0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-30 20:33:54 -05:00

release: version packages (#4451)

This commit is contained in:
silverhand-bot 2023-09-18 18:47:19 +08:00 committed by GitHub
parent 310698b0d2
commit e69f941e38
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
38 changed files with 499 additions and 195 deletions

View file

@ -1,47 +0,0 @@
---
"@logto/schemas": minor
"@logto/console": minor
"@logto/core": minor
"@logto/phrases": minor
"@logto/phrases-experience": minor
"@logto/core-kit": minor
"@logto/experience": minor
---
feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.

View file

@ -1,31 +0,0 @@
---
"@logto/cli": patch
---
keep original untranslated mark when syncing keys
When executing `pnpm cli translate sk --target all`:
- use JSDoc comment to stick with the standard approach
- if the value was originally untranslated, keep the mark
For example:
**Original**
```ts
{
"hello": "Hello", // UNTRANSLATED
"world": "世界",
}
```
**Now**
```ts
{
/** UNTRANSLATED */
"hello": "Hello",
"world": "世界",
}
```

View file

@ -1,11 +0,0 @@
---
"@logto/phrases-experience": patch
"@logto/integration-tests": patch
"@logto/console": patch
"@logto/schemas": patch
"@logto/core": patch
"@logto/cli": patch
"@logto/experience": patch
---
rename the package `phrases-ui` to `phrases-experience`

View file

@ -1,6 +0,0 @@
---
"@logto/schemas": minor
"@logto/core": minor
---
Support region option for s3 storage

View file

@ -1,5 +0,0 @@
---
"@logto/console": patch
---
fix the app crash when inputting verification code in Console profile page

View file

@ -1,11 +0,0 @@
---
"@logto/phrases-experience": patch
"@logto/integration-tests": patch
"@logto/experience": patch
"@logto/console": patch
"@logto/schemas": patch
"@logto/core": patch
"@logto/cli": patch
---
rename the package `ui` to `experience`

View file

@ -1,6 +0,0 @@
---
"@logto/shared": patch
"@logto/cli": patch
---
align cli output for a better looking

View file

@ -1,9 +0,0 @@
---
"@logto/schemas": minor
---
Add `type` field to `roles` schema.
`type` can be either 'User' or 'MachineToMachine' in our case, this change distinguish between the two types of roles.
Roles with type 'MachineToMachine' are not allowed to be assigned to users and 'User' roles can not be assigned to machine-to-machine apps.
It's worth noting that we do not differentiate by `scope` (or `permission` in Admin Console), so a scope can be assigned to both the 'User' role and the 'MachineToMachine' role simultaneously.

View file

@ -1,5 +1,52 @@
# Change Log
## 1.9.0
### Patch Changes
- daf9674b6: keep original untranslated mark when syncing keys
When executing `pnpm cli translate sk --target all`:
- use JSDoc comment to stick with the standard approach
- if the value was originally untranslated, keep the mark
For example:
**Original**
```ts
{
"hello": "Hello", // UNTRANSLATED
"world": "世界",
}
```
**Now**
```ts
{
/** UNTRANSLATED */
"hello": "Hello",
"world": "世界",
}
```
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
- 310698b0d: align cli output for a better looking
- Updated dependencies [e8b0b1d02]
- Updated dependencies [f8408fa77]
- Updated dependencies [17fd64e64]
- Updated dependencies [f6723d5e2]
- Updated dependencies [310698b0d]
- Updated dependencies [5d78c7271]
- @logto/schemas@1.9.0
- @logto/phrases@1.5.0
- @logto/phrases-experience@1.3.0
- @logto/core-kit@2.1.0
- @logto/shared@2.0.1
## 1.8.0
### Minor Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/cli",
"version": "1.8.0",
"version": "1.9.0",
"description": "Logto CLI.",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -44,12 +44,12 @@
},
"dependencies": {
"@logto/connector-kit": "workspace:^1.1.1",
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/language-kit": "workspace:^1.0.0",
"@logto/phrases": "workspace:^1.4.1",
"@logto/phrases-experience": "workspace:^1.2.0",
"@logto/schemas": "workspace:1.8.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/phrases": "workspace:^1.5.0",
"@logto/phrases-experience": "workspace:^1.3.0",
"@logto/schemas": "workspace:1.9.0",
"@logto/shared": "workspace:^2.0.1",
"@silverhand/essentials": "^2.8.4",
"chalk": "^5.0.0",
"decamelize": "^6.0.0",

