@resin/pinejs/CHANGELOG.md

Pine.js is a sophisticated rules-driven API engine that enables you to define rules in a structured subset of English. Those rules are used in order for Pine.js to generate a database schema and the associated [OData](http://www.odata.org/) API. This make

# Change Log

All notable changes to this project will be documented in this file
automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY!
This project adheres to [Semantic Versioning](http://semver.org/).

## v8.1.1 - 2018-07-19

* Fix adding permissions for `getAffectedIds` #182 [Pagan Gazzard]

## v8.1.0 - 2018-07-11

* Add `getAffectedIds` which can be used to get a list of ids a request will affect. #181 [Pagan Gazzard]

## v8.0.1 - 2018-06-25

* Fix a promise was not returned from handler warning when using end/rollback listeners. #180 [Pagan Gazzard]

## v8.0.0 - 2018-06-24

* Move pg settings to env.ts #179 [Pagan Gazzard]
* Standardise the api key cache settings location. #179 [Pagan Gazzard]
* Only apply the user's actor to user permissions and api key actor to api key permissions, and block actor ids for guests completely. #179 [Pagan Gazzard]
* Switch from `$ACTOR.ID` to the more standard `@__ACTOR_ID` for the actor id parameter. #179 [Pagan Gazzard]
* Reduce the number of calls to `getPermissionsLookup` by passing around the already fetched permissions lookup object. #179 [Pagan Gazzard]
* Reuse the odata parsing memoisation between the uri-parser and permissions checking #179 [Pagan Gazzard]
* Memoize the rewriting of odata options #179 [Pagan Gazzard]
* Convert permissions to being applied at the SQL level via definitions where possible, rather than via merging OData filters. #179 [Pagan Gazzard]

## v7.4.0 - 2018-06-08

* Add support for string bind keys #178 [Pagan Gazzard]

## v7.3.4 - 2018-06-07

* Removed broken link for clarity #177 [Rich Bayliss]

## v7.3.3 - 2018-05-18

* Update dependencies. #176 [Pagan Gazzard]

## v7.3.2 - 2018-05-17

* Reduce the default max size for permissions lookup to 5000 #175 [Pagan Gazzard]

## v7.3.1 - 2018-05-10

* Memoize the replacement of `$ACTOR.ID` as part of getting the permissions lookup object. #174 [Pagan Gazzard]

## v7.3.0 - 2018-05-08

* Add typed errors for the primary http response statuses #172 [Thodoris Greasidis]

## v7.2.1 - 2018-05-07

* Fix missing env requires. #173 [Pagan Gazzard]

## v7.2.0 - 2018-05-04

* Add a setting for max cache entries for the odata to abstract sql cache, and default to 10000. #170 [Pagan Gazzard]
* Add a setting for max cache entries for the odata to abstract sql cache, and default to 10000. #170 [Pagan Gazzard]
* Add a setting for max cache entries for the odata parsing cache, and default to 100000. #170 [Pagan Gazzard]
* Add a setting for max cache entries for the parsing permissions cache, and default to 100000. #170 [Pagan Gazzard]
* Add a setting for max cache entries for the permissions lookup cache, and default to 10000. #170 [Pagan Gazzard]
* Increase the default max apiKey permissions cached to 10000 #170 [Pagan Gazzard]
* Convert env.coffee to typescript #170 [Pagan Gazzard]

## v7.1.2 - 2018-05-03

* Remove unused dependencies #169 [Pagan Gazzard]

## v7.1.1 - 2018-05-02

* Remove ometajs loader registration, since we use a separate build step now. #166 [Pagan Gazzard]

## v7.1.0 - 2018-05-02

* Add a model compilation cache to improve startup times. #167 [Pagan Gazzard]

## v7.0.2 - 2018-05-01

* Switch types to using generated declaration files, this solves issues where the global typings we use are unavailable for dependent typescript projects. #165 [Pagan Gazzard]

## v7.0.1 - 2018-04-30

* Add node 10 to the test matrix. #163 [Pagan Gazzard]

