{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":19537979,"defaultBranch":"master","name":"tyk","ownerLogin":"TykTechnologies","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2014-05-07T14:38:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/16121529?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1716989116.0","currentOid":""},"activityList":{"items":[{"before":"ecfe25e7bb77d687f14fbf01b512a3f83d8bf520","after":"282c3731be902efe3487665c83a234aa8307602b","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-29T15:54:30.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Set allowance ttl to 2*delay","shortMessageHtmlLink":"Set allowance ttl to 2*delay"}},{"before":"12f8b17f93205024f15c6b607eaee24c67b19aa7","after":"ecfe25e7bb77d687f14fbf01b512a3f83d8bf520","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-29T15:47:16.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Set allowance ttl to 2*delay","shortMessageHtmlLink":"Set allowance ttl to 2*delay"}},{"before":"a9446ab70687b8fc7ea100e9fe5d0f9d1c4cd232","after":"12f8b17f93205024f15c6b607eaee24c67b19aa7","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-29T13:52:43.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"internal/rate: better tests, model pkg, mock","shortMessageHtmlLink":"internal/rate: better tests, model pkg, mock"}},{"before":"fd64dfb4e93a377d04efcc3d1800e378199660f1","after":null,"ref":"refs/heads/fix/TT-11997/header-case-insensitivity","pushedAt":"2024-05-29T13:25:16.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"}},{"before":"08a7fdef8305b857fa6886d2dcb46204a8fef6e7","after":"853b3951f667be4e018c9104e412bc49f4815bd2","ref":"refs/heads/master","pushedAt":"2024-05-29T13:25:15.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"},"commit":{"message":"[TT-11997] Header case insensitivity (#6316)","shortMessageHtmlLink":"[TT-11997] Header case insensitivity (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2323281765\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6316\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6316/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6316\">#6316</a>)"}},{"before":"a258cbdf098f12f3101126a79c210c092a74b31c","after":"fd64dfb4e93a377d04efcc3d1800e378199660f1","ref":"refs/heads/fix/TT-11997/header-case-insensitivity","pushedAt":"2024-05-29T13:02:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"},"commit":{"message":"[TT-11997] Remove unnecessary Header.Del operation","shortMessageHtmlLink":"[TT-11997] Remove unnecessary Header.Del operation"}},{"before":null,"after":"a258cbdf098f12f3101126a79c210c092a74b31c","ref":"refs/heads/fix/TT-11997/header-case-insensitivity","pushedAt":"2024-05-29T12:59:21.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"},"commit":{"message":"[TT-11997] Canonicalize header names in request_headers_rewrite config.","shortMessageHtmlLink":"[TT-11997] Canonicalize header names in request_headers_rewrite config."}},{"before":"af1a623989ded6a5048601b4206af987cca0d097","after":"a9446ab70687b8fc7ea100e9fe5d0f9d1c4cd232","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-29T12:27:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Add local allowance cache, storage stats for debug","shortMessageHtmlLink":"Add local allowance cache, storage stats for debug"}},{"before":null,"after":"08a7fdef8305b857fa6886d2dcb46204a8fef6e7","ref":"refs/heads/TT-8735-fips-support-gateway","pushedAt":"2024-05-29T12:01:52.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"andrei-tyk","name":null,"path":"/andrei-tyk","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/97896463?s=80&v=4"},"commit":{"message":"add logic for use_immutable_headers (TT-12190) (#6315)\n\n### **User description**\r\nThis PR adds the logic for `use_immutable_headers` for GraphQL\r\nproxy-only\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [x] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nEnhancement, Tests\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Added `use_immutable_headers` feature to GraphQL proxy-only mode.\r\n- Updated reverse proxy and transport logic to handle\r\n`use_immutable_headers` flag.\r\n- Refactored header configuration to use new structs.\r\n- Added comprehensive tests for new feature in middleware and transport.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Tests\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_graphql_test.go</strong><dd><code>Add tests for\r\nuse_immutable_headers feature in GraphQL\r\nmiddleware</code></dd></summary>\r\n<hr>\r\n\r\ngateway/mw_graphql_test.go\r\n<li>Added tests for <code>use_immutable_headers</code> feature.<br> <li>\r\nDifferentiated behavior based on <code>use_immutable_headers</code>\r\nflag.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-72c11b8efcaceccfbbd87e75565353706443bf56420d3fdba6b5bf5f632f4b33\">+79/-34</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>transport_test.go</strong><dd><code>Add tests for\r\nuse_immutable_headers feature in transport</code>&nbsp; </dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/transport_test.go\r\n- Added tests for `use_immutable_headers` feature in transport.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-14490e6a204ab6724dd57f0f7f840b6d9b200f68bccf8d8df87c8d41321551f6\">+114/-0</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n</table></td></tr><tr><td><strong>Enhancement\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>reverse_proxy.go</strong><dd><code>Update reverse proxy\r\nto support use_immutable_headers feature</code></dd></summary>\r\n<hr>\r\n\r\ngateway/reverse_proxy.go\r\n<li>Updated reverse proxy handling to include\r\n<code>use_immutable_headers</code> flag.