Skip to content

v0.10.7

Choose a tag to compare

@github-actions github-actions released this 12 Jul 02:08
Immutable release. Only release title and notes can be modified.
v0.10.7
ee41206

✨ Added

  • Add an env secret backend: jira auth login --backend env reads the profile's JIRA_TOKEN_ variable at run time and stores nothing — for WSL, headless Linux, containers, and op run-style secret injectors

🪲 Fixed

  • Offer only usable secret backends in interactive auth login — the keyring is dropped when no Secret Service answers (WSL, headless Linux) and 1Password in no-CGO builds — and fail headless logins early with actionable errors
  • Honor the secret backend selected in the interactive auth login form instead of silently keeping the profile's stored backend
  • Classify OS keyring failures as a typed keyring_unavailable error that points at the env backend, instead of surfacing raw Secret Service D-Bus text as a generic validation failure
  • Report a nonexistent Atlassian site as jira_site_not_found with the offending host named, instead of relaying Atlassian's misleading 'Site temporarily unavailable' 404 — auth login verification and auth status probes now point at the base_url site name
  • Shorten the post-login warning about an old credential that could not be revoked to the typed message instead of the full error chain
  • Strip ANSI escapes and control bytes from Jira-sourced text in comment list previews, mirrored ADF warning lines, and debug failure reasons

📦 Dependencies

  • Upgrade clive to v0.4.2, dropping go-selfupdate and its deprecated x/crypto/openpgp dependency (GO-2026-5932); the govulncheck advisory allowlist is retired now that no accepted advisories remain

📜 Commits

  • 388515d feat(auth): add env secret backend and availability-aware backend selection
  • a283afc docs(auth): warn that the WSL op.exe bridge breaks op run as a wrapper
  • 589672f fix(auth): report a nonexistent Atlassian site instead of a fake outage
  • 5cfc900 build(deps): bump clive to v0.4.2 and retire the govulncheck allowlist
  • 90b2921 test: scrub ambient JIRA_TOKEN_* overrides from test environments
  • 68c3e99 fix(cli): sanitize Jira-sourced text at the human-output sinks that bypassed the terminal sanitizer

Full Changelog: v0.10.6...v0.10.7