## v7.0.0 - 2018-04-30

* Remove the callback interface from `checkPermissions`, which greatly simplifies the code. #149 [Pagan Gazzard]
* Remove unused callback interface for `_getGuestPermissions` #149 [Pagan Gazzard]
* Update the abstract-sql chain to a version that uses the resource name for references files rather than the table name #149 [Pagan Gazzard]
* Cache the modified fields as part of the abstractSqlQuery compilation #149 [Pagan Gazzard]
* Remove the database-layer callback interface, simplifying the code. #149 [Pagan Gazzard]
* Convert most of the database layer to using prototype functions rather than bound functions #149 [Pagan Gazzard]
* Use `Object.freeze` to prevent mutating the cached abstract sql which allows us to skip a costly Object.freeze #149 [Pagan Gazzard]
* Update to abstract-sql-compiler which now generates native postgres bindings. #149 [Pagan Gazzard]
* Remove special handling for arrays in the pg layer, node-pg support array binds now. #149 [Pagan Gazzard]
* Remove the ability to use `undefined` to generate a default value, as undefined can't exist in tthe JSON body anyway. #149 [Pagan Gazzard]
* Change the `rows` property of a db result from a websql-like format to a standard array. #149 [Pagan Gazzard]
* Generate es2015 output, dropping support for node 4. #149 [Pagan Gazzard]
* Return a 401 when a POST fails to create any resources. #149 [Pagan Gazzard]
* Fix prettifying db errors, making the thrown constraint errors a bit nicer again. #149 [Pagan Gazzard]
* Update to pinejs-client-core 5.x #149 [Pagan Gazzard]
* Cancel any ongoing work when the request/response is closed. #149 [Pagan Gazzard]
* Change `db.transaction` to take a fn that after completing will automatically close/rollback the transaction, handling cancellation nicely #149 [Pagan Gazzard]
* Add rollback function for hooks that perform side-effects. #149 [Giovanni Garufi]

## v6.10.9 - 2018-04-26

* Generate a lookup object for permissions and use it to speed up checking permissions. #161 [Pagan Gazzard]

## v6.10.8 - 2018-04-26

* Generate local and fetch processing fields caches as part of executing the model, avoiding the need to generate them on the fly later. #160 [Pagan Gazzard]

## v6.10.7 - 2018-04-26

* Memoize resolveSynonym as it's called very regularly #162 [Pagan Gazzard]

## v6.10.6 - 2018-04-19

* Remove the delayed sql compilation for batch requests with content references as only the execution needs to be delayed. #157 [Pagan Gazzard]

## v6.10.5 - 2018-04-17

* Avoid fetching the full response on internal POSTs where possible #156 [Pagan Gazzard]

## v6.10.4 - 2018-04-06

* Avoid the work of defining a property if there are no hooks that will use it. #153 [Pagan Gazzard]

## v6.10.3 - 2018-04-06

* Avoid running `bindDefaultValues` for postgres since the postgres bind handling already handles it #152 [Pagan Gazzard]

## v6.10.2 - 2018-04-06

* Switch to using the array form for _.get, improving performance in a hot function. #151 [Pagan Gazzard]

## v6.10.1 - 2018-04-05

* Fix getStackTrace to respect the DEBUG setting correctly, and use _.noop for the noop version. #150 [Pagan Gazzard]

## v6.10.0 - 2018-04-03

* Add grunt command to build and copy out folder to target directory. #143 [Giovanni Garufi]

## v6.9.7 - 2018-03-29

* Add the $ prefix to all pinejs-client options since the automatic prefixing is deprecated #148 [Pagan Gazzard]

## v6.9.6 - 2018-03-29

* Remove references to pinejs being private from the docs as it's been public for a while #146 [Pagan Gazzard]

## v6.9.5 - 2018-03-29

* Fix rethrowing a nicer db error. #147 [Pagan Gazzard]

## v6.9.4 - 2018-03-28

* Switch to using `tapCatch` instead of manually rethrowing where possible #144 [Pagan Gazzard]

## v6.9.3 - 2018-03-22

* Simplify creating transactions #141 [Pagan Gazzard]

