Skip to content

release: 6.0.0-beta.2 #2710

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
stainless-app wants to merge 6 commits into
base: main
Choose a base branch
from
Open

release: 6.0.0-beta.2 #2710

stainless-app wants to merge 6 commits into from

Conversation

@stainless-app
Copy link
Contributor

@stainless-app stainless-app bot commented Jan 21, 2026
edited
Loading

Automated Release PR

6.0.0-beta.2 (2026-01-23)

Full Changelog: v6.0.0-beta.1...v6.0.0-beta.2

Features

  • feat(fraud): public docs for fraud API (dac4aa5)
  • refactor(terraform): restructure origin_tls_client_auth to peer subresources (89f79e9)

Bug Fixes

Chores

  • internal: codegen related update (cb76fc9)

This pull request is managed by Stainless's GitHub App.

The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.

For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.

🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions

@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch 4 times, most recently from 2728e3b to 1ab6f5e Compare January 21, 2026 19:07
@stainless-app
feat: feat(fraud): public docs for fraud API
dac4aa5 
* feat(fraud): public docs for fraud API
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch from 1ab6f5e to 0337830 Compare January 22, 2026 15:55
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch from 0337830 to 00af505 Compare January 22, 2026 17:40
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch from 00af505 to 623a996 Compare January 22, 2026 18:47
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 22, 2026
View reviewed changes
.github/workflows/detect-breaking-changes.yml
Comment on lines +10 to +36
runs-on: 'ubuntu-latest'
name: detect-breaking-changes
if: github.repository == 'cloudflare/cloudflare-typescript'
steps:
- name: Calculate fetch-depth
run: |
echo "FETCH_DEPTH=$(expr ${{ github.event.pull_request.commits }} + 1)" >> $GITHUB_ENV

- uses: actions/checkout@v6
with:
# Ensure we can check out the pull request base in the script below.
fetch-depth: ${{ env.FETCH_DEPTH }}

- name: Set up Node
uses: actions/setup-node@v3
with:
node-version: '20'
- name: Install dependencies
run: |
yarn install

- name: Detect breaking changes
run: |
# Try to check out previous versions of the breaking change detection script. This ensures that
# we still detect breaking changes when entire files and their tests are removed.
git checkout "${{ github.event.pull_request.base.sha }}" -- ./scripts/detect-breaking-changes 2>/dev/null || true
./scripts/detect-breaking-changes ${{ github.event.pull_request.base.sha }}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 1 day ago

In general, the fix is to explicitly set a permissions block in the workflow (either at the top level or for the affected job) so that the GITHUB_TOKEN is granted only the scopes required. Since this job only checks out code and runs local scripts, it only needs read access to repository contents and does not appear to require any write scopes or additional permissions.

The best, non-breaking fix is to add a top-level permissions section right under the workflow name: (or under on:) specifying contents: read. This will apply to all jobs that do not override permissions (in this file, there is only detect_breaking_changes). No existing steps require write access to contents, issues, or pull requests, and actions/checkout works correctly with contents: read. No other files or imports are involved, and no functional behavior of the job changes apart from tightening the token’s permissions.

Concretely:

  • Edit .github/workflows/detect-breaking-changes.yml.
  • Insert a new block: 
    permissions:
  contents: read
    immediately after line 1 (name: CI) so that it clearly applies at the workflow level.
  • Leave all other lines unchanged.
Suggested changeset 1
.github/workflows/detect-breaking-changes.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/detect-breaking-changes.yml b/.github/workflows/detect-breaking-changes.yml
--- a/.github/workflows/detect-breaking-changes.yml
+++ b/.github/workflows/detect-breaking-changes.yml
@@ -1,4 +1,6 @@
 name: CI
+permissions:
+  contents: read
 on:
   pull_request:
     branches:
EOF
@@ -1,4 +1,6 @@
name: CI
permissions:
contents: read
on:
pull_request:
branches:
Copilot is powered by AI and may make mistakes. Always verify output.
@stainless-app
feat: refactor(terraform): restructure origin_tls_client_auth to peer…
89f79e9 
… subresources

* fix: add backward-compatible methods for origin_tls_client_auth

Adds deprecated parent-level methods (list, get, create, delete) to maintain
backward compatibility with existing SDK users while preserving the clean
cache-style resource structure.

Changes:
- Add 4 deprecated methods at parent level pointing to zone cert endpoints
- Methods generate client.OriginTLSClientAuth.New/List/Get/Delete() paths
- Deprecation messages guide users to zone_certificates.* subresource
- Zero breaking changes - existing SDK code continues to work
- New explicit paths available at ZoneCertificates.* and HostnameCertificates.*

This follows the proven KV namespace dual-path pattern (lines 2730-2752)
where the same endpoint generates methods at both parent and child levels.

Related: SECENG-12971

* refactor(terraform): restructure origin_tls_client_auth to peer subresources

Restructure origin_tls_client_auth to have all 4 terraform resources as sibling subresources:
- zone_certificates → authenticated_origin_pulls_certificate
- hostnames → authenticated_origin_pulls
- hostname_certificates → authenticated_origin_pulls_hostname_certificate
- settings → authenticated_origin_pulls_settings

Add id_property annotations to all CRUD methods.

Closes SECENG-12971, SECENG-12970, SECENG-13210
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch from 623a996 to 92c3a0c Compare January 22, 2026 22:15
@stainless-app stainless-app bot force-pushed the release-please--branches--main--changes--next--components--cloudflare branch from 92c3a0c to eb6f57c Compare January 23, 2026 20:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants