Find file
290 lines (242 sloc) 35.7 KB

Sails Changelog


Sails v1.0 comes with a host of new features and improvements as well as some breaking changes to previous versions. Please see the migration guide if you're upgrading from a previous version of Sails!

  • [ENHANCEMENT] Introduce Actions 2 -- ability to declare actions as Machines in individual files. See the Actions and controllers and Action target syntax docs for more info.
  • [ENHANCEMENT] Introduce Helpers -- the successor to services. See the Helpers docs for more info.
  • [BUGFIX] Improve path resolution in moduleloader for Windows f13bb77
  • [BUGFIX] Fix output for virtual requests that have non 2xx/3xx status codes and no body 525c7c5
  • [REMOVAL] Remove support for (undocumented) "action/model" route syntax for binding routes to blueprint actions
  • [BUGFIX] Fix issue causing Sails to sometimes crash when using Redis sessions if it receives a request after the Redis server has unexpectedly disconnected 3f29dce
  • [ENHANCEMENT] Add sails.getActions() method to return a dictionary of registered Sails actions 5598179
  • [ENHANCEMENT] Add sails.registerAction() method to programmatically register a Sails action dd9af88
  • [ENHANCEMENT] Add exposeLocalsToBrowser local in all views
  • [ENHANCEMENT] Add sails.registerActionMiddleware() to programmatically register middleware to be applied to one or more actions 2c281d5
  • [ENHANCEMENT] Allow explicitly defined actions in Sails config via sails.config.controllers.moduleDefinitions 3b264fa, 4ad23dd
  • [BUGFIX] Default req.options.populate to the value of `sails.config.blueprints.populate d8f4df8
  • [ENHANCEMENT] Add sails.reloadActions() method to reload actions from disk / config while an app is running df2ee46
  • [ENHANCEMENT] Allow loaded modules (actions, controllers, policies, models, etc.) to have any file extension besides .md and .txt (which are ignored). Direct support for anything besides plain Javascript has been removed; variants like CoffeeScript and TypeScript can be used by registering them in the app.js file. See the Using CoffeeScript tutorial for an example.
  • [REMOVAL] Remove support for custom blueprints. These can easily be replaced by regular actions. See the migration guide for more info. 0fd4362
  • [REMOVAL] Remove support for blueprint route target syntax 0fd4362
  • [REMOVAL] Remove deprecated dontFlattenConfig option 56c9b5b
  • [ENHANCEMENT] Humanize config vars that are loaded from the environment 7eb6af6
  • [REMOVAL] Remove most Resourceful PubSub methods, leaving just .subscribe(), .unsubscribe() and .publish(). c981c6e
  • [ENHANCEMENT] Expose Sails generator for programmatic use e008a6b
  • [UPGRADE] Upgrade to Express 4.14.0. Thanks to josebaseba for his help in the transition to Express 4!
  • [ENHANCEMENT] Improved CORS support. See the migration guide and CORS docs for more info.
  • [REMOVAL] Removed req.validate() functionality. Use Actions 2 instead, which automatically validate parameters. 68fa8ff
  • [ENHANCEMENT] Updated syntax for policies. See the migration guide and the policies documentation for more details. 66d2b2d
  • [ENHANCEMENT] Automatically sort routes to avoid wildcards swallowing static routes. See the sort-route-addresses module for more info on route sorting.
  • [ENHANCEMENT] Combine CORS and CSRF hooks into new "Security" hook. See the migration guide for more details.
  • [ENHANCEMENT] Update CSRF configuration and replace /csrfToken route with an action that can be bound to any route. See the migration guide and CSRF docs for more info. 7328c05
  • [REMOVAL] res.created() will no longer be included by default. 7988866
