To support newer scenarios that are Microsoft-specific for automating
some types of team membership, this adds new extension points to
evaluate team join request conditions sooner in the middleware and
pipeline.
Also augments the JSON for client APIs about the team(s) to allow
inserting company-specific configuration or state into those responses.
- Removes CENTRAL_OPERATIONS_TOKEN
- System teams - open access
- adds open access concept, which is a broad access team anyone in the org can join without approval
- open access teams are not recommended the same way as broad access teams during new repo setup
- TypeScript: prefer types to interfaces
- GitHub Apps and REST APIs:
- Simplifying bound function calls
- Relocated app and token management files
- Improves types for header/tokens
- Allow custom app purposes to retrieve app token instances
- Custom app purpose debug display fix
- PAT/app token type identification helper method
- Collections now expose "collectAllPages" and "collectAllPagesViaHttpGet" to move specific code out of the file
- Fix for custom apps initialized after startup
- Custom Properties Beta support
- Client APIs remain behind the session middleware
- Non-client APIs no longer set cookies given their stateless nature
- Simplifies the directory structure
- Removes Microsoft-specific API configuration and code not useful to the OSS version
Integrates multiple changes from an internal fork to the open project:
- Strongly typing basic organization properties and flags
- Specialized app purposes
- Organization annotations
- Repo unarchive
- Configuration resolver supports dates
- Configuration resolver supporting above-root .env over env vars for Codespaces
- Initialization routine adds support for an optional company-specific secondary stage
- Supports flighting a second React frontend for specific or all users
- Most basic organization APIs support managed and unmanaged orgs for org details
Updates the open source project to reflect the recent updates
around continuing to make it easier to build in paralell and have
company-specific updates without impacting the upstream as much.
This is a batch of updates, including package version improvements.
- Axios: the library has gone through some growing pains for TypeScript
users. While the library no longer returns "unknown" for response types,
designed to encourage safe known casting, we do a lot of "cast as any" now,
and will improve in the future.
- Additional company-specific extension points around authentication
- Additional auth token types for just-in-time
- Cleanup of Passport routing. This could be breaking for anyone who has
taken the time to hack other Passport providers on top, so interested to
learn if anyone has (for example, the old Google integration as an auth provider
over AAD)
Jeff Wilcox
Tyler Garner
Nick Schonning