JP updates to the OpenTDF docs by jp-ayyappan · Pull Request #153 · opentdf/docs

jp-ayyappan · 2025-10-10T14:54:29Z

No description provided.

Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 3.0.9 to 3.1.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/tar-fs/commit/0aa57de79eb58a5206992c979a7fd5c4df85e07c"><code>0aa57de</code></a> 3.1.1</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09"><code>0bd54cd</code></a> expand check</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/cb1c571fba8ec6dd56340f55dcd5d284372a8249"><code>cb1c571</code></a> 3.1.0</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/374460e9973a5ac5655b7f21a84dfa9b64da5d78"><code>374460e</code></a> add optional disablement of symlink validation (<a href="https://redirect.github.com/mafintosh/tar-fs/issues/119">#119</a>)</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/5bfe6dfb9d26436829ec6a6400eca3a030d4757a"><code>5bfe6df</code></a> 3.0.10</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/63e12f94740afa9ba87f91c1a530ad91548ba3a9"><code>63e12f9</code></a> bare support</li> <li>See full diff in <a href="https://github.com/mafintosh/tar-fs/compare/v3.0.9...v3.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tar-fs&package-manager=npm_and_yarn&previous-version=3.0.9&new-version=3.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Jp Ayyappan <108297634+jp-ayyappan@users.noreply.github.com> Co-authored-by: Jake Van Vorhis <83739412+jakedoublev@users.noreply.github.com>

gemini-code-assist · 2025-10-10T14:54:41Z

Summary of Changes

Hello @jp-ayyappan, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily adjusts the build configuration for OpenAPI documentation. The change ensures that the generated documentation is placed within a more structured "reference" directory, improving the organization of the overall documentation site by providing a clearer hierarchy for API-related content.

Highlights

OpenAPI Documentation Output Path: The output path for generated OpenAPI documentation has been updated to include a new "reference" subdirectory, changing from "docs/OpenAPI-clients" to "docs/reference/OpenAPI-clients".

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

gemini-code-assist

Code Review

This pull request updates the output directory for the OpenAPI documentation, moving it into a reference subdirectory. The change in src/openapi/preprocessing.ts correctly updates the path. However, this change appears to break a link in docs/reference/index.mdx. I have left a comment detailing the issue and suggesting a fix. Once this is addressed, the change will be a good improvement for the documentation's structure.

1.) Update kas-registry docs to fit the new `key_management` way of importing/creating key and connecting an attribute to a specific key. --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

1.) Add an important note, describing that the `name` field for key managers is no longer used. Users should instead use the `manager` field. 2.) Pin links directly to a sha to avoid shift

Key changes include: - **Remote Content Integration:** The `docusaurus-plugin-remote-content` is now used to fetch Java SDK examples directly from the `opentdf/java-sdk` repository. This ensures that the documentation always reflects the latest version of the SDK. - **Dynamic Versioning:** The Java SDK version is now managed as a custom field (`javaSdkVersion`) in `docusaurus.config.ts` and dynamically inserted into the documentation. This simplifies future version updates. - **Code Sample Refactoring:** Existing Java code samples have been refactored to use the new remote content, improving maintainability and reducing code duplication. --------- Signed-off-by: Scott Hamrick <2623452+cshamrick@users.noreply.github.com>

