Release Notes

release notes (oct 25) – parse server 7 upgrade (performance, security & developer experience) we’ve released as a defult stable version the parse server 7 5 2 on back4app, bringing major improvements to app performance, security, and the developer experience performance improvements faster, more stable api core engine optimizations deliver quicker queries and more reliable performance under load improved real time features fixes to livequery and cloud code triggers make real time apps more stable security enhancements critical oauth fix authentication credentials are now fully isolated per app, closing an important security gap safer defaults user data is private by default, and risky file types (like html uploads) are blocked optional rate limiting protect your app from abusive traffic with customizable request limits developer experience updated cloud code runtime node js 18 + parse js sdk 4 unlock modern language features and better performance new sdk compatibility fully supports new parse sdks, including parse swift 5 more configuration options fine tune default query limits, session behavior, and rate limit rules breaking changes httprequest removed use standard libraries like axios or fetch in cloud code nested objects fixed objects are now properly serialized; review your structures if you rely on deeply nested data your back4app apps now run on a faster, more secure, and more modern parse server—no infrastructure work required release notes (sep 25) – faster web builds, one click mcp web hosting, deep db insights web deployment improvements faster building times we've improved our web deployment platform to build projects faster now your app has more powerful servers to build it and that result in up to 10x faster deployments new process to create free apps now you have a simpler flow to test our web deployments platform, no credit card needed no hard processes just connect your github account and start deploying mcp web hosting now is not necessary anymore to configure webhosting on back4app dashboard anymore to start using the platform just ask mcp to create and publish your app and you will see your ai coding agent to do it like magic database profiler – full observability for app database ops we’re excited to introduce the back4app database profiler , a new observability feature designed to help you monitor and optimize your mongodb backed parse server applications this profiler is built directly on top of the native mongodb database profiler , so you get the same detailed, battle tested insights mongodb engineers use to track performance now integrated seamlessly into your back4app environment, it gives you the visibility you need to troubleshoot and tune your database operations what it does captures granular operation metrics – monitor queries, inserts, updates, deletes, and command executions across your mongodb collections identifies slow queries – flag operations exceeding your configured thresholds with detailed timing information surfaces execution stats – see keys and documents examined, query plans, sort stages, index usage, and whether operations spilled to disk tracks concurrency & locks – understand lock contention, yields, and waiting times that may be slowing down your workloads collects i/o metrics – inspect how many bytes are read from and written to disk, and how much time queries spend waiting on storage why it matters pinpoint bottlenecks – quickly find inefficient queries that scan too many documents or indexes optimize indexes with confidence – use keysexamined vs docsexamined ratios to decide when new indexes are needed boost reliability – understand when queries are being replanned, evicted from cache, or blocked by locks improve app responsiveness – reduce query latencies by spotting high cost operations before they impact users example insights you’ll see query execution times (millis) and cpu usage per operation index scan efficiency (keysexamined vs nreturned) storage engine wait times and disk reads/writes lock acquisition patterns (r, w, ix, is) with microsecond level detail query shape hashes (plancacheshapehash) to identify and group similar queries why you’ll love it same engine, new visibility – built on the mongodb profiler, but integrated into back4app for one click observability actionable data – go beyond logs understand why a query is slow and how to fix it optimized for parse server – tailored for the types of queries and workloads common in back4app apps production safe – designed to help you monitor without disrupting your live systems release notes (aug 25) – mongodb 8 0 available on back4app we’ve upgraded our database servers now we support mongodb 8 0! this isn’t just about moving to the newest release—it includes all the accumulated improvements from mongodb 4 x, 5 x, 6 x, and 7 x your apps can now benefit from years of performance, aggregation, and security enhancements in one leap forward 💡 back4app runs mongodb 8 0 on digital ocean managed database service and mongodb atlas , so you’re getting the best of both worlds enterprise grade managed infrastructure plus the latest mongodb features increased performance faster reads it’s 36% faster in read workloads and 32% faster in mixed read and write workloads simple lookups (e g , by objectid) use new fast path execution in 8 0, cutting latency without code changes faster writes under load write operations can be up to 20% faster in high concurrency scenarios, reducing tail latencies during peak traffic fewer sort related errors on large lists larger non‑indexed sorts now have more headroom (100 mb vs 32 mb) that means list queries with order on big classes are less likely to fail with “sort exceeded memory limit” and more likely to return successfully without needing immediate index changes accelerated index