## v6.9.2 - 2018-03-22

* Avoid memoising the bind length in parsePermissions, allowing a higher cache hit rate and lower memory usage. #140 [Pagan Gazzard]

## v6.9.1 - 2018-03-19

* Return a rejected promise rather than killing the process when failing to connect. #138 [Pagan Gazzard]

## v6.9.0 - 2018-03-14

* Update @resin/odata-parser, @resin/odata-to-abstract-sql, @resin/sbvr-types, and pinejs-client #137 [Pagan Gazzard]

## v6.8.1 - 2018-03-13

* Remove _getPermissions cache as it had far too many combinations. #136 [Pagan Gazzard]

## v6.8.0 - 2018-03-06

* Memoise basic odata queries. #135 [Pagan Gazzard]

## v6.7.1 - 2018-03-06

* Fix some lint errors. #134 [Pagan Gazzard]

## v6.7.0 - 2018-03-03

* Only create errors for nice stack traces in debug mode due to the overhead it causes #130 [Pagan Gazzard]

## v6.6.3 - 2018-03-03

* Fix permissions memoisation #133 [Pagan Gazzard]

## v6.6.2 - 2018-03-02

* Memoise checking the permissions that apply to the current request #128 [Pagan Gazzard]

## v6.6.1 - 2018-03-02

* Memoise getting hooks for the request #126 [Pagan Gazzard]

## v6.6.0 - 2018-03-02

* Add a forbidden error type that results in a 403 http error code #132 [Andreas Fitzek]

## v6.5.1 - 2018-03-02

* Move search path setting to be run once in a pool hook on client creation, rather than for each transaction #127 [Pagan Gazzard]

## v6.5.0 - 2018-02-22

* Add a `returnResource` option to POST requests, which when set will return only the id in the response and save fetching the entire result #123 [Pagan Gazzard]

## v6.4.3 - 2018-02-22

* Switch to using memoizee instead of bluebird-lru-cache #122 [Pagan Gazzard]

## v6.4.2 - 2018-02-22

* Cache the api key's actor id along with its permissions, meaning we don't have to continually refetch it. #121 [Pagan Gazzard]

## v6.4.1 - 2018-02-09

* Simplify `runTransaction` #120 [Pagan Gazzard]

## v6.4.0 - 2018-01-31

* Export sbvr-api errors #119 [Thodoris Greasidis]

## v6.3.4 - 2018-01-29

* Propagate the error message of BadRequestErrors #118 [Thodoris Greasidis]

## v6.3.3 - 2018-01-24

* Fix backwards incompatible change introduced by #109 #114 [Pagan Gazzard]

## v6.3.2 - 2018-01-12

* Delete hooks from the external req object after setting them on the internal request. This prevents hooks by being collected twice in runHook #112 [Giovanni Garufi]

## v6.3.1 - 2018-01-11

* Fix missing argument in translateUri function #110 [Giovanni Garufi]

## v6.3.0 - 2018-01-11

* Save request specific hooks on the request object so they don't get mixed up in batch requests. #101 [Giovanni Garufi]

## v6.2.0 - 2018-01-10

* Add generic `canAccess` action for every resource #98 [Andreas Fitzek]

## v6.1.0 - 2018-01-09

* Expose `permissions.addPermissions` so it is possible to add permissions directly #102 [Pagan Gazzard]

## v6.0.0 - 2018-01-09

* Store the abstract SQL model for a request on the request object, and use it when resolving navigations and synonyms. #106 [Pagan Gazzard]

## v5.3.2 - 2018-01-09

* Use get/set properties to define a passthrough for the fake filter objects to the real ones so that permissions are applied correctly. #109 [Pagan Gazzard]

## v5.3.1 - 2018-01-05

* Update dependencies #107 [Pagan Gazzard]

## v5.3.0 - 2018-01-04

* Allow hooks to generate a custom abstractSqlQuery that will be used instead of generating our own. #105 [Pagan Gazzard]

## v5.2.19 - 2018-01-04

* Improve error message when resolving a navigation resource fails because we find a direct field rather than a navigation #104 [Pagan Gazzard]