  • [BUGFIX] Ignore default installed hooks when searching node_modules for hooks. #3855.
  • [SECURITY] Don't serve CSRF token via websockets 50b0684
  • [INTERNAL] Bring EJS layout code into Sails rather than relying on the unmaintained ejs-locals package d3ba9bd
  • [REMOVAL] Remove handlebars dependency and support for layouts in view engines other than EJS. See the migration guide for more details. ae7e656, 9f1f2fb
  • [ENHANCEMENT] Don't set NODE_ENV based on Sails environment, except in special circumstances. See the migration guide for more details. cf20d07, abbf1f7
  • [ENHANCEMENT] Make session hook routesDisabled use Sails route address syntax (including regular expression syntax) aba8f2f
  • [BUGFIX] Supply res.locals._csrf to all routes when CSRF protection is enabled. Fixes #3865
  • [REMOVAL] Remove Consolidate dependency -- view template engines are now configurable via the sails.config.views.getRenderFn setting. See the migration guide for more details. 6316452
  • [REMOVAL] Remove deprecated RPS "firehose" 86b88
  • [REMOVAL] Remove deprecated 0.9.x socket support 6464d8f
  • [BUGFIX] Update and standardize precedence of route param, query and body in req.param() and req.allParams() 820d1eb
  • [REMOVAL] Remove JSONP support from blueprints. CORS is fairly ubiquitous now. effd6c3
  • [REMOVAL] Remove deprecated sails.getBaseUrl method. d0fe4ff
  • [INTERNAL] Remove sails-util 1fee468
  • [INTERNAL] Remove grunt, sockets and ORM hooks 48750d7, 07c59ce
  • [REMOVAL] Remove deprecated req.params.all() method 9c6b217
  • [BUGFIX] Correctly load custom adapters (stored in either FooAdapter.js files or in subfolders) #3884
  • [INTERNAL] Add benchmarks 6b4ba32
  • [ENHANCEMENT] Requests for assets will skip running session middleware by default 3c5ddf7
  • [ENHANCEMENT] Support routesDisabled for sessions in virtual requests a00cf78
  • [INTERNAL] Standardize log level for warnings to always use "debug" except for warning related to security.
  • [ENHANCEMENT] Add 404, 500 and startRequestTimer to middleware order automatically (and remove them from default sails.config.http.middleware.order) a22e4e7, f788e39
  • [REMOVAL] Remove the handleBodyParserError middleware from the stack, use the onBodyParserError option in Skipper instead. f788e39
  • [BUGFIX] Take locale into account in views.render() #3833
  • [ENHANCEMENT] Allow session adapter to be required directly 039d245
  • [REMOVAL] Remove support for Express 3 session adapters 628a55b
  • [INTERNAL] Switch from i18n to i18n-2. See the migration guide for more details. 4a90de2
  • [BUGFIX] Fail to lift Sails if connect-redis can't initialize. #3590
  • [REMOVAL] Remove method-override from default middleware list. 575c4a3
  • [BUGFIX] Use _.clone() instead of _.cloneDeep() for config overrides, to preserve things like Redis clients passed into config. 1b970b6
  • [ENHANCEMENT] Update sails.config.globals functionality. See the migration guide for more details. 44c6d9b
  • [ENHANCEMENT] Add sails.config.session.onDisconnect and sails.config.session.onReconnect functions 1e55c63
  • [ENHANCEMENT] Add sails.config.sockets.adapterOptions.onDisconnect and sails.config.sockets.adapterOptions.onReconnect functions 3a25971
  • [DEPRECATION] Deprecate .jsonx() cdcc3c0
  • [INTERNAL] Update default responses 510504e
  • [REMOVAL] Remove update-via-POST blueprint route 5c3814d
  • [INTERNAL] Disconnect Redis session client when Sails is lowering 80fb71b
  • [UPGRADE] Upgrade EJS dependency to v2.5.3 6bfad70
  • [REMOVAL] Removed deprecated connect-flash middleware c5c4900
  • [REMOVAL] Removed 16 unused dependencies (see full list here)





