v0.29.2

Fixed

• Fix bug MaskedWriter is not flushed before timeout
• Fix run and inject when env contains invalid value

v0.29.1

Fixed

• Fix goreleaser build for brew

v0.29.0

Added

• Add deb and rpm packages to releases
• Add generate --clip flag to copy the generated value
• Rename generate rand to generate and add generate --length flag
• Make generate command less verbose
• Rephrase service init --permission helptext

Deprecated

• Deprecated generate rand <path> [<length>], use generate [--length <length>] <path> instead.

v0.28.0

Added

• Remove trial prompt when creating an org; Organizations now come with 3 free users and 50 secrets 🎉 (#168)
• Add list and remove aliases for ls and rm commands (#165)

Fixed

• Use full command in flag envvars for subcommands (#167)
• Fix whitespace of help output for commands with args but no flags (#166)

v0.27.0

Added

• Create a start repository on signup (#161)
• Add ls <workspace> (#162)
• Add optional workspace argument to repo ls to limit results (#159)
• Make identity provider configuration case-insensitive (#160)
• Use region from KMS key ARN when creating AWS services (#157)
• Don't fetch user in repo invite when not using it (#150)

Fixed

• Fix run masking problem (#155)
• Fix acl check on a specific account (#158)

v0.26.1

Fixed

• Version and commit are now correctly shown when using secrethub --version.

v0.26.0

This release introduces Keyless Authentication for AWS: services running on AWS Lambda, ECS and EC2 can now natively authenticate to SecretHub to fetch their secrets, without needing another secret key.

We’ll be adding more Keyless Authentication providers (e.g. Google Cloud and Azure) in future releases, so stay tuned!

Added

• Add support for keyless authentication for any service running on AWS (e.g. EC2, Lambda or ECS) using the --identity-provider=aws flag.
• Add service aws init and service aws ls commands to create and list services that use AWS IAM + KMS as credential.
• Add service type and creation time to the service ls output.
• Create service permissions using --permission <subdirectory>:<permission> flag.
• Add --description, --desc and --descr aliases for description flag of org init and service init.
• Add config update-passphrase command to change the passphrase of your credential.

Removed

• Remove config upgrade command. The config update-passphrase command can be used to change the passphrase of your credential. To upgrade old configuration files, use a CLI with a version <= v0.25 to run the config upgrade command.

Fixed

• Improve help-text for nested management commands.
• Fix error message shown when run env-file cannot be read.
• Fix unicode characters in the passphrase breaking passphrase caching (see #132).
• When asking for user input, on invalid input, don't print "please try again" after the last try failed.
• When asking for user input, on invalid input, don't continue the command after the last try failed.

v0.25.1

Fixed

• Fix index out of range error on the run command

v0.25.0

Added

• Add service ls command to list service accounts on a repository.
• Add --ignore-missing-secrets flag to the run command to suppress errors of secrets that do not exist.

v0.24.2

Added

• Add https://secrethub.io/support to the help output.

Fixed

• Don't indicate errors as unexpected when they are not.
• Don't prompt for the credentials passphrase when secrethub run does not use secrets.
• Remove race conditions that occurred in corner cases of secret masking.
• Don't block when masking timeout is set to 0.
• Clarify complex details of the run command in the help text.