Highlights
Major release adding Stripe-style key types with permission ceilings, environment isolation (test/live), and a security fix for scope enforcement.
New Features
- Stripe-style key types β publishable (
pk_*) and secret (sk_*) keys with per-type permission ceilings - Environment isolation β test/live key prefixes (
pk_test_,sk_live_) with strict environment enforcement - Public key token storage β non-revocable publishable keys can be viewed again in the dashboard
- Headless helpers β for apps with custom dashboard integrations
- Usage analytics scopes β admin dashboard query helpers
Fixes
- Fix PostgreSQL
FOR UPDATEwithCOUNTaggregate error - Security: Fix blank scopes bypass in key_types mode β empty scopes no longer grant unrestricted access when permission ceilings are configured
What's Changed
- Ensure comprehensive testing and production readiness by @rameerez in #5
- Add Stripe-style key types and environments (publishable/secret keys with test/live isolation) by @rameerez in #6
- Fix PostgreSQL FOR UPDATE with COUNT aggregate error by @rameerez in #7
- Add public key token storage for non-revocable publishable keys by @rameerez in #8
- Add headless helpers for custom dashboard integrations by @rameerez in #9
- Add usage analytics scopes for admin dashboards by @rameerez in #10
- Fix blank scopes bypass in key_types mode by @rameerez in #11
Full Changelog: v0.2.1...v0.3.0
Contributors
rameerez