{{ message }}
Releases: rebasepro/rebase
Releases · rebasepro/rebase
Release list
v0.8.0
Features & Improvements
- Unified Policy & Filter Engine — Replaced ad-hoc permission checks with a centralized
evaluatePolicysystem andPolicytype. This system translates high-level security rules into both frontend conditions (for UI gating) and backend-specific filters (Postgres RLS, Firestore security rules). IncludespolicyToPostgresandsecurityRuleToConditionsutilities, ensuring the admin UI matches database enforcement by construction. - Multi-Backend Storage Sources — Introduced a first-class
StorageSourcesystem allowing a single project to use multiple storage backends (S3, GCS, Local, Firebase) simultaneously. AddedGCSStorageControllerfor native Google Cloud Storage support with TUS resumable uploads. Managed viaStorageSourcesContextandStorageRegistry, enabling complex multi-cloud storage architectures. - Custom Backend Functions — New
defineFunction()API for creating type-safe, discoverable backend endpoints. Functions are automatically mounted, type-checked, and can be invoked directly from the client SDK with full type safety. Includes a newinvoke_functionMCP tool for interacting with custom endpoints from AI agents. - Property Schema Consolidation — Refactored the property system to unify how database-level schemas, UI configurations, and validation rules are defined. Removed overlapping property types and introduced a more robust
PropertyConfigsystem that handles complex relations and references consistently across all data drivers (Postgres, MongoDB, Firestore). - Editable UI Table — Significantly enhanced
VirtualTablewith native editable cells (VirtualTableInput,VirtualTableSelect,VirtualTableNumberInput,VirtualTableDateField). Added a newSelectionStoreandSelectionContextfor robust multi-row selection, keyboard navigation, and batch operations within the CMS. - Expanded Agent Skills — Massive overhaul of the Rebase AI coding skills. Added new specialized skills for
rebase-custom-functions,rebase-ui-components, andrebase-storage. Expanded existing skills for auth, security, and SDK with deep architectural context, common patterns, and safety rules. - Public API Refinement — Cleaned up the public API surface of
@rebasepro/clientand@rebasepro/core, simplifying integration into existing applications. Consolidated data controllers, improved type inference, and refined theRebasecomponent props for better developer experience. - NPM Publishing Safeguards — Added
validate-no-workspace-protocol.shandcheck-packages.shscripts to the release pipeline. These prevent publishing packages withworkspace:dependencies or inconsistent versions, ensuring library consumers always get stable, resolved dependencies.
Fixes
- Dependency Management — Resolved workspace-wide dependency conflicts and fixed "workspace protocol" leakage in built artifacts that caused installation failures in certain environments.
- Lifecycle Interception — Unified lifecycle interception systems across different data drivers. This ensures consistent execution of
beforeSave,afterSave,beforeDelete, andafterDeletehooks regardless of whether the collection is backed by Postgres, MongoDB, or Firestore. - OAuth Configuration — Refactored and stabilized OAuth provider configuration. Resolved inconsistencies in how environment variables were parsed for Discord, Microsoft, and LinkedIn providers.
- MongoDB & Firestore Parity — Improved collection support for MongoDB and Firestore, bringing their relation/reference capabilities and storage integration closer to parity with the PostgreSQL driver.
- Any Type Audit — Conducted a comprehensive audit of
anytypes across the core packages, replacing them with strict types or narrowing guards (e.g.,isSQLAdmin) to improve overall codebase robustness and prevent runtime errors.
Testing
- Security Policy Tests — New test suites for
evaluatePolicy,policyToPostgres, andsecurityRuleToConditionscovering Kleene logic and complex nested expressions. - Storage Tests — Added comprehensive integration tests for
GCSStorageController, multi-storage routing, and TUS upload flows. - UI Tests — New unit and integration tests for
VirtualTableeditable fields, selection logic, and keyboard accessibility. - Schema Gates — Added
collection_registry_property_gatestests to validate property resolution and permission-based visibility gating at the registry level.
v0.6.1
Fixes
- CLI Init Crash — Fixed
rebase initcrashing withUnknownPromptTypeError: Prompt type "list" is not registeredafter entering the project name. Theinquirerv14 dependency renamed the"list"prompt type to"select", breaking the interactive flow. The non-interactive (--yes) path was unaffected, which is why E2E tests did not catch it.
Testing
- Interactive Prompt Validation — Extracted prompt question building into a testable
buildInitQuestions()function and added unit tests that validate all prompttypevalues against the installedinquirerversion's registered types. This prevents prompt-type regressions from shipping silently wheninquireris upgraded.
v0.6.0
Features & Improvements
- Schema Drift & Previews — Added a schema drift notification banner to Starlight and Studio home page, and improved previews for collection reference/relation properties.
- Rebase Client & Types — Consolidated RebaseClient context hooks, aligned types in
@rebasepro/clientand reconciled data controllers for cleaner imports. - Observability — Integrated structured request-logger middleware and an
X-Request-IDcorrelation header to trace client requests across core backend services. - Code Quality & Testing — Added robust unit/integration tests across
@rebasepro/uicomponents, StudioHomePage, and data plugins. Cleaned up Vite configuration targets, and strengthened type-safety checks. - Multi-Factor Authentication (MFA) — Full TOTP-based MFA implementation with enroll, verify, challenge, and unenroll flows. Includes recovery codes,
aal1→aal2token upgrade on challenge verification, and anonMfaVerifiedauth hook. - Component Override System — New
ComponentOverrideContextanduseComponentOverridehook allow developers to replace built-in UI components at both the global and per-collection level. - CLI Skills Command —
rebase skillsauto-detects and installs Rebase AI coding skills for Cursor, Claude Code, Windsurf, and Gemini/Antigravity. - MCP Server Expansion — Added storage, cron, and
invoke_functiontools. Automatic package-manager detection for dev server commands. - Server Init Refactor — Decomposed the monolithic
init.tsinto focused modules for middlewares, health, shutdown, storage, and docs. - Entity Form Improvements — Enhanced
EntityDetailViewandEntityEditViewwith better field-binding support, addedPopupFormFieldinline editing. - Drizzle Schema Generation — Improved generated schema logic with richer column-type support.
- Documentation & Website — Added
llms.txt, expanded backend auth, realtime, collections, SDK, and component-overrides documentation.
Fixes
- Auth Refactoring — Resolved auth issues and cleaned up redundant user management hooks, admin routes, and legacy decorators.
- Studio & UI Components — Corrected icon sizing bugs, restored SQLEditor panel logic, improved tab scroll styles.
- Relation Preview Rendering — Fixed broken relation previews in list views.
- Security Hardening — Hardened WebSocket client, added input validation to GraphQL and REST generators, tightened API key and cron store queries.
- PostgreSQL Error Handling — New
pg-error-utils.tsmodule for user-friendly PG error messages. - Roles Query — Fixed roles query resolution in user management flows.
- Package Cleanup — Cleaned up
package.jsonfiles, fixed dependency declarations. - VirtualTable & UI — Refactored for better resize handling and simplified render logic.
Testing
- Admin Package Tests — Added component-level, data export, and data import tests.
- PostgreSQL Tests — New relation service, error extraction, and schema generation tests.
- MCP Server Tests — Extended test suite covering new storage, cron, and function tool handlers.