View file

@ -1,5 +1,53 @@
# Change Log
## 1.7.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- 18e05586c: fix the app crash when inputting verification code in Console profile page
- f6723d5e2: rename the package `ui` to `experience`
## 1.6.0
### Minor Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/console",
"version": "1.6.0",
"version": "1.7.0",
"description": "> TODO: description",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -28,13 +28,13 @@
"@logto/app-insights": "workspace:^1.3.1",
"@logto/cloud": "0.2.5-444ed49",
"@logto/connector-kit": "workspace:^1.1.1",
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/language-kit": "workspace:^1.0.0",
"@logto/phrases": "workspace:^1.4.1",
"@logto/phrases-experience": "workspace:^1.2.0",
"@logto/phrases": "workspace:^1.5.0",
"@logto/phrases-experience": "workspace:^1.3.0",
"@logto/react": "^2.1.0",
"@logto/schemas": "workspace:^1.8.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/schemas": "workspace:^1.9.0",
"@logto/shared": "workspace:^2.0.1",
"@mdx-js/react": "^1.6.22",
"@parcel/compressor-brotli": "2.9.3",
"@parcel/compressor-gzip": "2.9.3",

View file

@ -1,5 +1,70 @@
# Change Log
## 1.9.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
- 17fd64e64: Support region option for s3 storage
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
- Updated dependencies [e8b0b1d02]
- Updated dependencies [daf9674b6]
- Updated dependencies [f8408fa77]
- Updated dependencies [17fd64e64]
- Updated dependencies [18e05586c]
- Updated dependencies [f6723d5e2]
- Updated dependencies [310698b0d]
- Updated dependencies [5d78c7271]
- @logto/schemas@1.9.0
- @logto/console@1.7.0
- @logto/phrases@1.5.0
- @logto/phrases-experience@1.3.0
- @logto/core-kit@2.1.0
- @logto/experience@1.2.0
- @logto/cli@1.9.0
- @logto/shared@2.0.1
## 1.8.0
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/core",
"version": "1.8.0",
"version": "1.9.0",
"description": "The open source identity solution.",
"main": "build/index.js",
"author": "Silverhand Inc. <contact@silverhand.io>",
@ -30,16 +30,16 @@
"@koa/cors": "^4.0.0",
"@logto/affiliate": "^0.1.0",
"@logto/app-insights": "workspace:^1.3.1",
"@logto/cli": "workspace:^1.8.0",
"@logto/cli": "workspace:^1.9.0",
"@logto/connector-kit": "workspace:^1.1.1",
"@logto/console": "workspace:*",
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/demo-app": "workspace:*",
"@logto/language-kit": "workspace:^1.0.0",
"@logto/phrases": "workspace:^1.4.1",
"@logto/phrases-experience": "workspace:^1.2.0",
"@logto/schemas": "workspace:^1.8.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/phrases": "workspace:^1.5.0",
"@logto/phrases-experience": "workspace:^1.3.0",
"@logto/schemas": "workspace:^1.9.0",
"@logto/shared": "workspace:^2.0.1",
"@logto/experience": "workspace:*",
"@silverhand/essentials": "^2.8.4",
"@withtyped/client": "^0.7.22",

View file

@ -1,5 +1,15 @@
# Change Log
## 1.9.0
### Patch Changes
- Updated dependencies [daf9674b6]
- Updated dependencies [f8408fa77]
- Updated dependencies [f6723d5e2]
- Updated dependencies [310698b0d]
- @logto/cli@1.9.0
## 1.8.0
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/create",
"version": "1.8.0",
"version": "1.9.0",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",
"type": "module",
@ -15,6 +15,6 @@
"node": "^18.12.0"
},
"dependencies": {
"@logto/cli": "workspace:^1.8.0"
"@logto/cli": "workspace:^1.9.0"
}
}

View file

@ -1,5 +1,52 @@
# Change Log
## 1.2.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
## 1.1.5
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/experience",
"version": "1.1.5",
"version": "1.2.0",
"license": "MPL-2.0",
"type": "module",
"private": true,
@ -23,11 +23,11 @@
"@jest/types": "^29.5.0",
"@logto/app-insights": "workspace:^1.3.1",
"@logto/connector-kit": "workspace:^1.1.1",
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/language-kit": "workspace:^1.0.0",
"@logto/phrases": "workspace:^1.4.1",
"@logto/phrases-experience": "workspace:^1.2.0",
"@logto/schemas": "workspace:^1.6.0",
"@logto/phrases": "workspace:^1.5.0",
"@logto/phrases-experience": "workspace:^1.3.0",
"@logto/schemas": "workspace:^1.9.0",
"@parcel/compressor-brotli": "2.9.3",
"@parcel/compressor-gzip": "2.9.3",
"@parcel/core": "2.9.3",

