4.0.0

Breaking changes

• kinto --version was renamed kinto version
• ResourceChanged and AfterResourceChanged events now return
  old and new records for the delete action. (#751)
• Redis backends are not part of the core anymore. (#712).
  Use kinto_redis.cache instead of kinto.core.cache.redis
  Use kinto_redis.storage instead of kinto.core.storage.redis
  Use kinto_redis.permission instead of kinto.core.permission.redis
• Redis listener is not part of the core anymore. (#712)
  Use kinto.event_listeners.redis.use = kinto_redis.listeners instead of
  kinto.event_listeners.redis.use = kinto.core.listeners.redis
• Notion of unique fields was dropped from kinto.core resources.

Protocol

• Added a /__version__ endpoint with the version that has been deployed. (#747)
• Allow sub-object filtering on plural endpoints (e.g ?person.name=Eliot) (#345)
• Allow sub-object sorting on plural endpoints (e.g ?_sort=person.name) (#345)

Protocol is now at version 1.9. See API changelog_.

New features

• Added a new built-in plugin kinto.plugins.history that keeps track of every action
  that occured within a bucket and serves a stream of changes that can be synced.
  See API documentation.
• Added a new --dry-run option to command-line script migrate that will simulate
  migration operation without executing on the backend (thanks @lavish205! #685)
• Added ability to plug custom StatsD backend implementations via a new kinto.statsd_backend
  setting. Useful for Datadog™ integration for example (fixes #626).
• Added a delete-collection action to the kinto command. (#727)
• Added verbosity options to the kinto command. (#745)
• Added a built-in plugin that allows to define quotas per bucket or collection. (#752)

Bug fixes

• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together.
• Fix crash when an invalid UTF-8 character is provided in URL
• Fix crash when provided last_modified field is not divisible (e.g. string)

Internal changes

• Huge rework of documentation after the merge of Cliquet into kinto.core (#731)
• Improve the documentation about generating docs (fixes #615)
• Switch from cliquet-pusher to kinto-pusher in Dockerfile and tutorial.
• List posssible response status on every endpoint documentation (#736)
• Remove duplicated and confusing docs about generic resources
• Replace the term protocol by API in documentation (fixes #664)
• Add load tests presets (exhaustive, read, write) in addition to the existing random. Switched integration test make loadtest-check-simulation to run the exhaustive one (fixes #258)
• Remove former Cliquet load tests (#733)
• Add a flag to to run simulation load tests on default bucket. Uses blog
  bucket by default (#733)
• Add command-line documentation (#727)
• The --backend command-line option for kinto init is not accepted as first
  parameter anymore
• Improved parts of the FAQ (#744)
• Improve 404 and 403 error handling to make them customizable. (#748)
• kinto.core resources are now schemaless by default (fixes #719)

3.3.2

Bug fixes

• Fix Redis get_accessible_object implementation (#725)
• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together (#728)

3.2.4

Bug fixes

• Fix bug where the resource events of a request targetting two groups/collection
  from different buckets would be grouped together (#728)

3.3.1

Protocol

• Add the permissions_endpoint capability when the kinto.experimental_permissions_endpoint is set. (#722)

3.3.0

Protocol

• Add new experimental endpoint GET /v1/permissions to retrieve the list of permissions
  granted on every kind of object (#600).
  Requires setting kinto.experimental_permissions_endpoint to be set to true.

Protocol is now at version 1.8. See API changelog.

Bug fixes

• Fix crash in authorization policy when requesting GET /buckets/collections (fixes #695)
• Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
  Regression introduced in 3.2.0 with #655.
• Fix crash with PostgreSQL storage backend is configured as read-only and reaching
  the records endpoint of an unknown collection (fixes #693, related #558)
• Fix events payloads for actions in the default bucket (fixes #704)
• Fix bug in object permissions with memory backend
• Make sure the tombstone is deleted when the record is created with PUT. (#715)
• Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
• Fix crash in memory backend with Python3 when filtering on unknown field

Internal changes

• Resource events constructors signatures were changed. The event payload is now
  built immediately when event is fired instead of during transactoin commit (#704).
• Fix crash when a resource is registered without record path.
• Changed behaviour of accessible objects in permissions backend when list of
  bound permissions is empty.
• Bump last_modified on record when provided value is equal to previous
  in storage update() method (#713)
• Add ability to delete records and purge tombstones with just the parent_id
  parameter (#711)
• Buckets deletion is now a lot more efficient, since every sub-objects are
  deleted with a single operation on storage backend (#711)
• Added get_objects_permissions() method in permission backend (#714)
• Changed get_accessible_objects(), get_authorized_principals() methods
  in permission backend (#714)
• Simplified and improved the code quality of kinto.core.authorization,
  mainly by keeping usage of get_bound_permissions callback in one place only.

3.2.3

Bug fixes

• Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
• Fix crash in memory backend with Python3 when filtering on unknown field

3.2.2

• Fix bug in object permissions with memory backend (#708)
• Make sure the tombstone is deleted when the record is created with PUT. (#715)
• Bump last_modified on record when provided value is equal to previous
  in storage update() method (#713)

3.2.1

Bug fixes

• Fix HTTP API version number exposed (1.7)
• Fix crash in authorization policy when requesting GET /buckets/collections (fixes #695)
• Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
  Regression introduced in 3.2.0 with #655.
• Fix crash with PostgreSQL storage backend is configured as read-only and reaching
  the records endpoint of an unknown collection (fixes #693, related #558)

3.2.0

Protocol

• Allow record IDs to be any string instead of just UUIDs (fixes #655).

Protocol is now at version 1.7. See API changelog.

New features

• kinto start now accepts a --port option to specify which port to listen to.
  Important: Because of a limitation in Pyramid tooling,
  it won't work if the port is hard-coded in your existing .ini file. Replace
  it by %(http_port)s or regenerate a new configuration file with kinto init.
• Add support for pool_timeout option in Redis backend (fixes #620)
• Add new setting kinto.heartbeat_timeout_seconds to control the maximum duration
  of the heartbeat endpoint (fixes #601)

Bug fixes

• Fix loss of data attributes when permissions are replaced with PUT (fixes #601)
• Fix 400 response when posting data with id: "default" in default bucket.
• Fix 500 on heartbeat endpoint when a check does not follow the specs and raises instead of
  returning false.

Internal changes

• Renamed some permission backend methods for consistency with other classes (fixes #608)
• Removed some deprecated code that had been in kinto.core for too long.

Documentation

• Mention in groups documentation that the principal of a group to be used in a permissions
  definition is the full URI (e.g. "write": ["/buckets/blog/groups/authors"])
• Fix typo in Github tutorial (thanks @SwhGo_oN, #673)
• New Kinto logo (thanks @AymericFaivre, #676)
• Add a slack badge to the README (#675)
• Add new questions on FAQ (thanks @enguerran, #678)
• Fix links to examples (thanks @maxdow, #680)

3.1.1

Bug fixes

• Fix loss of data attributes when permissions are replaced with PUT (fixes #601)
• Fix 400 response when posting data with id: "default" in default bucket.