smplkit 1.0.24 → 1.0.26

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 716ac41c7f53fba00f896876246f36ca44e3db661aa3306d647675972edd64e9
-  data.tar.gz: 96d4b2c60234daea039444a9e05ee9441adcf84bc99cd21b690fa504ab1b5ff8
+  metadata.gz: 7bdf868508ed91a94310a12e8341733ae453385e42104713e694c60641538bc1
+  data.tar.gz: 003c013da94f5776a03d32458704700bbca466b3b00c6b67b93971bba5e2f746
 SHA512:
-  metadata.gz: 04dc39a5fdc6e5d809686e9d0b5fc8468771722ff4b50fd8cf644e9baa9be89815213facb0dee695c7d832c7d45c04f1090837300eddd3bb7e95020fa62a4900
-  data.tar.gz: faf0afd4dc392a14c44fcf91d34d631f8c819aa85561296839246346ef429015df0fa16d5d6427f931da1ea2960b0177c45f07ff070b4299aa11282d878b759c
+  metadata.gz: a7aec9a8462b8c935bee1467149de3789d168f92fab61862b41ba36e4bded04b32f487110bc509033b77a39b01254c35cd5ed4d903d694d6b62d026d8975f4a9
+  data.tar.gz: 1a4cb3c19a8e58e51a0347d059825b0ff1fe9f9f90350f140cf7a68c2714107d4bcfdc2870b44ee2afd754c993e90454e41101fa046e277b30476952469479e9

data/lib/smplkit/_generated/audit/lib/smplkit_audit_client/api/forwarders_api.rb

@@ -217,7 +217,7 @@ module SmplkitGeneratedClient::Audit
     end
 
     # Get Forwarder
-    # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are always redacted regardless of caller permission.
+    # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are returned in plaintext so callers can perform a GET-modify-PUT round-trip without re-entering secrets (ADR-014). The persisted ``forwarder_delivery.request`` log column is what keeps redaction; that read path is unaffected by this route.
     # @param forwarder_id [String] 
     # @param [Hash] opts the optional parameters
     # @return [ForwarderResponse]
@@ -227,7 +227,7 @@ module SmplkitGeneratedClient::Audit
     end
 
     # Get Forwarder
-    # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are always redacted regardless of caller permission.
+    # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are returned in plaintext so callers can perform a GET-modify-PUT round-trip without re-entering secrets (ADR-014). The persisted ``forwarder_delivery.request`` log column is what keeps redaction; that read path is unaffected by this route.
     # @param forwarder_id [String] 
     # @param [Hash] opts the optional parameters
     # @return [Array<(ForwarderResponse, Integer, Hash)>] ForwarderResponse data, response status code and response headers
@@ -564,7 +564,7 @@ module SmplkitGeneratedClient::Audit
     end
 
     # Update Forwarder
-    # Full-replace update. PUT semantics — every field is overwritten.  The header values must be re-supplied; the GET path redacts them, but a PUT body that contains ``\"<redacted>\"`` would persist that literal. Customers must round-trip the actual secret back. This is the standard get-mutate-put pattern (see CLAUDE.md \"Updating Resources via the API\"); the SDK helpers track the un-redacted secret client-side so customers don't usually need to re-enter it.
+    # Full-replace update. PUT semantics — every field is overwritten.  The GET path returns plaintext header values, so the standard get-mutate-put round-trip (ADR-014) preserves secrets without any extra work from the caller: GET, change one field, PUT the result.
     # @param forwarder_id [String] 
     # @param forwarder_response [ForwarderResponse] 
     # @param [Hash] opts the optional parameters
@@ -575,7 +575,7 @@ module SmplkitGeneratedClient::Audit
     end
 
