s2s_call_reasonrisk_mode[Secret store] Load PX credentials from Fastly Secret Store so deployments can keep required secrets out of ConfigStore/KVStore. Secret values override configured keys when present, while missing secrets fall back to existing config and log errors.
add documentation for all public PXContext getters
px_agentic_trust_enabled, px_agentic_trust_mcp_endpoint_pathpx_login_credentials_extraction_enabled, px_login_credentials_extraction, px_credentials_intelligence_version, px_compromised_credentials_header, px_additional_s2s_activity_*, px_login_successful_*, callbacks px_extract_credentials_fn / px_login_successful_fnpx_jwt_cookie_* and px_jwt_header_*_pxhd risk cookie on responses; config px_secured_pxhd_enabled to add the Secure attributepx_user_agent_max_length, px_risk_cookie_max_length, px_risk_cookie_min_iterations, px_risk_cookie_max_iterationskv_store cargo feature) and runtime config updates via update_from_json (initial support, used by e2e testing)block_page_hard_block.tmpl template and block/rate-limit template updatespx_token_version (V2/V3)e2e_testing application for testing Enforcer codehuman_sapi, human_collector, human_client, human_captchapxconfig refactor: serde-based deserialization, typed PXConfigKey with sensitive/static/local classification, documented px_* fieldspx_ip_headersstrum/strum_macros, bump regex/uuid, update project metadatapx_filter_by_method to px_filter_by_http_methodwhitelist_* -> filter_by_*)is_sensitive_request_fn callback overwriting prior sensitivity detection from sensitive_routes configuration and GraphQL inspection. The callback’s result is now OR-ed with the existing value, so it can only escalate (never demote) a request’s sensitivity.px_graphql_body_max_length configuration to set GraphQL max body lengthpx_cors_support_enabled
-px_cors_preflight_request_filter_enabledcors_custom_preflight_handler_fn()
-cors_create_custom_block_response_headers_fn()_pxac cookie (or custom cookies defined in px_extracted_cookies)px_data_enrichment_header_name configurationadditional_activity_handler callback function to be executed after sending page_requested or block activity to the collectorpxcts cookie