oscerd opened a new pull request, #24128: URL: https://github.com/apache/camel/pull/24128
Marks the `x509HostnameVerifier` option on camel-http with `security = "insecure:ssl"`. Under the default `hostnameVerificationPolicy=CLIENT`, the configured `x509HostnameVerifier` fully controls hostname verification — a `NoopHostnameVerifier` disables it. The `@UriParam` lacked the `security = "insecure:ssl"` marker that Camel uses to flag TLS-weakening options (per `design/security.adoc`), so the security policy framework (`camel.main.profile=prod`) and catalog tooling could not surface it for review. ## Changes - `HttpEndpoint.x509HostnameVerifier` `@UriParam` now carries `security = "insecure:ssl"`. - Regenerated metadata: component JSON (`http` + `https`), catalog JSON, and the `SecurityUtils` insecure-option registry. ## Notes - Metadata-only; no functional/behavioral change to the option (the verifier still behaves exactly as configured). No test is added — the regenerated security registry/catalog is the artifact, and CI verifies there are no uncommitted generated changes. - Main-only: the `@UriParam(security=...)` attribute and the `SecurityUtils` registry are 4.21-only and do not exist on the 4.18.x / 4.14.x branches, so there is nothing to backport. Jira: https://issues.apache.org/jira/browse/CAMEL-23785 _Claude Code on behalf of Andrea Cosentino_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
