pool/sops
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
sops/sops.changes

762 lines
33 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Mon Sep 29 04:59:36 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 3.11.0:
* Bump version to 3.11.0.
* Add changelog for 3.11.0.
* Address review comments.
* Move dotenv.IsComplexValue to stores.
* Do not put sensitive value into error message when the key can
be printed as well.
* Apply review suggestions.
* AZKV: Also allow to omit version for AZKV keys specified in key
groups.
* Make SingleValueStore extend Store instead of the other way
around.
* Ignore encryption selection options for binary store (and warn
when they are used).
* build(deps): Bump the go group across 1 directory with 10
updates
* Get rid of conf variable.
* When encrypting, load the config only once.
* build(deps): Bump the go group across 1 directory with 21
updates
* Build with Go 1.24 and 1.25, release with 1.25.
* Improve formulations.
* Add YAML keys for all keys in a key group.
* Get rid of some unrelated tabs.
* Document (most of) the SOPS config format.
* build(deps): Bump anchore/sbom-action in the ci group
* build(deps): Bump the rust group in /functional-tests with 2
updates
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the rust group in /functional-tests with 4
updates
* Fix grammar.
* Always load age identities from all locations, and report
unused locations in error messages.
* Fix mention of macOS XDG_CONFIG_HOME fallback.
* Allow for non-string values in exec-env
* Avoid panic when values are numbers
* Fix argument order.
* Move ValToString to stores.
* Improve formatting of floats.
* Add tests.
* Fix converting integers to strings. Also improve time.Time
formatting.
* Update azkv/keysource.go
* build(deps): Bump the ci group with 2 updates
* fix: correct destination validation logic to detect all
conflicts
* Switch from deprecated gopkg.in/yaml.v3 to go.yaml.in/yaml/v3
* feat(azkv): Skipping key-version will get latest key
* Allow to configure --enable-local-keyservice and --keyservice
through env variables.
* Remove paragraph on GPG/PGP keyservers.
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the rust group in /functional-tests with 2
updates
* build(deps): Bump the go group with 14 updates
* build(deps): Bump github.com/go-viper/mapstructure/v2
* build(deps): Bump the ci group with 4 updates
* build(deps): Bump the go group with 9 updates
* build(deps): Bump the ci group with 4 updates
* build(deps): Bump the go group with 15 updates
* Fix keyservice client for unix domain sockets
* Fix example.yaml.
* Addressing felixfontein's latest review. Adds a key type field
to the ParseKeyField fn.
* Resolves #1864. Adds Native List as an option for configuring
keys in addition to the trailing comma option already given.
* Resolves #1864. Adds Native List as an option for configuring
keys in addition to the trailing comma option already given.
* Collect age identity loading errors and only report if
decryption failed.
* Document #1876 and --value-stdin.
* Add --value-stdin option to 'sops set'.
* Ensure temporary file for editing is only read-writable by
owner.
* Mention all stores in various places.
* build(deps): Bump the ci group with 3 updates
* build(deps): Bump serde_json in /functional-tests in the rust
group
* build(deps): Bump the go group with 12 updates
* update completion command usage description
* add source link for completion snippet
* Also parse floating point numbers if they represent integers.
* Store floating point number without decimal places.
* Fix Shamir threshold encoding for INI and ENV files.
* double backticks on configuration directory list 2/2
* double backticks on configuration directory list 1/2
* Document XDG_CONFIG_HOME support on mac
* Add "--value-file" option to "sops set [...]"
* build(deps): Bump the go group with 6 updates
* add completion script. Resolves #1868
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 3 updates
* Correct Windows path to store keys.txt
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 4 updates
* build(deps): Bump github.com/go-viper/mapstructure/v2
* Fix Typo in README.rst
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 8 updates
* build(deps): Bump the ci group across 1 directory with 3
updates
* build(deps): Bump the go group with 12 updates
* build(deps): Bump github.com/cloudflare/circl from 1.6.0 to
1.6.1
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the go group with 12 updates
* build(deps): Bump alpine in /.release in the docker group
* build(deps): Bump the go group with 4 updates
* Remove unmatched '`' from README.rst
* build(deps): Bump the go group with 7 updates
* Update authors in main.go
* Allow injecting custom HTTP client for AWS, Azure, GCP and
HashiCorp Vault
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 5 updates
* Introduce EncryptContext and DecryptContext for AWS, Azure,
GCP, PGP and HashiCorp Vault
* Apply suggestions from code review.
