Archives
/
git-secret
mirror of https://github.com/sobolevn/git-secret
2
1
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
verbose-test-output-2024
dependabot/docker/dot-ci/release-ci/debian/debian-12.5-slim
dependabot/docker/dot-ci/docker-ci/debian-gnupg1/debian-12.5-slim
dependabot/docker/dot-ci/docker-ci/debian-gnupg2/debian-12.5-slim
dependabot/docker/dot-ci/release-ci/alpine/alpine-3.19.1
dependabot/docker/dot-ci/releaser/alpine/alpine-3.19.1
dependabot/docker/dot-ci/docker-ci/alpine/alpine-3.19.1
gh-pages
dependabot/docker/dot-ci/release-ci/ubuntu/ubuntu-24.04
dependabot/docker/dot-ci/docker-ci/ubuntu/ubuntu-24.04
dependabot/github_actions/actions/github-script-7
dependabot/docker/dot-ci/docker-ci/fedora/fedora-39
dependabot/docker/dot-ci/release-ci/fedora/fedora-39
sobolevn-patch-4
test-apk-and-arch
issue-881-towards-new-release
issue-916-disable-arch-tests
issue-135-spaces-in-parent-dirs
issue-918-stat-on-osx
fix-arch-signature-issue
sobolevn-patch-3
sobolevn-patch-2
sobolevn-patch-1
gitignore-grep-improvement
update-changelog
update-bats-to-1.6.0
add-multiple-files-gitignore
automated-verbose-test
passphrase1
test-on-arch
renames1
revert_usage_error_change
alma-tests
issue-765-rocky-linux
issue-755-changelog-for-bats-update
issue-638-dup-emails-test
issue-710-changelog
issue-752-add-directory
issue-710-cat-subdir-bug
v0.5.0
v0.4.0
v0.3.3
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.2
v0.1.1
v0.1.0
prerelease
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.7-alpha
v0.3.0
v0.3.1
v0.3.2
v0.4.0.alpha1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
git-secret/CHANGELOG.md

13 KiB
Raw Permalink Blame History

Changelog

{{Next Version}}

Misc

  • NOTE: Arch instructions now say to install from source. Arch tests removed temporarily (#916)
  • NOTE: there is an issue when repo directory (or a parent dir) contains a space (#135)
  • Improve error messaging when we cannot find git repo (#874)
  • Temporarily disable apk builds on alpine (#881)
  • Have hide -v show output from gnupg
  • Documentation updates and fixes

0.5.0

Features

  • Adds SECRETS_GPG_ARMOR env variable to use gpg --armor when encrypting files, so secret files are stored in text format rather than binary (#631)
  • Allow gnupg permission warnings in tell, hide, reveal, and removeperson (#811)
  • git secret init now sets .gitsecret/keys permission to 0700 (#811)
  • Improve verbose and non-verbose output

Bugfixes

  • Fix adding newlines to .gitignore entries (#643)
  • Fix cat and reveal on named files while in repo subdir (#710)
  • Fix clean, hide, reveal so they only remove marked secret files (#833)
  • Fix for removeperson if same email is present multiple times (#638)
  • Correct error message about files missing from .gitignore

Misc

  • Rename killperson command to removeperson (#684)
  • Improve error messaging decrypting nonexistent files (#706)
  • Improve, expand, correct, and update docs (#699)
  • Update docs for use with CI/CD server (#675)
  • Upgrade bats-core to v1.6.0 (#755)
  • Test, and build RPMS, with Rocky and Alma Linux instead of CentOS (#765)
  • Automate testing code on windows using WSL (#846)
  • Automate testing code on FreeBSD (#455)
  • Improve testing of .gitignore contents (#792)
  • Automate running verbose tests with SECRETS_TEST_VERBOSE=1 (#794)
  • Improve documentation about installing on Windows (#843)

0.4.0

Bugfixes

  • Escape filenames with special characters before adding to .gitignore
  • Better error handling around telling an email twice (#634)
  • Fix for -P (#647)

Misc

  • Removed test-kitchen
  • Moved from travis to GitHub Actions
  • Changed almost all infrastructure code
  • Moved away from Bintray to Artifactory
  • Changes how GitHub Pages work
  • Add security disclaimer for git-secret-killperson
  • Improve documentation about releases
  • Man page improvements

Version 0.3.3

Bugfixes

  • In 'tell', warn about disabled, revoked, expired, or invalid keys (#552, #508, #317, #290, #283, #238)
  • Error if 'tell' is used on an email address with multiple keys (#552)
  • Don't let 'reveal' clobber secret files (#579)
  • Updated test key fixture that had expired (#607)

Misc

  • Improve docs about using gpg with git-secret (#577)
  • Text improvements and More about security in git-secret.7 man page (#603)
  • Reflect changes in ruby bundler during build process
  • Upgrade build process to ansible 2.9
  • Use shellcheck 0.7.1 with CI, not 'latest' (#609)
  • Improve output of git-secret add

