release: version core packages (#3225)

Co-authored-by: Gao Sun <gao@silverhand.io>

.changeset/nine-apes-attend.md

@@ -1,5 +0,0 @@
----
-"@logto/connector-kit": minor
----
-
-`getSession` and `setSession` are actually used as REQUIRED parameters, update interface definition.

.changeset/pre.json

@@ -19,20 +19,27 @@
     "@logto/cloud": "0.1.0"
   },
   "changesets": [
+    "afraid-eagles-retire",
     "big-turkeys-invite",
     "breezy-socks-joke",
     "clever-panthers-lay",
     "curly-apes-tease",
     "curly-hornets-end",
     "cyan-buses-trade",
+    "empty-rockets-march",
+    "fast-toys-share",
     "fifty-balloons-taste",
+    "good-dodos-visit",
     "good-feet-own",
     "green-geese-train",
     "grumpy-clocks-refuse",
     "large-windows-scream",
+    "lemon-cars-wonder",
     "lovely-rivers-sniff",
+    "many-avocados-know",
     "moody-timers-grin",
     "neat-snakes-smash",
+    "pink-maps-yell",
     "plenty-ties-divide",
     "quick-turtles-joke",
     "quiet-shrimps-flow",

.github/workflows/main.yml

@@ -104,7 +104,7 @@ jobs:
       # Fetch the current version by finding the latest tag starts with "v", e.g. "v1.0.0-beta.19"
       - id: version
         working-directory: ./fresh
-        run: echo "current=$(git describe --match "v*" --abbrev=0)" >> $GITHUB_OUTPUT
+        run: echo "current=$(git describe --match "@logto/schemas@*" --abbrev=0)" >> $GITHUB_OUTPUT
 
       - uses: actions/checkout@v3
         with:
@@ -170,7 +170,7 @@ jobs:
 
       - name: Revert fresh database to old
         working-directory: ./fresh
-        run: pnpm cli db alt r ${{ steps.version.outputs.current }}
+        run: pnpm cli db alt r v$(echo ${{ steps.version.outputs.current }} | cut -d@ -f3)
         env:
           DB_URL: postgres://postgres:postgres@localhost:5432/fresh
 

.github/workflows/release.yml

@@ -168,5 +168,6 @@ jobs:
         uses: softprops/action-gh-release@v1
         with:
           token: ${{ secrets.BOT_PAT }}
-          body: <Release notes WIP>
+          body: ''
           files: /tmp/logto.tar.gz
+          append_body: true

packages/cli/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Change Log
 
+## 1.0.0-rc.2
+
+### Patch Changes
+
+- Updated dependencies [c12717412]
+  - @logto/schemas@1.0.0-rc.1
+  - @logto/shared@1.0.0-rc.1
+
 ## 1.0.0-rc.1
 
 ## 1.0.0-rc.0

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/cli",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "description": "Logto CLI.",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/logto#readme",

packages/cloud/CHANGELOG.md

@@ -0,0 +1,9 @@
+# @logto/cloud
+
+## 0.1.1-rc.0
+
+### Patch Changes
+
+- Updated dependencies [c12717412]
+  - @logto/schemas@1.0.0-rc.1
+  - @logto/shared@1.0.0-rc.1

packages/cloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/cloud",
-  "version": "0.1.0",
+  "version": "0.1.1-rc.0",
   "description": "Logto Cloud service.",
   "main": "build/index.js",
   "author": "Silverhand Inc. <contact@silverhand.io>",

packages/console/CHANGELOG.md

@@ -1,5 +1,41 @@
 # Change Log
 
+## 1.0.0-rc.2
+
+### Major Changes
+
+- c12717412: **Decouple users and admins**
+
+  ## 💥 BREAKING CHANGES 💥
+
+  Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.
+
+  From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`).
+
+  - Nothing changed for normal users. No adaption is needed.
+  - For admin users:
+    - The default Admin Console URL has been changed to `http://localhost:3002/console`.
+    - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`.
+    - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`.
+    - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset.
+    - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment.
+    - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
+    - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).
+
+  If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.
+
+  > **Note** DID YOU KNOW
+  >
+  > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.
+
+### Minor Changes
+
+- c12717412: ## Creating your social connector with ease
+
+  We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.
+
+  To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.
+
 ## 1.0.0-rc.1
 
