Gravity
Search…
Gravity
Welcome to Gravity
Getting Started
Stack
Updates
Changelog
Web Changelog
Native Changelog
Gravity Server
Introduction
Installation
Application Structure
REST API
Authentication
Config
Environment Variables
Database Queries
Handling Errors
Logging
Push Notifications
Email Notifications
User Feedback
Permissions (Roles)
File Uploads
Payments
Free Accounts
CLI Toolbelt
Testing
Gravity Web
Introduction
Tailwind & SCSS
Routing
Events
Authentication
Hooks
Views
Handling Errors
Deployment
Components
Gravity Native
Introduction
Prerequisites
Installation
App Context
Authentication
Magic Links
Handling Errors
Navigation
Config
Events
Views
Components
Push Notifications
Payments
Building Your App
Mission Control
Introduction
Installation
User Management
Feedback
Events
Logs
Powered By GitBook
Web Changelog
Key 🔑 security ➕ new feature 🔧 update 🐞 bug fix

13 Sept 2021 v8.0.4 (Power)

🐞unsigned error in push_token migration (power plan)

8 Sept 2021 v8.0.3

🐞unsigned int bug in account_users migration 🐞unsafe-line typo in server.js

2 Sept 2021 v8.0.2 Beta

🐞master dashboard user tally including master account in total 🐞base64 API key doesn't work 🐞updating profile in /users throws permissions error 🐞inviting multiple emails doesn't reflect invites in UI 🐞knex migration doesn't work on digital ocean due to primary key constraint 🐞export Event not working on Heroku 🐞form labels are only rendered if label prop exists 🐞clicking logo in email doesn't load website 🔧added placeholder prop to search component 🔧updated mongo model for mongoose 6 🔧enabling 2fa requires entering code to confirm 🔧2fa backup code added 🔧updating all delete modals to use destructive prop (also changed from isDestructive) 🔧added utilities for en/decoding base64 🔧suspicious sign-in logic improved for 2 devices ➕create a new master account using the toolbelt ➕new account actions cards ➕utilty.assert to check for negative values and throw error

2 Sept 2021 v8.0.2 Beta

🐞user invite flow doesn't accept multiple emails at once

20 August 2021 v8.0.1 Beta

🐞undefined email when deleting account in mission control 🐞suspicious sign in magic link had email instead of user.id 🐞successful login after a blocked login doesn't enable user account 🐞registering a parent or child using email/password when already registered via social doesn't save the new password 🐞reset password flow breaks when 2fa is enabled

16 August 2021 v8.0 Beta

🔑 PrivateRoute component allowing a user to access a restricted UI route with empty data 🐞form component not updating file list 🐞get method of model generated by toolbelt has conditional id selector 🐞date picker clipped when rendered inside a modal 🐞date picker styling issues 🐞props.onChange called inside input components if non-existent 🐞conditional table badge function can't compare boolean values 🐞padding issue on fieldset with .error class 🐞table removing time from date strings 🐞styling of signout button in mobile nav 🐞reading null card values in accountController.card 🐞magic and social signin views calling API twice when context updates 🐞await missing on user.account.add and user.account.delete (mongo only) 🐞feedback metrics not showing in mission control (mongo only) 🐞account.get not selecting master account (mongo only) 🐞socialController.handleCallback not adding social IDs if email is already registered with a parent account 🐞admin can't close their own account ➕added support for API keys ➕added client side event tracking and analytics in mission control ➕API requests are logged (when using API key) ➕Two-factor authentication 🔧removed unused account var in account.create model 🔧added developer role 🔧custom table actions can be conditionally rendered 🔧form accepts isDestructive prop which sets confirm button to red (instead of green) 🔧message can render child props inside the component 🔧added mask method to utilities to mask strings 🔧checkbox default can have multiple values 🔧improved fieldset layout using grid component 🔧removed legacy /api/account/update endpoint 🔧date component formats a pretty date 🔧refactored authController with new authenticate function to remove duplicate code 🔧user.enable_support changed to user.support_enabled for consistency with 2fa_enabled

5 June 2021 v7.2.1

🐞register a child user via social when email is already a child of another account fails auth 🐞bin/view is checking for non existent env variable to test if Mongo is used

3 June 2021 v7.2

🔑fixed updating user permission updates owner permission 🔧removed division formulas in scss files (unsupported from sass 2.0) 🐞can't update user via mission control 🐞selecting EU region for Mailgun in setup sets base URL to EU 🐞multiple file inputs in a form sharing the one file store