Version 0.3.2

Bugfixes

  • Fix mention of version in git-secret add man page (#544)

Misc

  • Update developer docs, especially regarding mac, docker, and test-kitchen (#195)
  • Update man pages to mention version documented (#420)

Version 0.3.1

Misc

  • Update man pages

Version 0.3.0

Features

  • Support SECRETS_PINENTRY env var for gnupg --pinentry-mode parameter (#221)
  • Show output from gnupg if 'hide' fails (#516, #202, #317)
  • Add support for Busybox (#478)

Bugfixes

  • Use OSX's mktemp on OSX, even if there's another version in PATH. (#485)
  • Make rsync a build requirement on debian (#500)
  • Use gnupg1, not gnupg2, when tests specify gnupg1 (#241)
  • Note dependencies gawk, bash, and coreutils in linux packages (#493)
  • Handle case of key having no email and a comment (#527)
  • Avoid blank lines from output of 'clean -v'

Misc

  • Improve messaging and logic around deleting tmp files.
  • Add note about secrets and old keys (#499)
  • Transition build process from python 2 to python 3 (#487)
  • Upgrade build process from ansible 2.5 to ansible 2.8
  • Fix build process when installing gnupg2 source deps on Ubuntu
  • Close file descriptor 3 when running gnupg subprocesses (#521)
  • Small optimization in 'hide'
  • Improve code comments
  • Update docs to note that git-secret repos modified by git-secret 0.2.3 and later are not backward compatible with pre-0.2.3 versions of git-secret. (#536)

Version 0.2.6

Features

  • git-secret is now available in Fedora, link added to README.md. (#315)
  • Support automated testing on windows with Travis CI (#372)
  • Support SECRETS_VERBOSE env var to enable verbosity (#323)
  • Use gpg without --quiet when decrypting in verbose mode (#394)
  • Add -v options to 'tell' and 'reveal', showing gpg output (#320, #395)
  • Change 'init' to never ignore .secret files (#362)
  • 'add' appends filepaths to .gitignore by default (#225)
  • Automate the GitHub release (#411)

Bugfixes

  • Fix 'hide -m' when used as first hide operation (#466)
  • Fix code to respect $TMPDIR when generating tmp files (#451)
  • Be more careful when deleting test files (#360)
  • Use separate directory when testing, instead of using $BATS_TMPDIR directly (#407)
  • Fix 'whoknows -l' and related tests on FreeBSD (#454)
  • Fix git-secret init when used on busybox (#475)
  • Update git-secret.io, fix utils/gh-branch.sh to use 'git all --add' (#344)
  • Fix link to homebrew's git-secret in README.md (#310)
  • Remove diagnostic output from test results (#324)
  • Remove un-needed redirection in 'reveal' (#325)
  • Fix link to current contributors in CONTRIBUTING.md (#331)
  • Fix tests when running from git hooks (#334)
  • Fix typo, remove temp directory in utils/tests.sh (#347)
  • Spelling fixes
  • Fix re: SECRETS_DIR in 'init' and SECRETS_EXTENSION in test_reveal.bats (#364)
  • git-secret will fail if you pass params or filenames that are not understood (#390)
  • Use SECRETS_GPG_COMMAND env var in gpg version check (#389)
  • Add header to git-secret.7 man page, for debian and doc improvement (#386)
  • Respect DESTDIR when installing as per GNU/debian/etc recommendations (#424)
  • Use git check-ignore to test for files ignored by git

Misc

  • Improve docs about hide -m option (#467)
  • Document SECRETS_VERBOSE and improve env var docs (#396)
  • Setting SECRETS_TEST_VERBOSE env var shows debug info during tests (EXPERIMENTAL)
  • Add documentation about how to write tests.
  • Suppress 'cleaning up temp files' messages unless in a verbose mode.
  • Improve git-secret user messaging.
  • Update CHANGELOG.md to mention fix for #281 in v0.2.5 (#311)
  • Add text explaining git-secret Style Guide and Development Philosophy
  • Use Shellcheck on tests/ files, changes for Shellcheck in tests/ (#368)
  • Use Shellcheck on MacOS/osx travis tests (#403)
  • Show commands run by Makefile as per debian upstream recommendations (#386)
  • Upgrade bats-core to v1.1.0, import bats-core into vendor/bats-core (#377)
  • Use gawk to parse emails from gpg output
  • Optimize code that parses keyrings
  • Remove unused code

Version 0.2.5

Features

  • Add support for FreeBSD (#244)
  • Add -l option to whoknows, which shows key expiration dates (#283)
  • Add -P option (preserve permissions) to reveal and hide (#172)
  • Add -F option (force, changing some errors to warnings) to hide and reveal (#253)
  • Allow user to specify name of secret dir at runtime using SECRETS_DIR env var, and test (#247, #250)