  • [BUGFIX] Fix issue with multiple config files that have the same filename 3850
  • [ENHANCEMENT] Add criteria validation for the find and findOne blueprint actions. ab9c2c3...c6e8ad0
  • [INTERNAL] Fix Gitter link in README so it displays properly on NPM 284c660


  • [BUGFIX] Fix issue with multiple config files that have the same filename 3846
  • [ENHANCEMENT] Warn about overly permissive CORS settings when lifting in production ca43e05


  • [BUGFIX] Revert inadvertent breaking change to CORS config in 0.12.5, see f80252f for details)


  • [INTERNAL] Upgrade version of include-all to ^1.0.0 f6e8d32
  • [ENHANCEMENT] Add experimental sails console --dontLift option 029fe06
  • [UPGRADE] Dependencies in captains-log
  • [UPGRADE] Moduleloader now uses include-all@1, and sails-build-dictionary is deprecated (all of its methods were folded into include-all)
  • [BUGFIX] In moduleloader: Improve path resolution on windows
  • [BUGFIX] Fix property name for ('status' => 'statusCode') in virtual request header


  • [INTERNAL] Upgrade Mocha to 3.0.0 to remove more of the deprecation notices when installing dependencies (see mocha:#2200)
  • [INTERNAL] Simplify config-merging code in captains-log. This also gets rid of more deprecation notices during install (see captains-log:49f433eff348c05115a2caf292b4da0db9499887)
  • [BUGFIX] Fix long-standing, low-priority (but super annoying) issue with logged dictionaries/arrays getting extra quote marks (due to a pecularity in the usage of util.format()) d67e9c8e6775
  • [ENHANCEMENT] Add sails.config.session.routesDisabled config option to specify routes that should not use session middleware c712acf
  • [ENHANCEMENT] Use res.forbidden() when denying access to a route via a policy. Thanks @wulfsolter! 3764
  • [ENHANCEMENT] Allow use of Express style path and RegExp in sails.config.csrf.routesDisabled. Thanks @bolasblack!
  • [BUGFIX] Fix for query / body params called length 3738
  • [BUGFIX] Fix view rendering when i18n hook is disabled. Thanks @mordred! 3741
  • [BUGFIX] Allow sails.renderView to work with globals turned off 3753 d3f634c
  • [BUGFIX] Fix typo which could cause crashing when attempting to serialize non-json-compatible output in the response to a socket request.
  • [UPGRADE] Update all Grunt dependencies 5f6be05
  • [UPGRADE] Update "connect" dependency to 3.4.1 1d3c9e6
  • [UPGRADE] Update "compression" dependency to version 1.6.2
  • [UPGRADE] Upgraded version of Consolidate to 0.14.1 a70623c
  • [UPGRADE] Upgraded version of grunt-contrib-watch to 1.0.0 3678
  • [INTERNAL] Use standalone CSRF package instead of using the one (formerly) bundled with Connect. Sails should be using all standalone middleware now. 1d3c9e6 98861ef
  • [INTERNAL] Add some assertions to ensure custom hooks don't use reserved properties 2e76dac
  • [INTERNAL] Update code that virtual response uses to read buffer to work with all Node versions a5ab134
  • [INTERNAL] Remove un-maintained "wrench" module from tests; use "fs-extra" instead. Thanks @Ignigena! 4f90f78


  • [BUGFIX] Allow skipAssets and skipRegex to be used with direct/static view route target syntax 3682. Thanks @dottodot, @nikhilbedi, and @AlexanderKozhevin!
  • [BUGFIX] Automatically route to index/ in deeply nested views when using direct/static view route target syntax
  • [BUGFIX] Add assertion about views which contain extra dots (.) in their paths when using direct/static view route target syntax
  • [INTERNAL] Use chalk instead of colors for console output. Thanks @markelog! 3680


  • [ENHANCEMENT] Allow use of fn in expanded route targets e1790b7
  • [BUGFIX] Add blacklist to "update" blueprint action so that it can be used with primary keys that are not "id" 3625
  • [ENHANCEMENT] Allow hooks to be turned off by setting their environment var to the string "false" 3618
  • [BUGFIX] Allow view target syntax for routes to specify deeply-nested views 3604
  • [BUGFIX] Allow custom bodyParser middleware config 3592
  • [BUGFIX] When lifting with unknown validation rule, exit gracefully instead of throwing.
  • [BUGFIX] Update validation rules from anchor 3649
  • [BUGFIX] Respond with an error if attempting to use req.file() from a virtual request (i.e. when Skipper is not available). And don't pass in res when building the mock request, since it is not available yet. 3656
  • [BUGFIX] Fix incorrect handling of errors in responses hook. Thanks @tapuzzo-fsi! 3645
  • [BUGFIX] Fix error from routeCorsConfig sometimes being undefined 3662
  • [INTERNAL] Replace ready event with an async handleLift lifecycle callback in order to simplify the behavior of sails lift and ensure the timing of the "done" callback is correct when using it programmatically.
  • [INTERNAL] Massive overhaul of tests. See b033f2d thru e85810a.
  • [INTERNAL] Extrapolate ORM hook into sails-hook-orm.
  • [INTERNAL] Force asynchronicity in the optional third argument of res.view()/res.render() to pave the way for better, request-agnostic view rendering methods. This prevents double-calling of the callback if userland code throws an error. Thanks @lennym! cd413e15435947aa855e27aab16d9cd9e65ad493
  • [ENHANCEMENT] Update version of i18n to 0.8.1 3631.
  • [ENHANCEMENT] Improve auto-migrate prompt, and skip the prompt and log an info message instead if sails.config.models.migrate is being automatically set to production anyways. sails-hook-orm/commit/3161c34edbe0aa07055f8665493734dda1688c2a
  • [ENHANCEMENT] Add production check in case sails-disk is being used, and experimental sails.config.orm.skipProductionWarnings flag for preventing the warning. sails-hook-orm/commit/9a0d46e135dadf00bc4576341624a31e50b12838
  • [INTERNAL] Don't clone target function in expanded route syntax 6cfb2de
  • [BUGFIX] Replace naughty code in implicit default res.forbidden() response; relevant when api/responses/ is deleted. See #3667 for more info. Thanks @Biktop! 4767585994c45e7a7040402a057f0e41660d341919
  • [INCONSISTENCY] Fix embarassing old link that was being shown when you console.log the sails app instance. Thanks @wulfsolter 52d45688fcfb6c4437348115f3e9c91595a8d379!
  • [INTERNAL] Get rid of a whimsical little --require in mocha.opts that must have gotten lost. Don't ask us how it ended up there. Thanks @markelog! 06837a53b48352de7c46a1be84e87e28a084ffe2
  • [INTERNAL] Remove needless require from mocha opts. Thanks @markelog! 3681


