v5.8.1

This patch fixes the following crash at startup:

System.IO.FileNotFoundException: 'Could not load file or assembly 'JetBrains.Annotations, Version=4242.42.42.42, Culture=neutral, PublicKeyToken=1010a0d8d6380325'. The system cannot find the file specified.'

Merged PRs

• Fix roundtrip of Parse/ToString for include query string parameters by @bkoelman in #1754
• Revert package update of JetBrains.Annotations by @bkoelman in #1755

Full Changelog: v5.8.0...v5.8.1

v5.8.0

Since we fixed the bug in v5.7.0 where pagination was not applied on included derived types, we received reports of slow query performance for complex queries on type hierarchies. This release provides various optimizations to address the problem:

• When pagination is turned off, implicit sort by ID is no longer added to the query.
• Redundant selectors are eliminated from the final query.
• Pagination can be turned off per relationship using [HasMany(DisablePagination = true)], which overrules global settings.

OpenAPI preview 3 includes the following enhancements:

• Non-JSON:API endpoints (both Controllers and Minimal APIs) are now included in the OpenAPI document.
• Calling AddOpenApiForJsonApi() no longer changes the expected content type for regular JSON:API requests.
• Improved error when AddJsonApi()/AddOpenApiForJsonApi() aren't called in the expected order.
• Refactored an internal workaround to support dotnet swagger, such that the workaround is no longer needed.
• Fixed error when concurrent requests download the OpenAPI document.

Merged PRs

• Log QueryLayer and LINQ expression at Debug level by @bkoelman in #1732
• Reduce complexity of QueryLayer after composition by @bkoelman in #1735
• Throw when AddOpenApiForJsonApi is called before AddJsonApi by @bkoelman in #1737
• Add note on included and pagination by @bjornharrtell in #1744
• OpenAPI: Show custom endpoints, fix content negotiation by @bkoelman in #1747
• OpenAPI tweaks and fixes by @bkoelman in #1748
• Enable to force-disable pagination per relationship by @bkoelman in #1750

Full Changelog: v5.7.1...v5.8.0

v5.7.1

This patch:

• Fixes a build error when using Kiota without any OpenAPI references.
• Fixes compatibility with MongoDB.
• Removes the Experimental attribute from the AddOpenApiForJsonApi extension method.
• Reverts an unintentional binary breaking change in QueryTokenizer.

Merged PRs

• Publish packages to feedz.io by @bkoelman in #1719
• Improve detection of collection element type by @bkoelman in #1720
• Fixed: build error after adding reference to JADNC.Kiota package by @bkoelman in #1721
• Remove Experimental attribute from AddOpenApiForJsonApi by @bkoelman in #1724

Full Changelog: v5.7.0...v5.7.1

v5.7.0

New features and enhancements

After years of work, we're finally ready to ship the first preview release of OpenAPI support for JSON:API!

Now you can generate a documentation website from your models. And generate typed client libraries using NSwag and Microsoft Kiota. See the documentation to get started. In this preview, all JsonApiDotNetCore features work with OpenAPI, except for the following:

• Custom controllers and custom action methods are ignored.
• Controllers that use ID obfuscation don't work.
• The usage of [DisableQueryString] on controllers is ignored.

As part of the OpenAPI work, basic support for third-party JSON:API extensions was added. We also introduced our own extension to enhance the OpenAPI experience.

Next to the existing IAtomicOperationFilter, IJsonApiEndpointFilter was added, which enables to remove controller action methods at runtime.

Breaking changes

• This version requires .NET 8 or higher, because official support for .NET 6 has ended.
• Properties on HeaderConstants have been obsoleted; see their message for the replacement.
• The relaxed form "atomic-operations" for the Atomic Operations JSON:API extension was renamed to "atomic" for consistency.

Bugfixes

• A proper error is now returned when the ID in a request body is an empty string or whitespace.
• Resource inheritance: Atomic operations enabled on a base type are implicitly enabled on all derived types.
• Resource inheritance: Pagination on included derived types wasn't being applied.
• Resource inheritance: A post-resource request with ?include used to fail.
• The calculation of the total resource count on a secondary/relationship endpoint could crash when resource definitions are involved.

