v5.4.0

New features and enhancements

• The usage of client-generated IDs can now be overruled per resource type. The new choices are: Forbidden/Allowed/Required (both per type and globally). See the documentation for details.
• New example for using generic scopes-based authorization (see here).
• Continuous integration builds use GitHub Actions on Windows, Ubuntu and macOS. This includes dependabot updates and CodeQL vulnerability scanning. It comes with a new NuGet feed for trying out the latest builds.
• You can now sponsor our project with one-time and monthly donations.

Breaking changes

The boolean AllowClientGeneratedIds in options has been obsoleted in favor of the new IJsonApiOptions.ClientIdGeneration (see above)

Bugfixes

• Correct examples in the documentation for AddJsonApi calls.
• Correct nullability in the return value of the QueryExpressionRewriter.VisitResourceFieldChain method.
• Change inheritdoc usage to correct IntelliSense/documentation on classes.
• Sanitize user input to prevent a malicious user from forging log entries.

Merged PRs

• Docs: Add missing parameter name to AddJsonApi calls by @bkoelman in #1296
• Add example for scopes-based authorization by @bkoelman in #1303
• Replace AppVeyor with GitHub Actions by @bkoelman in #1294
• Client-generated IDs per resource type by @bkoelman in #1305
• Add sponsoring by @bkoelman in #1340

Full Changelog: v5.3.0...v5.4.0