Bumps [node-forge](https://github.com/digitalbazaar/forge) from 1.3.1 to 1.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md">node-forge's changelog</a>.</em></p> <blockquote> <h2>1.3.2 - 2025-11-25</h2> <h3>Security</h3> <ul> <li><strong>HIGH</strong>: ASN.1 Validator Desynchronization <ul> <li>An Interpretation Conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.</li> <li>Reported by Hunter Wodzenski.</li> <li>CVE ID: <a href="https://www.cve.org/CVERecord?id=CVE-2025-12816">CVE-2025-12816</a></li> <li>GHSA ID: <a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq">GHSA-5gfm-wpxj-wjgq</a></li> </ul> </li> <li><strong>HIGH</strong>: ASN.1 Unbounded Recursion <ul> <li>An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs.</li> <li>Reported by Hunter Wodzenski.</li> <li>CVE ID: <a href="https://www.cve.org/CVERecord?id=CVE-2025-66031">CVE-2025-66031</a></li> <li>GHSA ID: <a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27">GHSA-554w-wpv2-vw27</a></li> </ul> </li> <li><strong>MODERATE</strong>: ASN.1 OID Integer Truncation <ul> <li>An Integer Overflow (CWE-190) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions.</li> <li>Reported by Hunter Wodzenski.</li> <li>CVE ID: <a href="https://www.cve.org/CVERecord?id=CVE-2025-66030">CVE-2025-66030</a></li> <li>GHSA ID: <a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-65ch-62r8-g69g">GHSA-65ch-62r8-g69g</a></li> </ul> </li> </ul> <h3>Fixed</h3> <ul> <li>[asn1] Fix for vulnerability identified by CVE-2025-12816 PKCS#12 MAC verification bypass due to missing macData enforcement and improper asn1.validate routine.</li> <li>[asn1] Add <code>fromDer()</code> max recursion depth check. <ul> <li>Add a <code>asn1.maxDepth</code> global configurable maximum depth of 256.</li> <li>Add a <code>asn1.fromDer()</code> per-call <code>maxDepth</code> option.</li> <li><strong>NOTE</strong>: The default maximum is assumed to be higher than needed for valid data. If this assumption is false then this could be a breaking change. Please file an issue if there are use cases that need a higher maximum.</li> <li><strong>NOTE</strong>: The per-call <code>maxDepth</code> parameter has not been exposed up through all of the API stack due to the complexities involved. Please file an issue if there are use cases that require this instead of changing the default maximum.</li> </ul> </li> <li>[asn1] Improve OID handling. <ul> <li>Error on parsed OID values larger than <code>2**32 - 1</code>.</li> <li>Error on DER OID values larger than <code>2**53 - 1 </code>.</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/digitalbazaar/forge/commit/235ad3e70e4fdfdca4fdeb662dfba6588e2c38bd"><code>235ad3e</code></a> Release 1.3.2.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/25982441171dc9815c87d3d886c5c8a1d092b334"><code>2598244</code></a> Update changelog.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/0032dd0be8b6fb1b1092ef754d1dde91c10a95ad"><code>0032dd0</code></a> Fix typos.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/d75e08d255559ae401d9368346cacefde306e6df"><code>d75e08d</code></a> Run new security test.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/a5ce91d03df4dcfc025b74a5b7f50389942d49c9"><code>a5ce91d</code></a> Update changelog formatting.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/4652de6ddd833392e52d99b37abbbda76817c0b7"><code>4652de6</code></a> Cleanups.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/eb932d94fbd88655f46ac7a94a8e13e7ed8597f7"><code>eb932d9</code></a> Fix typo.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/db6954ba4b4440831a5112dea5d37ef68a28b878"><code>db6954b</code></a> Fix style.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/afbf7d8e0812014da134caa5a064cf55d1f61847"><code>afbf7d8</code></a> Align error message style.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/6607445859637442cf586eaa7fa06e99a2a8ae0b"><code>6607445</code></a> Revert minor changes.</li> <li>Additional commits viewable in <a href="https://github.com/digitalbazaar/forge/compare/v1.3.1...v1.3.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=node-forge&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) from 13.1.0 to 13.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/syntax-tree/mdast-util-to-hast/releases">mdast-util-to-hast's releases</a>.</em></p> <blockquote> <h2>13.2.1</h2> <h4>Fix</h4> <ul> <li>ab3a795 Fix support for spaces in class names</li> </ul> <h4>Types</h4> <ul> <li>efb5312 Refactor to use <code>@import</code>s</li> <li>a5bc210 Add declaration maps</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1">https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1</a></p> <h2>13.2.0</h2> <h4>Types</h4> <ul> <li>24f4576 Add type for <code>data.meta</code> on elements to hast</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/syntax-tree/mdast-util-to-hast/compare/13.1.0...13.2.0">https://github.com/syntax-tree/mdast-util-to-hast/compare/13.1.0...13.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/174795b21f7757fffb54dd8d5fb4012f4751f791"><code>174795b</code></a> 13.2.1</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/3d05b3a715133df55689fe3753c2e47101315b4e"><code>3d05b3a</code></a> Update Node in Actions</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/ab3a79570a1afbfa7efef5d4a0cd9b5caafbc5d7"><code>ab3a795</code></a> Fix support for spaces in class names</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/efb531231020055e0dab7b39a18d80b569d5b566"><code>efb5312</code></a> Refactor to use <code>@import</code>s</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/a5bc210f1aa308e4c6141ac374893c9237fcd746"><code>a5bc210</code></a> Add declaration maps</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/b54955d4e123b0167eac13646333c809bb8f301c"><code>b54955d</code></a> Add <code>.tsbuildinfo</code> to <code>.gitignore</code></li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/f511a93817b131fb73419bf7d24d73a5b8b0f0c2"><code>f511a93</code></a> 13.2.0</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/24f4576508d96b0239c93034a54ac3913e3fc64e"><code>24f4576</code></a> Add type for <code>data.meta</code> on elements to hast</li> <li><a href="https://github.com/syntax-tree/mdast-util-to-hast/commit/feeec02562a69e95cd6ea55bcd7df648afd376ff"><code>feeec02</code></a> Update dev-dependencies</li> <li>See full diff in <a href="https://github.com/syntax-tree/mdast-util-to-hast/compare/13.1.0...13.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mdast-util-to-hast&package-manager=npm_and_yarn&previous-version=13.1.0&new-version=13.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Scott Hamrick <2623452+cshamrick@users.noreply.github.com>

### Fix Set hostname used for OpenTDF consistent with other uses on this page. ### Issue Under the heading Create a Profile ( https://opentdf.io/getting-started#create-a-profile ), we reference **`platform.otdf.local`**. I expected it to be **`platform.opentdf.local`** (the same name we talk about for **`openssl`** and **`/etc/hosts`** ).

### Current state * Use the `raw-loader` to pull in the docker-compose content from a fixed file * https://docusaurus.io/docs/markdown-features/react#importing-code-snippets * Create a Github Action to deploy the compose stack * Intentionally fail the build (proving that the current compose stack in documentation is not working) * Update the `docker-compose.yaml` * Validate that the updated docker compose stack is working in CI * By validating that it is working in CI, we can have confidence to put it in front of end-users on the [Getting Started](https://opentdf.io/getting-started) page. ### Future state * Maintain and test the docker compose stack as a part of the `opentdf/platform` repository * Source the file dynamically, retrieving the compose file from the platform to use within the `opentdf/docs` getting started page

This PR fixes a few typos in the documentation and code blocks. Signed-off-by: Mary Dickson <mdickson@gmail.com>

Cleans up the "Getting Started" page a bit, so that it's more approachable for end-users. ## Changes Made 1. Reordered sections for logical flow: - Update /etc/hosts → Get docker-compose.yaml → Start platform → Trust certificates 2. Added download button for docker-compose.yaml with save instructions 3. Added startup commands 4. Moved certificate trust section after startup #### Before <img width="1072" height="1162" alt="image" src="https://github.com/user-attachments/assets/2a6886fc-c0cc-48df-aa4c-d9af77a42925" /> #### After <img width="1072" height="1162" alt="image" src="https://github.com/user-attachments/assets/c47910b4-2881-40bb-9b5a-e82ffaf3c9dd" />

