v1.3.0

What's Changed

Added

• Store functionality: New < operator to store values back to Keeper Vault
  • Syntax: RecordUID/field/fieldname < value
  • Supports env vars (< env:NAME), file content (< file:path), and quoted literals
• File upload: Upload files to records with RecordUID/file < file:path
• Create records on demand: create-if-missing input with folder-uid and new-record-type
• Comprehensive safeguards: protected field types blocked, field value validation, record integrity checks with backup/restore on failure
• Retry mechanism: Automatic retry with exponential backoff for out-of-sync records
• Mixed operations: Retrieve and store in a single action call
• Sequential store safety: Multiple stores to the same record processed sequentially

Fixed

• Structured field serialization (KSM-872): keyPair, phone, name, address, host, etc. now JSON-serialized during retrieve — fixes SSH key newline stripping and [object Object] file writes
• String properties within structured objects are now individually masked in logs

Security

• Stored values masked in GitHub Actions logs via setSecret()
• Debug logs redact store values (shows ***)
• File paths validated to stay within GITHUB_WORKSPACE (path traversal prevention)
• Protected sensitive field types from direct modification
• ReDoS-safe email validation regex

Full Changelog: v1.2.0...v1.3.0