Skip to content

Latest commit

 

History

History
286 lines (230 loc) · 11.4 KB

CHANGELOG.md

File metadata and controls

286 lines (230 loc) · 11.4 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

0.9.6 - 2023-06-14

Security

  • Upgrade golang.org/x/net to v0.10.0, golang.org/x/crypto to v0.9.0, golang.org/x/sys to v0.8.0, and Go to 1.20 cyberark/summon#247
  • Upgrade golang.org/x/net to v0.7.0 for CVE-2022-41721 and CVE-2022-41722 (not vulnerable) cyberark/summon#245

0.9.5 - 2022-09-28

Changed

Security

0.9.4 - 2022-08-18

Security

  • Replaced gopkg.in/yaml.v2 v2.2.2 with v2.2.8 to address SNYK-GOLANG-GOPKGINYAMLV2-1533594 and CVE-2019-11254 cyberark/summon#236

0.9.3 - 2022-06-15

Changed

  • Updated dependencies in go.mod (github.com/stretchr/testify -> 1.7.2, github.com/urfave/cli -> 1.22.9, golang.org/x/net -> v0.0.0-20220607020251-c690dde0001d, gopkg.in/yaml.v3 -> v3.0.1) cyberark/summon#234

0.9.2 - 2022-05-31

Security

  • Update main and acceptance base images to Golang 1.17 to fix CVE-2022-0778 and CVE-2022-1292. cyberark/summon#232

0.9.1 - 2021-12-22

Changed

  • Update go to 1.17 & switch to github.com/urfave/cli from github.com/codegangsta/cli cyberark/summon#226

0.9.0 - 2021-07-19

Added

Added

  • Addded portable mode for provider directory search. If now global provider directory is found providers are searched next to the summon executable in <path_to_exe>/Providers/ cyberark/summon#164

Fixed

  • Default provider path can be overridden via the SUMMON_PROVIDER_PATH environment variable, resolving an issue where providers cannot be found when installed via homebrew in a non-default location. cyberark/summon#213

0.8.4 - 2021-05-04

Added

0.8.3 - 2020-09-25

Added

Fixed

  • Use of a path for a provider via --provider CLI flag or SUMMON_PROVIDER env variable on Windows with \ as path separators now correctly works. cyberark/summon#167
  • Fixed handling of errors in the install script. cyberark/summon#171

0.8.2 - 2020-06-23

Added

  • Summon now supports a --version-providers flag to display the versions of installed providers. cyberark/summon#138
  • Summon supports a --up flag that searches for secrets.yml going up, starting from the current working directory. This allows the secrets.yml file to be at any directory depth in a project, and it is no longer required to be in the current working directory if not specified with the -f flag. #122

0.8.1 - 2020-03-02

Changed

  • Added ability to support empty variables #124

Added

  • Added better errors for unknown tags found in the yaml
  • Added ability to set a default variable value with default='<value>' tag #38

0.8.0 - 2019-09-20

Changed

  • To ensure cleanup of files on non-windows platforms we now remain resident until the child is killed or it exits #106
  • Updated base Golang version to 1.13
  • Made Linux builds create static binaries #65

Added

  • Added gitleaks configuration

Fixed

  • Fixed broken website links

0.7.0 - 2019-07-11

Changed

Fixed

  • Bumps ffi in the acceptance/ directory to address this CVE

Added

  • Added CONTRIBUTING.md for contribution guidelines for the project, including contributor agreement

0.6.11 - 2019-01-09

Changed

  • Added exporting of SUMMON_ENV if -e flag is present. Closes#92.

0.6.10 - 2019-01-03

Fixed

  • Windows subprocess loading is again run with exec.Command. Closes#88.

Changed

  • Windows detection of 'Program Files' folder improved.

0.6.9 - 2018-12-07

Changed

  • Updated codebase to use go v1.11 modules.
  • Updated acceptance tests to use an automated test image builds and no makefiles.
  • Made subprocess loading take place through execve. Fixes #83.

0.6.8 - 2018-09-14

Added

0.6.7 - 2018-08-06

Added

  • deb and rpm packages

Changed

0.6.6 - 2018-02-06

Changed

  • stdout is no longer buffered inside summon. This should greatly decrease the memory footprint of long-running processes wrapped by summon. Closes #63.

0.6.5 - 2017-08-23

Changed

  • Improved Jenkins CI pipeline.
  • Binaries are now built for more distributions (see PLATFORMS in build.sh).
  • Simpler docker-compose development environment.

0.6.4 - 2017-04-12

Changed

  • Don't rely on executable bit on the provider; instead provide descriptive error if it fails to run - Issue #40

0.6.3 - 2017-03-13

Fixed

  • Summon now passes the child exit status to the caller - PR #39

0.6.2 - 2017-01-23

Added

  • Added 'default' section support, this is an alias for 'common' - PR #37

0.6.1 - 2016-12-19

Added

  • Support Boolean literals - PR #35

0.6.0 - 2016-06-20

Changed

  • Write temporary files to home directory if possible

0.5.0 - 2016-06-08

Added

  • added -e/--environment flag

0.4.0 - 2016-03-01

Changed

  • breaking change Default provider path is now /usr/local/lib/summon.

0.3.3 - 2016-02-29

Fixed

  • Now fails more gracefully on unknown flags

0.3.2 - 2016-02-10

Fixed

  • @SUMMONENVFILE is now ensured to contain a trailing newline GH-22

0.3.1 - 2016-02-03

Fixed

  • Integer values set in secrets.yml are now parsed correctly GH-21

0.3.0 - 2015-08-21

Changed

  • Install bash completions if available
  • Switch to tar.gz instead of .zip
  • Try to find provider in the default path if just a name given
  • Allow -p argument to override SUMMON_PROVIDER envar
  • Check if provider exists and is executable

0.2.1 - 2015-06-29

Fixed

  • Improve provider path handling 5df0fde

0.2.0 - 2015-06-23

Added

  • @SUMMONENVFILE for better Docker integration

Fixed

  • -D variable interpolation now plays nicely with the shell

0.1.2 - 2015-06-10

Fixed

  • Fix --help and --version flags

Changed

  • Vendor dependencies with Godep

0.1.1 - 2015-06-09

Changed

  • Attach stdin to allow running interactive processes wrapped with summon
  • Changed name from 'cauldron' to 'summon'

[0.1.0] - 2015-06-03

Added

  • Initial release