Replace this outdated content with a (git) symlink to `../../docs/getting-started/docker-compose.yaml` . This way, there's one-and-only-one **docker-compose.yaml** file for end-users. In other words: * `static/quickstart/docker-compose.yaml` is removed * [docs/getting-started/docker-compose.yaml](https://github.com/opentdf/docs/blob/main/docs/getting-started/docker-compose.yaml) is still in-place

* Extract CSS to a file-level `<style>` block * Correct the `docker ...` copy commands, which have been broken for several days (before my recent improvements)

Bumps [qs](https://github.com/ljharb/qs) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `qs` from 6.13.0 to 6.14.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> <h2><strong>6.14.0</strong></h2> <ul> <li>[New] <code>parse</code>: add <code>throwOnParameterLimitExceeded</code> option (<a href="https://redirect.github.com/ljharb/qs/issues/517">#517</a>)</li> <li>[Refactor] <code>parse</code>: use <code>utils.combine</code> more</li> <li>[patch] <code>parse</code>: add explicit <code>throwOnLimitExceeded</code> default</li> <li>[actions] use shared action; re-add finishers</li> <li>[meta] Fix changelog formatting bug</li> <li>[Deps] update <code>side-channel</code></li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>has-bigints</code>, <code>has-proto</code>, <code>has-symbols</code></li> <li>[Tests] increase coverage</li> </ul> <h2><strong>6.13.1</strong></h2> <ul> <li>[Fix] <code>stringify</code>: avoid a crash when a <code>filter</code> key is <code>null</code></li> <li>[Fix] <code>utils.merge</code>: functions should not be stringified into keys</li> <li>[Fix] <code>parse</code>: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset</li> <li>[Fix] <code>stringify</code>: ensure a non-string <code>filter</code> does not crash</li> <li>[Refactor] use <code>__proto__</code> syntax instead of <code>Object.create</code> for null objects</li> <li>[Refactor] misc cleanup</li> <li>[Tests] <code>utils.merge</code>: add some coverage</li> <li>[Tests] fix a test case</li> <li>[actions] split out node 10-20, and 20+</li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>mock-property</code>, <code>object-inspect</code>, <code>tape</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/3fa11a5f643c76896387bd2d86904a2d0141fdf7"><code>3fa11a5</code></a> v6.14.1</li> <li><a href="https://github.com/ljharb/qs/commit/a62670423c1ccab0dd83c621bfb98c7c024e314d"><code>a626704</code></a> [Dev Deps] update <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"><code>3086902</code></a> [Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li><a href="https://github.com/ljharb/qs/commit/fc7930e86c2264c1568c9f5606830e19b0bc2af2"><code>fc7930e</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/0b06aac566abee45ef0327667a7cc89e7aed8b58"><code>0b06aac</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/64951f6200a1fb72cc003c6e8226dde3d2ef591f"><code>64951f6</code></a> [Refactor] <code>parse</code>: extract key segment splitting helper</li> <li><a href="https://github.com/ljharb/qs/commit/e1bd2599cdff4c936ea52fb1f16f921cbe7aa88c"><code>e1bd259</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/f4b3d39709fef6ddbd85128d1ba4c6b566c4902e"><code>f4b3d39</code></a> [eslint] add eslint 9 optional peer dep</li> <li><a href="https://github.com/ljharb/qs/commit/6e94d9596ca50dffafcef40a5f64eca89962cf34"><code>6e94d95</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/973dc3c51c86da9f4e30edeb4b1725158d439102"><code>973dc3c</code></a> [actions] add workflow permissions</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1">compare view</a></li> </ul> </details> <br /> Updates `express` from 4.21.2 to 4.22.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/express/releases">express's releases</a>.</em></p> <blockquote> <h2>v4.22.1</h2> <h2>What's Changed</h2> <blockquote> <p>[!IMPORTANT]<br /> The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.</p> </blockquote> <ul> <li>Release: 4.22.1 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6934">expressjs/express#6934</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/express/compare/4.22.0...v4.22.1">https://github.com/expressjs/express/compare/4.22.0...v4.22.1</a></p> <h2>4.22.0</h2> <h2>Important: Security</h2> <ul> <li>Security fix for <a href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a> (<a href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>Refactor: improve readability by <a href="https://github.com/sazk07"><code>@sazk07</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6190">expressjs/express#6190</a></li> <li>ci: add support for Node.js@23.0 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6080">expressjs/express#6080</a></li> <li>Method functions with no path should error by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5957">expressjs/express#5957</a></li> <li>ci: updated github actions ci workflow by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6323">expressjs/express#6323</a></li> <li>ci: reorder <code>npm i</code> steps to fix ci for older node versions by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6336">expressjs/express#6336</a></li> <li>Backport: ci: add node.js 24 to test matrix by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6506">expressjs/express#6506</a></li> <li>chore(4.x): wider range for query test skip by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6513">expressjs/express#6513</a></li> <li>use tilde notation for certain dependencies by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6905">expressjs/express#6905</a></li> <li>deps: qs@6.14.0 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6909">expressjs/express#6909</a></li> <li>deps: use tilde notation for <code>qs</code> by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6919">expressjs/express#6919</a></li> <li>Release: 4.22.0 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/6921">expressjs/express#6921</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/express/compare/4.21.2...4.22.0">https://github.com/expressjs/express/compare/4.21.2...4.22.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/express/blob/v4.22.1/History.md">express's changelog</a>.</em></p> <blockquote> <h1>4.22.1 / 2025-12-01</h1> <ul> <li>Revert security fix for <a href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a> (<a href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li> </ul> <h1>4.22.0 / 2025-12-01</h1> <ul> <li>Security fix for <a href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a> (<a href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li> <li>deps: use tilde notation for dependencies</li> <li>deps: qs@6.14.