<br> <li> Refactored header\r\nconfiguration handling.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-e6e07722257f7e41691e471185ad6d84fd56dc9e5459526ea32e9a5e8fa1a01b\">+13/-8</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>engine.go</strong><dd><code>Extend ReverseProxyParams\r\nwith header configuration structs</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/engine.go\r\n<li>Added <code>HeadersConfig</code> to\r\n<code>ReverseProxyParams</code>.<br> <li> Introduced\r\n<code>ReverseProxyHeadersConfig</code> and\r\n<code>ProxyOnlyHeadersConfig</code> <br>structs.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-9d1ef4ec1b59d708ed86c7cc348b73bd0b619ef034094b5fbd4b138e11ccde6e\">+16/-7</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v1.go</strong><dd><code>Modify GraphQL\r\ntransport initialization for header configuration</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v1.go\r\n- Updated transport initialization to use `HeadersConfig`.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-e592cc8ca6ac39e7574765d7f2bbf19193f173791a1b0930d4dde7f9412dc882\">+1/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v2.go</strong><dd><code>Modify GraphQL\r\ntransport initialization for header configuration</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v2.go\r\n- Updated transport initialization to use `HeadersConfig`.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-2e41b60f046c2947fbedb8fb841b5c3c962798e3ba8211c7144f326436ffabe3\">+2/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>transport.go</strong><dd><code>Refactor transport to\r\nuse HeadersConfig and support\r\n</code><br><code>use_immutable_headers</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/transport.go\r\n<li>Refactored transport to use <code>HeadersConfig</code> for header\r\nrewrites.<br> <li> Added logic to respect\r\n<code>use_immutable_headers</code> flag.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-564061c9b29366529eb1f6f10fe39671d2ac738a4731ffd2c8b04dcc0a8cd610\">+10/-12</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions","shortMessageHtmlLink":"add logic for use_immutable_headers (TT-12190) (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2322838919\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6315\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6315/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6315\">#6315</a>)"}},{"before":"9c0a10065d4bdaccc23a44bd886b108b942e67cc","after":null,"ref":"refs/heads/feat/TT-12190/add-logic-for-immutable-headers","pushedAt":"2024-05-29T11:54:19.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"pvormste","name":"Patric Vormstein","path":"/pvormste","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4503955?s=80&v=4"}},{"before":"694483aeac001ee6739f8f12fcee6563cf299e97","after":"08a7fdef8305b857fa6886d2dcb46204a8fef6e7","ref":"refs/heads/master","pushedAt":"2024-05-29T11:54:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"pvormste","name":"Patric Vormstein","path":"/pvormste","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4503955?s=80&v=4"},"commit":{"message":"add logic for use_immutable_headers (TT-12190) (#6315)\n\n### **User description**\r\nThis PR adds the logic for `use_immutable_headers` for GraphQL\r\nproxy-only\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [x] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nEnhancement, Tests\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Added `use_immutable_headers` feature to GraphQL proxy-only mode.\r\n- Updated reverse proxy and transport logic to handle\r\n`use_immutable_headers` flag.\r\n- Refactored header configuration to use new structs.\r\n- Added comprehensive tests for new feature in middleware and transport.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Tests\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_graphql_test.go</strong><dd><code>Add tests for\r\nuse_immutable_headers feature in GraphQL\r\nmiddleware</code></dd></summary>\r\n<hr>\r\n\r\ngateway/mw_graphql_test.go\r\n<li>Added tests for <code>use_immutable_headers</code> feature.<br> <li>\r\nDifferentiated behavior based on <code>use_immutable_headers</code>\r\nflag.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-72c11b8efcaceccfbbd87e75565353706443bf56420d3fdba6b5bf5f632f4b33\">+79/-34</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>transport_test.go</strong><dd><code>Add tests for\r\nuse_immutable_headers feature in transport</code>&nbsp; </dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/transport_test.go\r\n- Added tests for `use_immutable_headers` feature in transport.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-14490e6a204ab6724dd57f0f7f840b6d9b200f68bccf8d8df87c8d41321551f6\">+114/-0</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n</table></td></tr><tr><td><strong>Enhancement\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>reverse_proxy.go</strong><dd><code>Update reverse proxy\r\nto support use_immutable_headers feature</code></dd></summary>\r\n<hr>\r\n\r\ngateway/reverse_proxy.go\r\n<li>Updated reverse proxy handling to include\r\n<code>use_immutable_headers</code> flag.<br> <li> Refactored header\r\nconfiguration handling.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-e6e07722257f7e41691e471185ad6d84fd56dc9e5459526ea32e9a5e8fa1a01b\">+13/-8</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>engine.go</strong><dd><code>Extend ReverseProxyParams\r\nwith header configuration structs</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/engine.go\r\n<li>Added <code>HeadersConfig</code> to\r\n<code>ReverseProxyParams</code>.