v6.0.0
What's Changed
Breaking changes
This release migrates away from Redis. Existing Redis instances deployed only for integration with Rating Tracker can be safely discarded of, which will result in the one-time loss of existing cache entries, session IDs and other ephemeral resources. New cached resources and sessions will be stored in the existing PostgreSQL database.
Recently, Rating Tracker migrated from Express to Hono as the underlying web framework. During this migration, the project file structure was also reworked to resemble those of NestJS projects: For each domain such as users, stocks, auth etc., there exists
- a controller which now handles routing, endpoint documentation, request validation and calls functions handling the vast majority of data processing tasks,
- a service aggregating functions which implement most logic related to the domain,
- optionally a schema describing the structure of larger entities for the purpose of validation.
Benefits of Hono include performance, better integration with tools generating an OpenAPI documentation, better validation of requests and responses supported by Zod, as well as type safety across both backend and frontend code by using Hono Client. Hono now also supports adding security-related headers like Content-Security-Policy etc. to responses, so those can be removed from a reverse proxy configuration. The integration with reverse proxies has also been improved in the way that the number of trustworthy proxies can now be configured using the environment variable TRUSTWORTHY_PROXY_COUNT. This has an impact on the evaluation of the X-Forwarded-For header and helps identifying a client’s real IP.
Finally, the development services no longer include an nginx reverse proxy. Instead, Vite runs a proxy forwarding all API requests to the backend. This proxy supports both HTTP/2 and HTTPS, which means that it must be supplied with SSL certificates. Those can be taken from an existing nginx setup, the files of which can be deleted afterwards.
For details regarding recommended configuration and environment changes, please refer to the README.
Major features
- Migrate all Redis repositories to PostgreSQL by @marvinruder in #1474
- Refactor application by @marvinruder in #1528
Minor changes
- Implement ISO 4217 amendments by @marvinruder in #1396
- Use fonts hosted by the server by @marvinruder in #1418
- Add
notFoundhandler for unknown endpoints by @marvinruder in #1548 - Migrate to Material UI 6 by @marvinruder in #1569
- Serve precompressed static assets by @marvinruder in #1594
Tweaks and fixes
- Minor cleanups by @marvinruder in #1395
- Improve authentication tokens by @marvinruder in #1417
- Declare ES module in
package.jsonofwasmmodule by @marvinruder in #1424 - Fix log level for logging to file by @marvinruder in #1433
- Fix favicon in containers with unset fetch schedule by @marvinruder in #1444
- Remove obsolete resolution by @marvinruder in #1448
- Use PostgreSQL instance from native Alpine package instead of Docker-in-Docker by @marvinruder in #1476
- Fix fetching from MarketScreener by @marvinruder in #1486
- Fix README.md by @marvinruder in #1531
- Fix Content-Security-Policy by @marvinruder in #1532
- Fix
PrismaClientValidationError: Invalidthis.db.stock.update()invocation when fetching all stocks from S&P by @marvinruder in #1535 - Update type of
Documentreturned byxmldomparser by @marvinruder in #1599
Notable dependency updates
- Update material-ui monorepo to v6 (major) by @renovate in #1525
- Update prisma monorepo to v5.19.0 by @renovate in #1526
- Update dependency @xmldom/xmldom to v0.9.0 by @renovate in #1537
- Update rust Docker tag to v1.81.0 by @renovate in #1557
- Update alpine Docker tag to v3.20.3 by @renovate in #1558
- Mitigates CVE-2024-5535
- Mitigates CVE-2024-6119
- Mitigates CVE-2024-42365
- Mitigates CVE-2024-42364
- Update dependency hono to v4.6.0 by @renovate in #1564
- Update dependency @hono/node-server to v1.13.0 by @renovate in #1579
- Update Node.js to v22.9.0 by @renovate in #1589
Full Changelog: v5.0.1...v6.0.0
