TykTechnologies/tyk v5.11.1-alpha2

on GitHub

What's Changed

• [TT-11185] release docs 5.3.0 update by @titpetric in #6079
• [TT-11405] Updating JSON tags and field names for TLS max and min versions by @mativm02 in #6078
• TT-10962 by @kofoworola in #6072
• [TT-11388]: updated opentelemtry library and added tests for new span keys by @kofoworola in #6087
• [TT-11377] Adding “node_is_segmented” flag under “node” to complement “tags” by @mativm02 in #6093
• [TT-11413] Fix apidef GlobalRateLimit migrations by @titpetric in #6086
• TT-11288 Revert logger mutex by @sredxny in #6103
• [TT-11197] Upgrade google/grpc by @titpetric in #6100
• [TT-11440/TT-11461] Add functionName to replace name in OAS virtual endpoint and endpoint post plugin by @jeffy-mathew in #6098
• [TT-11439/TT-11452] fix custom plugins contract by @jeffy-mathew in #6097
• [TT-11295] Update graphql-go-tools dependency by @buraksezer in #6112
• [TT-11389]: moved graphql span attributes by @kofoworola in #6088
• TT-11443 Shim to keep compatibility in goplugins importing tyk redis by @sredxny in #6096
• [TT-11452] remove unused migrate func by @jeffy-mathew in #6117
• TT-11485, fix for global rate limit disabled flag not working by @andrei-tyk in #6120
• [SYSE-332] Fail tests reliably by @ermirizio in #6130
• [TT-11197] Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot[bot] in #6124
• [TT-11549/TT-11597] Auto generated from templates by gromit by @jeffy-mathew in #6138
• [TT-10856/TT-11593]fix quota limits not working with url rewrite to self by @jeffy-mathew in #6133
• [TT-11627] Migrate failling to golangci-lint/forbidigo, fix issues by @titpetric in #6152
• [TT-11197]update hashicorp vault by @jeffy-mathew in #6150
• [TT-10909]: fix issue with missing upstream headers in graphql proxy only by @kofoworola in #6166
• [TT-6011] Fix non-functional coprocess apis, add tests by @titpetric in #4055
• [TT-11684] OAS-to-UDG converter - import paths & cleanup by @buraksezer in #6181
• [TT-11735] Exclude testdata from sonarcloud by @titpetric in #6182
• [TT-10104] JS middleware + ignore auth test and fix for panic by @titpetric in #6180
• Update README.md by @letzya in #6035
• [TT-11746] Add linter for regression test names by @titpetric in #6191
• [TT-11585] Process DeleteAPICache event by @jeffy-mathew in #6190
• [TT-10856/TT-11778] fix quota limit remaining header value when key is created from policy and API is looped by @jeffy-mathew in #6199
• [SYSE-336 master] Followup from March template application by @alephnull in #6207
• TT-7560, fixed issue with bundles loading with bad sign/checksum by @andrei-tyk in #6165
• [SYSE-353 master] Fix tyk-ci fetch mechanism by @ermirizio in #6213
• [TT-7560] skip loading API when custom middleware bundle fetch fails by @jeffy-mathew in #6211
• TT-11748 dont attempt to remove ApiCacheDeletion key from redis by @sredxny in #6215
• [TT-9972] release resources only after specs are completely switched during hot reload by @jeffy-mathew in #5535
• [TT-11925] Reset plugin compiler build env to match gateway build env by @titpetric in #6234
• [TT-11655] Graphql APIs are unable to handle OPTIONS requests by @rhianeKobar in #6221
• [SYSE-358 master] April template application by @ermirizio in #6248
• [TT-11991]: added request_headers_rewrite by @kofoworola in #6257
• [TT-11966/TT-12064] implement OAS webhooks events by @jeffy-mathew in #6258
• [TT-10291]: support gql-go-tools verison 2 by @kofoworola in #6240
• [TT-12064]Update Cast function signature by @jeffy-mathew in #6261
• [TT-10291]: upgrade gql-tools for v2 by @kofoworola in #6264
• [TT-11966/TT-12064] refactor oas events, update contract by @jeffy-mathew in #6263
• [TT-11966/TT-12064] update typo in cooldown period by @jeffy-mathew in #6266
• [TT-11966/TT-12064] handle edge case with empty event handlers by @jeffy-mathew in #6267
• [TT-12114]update goerr113 with err113 by @jeffy-mathew in #6268
• [SYSE-363 master] May template application by @alephnull in #6270
• update graphql-go-tools (TT-9884) by @pvormste in #6274
• [TT-5790] Update EnsureTransport and related tests by @titpetric in #6243
• [TT-11990] Change default behaviour of request_headers by @buraksezer in #6277
• [TT-11954/TT-12155] add x-tyk-api-gateway.servers.contextVariables.enabled by @jeffy-mathew in #6281
• [TT-7325] Enable fixed window rate limiter by @titpetric in #6253
• [TT-11954/TT-12115]fix location of contextVariables by @jeffy-mathew in #6285
• [TT-11739] Clean up rate limiting area, decouple GlobalConfig in APISpec by @titpetric in #6262
• [TT-11914/TT-12101]Add OAS trafficLogs by @jeffy-mathew in #6287
• [Test] Updates for opentelemetry test, use golang_cross in GH build cache key by @titpetric in #6282
• [TT-11806] Respect domain and listen path by @titpetric in #6289
• [DX-1345] Update config description for inclusive naming project by @dcs3spp in #6286
• [TT-12153]: Fix/complexity checker and granular access checker v3-preview by @kofoworola in #6293
• [TT-12193] Fix poor error handling in webhook event templates by @titpetric in #6303
• add features section to graphql proxy config by @pvormste in #6298
• [TT-12193] Add log for event handler webhook by @titpetric in #6310
• [TT-12193] Update error handling on webhook events when the event template has errors by @titpetric in #6312
• [TT-11997] Backend logic for request_headers_rewrite by @buraksezer in #6306
• [TT-12095] Fixing unhashed API keys exposed in OTEL spans by @mativm02 in #6296
• [TT-11470] Add human identifiable information in NodeData by @padiazg in #6229
• add logic for use_immutable_headers (TT-12190) by @pvormste in #6315
• [TT-11997] Header case insensitivity by @buraksezer in #6316
• [TT-3738] Implement rate limit smoothing by @titpetric in #6295
• [TT-11739] Re-add gateway.RateLimitExceeded (Dashboard coupling) by @titpetric in #6318
• [TT-11739] Fix RateLimitExceeded var name to include Event prefix by @titpetric in #6319
• feat/TT-9462/tag-cached-response by @joshblakeley in #6308
• [TT-12186] Fixes TestOAS_ExtractTo_ResetAPIDefinition with a valid event config by @titpetric in #6321