<br> <li> Introduced\r\n<code>ReverseProxyHeadersConfig</code> and\r\n<code>ProxyOnlyHeadersConfig</code> <br>structs.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-9d1ef4ec1b59d708ed86c7cc348b73bd0b619ef034094b5fbd4b138e11ccde6e\">+16/-7</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v1.go</strong><dd><code>Modify GraphQL\r\ntransport initialization for header configuration</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v1.go\r\n- Updated transport initialization to use `HeadersConfig`.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-e592cc8ca6ac39e7574765d7f2bbf19193f173791a1b0930d4dde7f9412dc882\">+1/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v2.go</strong><dd><code>Modify GraphQL\r\ntransport initialization for header configuration</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v2.go\r\n- Updated transport initialization to use `HeadersConfig`.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-2e41b60f046c2947fbedb8fb841b5c3c962798e3ba8211c7144f326436ffabe3\">+2/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>transport.go</strong><dd><code>Refactor transport to\r\nuse HeadersConfig and support\r\n</code><br><code>use_immutable_headers</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/transport.go\r\n<li>Refactored transport to use <code>HeadersConfig</code> for header\r\nrewrites.<br> <li> Added logic to respect\r\n<code>use_immutable_headers</code> flag.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6315/files#diff-564061c9b29366529eb1f6f10fe39671d2ac738a4731ffd2c8b04dcc0a8cd610\">+10/-12</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions","shortMessageHtmlLink":"add logic for use_immutable_headers (TT-12190) (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2322838919\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6315\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6315/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6315\">#6315</a>)"}},{"before":null,"after":"9c0a10065d4bdaccc23a44bd886b108b942e67cc","ref":"refs/heads/feat/TT-12190/add-logic-for-immutable-headers","pushedAt":"2024-05-29T09:26:49.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"pvormste","name":"Patric Vormstein","path":"/pvormste","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4503955?s=80&v=4"},"commit":{"message":"add logic for use_immutable_headers","shortMessageHtmlLink":"add logic for use_immutable_headers"}},{"before":"c486002e0775fd0b15652b98febdc05cced6d6f0","after":"af1a623989ded6a5048601b4206af987cca0d097","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-29T06:40:54.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Rework smoothing config and allowance, don't expose allowance","shortMessageHtmlLink":"Rework smoothing config and allowance, don't expose allowance"}},{"before":"7ecaa66d98b49635dd5fefc2e4c7a00cf2e69678","after":null,"ref":"refs/heads/TT-11470-human-readable-info","pushedAt":"2024-05-28T16:50:46.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"padiazg","name":"Patricio Díaz ","path":"/padiazg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/15754252?s=80&v=4"}},{"before":"46ca642bd70ecd543ce65461588c821ef1e7fffa","after":"694483aeac001ee6739f8f12fcee6563cf299e97","ref":"refs/heads/master","pushedAt":"2024-05-28T16:50:45.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"padiazg","name":"Patricio Díaz ","path":"/padiazg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/15754252?s=80&v=4"},"commit":{"message":"[TT-11470] Add human identifiable information in NodeData (#6229)\n\n## **User description**\r\n<!-- Provide a general summary of your changes in the Title above -->\r\n\r\n## Description\r\n<!-- Describe your changes in detail -->\r\nProvide IP, PID and Hostname as identifiers for a node when querying\r\nMDCB in the `dataplanes` endpoint. This should be tested with the MDCB\r\nversion in [this\r\npr](https://github.com/TykTechnologies/tyk-sink/pull/525)\r\n\r\n## Related Issue\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-11470\r\n\r\n## Motivation and Context\r\n\r\n<!-- Why is this change required? What problem does it solve? -->\r\n\r\n## How This Has Been Tested\r\n\r\n- Run Tyk in MDCB Env\r\n- Enable secure endpoints in MDCB\r\n- Consume the `/dataplanes` endpoint, and now you get host details per\r\nnode\r\n\r\n## Screenshots (if appropriate)\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [ ] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n## Checklist\r\n\r\n<!-- Go over all the following points, and put an `x` in all the boxes\r\nthat apply -->\r\n<!-- If there are no documentation updates required, mark the item as\r\nchecked. -->\r\n<!-- Raise up any additional concerns not covered by the checklist. -->\r\n\r\n- [ ] I ensured that the documentation is up to date\r\n- [ ] I explained why this PR updates go.mod in detail with reasoning\r\nwhy it's required\r\n- [ ] I would like a code coverage CI quality gate exception and have\r\nexplained why\r\n\r\n\r\n___\r\n\r\n## **Type**\r\nenhancement, tests\r\n\r\n\r\n___\r\n\r\n## **Description**\r\n- Implemented a buffered logger (`BufferedLogger` and\r\n`BufferingFormatter`) to facilitate better logging, especially for\r\ntesting scenarios.\r\n- Enhanced the `Gateway` struct to include node IP address handling,\r\nwhich fetches and stores the IP if not provided.\r\n- Added comprehensive tests for new features including the retrieval and\r\nlogging of node IP addresses.\r\n- Introduced a utility function `getIpAddress` to fetch the first\r\nnon-loopback IPv4 address, enhancing node identification.