## v5.2.18 - 2018-01-04

* Remove undefined values from the body of internal requests to match what happens during an external/http request #103 [Pagan Gazzard]

## v5.2.17 - 2017-12-11

* Publish the available typings #97 [Pagan Gazzard]

## v5.2.16 - 2017-11-29

* Set up circleci auto-publishing #96 [Pagan Gazzard]

## v5.2.15 - 2017-11-26

* Improve error message when api key permission checking fails, and just use no permissions for that case rather than rejecting the entire check. #95 [Pagan Gazzard]

## v5.2.14 - 2017-11-20

* Guarantee that any error returned from the settle functions is an error object, this fixes later code that checks if an error was returned by using `_.isError` #94 [Pagan Gazzard]

## v5.2.13 - 2017-10-25

* Convert control-flow to typescript #83 [Pagan Gazzard]

## v5.2.12 - 2017-10-20

* Add a circle.yml to test on CircleCI #90 [Pablo Carranza Velez]

## v5.2.11 - 2017-10-19

* Clone the abstract sql tree before returning to ensure hooks cannot mutate and pollute the cache #88 [Pagan Gazzard]

## v5.2.10 - 2017-10-11

* Added Apache-2.0 license and updated repository link in package.json #81 [Giovanni Garufi]

## v5.2.9 - 2017-10-09

* Update lf-to-abstract-sql to ^1.0.3 to include fixes #87 [Pagan Gazzard]

## v5.2.8 - 2017-10-02

* Added test and build scripts to package.json, making it easier to build pinejs #86 [Pagan Gazzard]

## v5.2.7 - 2017-10-02

* Improve the error message when failing to resolve a navigation by using the name the user provided rather than the resolved name #84 [Pagan Gazzard]

## v5.2.6 - 2017-09-27

* Update typescript to ^2.5.3 #80 [Giovanni Garufi]

## v5.2.5 - 2017-09-27

* Improve error message when trying to resolve an invalid navigation #79 [Pagan Gazzard]

## v5.2.4 - 2017-09-25

* Fix error where we used a fat arrow function but we needed standard function semantics. #78 [Pagan Gazzard]

## v5.2.3 - 2017-09-25

* Convert extended-sbvr-parser to typescript #77 [Pagan Gazzard]

## v5.2.2 - 2017-09-22

* Added Advanced Usage guide and improved docs #28 [Giovanni Garufi]

## v5.2.1 - 2017-09-22

* Added permission check on resource involved in OData filters #63 [Giovanni Garufi]

## v5.2.0 - 2017-09-22

* Convert db to typescript #57 [Pagan Gazzard]

## v5.1.5 - 2017-09-21

* Remove an unnecessary warning #76 [Pagan Gazzard]

## v5.1.4 - 2017-09-21

* Add some missing migration steps #75 [Pagan Gazzard]

## v5.1.3 - 2017-09-20

* Rework the checking if a rule is affected to be clearer about the reasoning for each case and fix a couple #67 [Pagan Gazzard]

## v5.1.2 - 2017-09-20

* Use Promise.mapSeries to run migrations #74 [Cameron Diver]

## v5.1.1 - 2017-09-20

* Update lf-to-abstract-sql to guarantee including the negation fix. #73 [Pagan Gazzard]

## v5.1.0 - 2017-09-19

* Fixed rule validation that would fail with unbound values #71 [Akis Kesoglou]

## v5.0.3 - 2017-09-04

* Disable affected rule optimisation to guarantee all relevant rules are always run, guaranteeing the database cannot enter an invalid state #68 [Pagan Gazzard]

## v5.0.2 - 2017-09-04

* Fix check for matching fields when deciding if a rule needs to run. #66 [Pagan Gazzard]

## v5.0.1 - 2017-08-31

* Added versionist #65 [Giovanni Garufi]