View file

@ -1,5 +1,12 @@
# Change Log
## 1.4.1
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
## 1.4.0
### Minor Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/integration-tests",
"version": "1.4.0",
"version": "1.4.1",
"description": "Integration tests for Logto.",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",
@ -26,8 +26,8 @@
"@logto/connector-kit": "workspace:^1.1.0",
"@logto/js": "^2.1.1",
"@logto/node": "^2.1.1",
"@logto/schemas": "workspace:^1.6.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/schemas": "workspace:^1.9.0",
"@logto/shared": "workspace:^2.0.1",
"@silverhand/eslint-config": "4.0.1",
"@silverhand/essentials": "^2.8.4",
"@silverhand/ts-config": "4.0.0",

View file

@ -1,5 +1,54 @@
# Change Log
## 1.3.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
- Updated dependencies [e8b0b1d02]
- @logto/core-kit@2.1.0
## 1.2.0
### Minor Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/phrases-experience",
"version": "1.2.0",
"version": "1.3.0",
"description": "Logto shared phrases (i18n) for experience.",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -33,7 +33,7 @@
"url": "https://github.com/logto-io/logto/issues"
},
"dependencies": {
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/language-kit": "workspace:^1.0.0",
"@silverhand/essentials": "^2.8.4"
},

View file

@ -1,5 +1,47 @@
# Change Log
## 1.5.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
## 1.4.1
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/phrases",
"version": "1.4.1",
"version": "1.5.0",
"description": "Logto shared phrases (i18n).",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",

View file

@ -1,5 +1,67 @@
# Change Log
## 1.9.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
- 17fd64e64: Support region option for s3 storage
- 5d78c7271: Add `type` field to `roles` schema.
`type` can be either 'User' or 'MachineToMachine' in our case, this change distinguish between the two types of roles.
Roles with type 'MachineToMachine' are not allowed to be assigned to users and 'User' roles can not be assigned to machine-to-machine apps.
It's worth noting that we do not differentiate by `scope` (or `permission` in Admin Console), so a scope can be assigned to both the 'User' role and the 'MachineToMachine' role simultaneously.
### Patch Changes
- f8408fa77: rename the package `phrases-ui` to `phrases-experience`
- f6723d5e2: rename the package `ui` to `experience`
- Updated dependencies [e8b0b1d02]
- Updated dependencies [f8408fa77]
- Updated dependencies [f6723d5e2]
- Updated dependencies [310698b0d]
- @logto/phrases@1.5.0
- @logto/phrases-experience@1.3.0
- @logto/core-kit@2.1.0
- @logto/shared@2.0.1
## 1.8.0
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/schemas",
"version": "1.8.0",
"version": "1.9.0",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",
"type": "module",
@ -81,11 +81,11 @@
"prettier": "@silverhand/eslint-config/.prettierrc",
"dependencies": {
"@logto/connector-kit": "workspace:^1.1.1",
"@logto/core-kit": "workspace:^2.0.1",
"@logto/core-kit": "workspace:^2.1.0",
"@logto/language-kit": "workspace:^1.0.0",
"@logto/phrases": "workspace:^1.4.1",
"@logto/phrases-experience": "workspace:^1.2.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/phrases": "workspace:^1.5.0",
"@logto/phrases-experience": "workspace:^1.3.0",
"@logto/shared": "workspace:^2.0.1",
"@withtyped/server": "^0.12.9"
},
"peerDependencies": {

View file

@ -1,5 +1,11 @@
# Change Log
## 2.0.1
### Patch Changes
- 310698b0d: align cli output for a better looking
## 2.0.0
### Major Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/shared",
"version": "2.0.0",
"version": "2.0.1",
"main": "lib/index.js",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",

View file

@ -1,5 +1,52 @@
# Change Log
## 2.1.0
### Minor Changes
- e8b0b1d02: feature: password policy
### Summary
This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:
- Minimum length (default: `8`)
- Minimum character types (default: `1`)
- If the password has been pwned (default: `true`)
- If the password is exactly the same as or made up of the restricted phrases:
- Repetitive or sequential characters (default: `true`)
- User information (default: `true`)
- Custom words (default: `[]`)
If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:
> The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).
Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:
- Minimum length: `8`
- Minimum character types: `2`
- Pwned: `false`
- Repetitive or sequential characters: `false`
- User information: `false`
- Custom words: `[]`
If you want to change the policy, you can do it:
- Logto Console -> Sign-in experience -> Password policy.
- Update `passwordPolicy` property in the sign-in experience via Management API.
### Side effects
- All new users will be affected by the new policy immediately.
- Existing users will not be affected by the new policy until they change their password.
- We removed password restrictions when adding or updating a user via Management API.
### Patch Changes
- Updated dependencies [310698b0d]
- @logto/shared@2.0.1
## 2.0.1
### Patch Changes