• [TT-12312] update openapi spec version by @jeffy-mathew in #6323
• [TT-12313, TT-12222] Update graphql-go-tools by @buraksezer in #6326
• [TT-12323] fix panic when webhook handler is disabled by @jeffy-mathew in #6334
• [TT-12311] exp/modcheck: Update go.mod dependencies by @buger in #6337
• [TT-12365] Add new events to validate in x-tyk-api-gateway by @titpetric in #6347
• [TT-9864] Optimize the creation/usage of AST documents by @buraksezer in #6345
• [TT-12285] Add smoothing, fix duplicate x-go-name by @titpetric in #6346
• TT-12347 fix management of custom keys in mdcb installations by @sredxny in #6353
• [TT-12425] exp/modcheck: Update go.mod dependencies by @buger in #6363
• [TT-11762] fix nil err return by @jeffy-mathew in #6365
• [TT-10532] Update taskfile, CI tests by @titpetric in #6350
• [TT-10532] Fix golangci-lint step to exit 0 by @titpetric in #6369
• [DX-1084] Add documentation to protobuf source code files for review by @dcs3spp in #6251
• [TT-12454] Extract ApplyPolicies into internal/policy scope by @titpetric in #6367
• fix unnecessary call to DeleteRawKey if no allowance scope is defined (TT-11721) by @pvormste in #6373
• Remove redis5 in CI pipeline by @titpetric in #6379
• TT-12306, addressed changes suggested in the tyk-docs PR by @andrei-tyk in #6377
• [TT-12234]update go1.21 version by @jeffy-mathew in #6385
• [DX-1473] Replace authorise with authorize by @dcs3spp in #6383
• [SYSE-370 master] June template application by @alephnull in #6331
• [TT-11032] Godoc CI lint action, config and apidef/oas by @titpetric in #6386
• [TT-12503] Render ID type as a String by @buraksezer in #6390
• [TT-12318] SSE streaming is broken by @titpetric in #6391
• [SYSE-370 master] June template application by @ermirizio in #6403
• [SYSE-370 master] June template application by @ermirizio in #6410
• [TT-12575] Add coverage to gitignore, add package to regression to fix api changes by @titpetric in #6400
• [TT-1570/TT-12587]mTLS: allow validating client certificates against root certificate authority by @jeffy-mathew in #6405
• [TT-1570/TT-12588] extend certs endpoint with is_ca by @jeffy-mathew in #6406
• [TT-12618] Refactor/checkspec findspec by @titpetric in #6415
• [TT-12618] Add RateLimit per-path settings to apidefinition classic, add test case by @titpetric in #6413
• [TT-12634] Add oas contract and migrations to/from classic apidef by @titpetric in #6416
• [TT-12519], added necessary logic for UrlVersioningPattern by @andrei-tyk in #6401
• [TT-12587] verify root CA on certificate check mw by @jeffy-mathew in #6422
• [TT-12195] : Public playground still shows schema when introspection is turned off by @jay-deshmukh in #6397
• TT-12380 Fill latency analytics field by @sredxny in #6421
• [TT-12635] Update swagger.yml with ExtendedPathsSet.RateLimitMeta by @titpetric in #6417
• [TT-12688] Ensure OAS API paths get applied to gateway by length, sort by path by @titpetric in #6425
• [TT-11753] fix thelper.bug.major lint error by @jeffy-mathew in #6429
• [TT-12688] extractto to honor sorting by @titpetric in #6430
• [TT-11810] Plugin bundles: fix slow tests, improve internal signature verifier API by @titpetric in #6203
• [TT-12698] Add linter to gateway to check for named scope conflicts by @titpetric in #6409
• [TT-11758] fix sonarcloud reported issues on errorlint.bug.major by @jeffy-mathew in #6434
• [TT-11758] fix sonarcloud reported issues on errorlint.bug.major by @jeffy-mathew in #6435
• [DX-1508, DX-1511] Update config.go godoc comments with American spelling conversions by @dcs3spp in #6436
• [TT-12762]respect response plugins contract over responsePlugin.plugins by @jeffy-mathew in #6441
• [TT-12762] remove main bin by @jeffy-mathew in #6445
• [TT-12816] Fix/distroless python release tests by @jeffy-mathew in #6455
• [DX-1599] Update ports_whitelist config documentation by @dcs3spp in #6454
• [TT-11726]: This optimizes the deletion of keys using a single command by @kofoworola in #6427
• [SYSE-370 master] June template application by @alephnull in #6418
• [TT-12566/TT-12851] Add client endpoint rate limiter by @jeffy-mathew in #6462
• [TT-12862] refactor apply policy by @jeffy-mathew in #6465
• [TT-12862] apply per api rate limits from policy by @jeffy-mathew in #6467
• [TT-12550] policy key path permissions problem by @titpetric in #6437
• [TT-12886] apply per endpoint rate limits by @jeffy-mathew in #6468
• [TT-12892] use same url matching logic in endpoint rate limiting as of allowed urls by @jeffy-mathew in #6470
• [TT-12566/TT-12927] fix merging rate limits by @jeffy-mathew in #6472
• [TT-11672] Update description of CertificatesConfig.Upstream by @dcs3spp in #6169
• [TT-12562/TT-12815] go 1.22 upgrade by @jeffy-mathew in #6452
• [TT-12452] Clear up quota gated with a distributed redis lock by @titpetric in #6448
• [TT-12975] Fix flaky test caused by missed Close invocation by @titpetric in #6481
• [TT-12355] added log format config, func and test cases by @LLe27 in #6344
• [TT-1944] Fix regex matching for parameters by @titpetric in #6480
• added a waitgroup to wait until all the pool connections are dialed by @sredxny in #6487
• [TT-12964] ignore endpoint rate limit configurations when rate limit partition is disabled by @jeffy-mathew in #6491
• [TT-13011] implement combining endpoint rate limits from non partitioned policies. by @jeffy-mathew in #6494
• [TT-13041] Adjust quota handling of missing or expired keys by @titpetric in #6492
• [TT-13048] Flaky test due to using httpbin org, improvements by @titpetric in #6504
• [TT-12865] URL matching prefixes/explicit, regex support by @titpetric in #6475
• [TT-12865] Rename config parameter, update usage, support mux params on legacy by @titpetric in #6506
• [TT-2539] added access/transaction logs by @LLe27 in #6354
• [TT-12893]: Adding first implementation of streams API by @kofoworola in #6496
• Revert "[TT-12893]: Adding first implementation of streams API" by @titpetric in #6509
• [TT-12494] Fix flaky TestCacheEtag and related cache tests by @titpetric in #6508
