ci: added changeset file for recent fixes, update knope

dotansimha · dotansimha · commit f6bb9eb459f5 · 2025-11-04T09:53:58.000+02:00
diff --git a/.changeset/internal_refactor_that_prevents_the_need_to_create_some_structs_clientrequestdetails_twice_this_change_also_eliminates_the_need_to_have_clones.md b/.changeset/internal_refactor_that_prevents_the_need_to_create_some_structs_clientrequestdetails_twice_this_change_also_eliminates_the_need_to_have_clones.md
@@ -0,0 +1,5 @@
+---
+router: patch
+---
+
+# Internal refactor that prevents the need to create some structs (`ClientRequestDetails`) twice. This change also eliminates the need to have clones
diff --git a/.changeset/jwt_improve_the_implementation_of_jwt_plugin_and_expose_it_to_expressions.md b/.changeset/jwt_improve_the_implementation_of_jwt_plugin_and_expose_it_to_expressions.md
@@ -0,0 +1,47 @@
+---
+executor: patch
+router: patch
+---
+
+Improve the implementation of jwt plugin and expose it to expressions.
+
+The following properties are available in the request object exposed to VRL expressions:
+- `request.jwt` will always be an object
+- `request.jwt.authenticated` with value of true or false
+- `request.jwt.prefix` can either be a string or null (if prefix is not used)
+- `request.jwt.token` can be string (when authenticated=true) or null (when authenticated=false)
+- `request.jwt.claims` will always be an array (either empty or with values), containing the full JWT token claims payload.
+- `request.jwt.scopes` will always be an array (either empty or with values), containing the scopes extracted from the claims
+
+Here are examples on how to use the JWT properties in a VRL expression:
+
+```yaml
+# Passes the user-id held in `.sub` claims of the token to the subgraph, or EMPTY
+headers:
+  all:
+    request:
+      - insert:
+          name: X-User-ID
+          expression: |
+            if .request.jwt.authenticated == true {
+              .request.jwt.claims.sub
+            } else {
+              "EMPTY"
+            }
+```
+
+```yaml
+# Passes a custom header based on the status of the authentication and the status of the JWT scopes
+headers:
+ subgraphs:
+    accounts:
+      request:
+        - insert:
+            name: X-Can-Read
+            expression: |
+              if .request.jwt.authenticated == true && includes!(.request.jwt.scopes, "read:accounts") {
+                "Yes"
+              } else {
+                "No"
+              }
+```
diff --git a/knope.toml b/knope.toml
@@ -35,7 +35,7 @@ name = "release"
   [[workflows.steps]]
   type = "Release"
 
-# "document-change" pipeline that prepares the release and pushes a release PR
+# "document-change" / "changeset" pipeline that helps to create a changeset file during development
 [[workflows]]
 name = "document-change"
   [[workflows.steps]]

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +router: patch
 +---
++
 +# Internal refactor that prevents the need to create some structs (`ClientRequestDetails`) twice. This change also eliminates the need to have clones