Skip to content

Tags: jentic/jentic-mini

Tags

v0.13.2

Toggle v0.13.2's commit message 
chore(release): cut the 0.13.2 release

## [0.13.2](v0.13.1...v0.13.2) (2026-05-20)

### Bug Fixes

* **auth:** replace python-jose with PyJWT to drop ecdsa dep ([#428](#428)) ([f62b56b](f62b56b))
* **deps:** bump idna from 3.13 to 3.15 ([#415](#415)) ([fae5b01](fae5b01))

v0.13.1

Toggle v0.13.1's commit message 
chore(release): cut the 0.13.1 release

## [0.13.1](v0.13.0...v0.13.1) (2026-05-13)

### Bug Fixes

* **Dockerfile:** bump PDM to 2.26.9 to fix hishel API mismatch ([#397](#397)) ([be954b6](be954b6))
* **Dockerfile:** install PDM via pip to fix arm64 build failure ([567e28c](567e28c))
* **utils:** canonical URL falls back to JENTIC_PUBLIC_HOSTNAME ([#396](#396)) ([6f8f79c](6f8f79c)), closes [#378](#378) [#380](#380) [#369](#369)

v0.13.0

Toggle v0.13.0's commit message 
chore(release): cut the 0.13.0 release

# [0.13.0](v0.12.0...v0.13.0) (2026-05-13)

### Bug Fixes

* harden path-prefix mounting — address [#365](#365) review ([#369](#369)) ([56e2bab](56e2bab)), closes [#379](#379) [#380](#380) [#381](#381) [#364](#364)
* **security:** close login open-redirect bypass (CodeQL [#663](https://github.com/jentic/jentic-mini/issues/663)) ([#377](#377)) ([15504e4](15504e4)), closes [#376](#376) [#376](#376)

### Features

* **auth:** add trusted-proxy forwarded identity authentication ([#390](#390)) ([b69b477](b69b477)), closes [#366](#366)
* **main:** support reverse-proxy path prefix mounting ([#364](#364)) ([ca9bf56](ca9bf56)), closes [#356](#356)

v0.12.0

Toggle v0.12.0's commit message 
chore(release): cut the 0.12.0 release

# [0.12.0](v0.11.0...v0.12.0) (2026-05-07)

### Bug Fixes

* **vault:** deterministic credential selection on equal path prefix ([#290](#290)) ([752932b](752932b)), closes [#192](#192)

### Features

* **cli:** implement reset-password subcommand ([#330](#330)) ([189aea1](189aea1)), closes [#321](#321)

v0.11.0

Toggle v0.11.0's commit message 
chore(release): cut the 0.11.0 release

# [0.11.0](v0.10.1...v0.11.0) (2026-05-07)

### Features

* **auth:** introduce agent identity via OAuth 2.0 DCR + JWT-bearer ([#320](#320)) ([8abe560](8abe560))

v0.10.1

Toggle v0.10.1's commit message 
chore(release): cut the 0.10.1 release

## [0.10.1](v0.10.0...v0.10.1) (2026-05-07)

### Bug Fixes

* **capability:** url-encode capability id in inspect link ([#289](#289)) ([b1ee780](b1ee780)), closes [#253](#253)
* **deps:** bump python-multipart to 0.0.27 and mako to 1.3.12 ([#341](#341)) ([71398c0](71398c0))

v0.10.0

Toggle v0.10.0's commit message 
chore(release): cut the 0.10.0 release

# [0.10.0](v0.9.1...v0.10.0) (2026-05-06)

### Bug Fixes

* **oauth:** use default_external_user_id from config in discover_accounts on broker creation ([#292](#292)) ([56f3e1b](56f3e1b))