* build(deps): Bump actions/setup-go from 5.4.0 to 5.5.0 in the
ci group
* build(deps): Bump tempfile in /functional-tests in the rust
group
* build(deps): Bump the go group with 8 updates
* build(deps): Bump the ci group with 4 updates
* build(deps): Bump the go group with 5 updates
* build(deps): Bump the go group with 4 updates
* add newline before sublist start
* add newline before sublist start
* use bullet points for structure
-------------------------------------------------------------------
Wed Apr 16 15:44:47 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 3.10.2:
* build(deps): Bump the go group with 13 updates by @dependabot
in #1834
* Use latest 1.24 Go version for release build by @hiddeco in
#1836
* Remove reserved keyword check from YAML store's LoadPlainFile()
by @felixfontein in #1829
* build(deps): Bump the go group with 9 updates by @dependabot in
#1839
* build(deps): Bump github/codeql-action from 3.28.13 to 3.28.15
in the ci group by @dependabot in #1840
* Release 3.10.2 release by @felixfontein in #1841
-------------------------------------------------------------------
Mon Mar 31 18:45:06 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 3.10.1:
* Add changelog.
* Bump version to 3.10.1.
* build(deps): Bump the ci group with 2 updates
-------------------------------------------------------------------
Mon Mar 31 05:44:45 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 3.10.0:
* build(deps): Bump alpine from 3.18 to 3.21 in /.release in the
docker group across 1 directory by @dependabot in #1700
* Convert changelog to MarkDown by @felixfontein in #1741
* build(deps): Bump the go group with 7 updates by @dependabot in
#1743
* build(deps): Bump the go group with 9 updates by @dependabot in
#1745
* build(deps): Bump the rust group in /functional-tests with 2
updates by @dependabot in #1744
* build(deps): Bump github/codeql-action from 3.28.5 to 3.28.8 in
the ci group by @dependabot in #1746
* build(deps): Bump the go group with 12 updates by @dependabot
in #1751
* build(deps): Bump the ci group with 4 updates by @dependabot in
#1750
* Add --input-type option for filestatus subcommand by
@felixfontein in #1601
* Use SOPS_EDITOR before EDITOR by @felixfontein in #1611
* Allow users to disable version check via environment variable
by @nicklasfrahm in #1684
* add duplicate section support to ini store by @reindlt in #1452
* stores: test for duplicate keys, reserve keyword (yaml only
now) by @holiman in #1203
* Add same process option for exec-env by @ricmatsui in #880
* outputs: add trailing newline at the end of JSON files by
@duthils in #1476
* set subcommand: add --idempotent flag that will not write the
file if no change happened by @felixfontein in #1754
* Encrypt and decrypt time.Time objects by @felixfontein in #1759
* build(deps): Bump the go group with 8 updates by @dependabot in
#1763
* build(deps): Bump tempfile from 3.16.0 to 3.17.0 in
/functional-tests in the rust group by @dependabot in #1762
* build(deps): Bump goreleaser/goreleaser-action from 6.1.0 to
6.2.1 in the ci group by @dependabot in #1761
* fix(docs): typo in README.rst by @Paredev in #1765
* Add SSH support for age by @haoqixu in #1692
* make sure that tests do not pick keys.txt from user's HOME dir
by @tomaszduda23 in #1766
* support for age identity with passphrase by @tomaszduda23 in
#1400
* build(deps): Bump the rust group in /functional-tests with 4
updates by @dependabot in #1768
* build(deps): Bump the go group with 12 updates by @dependabot
in #1769
* build(deps): Bump the ci group with 4 updates by @dependabot in
#1770
* build(deps): Bump github.com/go-jose/go-jose/v4 from 4.0.4 to
4.0.5 by @dependabot in #1773
* feat: add age plugin support by @brianmcgee in #1641
* Check GnuPG decryption result for non-empty size by
@felixfontein in #1776
* vendored age code: consolidate passphrase reading functionality
by @felixfontein in #1775
* Allow to encrypt and decrypt from stdin by @felixfontein in
#1690
* build(deps): Bump the go group with 11 updates by @dependabot
in #1784
* build(deps): Bump the ci group with 5 updates by @dependabot in
#1782
