis) > - NEW: support user supplied objectId [#6101](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6101). Thanks to [Ruhan](https://github.com/rhuanbarretos) > - FIX: Add missing encodeURIComponent on username [#6278](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6278). Thanks to [Christopher Brookes](https://github.com/Klaitos) > - NEW: update PostgresStorageAdapter.js to use async/await [#6275](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6275). Thanks to [Vitaly Tomilov](https://github.com/vitaly-t) > - NEW: Support required fields on output type for GraphQL [#6279](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6279). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - NEW: Support required fields for GraphQL [#6271](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6279). Thanks to [Antoine Cormouls](https://github.com/Moumouls) > - CHANGE: use mongodb 3.3.5 [#6263](https://github-redirect.dependabot.com/parse-community/parse-server/pull/6263). Thanks to [Diamond Lewis](https://github.com/dplewis) > ... (truncated)

Commits

- [`b9742b6`](https://github.com/parse-community/parse-server/commit/b9742b6fb9298c18c30d488dd080c3e962d603eb) Prep 4.1 ([#6462](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6462)) - [`3a3a5ee`](https://github.com/parse-community/parse-server/commit/3a3a5eee5ffa48da1352423312cb767de14de269) Merge pull request from GHSA-h4mf-75hf-67w4 - [`bde8ab6`](https://github.com/parse-community/parse-server/commit/bde8ab6d55e4da556d0e77eb29d4953ca34eeace) Attempt to get Travis to deploy to npmjs ([#6457](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6457)) - [`cfb0327`](https://github.com/parse-community/parse-server/commit/cfb0327c19901d4788d9f3983845c69198dffa8d) Update bcrypt to the latest version 🚀 ([#6456](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6456)) - [`cd06a02`](https://github.com/parse-community/parse-server/commit/cd06a02fe8bf29796b57d0e35f8287243e0f9077) skip cleanup so we don't erase babel and stuff ([#6452](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6452)) - [`2a5c306`](https://github.com/parse-community/parse-server/commit/2a5c306aa8e60f69e41a8a00d68437899526a16d) Update flow-bin to the latest version 🚀 ([#6448](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6448)) - [`c973356`](https://github.com/parse-community/parse-server/commit/c973356a22440b549abff0c97784af721ade6fc6) Update lint-staged to the latest version 🚀 ([#6446](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6446)) - [`6b0efae`](https://github.com/parse-community/parse-server/commit/6b0efaeffd9fc59002ee87562d0a4105d52d02a3) Do not allow to protect default fields ([#6439](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6439)) - [`4291f2b`](https://github.com/parse-community/parse-server/commit/4291f2b22afb9da82c56d7eb4cfa3a2c4ed59dbb) Prepare for 4.0 Release ([#6412](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6412)) - [`5947fc3`](https://github.com/parse-community/parse-server/commit/5947fc33e4f9f48b7c20a3d63f26539384bd1892) Update babel7 to the latest version 🚀 ([#6450](https://github-redirect.dependabot.com/parse-community/parse-server/issues/6450)) - Additional commits viewable in [compare view](https://github.com/parse-community/parse-server/compare/2.8.2...4.1.0)

Maintainer changes

This version was pushed to npm by [acinader](https://www.npmjs.com/~acinader), a new releaser for parse-server since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aforemny/bullet-journal/network/alerts).

aforemny / bullet-journal

Bump parse-server from 2.8.2 to 4.1.0 #6