Merge branch 'main' into dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

Author: dmashuda

.github/workflows/dependency-scan.yml

@@ -0,0 +1,44 @@
+name: Dependency Scan
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  generate-go-sbom:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Generate SBOM
+        uses: launchdarkly/gh-actions/actions/dependency-scan/generate-sbom@main
+        with:
+          types: 'go'
+
+  generate-nodejs-sbom:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Generate SBOM
+        uses: launchdarkly/gh-actions/actions/dependency-scan/generate-sbom@main
+        with:
+          types: 'nodejs'
+
+  evaluate-policy:
+    runs-on: ubuntu-latest
+    needs:
+      - generate-go-sbom
+      - generate-nodejs-sbom
+    steps:
+      - name: Evaluate SBOM Policy
+        uses: launchdarkly/gh-actions/actions/dependency-scan/evaluate-policy@main
+        with:
+          artifacts-pattern: bom-*

.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-    ".": "1.16.2"
+    ".": "1.17.1"
 }

CHANGELOG.md

@@ -1,5 +1,34 @@
 # Changelog
 
+## [1.17.1](https://github.com/launchdarkly/ldcli/compare/v1.17.0...v1.17.1) (2025-09-15)
+
+
+### Bug Fixes
+
+* [FUN-983] Set CORS headers consistently for SDK & API cases ([#614](https://github.com/launchdarkly/ldcli/issues/614)) ([c05d3a5](https://github.com/launchdarkly/ldcli/commit/c05d3a570e6cacff5f525c34bdeb0ba47249e4eb))
+
+## [1.17.0](https://github.com/launchdarkly/ldcli/compare/v1.16.4...v1.17.0) (2025-09-15)
+
+
+### Features
+
+* [FUN-984] Add favicon ([#616](https://github.com/launchdarkly/ldcli/issues/616)) ([92d63e2](https://github.com/launchdarkly/ldcli/commit/92d63e279f86da73ae303780e3e214bf1c95f160)), closes [#610](https://github.com/launchdarkly/ldcli/issues/610)
+* Add favicon ([92d63e2](https://github.com/launchdarkly/ldcli/commit/92d63e279f86da73ae303780e3e214bf1c95f160))
+
+## [1.16.4](https://github.com/launchdarkly/ldcli/compare/v1.16.3...v1.16.4) (2025-09-10)
+
+
+### Bug Fixes
+
+* Enhance flag search functionality to support quoted substrings ([#609](https://github.com/launchdarkly/ldcli/issues/609)) ([226a386](https://github.com/launchdarkly/ldcli/commit/226a3864ee354162d21cc2644f7fcd874f6f71a4))
+
+## [1.16.3](https://github.com/launchdarkly/ldcli/compare/v1.16.2...v1.16.3) (2025-08-15)
+
+
+### Bug Fixes
+
+* Clarify --source flag refers to environment key ([#595](https://github.com/launchdarkly/ldcli/issues/595)) ([202484a](https://github.com/launchdarkly/ldcli/commit/202484a5d13b001f017e53f979b2eb1fb1414ecb))
+
 ## [1.16.2](https://github.com/launchdarkly/ldcli/compare/v1.16.1...v1.16.2) (2025-07-28)
 
 

PROVENANCE.md

@@ -5,15 +5,15 @@ LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) (Supply
 As part of [SLSA requirements for level 3 compliance](https://slsa.dev/spec/v1.0/requirements), LaunchDarkly publishes provenance about our package builds using [GitHub's generic SLSA3 provenance generator](https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/generic/README.md#generation-of-slsa3-provenance-for-arbitrary-projects) for distribution alongside our packages.
 
 <!-- x-release-please-start-version -->
-These attestations are available for download from the GitHub release page for the release version under Assets > `ldcli_1.16.2_multiple_provenance.intoto.jsonl`.
+These attestations are available for download from the GitHub release page for the release version under Assets > `ldcli_1.17.1_multiple_provenance.intoto.jsonl`.
 <!-- x-release-please-end -->
 
 To verify SLSA provenance attestations, we recommend using [slsa-verifier](https://github.com/slsa-framework/slsa-verifier). Example usage for verifying packages for Linux is included below: 
 
