The Firebase console gives you the power to make changes to your Cloud Firestore Security Rules directly from your browser! Unfortunately, that also means your team has the ability to break your security rules directly from your browser, maybe without remembering exactly what they changed. Well fear no more; Firebase has your back!
Recently, we added Version History to Cloud Firestore Security Rules. For any Cloud Firestore project, you can now browse all previously published versions of Rules, view the differences between the previous and current versions, and edit the current version — either to a complete rollback to an earlier version or to a mix of rules.
Now, when your team introduces a bad security rule, it’s a snap to find out what the previous working version was and get back to it.
To start using version history for Security Rules, simply navigate to the Rules tab of Cloud Firestore, and start browsing your version history in the left-hand column. From any older version, you can click “Compare to Latest” to view the diff and edit the latest version.
Every deploy that includes Rules is considered a new version; you’ll see unchanged versions if you’ve deployed unchanged rules several times from the command line. To avoid that, you can call
deploy --only from the Firebase CLI to deploy only the things you’ve changed. For example, I often make edits to my project’s Cloud Functions without changing anything else, so I end up running
firebase deploy --only functions from the command-line tool to make sure only the changes to my Cloud Functions get submitted.
Reach out to us via Twitter @Firebase or via our other support channels to let us know what you think! We’re looking forward to adding this to other Firebase features, and would like to get your feedback before we do.