You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
TLS certificate verification is now enforced for OAP connections. Added --sw-insecure flag to opt out (development/self-signed certs only).
Sensitive fields (authorization, password, token, secret) are redacted in --log-command output.
Environment variable references (${VAR}) in --sw-username/--sw-password now log a warning when the variable is not set, preventing silent unauthenticated requests.
Regex patterns supplied to list_mqe_metrics are validated for complexity before compilation.
Added --allowed-origins flag to sse and streamable transports for CORS origin enforcement. When unset (default), any Origin is reflected back so all browser origins work out of the box. When set, only listed origins receive CORS headers; all others get 403 Forbidden. Use * as an entry to send the wildcard header explicitly.
Increase reliability of core CLI commands through expanded automated test coverage.
Remove an unused CLI tool and its associated parameter to simplify the interface and avoid confusion.
Add validation for tool configuration properties, returning clear errors when required values are missing or invalid.
