v0.0.44
Summary
This new release wasn’t strictly scheduled for today, but funnily enough, it marks Juno’s second anniversary. Happy two years! 🥳
Making your applications secure and resilient is one of Juno’s core missions. While this release might not seem to introduce many visible changes—no new endpoints, for example—several improvements have been made under the hood, particularly in user management for your Satellites.
Notably, the default technical collection that synchronizes user data has been modified to reject updates unless provided by the controller. This allows for extending it with new administrative attributes, enabling features such as banning (or unbanning) users in your dApps. Banned users will no longer be able to retrieve, create, update, or delete any documents. Note that users can still delete their own subscription if they choose to.
Similarly, collections in Datastore and Storage now include a new logical attribute that lets you define a maximum number of changes (create, edit, delete) per user. This is particularly useful for preventing spam and excessive data generation. For example, in an app where users create posts, you can limit them to a maximum of 10,000 posts, preventing bad actors from generating millions of unnecessary entries.
Lastly, a new configuration option for authentication has been introduced, which can be useful if you want to reuse the same derivation origin across multiple Satellites.
[!IMPORTANT]
When updating your Satellite, if you use Datastore and Storage, we strongly recommend updating to the latest JavaScript libraries in your dApps as well.
Overview
| Module | Version | Breaking changes |
|---|---|---|
| Satellite | 0.0.22 | ⚠️ |
| Crates | Version | Breaking changes |
|---|---|---|
junobuild-satellite | v0.0.22 | |
junobuild-storage | v0.0.15 | ️ |
junobuild-collections | v0.0.11 | ️ |
junobuild-shared | v0.0.24 | |
junobuild-macros | v0.0.4 | ️ |
| Library | Version | Breaking changes |
|---|---|---|
@junobuild/core | v0.1.7 | |
@junobuild/core-standalone | v0.1.7 | |
@junobuild/admin | v0.1.5 | |
@junobuild/analytics | v0.1.2 | |
@junobuild/storage | v0.1.3 | ️ |
@junobuild/console | v0.1.4 | ️ |
@junobuild/cli-tools | v0.1.1 | |
@junobuild/config | v0.1.1 | |
@junobuild/config-loader | v0.1.1 | |
@junobuild/utils | v0.1.0 | ⚠️ ️ |
@junobuild/errors | v0.0.4 | 🆕 |
| CLI | Version | Breaking changes |
|---|---|---|
@junobuild/cli | v0.1.5 |
| Plugins | Version | Breaking changes |
|---|---|---|
@junobuild/vite-plugin | v0.0.19 | |
@junobuild/nextjs-plugin | v0.0.13 |
| Templates | Version | Breaking changes |
|---|---|---|
| create-juno | v0.1.11 | |
| satellite-template | v0.0.4 | |
| observatory-templates | v0.0.3 |
| Docker | Version | Breaking changes |
|---|---|---|
@junobuild/satellite | v0.0.46 | |
@junobuild/console | v0.0.46 | |
@junobuild/action | v0.0.38 |
Changes
Here is a list of changes included in this release:
Console (Backend)
No changes.
Console (Frontend)
The console UI/UX has been improved as follows:
Features
- Support new collection option "Max changes per user" – i.e. make the field editable in collections.
- Add the ability to ban (or unban) users.
- Introduce a new modal that displays user details.
- Display changes made by both users and collections.
- Show a warning when max usage is reached.
- Support the new external alternative origins configuration option.
- Add a "Copy" function in the navbar for quick access to Wallet IDs.
- Migrate remaining collections to Svelte v5.
- Sort domains by
created_at. - Move the memory selection to the advanced options in collections.
Styles
- Fix launchpad cockpit overflow on mobile.
- Fix canister row display in monitoring.
- Review collapsible icons and alignment.
- Ensure "error" text has white contrast for better readability.
- Fix modal height on iOS.
- Use only monochrome icon logos for II and NFID.
- Improve the layout of "More options" by centering the call to action.
Fixes
- Fix USD value not displaying in production due to KongSwap API changes.
- Ensure toasts close automatically after timeout (Svelte v5 migration issue).
- Prevent default strategy from being used if monitoring is disabled when creating modules.
- Show submit button when a collection is set as immutable.
Build
- Update dependencies.
- Adapt Vitest reporters due to classic deprecation.
Satellite
The Satellite has been updated as follows:
Breaking Changes
- Disallow users from editing their entries in the technical system collection
#user. - Modify error messages to improve their structure in the form of a standardized namespace.
Features
- Track (anonymous) user usage per collection. In other words, every change made by users to collections (except system collections) will be counted (and capped to avoid overflow). This requires the introduction of a new system collection
#user-admin. - Delete entries in
#user-adminwhen a user is deleted. - Implement assertions that prevent users from making any changes (create, edit, or delete) in the Datastore or Storage if the collection option "Max changes per user" is reached.
- Introduce a new banned flag field within user data.
- Implement guards to prevent banned users from querying or making any changes in the Datastore or Storage.
- Improve user data validation by introducing deserialization assertions.
- Add optional external alternative origins support to the authentication configuration.
Refactoring
- Use store function to
get_controllersin guards. - Rename
inner()tointo_inner(). - Move various modules, functions, and constants to improve the structure of the crates and, by extension, their maintainability.
Build
- Bump all dependencies.
Mission Control
No changes.
Orbiter
No changes.
Observatory
No changes.
Library
Please refer to the releases for details.
CLI
Please refer to the releases for details.
Plugins
Please refer to the releases for details.
Templates
Please refer to the create-juno and satellite-template releases for details.
GitHub Action
Please refer to the releases for details.
Docker
Please refer to the releases for details.
Proxy
Please refer to the releases for details.
Repo Tooling
The local development tools of this repo and pipelines have been updated as follows.
Features
- Introduce the flag
--cfg getrandom_backend="custom"required bygetrandomin all build scripts. - Simplify
touchin the Docker build. - Refactor the workspace to group tests and introduce
test_satelliteas a fixture that uses Serverless Functions.
Build
- Bump Rust version.
Serverless Functions
If you are using Serverless Functions, you can upgrade the following crates accordingly:
[dependencies]
candid = "0.10.13"
ic-cdk = "0.17.1"
ic-cdk-macros = "0.17.1"
serde = "1.0.217"
serde_cbor = "0.11.2"
junobuild-satellite = "0.0.22"
junobuild-macros = "0.0.4"
junobuild-utils = "0.0.4"
Note that we have migrated getrandom to v0.3.0, which includes breaking changes. As a result, you will also need to make sure to upgrade your Juno CLI to v0.1.5.
If you encounter any compatibility issues with third-party dependencies you are using, feel free to reach out. I'm not opposed to downgrading getrandom if necessary.