updates index changes roll out faster in the background your app stays responsive, and searches/lists get the speed boost sooner aggregation enhancements (cloud code and rest api) aggregation pipelines you build in cloud code(or calling via rest api) run faster and support the new operators(since mongodb 4 0) including window functions ($setwindowfields) – enable advanced analytics such as running totals, moving averages, ranks, cumulative sums, percentiles, and more, directly within the database index aware $expr comparisons – simple comparisons like $eq, $lt/$lte, and $gt/$gte can use indexes to avoid full collection scans, delivering major performance improvements for expression based filters set operations and custom logic – use $unionwith to combine results from multiple collections, and extend the framework with custom javascript based operators like $function and $accumulator for specialized logic and aggregations literal and array manipulation tools – $documents allows you to inject inline documents directly into a pipeline, while $sortarray sorts array elements within documents top n and first/last n accumulators – operators such as $top, $bottom, $topn, $bottomn, $firstn, and $lastn make it easy to capture ranked values, leaders/laggards, or multiple first/last items per group without complex workarounds security & stability apps at back4app now count with the latest security updates(acumulated improvements from mongodb 4 0 to 8 0), including continuous cve patches and stability fixes modern tls with ocsp and managed certificate hygiene key benefits faster api responses especially for objectid lookups and list endpoints more resilient large non‑indexed sorts fewer “sort exceeded memory” errors under heavy loads richer aggregation features new operators (e g , window functions, union/merge, custom expressions) faster, safer index maintenance quicker index rollout with minimal impact latest security updates applied ongoing cve patches, modern tls/ocsp, hardened defaults release notes (jul 25) – hipaa, soc 2 type 1 & iso 27001 compliance back4app has achieved triple compliance —hipaa, soc 2 type 1, and iso 27001—across our platform whether you’re on pay as you go or dedicated, you now get enterprise grade security, data protection controls, and audit ready documentation built in, so you can focus on shipping features instead of handling compliance paperwork hipaa compliance (dedicated only) • encryption & access controls – end to end tls and at rest aes 256 encryption, role based permissions, and detailed audit logging • business associate agreement – baa available by default for every dedicated cluster • technical safeguards – firewalls, intrusion detection, continuous monitoring, and regular penetration tests soc 2 type 1 compliance (pay as you go & dedicated) • point in time audit – independent validation of our security, availability, and confidentiality controls • designed controls – confirms policies and processes are correctly implemented; lays groundwork for upcoming type 2 attestation • ongoing assurance – soc 2 reports available under nda; regular internal reviews maintain control effectiveness iso 27001 certification (pay as you go & dedicated) • isms framework – documented information security management system covering people, processes, and technology • continuous improvement – annual surveillance audits ensure policies evolve with emerging risks • global standard – recognized benchmark for data security best practices across industries key benefits • turnkey compliance – skip lengthy security questionnaires and vendor audits • risk reduction – mandatory administrative and technical controls lower breach exposure • cross plan coverage – soc 2 & iso on both pay as you go and dedicated; hipaa on dedicated • faster deals – signed baa and audit reports accelerate procurement and enterprise sales • competitive edge – stand out in healthcare, finance, and other regulated markets how to get started select your plan pay as you go for soc 2 & iso, dedicated for all three request compliance artifacts download soc 2 and iso reports (nda) and sign the dedicated plan’s baa in the dashboard map your controls align internal policies to back4app’s documented safeguards for streamlined audits build with confidence deploy phi handling applications and regulated data workloads without extra infrastructure your backend now meets the highest industry standards for security and compliance—no extra work required on your end let us know if you have any questions! release notes (jun25) cloud code and web hosting deployments, mcp server updates cloud code & web hosting deployments rollback support we’re excited to introduce a highly requested feature in the back4app dashboard one click rollback for both cloud code and web hosting deployments now you can safely revert to any previous version in seconds, minimizing downtime and streamlining your release workflow rollback anywhere, anytime instant revert – from the cloud code → deployments screen, click “rollback” next to any historical version to make it the new “current” deployment zero downtime safety – your previous code snapshot becomes live immediately, so you can recover from unexpected issues without manual redeploys clear version history comprehensive timeline – view every past deployment (version number, timestamp, and description) in a neat, scrollable history contextual details – hover or expand each entry to see commit messages and notes you supplied at deploy time simplified release workflow audit friendly – keep track of every rollback action; audit logs record who rolled back, when, and to which version seamless integration – rollbacks work across both serverless functions and static web assets, so your frontend and backend stay in sync how to roll back navigate to cloud code → deployments in the history section, hover over the version you want to restore click rollback confirm, and your app instantly switches to that snapshot why you’ll love it faster recovery – no more manual git checkouts and deploy commands when something goes wrong in production greater confidence – experiment freely, knowing you can undo any change with one click full visibility – instantly see the state of any past release, including who deployed it and why enjoy smoother, safer deployments! as always, we’d love your feedback—reach out via the dashboard or our support channels back4app mcp server enhancements in this release we’ve supercharged our mcp server with two major improvements path based deploys for large files one step mcp installer cli 1 path based deployments for cloud code & web hosting gone are the days of “token too long” errors when pushing big bundles now you can deploy by file path – supply local file or directory paths instead of in lining content large files supported – roll out huge javascript bundles, media assets, images, and any static chunks without worrying about size limits framework friendly – perfect for react js, next js, angular, vue, and other front end frameworks that runs with parse web hosting quicker experience deploy in seconds to your app 2 one step mcp installer cli setting up mcp across ides is now a breeze our new @back4app/mcp installer tool will install in one command – add back4app mcp server to any supported ide with a single line multi ide support – cursor, windsurf, cline, claude desktop, vs code (workspace), witsy, enconvo, and more smart config – automatically writes the right mcp json/mcp config json in your home or workspace quick start \# one time usage with npx (any supported ide) npx @back4app/mcp installer install \<ide> account key your account key \# examples \# install for cursor npx @back4app/mcp installer install cursor account key your account key \# install for windsurf npx @back4app/mcp installer install windsurf account key your account key \# install for vs code npx @back4app/mcp installer install vscode account key your account key \# install for cline npx @back4app/mcp installer install cline account key your account key \# workspace scoped install for vs code (run inside your project folder) cd /path/to/your/project npx @back4app/mcp installer install vscode account key your account key \# check status in any ide npx @back4app/mcp installer status \# uninstall from an ide npx @back4app/mcp installer uninstall \<ide> why you’ll love it scale your deployments – no size constraints means confidence when shipping big apps faster setup – get mcp running in your favorite editor in seconds consistent workflows – same cli and mcp actions across cloud code, web assets, and ides as always, we’re eager for your feedback—drop us a line via the dashboard or our support channels! release notes (may25) back4app mcp server the back4app mcp server implements the mcp protocol to expose back4app’s backend platform as a set of tools an ai agent can use when an mcp compliant ai client connects to the back4app mcp server, it discovers a suite of tools for creating apps, manipulating database schemas, deploying cloud code, deploying web hosting frontend, and more you can literally ask your ai agent to perform backend tasks using natural language, and it will invoke the appropriate mcp tool behind the scenes because it uses the mcp standard, this server works with any ai agent environment that supports mcp – including cursor ide, claude desktop, and others you’re not locked into a specific ai or plugin, which means you can integrate back4app automation into your existing workflows available mcp tools the back4app mcp server provides a comprehensive toolbox of actions app management – create parse app create a new parse app at back4app with a simple prompt – get parse apps list all your parse apps at back4app – get parse app retrieve detailed information about a specific app – set current app establish a default app for subsequent operations – get current app check which app you’re currently working with direct api access (parse rest api) – call parse api the swiss army knife for backend operations – design and modify your database schema – perform crud operations on your data – manage users and authentication – handle file storage and retrieval – invoke cloud functions and schedule jobs – configure security permissions and access controls cloud code & web hosting – list cloud code and web hosting files see what’s currently deployed – get file content review specific cloud code and web hosting files in your deployments – deploy cloud code files push serverless functions to your app – deploy web hosting files update your web frontend setting up back4app mcp getting started is straightforward generate a back4app account key log in to your back4app dashboard, navigate to “account keys”, and create a new personal access token configure your ai agent add the back4app mcp server to your mcp compatible client for example, in cursor for example, in cursor { "mcpservers" { "back4app" { "command" "npx", "args" \[ "@back4app/mcp server back4app", " account key", "your account key" ] } } } note the server runs as a node js package, so you’ll need node js installed on your system first also make sure the npx command is working mcp relies on npx to execute the package without requiring a global installation verify the connection your ai agent should show the back4app server as “active” once configured correctly release notes (apr25) app overview, parse server 7 5 app overview our brand new app overview dashboard is now live—a centralized hub that brings together app information, logs, performance monitoring, insights into your application's security and relevant app management actions with this powerful tool