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194"><code>12fae14</code></a> 4.22.1</li> <li><a href="https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a"><code>5ddf311</code></a> Revert "sec: security patch for CVE-2024-51999"</li> <li><a href="https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e"><code>49744ab</code></a> 4.22.0 (<a href="https://redirect.github.com/expressjs/express/issues/6921">#6921</a>)</li> <li><a href="https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7"><code>6e97452</code></a> sec: security patch for CVE-2024-51999</li> <li><a href="https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5"><code>6a23d34</code></a> deps: use tilde notation for <code>qs</code> (<a href="https://redirect.github.com/expressjs/express/issues/6919">#6919</a>)</li> <li><a href="https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3"><code>8c12cdf</code></a> deps: qs@6.14.0 (<a href="https://redirect.github.com/expressjs/express/issues/6909">#6909</a>)</li> <li><a href="https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90"><code>7fea74f</code></a> deps: use tilde notation for certain dependencies (<a href="https://redirect.github.com/expressjs/express/issues/6905">#6905</a>)</li> <li><a href="https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944"><code>dac7a04</code></a> chore: wider range for query test skip (<a href="https://redirect.github.com/expressjs/express/issues/6513">#6513</a>)</li> <li><a href="https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241"><code>997919b</code></a> ci: add node.js 24 to test matrix (<a href="https://redirect.github.com/expressjs/express/issues/6506">#6506</a>)</li> <li><a href="https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1"><code>36fb59c</code></a> fix(ci): reorder <code>npm i</code> steps to fix ci for older node versions (<a href="https://redirect.github.com/expressjs/express/issues/6336">#6336</a>)</li> <li>Additional commits viewable in <a href="https://github.com/expressjs/express/compare/4.21.2...v4.22.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [qs](https://github.com/ljharb/qs) and [body-parser](https://github.com/expressjs/body-parser). These dependencies needed to be updated together. Updates `qs` from 6.13.0 to 6.14.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> <h2><strong>6.14.0</strong></h2> <ul> <li>[New] <code>parse</code>: add <code>throwOnParameterLimitExceeded</code> option (<a href="https://redirect.github.com/ljharb/qs/issues/517">#517</a>)</li> <li>[Refactor] <code>parse</code>: use <code>utils.combine</code> more</li> <li>[patch] <code>parse</code>: add explicit <code>throwOnLimitExceeded</code> default</li> <li>[actions] use shared action; re-add finishers</li> <li>[meta] Fix changelog formatting bug</li> <li>[Deps] update <code>side-channel</code></li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>has-bigints</code>, <code>has-proto</code>, <code>has-symbols</code></li> <li>[Tests] increase coverage</li> </ul> <h2><strong>6.13.1</strong></h2> <ul> <li>[Fix] <code>stringify</code>: avoid a crash when a <code>filter</code> key is <code>null</code></li> <li>[Fix] <code>utils.merge</code>: functions should not be stringified into keys</li> <li>[Fix] <code>parse</code>: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset</li> <li>[Fix] <code>stringify</code>: ensure a non-string <code>filter</code> does not crash</li> <li>[Refactor] use <code>__proto__</code> syntax instead of <code>Object.create</code> for null objects</li> <li>[Refactor] misc cleanup</li> <li>[Tests] <code>utils.merge</code>: add some coverage</li> <li>[Tests] fix a test case</li> <li>[actions] split out node 10-20, and 20+</li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>mock-property</code>, <code>object-inspect</code>, <code>tape</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/3fa11a5f643c76896387bd2d86904a2d0141fdf7"><code>3fa11a5</code></a> v6.14.1</li> <li><a href="https://github.com/ljharb/qs/commit/a62670423c1ccab0dd83c621bfb98c7c024e314d"><code>a626704</code></a> [Dev Deps] update <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"><code>3086902</code></a> [Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li><a href="https://github.com/ljharb/qs/commit/fc7930e86c2264c1568c9f5606830e19b0bc2af2"><code>fc7930e</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/0b06aac566abee45ef0327667a7cc89e7aed8b58"><code>0b06aac</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/64951f6200a1fb72cc003c6e8226dde3d2ef591f"><code>64951f6</code></a> [Refactor] <code>parse</code>: extract key segment splitting helper</li> <li><a href="https://github.com/ljharb/qs/commit/e1bd2599cdff4c936ea52fb1f16f921cbe7aa88c"><code>e1bd259</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/f4b3d39709fef6ddbd85128d1ba4c6b566c4902e"><code>f4b3d39</code></a> [eslint] add eslint 9 optional peer dep</li> <li><a href="https://github.com/ljharb/qs/commit/6e94d9596ca50dffafcef40a5f64eca89962cf34"><code>6e94d95</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/973dc3c51c86da9f4e30edeb4b1725158d439102"><code>973dc3c</code></a> [actions] add workflow permissions</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1">compare view</a></li> </ul> </details> <br /> Updates `body-parser` from 1.20.3 to 1.20.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/releases">body-parser's releases</a>.</em></p> <blockquote> <h2>1.20.4</h2> <h2>What's Changed</h2> <ul> <li>Remove redundant depth check by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/538">expressjs/body-parser#538</a></li> <li>ci: add support for Node.js v23 by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/553">expressjs/body-parser#553</a></li> <li>ci: restore CI for 1.x branch by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/665">expressjs/body-parser#665</a></li> <li>deps: qs@^6.14.0 by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/664">expressjs/body-parser#664</a></li> <li>deps: use tilde notation and update certain dependencies by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/668">expressjs/body-parser#668</a></li> <li>chore: remove SECURITY.md by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/669">expressjs/body-parser#669</a></li> <li>ci: add CodeQL (SAST) by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/670">expressjs/body-parser#670</a></li> <li>Release: 1.20.4 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/672">expressjs/body-parser#672</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4">https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/blob/master/HISTORY.md">body-parser's changelog</a>.