• Revert "[TT-2539] added access/transaction logs" by @jeffy-mathew in #6524
• [TT-13098] [master] exp/modcheck: Update go.mod dependencies by @buger in #6523
• [TT-13109]Generate New Swagger and Update Validator for Gateway by @yurisasuke in #6231
• [TT-13107] Remove verbose error logging if quota is disabled by @titpetric in #6528
• [TT-13122] build multiarch image on 1.22-bullseye by @jeffy-mathew in #6549
• [TT-13128] Updated description for prefix and suffix matching config options by @lghiur in #6555
• [TT-13087] Adjust example gateway config, to have match preficing explicit by default by @lghiur in #6564
• TT-13130 only mark the wg as done when the connection is stablished by @sredxny in #6574
• [TT-12893]: Adding first implementation of streams API by @kofoworola in #6511
• [TT-13175] Refactor apply policies test by @jeffy-mathew in #6585
• [TT-13175] add t.helper to helper functions by @jeffy-mathew in #6587
• [TT-13176]: update graqhql go tools by @kofoworola in #6586
• [TT-13136] Adjust concurrency group to CI tests, extend to all workflows by @titpetric in #6560
• [SYSE-394 master] Fix test code base for Tyk-Analytics PRs by @konrad-sol in #6583
• [TT-13088] Fixed godoc for path prefix and sufix configs by @lghiur in #6610
• [TT-13186/TT-13199] implement upstream basic authentication by @jeffy-mathew in #6596
• [TT-13243] Test/ci improvements by @titpetric in #6611
• [TT-13139] Request times out in some cases when sending input via http inputs by @buraksezer in #6601
• [TT-13238] Clean up RPC data model by @titpetric in #6608
• [TT-13242] Moved/Cleaned up nestedApiDefinition to model.MergedAPI by @titpetric in #6609
• [TT-13258] exp/workflow-lint: Update to latest known actions by @buger in #6620
• [TT-13266] Fix python tests by @titpetric in #6624
• [TT-12897] Merge path based permissions when combining policies by @titpetric in #6597
• [TT-13262] Fix/delete build cache for plugin compiler by @titpetric in #6623
• [TT-8004/TT-13092]enable validate request middleware during OAS import when parameters are specified on endpoint groups by @jeffy-mathew in #6618
• [TT-13186/TT-13199] replace auth header instead of adding auth header by @jeffy-mathew in #6631
• [TT-13280] Adjust golangci-lint to raise up errors in PRs directly by @titpetric in #6634
• TT-13130 updated version of gorpc library and prevent panic on reconnect edge by @sredxny in #6629
• [TT-13184] Implement OAuth 2.0 Client Credentials Flow for GW authentication with upstream by @andrei-tyk in #6633
• [TT-12897/TT-13284] Add additional partitioned test case, fix ordering issue by @titpetric in #6635
• [TT-12814] Make schema more flexible, don't enforce additionalProperties: false by @titpetric in #6640
• TT-13130 update gorpc version by @sredxny in #6644
• Tt 13184 Upstream OAuth2 updates to fix TTL issue by @andrei-tyk in #6643
• [TT-12990] fix upstream endpoint RL not considering endpoint method by @jeffy-mathew in #6651
• TT-13269 - Refactor/streams by @titpetric in #6593
• [TT-12702] revert wrappedServeHTTP to use recordDetail by @jeffy-mathew in #6654
• [TT-11426/TT-13322] Add deprecation notice for external OAuth middleware by @jeffy-mathew in #6657
• [TT-13185] Implement Password Flow OAuth by @andrei-tyk in #6649
• [TT-13381] Linters should only work for PRs by @titpetric in #6664
• [TT-12417] Do not delete keys on synchronization by @mativm02 in #6642
• [TT-13185] reorganize contract in upstream oauth by @andrei-tyk in #6668
• [TT-13271] custom oauth response fields by @andrei-tyk in #6660
• [TT-13400] Fixing OTel CI by @mativm02 in #6659
• [TT-13359] move upstream basic auth to ee package by @jeffy-mathew in #6669
• [TT-13185] upstream oauth allowed_authorize_types not being filled on API creation by @andrei-tyk in #6676
• TT-13185, fixed lines lost in merge conflicts by @andrei-tyk in #6681
• [TT-13375/TT-13422] Add validation rules for Upstream auth by @jeffy-mathew in #6680
• [TT-13008]: modified default streams logger by @kofoworola in #6682
• [TT-13185] fix missing extracts by @andrei-tyk in #6685
• [TT-11426/TT-13322]add deprecation notice for oidc middleware by @jeffy-mathew in #6686
• [TT-13201] Streams Definition Validator by @buraksezer in #6656
• TT-13271, fix for token metadata not being cached by @andrei-tyk in #6689
• [TT-12885] Add plugin development guide for manual builds by @titpetric in #6598
• [TT-13391] Move upstream OAuth to EE by @andrei-tyk in #6684
• improve error handling of streams in non-ee version (TT-13269) by @pvormste in #6691
• [TT-13375] Improved Upstream Auth validation rules by @lghiur in #6694
• add stream analytics to ee (TT-13233) by @pvormste in #6671
• [TT-13271] Make enabled and allowedAuthorizeTypes required fields by @lghiur in #6673
• [TT-13508] Streams poor performance when reconnecting to a Streams API by @buraksezer in #6697
• [TT-13422] Do not allow empty string in upstream auth configuration strings by @jeffy-mathew in #6699
• [TT-13508] Downgrade Bento to v1.2.0 and use our own fork to cherry-pick some changes from latest main branch. by @buraksezer in #6700
• [TT-13535/TT-13566] make upstream oauth password client secret not required by @jeffy-mathew in #6701
• Revert "[TT-13422] Do not allow empty string in upstream auth configuration strings" by @jeffy-mathew in #6702
• [TT-13535/TT-13566] Make upstream oauth flow client secret omitempty by @jeffy-mathew in #6708
• [TT-13485] update dependencies with vulnerabilities reported by @jeffy-mathew in #6711
• [TT-13475] update OAS version by @lghiur in #6712
• [TT-13535/TT-13566] Ease up required fields in classic API schema by @jeffy-mathew in #6717
• [TT-13607] Only import components/io and components/kafka by @buraksezer in #6720
• [TT-13507][TT-12873][TT-13141] Fix for custom domains with substring listen path by @andrei-tyk in #6705
• [TT-13658] added missing logger from provider initialisation by @andrei-tyk in #6729
• [TT-13439] update response content-length when response body is modified by coprocess response hook by @jeffy-mathew in #6732
