What's Changed
- docs: update generated documentation by @github-actions[bot] in #1624
- fix: replace Math.random with CSPRNG by @hiddeco in #1604
- fix(docker): patch CVE-2026-22184 zlib critical vulnerability in Alpine images by @orhanrauf in #1618
- Reduce OAuth session TTLs to 5 minutes by @hiddeco in #1597
- feat: add SSRF protection by @hiddeco in #1603
- fix: use refresh tokens for Auth0 renewal by @hiddeco in #1617
- feat(oauth): add claim-token verification by @hiddeco in #1620
- docs: cli by @EwanTauran in #1632
- fix(ci): scope lint to changed lines by @hiddeco in #1630
- feat: replace Vespa visitor-based deletes with query-then-delete-by-ID by @felixschmetz in #1598
- fix: derive Connect URL at runtime instead of hardcoded localhost:8082 by @orhanrauf in #1633
- refactor: carve out ARF & Storage into first-class Code Blue domains by @felixschmetz in #1596
- perf: eliminate N+1 source-connection requests on collection list pages by @orhanrauf in #1593
Full Changelog: v0.9.30...v0.9.31