Skip to content

chore: release v2.0.0#26

Merged
polaz merged 1 commit into
mainfrom
release-plz-2026-06-19T14-47-40Z
Jun 20, 2026
Merged

chore: release v2.0.0#26
polaz merged 1 commit into
mainfrom
release-plz-2026-06-19T14-47-40Z

Conversation

@sw-release-bot

@sw-release-bot sw-release-bot Bot commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

🤖 New release

  • structured-proxy: 1.1.0 -> 2.0.0 (⚠ API breaking changes)

structured-proxy breaking changes

--- failure enum_marked_non_exhaustive: enum marked #[non_exhaustive] ---

Description:
A public enum has been marked #[non_exhaustive]. Pattern-matching on it outside of its crate must now include a wildcard pattern like `_`, or it will fail to compile.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#attr-adding-non-exhaustive
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/enum_marked_non_exhaustive.ron

Failed in:
  enum DescriptorSource in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:94

--- failure struct_marked_non_exhaustive: struct marked #[non_exhaustive] ---

Description:
A public struct has been marked #[non_exhaustive], which will prevent it from being constructed using a struct literal outside of its crate. It previously had no private fields, so a struct literal could be used to construct it outside its crate.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#attr-adding-non-exhaustive
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/struct_marked_non_exhaustive.ron

Failed in:
  struct ServiceConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:156
  struct ProxyConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:12
  struct JwtConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:240
  struct OidcDiscoveryConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:390
  struct EndpointClassConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:369
  struct LoggingConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:467
  struct SigningKeyConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:409
  struct AliasConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:177
  struct AuthzConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:311
  struct ForwardAuthConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:269
  struct AuthConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:215
  struct MaintenanceConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:422
  struct ListenConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:135
  struct IdentifierEndpointConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:381
  struct MetricsClassConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:493
  struct RoutePolicyConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:292
  struct OpenApiConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:185
  struct ShieldConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:335
  struct UpstreamConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:86
  struct CorsConfig in /tmp/.tmpDtkzjc/structured-proxy/src/config.rs:458

--- failure struct_missing: pub struct removed or renamed ---

Description:
A publicly-visible struct cannot be imported by its prior path. A `pub use` may have been removed, or the struct itself may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/struct_missing.ron

Failed in:
  struct structured_proxy::config::BffConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:308

--- failure struct_pub_field_missing: pub struct's pub field removed or renamed ---

Description:
A publicly-visible struct has at least one public field that is no longer available under its prior name. It may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/struct_pub_field_missing.ron

Failed in:
  field bff of struct AuthConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:226
  field service of struct AuthzConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:296
  field method of struct AuthzConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:297
  field subject_template of struct AuthzConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:299
  field resource_template of struct AuthzConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:301
  field action_template of struct AuthzConfig, previously in file /tmp/.tmpwjgTVw/structured-proxy/src/config.rs:303
Changelog

2.0.0 - 2026-06-20

Added

  • (authz) external authorization via Envoy ext_authz gRPC
  • (auth) add forward-auth verification endpoint
  • (transcode) propagate W3C trace-context and request deadlines
  • (oidc) serve OpenID discovery document and JWKS endpoint
  • (auth) enforce JWT validation with JWKS and route policies
  • (shield) enforce rate limiting via pluggable store

Fixed

  • (config) [breaking] mark config structs non_exhaustive
  • (authz) default authz endpoint and preserve duplicate headers
  • (transcode) accept future W3C traceparent versions
  • (transcode) validate trace-context and bound deadline parsing
  • (oidc) validate Ed25519 SPKI, always serve JWKS, set media type
  • (auth) harden claim headers, alg mapping, JWKS fetch, 401 vs 403
  • (shield) use rightmost untrusted X-Forwarded-For hop
  • (shield) close identifier bypass, harden store and IP trust

Other

  • center the Support the Project section
  • Merge branch 'main' into docs/docs: add donation badge with QR code to README #39-donation-badge
  • (transcode) remove per-request route allocations on the hot path
  • drop unimplemented BFF session config
  • (config) add regression test for disabled authz without endpoint
  • (authz) log authz call failures and assert parsed authz config
  • (auth) simplify forward-auth query strip and cover invalid token
  • (transcode) add regression test for versioned traceparent
  • (transcode) add regression tests for deadline and trace validation
  • (oidc) add regression tests for SPKI validation and empty JWKS
  • (auth) add regression tests for header spoof and 401/403
  • (shield) add regression test for spoofable XFF first hop
  • (shield) add regression test for identifier-limit bypass

This PR was generated with release-plz.

@sw-release-bot sw-release-bot Bot force-pushed the release-plz-2026-06-19T14-47-40Z branch 4 times, most recently from a852e31 to 0d92bef Compare June 20, 2026 04:50
@sw-release-bot sw-release-bot Bot changed the title chore: release v2.0.0 chore: release v1.2.0 Jun 20, 2026
@sw-release-bot sw-release-bot Bot force-pushed the release-plz-2026-06-19T14-47-40Z branch from 0d92bef to 3154282 Compare June 20, 2026 05:41
@sw-release-bot sw-release-bot Bot changed the title chore: release v1.2.0 chore: release v2.0.0 Jun 20, 2026
@sw-release-bot sw-release-bot Bot force-pushed the release-plz-2026-06-19T14-47-40Z branch 3 times, most recently from d89a844 to e197432 Compare June 20, 2026 08:15
@sw-release-bot sw-release-bot Bot force-pushed the release-plz-2026-06-19T14-47-40Z branch from e197432 to 327ff96 Compare June 20, 2026 09:49
@polaz polaz merged commit 061107d into main Jun 20, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@polaz