Merged PRs

• Fixed: Produce error on invalid ID in request body by @bkoelman in #1593
• Basic support for third-party JSON:API extensions by @bkoelman in #1623
• Fix resource inheritance with atomic operations by @bkoelman in #1628
• Refactorings for JSON:API extensions to unblock OpenAPI support by @bkoelman in #1629
• Resource inheritance fixes by @bkoelman in #1641
• Content negotiation: Enable override of chosen media type when Accept header is missing by @bkoelman in #1644
• IJsonApiEndpointFilter: remove controller action methods at runtime by @bkoelman in #1646
• Drop support for .NET 6, test against .NET 9 by @bkoelman in #1656
• Breaking: rename relaxed form of Atomic Operations extension by @bkoelman in #1664
• Add note about shared models by @bkoelman in #1679
• Refactor internal-only JSON:API extensions support by @bkoelman in #1687
• Marshall JsonApiException thrown from JsonConverter by @bkoelman in #1690
• Fix invalid expression for total count on inverse relationship filter from resource definition by @bkoelman in #1711
• Merge experimental OpenAPI support into master by @bkoelman in #1716

Full Changelog: v5.6.0...v5.7.0

v5.6.0

New features and enhancements

Aside from a new logo (which was needed to enable dark mode on the documentation website), most of the changes involve unblocking our ongoing development of OpenAPI support for JSON:API. Please read the docs and give it a try (see the instructions for NSwag and Kiota), we'd love to hear your feedback.

• The describedby top-level link has been added, whose visibility can be configured at various levels. Its value can be set by implementing IDocumentDescriptionLinkProvider.
• Controller action methods have been enriched with [Required], pipeline methods with [DisallowNull] for id parameters.
• A relaxed variant of the atomic operations media type can be used, to workaround deficiencies in OpenAPI client generators.

Breaking changes

• When your project contains an atomic operations controller, earlier versions would always expose all operations for all resource types, despite the use of [Resource(GenerateControllerEndpoints = ...)] to constrain endpoints. The new behavior is to block operations whose endpoints are blocked using GenerateControllerEndpoints. If you're using custom controllers (or just want to override this default), implement IAtomicOperationFilter. To revert to the old behavior, use IAtomicOperationFilter.AlwaysEnabled.

Bugfixes

• Fix crash on empty query string parameter name. For example: http://localhost:5065/people?=.
• Fix percent-encoding of whitespace in response links. For example: equals(city,%27New York%27) equals(city,%27New%20York%27).
• Return empty object ({}) instead of { "data": null } in atomic operation results.
• Do not allow lid in atomic operations request when a client-generated ID is required.
• Take options.UseRelativeLinks into account when rendering HTTP Location header.

Merged PRs

• Replace CreateTupleAccessExpressionForConstant with simpler implementation by @bkoelman in #1469
• Don't crash on empty query string parameter name by @verdie-g in #1484
• Drop dependency on EF Core internals by @bkoelman in #1492
• Enable setting the "describedby" top-level link by @bkoelman in #1495
• Controller attribute changes by @bkoelman in #1503
• Move back [FromBody] and [Required] to derived controllers by @bkoelman in #1506
• Move [FromBody] back on base controllers, to prevent a breaking change by @bkoelman in #1508
• Revert "Resharper: Replace async method with Task return" by @bkoelman in #1513
• Add support for configuring the visibility of the "describedby" link by @bkoelman in #1516
• Fix whitespace in query string parameters within pagination links by @bkoelman in #1526
• New logo, dark mode on landing page by @bkoelman in #1549
• Allow relaxed Content-Type for atomic operations by @bkoelman in #1553
• Filter operations based on GenerateControllerEndpoints usage by @bkoelman in #1561
• Return Forbidden when operation is inaccessible, to match resource endpoint status code by @bkoelman in #1562
• Fixed: return empty object instead of data:null in operation results by @bkoelman in #1564
• Fixed: Do not allow the use of 'lid' when client-generated IDs are required by @bkoelman in #1581
• Fixed: send absolute/relative URL in location header, depending on options.UseRelativeLinks by @bkoelman in #1582
• Add [DisallowNull] on TId in pipeline parameters by @bkoelman in #1583

Full Changelog: v5.5.1...v5.6.0

v5.5.1

This patch eliminates building an intermediate ServiceProvider at startup, which unblocks usage in Aspire (more specifically, its usage of AddNpgsqlDataSource) and improves Serilog compatibility.

Furthermore, this patch makes methods on FilterParser overridable, which enables plugging in custom parsing of constant values (text surrounded by single quotes) inside a filter query string value.

Merged PRs

• Allow to override valueconverter on FilterParser by @bjornharrtell in #1401
• Remove building an intermediate service provider at startup by @bkoelman in #1431

Full Changelog: v5.5.0...v5.5.1

v5.5.0

New features and enhancements

• This release adds support for .NET 8 and Entity Framework Core 8.
• A new example was added that uses Dapper instead of Entity Framework Core. It demonstrates how to produce SQL for nearly all JSON:API features, such as side-loading related resources and compound nested filters, as well as applying resource changes and atomic operations. The produced SQL works on PostgreSQL, MySQL, and SQL Server.
• We now use TryAdd[Singleton/Scoped/Transient] internally, which makes it easier to replace built-in dependencies with your own.

