Zuplo Changelog

This release introduces Model Context Protocol (MCP) support for API development, new policies for query parameter manipulation and API metering, enhanced CLI commands, and improvements to console logging in the runtime.

New Features 🎉#

• Query Parameter to Header Inbound Policy - New policy that allows transforming query parameters into HTTP headers, enabling more flexible request handling and backend compatibility.

• Model Context Protocol (MCP) Support - Added comprehensive MCP server handler for local editing experience with improved schema validation, URL pattern support, parameter descriptions and examples. MCP enables AI-powered tools to interact with your APIs more effectively.

• Console Logging Support in Runtime (preview) - Developers can now use console logging directly in the runtime environment, making debugging and monitoring easier during development.

• OpenMeter Metering Inbound Policy - New integration with OpenMeter for API usage metering, enabling precise tracking and billing of API consumption.

• Enhanced Prompt Injection Policy - Added "strict" mode with more granular logging capabilities to better protect APIs from prompt injection attacks in AI-powered applications.

• Improved CLI Commands:

  • New zuplo source command replaces the deprecated zuplo project command
  • Added interactive selection for account, project, and environment values in authenticated commands
  • Environment variables from public vars are now written to .env files for better local development experience

This release includes improvements to OpenAPI schema reference handling and a fix for the Zuplo CLI login behavior on middleware platforms.

Bug Fixes 🐛#

• Improved nested schema reference traversing - Fixed an issue where deeply nested schema references in OpenAPI specifications were not being properly resolved. This enhancement ensures that complex OpenAPI documents with multiple levels of $ref pointers are correctly processed, improving compatibility with sophisticated API specifications.

• Fixed CLI login behavior on middleware platforms - Resolved an issue where the Zuplo CLI would unexpectedly exit after login when running on certain middleware platforms. The CLI now properly maintains the session after successful authentication, ensuring a smooth development experience.

This release introduces significant enhancements to request handling, CLI authentication, logging capabilities, and observability. Key features include a new pre-routing hook for request manipulation before routing, enhanced CLI authentication supporting both Auth0 and API Key methods, custom log fields across all logging plugins, and improved tracing for programmatically invoked policies.

New Features 🎉#

• Pre-routing hook - Introduces a powerful new hook that allows you to manipulate incoming requests before routing checks are performed. This enables use cases like making URLs case-insensitive or normalizing URL paths. Learn more about pre-routing hooks

• Custom log fields for all logging plugins - All logging plugins now support a fields option that allows you to append custom fields to every log entry. This enhancement enables better log enrichment and correlation across your observability stack. See custom log fields documentation

• Tracing for programmatically invoked policies - Policies that are invoked programmatically now include proper tracing information, improving observability and debugging capabilities when policies call other policies within your API gateway. Learn about API monitoring with OpenTelemetry

Bug Fixes 🐛#

• Enhanced error handling - Strengthened error handling checks for the throwOnError configuration option, ensuring more predictable behavior when errors occur in your API gateway.

Documentation 📚#

• CLI command consistency - Updated the CLI documentation and commands to consistently use zuplo instead of the shortened zup command, improving clarity and consistency across all documentation.

This release includes improvements to the local development experience with increased body size limits in the route designer and bug fixes.

New Features 🎉#

• Increased body limit in local route designer - The maximum request body size limit has been increased in the local route designer, allowing developers to test APIs with larger payloads during development.

Bug Fixes 🐛#

• Project template creation improvements - Fixed an issue where creating a project from a template would fail if the source control access token was not properly validated. The system now correctly checks for and handles access token availability during template-based project creation.