Skip to content

release: 5.17.0 #6693

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
stainless-app wants to merge 128 commits into
base: main
Choose a base branch
from
Open

release: 5.17.0 #6693

stainless-app wants to merge 128 commits into from
+17,524 −2,655

Conversation

@stainless-app
Copy link
Contributor

@stainless-app stainless-app bot commented Jan 27, 2026
edited
Loading

Automated Release PR

5.17.0 (2026-02-03)

Full Changelog: v5.16.0...v5.17.0

Features

  • bump schema verion in prep for state upgraders (a721535)
  • bump schema verion in prep for state upgraders (a721535)
  • chore: use 'next' branch of Go SDK in Terraform (809a3f3)
  • custom_hostname_fallback_origin: add comprehensive lifecycle test (054611a)
  • custom_hostname_fallback_origin: add v4 to v5 migration tests (0542720)
  • feat(radar): add BGP RPKI ASPA endpoints and fix SDK casings (e6a03b6)
  • leaked_credential_check: add import functionality. add tests for import (76e44f0)
  • pages_project: use state upgraders (db96be7)
  • refactor(terraform): restructure origin_tls_client_auth to peer subresources (6c12fea)
  • state upgrader (d8e4529)
  • turstile_widget: add v4 to v5 migration tests (a1e27af)
  • zero_trust_organization: add migration test (1032e4e)

Bug Fixes

  • account: map managed_by.parent_org_id to unid.id in unmarshall and add acctests (a282d8e)
  • address PR review comments (62598d7)
  • authenticated_origin_pulls_certificate: add certificate normalization to prevent drift (9fa8e39)
  • authenticated_origin_pulls_hostname_certificate resource and tests (3380cf9)
  • authenticated_origin_pulls: handle array response and implement full lifecycle (e4c82b8)
  • mtls_certificates resource and test (fc44f27)
  • prevent unnecessary diffs on consecutive applies for hyperdrive_config (8755bf9)
  • zero_trust_access_application: update v4 version on migration tests (45a825e)

Reverts

  • pages_project: "fix(pages_project) build_config to computed optional" (b9c13c9)

Chores

  • add CODEOWNERS (3abbb08)
  • api: update composite API spec (febe2db)
  • api: update composite API spec (71cb6a6)
  • api: update composite API spec (6c428d6)
  • api: update composite API spec (eda1841)
  • api: update composite API spec (7cda136)
  • api: update composite API spec (935193b)
  • api: update composite API spec (7e45f8d)
  • api: update composite API spec (e42ae97)
  • api: update composite API spec (48153bd)
  • improve contribution guide (85584b7)
  • internal: codegen related update (33bc656)
  • internal: codegen related update (6eb4afc)
  • internal: codegen related update (636b4f8)
  • internal: codegen related update (067536c)
  • internal: codegen related update (1af8451)
  • internal: codegen related update (f36071f)
  • internal: codegen related update (246ffcd)
  • internal: codegen related update (471df29)
  • internal: codegen related update (0211418)
  • internal: codegen related update (2bcbbd5)
  • internal: codegen related update (09f9d99)
  • internal: fix sdk (be5dbc6)
  • tests: no more state file (f439772)
  • Update CHANGELOG.md (f4a1b58)

Documentation

  • clarify certificate normalization issue in test comments (8bddab1)

Refactors

  • refactor stateupgraders (c950153)

This pull request is managed by Stainless's GitHub App.

The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.

For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.

🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions

Jarred Trainor and others added 30 commits January 16, 2026 17:16
ADDR-5996 Update byo_ip_prefix acceptance tests
7e3331c
@rotem-cloud
feat(regional_tiered_cache): add v4 to v5 migration tests
bf227f7
zero_trust_gateway_settings v4->v5 migration tests
b2a8223
@tamas-jozsa
fix(pages_project) build_config to computed optional
e764875
@tamas-jozsa
Merge pull request #6672 from cloudflare/pages_project
4a12864 
fix(pages_project) build_config to computed optional
@musa-cf
Merge pull request #6509 from aeriff/jarred/ADDR-5996
b6e3523 
ADDR-5996 Update byo_ip_prefix acceptance tests
@mya-jin
fix(account): map managed_by.parent_org_id to unid.id in unmarshall a…
a282d8e 
…nd add acctests
@mya-jin
add back comment
c240bdd
@mya-jin
prevent terraform from detecting drift if an account was moved into a…
b5a0e95 
… tenant after its initial creation.
@mya-jin
implement selective unit mapping and drift detection
92c23e7
@mya-jin
map unit.id whenever prarent_org_id is not null and fix type field
7b97275
@rotem-cloud
Merge pull request #6647 from cloudflare/rotem/regional_tiered_cache_…
0764da3 
…migration
@stainless-app
codegen metadata
5849243
@ssicard
feat(zero_trust_organization): add migration test
1032e4e
@ssicard
update comments
2c67ab9
@stainless-app
codegen metadata
e71f407
@mya-jin
fix unit.id model json
72c95a8
@rotem-cloud
feat(turstile_widget): add v4 to v5 migration tests
a1e27af
@stainless-app
chore(internal): codegen related update
09f9d99
@musa-cf
test(zone_subscription): prevent plan overwrites on primary testing zone
4eee261
@musa-cf
Merge pull request #6679 from cloudflare/fix-zone-sub-tests
90fb705 
test(zone_subscription): prevent plan overwrites on primary testing zone
@MildMax
sets ImportState for web_analytics_site to fill in top-level zone_tag…
d62744a 
… attribute from ruleset object
@MildMax
adds tests ensuring no updates on importing existing web_analytics_si…
e8fca7b 
…te for zone_tag update
@MildMax
removes debug statement from resource.go in web_analytics_site
7f9e0f9
@stainless-app
feat: refactor(terraform): restructure origin_tls_client_auth to peer…
6c12fea 
… subresources

* fix: add backward-compatible methods for origin_tls_client_auth

Adds deprecated parent-level methods (list, get, create, delete) to maintain
backward compatibility with existing SDK users while preserving the clean
cache-style resource structure.

