0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-23 20:33:16 -05:00
logto/packages/toolkit/core-kit/CHANGELOG.md
2024-05-31 23:48:43 +08:00

14 KiB

Change Log

2.5.0

Minor Changes

  • 0c70d65c7: define new sso_identities user claim to the userinfo endpoint response

    • Define a new sso_identities user claim that will be used to store the user's SSO identities. The claim will be an array of objects with the following properties:
      • details: detailed user info returned from the SSO provider.
      • issuer: the issuer of the SSO provider.
      • identityId: the user id of the user in the SSO provider.
    • The new claims will share the same scope as the social identities claim.
    • When the user identities scope is requested, the new sso_identities claim will be returned along with the identities claim in the userinfo endpoint response.

2.4.0

Minor Changes

  • abffb9f95: full oidc standard claims support

    We have added support for the remaining OpenID Connect standard claims. Now, these claims are accessible in both ID tokens and the response from the /me endpoint.

    Additionally, we adhere to the standard scopes - claims mapping. This means that you can retrieve most of the profile claims using the profile scope, and the address claim can be obtained by using the address scope.

    For all newly introduced claims, we store them in the user.profile field.

    ![Note] Unlike other database fields (e.g. name), the claims stored in the profile field will fall back to undefined rather than null. We refrain from using ?? null here to reduce the size of ID tokens, since undefined fields will be stripped in tokens.

Patch Changes

  • @logto/shared@3.1.0

2.3.0

Minor Changes

  • 31e60811d: use Node 20 LTS for engine requirement.

    Note: We mark it as minor because Logto is shipping with Docker image and it's not a breaking change for users.

Patch Changes

  • 9089dbf84: upgrade TypeScript to 5.3.3
  • Updated dependencies [acb7fd3fe]
  • Updated dependencies [9089dbf84]
  • Updated dependencies [31e60811d]
    • @logto/shared@3.1.0
    • @logto/language-kit@1.1.0

2.2.1

Patch Changes

  • b4f702a86: userinfo endpoint will return organization_data claim if organization scope is requested

    The claim includes all organizations that the user is a member of with the following structure:

    {
      "organization_data": [
        {
          "id": "organization_id",
          "name": "organization_name",
          "description": "organization_description"
        }
      ]
    }
    

2.2.0

Minor Changes

  • 2c340d379: support roles scope for ID token to issue roles claim

2.1.2

Patch Changes

  • Updated dependencies [18181f892]
    • @logto/shared@3.0.0

2.1.1

Patch Changes

  • 6f5a0acad: fix a bug that prevents user from customizing i18n translations in Sign-in Experience config

2.1.0

Minor Changes

  • e8b0b1d02: feature: password policy

    Summary

    This feature enables custom password policy for users. Now it is possible to guard with the following rules when a user is creating a new password:

    • Minimum length (default: 8)
    • Minimum character types (default: 1)
    • If the password has been pwned (default: true)
    • If the password is exactly the same as or made up of the restricted phrases:
      • Repetitive or sequential characters (default: true)
      • User information (default: true)
      • Custom words (default: [])

    If you are an existing Logto Cloud user or upgrading from a previous version, to ensure a smooth experience, we'll keep the original policy as much as possible:

    The original password policy requires a minimum length of 8 and at least 2 character types (letters, numbers, and symbols).

    Note in the new policy implementation, it is not possible to combine lower and upper case letters into one character type. So the original password policy will be translated into the following:

    • Minimum length: 8
    • Minimum character types: 2
    • Pwned: false
    • Repetitive or sequential characters: false
    • User information: false
    • Custom words: []

    If you want to change the policy, you can do it:

    • Logto Console -> Sign-in experience -> Password policy.
    • Update passwordPolicy property in the sign-in experience via Management API.

    Side effects

    • All new users will be affected by the new policy immediately.
    • Existing users will not be affected by the new policy until they change their password.
    • We removed password restrictions when adding or updating a user via Management API.

Patch Changes

  • Updated dependencies [310698b0d]
    • @logto/shared@2.0.1

2.0.1

Patch Changes

2.0.0

Major Changes

  • 30033421c: - connector-kit: add DemoConnector type and demo connector ids
    • core-kit: remove nanoid utils, add tenant model utils
    • shared: remove models, add database types and universal export

Patch Changes

1.1.0

Minor Changes

  • 343b1090f: Allow admin tenant admin to create tenants without limitation

1.0.0

Minor Changes

  • 738675a7d: ## Improvements

    • Exported seed constants and schemas.
    • Add ID generation utilities buildIdGenerator() and generateStandardId().

Patch Changes

  • Updated dependencies [738675a7d]
    • @logto/language-kit@1.0.0

1.0.0-beta.30

Minor Changes

  • 738675a7: ## Improvements

    • Exported seed constants and schemas.
    • Add ID generation utilities buildIdGenerator() and generateStandardId().

Patch Changes

  • Updated dependencies [738675a7]
    • @logto/language-kit@1.0.0-beta.30

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

1.0.0-beta.29 (2022-12-07)

Bug Fixes

  • exports info and lock dep version (#45) (2ac83b4)

1.0.0-beta.28 (2022-12-06)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.26 (2022-11-23)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.25 (2022-11-22)

Bug Fixes

1.0.0-beta.24 (2022-11-22)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.21 (2022-11-11)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.20 (2022-10-21)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.19 (2022-10-19)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.18 (2022-10-12)

Bug Fixes

  • export url utilities in index file (#23) (0a7b4c8)

1.0.0-beta.17 (2022-10-12)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.16 (2022-09-28)

Bug Fixes

  • core,language: avoid using path aliases (#15) (22db3ed)

1.0.0-beta.15 (2022-09-27)

Features

  • language,core,connector: init language-kit package (#14) (9a74fc4)

1.0.0-beta.14 (2022-09-23)

Bug Fixes

  • remove unused file utils to avoid importing fs in browser (#11) (e1bda93)

1.0.0-beta.13 (2022-09-19)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.12 (2022-09-17)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.11 (2022-09-16)

Note: Version bump only for package @logto/core-kit

1.0.0-beta.10 (2022-09-16)

Features

1.0.0-beta.9 (2022-09-07)

Features

  • add Portuguese translation (f268ecb)

Bug Fixes

  • console,ui: fix locale guard issue in settings page (e200578)

1.0.0-beta.8 (2022-09-01)

Note: Version bump only for package @logto/shared

1.0.0-beta.6 (2022-08-30)

Note: Version bump only for package @logto/shared

1.0.0-beta.5 (2022-08-19)

Note: Version bump only for package @logto/shared

1.0.0-beta.4 (2022-08-11)

Bug Fixes

1.0.0-beta.3 (2022-08-01)

Features

  • console: add Next.js integration guide in admin console (7d3f947)

1.0.0-beta.1 (2022-07-19)

Note: Version bump only for package @logto/shared

1.0.0-beta.0 (2022-07-14)

Note: Version bump only for package @logto/shared

1.0.0-alpha.3 (2022-07-07)

Note: Version bump only for package @logto/shared

0.1.2-alpha.5 (2022-07-03)

Note: Version bump only for package @logto/shared

0.1.2-alpha.1 (2022-07-02)

Note: Version bump only for package @logto/shared

0.1.1-alpha.0 (2022-07-01)

Features

Bug Fixes