## v5.0.0

* Converted sql-binds to typescript
* Updated sbvr-parser to ^0.1.0
* Updated lf-to-abstract-sql to ^1.0.0
	* Breaking: verbs are now included in field names (except for `has`), eg `pilot can fly plane` now creates a field called `can fly-plane` instead of `plane`, allowing multiple relationships between two terms
	* Adds relationship and synonym info to the generated abstract sql for odata-to-abstract-sql to use
* Updated odata-to-abstract-sql to ^1.0.0, which supports lf-to-abstract-sql v1.0.0
	* Breaking: table names now use ` ` rather than `_` within terms and verbs and `-` between them (matching the way fields are named)
	* Breaking: requires verbs to specify the relationship between two terms, eg `pilot/plane` becomes `pilot/can_fly__plane`
	* Adds support for synonym and synonymous form usage, which makes it possible to specify the direction of a relationship for self-referential fields.
* Removed abstract-sql-to-odata-schema as it is no longer needed, since the abstract-sql now has all the info necessary.

## v4.0.0

* Changed permission name to text, to allow unlimited length permissions
* Separated out the client
* Added OData batch support
* Added the ability to pass a custom properties object through the internal api that will be available as `req.custom` in any hooks.
* Only run rules if a field they query has been attempted to be changed.
* Updated pinejs-client to ^4.0.0
* Converted src/server/src/server-glue/server.coffee to typescript.
* Converted src/server/src/passport-pinejs/passport-pinejs.coffee to typescript.
* Converted src/server/src/server-glue/module.coffee to typescript.
* Added support for typescript within pinejs.

## v3.5.2

* Use a proper $count in pinejs-session-store.
* Use PATCH rather than PUT to update models to avoid issues with db layers that don't support `SET x = DEFAULT`
* Use null-loader for pg/lib/connection-parameters in browser builds to avoid a webpack warning.
* Update to jquery-ui ^1.12.1 and rely on the `main` in package.json for resolution so it can stay up to date.

## v3.5.1

* Add a .npmignore to make sure the output folder isn't ignored on publishing.

## v3.5.0

* Compile all of the common/server coffee-script at prepublish time, so that it doesn't need to be compiled by dependents.
* Use `process.exit(1)` when exiting abnormally
* Don't try to register the coffee-script loader if one already exists, it allows for using custom coffee-script loaders.

## v3.4.0

* Map permissions in serial to make sure binds are always added in the same order/location to aid cache hits.
* Avoid even loading the SBVRServer and http-transactions code in the cases where they're disabled
* Always register the .sbvr and .ometajs handlers when running in nodejs

## v3.3.1

* Fixed a typo in unique constraint violation error message.

## v3.3.0

* Fixed unique constraint violation error message.
* Updated coffee-script to ~1.12.2
* Updated pinejs-client to ^3.0.0
* Updated dev/bower dependencies

## v3.2.0

* Updated lf-to-abstract-sql to v0.0.19 to include the concept types optimisation.

## v3.1.1

* Fixed expanding foreign keys where the foreign key attribute was on the other resource.

## v3.1.0

* Skip attempting to apply field processing if there are no fields needing it.
* Added caching for the lists of expandable fields and fields requiring processing.
* Removed the try/catch in uri parsing, allowing v8 optimisation
* Improved error messages when uri parsing fails

## v3.0.0

* Reimplemented memoisation of the permissions partial parse which was removed in the bind vars update. (test case went from ~2.9s warm to ~2.6s warm)
* Updated odata-to-abstract-sql and added memoisation of the translate step. (test case went from ~3.2s warm to ~2.9s warm)
* Update to odata-parser/odata-to-abstract-sql/abstract-sql-compiler versions with support for odata binds and use it to memoise the abstract sql compilation step (test case went from ~8.4s warm to ~4.3s warm).

## v2.3.1

* Allow passing userId as a numeric string to `getUserPermissions`.

## v2.3.0

* Converted sql binds parsing from ometa to coffeescript, it reduces my test case (matching production usage) from ~1300ms to ~100ms
* Used webpack's resolve.extensions to remove the need for adding .coffee to require calls.
* Updated pg to ^6.0.0 and use an explicit pool.
* Updated memoizee
* Updated dev dependencies.
* Update documentation
* Fix use of multer in server builds

## v2.2.0

* Updated sbvr-parser and lf-to-abstract-sql to add support for concept types on term form fact types.