  • [INTERNAL] Expose private loadAndRegisterControllers method for now, since certain apps are relying on it 0ba7829
  • [BUGFIX] Updated default HTTP cache config property to match what's documented 750d434
  • [BUGFIX] Check for before checking for when lowering 92c4b19
  • [ENHANCEMENT] Keep cookie middleware even if session middleware is deactivated d21ae2d
  • [BUGFIX] Reset process.env.NODE_ENV after Sails lowers to whatever it was originally (to make it non-sticky when lifting/lowering multiple apps) f9db888
  • [BUGFIX] Use correct extension config for Handlebars 3559
  • [BUGFIX] Update usage of in pubsub hook to sails.sockets.getId() to avoid deprecation warning 3552
  • [INTERNAL] Replace usage of Express middleware (e.g. require('express').favicon) with equivalent standalone packages (e.g. require('serve-favicon'))
  • [BUGFIX] Allow passing in non-model instances to publishCreate 3558


  • [UPGRADE] Bump Waterline dependency to 0.11.0 and Sails-Disk to 0.10.9
  • [ENHANCEMENT] More core hooks are now fully documented (controllers|grunt|logger|cors|responses|orm)
  • [ENHANCEMENT] Improve sails --help output (note that this removes support for common misspellings) #3539
  • [ENHANCEMENT] Detect EMFILE warnings from grunt-contrib-watch and treat them as fatal (this is the too many open files / ulimit -n 1024 thing) #3523
  • [BUGFIX] Downgrade default grunt-contrib-watch dependency installed in new Sails apps to use v0.5.3 #3526
  • [BUGFIX] Use locally-installed Sails (when available) with sails console instead of always using global 093ec01
  • [UPGRADE] Update express-handlebars to 3.0.0 1760604
  • [BUGFIX] Don't attempt to run CSRF protection methods if session is not available
  • [BUGFIX] Properly remove process listeners on sails.lower() to avoid EventEmitter leaks when lifting/lowering multiple apps (e.g. in tests) #2693
  • [UPGRADE] Updated versions of Lodash (v3.10.1) and Async (v1.5.0) used in Sails (and globalized in Sails apps by default)
  • [ENHANCEMENT] Support for newer versions of connect-redis session adapter (and other session adapters using express-session)
  • [ENHANCEMENT] Set the useGlobal config option for REPL while using sails console, allows autoreload hook to reflect changes on global models and services
  • [ENHANCEMENT] Support JSON sorting syntax in blueprints #2449
  • [ENHANCEMENT] Support namespaced modules as hooks #3022, #3514
  • [ENHANCEMENT] Allow installable hooks to override their default names #3168
  • [BUGFIX] Fixed issues with subscribing sockets to new model instances in a clustered environment #2990, #3008
  • [UPGRADE] Update consolidate to ^0.12.1
  • [BUGFIX] Don't allow changing a model's primary key via blueprints
  • [ENHANCEMENT] Added sails.config.keepResponseErrors option to keep response errors in production mode #2853
  • [ENHANCEMENT] Added Livescript support #2662, #2599
  • [ENHANCEMENT] Added IcedCoffeeScript support (brrr) #2599
  • [BUGFIX] Fix req.param() to work correctly with falsy params #2756
  • [ENHANCEMENT] Support "exposeHeaders" option in CSRF config #2712
  • [BUGFIX] Honor all route options when using policy target syntax (
  • [ENHANCEMENT] New sails deploy CLI command. See for an example deployment strategy.
  • [ENHANCEMENT] Support CSRF hook route configuration #2366
  • [BUGFIX] Fix [RangeError: Maximum call stack size exceeded] error in PubSub hook
  • [ENHANCEMENT] Support layout for Ractive template engine
  • [ENHANCEMENT] Body parser error logs no longer outputted in production, unless sails.config.keepResponseErrors is set #3347
  • [BUGFIX] Pluralize option works correctly for all routes #3223
  • [BUGFIX] Blueprint create now works when POSTing arrays #3228
  • [UPGRADE] Updated sails-hook-sockets to ^0.13.0, which uses an updated module and has some bugfixes
  • [BUGFIX] Default responses now work correctly when views hook is disabled #2770
  • [BUGFIX] Restored troubleshooting messages in console when Sails server fails to lift
  • [BUGFIX] app-wide locals (sails.config.views.locals) are combined using a shallow merge (_.extend() instead of _.merge()) #3500
  • [ENHANCEMENT] Added sails.getRouteFor() and sails.getUrlFor(), utility methods for reverse routing #3402
  • [BUGFIX] Improve interoperability of virtual requests to provide a more consistent API to and sails.request() (e.g. for tests) 121f3feb8702d44420e86707ef05e3282461d136
  • [INTERNAL] Use shallow merge in services hook when loading modules (37eceee9b0ff0a20a285ac2889f4a5e96f3f5b30)
  • [INTERNAL] Don't expose until loadModules is called in the services hook (37eceee9b0ff0a20a285ac2889f4a5e96f3f5b30)