Changes:
- Add 4 deprecated methods at parent level pointing to zone cert endpoints
- Methods generate client.OriginTLSClientAuth.New/List/Get/Delete() paths
- Deprecation messages guide users to zone_certificates.* subresource
- Zero breaking changes - existing SDK code continues to work
- New explicit paths available at ZoneCertificates.* and HostnameCertificates.*

This follows the proven KV namespace dual-path pattern (lines 2730-2752)
where the same endpoint generates methods at both parent and child levels.

Related: SECENG-12971

* refactor(terraform): restructure origin_tls_client_auth to peer subresources

Restructure origin_tls_client_auth to have all 4 terraform resources as sibling subresources:
- zone_certificates → authenticated_origin_pulls_certificate
- hostnames → authenticated_origin_pulls
- hostname_certificates → authenticated_origin_pulls_hostname_certificate
- settings → authenticated_origin_pulls_settings

Add id_property annotations to all CRUD methods.

Closes SECENG-12971, SECENG-12970, SECENG-13210
@stainless-app
chore(internal): codegen related update
2bcbbd5
@musa-cf @stainless-app
chore: improve contribution guide
85584b7
@vaishakdinesh
Merge pull request #6682 from MildMax/mildmax/web-analytics-site-zone…
9fb9157 
…-tag-import-fix-v2

fix(web_analytics_site): fill in top-level zone_tag to prevent drift
@rotem-cloud
Merge pull request #6680 from cloudflare/cloudflare/turnstile_widget_…
6da2289 
…migration

feat(turstile_widget): add v4 to v5 migration tests
@musa-cf
revert(pages_project): "fix(pages_project) build_config to computed o…
b9c13c9 
…ptional"

This reverts commit e764875.
@vaishakdinesh
Merge pull request #6712 from cloudflare/cloudflare/custom_hostname_f…
14c4464 
…allback_origin_migration

feat(custom_hostname_fallback_origin): add v4 to v5 migration tests
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from 7c88d0d to 63dbc66 Compare February 2, 2026 19:54
vaishakdinesh and others added 4 commits February 2, 2026 12:03
@vaishakdinesh
feat: state upgrader
d8e4529
@dt-dtran
fix: authenticated_origin_pulls_hostname_certificate resource and tests
3380cf9
@vaishakdinesh
Merge pull request #6710 from ang-cloudflare/ang/SECENG-12971-next
2fed535 
fix(authenticated_origin_pulls_certificate): add certificate normalization and lifecycle test
@vaishakdinesh
Merge pull request #6703 from dt-dtran/dianatran/hostname_aop
5e6ebf2 
fix(authenticated_origin_pulls_hostname_certificate): resource and tests
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch 2 times, most recently from f8b12b0 to 057027d Compare February 2, 2026 22:52
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch 2 times, most recently from db3205e to 1b8ba31 Compare February 2, 2026 23:02
ang-cloudflare and others added 3 commits February 2, 2026 20:15
@ang-cloudflare
fix(authenticated_origin_pulls): handle array response and implement …
e4c82b8 
…full lifecycle

SECENG-12970

The API endpoint PUT /zones/{zone_id}/origin_tls_client_auth/hostnames
returns an array of hostname associations, but the auto-generated code
expected a single object. This caused Create/Update operations to fail
silently.

Changes for authenticated_origin_pulls:
- Add custom.go with array envelope type and FindByHostname() helper
- Fix Create/Update methods to parse array response and find matching hostname
- Fix Delete method to include cert_id in payload (API requirement)
- Fix Read method to set PrivateKey to null (write-only field)
- Rewrite resource_test.go with comprehensive lifecycle test
- Remove outdated testdata files

Also includes cherry-picked fixes:
- Certificate normalization from PR #6710 (authenticated_origin_pulls_certificate)
- Certificate normalization from PR #6703 (authenticated_origin_pulls_hostname_certificate)

Test: PASS TestAccAuthenticatedOriginPulls_FullLifecycle (8.21s)
@ang-cloudflare
fix: address PR review comments
62598d7 
- Add config length validation requiring exactly one hostname association
- Move authenticated_origin_pulls_certificate test config to testdata file
- Add updated_at to ImportStateVerifyIgnore list
@stainless-app
codegen metadata
8be71d5
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from 1b8ba31 to f4a04e8 Compare February 3, 2026 08:43
@stainless-app
feat: feat(radar): add BGP RPKI ASPA endpoints and fix SDK casings
e6a03b6 
* feat(radar): add BGP RPKI ASPA endpoints and fix SDK casings

- Add ASPA endpoints: snapshot, changes, timeseries
- Add custom casings for CT, TLD, TLDs, NetFlows, ASPA
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from f4a04e8 to ab7ddcf Compare February 3, 2026 13:16
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from ab7ddcf to de3e327 Compare February 3, 2026 15:23
@vaishakdinesh
Merge pull request #6711 from ang-cloudflare/ang/SECENG-12970-next
277d07e 
fix(authenticated_origin_pulls): handle array response and implement full lifecycle
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from de3e327 to 26ef4ce Compare February 3, 2026 15:55
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from 26ef4ce to 7c1ecca Compare February 3, 2026 18:41
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next branch from 7c1ecca to 8d9f192 Compare February 3, 2026 19:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mgirouard mgirouard

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.