Bugfixes

  • Fix issues with spaces in paths and filenames (#226, #135)
  • Fix issue when 'hide' used in subdir of repo (#230)
  • Fix issues in 'changes' with trailing newlines (#291)
  • Fix 'hide' to only count actually hidden files as hidden (#280)
  • Fixed bugs and improved error messages (#174)
  • Issue error message when unable to hide a secret (#202, #238)
  • Accept gpg key with no name, only an email (#227)
  • Require keys to be specified by email, as documented (#267)
  • Disallow 'git secret tell' or 'killperson' with emails that are not in keyring (also #267)

Misc

  • Added notes about packages and for package maintainers (#281)
  • Improve documentation regarding operation with different versions of GPG (#274, #182)
  • Documentation improvements, error message and text improvements, and typo fixes (#254)
  • git-secret RFC#001 added, documenting a path towards independence from gpg binary formats (#208)
  • Add tests for expired gpg keys, and gpg keys with only emails (#276)

Version 0.2.4

Features

  • Added git secret cat feature (#141)

Bugfixes

  • git secret hide and git secret changes check for files more carefully (#153, #154)

Misc

Version 0.2.3

Features

  • Added -m option to hide command, files will only be hidden when modifications are detected (#92)
  • Changed how path mappings file works: colon delimited FSDB in `.gitsecret/paths/mapping.cfg', so git-secret can store checksums of hidden files. Note this means git-secret repos modified by git-secret 0.2.3 or later are not backward compatible with pre-0.2.3 versions of git-secret. (#92)
  • git secret init now adds random_seed to .gitignore (#93)

Bugfixes

  • Dropped git check-ignore, using git add --dry-run instead to check for ignored files (#105,#38)
  • Fixed gnupg >= 2.1 CI tests (#6)

Misc

  • Now users can run local CI tests using test-kitchen (#6)
  • Migrated travis ci tests to test-kitchen for Linux platforms.
  • Added more gpg version to test matrix (#99)
  • Added CentOS to test matrix (#38,#91)
  • All tested Linux platforms now use latest release of shellcheck
  • Added Alpine to test matrix, and apk is now built. (#75)

Version 0.2.2

Features

  • Change how the usage command works (#48)
  • Now git-secret works from any place inside git-tree (#56)
  • Added -d option to the hide command: it deletes unencrypted files (#62)
  • Added new command changes to see the diff between the secret files (#64)
  • Now it is possible to provide multiple emails to the killperson command (#73)
  • Now it is possible to provide multiple emails to the tell command (#72)

Bugfixes

  • Fixed bug when _user_required was not working after re-importing keys (#74)
  • Refactored hide and clean commands to be shorter

Misc

  • Now every doc in this project refer to git-secret.io instead of old gh-pages website (#71)
  • Now installation section is removed from main man file (#70)
  • Now "See also" sections in the man pages are clickable (#69)
  • Added "Manual" section to the manuals (#61)
  • Added CentOS container for ci testing (#38)
  • Tests are refactored. Added clean command tests, removed a lot of hard-coded things, moved tests execution from ./temp folder to /tmp, added a lot of new check in old tests, and some new test cases (#52)
  • shellcheck is now supported with make lint

Version 0.2.1

Misc

  • Added CONTRIBUTING.md and LICENSE.md.
  • New brand logo in the README.md.
  • Added autodeploy to bintray in .travis.yml.
  • Now everything is tested inside the docker-containers and OSX (MacOS) images on travis.
  • Added .ci/ folder for continuous integration, refactored utils/ folder.
  • Everything is shellchecked (except tests/).

Version 0.2.0

Features

  • Added changes command to see the difference between current version of the hidden files and the committed one
  • Added -f option to the reveal command to remove prompts

Bugfixes

  • Some bugs are fixed

Misc

  • New installation instructions
  • Changed the way files were decrypted, now it is a separate function

Version 0.1.2

Features

  • Added -i option to the git-secret-add command, which auto adds unignored files to the .gitignore

Misc

  • .github templates added
  • Documentation improved with Configuration section
  • Makefile improvements with .PHONY and install target
  • Added extra tests: for custom filenames and new features

Version 0.1.1

Features

  • Added --dry-run option to the git secret command, which prevents any actions.

Misc

  • Removed animation from docs, now using asciinema.org
  • install_full_fixture() returns a fingerprint
  • uninstall_full_fixture() receives two args
  • Fixed bug when tests were failing with gpg2
  • New travis strategy: testing both gpg and gpg2

Version 0.1.0

Features

  • Implementation of git secret add
  • Implementation of git secret clean, with -v option
  • Implementation of git secret hide, with -c 'clean' and -v option
  • Implementation of git secret init
  • Implementation of git secret killperson
  • Implementation of git secret list
  • Implementation of git secret remove, with -c option
  • Implementation of git secret reveal, with -d homedir and -p passphrase options
  • Implementation of git secret tell, with -m email and -d homedir options
  • Implementation of git secret usage