Zuplo Changelog

This changelog covers changes from Monday, 2025-09-29 to Sunday, 2025-10-05, focusing on new policy features, runtime improvements, and portal enhancements.

Features#

• GraphQL Introspection Filter Policy: Added new MCP GraphQL tools with introspection filtering capabilities to help manage GraphQL schema exposure and improve security
• Logs in AI Gateway: Enhanced AI Gateway with comprehensive logging functionality, providing better visibility into gateway operations and events

Fixes#

• MCP Server Handler: Fixed issue with routes containing escaped colons that were not being handled correctly
• URL Forward Handler: Enhanced support for buffering request body during redirect transmission, improving reliability of URL forwarding
• Log Parsing: Fixed issue where log chunks were not being correctly parsed, improving log reliability and accuracy

Portal Updates#

• Copy Path Enhancement: Improved path copying functionality with visual feedback through flash animations
• Invite UI Improvements: Updated color scheme for invitation-related interface elements to improve visual clarity
• Secret Management UI: Enhanced the secret management interface for better user experience and security
• MCP Server Bug Fix: Resolved server-side issues affecting MCP functionality
• Button UI Cleanup: Removed count display from buttons to reduce user confusion

Audit Logs are now available for Zuplo Enterprise customers. This feature provides a record of activities within your Zuplo account, including project modifications, configuration changes, team management, API key operations, and deployment activities. Each log entry includes information about the actor, affected resources, timestamp, and geographic context.

Availability#

Available now as an add-on for Enterprise customers. Current enterprise customers can trial the feature for development and testing. Contact your account manager or sales@zuplo.com to enable it.

Audit Log Features#

• 90-day retention by default (extended retention available on request)
• Immutable audit trails suitable for compliance requirements
• Real-time activity logging
• Detailed context including IP address, user agent, and location data

How to access Audit Logs#

Once enabled, Audit Logs can be found in the Zuplo Portal (Account Settings → Audit Logs). You will see the most recent activities as well as options to filter the events by date range, action type, actor or success/failure status.

Programmatic Access to Audit Logs#

Audit Log data is also available via the API using the /accounts/{accountName}/audit-logs endpoint. Query parameters are available for filtering and pagination (maximum 100 results per request, 30-day query range limit).

Note: During beta, not all events may be captured.

See the Audit Logs documentation for more information.

This changelog covers releases from Monday, 2025-09-15 to Sunday, 2025-09-21, featuring enhancements to customization options and bug fixes for the API playground functionality.

Features#

• Link Target Customization: Added new option to customize link target behavior, providing greater flexibility in how external and internal links are handled within documentation #1557

Fixes#

• API Playground Parameter Consistency: Fixed an issue where the API Playground component in MDX files was not properly using the same parameters as expected, ensuring consistent behavior across documentation pages #1549

This changelog covers improvements to the runtime and portal from Monday, 2025-09-01 to Sunday, 2025-09-07.

Fixes#

• Runtime: Fixed MCP (Model Context Protocol) server handlers to return proper 405 Method Not Allowed responses instead of 404 Not Found when unsupported HTTP methods are used

Portal Updates#

• Added enhanced stack trace mapping and formatting in the log viewer for better debugging experience with loading states and improved readability

This changelog covers all releases from Monday, 2025-09-01 to Sunday, 2025-09-07, introducing performance optimizations for prerendering and important bug fixes for directive parsing. Key highlights include configurable prerender workers for better build performance and resolution of remark-directive parsing issues that were affecting content processing.

Features#

• Configurable prerender workers - Added ability to configure the number of prerender workers during build process for improved performance and resource utilization #1521

Fixes#

• Remark-directive parsing - Fixed critical parsing issues with remark-directive that were preventing proper content processing #1530

Documentation#

• API Keys documentation - Corrected typo in API keys documentation for improved clarity #1528

Zuplo provides automatic DDoS (Distributed Denial of Service) protection for all APIs deployed on the platform. This service detects and mitigates attacks in real-time, ensuring your APIs remain available even under attack.

No configuration required - protection is active immediately upon deployment.

Key Features#

• Always-on protection against both network (Layer 3/4) and application (Layer 7) attacks
• Multi-layered defense covering UDP floods, SYN floods, HTTP floods, and slowloris attacks
• Smart detection with minimal false positives to keep legitimate traffic flowing
• Unmetered protection with no bandwidth limits during attacks
• Cost protection - blocked malicious requests don't count toward your usage limits

Protection Levels#

• Working Copy environments: Medium sensitivity by default
• Preview/Production environments: Medium sensitivity with Enterprise customization options
• Enterprise add-on: Four sensitivity levels (High, Medium, Low, Essentially Off) with advanced analytics and custom rule configuration

How It Works#

The system analyzes traffic patterns in real-time, examining request rates, IP reputation, geographic distribution, and behavioral anomalies. When attacks are detected, malicious traffic is automatically filtered at the edge before reaching your API.

Note: This feature is available for managed edge deployments. Customers using managed dedicated deployments should refer to the Managed Dedicated WAF Options documentation.