This release includes 1 breaking change for platform teams planning a safe upgrade.
Published 24d
Secrets & Credentials
✓ No known CVEs patched
✓ No known CVEs patched in this version
Topics
cli
encryption-decryption
git
gitops
secrets-management
Affected surfaces
auth
Summary
AI summaryUse encrypted secret paths for push/pull instead of metadata path.
Full changelog
Added
- (i686) add target i686-unknown-linux-musl
Fixed
- (push/pull) [breaking] use the encrypted secret paths, not metadata path
Other
- Potential fix for code scanning alert no. 1: Workflow does not contain permissions
- (deps) bump clap_complete from 4.6.3 to 4.6.4 (#37)
- (deps) bump filetime from 0.2.27 to 0.2.28 (#36)
- Set package ecosystem to 'cargo' in dependabot config
- Update SECURITY.md to reflect new reporting process
- (cottagelab) add lab link to try cottage without installing
- (readme) fix typo
- (readme) add links to similar projects
- (spec) document toml specs.
Breaking Changes
- Push/pull operations now require encrypted secret paths rather than using the metadata path.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About sayanarijit/cottage
All releases →Related context
Related tools
Beta — feedback welcome: [email protected]