View file

@ -1,6 +1,6 @@
{
"name": "@logto/core-kit",
"version": "2.0.1",
"version": "2.1.0",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/toolkit#readme",
"repository": {
@ -44,7 +44,7 @@
},
"dependencies": {
"@logto/language-kit": "workspace:^1.0.0",
"@logto/shared": "workspace:^2.0.0",
"@logto/shared": "workspace:^2.0.1",
"color": "^4.2.3"
},
"optionalDependencies": {

View file

@ -107,22 +107,22 @@ importers:
specifier: workspace:^1.1.1
version: link:../toolkit/connector-kit
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.0.0
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.4.1
specifier: workspace:^1.5.0
version: link:../phrases
'@logto/phrases-experience':
specifier: workspace:^1.2.0
specifier: workspace:^1.3.0
version: link:../phrases-experience
'@logto/schemas':
specifier: workspace:1.8.0
specifier: workspace:1.9.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../shared
'@silverhand/essentials':
specifier: ^2.8.4
@ -2840,25 +2840,25 @@ importers:
specifier: workspace:^1.1.1
version: link:../toolkit/connector-kit
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.0.0
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.4.1
specifier: workspace:^1.5.0
version: link:../phrases
'@logto/phrases-experience':
specifier: workspace:^1.2.0
specifier: workspace:^1.3.0
version: link:../phrases-experience
'@logto/react':
specifier: ^2.1.0
version: 2.1.0(react@18.2.0)
'@logto/schemas':
specifier: workspace:^1.8.0
specifier: workspace:^1.9.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../shared
'@mdx-js/react':
specifier: ^1.6.22
@ -3131,7 +3131,7 @@ importers:
specifier: workspace:^1.3.1
version: link:../app-insights
'@logto/cli':
specifier: workspace:^1.8.0
specifier: workspace:^1.9.0
version: link:../cli
'@logto/connector-kit':
specifier: workspace:^1.1.1
@ -3140,7 +3140,7 @@ importers:
specifier: workspace:*
version: link:../console
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/demo-app':
specifier: workspace:*
@ -3152,16 +3152,16 @@ importers:
specifier: workspace:^1.0.0
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.4.1
specifier: workspace:^1.5.0
version: link:../phrases
'@logto/phrases-experience':
specifier: workspace:^1.2.0
specifier: workspace:^1.3.0
version: link:../phrases-experience
'@logto/schemas':
specifier: workspace:^1.8.0
specifier: workspace:^1.9.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../shared
'@silverhand/essentials':
specifier: ^2.8.4
@ -3378,7 +3378,7 @@ importers:
packages/create:
dependencies:
'@logto/cli':
specifier: workspace:^1.8.0
specifier: workspace:^1.9.0
version: link:../cli
packages/demo-app:
@ -3480,19 +3480,19 @@ importers:
specifier: workspace:^1.1.1
version: link:../toolkit/connector-kit
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.0.0
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.4.1
specifier: workspace:^1.5.0
version: link:../phrases
'@logto/phrases-experience':
specifier: workspace:^1.2.0
specifier: workspace:^1.3.0
version: link:../phrases-experience
'@logto/schemas':
specifier: workspace:^1.6.0
specifier: workspace:^1.9.0
version: link:../schemas
'@parcel/compressor-brotli':
specifier: 2.9.3
@ -3693,10 +3693,10 @@ importers:
specifier: ^2.1.1
version: 2.1.1
'@logto/schemas':
specifier: workspace:^1.6.0
specifier: workspace:^1.9.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../shared
'@silverhand/eslint-config':
specifier: 4.0.1
@ -3787,7 +3787,7 @@ importers:
packages/phrases-experience:
dependencies:
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.0.0
@ -3827,19 +3827,19 @@ importers:
specifier: workspace:^1.1.1
version: link:../toolkit/connector-kit
'@logto/core-kit':
specifier: workspace:^2.0.1
specifier: workspace:^2.1.0
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.0.0
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.4.1
specifier: workspace:^1.5.0
version: link:../phrases
'@logto/phrases-experience':
specifier: workspace:^1.2.0
specifier: workspace:^1.3.0
version: link:../phrases-experience
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../shared
'@withtyped/server':
specifier: ^0.12.9
@ -4011,7 +4011,7 @@ importers:
specifier: workspace:^1.0.0
version: link:../language-kit
'@logto/shared':
specifier: workspace:^2.0.0
specifier: workspace:^2.0.1
version: link:../../shared
color:
specifier: ^4.2.3