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n## **Changes walkthrough**\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Enhancement\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>buffered-logger.go</strong><dd><code>Implement Buffered\r\nLogger for Enhanced Testing</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/buffered-logger.go\r\n<li>Added a new <code>BufferedLogger</code> and\r\n<code>BufferingFormatter</code> to handle logging in <br>a buffered\r\nmanner, primarily for use in tests.<br> <li> <code>BufferedLogger</code>\r\nincludes methods to retrieve logs of a specific level.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6229/files#diff-6f5a2cb4531e50ec9d0929cb7c1e5437c72dc829f5a1fe722048b0b117f391a2\">+72/-0</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>server.go</strong><dd><code>Enhance Gateway with Node\r\nIP Address Handling</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/server.go\r\n<li>Added <code>Address</code> field to <code>hostDetails</code> struct\r\nto store node IP address.<br> <li> Enhanced <code>getHostDetails</code>\r\nto fetch and store the node's IP address if <br>not already\r\nprovided.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6229/files#diff-4652d1bf175a0be8f5e61ef7177c9666f23e077d8626b73ac9d13358fa8b525b\">+9/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>util.go</strong><dd><code>Add Utility Function to Fetch\r\nNon-Loopback IPv4 Address</code>&nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/util.go\r\n<li>Added <code>getIpAddress</code> function to retrieve the first\r\nnon-loopback IPv4 <br>address.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6229/files#diff-1aa619f406837fb44ac6fba2c8922795eba0285dc4c8d2b0c15755b60b9ee1a5\">+25/-0</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n</table></td></tr><tr><td><strong>Tests\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>server_test.go</strong><dd><code>Add Tests for Gateway\r\nHost Details and IP Address Retrieval</code></dd></summary>\r\n<hr>\r\n\r\ngateway/server_test.go\r\n<li>Added tests for <code>getHostDetails</code> to verify correct\r\nlogging and IP <br>address retrieval.<br> <li> Utilized\r\n<code>BufferedLogger</code> in tests to capture log outputs.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6229/files#diff-d9f006370c9748c09affd99d0a4edeb8f3419057703a67fd70838a764a485696\">+109/-2</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>util_test.go</strong><dd><code>Implement Tests for IP\r\nAddress Retrieval Utility Function</code></dd></summary>\r\n<hr>\r\n\r\ngateway/util_test.go\r\n<li>Added tests for <code>getIpAddress</code> to ensure it correctly\r\nidentifies and <br>returns non-loopback IPv4 addresses.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6229/files#diff-3ca88235eab68f9eb691c139bb6e45f10a4038d4c02cf435f66ef7394734f925\">+82/-1</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> ✨ **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions\r\n\r\n---------\r\n\r\nCo-authored-by: sredny buitrago <sredny.buitrago@gmail.com>","shortMessageHtmlLink":"[TT-11470] Add human identifiable information in NodeData (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2248528956\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6229\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6229/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6229\">#6229</a>)"}},{"before":"156258e4a70b592e68a3d19c1985d75401045ebd","after":"c486002e0775fd0b15652b98febdc05cced6d6f0","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-28T13:44:15.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Adjust context as unused","shortMessageHtmlLink":"Adjust context as unused"}},{"before":"cbcc2ad63146791352171d6bf0cac535c60bec9f","after":"7ecaa66d98b49635dd5fefc2e4c7a00cf2e69678","ref":"refs/heads/TT-11470-human-readable-info","pushedAt":"2024-05-28T13:29:23.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"padiazg","name":"Patricio Díaz ","path":"/padiazg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/15754252?s=80&v=4"},"commit":{"message":"fix missing references","shortMessageHtmlLink":"fix missing references"}},{"before":"c42154c201ef525f1b844ca216b5044ed9947243","after":null,"ref":"refs/heads/merge/release-5.3.2/46ca642bd70ecd543ce65461588c821ef1e7fffa","pushedAt":"2024-05-28T13:20:39.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"buger","name":"Leonid Bugaev","path":"/buger","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/14009?s=80&v=4"}},{"before":"270f5077a2b791d16288c871dd057868559c304b","after":"9beb6089aa85485277734e8a94aa2c86cd62789a","ref":"refs/heads/release-5.3.2","pushedAt":"2024-05-28T13:20:38.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"buger","name":"Leonid Bugaev","path":"/buger","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/14009?s=80&v=4"},"commit":{"message":"Merging to release-5.3.2: [TT-12095] Fixing unhashed API keys exposed in OTEL spans (#6296)\n\n[TT-12095] Fixing unhashed API keys exposed in OTEL spans (#6296)\n\n### **User description**\r\n<!-- Provide a general summary of your changes in the Title above -->\r\n\r\n## Description\r\n`tyk.api.apikey` and `tyk.api.oauthid` attributes were exposing keys\r\nwhen OTEL was enabled. Now, the value of this attribute is the hashed\r\nkey instead.\r\nCan be checked when creating a key:\r\n<img width=\"543\" alt=\"image\"\r\nsrc=\"https://github.com/TykTechnologies/tyk/assets/83959431/167e18b8-234f-4b2e-af19-35aa75bb3339\">\r\nNow, the attribute must show the hashed key, not the actual key.