</em></p> <blockquote> <h1>1.20.4 / 2025-12-01</h1> <ul> <li>deps: qs@~6.14.0</li> <li>deps: use tilde notation for dependencies</li> <li>deps: http-errors@~2.0.1</li> <li>deps: raw-body@~2.5.3</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3"><code>7db202c</code></a> 1.20.4 (<a href="https://redirect.github.com/expressjs/body-parser/issues/672">#672</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989"><code>d8f8adb</code></a> ci: add CodeQL (SAST) (<a href="https://redirect.github.com/expressjs/body-parser/issues/670">#670</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3"><code>6d133c1</code></a> chore: remove SECURITY.md (<a href="https://redirect.github.com/expressjs/body-parser/issues/669">#669</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66"><code>fcd1535</code></a> deps: use tilde notation and update certain dependencies (<a href="https://redirect.github.com/expressjs/body-parser/issues/668">#668</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6"><code>ec5fa29</code></a> deps: qs@~6.14.0 (<a href="https://redirect.github.com/expressjs/body-parser/issues/664">#664</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/ffb95c12c7785ec6d3852ce46b8711ac74009252"><code>ffb95c1</code></a> ci: restore CI for 1.x branch (<a href="https://redirect.github.com/expressjs/body-parser/issues/665">#665</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/48a5f074a4db07066087ed8b6ff641825c9c03cf"><code>48a5f07</code></a> ci: add support for Node.js v23 (<a href="https://redirect.github.com/expressjs/body-parser/issues/553">#553</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/f20f6adc7118cbf973e927d34bc0bbf2ff177459"><code>f20f6ad</code></a> Remove redundant depth check (<a href="https://redirect.github.com/expressjs/body-parser/issues/538">#538</a>)</li> <li>See full diff in <a href="https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[3.14.2] - 2025-11-15</h2> <h3>Security</h3> <ul> <li>Backported v4.1.1 fix to v3</li> </ul> <h2>[4.1.1] - 2025-11-12</h2> <h3>Security</h3> <ul> <li>Fix prototype pollution issue in yaml merge (<<) operator.</li> </ul> <h2>[4.1.0] - 2021-04-15</h2> <h3>Added</h3> <ul> <li>Types are now exported as <code>yaml.types.XXX</code>.</li> <li>Every type now has <code>options</code> property with original arguments kept as they were (see <code>yaml.types.int.options</code> as an example).</li> </ul> <h3>Changed</h3> <ul> <li><code>Schema.extend()</code> now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as <code>abcd</code> instead of <code>cbad</code>).</li> </ul> <h2>[4.0.0] - 2021-01-03</h2> <h3>Changed</h3> <ul> <li>Check <a href="https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md">migration guide</a> to see details for all breaking changes.</li> <li>Breaking: "unsafe" tags <code>!!js/function</code>, <code>!!js/regexp</code>, <code>!!js/undefined</code> are moved to <a href="https://github.com/nodeca/js-yaml-js-types">js-yaml-js-types</a> package.</li> <li>Breaking: removed <code>safe*</code> functions. Use <code>load</code>, <code>loadAll</code>, <code>dump</code> instead which are all now safe by default.</li> <li><code>yaml.DEFAULT_SAFE_SCHEMA</code> and <code>yaml.DEFAULT_FULL_SCHEMA</code> are removed, use <code>yaml.DEFAULT_SCHEMA</code> instead.</li> <li><code>yaml.Schema.create(schema, tags)</code> is removed, use <code>schema.extend(tags)</code> instead.</li> <li><code>!!binary</code> now always mapped to <code>Uint8Array</code> on load.</li> <li>Reduced nesting of <code>/lib</code> folder.</li> <li>Parse numbers according to YAML 1.2 instead of YAML 1.1 (<code>01234</code> is now decimal, <code>0o1234</code> is octal, <code>1:23</code> is parsed as string instead of base60).</li> <li><code>dump()</code> no longer quotes <code>:</code>, <code>[</code>, <code>]</code>, <code>(</code>, <code>)</code> except when necessary, <a href="https://redirect.github.com/nodeca/js-yaml/issues/470">#470</a>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/557">#557</a>.</li> <li>Line and column in exceptions are now formatted as <code>(X:Y)</code> instead of <code>at line X, column Y</code> (also present in compact format), <a href="https://redirect.github.com/nodeca/js-yaml/issues/332">#332</a>.</li> <li>Code snippet created in exceptions now contains multiple lines with line numbers.</li> <li><code>dump()</code> now serializes <code>undefined</code> as <code>null</code> in collections and removes keys with <code>undefined</code> in mappings, <a href="https://redirect.github.com/nodeca/js-yaml/issues/571">#571</a>.</li> <li><code>dump()</code> with <code>skipInvalid=true</code> now serializes invalid items in collections as null.</li> <li>Custom tags starting with <code>!</code> are now dumped as <code>!tag</code> instead of <code>!<!tag></code>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/576">#576</a>.</li> <li>Custom tags starting with <code>tag:yaml.org,2002:</code> are now shorthanded using <code>!!</code>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/258">#258</a>.</li> </ul> <h3>Added</h3> <ul> <li>Added <code>.mjs</code> (es modules) support.</li> <li>Added <code>quotingType</code> and <code>forceQuotes</code> options for dumper to configure string literal style, <a href="https://redirect.github.com/nodeca/js-yaml/issues/290">#290</a>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/529">#529</a>.</li> <li>Added <code>styles: { '!!null': 'empty' }</code> option for dumper (serializes <code>{ foo: null }</code> as "<code>foo: </code>"), <a href="https://redirect.github.com/nodeca/js-yaml/issues/570">#570</a>.</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0"><code>9963d36</code></a> 3.14.2 released</li> <li><a href="https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1"><code>10d3c8e</code></a> dist rebuild</li> <li><a href="https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266"><code>5278870</code></a> fix prototype pollution in merge (<<) (<a href="https://redirect.github.com/nodeca/js-yaml/issues/731">#731</a>)</li> <li>See full diff in <a href="https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=js-yaml&package-manager=npm_and_yarn&previous-version=3.14.1&new-version=3.14.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opentdf/docs/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Created comprehensive guide covering the relationship between OpenTDF and other TDF specifications including IC-TDF, BASE-TDF, and ZTDF (ACP-240). Includes format comparison tables, migration strategies, and guidance on format selection for different use cases. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

