v1.25.0
What's Changed
- feat: configurable upstream + body-idle timeouts on RecordConfig by @tombeckenham in #197
- ci: harden CI/CD security (SHA-pin actions, pnpm 11, zizmor, permissions) by @AlemTuzlak in #200
- ci(deps): bump zizmorcore/zizmor-action from 0.5.3 to 0.5.4 in the minor-and-patch group by @dependabot[bot] in #201
- fix(ci): add pnpm cache to setup-node, SHA-pin changelog-radar by @jpr5 in #211
- fix(ci): limit credential exposure in fix-drift by @jpr5 in #212
- fix(ci): persist-credentials: false on remaining workflows by @jpr5 in #215
- ci(deps): bump actions/setup-node from 4.4.0 to 6.4.0 by @dependabot[bot] in #214
- ci(deps): bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by @dependabot[bot] in #213
- ci(deps): bump actions/upload-artifact from 4.6.2 to 7.0.1 by @dependabot[bot] in #209
- ci(deps): bump dependabot/fetch-metadata from 2.5.0 to 3.1.0 by @dependabot[bot] in #208
- ci(deps): bump pnpm/action-setup from 5.0.0 to 6.0.8 by @dependabot[bot] in #207
- ci(deps): bump docker/metadata-action from 5.10.0 to 6.0.0 by @dependabot[bot] in #206
- ci(deps): bump actions/download-artifact from 4.1.7 to 8.0.1 by @dependabot[bot] in #205
- ci(deps): bump actions/github-script from 7.1.0 to 9.0.0 by @dependabot[bot] in #204
- ci(deps): bump docker/build-push-action from 6.19.2 to 7.1.0 by @dependabot[bot] in #203
- ci(deps): bump actions/setup-python from 5.6.0 to 6.2.0 by @dependabot[bot] in #202
- fix(ci): resolve new zizmor findings by @jpr5 in #217
- fix(ci): add security-events permission and action.yml to zizmor paths by @jpr5 in #218
- Add top-level permissions to changelog-radar workflow by @jpr5 in #219
- fix(ci): strip @mentions from dependabot major version analysis comments by @jpr5 in #220
- Add 6 new endpoints, streaming usage, and rate limiting headers by @jpr5 in #222
New Contributors
- @dependabot[bot] made their first contribution in #201
Full Changelog: v1.24.1...v1.25.0