- Added bats test for secrets find command.
- Switched to using f-strings for formatting.
- Fixed broken bats tests.
- Update GitHub Actions workflows.
- Added secrets find command.
- Added support for new variable type boolean.
- Updated GitHub Actions workflows (default to Python 3.9.16).
- Drop Python 3.7, 3.8, add Python 3.11 (default to 3.10) for tox.
- Fixed downstream dependency and pip installation problems.
- Resolved new pep8 and bandit findings.
- Added --ignore-missing option to continue when settings variables.
- Added 'Operational Security' section to README.
- Add about command to expose selected settings for situational awareness.
- Add pytest code coverage reporting.
- Add BATS runtime tests related to changes.
- Fix caching bug with non-unique secret generation.
- Fix bugs with setting/deleting secrets.
- Improve secrets basedir initialization logic.
- Expand use of pathlib.Path.
- Improvements to source code, test, and vscode launch configuration quality.
- Switch to using factory pattern for secrets generation.
- General code quality and test improvements.
- Improve secrets get command logic and help.
- Fix utils yaml-to-json subcommand and tests.
- Resolve setuptools warnings.
- Separate utility functions from utils subcommands.
- Retire consul_key secret type in favor of token_base64.
- Retire insecure secrets types (e.g., use of SHA1).
- Test support for Python 3.10.
- Add better logging controls.
- Generalize Google OAuth2 email functionality.
- Improve use and testing of exceptions.
- Add init command and --init flag to initialize secrets base directory.
- Ensure overridden values via flags are exported to process environment for subprocesses to use.
- Add missing tests for features added in a previous release.
- Add and start using application-specific exception classes.
- Move functions and variables to utils to improve reuse ability.
- Use get_ prefix more consistently for getter method/function names.
- Over-ride cliff formatter class globally in app parser setup.
- Use pathlib.Path for paths for cleaner code.
- Fix bugs in environments delete command.
- Fix bugs in --from-options feature of secrets get and secrets set.
- Improvements to source code, test, and vscode launch configuration quality.
- Add Help attribute to descriptions for URL to more information.
- General code quality, documentation, and testing enhancements
- Move tmpdir path creation to secrets_environment.SecretsEnvironment().
- Move umask() function and variables to utils.
- Drop Python 3.6 support due to it being EOL.
- Added secrets tree subcommand.
- Fixed bugs with environments path --tmpdir subcommand and run subcommand with --elapsed option when no environment exists.
- Changed license file name.
- Improved documentation.
- Increased test coverage to address bugs (below) being fixed.
- Fixed bugs in Makefile and tox.ini file.
- Fixed bug setting undefined variables.
- Switched from numpy to Python secrets module for random bytes.
- Increased key size from 16 to 32 bits for consul_key, token_hex and token_urlsafe.
- Fixed bug in setup.py+setup.cfg
- Secrets descriptions for demoing HypriotOS Flash mods Medium article
- Improve secrets set --from-options
- General code quality, documentation, and testing enhancements
- Ability to set and generate secrets from defaults options
- Ability to create an alias for an existing environment
- Allow retroactive mirroring of new secrets
- Switched from pbr to setuptools_scm for version numbering
- Switched to more secure random number generation
- Improve GitHub Actions workflows
- Overall documentation and code enhancements
- Improve handling of wildcards in options list
- Fix bugs with handling empty lists, cloning environments, BATS tests
- Increase password complexity a bit more
- Fix ReadTheDocs
- Add secrets create and secrets delete commands
- Normalize all logger and exception output text
- Refactoring code for better modulatiry
- Normalize group create and group delete code
- Normalize secrets show and secrets describe code
- Fix bug that left variables missing after cloning
- Add Python 3.9 to testing matrix
- Switch from .yml to .json format for secrets
- Expand IP address support in utils subcommand
- Fixes to v20.8.0
- Add GitHub workflow to publish to test.pypi.org
- Add secrets backup and secrets restore logic
- Open web browser to documentation for help
- Go back to date-based version numbering
- General CI/CD workflow updates
- Improve directory handling in environments path
- Added Python 3.8 support to test matrix
- Fix bug in environments default
- Put elapsed time (and BELL) on stdout
- Fix bug in environments tree
- Allow setting vars using diff names+environment
- Add and document new boolean data type
