Skip to content

docs: weekly update — 2026-07-11#117

Draft
dobby-coder[bot] wants to merge 6 commits into
mainfrom
docs/weekly-update-2026-07-11
Draft

docs: weekly update — 2026-07-11#117
dobby-coder[bot] wants to merge 6 commits into
mainfrom
docs/weekly-update-2026-07-11

Conversation

@dobby-coder

@dobby-coder dobby-coder Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Weekly documentation drift update. Covers user-facing changes merged across encryption4all repos in the past week.

postguard

  • pg-pkg CORS is now required (breaking). --allowed-origins / PKG_ALLOWED_ORIGINS no longer defaults to *; the server refuses to start without an explicit allowlist. Updated the environment-variable table on the postguard page. From encryption4all/postguard#219.
  • pg-pkg per-IP rate limiting. Documented the new PKG_RATELIMIT_* variables (general and sensitive tiers, disable flag, and the X-Forwarded-For trust flag for running behind a reverse proxy) and added a "Rate limiting" section describing the 429 Too Many Requests behaviour. From encryption4all/postguard#226 and encryption4all/postguard#230.

cryptify

  • New GET /email-template endpoint. Added it to the API endpoint list plus an "Email template retrieval" section with the status-code table. From encryption4all/cryptify#175.
  • GET /usage now requires a validated API key. Corrected the docs, which said it degrades to a per-email bucket for unauthenticated callers; it now returns 401 without a validated Authorization: Bearer PG-… key (and 503 if PKG is unreachable). From encryption4all/cryptify#183.

Update 2026-07-18

Configurable email attribute type shipped across the stack (issue encryption4all/postguard#236). Every leg defaults to the production pbdf.sidn-pbdf.email.email, so deployed setups are unaffected; the option exists so test environments can run the real code path against the irma-demo scheme.

  • PKG_EMAIL_ATTRIBUTE / --email-attribute. New PKG environment variable for the email attribute in API-key signing identities. Added to the postguard environment-variable table. From encryption4all/postguard#244.
  • cryptify email_attribute config key. New TOML key for the finalize sender check. Added to the cryptify configuration table and refreshed the config.rs source link. From encryption4all/cryptify#193.
  • emailAttributes SDK option. New PostGuard({ emailAttributes: { email, domain } }) option. Added an "Email attribute types" subsection to the JS encryption reference. From encryption4all/postguard-js#115.

Also on the JS SDK:

  • prepareSign() and encrypt({ signingKeys }). New primitive to start a Yivi signing session ahead of the send tap so iOS can open the Yivi app on a single gesture. Added a "Prepare a signing session ahead of time" section to the JS encryption reference. From encryption4all/postguard-js#103.

Verified with npm run docs:build (green). Draft for maintainer review.

@dobby-coder
dobby-coder Bot requested a review from rubenhensen July 18, 2026 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants