Skip to content

Releases: Qarik-Group/safe

Safe v1.8.0

16 Feb 01:23
@thomasmitchell thomasmitchell
v1.8.0
9fdb79a
Compare
Choose a tag to compare
Safe v1.8.0 Latest
Latest

Improvements

Safe now supports escaping : and ^ characters in paths and keys with the \ character.

Some examples:
safe get secret/colon\:test:foo will get the key foo from the secret at the path secret/colon:test.
safe get secret/foo:ba\:r will get the key ba:r from the secret at the path secret/foo

This sort of worked before, sometimes, kinda, for some commands, as we'd only acknowledge the last colon as special for commands that accepted keys in their paths. For others, we'd often just err if there was a colon at all in the secret path.

We still only respect the final colon or caret in a path as special, but any of them can be escaped by preceding them with a backslash so that they are not used as a separator.

Additionally, the output of safe paths --keys now escapes colons in the output when they are not the secret:key separator.

Assets 6
Loading

Safe v1.7.0

24 Aug 15:41
@thomasmitchell thomasmitchell
v1.7.0
bde73fb
Compare
Choose a tag to compare
Safe v1.7.0

New Features

  • Auth now supports Okta login (thanks @thehandsomezebra)
  • We build for darwin/arm64 now!

Improvements

  • The auth commands now use the same code paths as all of the other Vault-accessing commands, and so now their behavior should be more consistent with other commands.

Contributors

thehandsomezebra
Assets 6
Loading

Safe v1.6.1

24 May 19:37
@starkandwayne-bot starkandwayne-bot
v1.6.1
9b62459
Compare
Choose a tag to compare
Safe v1.6.1

Improvements

  • HTTP calls that list paths in the Vault have been switched to use the GET HTTP method for greater compatibility with proxies.
Assets 5
Loading

Safe v1.6.0

29 Mar 17:31
@starkandwayne-bot starkandwayne-bot
v1.6.0
0fb6c82
Compare
Choose a tag to compare
Safe v1.6.0

New Features

  • safe uuid is a new command that will generate a UUIDv4 and insert it into
    the specified path at the Vault. (thanks @gerardocorea)
  • safe option allows you to view and edit new safe CLI global options.
    Currently, the only option is manage_vault_token, which will have safe
    change the .vault-token file that the Vault CLI uses. (thanks @daviddob)

Improvements

  • safe versions now shows when versions in a KVv2 backend were created.

Miscellaneous

  • The release binaries are now compiled with Go 1.16, up from Go 1.13. This means that these builds include the Go 1.15 x509 library changes that may cause certificates that relied on the target domain being in the Subject line (as opposed to the Subject Alternative Names) to be untrusted.
Assets 5
Loading

Safe v1.5.9

20 Jan 14:21
@starkandwayne-bot starkandwayne-bot
v1.5.9
aaf949d
Compare
Choose a tag to compare
Safe v1.5.9

New Features

  • x509 renew and x509 reissue now accept the -n and -s flags to update
    subject alternative names and subjects respectively.
  • undelete now treats not specifying a version to mean the latest version
    (@daviddob)
  • cp gives a proper error when trying to perform copy all versions of a
    specific version of a secret, which doesn't make any sense. (@daviddob)

Bug Fixes

  • x509 reissue now properly reads in the key usage flags.
  • cp will no longer panic when trying to copy a version of a secret which is
    not the latest. (@daviddob)
Assets 5
Loading

Safe v1.5.8

02 Oct 16:10
@starkandwayne-bot starkandwayne-bot
v1.5.8
4ee9d48
Compare
Choose a tag to compare
Safe v1.5.8

New Features

  • Added safe auth status command. It prints out information about the
    current auth token.
  • Added --json flag to safe auth status. It prints out said information
    in a JSON format.

Improvements

  • safe targets --json output now includes if the target expects
    a Strongbox server to be present, and also the targeted Vault namespace,
    if any.

Bug Fixes

  • safe auth now respects the -T flag when writing the token.
  • safe local no longer races with the Vault server actually listening on its endpoint, and will wait up to 5 seconds for it to begin listening.
Assets 5
Loading

Safe v1.5.7

02 Jul 13:05
@starkandwayne-bot starkandwayne-bot
v1.5.7
3e377d3
Compare
Choose a tag to compare
Safe v1.5.7

Bug Fixes

  • safe recognizes performance standbys as standbys for the purpose of safe status.
  • safe now won't use namespaces when trying to interface with /sys/health or /sys/seal-status, because these result in unsupported path errors from Vault.
  • safe ls should now work with more versions of Vault when listing the root.
  • safe env --json now exposes VAULT_NAMESPACE
  • x509 show now displays data encipherment as data encipherment and not data encupherment, which is definitely not data encipherment.
Assets 5
Loading

Safe v1.5.6

13 May 14:39
@starkandwayne-bot starkandwayne-bot
v1.5.6
d930c0d
Compare
Choose a tag to compare
Safe v1.5.6

Improvements

  • safe local now has a --port flag; you can now manually set the port that
    the local Vault listens on.
Assets 5
Loading

Safe v1.5.5

04 May 20:51
@starkandwayne-bot starkandwayne-bot
v1.5.5
10d4600
Compare
Choose a tag to compare
Safe v1.5.5

Improvements

  • safe x509 renew can now set new key usages for the renewed certificate.
  • When using an SSH proxy, safe now handles the ssh known_hosts file better.
    It can now handle when the known_hosts file is empty, and also safe now adds
    newlines to lines that it adds.
Assets 5
Loading

Safe v1.5.4

17 Mar 17:52
@starkandwayne-bot starkandwayne-bot
v1.5.4
56c3f5f
Compare
Choose a tag to compare
Safe v1.5.4

Improvements

  • Better error response for unexpected HTML responses when the HTTP return code
    is non-2xx
  • x509 commands now populate the x509 v3 extensions for authority key ID and
    subject key ID.
Assets 5
Loading