 <!-- x-release-please-start-version -->
 ```
 # Set the version of the PACKAGE to verify
-PACKAGE_VERSION=1.16.2
+PACKAGE_VERSION=1.17.1
 ```
 <!-- x-release-please-end -->
 

go.mod

@@ -15,8 +15,8 @@ require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/launchdarkly/api-client-go/v14 v14.0.0
 	github.com/launchdarkly/go-sdk-common/v3 v3.4.0
-	github.com/launchdarkly/go-server-sdk/v7 v7.13.1
-	github.com/launchdarkly/sdk-meta/api v0.4.5
+	github.com/launchdarkly/go-server-sdk/v7 v7.13.4
+	github.com/launchdarkly/sdk-meta/api v0.4.8
 	github.com/mattn/go-sqlite3 v1.14.28
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/muesli/reflow v0.3.0

go.sum

@@ -224,12 +224,12 @@ github.com/launchdarkly/go-semver v1.0.3 h1:agIy/RN3SqeQDIfKkl+oFslEdeIs7pgsJBs3
 github.com/launchdarkly/go-semver v1.0.3/go.mod h1:xFmMwXba5Mb+3h72Z+VeSs9ahCvKo2QFUTHRNHVqR28=
 github.com/launchdarkly/go-server-sdk-evaluation/v3 v3.0.1 h1:rTgcYAFraGFj7sBMB2b7JCYCm0b9kph4FaMX02t4osQ=
 github.com/launchdarkly/go-server-sdk-evaluation/v3 v3.0.1/go.mod h1:fPS5d+zOsgFnMunj+Ki6jjlZtFvo4h9iNbtNXxzYn58=
-github.com/launchdarkly/go-server-sdk/v7 v7.13.1 h1:tYNZHb7aq1N8RPVnksBA2ToFsBHUpLEebJoQDP2oKmE=
-github.com/launchdarkly/go-server-sdk/v7 v7.13.1/go.mod h1:EEUSX/bc1mVq+3pwrRzTfu8LFRWRI1UL4XMgzsKWmbE=
+github.com/launchdarkly/go-server-sdk/v7 v7.13.4 h1:Jn4HQDkmV0DhbUKLz7gFbNrhVrE3xSx8D6FTKEDheis=
+github.com/launchdarkly/go-server-sdk/v7 v7.13.4/go.mod h1:EEUSX/bc1mVq+3pwrRzTfu8LFRWRI1UL4XMgzsKWmbE=
 github.com/launchdarkly/go-test-helpers/v3 v3.1.0 h1:E3bxJMzMoA+cJSF3xxtk2/chr1zshl1ZWa0/oR+8bvg=
 github.com/launchdarkly/go-test-helpers/v3 v3.1.0/go.mod h1:Ake5+hZFS/DmIGKx/cizhn5W9pGA7pplcR7xCxWiLIo=
-github.com/launchdarkly/sdk-meta/api v0.4.5 h1:xMnXACvMWJfTJkGz0F+8VrTXvBikufEiUCxvJXCfZuI=
-github.com/launchdarkly/sdk-meta/api v0.4.5/go.mod h1:vXfR0z4XBz49IYT/2GDEza+Iat3PcuBCC438AZT6oDg=
+github.com/launchdarkly/sdk-meta/api v0.4.8 h1:PAfhLfoozyQM04AzN7vxzQUc5mrINiwgk3gjbUMZhzY=
+github.com/launchdarkly/sdk-meta/api v0.4.8/go.mod h1:vXfR0z4XBz49IYT/2GDEza+Iat3PcuBCC438AZT6oDg=
 github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
 github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=

internal/dev_server/api/api.yaml

@@ -7,9 +7,9 @@ info:
     those flags.
   version: 1.0.0
 servers:
-  - url: "http"
+  - url: "http://localhost:8765/dev"
 paths:
-  /dev/backup:
+  /backup:
     get:
       summary: get the backup
       operationId: getBackup
@@ -28,7 +28,7 @@ paths:
       responses:
         200:
           description: 'Backup restored'
-  /dev/projects:
+  /projects:
     get:
       summary: lists all projects that have been configured for the dev server
       operationId: getProjects
@@ -43,7 +43,7 @@ paths:
                 items:
                   type: string
                 uniqueItems: true
-  /dev/projects/{projectKey}:
+  /projects/{projectKey}:
     get:
       summary: get the specified project and its configuration for syncing from the LaunchDarkly Service
       operationId: getProject
@@ -113,7 +113,7 @@ paths:
           $ref: "#/components/responses/ErrorResponse"
         409:
           $ref: "#/components/responses/ErrorResponse"
-  /dev/projects/{projectKey}/overrides:
+  /projects/{projectKey}/overrides:
     delete:
       summary: remove all overrides for the given project
       operationId: deleteOverrides
@@ -124,7 +124,7 @@ paths:
           description: OK. All overrides were removed
         404:
           $ref: "#/components/responses/ErrorResponse"        
-  /dev/projects/{projectKey}/overrides/{flagKey}:
+  /projects/{projectKey}/overrides/{flagKey}:
     put:
       summary: override flag value with value provided in the body
       operationId: putOverrideFlag
@@ -155,7 +155,7 @@ paths:
           description: OK. override removed
         404:
           description: no matching override found
-  /dev/projects/{projectKey}/environments:
+  /projects/{projectKey}/environments:
     get:
       operationId: getEnvironments
       summary: list all environments for the given project