Skip to content

release: 4.4.0#2669

Closed
stainless-app[bot] wants to merge 779 commits intomainfrom
release-please--branches--main--changes--next
Closed

release: 4.4.0#2669
stainless-app[bot] wants to merge 779 commits intomainfrom
release-please--branches--main--changes--next

Conversation

@stainless-app
Copy link
Copy Markdown
Contributor

@stainless-app stainless-app Bot commented Aug 22, 2025

Automated Release PR

4.4.0 (2025-08-22)

Full Changelog: v4.3.1...v4.4.0

Features

Bug Fixes

  • update singularization rules (f24bee7)

Chores

  • api: update composite API spec (9cce5ac)
  • api: upload OpenAPI schema from api-schemas (be94ae0)
  • api: upload stainless config from cloudflare-config (cb9ce20)
  • api: upload stainless config from cloudflare-config (04b69f3)
  • api: upload stainless config from cloudflare-config (0962510)
  • api: upload stainless config from cloudflare-config (91a8f60)
  • api: upload stainless config from cloudflare-config (7477489)
  • api: upload stainless config from cloudflare-config (cadee02)
  • api: upload stainless config from cloudflare-config (f6cb2e1)
  • api: upload stainless config from cloudflare-config (649bc99)
  • api: upload stainless config from cloudflare-config (6cbf008)
  • api: upload stainless config from cloudflare-config (fcff175)
  • api: upload stainless config from cloudflare-config (c019dae)
  • api: upload stainless config from cloudflare-config (1e499f3)
  • api: upload stainless config from cloudflare-config (6464b31)
  • api: upload stainless config from cloudflare-config (6a1b4d4)
  • api: upload stainless config from cloudflare-config (9f4226d)
  • api: upload stainless config from cloudflare-config (dc18093)
  • api: upload stainless config from cloudflare-config (a4b55b1)
  • api: upload stainless config from cloudflare-config (e122304)
  • api: upload stainless config from cloudflare-config (a59205e)
  • api: upload stainless config from cloudflare-config (a27e50c)
  • api: upload stainless config from cloudflare-config (23052e9)
  • api: upload stainless config from cloudflare-config (e929abc)
  • api: upload stainless config from cloudflare-config (da40430)
  • api: upload stainless config from cloudflare-config (cde1ea6)
  • api: upload stainless config from cloudflare-config (daa7fe0)
  • api: upload stainless config from cloudflare-config (5d2c28c)
  • api: upload stainless config from cloudflare-config (8b866ab)
  • api: upload stainless config from cloudflare-config (4456fdb)
  • api: upload stainless config from cloudflare-config (d903656)
  • api: upload stainless config from cloudflare-config (f548ad4)
  • api: upload stainless config from cloudflare-config (0d5adaa)
  • api: upload stainless config from cloudflare-config (f47f76b)
  • api: upload stainless config from cloudflare-config (b0defd7)
  • internal: detect breaking changes when removing endpoints (cf3a21e)
  • internal: fix ruff target version (88f5280)
  • internal: improve breaking change detection (4bdc67a)
  • internal: update comment in script (8f64f5f)
  • update @stainless-api/prism-cli to v5.15.0 (a1e726e)
  • update github action (3a35ffd)

This pull request is managed by Stainless's GitHub App.

The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.

For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.

🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions

stainless-app Bot added 30 commits July 31, 2025 22:42
@stainless-app
codegen metadata
82af7fa
@stainless-app
codegen metadata
7d95ee9
@stainless-app
feat(api): api update
1a01a4c
@stainless-app
codegen metadata
54f39a7
@stainless-app
feat(api): api update
4f45fd3
@stainless-app
chore(api): upload stainless config from cloudflare-config
cde1ea6
@stainless-app
chore(api): upload stainless config from cloudflare-config
da40430
@stainless-app
codegen metadata
c5b4600
@stainless-app
feat(api): api update
33b5aba
@stainless-app
codegen metadata
1509d02
@stainless-app
codegen metadata
716164d
@stainless-app
codegen metadata
3ec16bb
@stainless-app
codegen metadata
58a55d5
@stainless-app
feat(api): api update
6409e1c
@stainless-app
codegen metadata
01861c1
@stainless-app
codegen metadata
1fe51da
@stainless-app
feat(api): api update
1e44790
@stainless-app
codegen metadata
58569a8
@stainless-app
codegen metadata
bfdc49d
@stainless-app
codegen metadata
45cbd69
@stainless-app
codegen metadata
776e3fe
@stainless-app
codegen metadata
d8f12f4
@stainless-app
codegen metadata
2eacfc3
@stainless-app
codegen metadata
12b632c
@stainless-app
chore(internal): fix ruff target version
88f5280
@stainless-app
codegen metadata
432cee1
@stainless-app
codegen metadata
01e8b8f
@stainless-app
codegen metadata
c4397a3
@stainless-app
codegen metadata
2b3bf9a
@stainless-app
codegen metadata
9e346be
stainless-app Bot added 26 commits August 19, 2025 15:06
@stainless-app
chore(internal): improve breaking change detection
4bdc67a
@stainless-app
codegen metadata
d7de81f
@stainless-app
feat(api): api update
e3e1940
@stainless-app
codegen metadata
b9a374a
@stainless-app
codegen metadata
ee6eb4d
@stainless-app
codegen metadata
a507923
@stainless-app
feat(api): api update
ecddba4
@stainless-app
chore(api): upload stainless config from cloudflare-config
04b69f3
@stainless-app
feat(api): api update
f59cd16
@stainless-app
codegen metadata
efe9f5a
@stainless-app
codegen metadata
1a7cf3e
@stainless-app
codegen metadata
14432fe
@stainless-app
codegen metadata
1936438
@stainless-app
feat(api): api update
9505003
@stainless-app
codegen metadata
54ac6cc
@stainless-app
codegen metadata
22575cb
@stainless-app
codegen metadata
ece4adb
@stainless-app
codegen metadata
0ad0926
@stainless-app
codegen metadata
30d2217
@stainless-app
codegen metadata
bfab4a3
@stainless-app
codegen metadata
8d77d6b
@stainless-app
chore: update github action
3a35ffd
@stainless-app
chore(api): upload stainless config from cloudflare-config
cb9ce20
@stainless-app
feat(api): api update
2b3a510
@stainless-app
fix: update singularization rules
f24bee7
@stainless-app
release: 4.4.0
2f1077d
@stainless-app stainless-app Bot closed this Aug 22, 2025
@stainless-app stainless-app Bot deleted the release-please--branches--main--changes--next branch August 22, 2025 21:12
github-advanced-security[bot]
github-advanced-security AI found potential problems Aug 22, 2025
View reviewed changes
Comment thread .github/workflows/detect-breaking-changes.yml
Comment on lines +10 to +42
runs-on: 'ubuntu-latest'
name: detect-breaking-changes
if: github.repository == 'cloudflare/cloudflare-python'
steps:
- name: Calculate fetch-depth
run: |
echo "FETCH_DEPTH=$(expr ${{ github.event.pull_request.commits }} + 1)" >> $GITHUB_ENV

- uses: actions/checkout@v4
with:
# Ensure we can check out the pull request base in the script below.
fetch-depth: ${{ env.FETCH_DEPTH }}

- name: Install Rye
run: |
curl -sSf https://rye.astral.sh/get | bash
echo "$HOME/.rye/shims" >> $GITHUB_PATH
env:
RYE_VERSION: '0.44.0'
RYE_INSTALL_OPTION: '--yes'
- name: Install dependencies
run: |
rye sync --all-features
- name: Detect removed symbols
run: |
rye run python scripts/detect-breaking-changes.py "${{ github.event.pull_request.base.sha }}"

- name: Detect breaking changes
run: |
# Try to check out previous versions of the breaking change detection script. This ensures that
# we still detect breaking changes when entire files and their tests are removed.
git checkout "${{ github.event.pull_request.base.sha }}" -- ./scripts/detect-breaking-changes 2>/dev/null || true
./scripts/detect-breaking-changes ${{ github.event.pull_request.base.sha }} No newline at end of file

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

The problem can be fixed by explicitly restricting the GITHUB_TOKEN permissions in the workflow to the minimal necessary for the job. Since the shown steps only check out code, run scripts, and do not push changes or interact with issues/PRs, the least-privilege setting is contents: read. This can be set at the workflow root level (above the jobs: block) so it applies to all jobs within the workflow.

Edit the workflow file .github/workflows/detect-breaking-changes.yml by adding:

permissions:
  contents: read

directly after the name: (and before on:), or after on: (before jobs:), to ensure minimal permissions.

Suggested changeset 1
.github/workflows/detect-breaking-changes.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/detect-breaking-changes.yml b/.github/workflows/detect-breaking-changes.yml
--- a/.github/workflows/detect-breaking-changes.yml
+++ b/.github/workflows/detect-breaking-changes.yml
@@ -5,6 +5,9 @@
       - main
       - next
 
+permissions:
+  contents: read
+
 jobs:
   detect_breaking_changes:
     runs-on: 'ubuntu-latest'
EOF
@@ -5,6 +5,9 @@
- main
- next

permissions:
contents: read

jobs:
detect_breaking_changes:
runs-on: 'ubuntu-latest'
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@github-advanced-security