cloudflare · kodster28 · Apr 23, 2025 · Apr 18, 2025 · Apr 18, 2025 · Apr 18, 2025
@@ -9,6 +9,12 @@
 
 # changelog
 /changelog/rss.xml /changelog/rss/index.xml 301
+/api-shield/changelog/index.xml /changelog/rss/api-shield.xml 301
+/cache/changelog/index.xml /changelog/rss/cache.xml 301
+/dns/changelog/index.xml /changelog/rss/dns.xml 301
+/fundamentals/changelog/index.xml /changelog/rss/fundamentals.xml 301
+/logs/changelog/index.xml /changelog/rss/logs.xml 301
+/ssl/changelog/index.xml /changelog/rss/ssl.xml 301
 
 ## legacy
 /changelog/index.xml /release-notes/index.xml 301

@@ -0,0 +1,54 @@
+---
+import { getChangelogs, type GetChangelogsOptions } from "~/util/changelog";
+import { reference } from "astro:content";
+import { z } from "astro:schema";
+import { getCollection, render } from "astro:content";
+import { slug } from "github-slugger";
+import RSSButton from "~/components/RSSButton.astro";
+import AnchorHeading from "~/components/AnchorHeading.astro";
+import { format } from "date-fns";
+const props = z
+	.object({
+		product: reference("products"),
+	})
+	.or(
+		z.object({
+			area: z.string(),
+		}),
+	);
+const input = await props.parseAsync(Astro.props);
+let filter: GetChangelogsOptions["filter"];
+let rss: string;
+if ("product" in input) {
+	rss = `/changelog/rss/${input.product.id}.xml`;
+	filter = (e) => {
+		return !e.data.hidden && e.data.products.some(({ id }) => id === input.product.id);
+	};
+} else {
+	rss = `/changelog/rss/${slug(input.area)}.xml`;
+	const products = await getCollection("products", (e) => {
+		return e.data.product.group === input.area;
+	});
+	filter = (e) => {
+		return e.data.products.some((x) => products.some((y) => x.id === y.id));
+	};
+}
+const changelogs = await getChangelogs({ filter });
+---
+
+<RSSButton href={rss} />
+
+{
+	changelogs.map(async (entry) => {
+
+
+		const { Content } = await render(entry);
+		return (
+		<AnchorHeading depth={2} title={format(entry.data.date, "yyyy-MM-dd")} />
+		<br/>
+		<strong>{entry.data.title}</strong>
+		<br/>
+		<Content />
+		);
+	})
+}
@@ -42,6 +42,7 @@ export { default as PagesBuildPresetsTable } from "./PagesBuildPresetsTable.astr
 export { default as PagesLanguageSupport } from "./PagesLanguageSupport.astro";
 export { default as Plan } from "./Plan.astro";
 export { default as PlanInfo } from "./PlanInfo.astro";
+export { default as ProductChangelog } from "./ProductChangelog.astro";
 export { default as ProductReleaseNotes } from "./ProductReleaseNotes.astro";
 export { default as ProductFeatures } from "./ProductFeatures.astro";
 export { default as ProductsByTag } from "./ProductsByTag.astro";

@@ -6,7 +6,7 @@ date: 2025-03-03T6:00:00Z
 
 [Access for SaaS applications](/cloudflare-one/applications/configure-apps/saas-apps/) now include more configuration options to support a wider array of SaaS applications.
 
-### SAML and OIDC Field Additions
+**SAML and OIDC Field Additions**
 
 OIDC apps now include:
 
@@ -21,7 +21,7 @@ SAML apps now include improved SAML attribute mapping from an IdP.
 
 ![SAML field additions](~/assets/images/changelog/access/saml-attribute-statements.png)
 
-### SAML transformations
+**SAML transformations**
 
 SAML identities sent to Access applications can be fully customized using JSONata expressions. This allows admins to configure the precise identity SAML statement sent to a SaaS application.
 

@@ -8,14 +8,14 @@ date: 2025-02-04T12:00:00Z
 
 You can now implement our **child safety tooling**, the **[CSAM Scanning Tool](/cache/reference/csam-scanning/)**, more easily. Instead of requiring external reporting credentials, you only need a verified email address for notifications to onboard. This change makes the tool more accessible to a wider range of customers.
 
