kingfisher

eblume/kingfisher

Fork 0

forked from mirrors/kingfisher

Commit graph

Author	SHA1	Message	Date
Mick Grove	57845eebcd	- Added kingfisher.temporal.1 rule for Temporal Cloud API keys (namespace-scoped and user-scoped JWT formats) with Temporal-specific pattern matching. - Added Temporal Cloud active credential validation via GET https://saas-api.tmprl.cloud/cloud/current-identity using bearer auth, so Temporal keys validate against provider APIs instead of generic OIDC discovery. - Fixed JWT issuer normalization to treat bare host issuers (e.g. iss: temporal.io) as HTTPS URLs during discovery, avoiding low-level URL builder failures. - Added crates/kingfisher-rules/build.rs to ensure embedded rule assets rebuild when files under crates/kingfisher-rules/data change.	2026-02-11 23:33:35 -08:00
Mick Grove	fc4aee9e41	preparing for v1.12	2025-06-24 17:17:16 -07:00

Author

SHA1

Message

Date

Mick Grove

57845eebcd

- Added kingfisher.temporal.1 rule for Temporal Cloud API keys (namespace-scoped and user-scoped JWT formats) with Temporal-specific pattern matching.

- Added Temporal Cloud active credential validation via GET https://saas-api.tmprl.cloud/cloud/current-identity using bearer auth, so Temporal keys validate against provider APIs instead of generic OIDC discovery.
- Fixed JWT issuer normalization to treat bare host issuers (e.g. iss: temporal.io) as HTTPS URLs during discovery, avoiding low-level URL builder failures.
- Added crates/kingfisher-rules/build.rs to ensure embedded rule assets rebuild when files under crates/kingfisher-rules/data change.

2026-02-11 23:33:35 -08:00

Mick Grove

fc4aee9e41

preparing for v1.12

2025-06-24 17:17:16 -07:00

2 commits