• [TT-13670] Decouple OAuthManager behind interface by @titpetric in #6735
• [TT-13390] Silently skip loading bundle on managment node by @jeffy-mathew in #6739
• [TT-13669] Add pre-commit, pre-push hooks by @jeffy-mathew in #6733
• [TT-13142] Fix panic when detailed analytics is turned on with SSE streaming by @jeffy-mathew in #6727
• [TT-13695] Testing fixes, skip dangerous tests by @titpetric in #6736
• [TT-13698] Cache is handled by setup/go, this blocks by @titpetric in #6749
• [DX-1423] Update TYK_GW_SECRETS definition by @dcs3spp in #6360
• [TT-12775] Request size limit breaks GET and DELETE requests by @buraksezer in #6734
• [TT-12775] Add request size limit test for POST, PUT and PATCH methods. by @buraksezer in #6751
• [TT-12710]deleting All Partitioned Policies a Key is linked to does not delete the Key by @andrei-tyk in #6473
• [TT-13155] Explicitly copy BaseMiddleware for each middleware that takes it by @titpetric in #6744
• TT-13513 TT-12767 TT-12768 ensure to save oauth clients locally when pulled from rpc by @sredxny in #6740
• [TT-13715] Upgrade to Bento v1.4.0 by @buraksezer in #6762
• [TT-13608] Issues with custom scalar in query variable by @buraksezer in #6766
• [TT-13217] Add updated dockerfile for python, test with 5.3.0/5.3.6-rc4 by @titpetric in #6750
• [TT-13021]Transfer encoding fix by @andrei-tyk in #6770
• [TT-11711] Fix listenpath validation by @titpetric in #6772
• [TT-12495] Add support for RSASSA-PSS signed JWTs by @sedkis in #6368
• [TT-13021] fixed missing lines by @andrei-tyk in #6787
• [TT-13753] Fix sonarcloud coverage via upload-artifact by @titpetric in #6790
• [TT-12741] Looped ap is wrongfully inherit the caller's authentication key when using url rewrite by @buraksezer in #6778
• [TT-13741] [master] exp/modcheck: Update go.mod dependencies by @buger in #6794
• [TT-13564] Add classic to OAS translation guide by @jeffy-mathew in #6774
• [TT-13742] Update swagger to 5.7.1 by @lghiur in #6803
• [TT-13761] add batch request to the latest open api specs by @yurisasuke in #6797
• Merging to master: Merging to release-5.3: [TT-13769] Extend plugin compiler test with arm64 cross build (#6813) by @buger in #6815
• [TT-13766] Bump newrelic dependency by @titpetric in #6809
• [TT-11910]: added tag headers to traffic logs and tests by @kofoworola in #6818
• Add tests to verify yaml conversions work by @jeffy-mathew in #6819
• [TT-13723] Update to Go 1.23 by @titpetric in #6812
• [TT-10070] Fix/sanitize error logging by @titpetric in #6817
• [TT-11896] Add OAS IPAccessControl by @jeffy-mathew in #6824
• implement api-level request size limit for oas (TT-11459) by @pvormste in #6822
• [TT-11912]: Added Analytics expiry period to OAS by @kofoworola in #6825
• [TT-11913] Add custom analytics plugins configuration to OAS by @buraksezer in #6829
• add load balancing to oas configuration (TT-881) by @pvormste in #6830
• [TT-13819] Benchmark updates, session limiter workaround for test goroutine leak by @titpetric in #6826
• [TT-11909]: Added Session Lifetime to OAS by @kofoworola in #6835
• fix omitempty on some fields for LoadBalancing (TT-881) by @pvormste in #6837
• [TT-2539] Refactor hash and token apis under internal/crypto, leave aliases by @titpetric in #6838
• [TT-12440] Clean up gojsonschema import surface, phase out internal fork by @titpetric in #6836
• [TT-2539] Transaction logs by @LLe27 in #6841
• [TT-13939] Embed memorycache, drop leakybucket import by @titpetric in #6843
• [TT-13657]: Add protocol and port to oas by @kofoworola in #6846
• [TT-881] fix issue where upstream targets have been duplicated by @pvormste in #6847
• TT-2539 - renamed access log fields by @LLe27 in #6849
• [TT-13820] Fix code whitespace style consistency by @titpetric in #6844
• [TT-11909]: fix oas bug on session lifetime and add respect expiry by @kofoworola in #6842
• [TT-12884] add batch requests support to OAS by @pvormste in #6853
• [TT-14010] Linter reconfig for golangci-lint by @titpetric in #6854
• [TT-7249] Flaky TestJWTSessionExpiresAtValidationConfigs by @titpetric in #6856
• [TT-13910]: Removed disable expire analytics and added customRetentionPeriod OAS by @kofoworola in #6848
• [TT-12638] Added PreserveHostHeader to OAS functionality by @andrei-tyk in #6859
• TT-13890: request debug endpoint by @lghiur in #6862
• [TT-11913] Implement OAS contract for analytics plugin by @kofoworola in #6861
• [TT-11908] add request signing to OAS upstream authentication by @pvormste in #6850
• [TT-13998] make url of X-Tyk-Upstream optional when loadBalancing is present by @pvormste in #6860
• [TT-13629]: OAS upstream SSL configuration by @kofoworola in #6840
• [DX-1780]Generate test for tyk gateway swagger by @yurisasuke in #6827
• [TT-12957] OAS Uptime Tests migrations by @titpetric in #6852
• TT-12965: Improve performance of ctx.GetOASDefinition/GetDefinition by @titpetric in #6855
• [TT-13477] upstream oauth event handling by @andrei-tyk in #6867
• TT-14070: [Testing/Concurrency] Test gateway lifecycle, enable start/stop parallelism by @titpetric in #6677
• TT-14085: Remove the pmylund/go-cache dependency by @titpetric in #6871
• [TT-13659] add support for custom event handlers in OAS definitions by @pvormste in #6870
• [TT-13657]: modified json schema for protocol by @kofoworola in #6878
• TT-14089 load apis from emergency mode, wait for connection considers emergency mode by @sredxny in #6873
• [TT-13440] correctly sync multi-value response headers with coprocess middleware by @edsonmichaque in #6883
• TT-14059: Add migration test fixtures by @titpetric in #6879
• TT-14132: Update sonarcloud sonarqube scan by @titpetric in #6888
• [TT-14100] fix requireSession in OAS for custom auth plugins by @pvormste in #6893
• TT-14110, TT-14112, TT-14103: Implement ignoreCase, preserveTrailingSlash, remove multipleOf by @titpetric in #6889
• TT-14154: [test only] fix golangci-lint base branch for merges by @titpetric in #6896
• [TT-13836] Key Rotation for MDCB Data Planes by @mativm02 in #6868