-## **How It Works**  
+**How It Works**
 
-When enabled, the tool automatically [hashes images for enabled websites as they enter the Cloudflare cache](https://blog.cloudflare.com/the-csam-scanning-tool/). These hashes are then checked against a database of **known abusive images**.  
+When enabled, the tool automatically [hashes images for enabled websites as they enter the Cloudflare cache](https://blog.cloudflare.com/the-csam-scanning-tool/). These hashes are then checked against a database of **known abusive images**.
 
-- **Potential match detected?**  
-  - The **content URL is blocked**, and  
-  - **Cloudflare will notify you** about the found matches via the provided email address.  
+- **Potential match detected?**
+  - The **content URL is blocked**, and
+  - **Cloudflare will notify you** about the found matches via the provided email address.
 
-## **Updated Service-Specific Terms**  
+**Updated Service-Specific Terms**
 
 We have also made updates to our **[Service-Specific Terms](https://www.cloudflare.com/service-specific-terms-application-services/#csam-scanning-tool-terms)** to reflect these changes.
@@ -1,14 +1,84 @@
 ---
 pcx_content_type: changelog
 title: Changelog
-release_notes_file_name:
-  - api-shield
 sidebar:
   order: 10
 ---
 
-import { ProductReleaseNotes } from "~/components";
+import { ProductChangelog } from "~/components";
 
-{/* <!-- Actual content lives in /src/content/release-notes/api-shield.yaml. Update the file there for new entries to appear here. For more details, refer to https://developers.cloudflare.com/style-guide/documentation-content-strategy/content-types/changelog/#yaml-file --> */}
+{/* <!-- Actual content lives in /src/content/changelog/api-shield/. Update the file there for new entries to appear here. */}
 
-<ProductReleaseNotes />
+<ProductChangelog product="api-shield" />
+
+## 2025-02-17
+
+**New automatically applied risk labels**
+
+API Shield now automatically labels endpoints with risks due to missing schemas and performance anomalies (spikes in error rates, latency, and body response sizes).
+
+## 2025-01-16
+
+**API Authentication Posture**
+
+Customers will see per-endpoint authentication details inside API Shield's [Endpoint Management](/api-shield/management-and-monitoring/) for zones with configured session identifiers.
+
+## 2024-12-19
+
+**Automatically applied endpoint risk labels**
+
+API Shield now automatically labels endpoints with risks due to authentication status and sensitive data detection.
+
+## 2024-11-04
+
+**Endpoint labels**
+
+Customers can now organize their endpoints by use case and custom labels in [Endpoint Management](/api-shield/management-and-monitoring/endpoint-labels/) for easy reference and future machine learning (ML) model training.
+
+## 2024-10-18
+
+**API Shield fields in Custom Rules**
+
+Customers can now use API Shield product feature fields in [custom rules](/waf/custom-rules/), referencing features such as [JWT Validation](/api-shield/security/jwt-validation/), [session identifiers](/api-shield/get-started/#session-identifiers), and [Schema Validation](/api-shield/security/schema-validation/).
+
+## 2024-09-25
+
+**Fallthrough rule for Schema Validation 2.0**
+
+Customers can now enable the [Fallthrough Action](/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule) for Schema Validation 2.0 to block or log requests that do not match the endpoints listed in schemas protected by Schema Validation 2.0.
+
+## 2024-08-28
+
+**Increased capacity for Endpoint Management and Schema Validation**
+
+Endpoint Management and Schema Validation now support up to 10,000 saved and validated API endpoints.
+
+## 2024-07-08
+
+**API Discovery's hostname variables**
+
+Customers can now see when [API Discovery](/api-shield/security/api-discovery/) groups similar subdomains with the same methods and paths, making it easy to discover and manage APIs that share many vanity domains or subdomains.
+
+## 2024-07-02
+
+**Route API requests using API Routing**
+
+Customers can now route requests to different back-end services through [API Routing](/api-shield/management-and-monitoring/api-routing/), creating a unified front for their APIs distributed across otherwise disparate systems.
+
+## 2024-05-13
+
+**Use JWT claims in Advanced Rate Limiting, Transform Rules, and as session IDs**
+
+Customers can now use the fields inside [JSON Web Tokens (known as claims)](/api-shield/security/jwt-validation/transform-rules/#enhance-transform-rules-with-jwt-claims) as [session identifiers in API Shield](/api-shield/get-started/#session-identifiers), to count values in [Advanced Rate Limiting](/waf/rate-limiting-rules/), and to send on useful information in [Transform Rules](/rules/transform/#transform-rules).
+
+## 2024-04-30
+
+**Build Sequence Mitigation rules via the Cloudflare dashboard**
+
+Customers can now build [Sequence Mitigation](/api-shield/security/sequence-mitigation/) rules with a new user interface inside the API Shield section of the [Cloudflare dashboard](https://dash.cloudflare.com/).
+
+## 2024-02-23
+
+**Endpoint Management supports hostname variables**
+
+Customers can now save endpoints in [Endpoint Management](/api-shield/management-and-monitoring/) that contain variables in the hostname. Hostname variables are supported across all product features.
@@ -1,14 +1,48 @@
 ---
 pcx_content_type: changelog
 title: Changelog
-release_notes_file_name:
-  - cache
 sidebar:
   order: 12
 ---
 
