This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| go.mozilla.org/sops | require | major | v0.0.0-20190912205235-14a22d7a7060
-> v3.7.3
|
| goreleaser/goreleaser-action | action | major | v3
-> v4
|
Release Notes
mozilla/sops
Compare Source
Changes:
- Upgrade dependencies (#1024, #1045)
- Build alpine container in CI (#1018, #1032, #1025)
- keyservice: accept KeyServiceServer in LocalClient (#1035)
- Add support for GCP Service Account within
GOOGLE_CREDENTIALS
(#953)
Bug fixes:
- Upload the correct binary for the linux amd64 build (#1026)
- Fix bug when specifying multiple age recipients (#966)
- Allow for empty yaml maps (#908)
Commits
- [75cd389]: Add a test to reproduce #907 (ikedam) #908
- [108b211]: Allow empty maps for yaml (#907) (ikedam) #908
- [ea8b3bb]: support gcp credentials as env var (Kaplinsky, Joshua B) #953
- [c0dc484]: Update keysource.go (Josh Kaplinsky) #953
- [63fa89c]: Merge remote-tracking branch 'remotes/origin/develop' into feature/907_FixEmptyYaml (ikedam) #908
- [b926cf9]: Build alpine container in CI (#870) (ikedam) #1018
- [234bf9f]: Upgrade all dependencies (AJ Bahnken) #1024
- [4277de4]: Remove duplicated stage from Dockerfile.alpine (Shouichi Kamiya) #1025
- [605fb27]: Explicitly build linux amd64 binary (Janis Peisenieks) #1026
- [7ebee3d]: This fixes a bug with age encryption when specifying multiple age recipients (Cedric Kienzler) #966
- [b5f5f28]: Make
masterKeyFromRecipient
private (Cedric Kienzler) #966
- [1dc90ad]: Add tests for single key (Cedric Kienzler) #966
- [3875b00]: Use latest dockerd in CI to allow build alpine image (#870) (ikedam) #1032
- accept KeyServiceServer in LocalClient #1035 (Hidde Beydals)
- [1bb30e2]: Limit role session name length to 64 characters. (AJ Bahnken) #1037
- [a01208c]: Update golang.org/x/crypto (Hidde Beydals) #1045
- [e128fa2]: Update keyservice implementation dependencies (Hidde Beydals) #1045
- [220b652]: Update golang.org/x/{net,oauth2,sys} dependencies (Hidde Beydals) #1045
- [477b61f]: Update remaining dependencies (Hidde Beydals) #1045
- [25817ed]: Replace x/crypto/openpgp with ProtonMail/go-crypto (Hidde Beydals) #1045
- [07aea97]: Merge remote-tracking branch 'upstream/develop' into develop (Josh Kaplinsky) #953
- [4ffb54c]: Use custom GOOGLE_CREDENTIALS or fallback to default (Josh Kaplinsky) #953
- [17fb03f]: Merge remote-tracking branch 'upstream/develop' into develop (Josh Kaplinsky) #953
- [15583bd]: prep for v3.7.3 (AJ Bahnken) #1053
Compare Source
Changes:
Bug Fixes
- Make sure comments in yaml files are not duplicated (#866)
- Make sure configuration file paths work correctly relative to the config file in us (#853)
Commits
- [e98451e]: Remove unused age code (Hidde Beydals) #842
- [2395f07]: small release workflow fix (AJ Bahnken)
- [c5b1298]: Match file path relative to config file's directory (2) (#853) (Paulo Lieuthier) #853
- [7626399]: fix missing argument in encrypting with age section (#860) (Damien Léger) #860
- [3acf53e]: Correct path to age keys.txt in documentation (#861) (Alexey Odinokov) #861
- [5af8e63]: Prevent comment duplication. (#866) (Felix Fontein) #866
- [688fa22]: Remove SOPS_GPG_KEYSERVER reference in README.rst (Enrico204) #883
- [02d57ca]: Tests should not fail fast (ikedam) #909
- [6130ffe]: Use the key of [email protected] for the unit test (#882) (#906) (ikedam) #906
- [56bbf84]: Added support for go 1.16 and darwin-arm64 (Nikola Milojević) #911
- [f6e9891]: fix a typo (brant4test) #967
- [086c11d]: Support SOPS_AGE_KEY environment variable (Christian Hoffmeister) #1006
- [a98768b]: Fix flakey test run on OSX (Alex Castle) #1008
