This repository has been archived on 2026-05-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Flea Flicker cdf4d6c4b1 fix(GRO-689): only validate authorizationUrl hostname, add OIDC_INTERNAL_BASE in dev ...

- Move hostname validation to run AFTER OIDC_INTERNAL_BASE replacement
  (was checking raw discovery URLs before replacement caused false positives)
- Only validate authorizationUrl hostname against issuer; token/userinfo
  are server-to-server and may legitimately use internal hostnames
- Infra: add OIDC_INTERNAL_BASE env var to dev overlay (was missing, matches UAT)

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-16 04:55:17 +00:00

..

api

fix(GRO-689): only validate authorizationUrl hostname, add OIDC_INTERNAL_BASE in dev

2026-04-16 04:55:17 +00:00

e2e

fix(e2e): use domcontentloaded instead of networkidle in admin invoices test

2026-04-11 16:50:35 +00:00

groombook/overlays/uat

fix(GRO-451): re-seal UAT secrets with correct cluster certificate

2026-04-04 12:27:23 +00:00

web

Merge branch 'main' into feature/gro-631-ci-pnpm-pin

2026-04-14 17:34:02 +00:00