-import { ProductReleaseNotes } from "~/components";
+import { ProductChangelog } from "~/components";
 
-{/* <!-- Actual content lives in /src/content/release-notes/cache.yaml. Update the file there for new entries to appear here. For more details, refer to https://developers.cloudflare.com/style-guide/documentation-content-strategy/content-types/changelog/#yaml-file --> */}
+{/* <!-- Actual content lives in /src/content/changelog/cache/. Update the file there for new entries to appear here */}
 
-<ProductReleaseNotes />
+<ProductChangelog product="cache" />
+
+## 2025-01-08
+
+**Smart Tiered Cache for Load balancing**
+
+Smart Tiered Cache will now select a common single best Upper Tier for an entire Load Balancing Pool based on Origin performance measurements, increasing the cache HIT ratio.
+
+## 2024-11-20
+
+**Smart Tiered Cache for R2**
+
+R2 now automatically gets tiered cache if using Smart Tiered Cache. We select a data center close to your R2 storage bucket as a common Upper Tier cache.
+
+## 2024-11-07
+
+**Shard Cache by cache key**
+
+For custom cache keys, enterprise customers can now shard their cache using up to three values for previously restricted headers `accept*`, `referer`, and `user-agent`. Sharding the cache can improve cache `HIT` ratio and performance. However, overly sharding your cache, can have the opposite effect.
+
+## 2024-11-07
+
+**Versioning**
+
+Cache now supports versioned environments allowing customers to stage configurations and purge staged environments. Note that Cache Reserve is only supported for your production environment.
+
+## 2024-09-05
+
+**New Cache Rules templates for one-click rule creation**
+
+The new **Rules** > **Templates** page in the Cloudflare dashboard provides one-click templates for creating cache rules, making it easy to optimize your caching strategy. Access these pre-built templates directly from each product's rule builder, and explore the [Examples gallery](/rules/examples/) in the developer documentation for real-world use cases.
+
+## 2024-07-19
+
+**Generic tiered cache**
+
+[Generic Global Tiered Cache](/cache/how-to/tiered-cache/#generic-global-tiered-cache) topology leverages all Cloudflare data centers as upper-tier cache network. It now hashes content within a region reducing duplication in upper-tier caches, which increases cache `HIT` ratio.
@@ -1,14 +1,33 @@
 ---
 pcx_content_type: changelog
 title: Changelog
-release_notes_file_name:
-  - dns
 sidebar:
   order: 25
 ---
 
-import { ProductReleaseNotes } from "~/components";
+import { ProductChangelog } from "~/components";
 
-{/* <!-- Actual content lives in /src/content/release-notes/dns.yaml. Update the file there for new entries to appear here. For more details, refer to https://developers.cloudflare.com/style-guide/documentation-content-strategy/content-types/changelog/#yaml-file --> */}
+{/* <!-- Actual content lives in /src/content/changelogs/dns/. Update the file there for new entries to appear here. */}
 
-<ProductReleaseNotes />
+<ProductChangelog product="dns"/>
+
+## 2025-01-27
+
+**Zone IDs and names on individual DNS records**
+
+Records returned by the API will no longer contain the `zone_id` and `zone_name` fields. This change may take up to four weeks to fully roll out. The affected fields were deprecated with an End of Life (EOL) date of November 30, 2024.
+
+## 2024-10-15
+
+**Quote validation for TXT records added via dashboard**
+
+When creating [TXT records](/dns/manage-dns-records/reference/dns-record-types/#txt) via the dashboard you will now find:
+
+* Field validation errors if double quotes `"` are added inconsistently.
+* Automatically quoted TXT content upon save if no quotes exist in the record content field.
+
+## 2024-10-07
+
+**API support for per-record CNAME flattening**
+
+Paid zones now have the option to flatten specific CNAME records. When using the API, specify the setting `cname_flatten` as `true` or `false`. Refer to the [documentation](/dns/cname-flattening/set-up-cname-flattening/#per-record) for details.
@@ -1,14 +1,70 @@
 ---
 pcx_content_type: changelog
 title: Changelog
-release_notes_file_name:
-  - fundamentals
 sidebar:
   order: 9
 ---
 