\r\n<!-- Describe your changes in detail -->\r\n\r\n## Related Issue\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- This project only accepts pull requests related to open issues. -->\r\n<!-- If suggesting a new feature or change, please discuss it in an\r\nissue first. -->\r\n<!-- If fixing a bug, there should be an issue describing it with steps\r\nto reproduce. -->\r\n<!-- OSS: Please link to the issue here. Tyk: please create/link the\r\nJIRA ticket. -->\r\n\r\n## Motivation and Context\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- Why is this change required? What problem does it solve? -->\r\n\r\n## How This Has Been Tested\r\n\r\n<!-- Please describe in detail how you tested your changes -->\r\n<!-- Include details of your testing environment, and the tests -->\r\n<!-- you ran to see how your change affects other areas of the code,\r\netc. -->\r\n<!-- This information is helpful for reviewers and QA. -->\r\n\r\n## Screenshots (if appropriate)\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [ ] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n## Checklist\r\n\r\n<!-- Go over all the following points, and put an `x` in all the boxes\r\nthat apply -->\r\n<!-- If there are no documentation updates required, mark the item as\r\nchecked. -->\r\n<!-- Raise up any additional concerns not covered by the checklist. -->\r\n\r\n- [ ] I ensured that the documentation is up to date\r\n- [ ] I explained why this PR updates go.mod in detail with reasoning\r\nwhy it's required\r\n- [ ] I would like a code coverage CI quality gate exception and have\r\nexplained why\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nBug fix\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Updated `gateway/mw_auth_key.go` to use the hashed API key in OTEL\r\nspan attributes instead of the plain key.\r\n- Updated `gateway/mw_oauth2_key_exists.go` to use the hashed OAuth\r\nclient ID in OTEL span attributes.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Bug fix\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_auth_key.go</strong><dd><code>Use hashed API key in\r\nOTEL span attributes</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n</dd></summary>\r\n<hr>\r\n\r\ngateway/mw_auth_key.go\r\n<li>Added <code>hashedKey</code> variable to store the hashed key from\r\nthe session.<br> <li> Updated OTEL span attribute to use the hashed key\r\ninstead of the plain <br>key.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-aeba053023a54c723dd9f83837e29ca0b2d9a212bc98fa6ad4bbb062669a1cf0\">+2/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_oauth2_key_exists.go</strong><dd><code>Use hashed\r\nOAuth client ID in OTEL span attributes</code>&nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/mw_oauth2_key_exists.go\r\n<li>Updated OTEL span attribute to use the hashed key for OAuth client\r\nID.<br> <br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-c50b0affcb835d15ff9bd169b21775b8023ebb0558a0c59d6c26cb821db544e9\">+1/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions\r\n\r\n---------\r\n\r\nCo-authored-by: Sredny M <sredny.buitrago@gmail.com>","shortMessageHtmlLink":"Merging to release-5.3.2: [TT-12095] Fixing unhashed API keys exposed…"}},{"before":null,"after":"c42154c201ef525f1b844ca216b5044ed9947243","ref":"refs/heads/merge/release-5.3.2/46ca642bd70ecd543ce65461588c821ef1e7fffa","pushedAt":"2024-05-28T12:59:40.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"tykbot[bot]","name":null,"path":"/apps/tykbot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/35290?s=80&v=4"},"commit":{"message":"[TT-12095] Fixing unhashed API keys exposed in OTEL spans (#6296)\n\n### **User description**\r\n<!-- Provide a general summary of your changes in the Title above -->\r\n\r\n## Description\r\n`tyk.api.apikey` and `tyk.api.oauthid` attributes were exposing keys\r\nwhen OTEL was enabled. Now, the value of this attribute is the hashed\r\nkey instead.\r\nCan be checked when creating a key:\r\n<img width=\"543\" alt=\"image\"\r\nsrc=\"https://github.com/TykTechnologies/tyk/assets/83959431/167e18b8-234f-4b2e-af19-35aa75bb3339\">\r\nNow, the attribute must show the hashed key, not the actual key.\r\n<!-- Describe your changes in detail -->\r\n\r\n## Related Issue\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- This project only accepts pull requests related to open issues. -->\r\n<!-- If suggesting a new feature or change, please discuss it in an\r\nissue first. -->\r\n<!-- If fixing a bug, there should be an issue describing it with steps\r\nto reproduce. -->\r\n<!-- OSS: Please link to the issue here. Tyk: please create/link the\r\nJIRA ticket. -->\r\n\r\n## Motivation and Context\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- Why is this change required? What problem does it solve? -->\r\n\r\n## How This Has Been Tested\r\n\r\n<!-- Please describe in detail how you tested your changes -->\r\n<!-- Include details of your testing environment, and the tests -->\r\n<!-- you ran to see how your change affects other areas of the code,\r\netc. -->\r\n<!-- This information is helpful for reviewers and QA. -->\r\n\r\n## Screenshots (if appropriate)\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [ ] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n## Checklist\r\n\r\n<!-- Go over all the following points, and put an `x` in all the boxes\r\nthat apply -->\r\n<!-- If there are no documentation updates required, mark the item as\r\nchecked. -->\r\n<!