 ## 1.0.0-rc.0

packages/console/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/console",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "description": "> TODO: description",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/logto#readme",

packages/core/CHANGELOG.md

@@ -1,5 +1,70 @@
 # Change Log
 
+## 1.0.0-rc.2
+
+### Major Changes
+
+- c12717412: **Decouple users and admins**
+
+  ## 💥 BREAKING CHANGES 💥
+
+  Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.
+
+  From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`).
+
+  - Nothing changed for normal users. No adaption is needed.
+  - For admin users:
+    - The default Admin Console URL has been changed to `http://localhost:3002/console`.
+    - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`.
+    - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`.
+    - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset.
+    - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment.
+    - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
+    - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).
+
+  If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.
+
+  > **Note** DID YOU KNOW
+  >
+  > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.
+
+### Minor Changes
+
+- c12717412: - mask sensitive password value in audit logs
+- c12717412: ## Creating your social connector with ease
+
+  We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.
+
+  To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.
+
+- c12717412: ## Enable connector method `getUserInfo` read and write access to DB
+
+  Logto connectors are designed to be stateless to the extent possible and practical, but it still has some exceptions at times.
+
+  With the recent addition of database read and write access, connectors can now store persistent information. For example, connectors can now store access tokens and refresh tokens to minimize number of requests to social vendor's APIs.
+
+- c12717412: **Customize CSS for Sign-in Experience**
+
+  We have put a lot of effort into improving the user sign-in experience and have provided a brand color option for the UI. However, we know that fine-tuning UI requirements can be unpredictable. While Logto is still exploring the best options for customization, we want to provide a programmatic method to unblock your development.
+
+  You can now use the Management API `PATCH /api/sign-in-exp` with body `{ "customCss": "arbitrary string" }` to set customized CSS for the sign-in experience. You should see the value of `customCss` attached after `<title>` of the page. If the style has a higher priority, it should be able to override.
+
+  > **Note**
+  >
+  > Since Logto uses CSS Modules, you may see a hash value in the `class` property of DOM elements (e.g. a `<div>` with `vUugRG_container`). To override these, you can use the `$=` CSS selector to match elements that end with a specified value. In this case, it should be `div[class$=container]`.
+
+### Patch Changes
+
+- Updated dependencies [c12717412]
+- Updated dependencies [c12717412]
+- Updated dependencies [c12717412]
+- Updated dependencies [c12717412]
+  - @logto/phrases@1.0.0-rc.1
+  - @logto/phrases-ui@1.0.0-rc.1
+  - @logto/schemas@1.0.0-rc.1
+  - @logto/cli@1.0.0-rc.2
+  - @logto/shared@1.0.0-rc.1
+
 ## 1.0.0-rc.1
 
 ### Patch Changes

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/core",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "description": "The open source identity solution.",
   "main": "build/index.js",
   "author": "Silverhand Inc. <contact@silverhand.io>",

packages/create/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Change Log
 
+## 1.0.0-rc.2
+
+### Patch Changes
+
+- @logto/cli@1.0.0-rc.2
+
 ## 1.0.0-rc.1
 
 ### Patch Changes

packages/create/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/create",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "license": "MPL-2.0",
   "type": "module",

packages/integration-tests/CHANGELOG.md

@@ -1,5 +1,7 @@
 # Change Log
 
+## 1.0.0-rc.2
+
 ## 1.0.0-rc.1
 
 ## 1.0.0-rc.0

packages/integration-tests/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/integration-tests",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "description": "Integration tests for Logto.",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "license": "MPL-2.0",

packages/phrases-ui/CHANGELOG.md

@@ -1,5 +1,25 @@
 # Change Log
 
+## 1.0.0-rc.1
+
+### Minor Changes
+
+- c12717412: ## Creating your social connector with ease
+
+  We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.
+
+  To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.
+
+- c12717412: Added Russian translation.
+- c12717412: ## Smart Identifier Input designed to streamline your sign-in experience
+
+  - Smart Contact Input
+  - Smart Identifier Input
+  - Intelligent Identifier Input Field
+
+  Content:
+  We have integrated the traditional input fields for username, phone number, and email into a single intelligent input box. This advanced input box automatically identifies the type of characters you’re entering, such as an @ sign or consecutive numbers, and provides relevant error feedback. By streamlining the sign-in process, users no longer need to waste time figuring out which button to click to switch their desired login method. This reduces the risk of errors and ensures a smoother sign-in experience.
+
 ## 1.0.0-beta.17
 
