v0.25.0
New: Postgres MITM with Role Injection (Experimental)
iron-proxy can now MITM-proxy PostgreSQL traffic, injecting SET ROLE "<role>" on the upstream session at startup so that Row-Level Security policies keyed on current_role scope per-tenant access even when your application connects as a shared superuser. Clients authenticate against proxy-managed credentials; the wire protocol is relayed transparently.
Client-issued role mutations are rejected: direct SET ROLE / RESET ROLE / SET SESSION AUTHORIZATION, indirect bypasses via SELECT set_config('role', ...) and CTE/subquery-wrapped variants, and opaque DO blocks.
Experimental. The Postgres listener is functional and integration-tested against Postgres 16, but the config surface and injection semantics are still stabilizing. Expect breaking changes in minor releases.