## v2.1.1

* Fixed getting api key actor ids
* Fixed the 2.0-add-actors migrations

## v2.1.0

* Updated odata-to-abstract-sql and switch to using `setClientModel` to have it shorten aliases when necessary.
* Fixed invalid permission filters not being rejected.
* Return result for $count
* Updated to abstract-sql-compiler 2.1.0
* Updated to odata-parser 0.1.10
* Updated to odata-to-abstract-sql 0.3.5

## v2.0.0

* Return a 400 error when a request ends fails SBVR model validation (previously 404).
* Switched to adding users/permissions after a model and it's migrations are run, this makes it much easier to migrate permissions.
* Added a concept of actors and switched the permission filter `$USER.ID` magic to be `$ACTOR.ID`
* Updated to abstract-sql-compiler 2.0.0, meaning empty strings are no longer treated as null.
* Dropped expressjs3 compatibility, fixing deprecated notices on expressjs4.
* Added expiry date fields onto the permissions system.

## v1.4.2

* Updated minimum odata-to-abstract-sql to v0.3.4 in order to bring in support for self-referencing resources (eg application depends on application)

## v1.4.1

* Added PREPARSE hooks and use them in the permissions module in order to be backwards compatible with the behavior in <1.4.0

## v1.4.0

* Isolated the http transactions code purely into a module so it is optional.
* Separated permissions into a mostly isolated module, using proper hooks instead of hardcoded hooks.
* Added support for 'all' hooks on the api and method levels.
* Switched to throwing specific errors for unique/foreign key/general constraint errors, rather than always just a generic database error.
* Converted cases of throwing strings into throwing error objects.
* Separated out the api key permissions cache settings so they can be overridden if need be.

## v1.3.0

* Updated odata-parser, odata-to-abstract-sql, and abstract-sql-compiler to add support for date/time functions and some bugfixes.
* Added memoisation for permission filter generating.
* Simplified permission filter checking.
* Respond with 400 Bad Request to malformed odata queries.
* Avoid recreating the collapse function.
* Separated out the OData schema generation.

## v1.2.0

* Updated to pinejs-client ^2.3.1 and remove deprecated uses of it.

## v1.1.0

* Added express 4 compatibility.

## v1.0.5

* Fixed 'all' hooks overriding resource hooks.
* Fixed `read` permission for $expands.

## v1.0.3

* Updated to lodash 4
* Updated pinejs-client to ^2.1.1 to make sure the escaping fix is included.
* The OData functions `startswith` and `endswith` are now correctly `(haystack, needle)` instead of `(needle, haystack)`
* Changed the 'POSTPARSE' hook to run immediately after the uri parsing, before any permissions are added.
* Added support for hooks on the 'all' resource, which will be run for any resource.
* Updated to bluebird 3.

## v0.6.4

* Updated odata-to-abstract-sql to ~0.3.0 and abstract-sql-compiler to ~0.4.2.
* Added bower to the local dependencies.

## v0.6.3

* Update odata-to-abstract-sql to ~0.2.6 to guarantee the $expand($expand) fix is available.

## v0.6.2

* Now returns 201 with `{ id }` instead of 401 when creating a resource without permission to read it.

## v0.6.1

* Updated abstract-sql-compiler and switched to using it for schema generation.

## v0.6.0

* Removed the default root permissions for internal requests, you must now explicitly specify them.

## v0.5.6

* Pass an `api` instance to hooks, which is bound to the same user and transaction scope as the original request.

## v0.5.5

* Added `authorizationMiddleware` and `customAuthorizationMiddleware` middlewares which allow supporting the passing api keys via an `Authorization` header.
* Add the following additional permissions: read, create, update.  These can be used for finer grained permission and also to allow specifying permissions via the CRUD names.

## v0.5.4

* Switched to using npm private packages rather than private git repo links.
* Updated package.json to specify that nodejs 0.12 is also supported.

