Releases: ernstc/VisualStudioSolutionSecrets
v2.2.2
v2.2.1
v2.2.0
v2.1.2
This is a maintenance release.
Fixes
- Updated dependencies for fixing security vulnerability CVE-2023-36414.
v2.1.1
v2.1.0
This release fixes several issues in vs-secrets and removes the need to create the encryption key and GitHub authorization in case you need to work only with Azure Key Vaults.
Changes
- The init command can be used for regenerating the GitHub authorization in case it is missing or not valid.
- It the encryption key already exists, the init command cannot be used for creating a new encryption key. Now a warning is displayed saying tha you should use the change-key command.
- The change-key command has the new parameter -s (or --skipencryption) for skipping the re-encryption of secrets encrypted with the old key.
- The status command show the number of projects in the solution that support secrets, but the secrets have not been setted.
- The status command, by default will not show anymore solution duplicates. Two solutions are considered duplicates if they share the same secrets and the same secrets repository configuration.
- The status command has the new parameter -d (or --duplicates) for showing also solution duplicates.
- Improved output for the commands configure list, pull, push, search.
Fixes
- Fixed behaviour in case the user want to use only Azure Key Vault. The absence of the the encryption key and the GitHub authorization does not block anymore the commands status, push, pull and change-key.
- In some scenario the default repository used to be always GitHub. From this release the default repository is the one defined with the configure --default command. The GitHub repository remains the default in case no default repository has been defined with the command configure --default.
- Fixed UTF8 encoded text output.
- Fixed Azure Key Vault repository for when you use the --all parameter with the commands that support it.
v2.0.2
v2.0.1
This is a bug fixing release for the tool vs-secrets
Fixes
- Fixed high severity vulnerability CVE-2023-29337.
v2.0.0
This version allows the use of different types of repositories. Starting with this release, any solution can use a different repository to store its secret settings.
Azure Key Vault is the new supported repository. Azure Key Vault is the recommended repository to use for scenarios where the solution secrets can be shared within the development team.
New Features
-
Added Azure Key Vault as an alternative repository for storing solution secrets.
-
New command:
configureThe "configure" command let to specify the default repository for your secrets (GitHub Gists or Azure Key Vault). Alternatively, with this command you can configure single solutions to use the preferred repository. Now you can have some solutions using GitHub Gists and some others using Azure Key Vault. It is possible to use different Azure Key Vault resources for different solutions, so, if you work with different development teams, each team can share their own secrets.
-
New command:
configure listThis command display the custom repository configuration for the solutions.
-
New command:
clearThe
clearcommand clears the solution secrets from the local machine. It is equivalent to applying the commanddotnet user-secerts clearfor each project in the solution.
Changes
- Changed
statuscommand. It has been enhanced for displaying the default repository and the custom repository configured for each solution. In addition it display the synchronization status between the local and remote secret settings. - The
searchcommand shows also the user secret id setted in the project file. - The command
changekeyhas been renamed tochange-key.