* build(deps): Bump serde_json from 1.0.139 to 1.0.140 in
/functional-tests in the rust group; bump Rust to 1.85.0 by
@dependabot in #1783
* build(deps): Bump the go group with 13 updates by @dependabot
in #1797
* build(deps): Bump the rust group in /functional-tests with 3
updates by @dependabot in #1796
* build(deps): Bump github/codeql-action from 3.28.10 to 3.28.11
in the ci group by @dependabot in #1795
* build(deps): Bump the go group with 6 updates by @dependabot in
#1802
* build(deps): Bump tempfile from 3.18.0 to 3.19.0 in
/functional-tests in the rust group by @dependabot in #1800
* build(deps): Bump docker/login-action from 3.3.0 to 3.4.0 in
the ci group by @dependabot in #1801
* build(deps): Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to
5.2.2 by @dependabot in #1806
* goreleaser: add windows arm64 by @duthils in #1791
* Add a way to set sops config location via envvar by @sledzikowy
in #1701
* build(deps): Bump the go group with 3 updates by @dependabot in
#1809
* build(deps): Bump the ci group with 5 updates by @dependabot in
#1808
* build(deps): Bump tempfile from 3.19.0 to 3.19.1 in
/functional-tests in the rust group by @dependabot in #1807
* Support --config option in publish subcommand by @felixfontein
in #1779
* Fix caching of Metadata.DataKey by @felixfontein in #1781
* Lint by @felixfontein in #1780
* updatekeys subcommand: rename GroupQuorum to ShamirThreshold by
@felixfontein in #1631
* If --filename-override is specified, convert it to an absolute
path same as regular filenames by @felixfontein in #1793
* Add support for oauth2.TokenSource in GCP KMS by @matheuscscp
in #1794
* Added SOPS_AGE_KEY_CMD option to age, fixes #1323 by
@danilobuerger in #1811
* chore: omitempty metadata to reduce the size of stored config
by @cgetzen in #1571
* Improve Shamir Secret Sharing code by @felixfontein in #1813
* Update all dependencies by @felixfontein in #1814
* Run 'gofmt -w' on all .go files by @felixfontein in #1817
* Add option to explicitly check for the latest version;
deprecate current default of always doing that unless disabled
by @felixfontein in #1816
* Build using Go 1.24 and drop support for 1.22 by @hiddeco in
#1819
* Support GOOGLE_OAUTH_ACCESS_TOKEN for Google Cloud Platform by
@marensofier in #1578
* Warn about .sops.yml files found while searching for .sops.yaml
by @felixfontein in #1820
* Release 3.10.0 by @felixfontein in #1815
* Added support for multiarch windows release binaries by
@sabre1041 in #1823
-------------------------------------------------------------------
Sun Jan 26 08:46:36 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 3.9.4:
* build(deps): Bump the go group with 5 updates by @dependabot in
#1727
* build(deps): Bump tempfile from 3.14.0 to 3.15.0 in
/functional-tests in the rust group by @dependabot in #1728
* build(deps): Bump the go group with 16 updates by @dependabot
in #1732
* build(deps): Bump the ci group with 3 updates by @dependabot in
#1730
* build(deps): Bump serde_json from 1.0.134 to 1.0.135 in
/functional-tests in the rust group by @dependabot in #1731
* build(deps): Bump the go group with 12 updates by @dependabot
in #1734
* build(deps): Bump serde_json from 1.0.135 to 1.0.137 in
/functional-tests in the rust group by @dependabot in #1735
* Fix ToString for AWS KMS to include role, context, and profile
by @felixfontein in #1733
* build(deps): Bump the ci group with 3 updates by @dependabot in
#1738
* build(deps): Bump the go group with 6 updates by @dependabot in
#1739
* Release 3.9.4 by @felixfontein in #1740
-------------------------------------------------------------------
Wed Jan 01 08:49:45 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 3.9.3:
* Add changelog for 3.9.3.
* Bump version to 3.9.3.
* build(deps): Bump the rust group in /functional-tests with 2
updates
* Run 'make vendor'.
* Update all dependencies with 'go get -t -u ./...'.
* Fix input-type CLI flag being ignored for updatekeys
subcommand.
* Use container images from
https://github.com/getsops/ci-container-images.
* Document using subkeys with GnuPG.
* Correctly handle trailing "!" when passing shortened
fingerprints to GnuPG.
