Changelog
This is a patch release for v2.36
Behaviour changes
- In certain circumstances, all HTTP headers were included in the set of session variables. This has now been reduced to only the session variables. This change affects a number of areas, including the HTTP logs, query validation, JWT claims, rate limiting, and accessing session variables in Kriti code.
- In rare cases, sensitive headers were written to the GraphQL Engine logs. These cases are now handled correctly to avoid logging sensitive information.
Build
- Updates ubuntu jammy base image to get the latest security updates.