Posts
-
LockboxKMS v0.2.0: Strengthening the Foundation
Released on December 14, 2024, LockboxKMS v0.2.0 is a stability and maintenance release. While it doesn’t introduce new user-facing features, it significantly improves the underlying health and security of the application, ensuring a more robust experience for those using the tool to encrypt sensitive data via Google Cloud KMS. What’s new This release focuses on refinement and modernization. We have updated our core dependencies, including the Google Cloud KMS and Go cryptography libraries, to their latest versions. Additionally, the project...
Read article -
iapheaders v0.3.0: Stability and Polish
On December 14, 2024, we released iapheaders v0.3.0. This version is a dedicated maintenance release, focusing on reinforcing the security foundations of the project and polishing the user experience to ensure a more stable and transparent tool for inspecting GCP Identity-Aware Proxy (IAP) headers. What’s new While v0.3.0 doesn’t introduce sweeping new features, it brings several important refinements: Security and Core Updates: We’ve bumped critical dependencies, including golang.org/x/crypto and jwx/v2, ensuring the tool leverages the latest security patches and performance...
Read article -
gcpidentitytokenportal v0.2.0: Stability and Security Updates
Released on December 14, 2024, v0.2.0 of the gcpidentitytokenportal is a focused maintenance release. While this version doesn’t introduce new functional features, it ensures the continued reliability and security of the tool by bringing its core dependencies and toolchain up to date. What’s new This release focuses on the “under the hood” components that keep the portal running smoothly: Updated Dependencies: We’ve bumped several critical Google Cloud libraries, including the Google API Client and the GCP Metadata Client, ensuring better...
Read article -
clip4llm v0.0.3: Strengthening the Foundation
Released on December 9, 2024, clip4llm v0.0.3 is a maintenance release dedicated to improving the project’s stability and security. While this version doesn’t introduce new functional features, it focuses on hardening the underlying infrastructure to ensure a more reliable experience for everyone using the tool to feed context into their LLMs. What’s new This release is all about the “under the hood” improvements: Modernized Toolchain: We’ve updated the project to Go 1.23, ensuring that clip4llm leverages the latest language improvements...
Read article -
\"Enhancing IAP Identity Verification in iapheaders v0.2.0\"
On November 25, 2024, we released iapheaders v0.2.0. This update introduces critical improvements to how the tool validates identity headers from Google Cloud Platform’s (GCP) Identity-Aware Proxy (IAP), ensuring that the information you see is not just present, but consistent and verified. What’s new The core of this release is a new consistency check that cross-references unsigned identity headers with the signed JSON Web Token (JWT). While previous versions verified the JWT’s signature, v0.2.0 goes a step further by ensuring...
Read article -
Introducing gologhttpbinary: Effortless Binary Payload Logging
Released on November 23, 2024, we are excited to announce the launch of gologhttpbinary. This lightweight utility solves a common headache for developers working with binary protocols: the struggle to reliably log and debug binary payloads, such as Protocol Buffers, without them being corrupted or truncated by text-based logging systems. What is gologhttpbinary? gologhttpbinary is a specialized HTTP server designed for debugging. Instead of attempting to print binary data directly to the console—which often leads to messy logs and lost...
Read article -
firestoreproto2json v0.0.6: Stability and Maintenance Updates
On November 23, 2024, we released firestoreproto2json v0.0.6. This is a maintenance release focused on keeping the project healthy, updating dependencies, and refining our CI/CD pipelines to ensure a more stable development process. What’s new This release primarily focuses on the underlying health of the project: Dependency Updates: We have updated several key build and test dependencies, including JUnit and Lombok, to their latest versions to ensure compatibility and stability. Documentation Improvements: The README.md has been polished with typo fixes...
Read article -
Introducing kubetogoogleidtoken: Simplifying Google ID Token Acquisition in Kubernetes
On November 21, 2024, we are excited to announce the launch of kubetogoogleidtoken, a specialized Java library designed to streamline how applications running in Kubernetes authenticate with Google Cloud services. By leveraging GCP Workload Identity Federation, this library removes the complexity of manually managing the exchange between Kubernetes identities and Google Cloud credentials. What it does At its core, kubetogoogleidtoken provides a seamless way to obtain Google ID tokens without requiring long-lived service account keys stored as secrets. The library...
Read article -
Enhancing Stability and Reliability: simplegoogleidtoken v0.0.5
Released on November 19, 2024, simplegoogleidtoken v0.0.5 is a stability and polish update designed to make the library more resilient and production-ready. This release focuses on hardening the core communication layer, ensuring that your applications can reliably exchange Google Cloud Service Account credentials for ID tokens with minimal friction. What’s new The primary focus of v0.0.5 is the overhaul of the HTTP communication mechanism. While the library’s API remains the same, the internal handling of requests has been significantly improved:...
Read article -
Introducing iapheaders: Simplify Your GCP IAP Debugging
Released on November 16, 2024, iapheaders is a specialized diagnostic tool designed to help developers and security engineers demystify the identity headers provided by Google Cloud Platform’s (GCP) Identity-Aware Proxy (IAP). By providing a clear, human-readable window into the data IAP sends to your backend, iapheaders eliminates the guesswork from configuring secure, identity-based access control. What it does iapheaders acts as a transparent mirror for your IAP traffic. Instead of logging headers to a file and manually decoding tokens, you...
Read article
subscribe via RSS