-- Raise up any additional concerns not covered by the checklist. -->\r\n\r\n- [ ] I ensured that the documentation is up to date\r\n- [ ] I explained why this PR updates go.mod in detail with reasoning\r\nwhy it's required\r\n- [ ] I would like a code coverage CI quality gate exception and have\r\nexplained why\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nBug fix\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Updated `gateway/mw_auth_key.go` to use the hashed API key in OTEL\r\nspan attributes instead of the plain key.\r\n- Updated `gateway/mw_oauth2_key_exists.go` to use the hashed OAuth\r\nclient ID in OTEL span attributes.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Bug fix\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_auth_key.go</strong><dd><code>Use hashed API key in\r\nOTEL span attributes</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n</dd></summary>\r\n<hr>\r\n\r\ngateway/mw_auth_key.go\r\n<li>Added <code>hashedKey</code> variable to store the hashed key from\r\nthe session.<br> <li> Updated OTEL span attribute to use the hashed key\r\ninstead of the plain <br>key.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-aeba053023a54c723dd9f83837e29ca0b2d9a212bc98fa6ad4bbb062669a1cf0\">+2/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_oauth2_key_exists.go</strong><dd><code>Use hashed\r\nOAuth client ID in OTEL span attributes</code>&nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/mw_oauth2_key_exists.go\r\n<li>Updated OTEL span attribute to use the hashed key for OAuth client\r\nID.<br> <br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-c50b0affcb835d15ff9bd169b21775b8023ebb0558a0c59d6c26cb821db544e9\">+1/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions\r\n\r\n---------\r\n\r\nCo-authored-by: Sredny M <sredny.buitrago@gmail.com>\n\n(cherry picked from commit 46ca642bd70ecd543ce65461588c821ef1e7fffa)","shortMessageHtmlLink":"[TT-12095] Fixing unhashed API keys exposed in OTEL spans (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2308984807\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6296\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6296/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6296\">#6296</a>)"}},{"before":"e81f58e8a7fdcdcbf2c3e5582f575d6f71d69936","after":null,"ref":"refs/heads/TT-12095","pushedAt":"2024-05-28T12:58:29.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"mativm02","name":"Matias","path":"/mativm02","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83959431?s=80&v=4"}},{"before":"00a815fcd93c7332cc0182ac55733c4fef696cd6","after":"46ca642bd70ecd543ce65461588c821ef1e7fffa","ref":"refs/heads/master","pushedAt":"2024-05-28T12:58:28.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mativm02","name":"Matias","path":"/mativm02","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83959431?s=80&v=4"},"commit":{"message":"[TT-12095] Fixing unhashed API keys exposed in OTEL spans (#6296)\n\n### **User description**\r\n<!-- Provide a general summary of your changes in the Title above -->\r\n\r\n## Description\r\n`tyk.api.apikey` and `tyk.api.oauthid` attributes were exposing keys\r\nwhen OTEL was enabled. Now, the value of this attribute is the hashed\r\nkey instead.\r\nCan be checked when creating a key:\r\n<img width=\"543\" alt=\"image\"\r\nsrc=\"https://github.com/TykTechnologies/tyk/assets/83959431/167e18b8-234f-4b2e-af19-35aa75bb3339\">\r\nNow, the attribute must show the hashed key, not the actual key.\r\n<!-- Describe your changes in detail -->\r\n\r\n## Related Issue\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- This project only accepts pull requests related to open issues. -->\r\n<!-- If suggesting a new feature or change, please discuss it in an\r\nissue first. -->\r\n<!-- If fixing a bug, there should be an issue describing it with steps\r\nto reproduce. -->\r\n<!-- OSS: Please link to the issue here. Tyk: please create/link the\r\nJIRA ticket. -->\r\n\r\n## Motivation and Context\r\n\r\nhttps://tyktech.atlassian.net/browse/TT-12095?atlOrigin=eyJpIjoiMGJkNjAxOTI1MWQ5NGE0ZWIyNDgyNzlmMDcxMTM4YmEiLCJwIjoiaiJ9\r\n<!-- Why is this change required? What problem does it solve? -->\r\n\r\n## How This Has Been Tested\r\n\r\n<!-- Please describe in detail how you tested your changes -->\r\n<!-- Include details of your testing environment, and the tests -->\r\n<!-- you ran to see how your change affects other areas of the code,\r\netc. -->\r\n<!-- This information is helpful for reviewers and QA. -->\r\n\r\n## Screenshots (if appropriate)\r\n\r\n## Types of changes\r\n\r\n<!-- What types of changes does your code introduce? Put an `x` in all\r\nthe boxes that apply: -->\r\n\r\n- [ ] Bug fix (non-breaking change which fixes an issue)\r\n- [ ] New feature (non-breaking change which adds functionality)\r\n- [ ] Breaking change (fix or feature that would cause existing\r\nfunctionality to change)\r\n- [ ] Refactoring or add test (improvements in base code or adds test\r\ncoverage to functionality)\r\n\r\n## Checklist\r\n\r\n<!-- Go over all the following points, and put an `x` in all the boxes\r\nthat apply -->\r\n<!-- If there are no documentation updates required, mark the item as\r\nchecked. -->\r\n<!-- Raise up any additional concerns not covered by the checklist. -->\r\n\r\n- [ ] I ensured that the documentation is up to date\r\n- [ ] I explained why this PR updates go.mod in detail with reasoning\r\nwhy it's required\r\n- [ ] I would like a code coverage CI quality gate exception and have\r\nexplained why\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nBug fix\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Updated `gateway/mw_auth_key.go` to use the hashed API key in OTEL\r\nspan attributes instead of the plain key.