Firebase Security Rules Release Notes

To review release notes for the Firebase console and for other Firebase platforms and related SDKs, refer to the Firebase Release Notes.

December 9, 2019

  • Set type (Rules Language enhancement). Sets are now a supported type in Firebase Security Rules! This is great for enforcing required and optional fields. Lists can be converted into Sets by calling myList.toSet(). Available in Firebase Security Rules Language v1, v2.

  • Rule evaluation metrics in Stackdriver. Rule evaluation metrics are now exported from Firebase into Stackdriver for Cloud Firestore, the Realtime Database, and Cloud Storage! This lets you set up monitoring and alerting around authorization requests for your app. Available in Rules Language v1, v2.

October 8, 2019

  • Map get (Rules Language enhancement). Fetching values within a map just got easier with get. It takes two arguments: the first is the key within the Map, and the second is a default value to return if the key doesn't exist. Check out the documentation and the following examples. Available in Rules Language v1, v2.

  • Hashing (Rules Language enhancement). Ever want to hash a value in Firebase Security Rules, either to obscure content that you don't want in plaintext or to avoid handling something unwieldy? Now that that Hashing is available in Firebase Security Rules, you can! Take a look at the documentation and the examples below. Available in Rules Language v1, v2.

  • String replace (Rules Language enhancement). Sometimes a String in your Rules isn't exactly in the form you need it. Now you have String.replace() to do some light cleanup. It works like you would guess: "myString".replace("my", "your") => "yourString". This function is described in the documentation and another example is shown below. Available in Firebase Security Rules Language v1, v2.