     # Update Forwarder
-    # Full-replace update. PUT semantics — every field is overwritten.  The header values must be re-supplied; the GET path redacts them, but a PUT body that contains &#x60;&#x60;\&quot;&lt;redacted&gt;\&quot;&#x60;&#x60; would persist that literal. Customers must round-trip the actual secret back. This is the standard get-mutate-put pattern (see CLAUDE.md \&quot;Updating Resources via the API\&quot;); the SDK helpers track the un-redacted secret client-side so customers don&#39;t usually need to re-enter it.
+    # Full-replace update. PUT semantics — every field is overwritten.  The GET path returns plaintext header values, so the standard get-mutate-put round-trip (ADR-014) preserves secrets without any extra work from the caller: GET, change one field, PUT the result.
     # @param forwarder_id [String] 
     # @param forwarder_response [ForwarderResponse] 
     # @param [Hash] opts the optional parameters

data/lib/smplkit/_generated/audit/spec/api/forwarders_api_spec.rb

@@ -70,7 +70,7 @@ describe 'ForwardersApi' do
 
   # unit tests for get_forwarder
   # Get Forwarder
-  # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are always redacted regardless of caller permission.
+  # Retrieve a single forwarder by id.  Returns 404 if no forwarder with that id exists in the caller's account, including if the forwarder is soft-deleted. Header values in the response are returned in plaintext so callers can perform a GET-modify-PUT round-trip without re-entering secrets (ADR-014). The persisted ``forwarder_delivery.request`` log column is what keeps redaction; that read path is unaffected by this route.
   # @param forwarder_id 
   # @param [Hash] opts the optional parameters
   # @return [ForwarderResponse]
@@ -138,7 +138,7 @@ describe 'ForwardersApi' do
 
   # unit tests for update_forwarder
   # Update Forwarder
-  # Full-replace update. PUT semantics — every field is overwritten.  The header values must be re-supplied; the GET path redacts them, but a PUT body that contains ``\"<redacted>\"`` would persist that literal. Customers must round-trip the actual secret back. This is the standard get-mutate-put pattern (see CLAUDE.md \"Updating Resources via the API\"); the SDK helpers track the un-redacted secret client-side so customers don't usually need to re-enter it.
+  # Full-replace update. PUT semantics — every field is overwritten.  The GET path returns plaintext header values, so the standard get-mutate-put round-trip (ADR-014) preserves secrets without any extra work from the caller: GET, change one field, PUT the result.
   # @param forwarder_id 
   # @param forwarder_response 
   # @param [Hash] opts the optional parameters

data/lib/smplkit/audit/client.rb

@@ -10,13 +10,19 @@ module Smplkit
     class AuditClient
       attr_reader :events, :forwarders, :functions
 
-      def initialize(api_key:, base_url:, timeout: 10.0)
+      SDK_OWNED_HEADERS = %w[authorization content-type user-agent].freeze
+
+      def initialize(api_key:, base_url:, timeout: 10.0, extra_headers: nil)
         cfg = SmplkitGeneratedClient::Audit::Configuration.new
         cfg.host = URI.parse(base_url).host
         cfg.scheme = URI.parse(base_url).scheme
         cfg.access_token = api_key
         cfg.timeout = timeout
         api_client = SmplkitGeneratedClient::Audit::ApiClient.new(cfg)
+        api_client.default_headers["User-Agent"] = "smplkit-ruby-sdk/#{Smplkit::VERSION}"
+        extra_headers&.each do |k, v|
+          api_client.default_headers[k] = v unless SDK_OWNED_HEADERS.include?(k.downcase)
+        end
         events_api = SmplkitGeneratedClient::Audit::EventsApi.new(api_client)
         forwarders_api = SmplkitGeneratedClient::Audit::ForwardersApi.new(api_client)
         @events = Events.new(events_api)