10 May 2021 v7.1.1 Beta

🔑 prevented invite permission from being posted as owner/master in last build 🐞 arrow buttons missing on datepicker 🐞 userController.delete (mongo) 🐞 in accountController.close (mongo) 🐞 added dotenv to knexfile 🐞 user.update bug with postgres 🐞 missioncontrol -> accounts (postgres) 🐞 missioncontrol -> feedback (postgres) 🐞 twitter keys check in socialController 🐞 email not attached to stripe customer 🔧master account moved to own section of integration tests 🔧changed inviteId to invite_id in user signup flow for consistency

30 Apr 2021 v7.1 Beta

🔑 patched potential privilege escalation vulnerability in userController.update ➕ users can be attached to multiple accounts (new account_users table) ➕ user component for switching accounts ➕ child user can close their own account ➕ full view loading available in view context 🔧 loader component accepts fullscreen prop 🔧 knexfile uses environment variables 🔧 signout link moved to main nav 🔧 authController.signup to optimise authentication during signup 🔧 user.last_active is set in new GET /auth endpoint 🔧 moved user permissions into account_users table 🔧 enhanced privilege escalation security defence 🔧 pass input type of null to skip rendering input 🔧 updated missioncontrol /accounts & /users to reflect multi user/accounts 🔧 mission control can delete account via accountController using master token

20 Apr 2021 v7.0 Beta

➕ authenticate with social networks (facebook, twitter) ➕ fontawesome icon pack ➕ static router for server side routes ➕ cryptography support ➕ configured for heroku deployment ➕ invited users listed in account/users table ➕ set the permission level when inviting a user ➕ delete or resend a user invite ➕ preview card details in /account/billing ➕ billing cycle dates in plan UI ➕ list past invoices in billing view ➕ amazon s3 model for uploading files and interacting with buckets ➕ download action added to table ➕ view action in table to load a detail view (example in missioncontrol/logs) ➕ pagination component ➕ log errors and view them in mission control (+ get notified via email) ➕ table can render conditional badge colors ➕ npmrc file to resolve installation issues with legacy-peer-deps in npm7 ➕ signout api endpoint to destory auth tokens 🔧 throttle to search component 🔧 enhanced security in reset password flow 🔧 table can render custom actions for a single row 🔧 improved table row callbacks for edit/delete 🔧 improved user.create to use a single object as params 🔧 authController.signin refactored to handle both email/pass and social 🔧 signup form split in two: 1. user/pass OR social 2. plan/payment 🔧 jwt contains provider (facebook, twitter etc.) 🔧 moved domain section of setup into its own view 🔧 updated social share buttons to use fontawesome brand pack 🔧 user model updated to handle social network ids 🔧 split billing view into smaller components 🔧 plan features moved into /config file to simplify pricing component 🔧 auth check in client auth.js now checks for social token, jwt, and subscription 🔧 moved authentication endpoints into new /api/auth file 🔧 added url prop to button for navigating to external links 🔧 improved jwt security by storing active token in db 🔧 more colors added to icon props 🔧 modal form receives server response in callback 🔧 replaced mailgun-js with raw api call (fixed vuln with package) 🔧 updated packages to latest versions 🔧 optimised fetching subscription status (new account.subscription model) 🐞 rejectUnauthorized issue with new version of Postgres 🐞 ; being appended to mongo schema via toolbelt

8 Mar 2021 v6.5

🔑 vulnerability where free plan can be used via API when free plan isn't configured 🔧 duplicate stripe_customer_id in mongo/account 🔧 encoding mongo passwords in case of special characters 🔧 packages updated to latest versions 🔧 installcheck.js updated to use node 15 🐞 set form loading state immediately on submit to avoid duplicate clicks

23 Jan 2021 v6.4

🔑 updating profile checks if email is already registered ➕ goto prop to button component for external URLs 🔧 magic token utilises user ID instead of email for extra security 🔧 removed duplicate (redundant) permission.json from /src 🔧 Bearer token in /test/user had ':' (cosmetic issue) 🐞 'data already declared' bug with mongo template 🐞 sidebar nav hovering too early in Safari

23 Dec 2020 v6.3

🐞 importing price plans bug in plans.js 🔧 url input component regex allows - symbol

16 Dec 2020 v6.2

➕ support for node 15 🔧 swapped node-sass for sass to support node 15 🔧 reference to user.plan -> user.permission in auth component 🔧 feedback email notification uses support email in env var 🐞 subscription checks for 'trialing' in auth component & billing view

19 Nov 2020 v6.1

➕ magic sign in links ➕ helmet.js for enhanced server security ➕ content security policies ➕ .env support ➕ API rate limiting / brute force protection ➕ rounded button prop ➕ suspicious sign-in attempts flagged to user ➕ high risk sign-in attempts are blocked ➕ dedupeArray utility ➕ help view with contact form ➕ password complexity rules added to password component ➕ validate utility for improved server-side validation ➕ server servers static build by default in production ➕ dummy password_confirm field on signup to defend against bot signups ➕ support for react 17 ➕ user can toggle impersonation on their account in /help 🔧 assign routes & features.js to array before export (React 17 breaking change) 🔧 useAPI hook imported with require in auth component (React 17 breaking change) 🔧 removed react-moment dependency - now using toISOString in table 🔧 increased email char length in migration scripts to 512 🔧 restricted db inserts on account & user tables to prevent id change attacks 🔧 form submit button is optional based on buttonText prop 🔧 renamed master to mission control in client 🔧 mongo connection string uses srv 🔧 submitOnChange prop added to form 🔧 upgrade mysql driver to mysql2 🔧 support_email added to config 🔧 user can access /api/account/subscription 🔧 loader styling in onboarding 🐞 fieldset.js calling props.onChange twice when using radio 🐞 missing key on feedback buttons 🐞 fixed credit card not saving

18 Sep 2020 v6.0

➕ user impersonation ➕ user feedback widget + reports added to master dashboard ➕ create a react component from the toolbelt ➕ upload files with drag & drop form component ➕ datepicker component added to form ➕ onboarding component ➕ checklist styling options ➕ button type: icon with text ➕ contact form component ➕ toast notification ➕ centered pop animation ➕ add custom actions to table 🔧 removed body from useAPI (unused) 🔧 removed close account via master in unit tests 🐞 auth bug from v5 🐞 issue with drop table in migration template 🐞 bug when clicking sort on table actions column

3 Aug 2020 v5.1

➕ dynamic email generation with JSON ➕ links to docs in setup flow ➕ improve stripe card error feedback 🔧 toolbelt creates knex migration 🐞 updating profile updates name in nav 🐞 patch user returning undefined in string

15 Jul 2020 v5.0

➕ support for mongo db ➕ new user interface design ➕ animations and animate component ➕ hooks: useAPI, usePlans, userPermissions ➕ last_active field for users ➕ improved billing flow and UI ➕ mobile navigation component ➕ landing page design (+ pricing, checkout) ➕ scoped SCSS ➕ new auth page design ➕ public auth permission ➕ success validation indicator on form inputs ➕ support for Node 14.5+ 🔧 improved client-side routing 🔧 stripe price & interval moved to plan level 🔧 improved permission handling 🔧 moved to new stripe client package 🔧 all packages updated 🔧 dynamic pricing component using live prices 🔧 improved password reset flow with token 🔧 all components migrated to functional 🔧 deleted external layout - using new home layout 🔧 improved edit/delete functions in tables 🔧 removed legacy client sessions 🔧 merged Button, IconButton and LoadingButton 🔧 tables render clean dates (YYYY-MM-DD) 🔧 removed legacy nested form inputs 🐞 missing blank slate icon on chart 🐞 await bug when sending email

26 May 2020

🐞 split API into multiple files 🐞 testing flow 🐞 deleting invite with postgres

16 May 2020

➕ added support for Postgres, MSSQL, MariaDB, SQLite3, Oracle, & Redshift ➕ knex.js query builder ➕ unit tests added to toolbelt ➕ node 14 support 🔧 improve setup flow to auto-populate stripe plans 🐞 checkboxes not sending multiple values

3 March 2020

➕ support for Gravity Native ➕ notification model for sending push notifications to mobile devices ➕ free plan option with upgrade flow ➕ support for node 13 ➕ show prop on table component to filter which columns to show 🔧 replaced "" with '' 🔧 sign in blocked on deactivated accounts 🔧 removed redundant status keys from controllers 🐞 duplicate key entry in demo/users model

8 Jan 2020

🔧 bug with foreign key constraint when creating multiple views with CLI

14 Oct 2019

➕ CLI Toolbelt to create new MVC files 🔧 user invite email automatically injects the email address into the signup form 🔧 improved handling of expired token - now redirects to login screen 🐞 API verification in model/auth.js 🐞 user.create() returning insertId, not uuid. 🐞 rendering a single action button in a table row