• [TT-14084] External OAuth is migrated as Keyless by @buraksezer in #6895
• [TT-14178] Temporarily revert strict oas schema usage by @jeffy-mathew in #6900
• [TT-14111] add support for rate limit and quota flags in OAS by @pvormste in #6899
• [TT-13660] add support for log event handler to OAS definitions by @pvormste in #6880
• [TT-13936] Improve RPC connection handling for user key reset events by @mativm02 in #6904
• TT-14192: Consistent use of imported package for gojsonschema, lint by @titpetric in #6902
• TT-14110: Cover migration of ignoreCase for classic by @titpetric in #6906
• TT-7306: Migrate Mock Response from Classic API Definition to OAS API Definition by @edsonmichaque in #6894
• [TT-8876], set "policies.allow_explicity_policy_id " to true by default by @andrei-tyk in #6905
• [TT-14200] add support to disable log event handlers and custom event handlers by @pvormste in #6907
• TT-14059: Extend service discovery tests and fixtures by @titpetric in #6909
• TT-14183: Fix uptimetests migrations, add fixtures, enabled flag by @titpetric in #6908
• TT-14221: Refactor for clean usage of httputil by @titpetric in #6911
• [TT-7306] [fix] Migrate Mock Response from Classic API Definition to OAS API Definition by @edsonmichaque in #6914
• [TT-14169] Review and address CVEs by @buraksezer in #6917
• [TT-14170] Config and swagger description updates by @lghiur in #6919
• [TT-14214]: added milisecond duration to readable duration by @kofoworola in #6916
• [TT-14169] Upgrade github.com/go-jose/go-jose/v3 by @buraksezer in #6925
• [TT-12957] fix some issues with uptime_tests migrations to OAS by @pvormste in #6924
• TT-14170 Update missing Tyk OAS API go doc on fields by @lghiur in #6926
• TT-14163 when start the rpc set as default in emergency mode by @sredxny in #6910
• [TT-7306] Ensure ignoreAuthentication is only enabled in migration scenario by @edsonmichaque in #6923
• [SYSE-401 master] Model builds as a concept by @konrad-sol in #6728
• TT-14170 adjusted godoc for gw config by @lghiur in #6938
• [TT-12957] fixed issue when migrating from classic to oas that was leaving a broken url by @andrei-tyk in #6947
• [TT-7306] Revert allow list to migrated mock response by @edsonmichaque in #6946
• [TT-14102] fix api level and endpoint level cache migration by @edsonmichaque in #6931
• [TT-12957] oas uptime testing migration fails on timeout field by @andrei-tyk in #6956
• [TT-14276] Gateway panics if Uptime Tests are disabled in config but enabled in API definition by @buraksezer in #6960
• [TT-14244] Bump go, set godebug for compatibility by @andrei-tyk in #6963
• CI fix for linter failing when PR target branch is not master by @andrei-tyk in #6964
• Tt 14350 fix gateway linter using wrong branch causing ci to mailfunction on release p rs by @andrei-tyk in #6965
• [TT-7815] ensure path params are migrated to OAS by @edsonmichaque in #6966
• [TT-14413] Check for existing params before generating new ones by @edsonmichaque in #6973
• [TT-12343] Use API endpoint hard timeouts over global timeout setting by @mativm02 in #6976
• TT-14452, fixed CVEs for v5.8 by @andrei-tyk in #6978
• [TT-14357]: fixed issue with stale context in UDG by @kofoworola in #6977
• [TT-13365] Create json schema script for Bento config validation by @buraksezer in #6690
• [TT-12442] necessary changes for new licensing logic by @andrei-tyk in #6984
• [TT-12442] changes required in gateway for new licensing to work by @andrei-tyk in #6985
• [TT-12442] Force gw reload after registration to have synced polciies and apis by @andrei-tyk in #6988
• [TT-14518] Exclude swagger.yml from sonarcloud analysis by @lghiur in #6991
• Create force-merge.yaml by @buger in #6993
• Update README.md by @buger in #6994
• [TT-13277] Improve API listen path sorting to prioritize static segments over parameters by @edsonmichaque in #6987
• [TT-12343] Improve Timeout Test Coverage and Consistency in TestTimeoutPrioritization by @edsonmichaque in #6992
• [DX-1906]add images to the source swagger by @yurisasuke in #6957
• [TT-14149] Added more details to the ssl_certificate config by @letzya in #3726
• TT-14365: internal/policy: add restricted_types behaviour test by @titpetric in #6972
• [TT-1428]: added bloblang to test for json schema by @kofoworola in #7003
• [SYSE-372 master] Implement custom rules for enterprise artifacts in package promotion by @alephnull in #7005
• [TT-14300] Add support for AMQP 0.9 and 1.0 by @buraksezer in #7004
• [ TT-14298]: Added support for bloblang by @kofoworola in #7009
• [TT-14431]: add mqtt to json schema by @kofoworola in #7010
• [TT-14300] Simple AMQP load generator tool for amqp_1 and amqp_0_9 by @buraksezer in #7012
• [TT-14435]: add mqtt test cases by @kofoworola in #7021
• [TT-14365]Test/apply policies restricted types fix by @andrei-tyk in #7020
• [TT-14596] Investigate flaky amqp integration tests by @buraksezer in #7019
• [TT-14446] Add an integration test for Input (http_server) → Output(amqp_1) scenario by @buraksezer in #7026
• TT-14590 kinopenapi CVE fix - Use internal fork of kinopen-api and import update gql translator by @lghiur in #7024
• [TT-14666], fix for panic on gateway side when upgrading old oas file by @andrei-tyk in #7034
• [TT-14794] fix issue where an invalid stream path results in 500 by @pvormste in #7047
• [TT-14666] gw panics after updating from 5 0 with oas api by @andrei-tyk in #7046
• [TT-14253] Unload Streams Properly by @buraksezer in #7033
• [ TT-14504] Tyk OAS API definition is not available to Response Plugin if no Request Plugin loaded by @shults in #7053
• [TT-14829] Added External OAuth Deprecated mark in godoc by @lghiur in #7050
• [TT-14252] Add customValidationRule interface to generate_bento_config_schema script by @buraksezer in #7057
• [TT-13779] POST form parameters are not logged for Tyk OAS APIs by @MaciekMis in #7054
• [TT-13924]: updated go mod for kafka datasource by @kofoworola in #7058
• [TT-14868] Request Body Not Recorded When Transfer-Encoding: chunked by @MaciekMis in #7061
• TT-8176: implement authorisation using multiple JWK URIs by @olamilekan000 in #7060