## v0.5.3

* Update passport to ^0.2.1 and passport-local to ^1.0.0
* Expose the initialisation promise from server.coffee so that it is possible to wait on it.
* Fix in-browser server.

## v0.5.2

* Updated sbvr-types to v0.1.2

## v0.5.1

* Updated odata-to-abstract-sql to v0.2.4

## v0.5.0

* Config loader will directly use the customServerCode entry if it is an object.
* Config loader no longer tries to use requirejs to load the custom server code - it only uses require now.
* Removed the requirejs param from the custom code setup function.
* Added support for falling back to bcryptjs if bcrypt isn't available (eg in the browser)
* Added support for $expand options (eg $expand=resource($filter=id eq 1))
* Added support for "It is forbidden that.." in the sbvr parser.
* Updated lodash to ^3.0.0
* Updated coffee-script to ~1.9.0
* Updated postgres to ^4.0.0
* Updated mysql to ^2.1.0
* Updated express to ^4.11.2
* Updated pinejs-client to ^1.0.0
* Fixed issues with auto incrementing fields on mysql/websql.
* Permission filters are now applied to `$expand`s as well.
* Improved error messages, particularly for config.json users/custom code loading errors.
* Moved express, mysql, passport, passport-local, and pg to optional dependencies, as they are indeed optional.
* Fixed certain combinations of permission filters failing to translate.
* Added support for loading config.json via absolute paths
* Added support for loading pinejs via npm

## v0.4.5

* Fix a `ReferenceError: logger is not defined` when compiling abstract sql fails.
* Update abstract-sql-compiler to v0.2.1 which properly supports null comparisons.
* Fix visualisation of vocabularies containing term forms.
* Fix visualisation links not appearing if you go to the LF tab first.

## v0.4.4

* Fix a `"Cannot parse required checks: false"` error that could happen with permission checking if api key or guest permissions returned `false`.
* Update pinejs-client-js to v0.3.1 which supports true/false/null filters, making them easier to use.

## v0.4.3

* Update odata-parser and odata-to-abstract-sql to add support for true/false/null in OData filters.

## v0.4.2

* Update bcrypt to ~0.8.0
* Update bluebird to ~2.3.11
* Update bluebird-lru-cache to ~0.1.2
* Update coffee-script to ~1.8.0
* Updated odata-to-abstract-sql and abstract-sql-compiler to add support for $filter on PUT requests and enhanced security.
* Update lf-to-abstract-sql to add support for setting foreign keys nullable in a term form.

## v0.4.1

* Update odata-to-abstract-sql and abstract-sql-compiler to add support for CASTing bind vars to the correct type when necessary (avoids issues in cases where implicit casts failed)

## v0.4.0

* All instances of `platform`/`rulemotion-canvas` have been renamed to `pinejs`
* __model is no longer sent on GET requests to a resource.
* `ConfigLoader.loadNodeConfig` has been removed (use `ConfigLoader.loadApplicationConfig` instead)
* Correctly process expanded results again (an update to `node-pg` made the `JSON.parse` unnecessary and hence fail).
* Update to pinejs-client-js v0.3.0, this adds greatly enhanced filter support.
* Support has been added for filters on POST requests.

## v0.3.11

* Update resin-platform-api to v0.2.5
* Add an `sbvrUtils.apiKeyMiddleware` connect middleware that can be used to fetch the permissions of an api key on the request and add them to `req.apiKey`.

* Add support for running migrations before a model executes:
	* Can specify `migrations` or a `migrationsPath` in config.json
	* Migrations which haven't been executed will run in order before the model is executed

## v0.3.10

* Added a PRERESPOND hook for manipulating the response to OData queries

* Update sbvr-types to v0.0.2, fixes issues with:
	* Saying max length of a string is 255 even if it is actually another value.
	* Sending a colour object to the api.
	* Sending an invalid JSON string to a JSON field.
* Add a __resourceName property in the response to running a rule, so you know what resource you are dealing with.