data/lib/smplkit/client.rb

@@ -43,7 +43,8 @@ module Smplkit
     end
 
     def initialize(api_key: nil, environment: nil, service: nil, profile: nil, # rubocop:disable Metrics/AbcSize
-                   base_domain: nil, scheme: nil, debug: nil, telemetry: nil)
+                   base_domain: nil, scheme: nil, debug: nil, telemetry: nil,
+                   extra_headers: nil)
       cfg = ConfigResolution.resolve_config(
         profile: profile, api_key: api_key, base_domain: base_domain, scheme: scheme,
         environment: environment, service: service, debug: debug, telemetry: telemetry
@@ -67,7 +68,8 @@ module Smplkit
       mgmt_cfg = ConfigResolution::ResolvedManagementConfig.new(
         api_key: cfg.api_key, base_domain: cfg.base_domain, scheme: cfg.scheme, debug: cfg.debug
       )
-      @manage = ManagementClient.from_resolved(mgmt_cfg)
+      @extra_headers = extra_headers
+      @manage = ManagementClient.from_resolved(mgmt_cfg, extra_headers: extra_headers)
 
       app_url = ConfigResolution.service_url(cfg.scheme, "app", cfg.base_domain)
       flags_url = ConfigResolution.service_url(cfg.scheme, "flags", cfg.base_domain)
@@ -87,7 +89,8 @@ module Smplkit
                                             flags_base_url: flags_url, app_base_url: app_url)
       @logging = Logging::LoggingClient.new(self, manage: @manage, metrics: @metrics,
                                                   logging_base_url: logging_url, app_base_url: app_url)
-      @audit = Audit::AuditClient.new(api_key: cfg.api_key, base_url: audit_url)
+      @audit = Audit::AuditClient.new(api_key: cfg.api_key, base_url: audit_url,
+                                      extra_headers: extra_headers)
 
       @closed = false
       schedule_periodic_flush
@@ -170,6 +173,7 @@ module Smplkit
     def _api_key = @api_key
     def _app_base_url = @app_base_url
     def _metrics = @metrics
+    def _extra_headers = @extra_headers
 
     def _ensure_ws
       @_ensure_ws ||= begin

data/lib/smplkit/management/client.rb

@@ -30,12 +30,12 @@ module Smplkit
     attr_reader :contexts, :context_types, :environments, :account_settings,
                 :config, :flags, :loggers, :log_groups
 
-    def self.from_resolved(resolved)
-      new(_resolved: resolved)
+    def self.from_resolved(resolved, extra_headers: nil)
+      new(_resolved: resolved, extra_headers: extra_headers)
     end
 
     def initialize(api_key: nil, base_domain: nil, scheme: nil, profile: nil,
-                   debug: nil, _resolved: nil)
+                   debug: nil, _resolved: nil, extra_headers: nil)
       cfg = _resolved ||
             ConfigResolution.resolve_management_config(
               api_key: api_key, base_domain: base_domain, scheme: scheme,
@@ -45,6 +45,7 @@ module Smplkit
 
       @resolved = cfg
 
+      @extra_headers = extra_headers
       @app_api_client = build_api_client(SmplkitGeneratedClient::App, "app", cfg)
       @config_api_client = build_api_client(SmplkitGeneratedClient::Config, "config", cfg)
       @flags_api_client = build_api_client(SmplkitGeneratedClient::Flags, "flags", cfg)
@@ -71,6 +72,8 @@ module Smplkit
     def _flags_http = @flags_api_client
     def _logging_http = @logging_api_client
 
+    SDK_OWNED_HEADERS = %w[authorization content-type user-agent].freeze
+
     private
 
     def build_api_client(generated_module, subdomain, cfg)
@@ -82,6 +85,9 @@ module Smplkit
       configuration.debugging = cfg.debug
       generated_module::ApiClient.new(configuration).tap do |client|
         client.default_headers["User-Agent"] = "smplkit-ruby-sdk/#{Smplkit::VERSION}"
+        @extra_headers&.each do |k, v|
+          client.default_headers[k] = v unless SDK_OWNED_HEADERS.include?(k.downcase)
+        end
       end
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: smplkit
 version: !ruby/object:Gem::Version
-  version: 1.0.24
+  version: 1.0.26
 platform: ruby
 authors:
 - Smpl Solutions LLC