v1.31.0
What's Changed
- chore(skill): deploy skill leans on the new broker-ctl remote read by @luisgf in #35
- ci(docs): serialize Pages deploys and cover broker-ctl example config by @luisgf in #36
- fix: reject empty one-shot command at the signer (force-command bypass) by @luisgf in #51
- fix: allow the signer unit to persist policy changes (ReadWritePaths) by @luisgf in #52
- fix: gate broker-supplied end_user in the approval flow on trusted_forwarders by @luisgf in #53
- fix: drop the CWD from broker-ctl's client-config search order by @luisgf in #54
- fix: build the release from make dist (ships control-plane + deploy/) by @luisgf in #55
- docs: audit low-severity documentation fixes (#47–#50) by @luisgf in #56
- fix: audit low-severity hardening (#43–#46) by @luisgf in #57
- fix: resolve broker-ctl default cert/key/ca relative to the config file dir (#42) by @luisgf in #58
- release: v1.31.0 — security & correctness audit pass by @luisgf in #59
Full Changelog: v1.30.0...v1.31.0