Skip to content

v0.7.18

Choose a tag to compare

View all tags
@ggoodman ggoodman released this 03 Jun 18:28
v0.7.18
0b0c146
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Fixes DNS-derived HTTP authority matching for delayed package-manager downloads against registries served by short-TTL CDN addresses.

Sandbox now keeps accepted DNS answer attribution for a bounded window even when the DNS TTL is very short. This lets later HTTPS connections to the same resolved registry IP continue matching conn.matchHttp("registry.npmjs.org") instead of falling back to raw IP endpoint policy.

The DNS answer remains the source of authority metadata. Sandbox still does not infer HTTP authority from HTTP Host headers or TLS SNI.

Assets 2
Loading