@zuplo/runtime 6.69.4 → 6.69.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/out/esm/index.js +54 -54
  2. package/out/esm/index.js.map +1 -1
  3. package/out/types/index.d.ts +4 -0
  4. package/package.json +1 -1
package/out/types/index.d.ts CHANGED
@@ -9451,6 +9451,10 @@ export declare interface UpstreamGcpServiceAuthInboundPolicyOptions {
9451
9451
  * The version of the policy.
9452
9452
  */
9453
9453
  version?: 1 | 2;
9454
+ /**
9455
+ * When `true` (the default), emits a warning if the inbound request carries headers like `X-Serverless-Authorization` or `X-Goog-IAP-JWT-Assertion`. Forwarding those to a downstream Cloud Run typically causes a `the access token could not be verified` 401 because Cloud Run prefers `X-Serverless-Authorization` over `Authorization` for IAM checks. Set this to `false` only if you have intentionally chosen to forward those headers (e.g. the upstream service is also IAP-fronted and expects them) — the warning is otherwise a useful diagnostic signal.
9456
+ */
9457
+ enableSuspiciousHeaderWarning?: boolean;
9454
9458
  }
9455
9459
 
9456
9460
  /* Excluded from this release type: UpstreamTokens */
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@zuplo/runtime",
3
3
  "type": "module",
4
- "version": "6.69.4",
4
+ "version": "6.69.6",
5
5
  "repository": "https://github.com/zuplo/zuplo",
6
6
  "author": "Zuplo, Inc.",
7
7
  "exports": {