The nanotdf directory no longer exists in the opentdf/spec repository, causing a 404 error during startup. NanoTDF docs are maintained locally. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Remove all nanoTDF references from public documentation and code samples as the feature is being made proprietary. ## Changes - Removed KAS NanoTDF rewrap section and diagram from Key Access documentation - Deleted NanoTDF code samples (Java collection examples, TDF encryption example) - Removed NanoTDF feature matrix entries and constraints in base key documentation - Updated OpenAPI spec descriptions to remove nanoTDF-specific language - Updated build configuration to stop generating nanoTDF specification pages ## Note OpenAPI specs in `/specs` are vendored from upstream. Local modifications will be overwritten when running `npm run update-vendored-yaml`. The upstream opentdf/platform repository should be updated separately.

Add auto-generated and restructured documentation following DIATAXIS framework: API Documentation (162 files): - OpenAPI-based API reference for all platform services - Authorization (v1, v2), Entity Resolution (v1, v2), KAS - Policy services: attributes, namespaces, actions, obligations, resource/subject mapping - Key management and KAS registry endpoints - Unsafe operations and well-known configuration CLI Reference (146 files): - Complete otdfctl command documentation - Policy management commands (attributes, namespaces, KAS, mappings) - Encryption/decryption operations - Authentication and configuration Spec Documentation (9 files): - TDF format specifications - Protocol documentation - Schema definitions - Core concepts Additional Changes: - Add Java collection encrypt/decrypt examples - Add platform configuration guide - Update documentation page links to new structure - Add ABAC to Vale vocabulary - Format improvements to traditional vs data-centric security doc Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Brings in critical fixes including: - Remove nanoTDF documentation and references - Fix spec-documentation.ts to only download filecontents.svg - Update Java SDK examples - Add obligations documentation - Update keymanagement docs - Dependency updates Conflict resolution: - Kept jps-updates DIATAXIS restructure (docs/reference/trusted-data-format/specifications) - Kept jps-updates comprehensive CONTRIBUTING.md - Removed nanoTDF sections from key_access.md - Removed nanoTDF diagram downloads from spec-documentation.ts - Kept dynamic outDir configuration in spec-documentation.ts

- Add cookie consent banner (opt-in) using react-cookie-consent - Google Analytics only loads after user accepts cookies - Add Privacy Policy, Cookie Policy, and Terms of Service pages - Add Legal section to footer with policy links - Enable IP anonymization for GDPR compliance - Fix Getting Started page title in sidebar Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Address PR review feedback: - Move Google Analytics tracking ID to docusaurus.config.ts customFields - Use useDocusaurusContext hook to access config in Root.tsx - Move cookie consent inline styles to src/css/custom.css - Use CSS classes with Docusaurus theme variables for consistency - Add hover states for improved UX Addresses comments from PR #174 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Fix issue where Google Analytics only loaded on first cookie acceptance but not on subsequent page visits. Changes: - Extract GA initialization into separate function - Add useEffect to check for existing cookie consent on mount - Initialize GA automatically if user previously accepted cookies - Add guard to prevent duplicate GA script loading This ensures analytics tracking works consistently across all page visits after initial consent, not just the first acceptance. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Add route change tracking for Single Page Application navigation. Previously, only the initial page load was tracked, but subsequent client-side navigation within the docs was not captured. Changes: - Import useLocation from @docusaurus/router - Add useEffect that listens to location changes - Send page_path to GA on every route change - Include pathname, search params, and hash in tracking - Maintain IP anonymization on all page views This ensures comprehensive analytics tracking across all pages in the documentation site, not just the landing page. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

The tutorial imports docker-compose.yaml locally, so copy it from docs/getting-started/ to docs/tutorials/your-first-tdf/ to fix the build error.

…lection Add support for testing documentation with feature branches from upstream repositories before they're merged to main. This enables cross-repo documentation testing and validation. Environment variables: - PLATFORM_BRANCH: Control opentdf/platform branch (default: main) - SPEC_BRANCH: Control opentdf/spec branch (default: main) - OTDFCTL_BRANCH: Control opentdf/otdfctl branch (default: main) Usage: PLATFORM_BRANCH=jps-updates npm run build SPEC_BRANCH=feature-branch npm run start Updated: - docusaurus.config.ts: Read env vars and pass to remote content plugins - src/utils/spec-documentation.ts: Accept branch parameter for spec repo - README.md: Document new feature with examples and use cases

The CLI docs in docs/components/cli/ are duplicates of content now managed by the otdfctl remote content plugin, which outputs to docs/explanation/platform-architecture/components/cli/. Removing these old files to eliminate duplicate content and broken anchor warnings.