\r\n- Updated `gateway/mw_oauth2_key_exists.go` to use the hashed OAuth\r\nclient ID in OTEL span attributes.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Bug fix\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_auth_key.go</strong><dd><code>Use hashed API key in\r\nOTEL span attributes</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;\r\n</dd></summary>\r\n<hr>\r\n\r\ngateway/mw_auth_key.go\r\n<li>Added <code>hashedKey</code> variable to store the hashed key from\r\nthe session.<br> <li> Updated OTEL span attribute to use the hashed key\r\ninstead of the plain <br>key.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-aeba053023a54c723dd9f83837e29ca0b2d9a212bc98fa6ad4bbb062669a1cf0\">+2/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_oauth2_key_exists.go</strong><dd><code>Use hashed\r\nOAuth client ID in OTEL span attributes</code>&nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/mw_oauth2_key_exists.go\r\n<li>Updated OTEL span attribute to use the hashed key for OAuth client\r\nID.<br> <br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6296/files#diff-c50b0affcb835d15ff9bd169b21775b8023ebb0558a0c59d6c26cb821db544e9\">+1/-1</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions\r\n\r\n---------\r\n\r\nCo-authored-by: Sredny M <sredny.buitrago@gmail.com>","shortMessageHtmlLink":"[TT-12095] Fixing unhashed API keys exposed in OTEL spans (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2308984807\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6296\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6296/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6296\">#6296</a>)"}},{"before":"4ced77715dc17d7cb297f416b4604ce3844cfedc","after":"e81f58e8a7fdcdcbf2c3e5582f575d6f71d69936","ref":"refs/heads/TT-12095","pushedAt":"2024-05-28T12:26:12.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"mativm02","name":"Matias","path":"/mativm02","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83959431?s=80&v=4"},"commit":{"message":"Merge branch 'master' into TT-12095","shortMessageHtmlLink":"Merge branch 'master' into TT-12095"}},{"before":"6feea63c8c5a08034a0b67be7bfa78dd99acd97f","after":null,"ref":"refs/heads/feat/TT-11997/Backend-logic-for-request_headers_rewrite","pushedAt":"2024-05-28T12:14:59.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"}},{"before":"f7cda28a34f751acb771c9ab2c2f9ed4d93a6b4f","after":"00a815fcd93c7332cc0182ac55733c4fef696cd6","ref":"refs/heads/master","pushedAt":"2024-05-28T12:14:57.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"},"commit":{"message":"[TT-11997] Backend logic for request_headers_rewrite (#6306)\n\n### **User description**\r\nSee https://tyktech.atlassian.net/browse/TT-11997 for details of the\r\nrequest headers rewrite rules.\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nEnhancement, Tests\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Added tests for request headers rewrite rules in GraphQL middleware.\r\n- Integrated request headers rewrite logic into the reverse proxy\r\nhandler.\r\n- Added `RequestHeadersRewrite` to `ReverseProxyParams` struct.\r\n- Passed `RequestHeadersRewrite` to the GraphQL engine transport for\r\nboth v1 and v2.\r\n- Implemented logic to apply request headers rewrite rules in the\r\nGraphQL engine transport, covering three different rewrite scenarios.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Tests\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>mw_graphql_test.go</strong><dd><code>Add tests for\r\nrequest headers rewrite rules in GraphQL\r\nmiddleware.</code></dd></summary>\r\n<hr>\r\n\r\ngateway/mw_graphql_test.go\r\n<li>Added tests for request headers rewrite rules.<br> <li> Implemented\r\nthree test cases for different rewrite scenarios.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-72c11b8efcaceccfbbd87e75565353706443bf56420d3fdba6b5bf5f632f4b33\">+137/-0</a>&nbsp;\r\n</td>\r\n</tr>                    \r\n</table></td></tr><tr><td><strong>Enhancement\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>reverse_proxy.go</strong><dd><code>Integrate request\r\nheaders rewrite logic in reverse proxy handler.</code></dd></summary>\r\n<hr>\r\n\r\ngateway/reverse_proxy.go\r\n<li>Integrated request headers rewrite logic into the reverse proxy\r\n<br>handler.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-e6e07722257f7e41691e471185ad6d84fd56dc9e5459526ea32e9a5e8fa1a01b\">+8/-7</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>engine.go</strong><dd><code>Add RequestHeadersRewrite\r\nto ReverseProxyParams struct.</code>&nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/engine.go\r\n- Added `RequestHeadersRewrite` to `ReverseProxyParams` struct.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-9d1ef4ec1b59d708ed86c7cc348b73bd0b619ef034094b5fbd4b138e11ccde6e\">+8/-7</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v1.go</strong><dd><code>Pass\r\nRequestHeadersRewrite to GraphQL engine transport\r\n(v1).</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v1.go\r\n- Passed `RequestHeadersRewrite` to the GraphQL engine transport.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-e592cc8ca6ac39e7574765d7f2bbf19193f173791a1b0930d4dde7f9412dc882\">+1/-0</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>graphql_go_tools_v2.go</strong><dd><code>Pass\r\nRequestHeadersRewrite to GraphQL engine transport\r\n(v2).</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/graphql_go_tools_v2.go\r\n- Passed `RequestHeadersRewrite` to the GraphQL engine transport.