- Add groups delete command
- Improve default environment handling
- Improve tox+BATS testing
- Address security issue per "Your xkcd passwords are pwned" article
- General code quality and test improvements
- Add protection from over-writing existing env vars
- Add Options attribute
- Enhancements to better support Windows 10
- Allow cloning group descriptions from environment
- Fix tty/no-tty handling with environments delete
- Expose terraform command on -v
- Validate variable exists in environment
- Fix broken environments tree code
- Move BATS unit tests into tox testing
- Avoid attempting interactive things when no tty
- Improve file and directory permissions logic
- Working SSH key and configuration management
- Use bullet for interactive list selection
- Elapsed timer feature
- Parsing of terraform output to extract SSH public keys
- umask control for better new file permission settings
- Support configuring terraform tfstate backend
- Allow setting secrets by copying from another environment
- Numerous bug fixes
- Refine testing
- Option to only show undefined variables
- Sort environments when listing
- Add environments delete subcommand
- Allow cloning environment from an existing one
- Dynamically get version number
- General testing enhancements
- General code quality enhancements
- Ensure more secure file permissions
- General code quality enhancements
- IP address determination
- Allow cloning new group in an empty environment
- Make python -m psec work
- JSON output method
- Environment aliasing feature
- General code quality and testing enhancements
- Be more explicit about default environment
- Tighten permissions on cloned environments/groups
- Add insecure permissions checking
Add HISTORY.rst file
- Add command ssh config to manage SSH configuration snippet for use by update-dotdee to generate ~/.ssh/config file
- Add command ssh known-hosts add and ssh known-hosts remove to manage system known_hosts file(s)
- Generalized exception to fix --version bug
- Clean up temporary docs/psec_help.txt file
- Fix Bats dependencies/tests
- Fix broken documentation (wt?)
- Fix messed up release tagging
- Python 3.7 coverage for Travis CI
- Complete --help output (epilog text) in all commands
- Install a script 'psec' to complement console_script entry point
- Clarify arguments in --help output
- The 'python_secrets' command is now just 'psec'
- Add
environments rename
command - Add
utils set-aws-credentials
command to mirror AWS CLI credentials - Use
autoprogram_cliff
for self-documentation - Add
cliff.sphinxext
for documentation
- Refactored
SecretsEnvironment()
soautoprogram_cliff
works
- Add "--type" option to "secrets describe"
- Improve visibility into default environment
- Add screencasts to documenation
- Add RST checks to ensure PyPi documentation works
- Add feedback about minimum Python version
- Add
--json
output toenvironments path
- Add reference to proof-of-concept using goSecure fork
- The "secrets describe" command now describes variables and types
- Allow
secrets set
to set any type (not juststring
)
- Switched to calendar version numbering
- Finish GPG encrypted email delivery of secrets
groups create
command- Improve error handling consistency when no environment exists
- Use attribute maps instead of lookup loops
- Add Prompt attribute in descriptions for better UX when setting variables
- Note new undefined variables when adding groups or
environments create --clone-from
- When exporting vars, also export PYTHON_SECRETS_ENVIRONMENT w/environment name
- Add reference to Python Security coding information
environments tree
commandenvironments path
command with features supporting Ansible Lookup Pluginsecrets get
commandgroups path
commandenvironments default
command
- Option to export secrets as environment variables (with optional prefix)
- Can now set secrets (any specified or all undefined) via command line
utils myip
command returns routable IP address (with CIDR option)run
command allows running commands with exported environment variables
- Renamed
template
comamnd toutils tfoutput
- Dropped support for Python 3.4, 3.5, since
secrets
module only in Python >= 3.6
- New
string
type for manually set secrets secrets path
command provides path to secrets.yml
filetemplate
command (Jinja templating)- Default environment to basename of cwd
- Clone environment from skeleton directory in repo
secrets describe
commandenvironments create
commandenvironments list
command- Expand secrets types and generation methods
- Add initial feature for sending secrets via email using Google OAuth2 SMTP
- Drop Python 2.7 support (at least for now...)
- Add
six
for securinginput
call
(TBD)
(TBD)
(TBD)
- First release on PyPI.