at your fingertips, you can centralizes critical data – view key app information, performance metrics, and system logs in one intuitive interface delivers actionable insights – stay informed with real time performance metrics, security warnings, and resource utilization tracking integrate with ease enjoy one click connections between your front end and back4app’s backend services, complete with ready to use code snippets for faster implementation parse server 7 5 2 – a critical security update security is a top priority for us with the release of parse server 7 5 2 , we've taken another giant leap to safeguard your applications enhanced security this update isolates authentication credentials and addresses a key vulnerability, ensuring your app remains secure against emerging threats optimized performance experience significant performance improvements and enhanced stability that keep your applications running smoothly seamless upgrade easily update your parse server through your back4app dashboard for a smooth transition, we recommend testing the new version in a cloned environment before updating your production app your success is at the core of everything we do, and these updates are a testament to our commitment to delivering a secure, efficient, and innovative backend development experience release notes (dec24) simplified onboarding flow, improved security and stability, admin app we’ve been hard at work refining every aspect of our platform, from onboarding to backend administration here are some of the key improvements we’ve made streamlined onboarding flow we’ve simplified the initial setup process to help you get started faster and make your first interactions with the platform more intuitive strengthened platform control and security implemented tighter controls on the number of times requests can be called, ensuring more predictable and stable application performance introduced the ability to block deployments based on their creation time, adding another layer of security and operational clarity more comprehensive documentation our documentation now reflects the latest platform updates, making it easier to find the information you need and stay aligned with best practices backend dashboard enhancements added a dedicated admin screen to facilitate refined access management, giving you more control over who does what within your environments enhanced the user interface for file type fields, offering clearer visuals and interactions published adjustments to the menu for better, more intuitive navigation addressed usability concerns in the javascript console, making debugging and troubleshooting simpler bug fixing and platform stability resolved issues with handling invalid pointers and arrays, ensuring smoother data management resolved issues with handling invalid pointers and arrays, ensuring smoother data management blocked the use of reserved class names to prevent conflicts and errors resolved dashboard bugs to deal with large data volumes to ensure greater overall stability fixed import/export data functionality so you can transfer resources seamlessly these improvements are just part of our ongoing commitment to deliver a smooth, secure, and efficient backend development experience your feedback continues to guide us as we refine and evolve the platform release notes (sep 24) parse server 6 and new onboarding ai advisor parse server 6 on back4app backend security improvements file upload restrictions back4app users benefit from enhanced security as potential phishing attacks through html file uploads are now blocked by default users who rely on html uploads will need to customize settings, but most users will see this as a protective measure against vulnerabilities custom rate limiting with this new feature, back4app users can now limit the number of requests to their apps by adjusting the ratelimit parameter, adding an extra layer of protection against ddos attacks this helps ensure app availability and protects against malicious traffic fixes and improvements fixes for livequery, cloud code triggers, nested object encoding, and client ip issues back4app users will experience more stable and predictable app behavior, particularly for real time applications using livequery and cloud code these fixes resolve issues with date formatting and object handling, improving data integrity and accuracy breaking changes nested objects stored properly back4app users who store complex data structures with nested objects will now see them properly serialized and saved this improves data consistency but may require review of previous implementations to ensure no unexpected issues arise with data storage removal of parse cloud httprequest back4app users who relied on the httprequest convenience method will need to switch to alternative third party libraries for making http requests this change could require code adjustments for some users, but more flexibility is available through popular libraries like axios or fetch new features cloud code using parse sdk js 4 0 with this update, back4app users gain access to more powerful and feature rich sdk capabilities, improving how they handle data and perform operations within cloud code this update is crucial for users wanting more robust cloud functions new custom parse options users can now leverage more customizable options for configuring their parse server setups (e g allowexpiredauthdatatoken, defaultlimit, ratelimit) this opens new possibilities for app specific optimizations, offering greater control and customization node 18 support back4app backend now supports node js 18, enabling users to install and use more recent versions of node packages in their cloud code this allows for improved performance, access to the latest features, and better security for server side code execution