- [6bfd72d]: Merge remote-tracking branch 'origin/develop' into sops-age-key-env (Christian Hoffmeister) #1006
- [dc2267e]: Upgrade to go 1.17 (AJ Bahnken) #1012
- [076f295]: rm extra whitespace in CircleCI config (AJ Bahnken) #1012
- [7f503bc]: Upgrade release job to go 1.17 (AJ Bahnken) #1012
- [4bd3e5a]: Update pip package name in Dockerfile (AJ Bahnken) #1012
- [b7c58e4]: Move age environment variable names to constants (Christian Hoffmeister) #1006
- [684d338]: Merge branch 'develop' of https://github.com/mozilla/sops into mozilla-develop (Nikola Milojević) #911
- [0cfcae6]: Merge branch 'mozilla-develop' into develop (Nikola Milojević) #911
- [dff9c31]: Merge branch 'develop' into sops-age-key-env (AJ Bahnken) #1006
- [c586534]: Change labeling and upload linux arm64 (AJ Bahnken) #1014
- [d6bc216]: README and author tweaks (AJ Bahnken) #1016
- [822ce48]: Add arm64 .deb and .rpm builds (Janis Peisenieks) #891
- [baec2a5]: Merge branch 'develop' into feature/testsSholdNotFailFast (ikedam) #909
- [035672f]: prep v3.7.2 (AJ Bahnken) #1020
- [b67c7a7]: Fixed CHANGELOG formatting (AJ Bahnken) #1020
Compare Source
Commits
Compare Source
3.7.0
Features:
- Add support for age (#688)
- Add filename to exec-file (#761)
Changes:
- On failed decryption with GPG, return the error returned by GPG to the sops user (#762)
- Use yaml.v3 instead of modified yaml.v2 for handling YAML files (#791)
- Update aws-sdk-go to version v1.37.18 (#823)
Project Changes:
- Switch from TravisCI to Github Actions (#792)
Compare Source
Features:
- Add support for --unencrypted-regex (#715)
Changes:
- Use keys.openpgp.org instead of gpg.mozilla.org (#732)
- Upgrade AWS SDK version (#714)
- Support --input-type for exec-file (#699)
Bug fixes:
- Fixes broken Vault tests (#731)
- Revert "Add standard newline/quoting behavior to dotenv store" (#706)
Compare Source
Features:
- Support for encrypting data through the use of Hashicorp Vault (#655)
sops publish
now supports --recursive
flag for publishing all files in a directory (#602)
sops publish
now supports --omit-extensions
flag for omitting the extension in the destination path (#602)
- sops now supports JSON arrays of arrays (#642)
Improvements:
- Updates and standardization for the dotenv store (#612, #622)
- Close temp files after using them for edit command (#685)
Bug fixes:
- AWS SDK usage now correctly resolves the
~/.aws/config
file (#680)
sops updatekeys
now correctly matches config rules (#682)
sops updatekeys
now correctly uses the config path cli flag (#672)
- Partially empty sops config files don't break the use of sops anymore (#662)
- Fix possible infinite loop in PGP's passphrase prompt call (#690)
Project changes:
- Dockerfile now based off of golang version 1.14 (#649)
- Push alpine version of docker image to Dockerhub (#609)
- Push major, major.minor, and major.minor.patch tagged docker images to Dockerhub (#607)
- Removed out of date contact information (#668)
- Update authors in the cli help text (#645)
Compare Source
Features:
* `sops exec-env` and `sops exec-file`, two new commands for utilizing sops secrets within a temporary file or env vars
Bug fixes:
* Sanitize AWS STS session name, as sops creates it based off of the machines hostname
* Fix for `decrypt.Data` to support `.ini` files
* Various package fixes related to switching to Go Modules
* Fixes for Vault-related tests running locally and in CI.
Project changes:
* Change to proper use of go modules, changing to primary module name to `go.mozilla.org/sops/v3`
* Change tags to requiring a `v` prefix.
* Add documentation for `sops updatekeys` command
goreleaser/goreleaser-action
Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.