• Tyk OAS API definition is not available to Response Plugin if no Request Plugin loaded by @shults in #7064
• [TT-11387] Unhelpful error messages in UI when creating APIs via OpenAPI import by @MaciekMis in #7067
• [TT-14731] Add a flag to enable all bento inputs/outputs by @buraksezer in #7065
• [TT-14470] update bento to v1.7.1 that includes SSE browser fix by @pvormste in #7072
• [TT-10496] GRPC plugins do not work with service names by @andrei-tyk in #7052
• TT-8176: use centeral JWT centralised process method for JWKs by @olamilekan000 in #7071
• [TT-11387] Unhelpful error messages in UI when creating APIs via OpenAPI import by @MaciekMis in #7080
• Disabled/empty uptime test fields migrated to Tyk OAS by @shults in #7069
• [TT-11975] Lack of clear error message during failed import when API definition is not valid by @MaciekMis in #7077
• [TT-14879] Tyk Dashboard should use /api/apis/streams endpoints to create and import Tyk Stream APIs by @buraksezer in #7088
• [TT-9234] graceful shutdown of gateway by @andrei-tyk in #7076
• [TT-14582]: Update go mod to fix issue with sending arguments from interface fields in gql by @kofoworola in #7082
• TT-14948: fix caching issue with JWKs-URIs by @olamilekan000 in #7079
• [TT-12308] Query parameters not respected by OAS import endpoint by @MaciekMis in #7087
• [TT-14731] Add a flag to enable all bento inputs/outputs by @buraksezer in #7092
• [TT-14863] Replace github.com/TykTechnologies/kin-openapi with github.com/getkin/kin-openapi by @edsonmichaque in #7041
• [TT-14621]corrected prefix for certificates by @andrei-tyk in #7094
• [TT-11335] OAS URL rewrite schema update by @MaciekMis in #7099
• TT-8317 Add KeyID to Protobuf by @nerdydread in #6488
• [Debugger MVP] Some middleware doesn't work for OAS debugger by @shults in #7093
• [TT-15043] Exclude generated files from Sonarqube analysis by @edsonmichaque in #7103
• [TT-13740]: update mod and updated apidef by @kofoworola in #7104
• [TT-14731] Add a flag to enable all bento inputs/outputs by @buraksezer in #7116
• [TT-10496] gRPC plugins do not terminate gracefully and cannot be load balanced by @andrei-tyk in #7111
• [TT-15065] Mock response stops working after kin-openapi upgrade by @shults in #7120
• [TT-14299] add mqtt and websocket load generator for streams testing by @pvormste in #7126
• [TT-14857] Updating dependencies to fix CVEs by @mativm02 in #7119
• [TT-9234] graceful shutdown of gateway improvments and bug fix for mdcb scenario by @andrei-tyk in #7117
• TT-15095: ensure jwks URI field works only for OAS API by @olamilekan000 in #7129
• [TT-7932] Errors migrating some versioned APIs to OAS by @MaciekMis in #7101
• [TT-14914] No response middleware information in Tyk OAS API Debugger by @shults in #7113
• [QA-1608 master] Github template update by @konrad-sol in #7108
• [TT-14839] Update version on swagger yml by @lghiur in #7141
• [TT-8963] Unable to loop mocked endpoint by @shults in #7105
• [TT-14838] Addressed gw documentation reviews by @lghiur in #7157
• [TT-14914] No response middleware information in Tyk OAS API Debugger by @shults in #7158
• [TT-15059][TT-11285] MDCB DNS critical fix and policy sync cherrypick by @andrei-tyk in #7167
• [TT-14990] Update GetCiphers to restore support for legacy TLS cipher suites by @edsonmichaque in #7173
• 5.8.3 docs review by @lghiur in #7188
• [TT-9234] fixes for graceful shutdown regression bugs by @andrei-tyk in #7163
• [TT-15111] connectivity reviewer by @lghiur in #7186
• [TT-9234] regression fixes with incorrect behaviour by @andrei-tyk in #7202
• [TT-9234] regression fixes by @andrei-tyk in #7207
• [TT-15111] probe AI PR reviewers by @lghiur in #7209
• [TT-9234][TT-15257] regression fixes for failing mdcb readiness check by @andrei-tyk in #7215
• TT-14838 Addressed comments on GW docs improvements by @lghiur in #7225
• [TT-15216] Optimised the probe review prompts to stick to important messages by @lghiur in #7222
• [TT-15216] Fix GH action lint issues by @lghiur in #7232
• [TT-15251] GW prints body decompression error when when you enable analytics by @buraksezer in #7230
• [TT-10273] CORS check should be performed after API Version check by @MaciekMis in #7179
• [TT-14914] No response middleware information in Tyk OAS API Debugger by @shults in #7208
• [TT-14254] The logs produced by the gateway about streams APIs should be in the same format as the other gateway logs by @buraksezer in #7245
• [TT-15321]: added documentation to dev docs for OAS only feature and added helper method by @kofoworola in #7246
• [TT-11244] Custom domain regex causing problems with servers by @shults in #7233
• [TT-7523] [OAS Versioning] Gateway CE allows to create version without new_version_name by @MaciekMis in #7244
• [TT-14370] [OAS] ReadableDuration converts some values to decimals causing a schema problem by @shults in #7256
• [TT-15019] Update Gateway and Plugin Compiler to Go 1.24 by @buraksezer in #7265
• [TT-15505] Remove negate field as mandatory from the OAS API schema by @lghiur in #7284
• [TT-15359]: Added extra jwt validation by @kofoworola in #7269
• [TT-5588] [OAS] gateway apiKey import generates unnecessary object by @MaciekMis in #7270
• [TT-7524] [OAS] Gateway CE behaves differently from Dashboard for middleware and PATCH by @MaciekMis in #7261
• [TT-15507] Revert changes to the "/hello" health check endpoint by @mativm02 in #7295
• [TT-15359]improve backwards compatibility of Jwt claim validation by @kofoworola in #7294
• Revert "[TT-5588] [OAS] gateway apiKey import generates unnecessary object" by @radkrawczyk in #7299
• [TT-14564] Fix: Add mutual TLS support for dedicated rate limiter Redis connection by @buger in #7301
• [TT-15398] added basic configuration for ExternalServiceConfig by @andrei-tyk in #7272
• Custom domain regex causing problems with servers (bugfix) by @shults in #7310
• [TT-5588] [OAS] gateway apiKey import generates unnecessary object by @MaciekMis in #7303
• [TT-7524] [OAS] Gateway CE behaves differently from Dashboard for middleware and PATCH by @MaciekMis in #7305