Updated link from ../components/cli/ to ./platform-architecture/components/cli/ after removing duplicate CLI docs directory.

The CommandLineDocs component was rendering children directly without processing Markdown, causing headings to not generate anchor IDs. This fixes broken #flattening-syntax anchor links in selector pages. Now uses ReactMarkdown (already imported) to process string children, while preserving JSX children as-is.

Modified CLI plugin to: - Replace #flattening-syntax references with ./#flattening-syntax - Remove duplicate Flattening Syntax h1 sections from generate/test pages - Link to selectors index page's Flattening Syntax section instead This fixes broken anchor issues where the h1 headings inside the CommandLineDocs component weren't generating proper anchor IDs.

Add extensive new documentation following DIATAXIS framework to address key user needs (project overview, ABAC concepts, integration patterns). New Explanation Content: - Add comprehensive ABAC and policy explanation with detailed attribute rules (ANY_OF, ALL_OF, HIERARCHY), subject mappings, and policy primitives interoperation - Add TDF history and standards disambiguation covering BASE-TDF, IC-TDF, ZTDF/ACP-240, and OpenTDF relationships New How-To Guides: - Add integration patterns hub page - Add PEP implementation guide - Add entity service integration guide - Add identity provider integration guide (OIDC, SAML, multiple IdPs) New Reference Content: - Add code samples reference page organizing existing samples New Navigation: - Add learning paths page with curated sequences for different personas (beginner, developer, architect, operator) Enhanced Existing Content: - Enhance documentation hub with better onboarding flow - Enhance how-to hub to feature new integration patterns - Update subject mappings documentation - Update configuration guide - Update tutorial configuration Cleanup: - Remove old spec structure files (now fetched from upstream via remote content plugin) - Remove filecontents.svg (fetched remotely) This addresses the DIATAXIS restructuring plan priorities: 1. Better explanation of ABAC + policy structure 2. How-to guides for integrations (PEP, entity service, IdP) 3. Improved onboarding flow (project overview, TDF history) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

…anations Incorporate comprehensive attribute rules information from CLI docs into main explanation documentation to provide clearer guidance on ANY_OF, ALL_OF, and HIERARCHY rules. Changes: ABAC Explanation (Primary Enhancement): - Expand attribute rules section with detailed logic explanations - Add comprehensive examples using accessible concepts (teams, certifications, membership tiers) instead of security clearance terminology - Document key concepts: index ordering (index 0 = highest), action propagation in hierarchies - Add "When to Use" guidance for each rule type - Include decision table for choosing the right rule - Cross-link to CLI reference and tutorial Attributes Component Doc (Brief Overview): - Enhance brief overview with use cases and examples - Add clear cross-links to detailed ABAC explanation and CLI reference - Document security implications of rule changes - Link to unsafe actions section Tutorial (Just-in-Time Learning): - Add info callout explaining attribute rules when creating attributes - Link to comprehensive ABAC explanation for deeper understanding - Use accessible examples (certifications, membership tiers) All changes are in opentdf/docs repo; no upstream changes needed. CLI docs remain unchanged and serve as command reference. Addresses user feedback to improve attribute rules documentation clarity and accessibility. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

…ology Replace all security clearance and national security classification terminology throughout ABAC documentation with more accessible, generic business examples. Changes: Replaced security clearance terminology: - clearance=secret → access-level=private/restricted - top-secret/secret/confidential → executive/private/restricted - clearance_level, need_to_know, citizenship → tier, plan_type, feature_access - gov.mil/attr/clearance → company.org/attr/access-level - intelligence group, citizenship checks → executives group, employment status Updated classification schemes: - Security clearance hierarchy (public → top-secret) → Content access hierarchy (public → internal → restricted → private → executive) Revised examples: - "Government agency with classification levels" → "Multi-division company with content access levels" - Intelligence/military contexts → Business/organizational contexts - Background checks for clearances → Role assignments for access levels All examples now use everyday business scenarios (departments, projects, subscriptions, access tiers) instead of national security contexts, making the documentation more accessible and relatable to general audiences. Maintains technical accuracy while improving accessibility. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