  • [BUGFIX] Allow disabling of installed hooks #3550
  • [ENHANCEMENT] Support namespaced modules as hooks (hotfix from #3022, #3514)
  • [ENHANCEMENT] Allow installable hooks to override their default names (hotfix from #3168)




  • [BUGFIX] Fixes to allow proper installation / execution in environments using Node 4 and/or NPM 3.


  • Shhhh nothing to see here (version skipped)


  • [ENHANCEMENT] Allow hooks to be installed in node_modules and dynamic changing of hook name
  • [ENHANCEMENT] Pull out the sockets hook to its own repository
  • [ENHANCEMENT] Allow hooks to have individual timeouts, and a global sails.config.hookTimeout
  • [ENHANCEMENT] Pull out to its own generator
  • [UPGRADE] Update for the latest version of the sockets hook
  • [UPGRADE] Upgrade from Socket.IO 0.9.17 to 1.2.1
  • [FEATURE] Add restPrefix setting in addition to prefix setting for blueprints for finer control
  • [ENHANCEMENT] Support partials and layout with Handlebars for the backend generator
  • [BUGFIX] Blueprint creation returns 201 status code instead of 200
  • [BUGFIX] ractive.toHTML() replaces ractive.renderHTML() for Ractive template engine
  • [BUGFIX] Fix arguments for publishAdd, publishRemove and publishUpdate
  • [ENHANCEMENT] Enable views hook for all methods
  • [BUGFIX] Resolve depreciation warnings
  • [BUGFIX] Fix dependency for npm 2.0.0
  • [BUGFIX] Fix Grunt launching when it's a peer dep
  • [ENHANCEMENT] Upgrade express and skipper because of security vulnerabilities
  • [BUGFIX] Fix Sails crashes if Redis goes down #2277
  • [BUGFIX] Fix crash when using sessionless requests over WebSockets #2107
  • [ENHANCEMENT] Checking npm-version on install
  • [ENHANCEMENT] Updated "skipAssets" regex to ignore query string


  • [ENHANCEMENT] Updated waterline to ~0.10.9
  • [ENHANCEMENT] Added new routesDisabled option for CSRF #2121
  • [ENHANCEMENT] Refactoring and cleanup.
  • [ENHANCEMENT] Switched from express3-handlebars to express-handlebars
  • [BUGFIX] Add missing require for async module #2101

0.10.4 and earlier?