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump serde_json in /functional-tests in the rust
group
* build(deps): Bump the go group across 1 directory with 13
updates
* Bump golang.org/x/net to 0.33.0 to address CVE-2024-45338.
* build(deps): Bump filippo.io/age from 1.2.0 to 1.2.1
* Add 'persist-credentials: false' to checkout actions.
* build(deps): Bump the rust group in /functional-tests with 2
updates
* build(deps): Bump the ci group with 4 updates
* build(deps): Bump golang.org/x/crypto from 0.30.0 to 0.31.0
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 10 updates
-------------------------------------------------------------------
Tue Dec 03 05:45:52 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 3.9.2:
* Add changelog for 3.9.2.
* Bump version to 3.9.2.
* build(deps): Bump the go group with 8 updates
* Update go.mod.
* Adjust protoc command line for latest versions of plugins; fix
protoc Go plugin versions and install plugins locally.
* keyservice: update protobuf to an recent release
* fix(config): remove unused variables
* chore(deps): Update Rust dependencies
* Correctly handle comments during JSON serialization.
* Move Python patch tool to .github/utils/.
* Run 'make vendor' in CodeQL build step.
* Patch harmless parts of go.mod before looking for changes in
CI.
* build(deps): Bump the go group across 1 directory with 18
updates
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the rust group in /functional-tests with 3
updates
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the rust group in /functional-tests with 2
updates
* build(deps): Bump the ci group across 1 directory with 3
updates
* build(deps): Bump the rust group in /functional-tests with 2
updates
* build(deps): Bump the ci group with 5 updates
* build(deps): Bump the go group with 7 updates
* fix(azkv): handle whitespace in Azure Key Vault URLs
* build(deps): Bump serde_json in /functional-tests in the rust
group
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 6 updates
* build(deps): Bump the ci group with 5 updates
* build(deps): Bump the go group with 12 updates
* build(deps): Bump the ci group with 4 updates
* build(deps): Bump the go group with 11 updates
-------------------------------------------------------------------
Sun Oct 06 08:22:29 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 3.9.1:
* Add missing newlines.
* Add changelog for 3.9.1.
* Bump version to 3.9.1.
* Do not ignore errors when trying to parse a config file.
* Update all go deps with 'go get -t -u ./...'.
* build(deps): Bump the rust group in /functional-tests with 5
updates
* build(deps): Bump the go group with 7 updates
* Add Cargo.lock for better reproducability of functional tests.
* build(deps): Bump the go group with 7 updates
* build(deps): Bump the ci group with 2 updates
* Dependabot: fix config for Docker, add config for Rust/Cargo.
* Show changes in shamir_threshold when updating keys.
* Do not encrypt if a key group is empty, or there are no key
groups.
* Fix checkout action version.
* Use Go version from go.mod.
* Build release with Go 1.22.x.
* Allow edit subcommand to create files.
* Build 1.22 1.23 because 1.21 is unsupported without security
fixes
* Review: Add test "matrix" but only for 1.22
* feat(build): Build last 2 Go versions
* refactor: specify missing file in error message
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the go group with 10 updates
* Add 'check' task to CI that makes sure everything is green.
* sops_test: add more tests on errors
* sops_test: homogenize use of asserts
* tests: add coverage for unset
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the go group with 4 updates
* Fix `--config` being ignored by `loadConfig`
* github actions: set rust version globally
* linters: pin version of Rust
* functional tests: formatting lint
* github actions: add Rust linter
* Added example of having age recipients in .sops.yaml
* Actually use option --shamir-secret-sharing-threshold.
* build(deps): Bump github.com/opencontainers/runc from 1.1.13 to
1.1.14
* build(deps): Bump the go group with 12 updates
* tests: ignore env var SOPS_AGE_KEY_FILE
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 7 updates
* build(deps): Bump the ci group with 2 updates
* Bump go version.
* build(deps): Bump the go group across 1 directory with 15
updates
* build(deps): Bump the ci group with 2 updates
* Use ReST admonition syntax for note
* Note on the name of the configuration file
* build(deps): Bump the ci group with 3 updates
* build(deps): Bump github.com/docker/docker
* build(deps): Bump the ci group with 2 updates
* build(deps): Bump the go group with 5 updates
* build(deps): Bump github.com/docker/docker
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the go group with 4 updates
* build(deps): Bump the ci group across 1 directory with 5
updates
* build(deps): Bump the go group with 5 updates
* build(deps): Bump the ci group with 3 updates
* build(deps): Bump the go group with 10 updates
* build(deps): Bump the go group with 11 updates
* build(deps): Bump the ci group with 4 updates
* Fix the URL used for determining the latest SOPS version.