• [TT-15568] fix flaky sort logic by @pvormste in #7316
• [TT-15190] feat: Gateway Resilience Enhancement - Intelligent Auto-Recovery for Nonce Desynchronization by @buger in #7267
• Body transform middleware not applied when URL rewrite pattern contains regex by @shults in #7302
• The debugger reports error traces on the endpoint where the 'Response Body Transform' middleware is used. by @shults in #7321
• Custom domain regex causing problems with servers by @shults in #7322
• [TT-15359]: updated documentation for core claims update by @kofoworola in #7333
• Deleting an API with the 'Uptime test' feature enabled crashes the Gateway by @shults in #7320
• [TT-15360]: Custom Claims Validation Framework by @kofoworola in #7318
• [TT-14369] ReadableDuration does not handle time values that "mix" subsecond units - extending tests duration_test.go by @radkrawczyk in #7293
• [OAS] gateway apiKey import generates unnecessary object by @MaciekMis in #7328
• [TT-15379][TT-15383] introduce certificate expiry checks and events by @pvormste in #7332
• [TT-2378] Implementing OAS OR auth logic by @mativm02 in #7306
• Body transform middleware not applied when URL rewrite pattern contains regex by @shults in #7330
• [TT-14665]: Update OAS spec to allow empty versions by @kofoworola in #7340
• [TT-15399] feat: Gateway Resilience Enhancement - Service Integration for External Service Config (Phase 2) by @andrei-tyk in #7325
• [TT-15380] Enhance JWKS caching by @buraksezer in #7339
• [TT-15684]: Add normalize step to OAS api by @kofoworola in #7344
• [TT-15399] minimal godocs update on external services config by @andrei-tyk in #7346
• [TT-15662] Review and address GW & Dash CVEs by @buraksezer in #7347
• [TT-15379] fix shared cooldowns for event handlers and use global cooldown cache by @pvormste in #7348
• [TT-15399] fix for fallback behaviour when configs are not set by @andrei-tyk in #7350
• Request Body Transform MW and Header Transform MW are not sufficiently logged in the debugger by @shults in #7338
• [TT-11960] Incorrect handling of unexpected query parameters by @MaciekMis in #7345
• [TT-15747] OAS versioning identifier key is conditionally required based on the location by @lghiur in #7358
• [TT-15671] Add securityProcessingMode field to support legacy/compliant auth processing by @mativm02 in #7349
• Replace probe workflows with visor by @buger in #7364
• Add security_requirements field to schema and refactor JWT and Basic Auth handling by @mativm02 in #7363
• [TT-15742] Fix certificate expiry handling for recently expired certificates by @edsonmichaque in #7365
• [TT-15852] fix days as integer for expiry events by @pvormste in #7371
• [TT-15798] fix schema for jtiValidation by @pvormste in #7375
• [TT-15718] Upgrade graphql-go-tools dependency to fix CVE-2025-54388 by @buraksezer in #7377
• [TT-15868] Fixing panic when using JWT as a second authentication method in compliant mode by @mativm02 in #7384
• [TT-15719] GW docs 5.10 review by @lghiur in #7385
• [TT-15869] cooldown defaults not working and minor datetime format adjustments by @pvormste in #7386
• [TT-15860] Missing httpclient for upstream oauth by @andrei-tyk in #7381
• [TT-15863] fix random version picking for not versioned API by @pvormste in #7380
• [TT-15860] initial fix for tls log by @andrei-tyk in #7395
• [TT-15901] Adding AND support for auth method groups by @mativm02 in #7399
• [Regression]Mock response requests produce a warning level message "session not found. sending inappropriate rate-limit headers" by @shults in #7403
• [TT-15891] made jwkruris cache_timeout ReadableDuration by @andrei-tyk in #7406
• [TT-15904] Remove redundant task lint from CI test step by @jeffy-mathew in #7401
• [TT-15904] revert golangcilint return exit code 0 to run ci tests on push to master by @jeffy-mathew in #7413
• [TT-15901] Enhance AuthORWrapper to support authentication methods without SecuritySchemes by @mativm02 in #7411
• [DX-2102] Bug Fixes and Improvements in Tyk OAS by @sharadregoti in #7419
• [TT-11125] Add trace id request header by @lghiur in #7402
• [TT-15956] Proprietary auth methods are auto populated to OAS Security when changing to compliant mode by @mativm02 in #7425
• Refactor error messages in OAS security validation for consistency by @mativm02 in #7440
• [TT-15953] fix: Make EnforceOrgDataAge respect EnforceOrgQuotas configuration by @buger in #7434
• [TT-15830, TT-7735] Plugin loading failure error is ignored for certain types of plugins by @MaciekMis in #7391
• [TT-15839] Adding bundle validation by @imogenkraak in #7422
• [TT-15141] Toggling default policy from inactive to active does not activate JWT in some cases by @MaciekMis in #7431
• [TT-15141] Toggling default policy from inactive to active does not activate JWT in some cases - revert session save by @MaciekMis in #7449
• [TT-14814] fix bundle loading issue by @pvormste in #7436
• [TT-15415] Added response body size validation by @imogenkraak in #7430
• TT-15867 - rollout new Jira linter by @bsten-tyk in #7439
• [TT-15734] Handle big.Int JSON marshaling errors in logrus formatter by @lghiur in #7465
• TT-15781: add aggregator job to ci-test.yml by @sredxny in #7458
• Update docs for Gateway changes by @jay-deshmukh in #7475
• [TT-15955] Inefficient DNS change detection causes unnecessary RPC retries and request blocking by @mativm02 in #7473
• [TT-16002] fixed context propagation in grpc calls by @andrei-tyk in #7481
• [TT-14871] Expose Gateway-Only Latency in Tyk Metrics by @andrei-tyk in #7464
• [TT-14871] fixed go.mod not having latest available pump commit by @andrei-tyk in #7488
• [TT-15201] Sometimes the data plane gateway returns 404 page not found by @buraksezer in #7487
• [TT-16055] upgrade golangcilint to v2.5.0 by @jeffy-mathew in #7491
• [TT-16055] remove redundant codegen:smart by @jeffy-mathew in #7495
• [TT-16032] Add DNS monitoring feature for worker gateway by @mativm02 in https://github.com/TykTechnologies/tyk/pull/7485
• [TT-15967] add alias packages by @jeffy-mathew in https://github.com/TykTechnologies/tyk/pull/7463