\r\n\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-2e41b60f046c2947fbedb8fb841b5c3c962798e3ba8211c7144f326436ffabe3\">+1/-0</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>transport.go</strong><dd><code>Implement request\r\nheaders rewrite logic in GraphQL engine transport.</code></dd></summary>\r\n<hr>\r\n\r\ninternal/graphengine/transport.go\r\n<li>Added logic to apply request headers rewrite rules in the GraphQL\r\n<br>engine transport.<br> <li> Implemented three rewrite rules for\r\nrequest headers.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6306/files#diff-564061c9b29366529eb1f6f10fe39671d2ac738a4731ffd2c8b04dcc0a8cd610\">+96/-1</a>&nbsp;\r\n&nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions","shortMessageHtmlLink":"[TT-11997] Backend logic for request_headers_rewrite (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2312944173\" data-permission-text=\"Title is private\" data-url=\"https://github.com/TykTechnologies/tyk/issues/6306\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/TykTechnologies/tyk/pull/6306/hovercard\" href=\"https://github.com/TykTechnologies/tyk/pull/6306\">#6306</a>)"}},{"before":"819cf5f0ae2d623b898cd67a7ecac914db097765","after":"156258e4a70b592e68a3d19c1985d75401045ebd","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-28T12:05:46.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Adjust context as unused","shortMessageHtmlLink":"Adjust context as unused"}},{"before":"d3f5f8e9b86cce487a122150c67ead498e6d996e","after":"819cf5f0ae2d623b898cd67a7ecac914db097765","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-28T10:30:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Adjust comments, remove oxford comma, allowance description","shortMessageHtmlLink":"Adjust comments, remove oxford comma, allowance description"}},{"before":"52662c0df74c78776deb8b464bd4c4bd96a5c271","after":"d3f5f8e9b86cce487a122150c67ead498e6d996e","ref":"refs/heads/feat/tt-3738/rate-limit-smoothing","pushedAt":"2024-05-28T09:25:07.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"titpetric","name":"Tit Petric","path":"/titpetric","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/233360?s=80&v=4"},"commit":{"message":"Fix settings contract key to smoothing","shortMessageHtmlLink":"Fix settings contract key to smoothing"}},{"before":null,"after":"270f5077a2b791d16288c871dd057868559c304b","ref":"refs/heads/release-5.3.2","pushedAt":"2024-05-28T08:31:58.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"lghiur","name":"Laurentiu Ghiur","path":"/lghiur","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6229829?s=80&v=4"},"commit":{"message":"Merging to release-5.3: [TT-12193] Update error handling on webhook events when the event template has errors (#6312)\n\n[TT-12193] Update error handling on webhook events when the event template has errors (#6312)\n\n### **User description**\r\n- Error log raised from Warning to Error, stops handling the event\r\nfurther\r\n- CreateBody adjusted to not return rendered template contents if error\r\noccurs\r\n\r\n\r\n___\r\n\r\n### **PR Type**\r\nBug fix, Enhancement\r\n\r\n\r\n___\r\n\r\n### **Description**\r\n- Updated `CreateBody` method to return an empty string and error when\r\ntemplate rendering fails, instead of a partially rendered template.\r\n- Changed log level from warning to error in `HandleEvent` method when a\r\ntemplate rendering error occurs.\r\n- Added early return in `HandleEvent` to stop further processing if a\r\ntemplate error is encountered.\r\n\r\n\r\n___\r\n\r\n\r\n\r\n### **Changes walkthrough** 📝\r\n<table><thead><tr><th></th><th align=\"left\">Relevant\r\nfiles</th></tr></thead><tbody><tr><td><strong>Bug fix\r\n</strong></td><td><table>\r\n<tr>\r\n  <td>\r\n    <details>\r\n<summary><strong>event_handler_webhooks.go</strong><dd><code>Improve\r\nerror handling in webhook event processing</code>&nbsp; &nbsp; &nbsp;\r\n&nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>\r\n<hr>\r\n\r\ngateway/event_handler_webhooks.go\r\n<li>Updated <code>CreateBody</code> to return an empty string on error\r\ninstead of a <br>partially rendered template.<br> <li> Changed log level\r\nfrom warning to error in <code>HandleEvent</code> when a template\r\n<br>rendering error occurs.<br> <li> Added early return in\r\n<code>HandleEvent</code> to stop processing on template <br>error.<br>\r\n\r\n\r\n</details>\r\n    \r\n\r\n  </td>\r\n<td><a\r\nhref=\"https://github.com/TykTechnologies/tyk/pull/6312/files#diff-6587ad3f2629cfa6c84a71144127acd6cc7824e5141f0b4961848945a87e0198\">+7/-4</a>&nbsp;\r\n&nbsp; &nbsp; </td>\r\n</tr>                    \r\n</table></td></tr></tr></tbody></table>\r\n\r\n___\r\n\r\n> 💡 **PR-Agent usage**:\r\n>Comment `/help` on the PR to get a list of all available PR-Agent tools\r\nand their descriptions\r\n\r\nCo-authored-by: Tit Petric <tit@tyk.io>","shortMessageHtmlLink":"Merging to release-5.3: [TT-12193] Update error handling on webhook e…"}},{"before":"46b54fa9f39391bfec7227d2cebc65c38e54192c","after":"6feea63c8c5a08034a0b67be7bfa78dd99acd97f","ref":"refs/heads/feat/TT-11997/Backend-logic-for-request_headers_rewrite","pushedAt":"2024-05-28T08:25:48.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"buraksezer","name":"Burak Sezer","path":"/buraksezer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/33702537?s=80&v=4"},"commit":{"message":"Merge branch 'master' into feat/TT-11997/Backend-logic-for-request_headers_rewrite","shortMessageHtmlLink":"Merge branch 'master' into feat/TT-11997/Backend-logic-for-request_he…"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEVyPKoQA","startCursor":null,"endCursor":null}},"title":"Activity · TykTechnologies/tyk"}