* build(deps): Bump github/codeql-action in the ci group
* build(deps): Bump the go group with 8 updates
* Explicitly mark goreleaser's version, to avoid confusion with
the Go version.
-------------------------------------------------------------------
Wed Jul 03 15:43:36 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 3.9.0:
* Respect aws_profile from Keygroup Config by @Kouzukii in #1049
* build(deps): Bump the go group with 6 updates by @dependabot in
#1327
* build(deps): Bump the go group with 3 updates by @dependabot in
#1328
* build(deps): Bump the go group with 1 update by @dependabot in
#1330
* build(deps): Bump github.com/docker/docker from
20.10.24+incompatible to 24.0.7+incompatible by @dependabot in
#1336
* build(deps): Bump the go group with 3 updates by @dependabot in
#1334
* Improve README.rst by @Ph0tonic in #1339
* Fix typos by @felixfontein in #1337
* build(deps): Bump the go group with 7 updates by @dependabot in
#1344
* Add --mac-only-encrypted to compute MAC only over values which
end up encrypted by @mitar in #973
* build(deps): Bump the ci group with 1 update by @dependabot in
#1347
* build(deps): Bump the go group with 7 updates by @dependabot in
#1348
* README: Correctly tag code as yaml-stream by @felixfontein in
#1350
* build(deps): Bump the go group with 5 updates by @dependabot in
#1354
* use getUserConfigDir also in tests by @bkreitch in #1346
* Overwrite home dir in vault test by @bkreitch in #1349
* Allow configuration of indentation for YAML and JSON stores by
@Ph0tonic in #1273
* build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.0 to
3.0.1 by @dependabot in #1357
* build(deps): Bump the go group with 4 updates by @dependabot in
#1360
* build(deps): Bump the ci group with 1 update by @dependabot in
#1359
* Fix TestGnuPGHome_Validate by @stormentt in #1370
* build(deps): Bump the go group with 6 updates by @dependabot in
#1373
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1376
* Docs: indent is used both for encryption and decryption by
@felixfontein in #1372
* fix a bug where not having a config results in a panic by
@stormentt in #1371
* Polish the 'sops help' output a bit by @felixfontein in #1341
* introduce a --pristine flag to sops exec-env by @e-nikolov in
#912
* Allow to pass multiple paths to 'updatekeys' by @sj14 in #1274
* Warn/fail if the wrong number of arguments is provided by
@felixfontein in #1342
* Allow to override fileName with different value by
@felixfontein in #1332
* Sort masterkeys according to decryption-order by @bkreitch in
#1345
* build(deps): Bump the ci group with 4 updates by @dependabot in
#1382
* build(deps): Bump the go group with 5 updates by @dependabot in
#1381
* Deprecate the --background option to exec-env and exec-file by
@felixfontein in #1379
* build(deps): Bump golang.org/x/crypto from 0.16.0 to 0.17.0 by
@dependabot in #1383
* build(deps): Bump the ci group with 1 update by @dependabot in
#1386
* build(deps): Bump the go group with 5 updates by @dependabot in
#1385
* Consolidate Flatten/Unflatten pre/post processing by
@lancerushing in #1356
* INI, DotEnv stores: shamir_threshold is an integer by
@felixfontein in #1394
* Improve integration tests: reformat test code, make sure exit
codes are always checked by @felixfontein in #1390
* Make check whether file contains invalid keys for encryption
dependent on output store by @felixfontein in #1393
* Create a constant for the 'sops' metadata key by @felixfontein
in #1398
* build(deps): Bump github.com/cloudflare/circl from 1.3.3 to
1.3.7 by @dependabot in #1408
* build(deps): Bump the ci group with 4 updates by @dependabot in
#1425
* build(deps): Bump github.com/opencontainers/runc from 1.1.5 to
1.1.12 by @dependabot in #1428
* build(deps): Bump the go group with 10 updates by @dependabot
in #1429
* build(deps): Bump the ci group with 4 updates by @dependabot in
#1432
* Warn if more than one command is used by @felixfontein in #1388
* Move extraction of encryption and rotation options to separate
functions by @felixfontein in #1389
* Add separate subcommands for encryption, decryption, rotating,
editing, and setting values by @felixfontein in #1391
* Add basic tests for exec-env and exec-file by @felixfontein in
#1396
* build with go 1.21 and update dependencies by @b-dean in #1427
* build(deps): Bump the go group with 4 updates by @dependabot in