… with diagrams Fix two major accuracy issues in ABAC documentation: 1. Namespace Hierarchies (CORRECTED): - OLD: "Namespaces support hierarchies, allowing sub-namespaces" - NEW: Clarified that namespaces use hierarchical naming conventions for organization, but each namespace is independent - Added explanation that path-like names help humans understand relationships, but there's no parent-child functionality Issue: The old statement implied functional hierarchies (parent-child relationships, cascading operations, inheritance) which don't exist. Namespaces are completely independent; they just follow URL-like naming patterns. 2. Attribute Structure Examples (REPLACED WITH DIAGRAMS): - Removed misleading JSON examples that looked like API structures but weren't actual API payloads - Old JSON example had incorrect structure: * Used namespace name instead of namespace ID * Used simplified enum values instead of actual API enums * Used object syntax for values instead of string arrays - Replaced with Mermaid diagrams showing conceptual structure - Added real CLI commands showing actual usage Issue: JSON examples implied they could be used directly with the API, but they were conceptual representations with incorrect structure. Users expecting to use them would fail. Diagrams Added: - Attribute structure diagram (namespace → attribute → values → metadata) - Hierarchy visualization (showing index-based privilege levels and access propagation) Real CLI Examples Added: - Creating attributes with rules - Adding values to attributes - Creating hierarchical attributes in correct order These changes improve accuracy and usability by showing actual tools users can run instead of pseudo-code that looks real but isn't. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Rewrote namespace section to explain the fundamental purpose of namespaces in multi-stakeholder data governance, which was missing from previous version. Key Concept Added: Namespaces prevent attribute naming conflicts when multiple divisions or organizations need to apply their own attribute schemes to the same data. Before: Documentation made namespaces sound like just an organizational nicety ("organize attributes by domain or authority") After: Explains that namespaces enable multiple stakeholders to independently track and govern the same data from their own perspectives Real-World Example Added: Product development proposal encrypted with multiple "status" attributes: - engineering.company.com/attr/status/value/in-development - legal.company.com/attr/status/value/under-review - finance.company.com/attr/status/value/budget-approved Without namespaces, you couldn't have three different "status" attributes. With namespaces, each division maintains its own independent tracking. Visual Improvements: - Added Mermaid diagram showing multi-division status tracking - Shows how each division's policy checks its own namespace - Illustrates parallel workflows and independent governance Consistency: - Uses "status" as the conflicting attribute (generic, relatable) - Stays consistent with existing business/company examples in the doc - Multi-division company scenario aligns with other examples This addresses user feedback that the critical multi-stakeholder governance concept was not clearly explained in the documentation. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Split the 1,020-line ABAC documentation into 5 focused pages following DIATAXIS principles: - index.md (10K): ABAC overview, core concepts, and OpenTDF architecture - attributes-and-namespaces.md (12K): Data classification with attribute rules and namespaces - subject-and-resource-mappings.md (7K): Identity-to-attribute mapping and condition sets - obligations.md (6K): Usage controls and enforcement directives (conceptual framework) - policy-workflows.md (11K): Complete workflows, best practices, and examples Benefits: - Improved reading experience with digestible page lengths (6-12K vs 37K) - Logical grouping by purpose (classification, mapping, controls, workflows) - Better navigation and discoverability via category structure - Natural progressive disclosure for Security Architect persona Added obligations conceptual documentation with clear implementation status (KAS does not currently use obligations; framework exists for future/custom PEPs). Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

dependabot Bot and others added 4 commits September 25, 2025 09:43

feat: add obligations (#150)

b39da16

Co-authored-by: Jp Ayyappan <108297634+jp-ayyappan@users.noreply.github.com> Co-authored-by: Jake Van Vorhis <83739412+jakedoublev@users.noreply.github.com>

change location of OpenAPI-clients

aa430b6

jp-ayyappan requested a review from a team as a code owner October 10, 2025 14:54

gemini-code-assist Bot reviewed Oct 10, 2025

View reviewed changes

Comment thread src/openapi/preprocessing.ts

jp-ayyappan and others added 18 commits October 10, 2025 12:31

Update openAPI docs link

40b2a91

Remove vendored yaml spec from git and add to CI

e5b5248

fix(policy): Mention manager field (#155)

45e9776

1.) Add an important note, describing that the `name` field for key managers is no longer used. Users should instead use the `manager` field. 2.) Pin links directly to a sha to avoid shift

chore(docs): bump java sdk examples to version 0.11.1 (#160)

f67524e

Signed-off-by: Scott Hamrick <2623452+cshamrick@users.noreply.github.com>

chore: fix typos (#159)

5a4d12c

This PR fixes a few typos in the documentation and code blocks. Signed-off-by: Mary Dickson <mdickson@gmail.com>

fix(docs): tidying "Getting started" (#166)

f031b5c

* Extract CSS to a file-level `<style>` block * Correct the `docker ...` copy commands, which have been broken for several days (before my recent improvements)

jp-ayyappan force-pushed the jps-updates branch from 21cb6d9 to ccf9019 Compare January 8, 2026 16:01

jp-ayyappan and others added 4 commits January 8, 2026 23:40

Fix dev server startup by removing non-existent nanotdf remote content

93fdb8c

The nanotdf directory no longer exists in the opentdf/spec repository, causing a 404 error during startup. NanoTDF docs are maintained locally. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

jp-ayyappan and others added 7 commits January 21, 2026 23:07

Fix Google analytics tag

81d1863

fix(docs): add docker-compose.yaml to tutorial directory

a418201

The tutorial imports docker-compose.yaml locally, so copy it from docs/getting-started/ to docs/tutorials/your-first-tdf/ to fix the build error.

jp-ayyappan requested a review from a team as a code owner January 22, 2026 06:48

jp-ayyappan and others added 10 commits January 22, 2026 15:26

fix(docs): update CLI documentation link after directory restructure

eae7b28

Updated link from ../components/cli/ to ./platform-architecture/components/cli/ after removing duplicate CLI docs directory.

jp-ayyappan merged commit cd53ccc into docs/update_policy_docs Feb 1, 2026
1 check passed

jp-ayyappan deleted the jps-updates branch February 1, 2026 23:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

JP updates to the OpenTDF docs #153

JP updates to the OpenTDF docs #153
jp-ayyappan merged 43 commits into
docs/update_policy_docsfrom
jps-updates

jp-ayyappan commented Oct 10, 2025

Uh oh!

gemini-code-assist Bot commented Oct 10, 2025

Uh oh!

gemini-code-assist Bot left a comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

Conversation

jp-ayyappan commented Oct 10, 2025

Uh oh!

gemini-code-assist Bot commented Oct 10, 2025

Summary of Changes

Highlights

Footnotes

Uh oh!

gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants