build(deps-dev): bump parse-server from 2.8.4 to 7.0.0

[dependabot[bot]]

Bumps parse-server from 2.8.4 to 7.0.0.

Release notes

Sourced from parse-server's releases.

7.0.0

7.0.0 (2024-03-19)

Bug Fixes

• CacheAdapter does not connect when using a CacheAdapter with a JSON config (#8633) (720d24e)
• Conditional email verification not working in some cases if verifyUserEmails, preventLoginWithUnverifiedEmail set to functions (#8838) (8e7a6b1)
• Context not passed to Cloud Code Trigger beforeFind when using Parse.Query.include (#8765) (7d32d89)
• Deny request if master key is not set in Parse Server option masterKeyIps regardless of ACL and CLP (#8957) (a7b5b38)
• Docker image not published to Docker Hub on new release (#8905) (a2ac8d1)
• Docker version releases by removing arm/v6 and arm/v7 support (#8976) (1f62dd0)
• GraphQL file upload fails in case of use of pointer or relation (#8721) (1aba638)
• Improve PostgreSQL injection detection; fixes security vulnerability GHSA-6927-3vr9-fxf2 which affects Parse Server deployments using a Postgres database (#8961) (cbefe77)
• Incomplete user object in verifyEmail function if both username and email are changed (#8889) (1eb95ae)
• Parse Server option emailVerifyTokenReuseIfValid: true generates new token on every email verification request (#8885) (0023ce4)
• Parse Server option fileExtensions default value rejects file extensions that are less than 3 or more than 4 characters long (#8699) (2760381)
• Parse Server option fileUpload.fileExtensions fails to determine file extension if filename contains multiple dots (#8754) (3d6d50e)
• Security bump @​babel/traverse from 7.20.5 to 7.23.2 (#8777) (2d6b3d1)
• Security upgrade graphql from 16.6.0 to 16.8.1 (#8758) (71dfd8a)
• Server crashes on invalid Cloud Function or Cloud Job name; fixes security vulnerability GHSA-6hh7-46r2-vf29 (#9024) (9f6e342)
• Server crashes when receiving an array of Parse.Pointer in the request body (#8784) (66e3603)
• Username is undefined in email verification link on email change (#8887) (e315c13)

Features

• Add $setOnInsert operator to Parse.Server.database.update (#8791) (f630a45)
• Add installationId to arguments for verifyUserEmails, preventLoginWithUnverifiedEmail (#8836) (a22dbe1)
• Add installationId, ip, resendRequest to arguments passed to verifyUserEmails on verification email request (#8873) (8adcbee)
• Add Parse.User as function parameter to Parse Server options verifyUserEmails, preventLoginWithUnverifiedEmail on login (#8850) (972f630)
• Add compatibility for MongoDB Atlas Serverless and AWS Amazon DocumentDB with collation options enableCollationCaseComparison, transformEmailToLowercase, transformUsernameToLowercase (#8805) (09fbeeb)
• Add context to Cloud Code Triggers beforeLogin and afterLogin (#8724) (a9c34ef)
• Add password validation via POST request for user with unverified email using master key and option ignoreEmailVerification (#8895) (633a9d2)
• Add support for MongoDB 7 (#8761) (3de8494)
• Add support for MongoDB query comment (#8928) (2170962)
• Add support for Node 20, drop support for Node 14, 16 (#8907) (ced4872)
• Add support for Postgres 16 (#8898) (99489b2)
• Allow Parse.Session.current on expired session token instead of throwing error (#8722) (f9dde4a)
• Allow setting createdAt and updatedAt during Parse.Object creation with maintenance key (#8696) (77bbfb3)
• Deprecation DEPPS5: Config option allowClientClassCreation defaults to false (#8849) (29624e0)
• Deprecation DEPPS6: Authentication adapters disabled by default (#8858) (0cf58eb)
• Deprecation DEPPS7: Remove deprecated Cloud Code file trigger syntax (#8855) (4e6a375)
• Deprecation DEPPS8: Parse Server option allowExpiredAuthDataToken defaults to false (#8860) (e29845f)
• Deprecation DEPPS9: LiveQuery fields option is renamed to keys (#8852) (38983e8)
• Node process exits with error code 1 on uncaught exception to allow custom uncaught exception handling (#8894) (70c280c)
• Switch GraphQL server from Yoga v2 to Apollo v4 (#8959) (105ae7c)
• Upgrade Parse Server Push Adapter to 5.0.2 (#8813) (6ef1986)
• Upgrade to Parse JS SDK 5 (#9022) (ad4aa83)

Performance Improvements

... (truncated)

Commits

• c83de8c chore(release): 7.0.0 [skip ci]
• 4c74b2b build: Release (#9034)
• 60cf2dd empty
• 0d5acf3 chore(release): 7.0.0-beta.1 [skip ci]
• 5c2c120 build: Release beta (#9033)
• 63d4880 empty
• 09310a7 chore(release): 7.0.0-alpha.29 [skip ci]
• 9f6e342 fix: Server crashes on invalid Cloud Function or Cloud Job name; fixes securi...
• 901aaf8 chore(release): 7.0.0-alpha.28 [skip ci]
• ad4aa83 feat: Upgrade to Parse JS SDK 5 (#9022)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by parseadmin, a new releaser for parse-server since your current version.

Most Recent Ignore Conditions Applied to This Pull Request

| Dependency Name | Ignore Conditions | | --- | --- | | parse-server | [>= 4.a, < 5] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #527.