#1439
* sops: fix typo in interface name by @duthils in #1477
* Fix function name in comment by @pullmerge in #1484
* build(deps): Bump the ci group across 1 directory with 9
updates by @dependabot in #1498
* build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to
3.0.3 by @dependabot in #1454
* build(deps): Bump google.golang.org/protobuf from 1.32.0 to
1.33.0 by @dependabot in #1460
* build(deps): Bump github.com/docker/docker from
24.0.7+incompatible to 24.0.9+incompatible by @dependabot in
#1466
* build(deps): Bump golang.org/x/net from 0.21.0 to 0.23.0 by
@dependabot in #1489
* build(deps): Bump actions/setup-go from 5.0.0 to 5.0.1 in the
ci group by @dependabot in #1503
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1508
* LoadCreationRuleForFile: correctly handle nil without error in
callers by @felixfontein in #1506
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1510
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1516
* Fix CVE-2024-2660 by @TheoBrigitte in #1519
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1521
* fix(Makefile): set locale to make tests pass by
@jonasbadstuebner in #1492
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1524
* Adjust Makefile to new goreleaser 6.0.0 release by
@felixfontein in #1526
* build(deps): Bump the go group across 1 directory with 23
updates by @dependabot in #1525
* update documentation for age by @tomaszduda23 in #1399
* exec-file: if --filename is used, use the provided filename
without random suffix by @felixfontein in #1474
* build(deps): Bump
github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to
1.6.0 by @dependabot in #1528
* Do not use DotEnv store for exec-env, but specialized
environment serializing code by @felixfontein in #1436
* build(deps): Bump the ci group with 2 updates by @dependabot in
#1534
* Decryption: do not fail if no matching creation_rule is present
in config file by @felixfontein in #1434
* add filestatus command by @endorama in #545
* build(deps): Bump the go group across 1 directory with 16
updates by @dependabot in #1540
* build(deps): Bump the go group across 1 directory with 4
updates by @dependabot in #1543
* add command unset by @duthils in #1475
* Update sops.go comment by @rjeczkow in #1544
* Support using comments to select parts to encrypt by
@felixfontein in #1392
* Feature: merge key for key groups and make keys unique by
@jonasbadstuebner in #1493
* Update all go deps by @felixfontein in #1545
* Release 3.9.0 by @felixfontein in #1546
-------------------------------------------------------------------
Thu Oct 12 05:34:00 UTC 2023 - kastl@b1-systems.de
- Update to version 3.8.1:
* Release v3.8.1
* Update dependencies
* Add section in CONTRIBUTING.md on docs changes.
* Add checkdocs, checkrst, and checkmd make targets.
* Add workflow for rstcheck and mdl.
* Change some SOPSs back to sops.
* Normalize SOPS usages.
* Normalize indentation for code blocks and YAML files.
* Improve MD files (with mdl feedback).
* Improve RST files (with rstcheck feedback).
* pgp: further improve import error format
* pgp: better error reporting for missing GPG binary
* docs: document AWS environment variables
* build(deps): Bump the go group with 7 updates
* Make sure to wrap raw errors with toExitError().
* Report key rotation errors.
* Check err for nil in tests.
* Defer only after checking err.
* Handle unhandled errors.
* Ignore irrelevant return value (it is always nil).
* decrypt: fix dropped error
* pgp: do not require abs path for SopsGpgExecEnv
* Make error the last return value
* Handle return values of dec.Token() to improve error messages.
* Fix versions in comments
* build(deps): Bump the ci group with 1 update
* build(deps): Bump the go group with 4 updates
* Fix descriptions of unencrypted-regex and encrypted-regex
flags.
* Reject completely empty documents.
* On macOS, prefer XDG_CONFIG_HOME over os.UserConfigDir()
* Improve handling of errors when binary store handles bad data
* Delete sops encrypted file we don't have keys for.
* pgp: remove `--no-default-keyring` argument
* pgp: improve handling of GnuPG home dir
* build(deps): Bump the ci group with 3 updates
-------------------------------------------------------------------
Wed Oct 4 19:47:35 UTC 2023 - Johannes Kastl <kastl@b1-systems.de>
- fix broken sops executable (sorry...)