### Features

* **worktrees:** support parallel Claude Code sessions via worktrees ([#327](#327)) ([d55551e](d55551e))

v0.9.1

Toggle v0.9.1's commit message 
chore(release): cut the 0.9.1 release

## [0.9.1](v0.9.0...v0.9.1) (2026-05-04)

### Bug Fixes

* **catalog:** resolve phase 14 security advisories ([#310](#310)) ([1a88f54](1a88f54))
* **Dockerfile:** upgrade system-wide pip/setuptools/wheel in runtime ([#311](#311)) ([f2274d6](f2274d6)), closes [#607](https://github.com/jentic/jentic-mini/issues/607) [#610](https://github.com/jentic/jentic-mini/issues/610) [#611](https://github.com/jentic/jentic-mini/issues/611)
* workflow credential injection via requests.Session headers ([#250](#250)) ([1cb597e](1cb597e))

v0.9.0

Toggle v0.9.0's commit message 
chore(release): cut the 0.9.0 release

# [0.9.0](v0.8.1...v0.9.0) (2026-04-16)

### Bug Fixes

* add load_api_desc function for credential scheme derivation ([5efa250](5efa250))
* add missing include_pending param to _load_merged_spec (NameError caused GET /apis/{id} to 500) ([f6e7949](f6e7949))
* add missing useEffect dep + replace any casts with CredentialOut type ([cedb001](cedb001))
* align self-registration credential api_id with derived API ID ([8be1b89](8be1b89))
* allow auth_type=none credentials without security scheme ([771944c](771944c))
* cascade credential ID rename to credential_routes + correct internal route ([97da4d2](97da4d2)), closes [#229](#229)
* clean up migration 0004 with improved backfill and vault.py ([103bea3](103bea3))
* credential POST now saves routes/scheme; fix env_var collision; fix import_.py _load_base_url_from_spec rename ([8f3274f](8f3274f))
* credential_routes column name is 'host' not 'route' ([650bc75](650bc75))
* disable aiohttp auto_decompress so content-encoding forwards correctly ([1191950](1191950))
* explicitly delete credential_routes on credential delete (cascade unreliable without PRAGMA foreign_keys=ON) ([b2a031e](b2a031e))
* filter server_variables_configured by api_id in capability inspect ([c28944c](c28944c))
* handle compound {secret,identity} scheme format in broker credential injection ([20adc4a](20adc4a))
* include api_id in route-resolved credentials for overlay confirmation ([f4e8330](f4e8330))
* internal credential route uses JENTIC_PUBLIC_HOSTNAME instead of .local subdomain ([49576f7](49576f7)), closes [#229](#229)
* log warning for unsupported apiKey-in-query injection (see [#224](#224)) ([3db29cd](3db29cd))
* parse route host/path_prefix in Pipedream credential sync ([c269d30](c269d30))
* pipedream sync \u2014 peek pending api_id before computing hosts; upsert credential_routes on sync ([cba61b3](cba61b3))
* preserve resolved scheme for .local routing instead of port heuristic ([46cafcf](46cafcf))
* prettier formatting in CredentialsPage scheme badge ([7b0c492](7b0c492))
* remove unused json import from _backfill_credential_routes ([cd1889b](cd1889b))
* resolve CI test failures (backend + frontend) ([a514cd4](a514cd4))
* restore cryptography to 46.0.7 (reverts accidental downgrade) ([865f61e](865f61e))
* return 409 CREDENTIAL_AMBIGUOUS when multiple credentials match host and no disambiguator provided ([c1da3c2](c1da3c2))
* route defaults to server_variables host when spec URL has no template vars ([41cda53](41cda53))
* skip auto-overlay when spec already has template variables ([3a9deea](3a9deea))
* ssl=False not ssl=None for private hosts in aiohttp connector ([e1002b8](e1002b8))
* X-Jentic-Credential validates against route-matched credentials ([549b995](549b995))

### Features

* credential form UX improvements ([cf7fd4a](cf7fd4a))
* routes-based credential lookup with credential_routes table ([2848c81](2848c81))
* self-hosted API support (.local api_ids, instance subdomain routes) ([100095a](100095a))
* show advanced broker settings during credential creation + Pipedream setup guidance ([2723247](2723247))
* support auth_type=none for no-auth credentials (server_variables only) ([7828f71](7828f71))

v0.8.1

Toggle v0.8.1's commit message 
chore(release): cut the 0.8.1 release

## [0.8.1](v0.8.0...v0.8.1) (2026-04-15)

### Bug Fixes

* resolve `pathlib.Path` shadowing in workflows/capability routers ([ae27a42](ae27a42))
* simplify workflow E2E tests and correct import response field ([3e780dd](3e780dd))
* **test:** adjust E2E regression tests for workflow loading ([97bb403](97bb403))