10 Sep 2019

➕ classnames package for creating css classes 🐞 web font not showing 🐞 sizing of icon button 🐞 notification banner not showing close button 🐞 table not showing loader when loading its own data 🐞 table not re-rendering when data prop changes

24 Aug 2018

➕ feather icons 🐞 bug with table sorting

8 Aug 2018

🔧 improved installation/setup process

6 Aug 2019 v3.1 BETA

➕ SCA payment authentication ➕ settings now use ENV vars 🔧 html email templates use dynamically injected url 🔧 improved server-side chart creation with chart.create() model 🔧 stateless application – all server sessions discarded 🐞 invite table not accepting UUIDs

12 Jun 2019 v3.0 BETA

➕ front-end React UI 🔧 configured for Node v12 🔧 new API endpoints for React 🔧 removed gulp 🔧 removed node router 🔧 removed node auth (now handled with React)

7 May 2019 v2.1

🔑 implemented improved security when updating users

14 Apr 2019 v2.0

➕ homepage, pricing and auth page designs ➕ API uses token authentication ➕ router middleware authentication ➕ viewController to reduce complexity of router.js 🔧 implemented proper API routing and methods 🔧 form urls and methods to utilise new API 🔧 improved permission handling 🔧 improved structure of controller and models 🔧 moved stripe methods into separate stripe model 🔧 improved view model to properly utilise respective models 🔧 AJAX request now use proper error codes 🔧 centralised error handling – no more try/catch 🔧 can no longer edit config at runtime 🐞 account.create saving stripe id on error 🐞 config/account not updating email

27 Feb 2019

➕ admin for accounts and users located at /config/accounts and /config/users

5 Feb 2019

🔧 verifySubscription to account.js – automatically checks for an active stripe subscription on in sign in flow

16 Jan 2019

🔧 model & controllers updated to use async/await 🔧 removed has_users table: tables are now linked using foreign key 🐞 validation issue with emails using 4 letter domains extensions 🐞 issue with gulp watch only running once

6 Dec 2018 v1.1

➕ forms can be automatically validated & submitted with submitAJAXForm() ➕ setup process is now managed in the browser at /config/setup ➕ internal config dashboard added at /config (run config/setup first) ➕ metrics available at /config ➕ isURLValid() added to form.js to check input field for a valid URL string ➕ isPhoneValid() added to form.js to check input field for a valid phone number ➕ isSelect() valid added to form.js to check that an option has been selected 🔧 docs now located at https://usegravity.app/docs 🔧 stripe publishable API key is automatically written to file during setup 🔧 settings.js changed to settings.json – update any references to the settings file 🔧 chart functions now show a blank message when there is no data to show 🔧 isRadioValid(), isCheckboxValid(), isSelectValid() now re-validate when an option is selected 🔧 database should be initialised in each model with db.init()
🐞 resolved broken link to /home/privacy in router.js 🐞 plan field length in database updated to 32 chars to accommodate long Stripe plan IDs 🐞 prefixes added to animations
Previous
Changelog
Next
Native Changelog
Last modified 7mo ago
Copy link
Contents
13 Sept 2021 v8.0.4 (Power)
8 Sept 2021 v8.0.3
2 Sept 2021 v8.0.2 Beta
2 Sept 2021 v8.0.2 Beta
20 August 2021 v8.0.1 Beta
16 August 2021 v8.0 Beta
5 June 2021 v7.2.1
3 June 2021 v7.2
10 May 2021 v7.1.1 Beta
30 Apr 2021 v7.1 Beta
20 Apr 2021 v7.0 Beta
8 Mar 2021 v6.5
23 Jan 2021 v6.4
23 Dec 2020 v6.3
16 Dec 2020 v6.2
19 Nov 2020 v6.1
18 Sep 2020 v6.0
3 Aug 2020 v5.1
15 Jul 2020 v5.0
26 May 2020
16 May 2020
3 March 2020
8 Jan 2020
14 Oct 2019
10 Sep 2019
24 Aug 2018
8 Aug 2018
6 Aug 2019 v3.1 BETA
12 Jun 2019 v3.0 BETA
7 May 2019 v2.1
14 Apr 2019 v2.0
27 Feb 2019
5 Feb 2019
16 Jan 2019
6 Dec 2018 v1.1