What's Changed
- ✨ Support forwarded host in same-origin check by @amorey in #1103
- 🎣 Relax hex requirement for session key-pairs by @amorey in #1107
- ✨ Trigger publish workflows only on stable releases by @amorey in #1110
- ✨ Add CSRF token support to GraphiQL page by @amorey in #1111
- 🎣 Fix CSRF rejection of legitimate same-origin POSTs by @amorey in #1112
- 🎣 Prevent client-supplied X-Forwarded-Authorization from shadowing service-account-token by @amorey in #1113
- 🎣 Harden CSRF token handling by @amorey in #1114
- 🎣 Stop trusting X-Forwarded-* headers in same-origin check by @amorey in #1117
- ✨ Add allowed-origins config for proxied deployments by @amorey in #1118
- ✨ Consolidate publish-guru workflow and add pkgcheck by @amorey in #1120
- 🎣 Fix context cancellation in mergeLogStreams by @jerome-wilson in #1121
- ✨ Add end-to-end test suite by @amorey in #1127
- ✨ Put cluster-api behind kube-apiserver aggregation layer by @amorey in #1125
- ✨ Simplify e2e suite by dropping env/backend parametrization by @amorey in #1129
- ✨ Migrate e2e cluster tool from k3d to kind by @amorey in #1130
- ✨ Bump grpc-dispatcher-go to v0.1.6 by @amorey in #1132
- 🐋 Add Kubetail API backend to
kubetail logsby @amorey in #1133 - 🎣 Remove invalid --upload flag from cosign sign in release workflow by @amorey in #1134
- 🎣 Fix kubetail logs backend fallback, filters, and pagination by @amorey in #1135
- ✨ Add background update check with notification by @amorey in #1137
Full Changelog: cli/v0.15.0...cli/v0.17.0