-------------------------------------------------------------------
Mon Sep 25 06:05:27 UTC 2023 - Johannes Kastl <kastl@b1-systems.de>
- update to 3.8.0:
* Features:
- Support --version without network requests using
--disable-version-check (#1115)
- Support --input-type for updatekeys command (#1116)
* Improvements:
- pgp: modernize and improve, and add tests (#1054, #1282)
- azkv: update SDK to latest, add tests, tidy (#1067, #1092,
#1256)
- age: improve identity loading, add tests, tidy (#1064)
- kms: AWS SDK V2, allow creds config, add tests (#1065, #1257)
- gcpkms: update SDK to latest, add tests, tidy (#1072, #1255)
- hcvault: update API, add tests, tidy (#1085)
- Do not report version when upstream --version check fails
(#1124)
- Use GitHub endpoints in --version command (#1261)
- Close temporary file before invoking editor to widen support
on Windows (#1265)
- Update dependencies (#1063, #1091, #1147, #1242, #1260,
#1264, #1275, #1280, #1283)
- Deal with various deprecations of dependencies (#1113, #1262)
* Bug fixes:
- Ensure YAML comments are not displaced (#1069)
- Ensure default Google credentials can be used again after
introduction of GOOGLE_CREDENTIALS (#1249)
- Avoid duplicate logging of errors in some key sources (#1146,
#1281)
- Using --set on a root level key does no longer truncate
existing values (#899)
- Ensure stable order of SOPS parameters in dotenv file (#1101)
* Project changes:
- Update Go to 1.20 (#1148)
- Update rustc functional tests to v1.70.0 (#1234)
- Remove remaining CircleCI workflow (#1237)
- Run CLI workflow on main (#1243)
- Delete obsolete validation/ artifact (#1248)
- Rename Go module to github.com/getsops/sops/v3 (#1247)
- Revamp release automation, including (Cosign) signed
container images and checksums file, SLSA3 provenance and
SBOMs (#1250)
- Update various bits of documentation (#1244)
- Add missing --encrypt flag from Vault example (#1060)
- Add documentation on how to use age in .sops.yaml (#1192)
- Improve Make targets and address various issues (#1258)
- Ensure clean working tree in CI (#1267)
- Fix CHANGELOG.rst formatting (#1269)
- Pin GitHub Actions to full length commit SHA and add CodeQL
(#1276)
- Enable Dependabot for Docker, GitHub Actions and Go Mod
(#1277)
- Generate versioned .intoto.jsonl (#1278)
- Update CI dependencies (#1279)
-------------------------------------------------------------------
Tue May 24 12:47:10 UTC 2022 - rombert@apache.org
- Update to version 3.7.3:
* prep for v3.7.3
* Use custom GOOGLE_CREDENTIALS or fallback to default
* Replace x/crypto/openpgp with ProtonMail/go-crypto
* Update remaining dependencies
* Update golang.org/x/{net,oauth2,sys} dependencies
* Update keyservice implementation dependencies
* Update golang.org/x/crypto
* Limit role session name length to 64 characters.
* keyservice: accept KeyServiceServer in LocalClient
* Use latest dockerd in CI to allow build alpine image (#870)
* Add tests for single key
* Make `masterKeyFromRecipient` private
* This fixes a bug with age encryption when specifying multiple age recipients
* Explicitly build linux amd64 binary
* Remove duplicated stage from Dockerfile.alpine
* Upgrade all dependencies
* Build alpine container in CI (#870)
* Update keysource.go
* support gcp credentials as env var
* Allow empty maps for yaml (#907)
* Add a test to reproduce #907
-------------------------------------------------------------------
Wed Mar 16 08:03:54 UTC 2022 - rombert@apache.org
- Update to version 3.7.2:
* Fixed CHANGELOG formatting
* prep v3.7.2
* Add arm64 .deb and .rpm builds
* README and author tweaks
* Change labeling and upload linux arm64
* Move age environment variable names to constants
* Support SOPS_AGE_KEY environment variable
* Added support for go 1.16 and darwin-arm64
* Tests should not fail fast
-------------------------------------------------------------------
Fri May 7 09:48:16 UTC 2021 - Chris Coutinho <chrisbcoutinho@gmail.com>
- Initial commit
Reference in New Issue View Git Blame Copy Permalink