 ### Major Changes

packages/phrases-ui/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/phrases-ui",
-  "version": "1.0.0-rc.0",
+  "version": "1.0.0-rc.1",
   "description": "Logto shared phrases (i18n) for main flow.",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/logto#readme",

packages/phrases/CHANGELOG.md

@@ -1,5 +1,15 @@
 # Change Log
 
+## 1.0.0-rc.1
+
+### Minor Changes
+
+- c12717412: ## Creating your social connector with ease
+
+  We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs.
+
+  To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format.
+
 ## 1.0.0-beta.17
 
 ### Major Changes

packages/phrases/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/phrases",
-  "version": "1.0.0-rc.0",
+  "version": "1.0.0-rc.1",
   "description": "Logto shared phrases (i18n).",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/logto#readme",

packages/schemas/CHANGELOG.md

@@ -1,5 +1,41 @@
 # Change Log
 
+## 1.0.0-rc.1
+
+### Major Changes
+
+- c12717412: **Decouple users and admins**
+
+  ## 💥 BREAKING CHANGES 💥
+
+  Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.
+
+  From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`).
+
+  - Nothing changed for normal users. No adaption is needed.
+  - For admin users:
+    - The default Admin Console URL has been changed to `http://localhost:3002/console`.
+    - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`.
+    - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`.
+    - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset.
+    - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment.
+    - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
+    - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).
+
+  If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.
+
+  > **Note** DID YOU KNOW
+  >
+  > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.
+
+### Patch Changes
+
+- Updated dependencies [c12717412]
+- Updated dependencies [c12717412]
+- Updated dependencies [c12717412]
+  - @logto/phrases@1.0.0-rc.1
+  - @logto/phrases-ui@1.0.0-rc.1
+
 ## 1.0.0-rc.0
 
 ### Major Changes

packages/schemas/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/schemas",
-  "version": "1.0.0-rc.0",
+  "version": "1.0.0-rc.1",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "license": "MPL-2.0",
   "type": "module",

packages/shared/CHANGELOG.md

@@ -1,5 +1,12 @@
 # Change Log
 
+## 1.0.0-rc.1
+
+### Patch Changes
+
+- Updated dependencies [c12717412]
+  - @logto/schemas@1.0.0-rc.1
+
 ## 1.0.0-rc.0
 
 ### Patch Changes

packages/shared/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/shared",
-  "version": "1.0.0-rc.0",
+  "version": "1.0.0-rc.1",
   "main": "lib/index.js",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "license": "MPL-2.0",

packages/ui/CHANGELOG.md

@@ -1,5 +1,28 @@
 # Change Log
 
+## 1.0.0-rc.2
+
+### Minor Changes
+
+- c12717412: ## Smart Identifier Input designed to streamline your sign-in experience
+
+  - Smart Contact Input
+  - Smart Identifier Input
+  - Intelligent Identifier Input Field
+
+  Content:
+  We have integrated the traditional input fields for username, phone number, and email into a single intelligent input box. This advanced input box automatically identifies the type of characters you’re entering, such as an @ sign or consecutive numbers, and provides relevant error feedback. By streamlining the sign-in process, users no longer need to waste time figuring out which button to click to switch their desired login method. This reduces the risk of errors and ensures a smoother sign-in experience.
+
+- c12717412: **Customize CSS for Sign-in Experience**
+
+  We have put a lot of effort into improving the user sign-in experience and have provided a brand color option for the UI. However, we know that fine-tuning UI requirements can be unpredictable. While Logto is still exploring the best options for customization, we want to provide a programmatic method to unblock your development.
+
+  You can now use the Management API `PATCH /api/sign-in-exp` with body `{ "customCss": "arbitrary string" }` to set customized CSS for the sign-in experience. You should see the value of `customCss` attached after `<title>` of the page. If the style has a higher priority, it should be able to override.
+
+  > **Note**
+  >
+  > Since Logto uses CSS Modules, you may see a hash value in the `class` property of DOM elements (e.g. a `<div>` with `vUugRG_container`). To override these, you can use the `$=` CSS selector to match elements that end with a specified value. In this case, it should be `div[class$=container]`.
+
 ## 1.0.0-rc.1
 
 ### Patch Changes

packages/ui/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/ui",
-  "version": "1.0.0-rc.1",
+  "version": "1.0.0-rc.2",
   "license": "MPL-2.0",
   "type": "module",
   "private": true,