* Built-in web server now logs all requests it receives - not just OData requests

* Increase default transaction timeout from 5s to 10s

* configLoader.loadNodeConfig has been renamed to configLoader.loadApplicationConfig

## v0.3.9

* SQL queries are only logged when debugging
* Dev model .log output is now suppressed
* TRANSACTION_TIMEOUT_MS environment variable can be used again

## v0.3.8

* PlatformSessionStore is now exported from module build

## v0.3.7

* Adds a new 'module' build type, which allows you to:
	* Configure your own express application
	* Use the platform as a library, rather than having your app loaded as custom code

* Added support for `and`/`or` within SBVR rules.
* Fix bower requirejs to v2.1.9 as later versions break the platform client-side (due to shim dependencies not working correctly)

## v0.3.6

* Fix internal POST requests that are run within a passed in transaction, introduced in v0.3.4.

## v0.3.5

* Custom code modules no longer have to define a setup() method

## v0.3.4

* Enable disabling the default platform login/logout handling with the `DISABLE_DEFAULT_AUTH` env var.
* POST requests now include the whole entity in the response.
* Expose `{ app, sbvrUtils }` on the built `platform.js`, meaning you can require it in order to get access to these objects.

## v0.3.3

* Changed config-loader to return 200 for any OPTIONS requests on the API endpoints it sets up.
* Added an LRU cache for API key permissions - improves performance for repeated requests using the same API key.

## v0.3.2

* Add API hooks entry for OPTIONS
* Fixed an error when handleODataRequest was called from a method it did not recognise for API hooks.
* Properly send a 405 for unsupported methods.
* Handle responding to an OPTIONS request, and use the model permission for it (since it's a metadata request)

## v0.3.1

* Updated pg to v3.3.0
* Update bluebird to v2.2.1
* Improved performance of SQL queries when we do not need to bind any default values.
* Improve performance of creating a transaction.
* Improve performance of all PostgreSQL queries and any SQL queries that bind default values.
* Improve the performance of PostgreSQL queries when there are no binds in the SQL.

## v0.3.0

* Change runURI signature from `(method, uri, body = {}, tx, callback) ->` to `(method, uri, body = {}, tx, req, callback) ->`, where if `req` is an object then it will have its `user` property used for permission checking rather than using the default of full permissions if it's not an object.
* Update sbvr-parser to v0.0.12
	* Fixes an error being logged when trying to get hints for the verb part of a new fact type
	* Fixes rule-like definitions for terms and names
* Fix an issue where api keys that looked like valid user ids were treated as a user id.
* Replaced `runGet`, `runPost`, `runPut`, and `runDelete` with a new middleware called `handleODataRequest` that can be used in their place.
* Updated bluebird to v2.1.3
* The `checkPermissions` function had its `res` argument removed.
* Added API hooks facilities via `sbvrUtils.addHook` with the following hook points:
	* POSTPARSE
	* PRERUN
	* POSTRUN
* In the case of trying to respond to a request with an `Error` instance, we instead send the `message` property instead, as it's generally much more useful.

## v0.2.29

* Update ometa-js to ~1.3.0 and use the new line by line highlight option, which removes the need for the custom codemirror change and also updates to work with the latest codemirror (including a switch to the newer hinting module).
* Update codemirror to v4.2.0 and load it from bower now that a custom change is no longer needed.
* Use a SQL hinter for the database import/export tab.
* Improve generic error messages returned for foreign/unique key violations in cases where detailed info cannot be obtained.

## v0.2.28

* Add support for a TRANSACTION_TIMEOUT_MS env var, that specifies how long before a transaction is automatically closed (via a rollback).
* Use error codes to detect the error type for postgresql, this makes the checking much more resilient.
* Updated bluebird to ~1.2.4

## v0.2.27

* sbvrUtils.executeModel and sbvrUtils.executeModels now expect a model object, rather than vocabulary name/sbvr text.
* Improved constraint failure checks for WebSQL.
* 500 errors are now used correctly, rather than incorrect 50x variants.
* PUT requests are now correctly rolled back on a rule violation
* Database errors (that are not related to constraints) now return a 500 and no longer leak the error to the client.
* Logging levels can now be configured on a per-model basis.
* Session model requests now only log errors.