v1.9.0

Software Updates

This version of Safe has been recompiled against Go 1.20.4, running on the latest image docker image of Ubuntu Jammy as of June 2, 2023. It is functionally identical to v1.8.0, but with the benefit of improved security of the latest Go and OS updates.

It has also been officially tested against vault 1.13.2, as well as the latest patch versions available between 1.9 and 1.12

The Makefile and CI pipeline has been updated to provide a better CI experience, allowing for prerelease generation, testing against different vault target versions in parallel and generating release notes via commit messages.

Safe v1.8.0

Improvements

Safe now supports escaping : and ^ characters in paths and keys with the \ character.

Some examples:
safe get secret/colon\:test:foo will get the key foo from the secret at the path secret/colon:test.
safe get secret/foo:ba\:r will get the key ba:r from the secret at the path secret/foo.

This sort of worked before, sometimes, kinda, for some commands, as we'd only acknowledge the last colon as special for commands that accepted keys in their paths. For others, we'd often just err if there was a colon at all in the secret path.

We still only respect the final colon or caret in a path as special, but any of them can be escaped by preceding them with a backslash so that they are not used as a separator.

Additionally, the output of safe paths --keys now escapes colons in the output when they are not the secret:key separator.

This is a duplication of the starkandwayne/safe v1.8.0 release from Feb 15, 2023 published by @thomasmitchell, using the same assets.

Safe v1.7.0

New Features

• Auth now supports Okta login (thanks @thehandsomezebra)
• We build for darwin/arm64 now!

Improvements

• The auth commands now use the same code paths as all of the other Vault-accessing commands, and so now their behavior should be more consistent with other commands.

This is a duplication of the starkandwayne/safe v1.7.0 release from Aug 24, 2022 published by @thomasmitchell, using the same assets.

Safe v1.6.1

Improvements

• HTTP calls that list paths in the Vault have been switched to use the GET HTTP method for greater compatibility with proxies.

This is a duplication of the starkandwayne/safe v1.6.1 release from May 24, 2021 published by @thomasmitchell, using the same assets.

Safe v1.6.0

New Features

• safe uuid is a new command that will generate a UUIDv4 and insert it into
  the specified path at the Vault. (thanks @gerardocorea)
• safe option allows you to view and edit new safe CLI global options.
  Currently, the only option is manage_vault_token, which will have safe
  change the .vault-token file that the Vault CLI uses. (thanks @daviddob)

Improvements

• safe versions now shows when versions in a KVv2 backend were created.

Miscellaneous

• The release binaries are now compiled with Go 1.16, up from Go 1.13. This means that these builds include the Go 1.15 x509 library changes that may cause certificates that relied on the target domain being in the Subject line (as opposed to the Subject Alternative Names) to be untrusted.

This is a duplication of the starkandwayne/safe v1.6.0 release from Mar 29, 2021 published by @thomasmitchell, using the same assets