• [TT-15595, fixed the gateway API not accepting 0 weight and not being … by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7498
• [TT-14871] fix in-gateway time measurement being measured wrong by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7500
• [TT-15606] fix certificate chain mTLS handshake by @pvormste in https://github.com/TykTechnologies/tyk/pull/7505
• TT-15793 added workflow to Suggest target branches by @sredxny in https://github.com/TykTechnologies/tyk/pull/7511
• [TT-15473] Generate proper OAS server URLs by @lghiur in https://github.com/TykTechnologies/tyk/pull/7509
• [TT-15595] temporarily remove upstream target from load balancing by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7524
• [TT-14359] fix nested scopes for identity base field by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7522
• [TT-16109] Export GenerateTykServers so it can be used by Dashboard API by @lghiur in https://github.com/TykTechnologies/tyk/pull/7532
• [TT-6613] JWT authentication should not require a base policy if scope-to-policy mapping is used by @mativm02 in https://github.com/TykTechnologies/tyk/pull/7504
• [TT-15426]fixed go.mod not having latest graphql-go-tools version by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7534
• [TT-15354]: Improve logging in JWT Middleware by @imogenkraak in https://github.com/TykTechnologies/tyk/pull/7528
• [TT-15825] [BE] Address inconsistencies with use of Policy identifiers by @shults in https://github.com/TykTechnologies/tyk/pull/7424
• TT-14891 - adds client ip from XFF by depth by @sedkis in https://github.com/TykTechnologies/tyk/pull/7063
• [TT-15100][TT-15091] adjusted swagger enum and tyk vendor extension schema name by @lghiur in https://github.com/TykTechnologies/tyk/pull/7535
• when worker node is on emergency node, do not panic when using a new jwt token by @sredxny in https://github.com/TykTechnologies/tyk/pull/5534
• [TT-15683] Add JWKS cache flush to the Dashboard API and MDCB by @buraksezer in https://github.com/TykTechnologies/tyk/pull/7523
• [TT-16119][TT-15473] Fix URL generation bugs by @lghiur in https://github.com/TykTechnologies/tyk/pull/7541
• [TT-16142] fix CVEs for v5.10.1 by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7543
• [TT-15966] Update storage library to v1.3.0 by @mativm02 in https://github.com/TykTechnologies/tyk/pull/7539
• Gromit sync with tyk repo TT-16131 by @Razeen-Abdal-Rahman in https://github.com/TykTechnologies/tyk/pull/7542
• [TT-16121] Generate relative server urls for APIs with no matching tags by @lghiur in https://github.com/TykTechnologies/tyk/pull/7544
• [TT-15942]: Integrate Sentinel One CNS scanner workflow by @asutosh in https://github.com/TykTechnologies/tyk/pull/7529
• [TT-16121] Always generate relative paths except when custom domains are configured by @lghiur in https://github.com/TykTechnologies/tyk/pull/7553
• [TT-15954]: Make org session fetch non-blocking by @imogenkraak in https://github.com/TykTechnologies/tyk/pull/7531
• [TT-16109][TT-16149] Fix fallback URLs and disabled domain handling after relative path changes by @lghiur in https://github.com/TykTechnologies/tyk/pull/7557
• [TT-15683] Add NoticeInvalidateJWKSCacheForAPI event processing logic… by @buraksezer in https://github.com/TykTechnologies/tyk/pull/7562
• [TT-16172] Fixes bug where OAS server URLs endpoint returned "self" instead of actual version name in headers/query parameters. by @lghiur in https://github.com/TykTechnologies/tyk/pull/7561
• [TT-16176] respect gateway tags disabled state in server URL generation by @lghiur in https://github.com/TykTechnologies/tyk/pull/7560
• TT-15780 Auto generated from templates by gromit by @sredxny in https://github.com/TykTechnologies/tyk/pull/7554
• [TT-12827] A gateway using a redis rate limiter panics if any Gateway sharing the same Redis is using the DRL by @MaciekMis in https://github.com/TykTechnologies/tyk/pull/7558
• [TT-16176] Generate relative patsh when tags are disabled or 0 by @lghiur in https://github.com/TykTechnologies/tyk/pull/7564
• [TT-15971] Add cross-repo dashboard build workflow for API tests by @jeffy-mathew in https://github.com/TykTechnologies/tyk/pull/7563
• FIPS Docker Images for LTS releases only TT-16023 by @Razeen-Abdal-Rahman in https://github.com/TykTechnologies/tyk/pull/7571
• [TT-16013]Fix/oas security scheme race condition 7573 by @andrei-tyk in https://github.com/TykTechnologies/tyk/pull/7579
• Merging to release-5.11: [TT-16188] Update info.version (#7598) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7601
• Merging to release-5.11: [DX-2045] docs: clarify TYK_GW_MAXIDLECONNSPERHOST default value and recommendation (#7604) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7610
• Merging to release-5.11: [DX-2128] docs: clarify TYK_GW_USEREDISLOG requires shared Redis instance (#7607) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7614
• Merging to release-5.11: Fix Docs (#7624) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7627
• Merging to release-5.11: [TT-16285] Auto generated from templates by gromit (#7630) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7634
• Merging to release-5.11: TT-16290 rename the ci aggregator (#7635) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7640
• Merging to release-5.11: [TT-16296] fixed keys being set automatically as active (#7642) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7648
• Merging to release-5.11: Remove mercurial from plugin compiler Dockerfile (#7670) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7674
• Merging to release-5.11: [TT-16468] Using a JWKS URL causes memory leak in gateway 5.11 (#7703) by @probelabs[bot] in https://github.com/TykTechnologies/tyk/pull/7707

New Contributors

• @padiazg made their first contribution in #6229
• @LLe27 made their first contribution in #6344
• @olamilekan000 made their first contribution in #7060
• @nerdydread made their first contribution in #6488

Full Changelog: v5.3.0-rc2...v5.11.1-alpha2