-import { ProductReleaseNotes } from "~/components";
+import { ProductChangelog } from "~/components";
 
-{/* <!-- Actual content lives in /src/content/release-notes/fundamentals.yaml. Update the file there for new entries to appear here. For more details, refer to https://developers.cloudflare.com/style-guide/documentation-content-strategy/content-types/changelog/#yaml-file --> */}
+{/* <!-- Actual content lives in /src/content/changelog/fundamentals/. Update the file there for new entries to appear here. */}
 
-<ProductReleaseNotes />
+<ProductChangelog product="fundamentals" />
+
+## 2025-01-28
+
+**Terraform Provider is now automatically generated**
+
+With the version 5 release of Cloudflare's Terraform Provider, Terraform resources are now being automatically generated based on OpenAPI Schemas. This change brings alignment across our SDKs, API Documentation, and now Terraform Provider. The new provider boosts coverage by increasing API properties to 100%, adding 25% more resources, and more than 200 additional data sources.
+
+Warning: Version 5 of the Cloudflare Terraform Provider is a ground-up rewrite of the provider and introduces breaking changes.
+
+Refer to the [upgrade guide](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/guides/version-5-upgrade) for best practices, or the [blog post on automatically generating Cloudflare’s Terraform Provider](https://blog.cloudflare.com/automatically-generating-cloudflares-terraform-provider/) for more information.
+
+## 2024-12-18
+
+**Use account owned tokens to manage other account owned tokens**
+
+Cloudflare's token management now allows users to set up a primary account owned token where they can manage all other account owned tokens.
+
+Refer to [Account owned tokens documentation](/fundamentals/api/get-started/account-owned-tokens/) for more details.
+
+## 2024-12-16
+
+**Cloudflare API docs are now automatically generated**
+
+Cloudflare's API documentation is now being automatically generated based on OpenAPI Schemas, and we have retired our old documentation. The move to OpenAPI Schemas allows us to ensure greater consistency and quality across our API documentation. The documentation now also includes examples of how to call the API using curl or our SDKs.
+
+Refer to the [Cloudflare API documentation](/api/), or the [blog post on our transition to OpenAPI](https://blog.cloudflare.com/open-api-transition/) for more information.
+
+## 2024-12-06
+
+**Dashboard SCIM is now fully self-serve**
+
+Dashboard SCIM is now self-serve. Previously, users configuring SCIM required assistance from Cloudflare to configure SCIM to onboard users. Now, with account owned tokens, SCIM can be configured by Enterprise customers that use Okta or Microsoft Entra without any assistance from Cloudflare.
+
+Refer to the [SCIM documentation](/fundamentals/setup/account/account-security/scim-setup/) for more details.
+
+## 2024-09-26
+
+**Account owned tokens**
+
+Account owned tokens are now generally available. Unlike user-owned tokens, account owned tokens are tied with the Cloudflare account instead of the user that created them. This ensures that long term integrations like CI/CD are not broken if the user that set it up leaves your organization.
+
+Refer to the [Account owned tokens documentation](/fundamentals/api/get-started/account-owned-tokens/) or the [blog post](https://blog.cloudflare.com/account-owned-tokens-automated-actions-zaraz/) for more details.
+
+## 2024-09-24
+
+**Terraform v5 SDK preview**
+
+The Terraform v5 Provider is now available as a preview. This new provider is automatically generated based on the OpenAPI Specifications for our REST API, and provides improved user experiences overall.
+
+Refer to the [Terraform documentation](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/guides/version-5-upgrade) or the [blog post](https://blog.cloudflare.com/automatically-generating-cloudflares-terraform-provider/) for more details.
+
+## 2024-09-24
+
+**API Documentation Preview**
+
+Cloudflare's API documentation is now [available in preview](/api/) with new automatically generated documentation. This documentation includes code snippets that refer to language-specific SDKs to make it easier to get started than ever.
+
+Refer to the [blog post](https://blog.cloudflare.com/automatically-generating-cloudflares-terraform-provider/) for more details.