🐸 Versioned release#760
Merged
Merged
Conversation
bumpy-bot
force-pushed
the
bumpy/version-packages
branch
5 times, most recently
from
b752976 to
a067d01
Compare
bumpy-bot
force-pushed
the
bumpy/version-packages
branch
4 times, most recently
from
be76fb0 to
14bb625
Compare
@env-spec/parser@0.3.5 @varlock/1password-plugin@1.2.0 @varlock/akeyless-plugin@1.2.0 @varlock/aws-secrets-plugin@1.2.0 @varlock/azure-key-vault-plugin@1.2.0 @varlock/bitwarden-plugin@1.1.0 @varlock/cloudflare-integration@1.1.6 @varlock/doppler-plugin@1.1.0 @varlock/google-secret-manager-plugin@1.2.0 @varlock/hashicorp-vault-plugin@1.2.0 @varlock/infisical-plugin@1.2.0 @varlock/keeper-plugin@1.1.0 @varlock/passbolt-plugin@1.1.0 @varlock/proton-pass-plugin@1.0.2 varlock@1.6.0
bumpy-bot
force-pushed
the
bumpy/version-packages
branch
from
14bb625 to
b6c1f9e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR was created and will be kept in sync by bumpy based on your bump files (in
.bumpy/). Merge it when you are ready to release the packages listed below:@varlock/1password-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/akeyless-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/aws-secrets-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/azure-key-vault-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/bitwarden-plugin1.0.0 → 1.1.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/doppler-plugin1.0.0 → 1.1.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/google-secret-manager-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/hashicorp-vault-plugin1.1.0 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/infisical-plugin1.1.1 → 1.2.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/keeper-plugin1.0.0 → 1.1.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
@varlock/passbolt-plugin1.0.0 → 1.1.0 CHANGELOG.mdcacheTtlinit param (e.g.cacheTtl="1h",cacheTtl=forever; setting it tofalseor an empty string disables caching). Cache keys include a hash of the account-identifying instance config (account, region, project, environment, etc.) so projects pointing the same plugin at different backends can never read each other's cached values from the shared per-user cache. (bump file)Akeyless caches static secret values only — dynamic and rotated secrets are designed to change per fetch and are never cached.
varlock1.5.1 → 1.6.0 CHANGELOG.mdvarlock run-injected resolved values are no longer treated as true overrides by innervarlockloads. (bump file)Only real upstream overrides now propagate through nesting, while inner command-local overrides still win as expected.
Also fixes smoke-test CLI resolution to use the workspace-local varlock CLI instead of any globally installed binary.
Note:
__VARLOCK_ENVnow includes override provenance metadata (__varlockOverrideMeta). Tooling that strictly validates that blob shape should allow unknown/new fields.cache()resolver, plugin cache API, encrypted JSON store (file mode0600),varlock cacheCLI with TTY-aware browser and--yesconfirm forclear. (bump file)"forever"caches until manually cleared (the default forcache()), setting a plugin'scacheTtltofalse(or an empty string) disables caching, and a TTL of0is rejected as ambiguous.--clear-cachealways clears the persistent disk cache, including when combined with--skip-cache;@cache=diskwarns when used in CI or with the file-based encryption fallback.node:crypto:randomNum()(integer by default, float whenprecisionis set),randomUuid(),randomHex()(string-length by default,bytes=truefor byte-length),randomString()(uses rejection sampling for unbiased output across any charset).durationdata type: accepts flexible string/number input ("1h","30m","500ms",2000,"2days") and coerces to a number in a configurable output unit (msdefault;seconds,minutes,hours,days,weeks). Only plain decimal number formats are accepted, and sub-millisecond durations are rejected. Same parser is used bycache(..., ttl=...)and the plugincacheTtloption._VARLOCK_CACHE_KEYis set (e.g. as a CI secret; same format as_VARLOCK_ENV_KEY, but a separate var since that one can be ephemeral),autocache mode uses a disk cache encrypted with that key instead of falling back to memory — enabling shared caching across CI processes without the key ever touching disk. Each key gets its own cache file, named by key fingerprint.@cachecan be set dynamically with functions (e.g.@cache=forEnv(dev, "disk")); invalid resolved values surface as schema errors.--data-stdinsupport); debug logging no longer includes encrypt/decrypt payloads.cacheTtlis documented per plugin — see the plugin packages' own changelogs.@env-spec/parser0.3.4 → 0.3.5 CHANGELOG.md@varlock/cloudflare-integration1.1.5 → 1.1.6 CHANGELOG.mdThe FIFO server child process now signals readiness on a dedicated
control pipe (fd 3) before the parent spawns downstream consumers
(wrangler), eliminating a race where wrangler could open the FIFO
before the child had buffered content and called the first
writeFileSyncto open the FIFO for write — observed in Linux/DockerCI environments as
The contents of "/tmp/varlock-secrets-..." is not valid.Also:
swallowed by a silent
process.exit().the control pipe.
multi-byte character (use
Buffer.concatinstead of string+=).@varlock/proton-pass-plugin1.0.1 → 1.0.2 CHANGELOG.md