Kinto

------------------

**New features**

- Account plugin now allows account IDs to be email addresses (fixes
1283).

**Bug fixes**

- Make it illegal for a principal to be present in
``account_create_principals`` without also being in
``account_write_principals``. Restricting creation of accounts to
specified users only makes sense if those users are "admins", which
means they're in ``account_write_principals``. (Fixes 1281.)
- Fix a 500 when accounts without an ID are created (fixes 1280).
- Fix StatsD unparseable metric packets for the unique user counter (fixes 1282)

**Internal changes**

- Upgraded the kinto-admin to version 1.14.0

------------------

**Bug fixes**

- Fix permissions endpoint when using account plugin (fixes 1276)

------------------

**Bug fixes**

- Fix missing ``collection_count`` field in the rebuild-quotas script.
- Fix bug causing validation to always succeed if no required fields are present.

**Internal changes**

- Upgraded to Pyramid-tm 2 (fixes 1187)

------------------

**API**

- Filtering with like can now contain wild chars (eg. ``?like_nobody=*you*``).
It is thus now impossible to search for the ``*`` character with this operator.
- Handle querystring parameters as JSON encoded values
to avoid treating number as number where they should be strings. (1217)
- Introduce ``has_`` filter operator (fixes 344).

API is now at version **1.17**. See `API changelog`_.

**Bug fixes**

- Several changes to the handling of NULLs and how the full range of
JSON values is compared in a storage backend (PR 1258). Combined
with 1252, this should fix 1215, 1216, 1217 and 1257, as well as
possibly some others.
- Fix requests output when running with make serve (fixes 1242)
- Fix pagination on permissions endpoint (fixes 1157)
- Fix pagination when max fetch storage is reached (fixes 1266)
- Fix schema validation when internal fields like ``id`` or ``last_modified`` are
marked as required (fixes 1244)
- Restore error format for JSON schema validation errors (which was
changed in 1245).

**Internal changes**

- Add check on account plugin to avoid conflict with default ``basicauth`` policy (fixes 1177)
- Add documentation about Kinto Admin plugin (fixes 858)

------------------

**New feature**

- ``delete()`` method from cache backend now returns the deleted value (fixes 1231)
- ``kinto rebuild-quotas`` script was written that can be run to
repair the damage caused by 1226 (fixes 1230).

**Bug fixes**

- The ``default_bucket`` plugin no longer sends spurious "created"
events for buckets and collections that already exist. This causes
the ``quotas`` plugin to no longer leak "quota" when used with the
``default_bucket`` plugin. (1226)
- Fix removal of timestamps when parent object is deleted (fixes 1233)
- Do not allow to reuse deletion tokens (fixes 1171)
- ``accounts`` plugin: fix exception on authentication. (1224)
- Fix crash with JSONSchema validation of unknown required properties (fixes 1243)
- Fix bug on bucket deletion where other buckets could be deleted too if their id
started with the same id
- Fix permissions of accounts created with PUT by admin (ref 1248)
- Fix ownership of accounts created with POST by admin (fixes 1248)

**Internal changes**

- Make memory storage consistent with PostgreSQL with regard to bytes (1237)
- Some minor cleanups about the use of kinto.readonly (1241)

------------------

**Bug fixes**

- Fix missing package.json file in package. (1222)

**Internal changes**

- Upgraded the kinto-admin to version 1.13.3