v0.38.0

Added

• Add --no-newline, -n flag to read command to not print newline (#263)

Fixed

• Rewrite masker to fix #196 and reduce data-dependency on timing (#267)
• Improve various help texts (#264, #271, #273)
• Fix error when autocompleting secrethub run command (#268)

v0.37.0

Added

• Support generating secrets with complex requirements (#177).
  You can now select the set of characters from which characters are randomly drawn using --charset and set requirements for including a minumum amount of characters from a given set of characters using --min. This can be used for services that require you to always include a special character for example. Checkout the generate docs for a detailed specification of the possibilities.

Deprecated

• Deprecated generate --symbols flag. Use --charset alphanumeric,symbols instead. (#177)

v0.36.0

Added

• [BETA] env ls and env read subcommands to work with secret environment variables in the same way that the run command does.

The commands are hidden because they are still in beta. Future versions may break.

v0.35.1

Fixed

Make environment variables set via command line flags precede environment variables set using reference syntax (#253)

v0.35.0

Added

• New secrethub:// syntax: secrethub run will look for environment variables with this prefix and replace the reference with the secret in the subprocess. (#243)

Fixed

• Fixed bug that kept secrethub run command running until user hits enter.

Deprecated

• Snapcraft: No more new builds will get uploaded to Snapcraft anymore. (#247)

v0.34.0

Added

• Detect AWS authentication using web identity token files. This enables the use of AWS native authentication on AWS EKS. (#241)
• Prompt for missing template variables in run and inject (#235)
• Accept secret paths on acl check (#232)
• Add aliases for commands (#228, #229)
• Print service id when creating an AWS service account (#231)
• Add --out-file flag to service init (#230)
• Add internal CheckStrictEnv function to check that only recognized app environment variables are set (#237)
• Accept invalid template variable values to be configured if no template file is used (#235)
• Accept template variables to be configured although v1 templates are used (#235)

Deprecated

• Deprecated service init --file flag; use --out-file instead (#230)

Fixed

• Rephrase template processing error (#238)

v0.33.0

Added

• credential backup
• credential disable
• credential ls
• --parents flag for mkdir, to recursively create all directories in the given path

Deprecated

• -p shorthand for --credential-passphrase. Use the full --credential-passphrase flag instead.

v0.32.0

Added

• Iteratively browse pages of the audit log (#215)
• Ask to create an organization on signup (#164)

v0.31.0

Added

• Add --multiline flag to secrethub write to prompt for multiple lines of input.

Changed

• Improve help text for commands that take paths as arguments.
• Improve help text for secrethub account verify-email.
• Return an explanatory error when the server response cannot be parsed.

Fixed

• Fix minor problems with .deb and .rpm install.

v0.30.0

Added

• Add a demo application to be served to demonstrate SecretHub.
• Read a secret directly to a file by using the --out-file flag.
• Write a secret directly from a file by using the --in-file flag.