Bugfixes

• Fix crash on atomic operations request when trace logging is turned on.

Merged PRs

• Make it easier to register custom services in the IoC container by @bkoelman in #1352
• Example to produce SQL without Entity Framework Core! by @bkoelman in #1361
• Fix crash on operations requests when trace logging is turned on by @bkoelman in #1396
• Multi-target against .NET 6 and .NET 8 by @bkoelman in #1349

Full Changelog: v5.4.0...v5.5.0

v5.4.0

New features and enhancements

• The usage of client-generated IDs can now be overruled per resource type. The new choices are: Forbidden/Allowed/Required (both per type and globally). See the documentation for details.
• New example for using generic scopes-based authorization (see here).
• Continuous integration builds use GitHub Actions on Windows, Ubuntu and macOS. This includes dependabot updates and CodeQL vulnerability scanning. It comes with a new NuGet feed for trying out the latest builds.
• You can now sponsor our project with one-time and monthly donations.

Breaking changes

The boolean AllowClientGeneratedIds in options has been obsoleted in favor of the new IJsonApiOptions.ClientIdGeneration (see above)

Bugfixes

• Correct examples in the documentation for AddJsonApi calls.
• Correct nullability in the return value of the QueryExpressionRewriter.VisitResourceFieldChain method.
• Change inheritdoc usage to correct IntelliSense/documentation on classes.
• Sanitize user input to prevent a malicious user from forging log entries.

Merged PRs

• Docs: Add missing parameter name to AddJsonApi calls by @bkoelman in #1296
• Add example for scopes-based authorization by @bkoelman in #1303
• Replace AppVeyor with GitHub Actions by @bkoelman in #1294
• Client-generated IDs per resource type by @bkoelman in #1305
• Add sponsoring by @bkoelman in #1340

Full Changelog: v5.3.0...v5.4.0

v5.3.0

New features and enhancements

This release opens up query string parsing plus LINQ expression building for extensibility. This means that you can now define and plug in your own functions, available for use in query strings. Also, errors for invalid query string values now include the failure position, along with the ^ marker. See #1286 for details and examples.

Breaking changes

Related to the above, the query string parsers, LINQ builders, and RuntimeTypeConverter have been moved out of .Internal namespaces.

Bugfixes

• Do not execute unneeded SQL query in 1-to-1 relationship update, which fails on EF Core 8 preview.
• Query strings: do not allow comparison of count() with null; do not treat null as a possible field name.

Merged PRs

• Package updates by @bkoelman in #1274
• Corrected HTTP method in updating.md by @boginw in #1278
• Remove workaround for RSRP-491451 by @bkoelman in #1276
• Add sponsor credits by @bkoelman in #1292
• Fix exception thrown by EF Core 8 preview by @bkoelman in #1289
• Extensible query string functions by @bkoelman in #1286

New Contributors

• @boginw made their first contribution in #1278

Full Changelog: v5.2.0...v5.3.0

v5.2.0

Enhancements

• Improve resource change tracking performance.
• Improve performance of response serialization for large number of included resources.
• Auto-feed includes from query string to the serializer when custom resource service is used.
• Refreshed examples: connection strings, API namespaces, seed with sample data, use long IDs, detailed logging.
  • NoEntityFrameworkExample now uses a hardcoded in-memory dataset, demonstrating how to implement a custom read-only resource service and resource repository, which compiles the produced LINQ query and executes it against the dataset.
• Harden Attr/Relationship attributes against invalid input.
• Updated Ember sample to use latest versions and include tests. Special thanks to @briarsweetbriar and @rtablada!

Bugfixes

• On secondary endpoint, the incoming filter from query string was not applied when determining total resource count via inverse relationship.
• A duplicate trailing slash was rendered in Location header when request path ended with a slash.
• Minor corrections in documentation.
• Do not emit unused namespace import in controller source generator.
• Use deterministic culture when converting to string.
• Fixes for using include and fields with EF Core owned entities.

Breaking changes

• Minor changes in the QueryExpression model shape, to make it easier to understand and consume.
• Removed resource ID from error message, as the error is unrelated to any specific record.
• Disable EF Core Change Tracking on read-only requests (can be reverted by overriding a virtual method on the resource repository).

Merged PRs

• Fixed: incorrect meta:total on secondary endpoint with filter by @bart-vmware in #1259
• Query tweaks by @bkoelman in #1257
• Fix namespace imports in controller source generator by @bkoelman in #1261
• Improve serializer performance by @bkoelman in #1265
• Use deterministic culture when converting to string by @bkoelman in #1267
• Update examples by @bkoelman in #1269
• Harden Attr/Relationship attributes against invalid input by @bkoelman in #1268
• Fixes for EF Core owned entities by @bkoelman in #1272

Full Changelog: v5.1.2...v5.2.0