Safe v0.6.3

Bug Fixes

• safe init no longer requires a previously authenticated
  session with another vault, even though the token was going to
  be ignored anyway.

• safe rm -r now properly prompts for each path, without
  short-circuiting on a 'no', and has pretty color-fied output!

• safe target now honors the --quiet flag.

• safe x509 help now shows information about the crl
  sub-command, which we had scorned for some reason.

Safe v0.6.2

Improvements

• safe curl now has a --data-only flag that will cause it to
  skip the HTTP headers, and just print the raw data. Perfect for
  scripting!
• safe curl now defaults to using the HTTP GET method if the
  only argument given is the URL to retrieve, making it behave
  more like regular curl.

Bug Fixes

• safe rm -rf now properly recurses through trees. This
  behavior was a victim of the ANSI bug that we "fixed" in 0.5.0,
  and it lacked a comprehensive test in the regression suite.
  Both of these issues have been fixed.

Notices

• We no longer test safe against version 0.6.4 of safe, since the
  safe-boshrelease has upgraded to 0.9.0; it may still work
  fine with 0.6.4, but we can offer no guarantee. Update!

Safe v0.6.1

Improvements

• safe renew all now skips vaults you've never authenticated
  against (and therefore have no token worth renewing), and
  accumulates errors until the end.

Safe v0.6.0

New Features

• safe init is a new command that lets you initialize a new
  Vault with custom keying configuration, greatly simplifying
  standup operations.

• safe rekey now features the same flags as safe init for
  consistency and uniformity.

• safe renew is a new command that lets you renew the current
  token (if it is renewable, which root tokens generally aren't)

Improvements

• Remove silly debugging statement that escaped into the wild.

Safe v0.5.1

Bug Fixes

• Fixes a regression introduced in 0.5.0 with the Spruce
  integration via ~/.svtoken. Safe was writing the wrong key
  value for the Vault address, because I tried to be more
  effficient and didn't notice that it was coming out "url".
  Oops.
• Fix some silly issues with null-context fmt.Errorf calls and
  missing printf format specs, brought to light by the more
  invasive validator of go1.9.

Improvements

• safe is now built against Go 1.9, which should properly plumb
  in support for macOS system certificate pools. All you crazy
  kids with your in-house CAs trusted by your hip macbooks should
  have a better time of using safe without -k!

• The test suite is now run against 0.9.0, but not against 0.8.0
  (we still test against 0.8.3, the latest in the 0.8.x series)

Safe v0.5.0

New Features

• The ~/.saferc format got an overhaul that allows safe to
  target the same Vault URL under different aliases (and hence,
  store different auth tokens retrieved by different methods).

• The new -T / --target global flag allows you to temporarily
  set your Safe target, just for the duration of the rest of the
  command chain. This fixes a race condition reported in #100,
  and allows the idiom safe -T old export | safe -T new import
  to work without corrupting your ~/.saferc files.

Improvements

• Safe operators now complain if they are directed to store a
  whole secret (with multiple subkeys) at a path:key, and refuse
  to create a situation they cannot handle.

• safe is more intelligent about when colorization occurs, thanks
  to updates in the upstream ANSI libraries.

Safe v0.4.3

New Features

• New safe ls command lets you list individual levels of the
  directory hierarchy. Could be useful for some shell
  auto-completion. Just sayin'

Improvements

• Fix a formatting issue with the output of safe x509 show
  where ANSI color code formatting was not properly applied.
• Targets with trailing slash(es) are stripped before being
  used, to avoid spurious 404's on write operations.

Safe v0.4.2

Improvements

• safe now supports key@- syntax for setting the contents of
  key in a path to the entirety of standard input. Fixes #107.

Safe v0.4.1

Improvements

• safe now canonicalizes all paths, removing leading / trailing
  slashes, and collapsing contiguous runs of 2 or more slashes
  down to just one. Fixes #106

• safe auth github now presents a more useful error message
  about bad Personal Access Tokens, instead of dumping an API 500
  error on the poor unsuspecting user.

Safe v0.4.0

Improvements

• System Root Certificates will now be used to validate
  certificates presented by the backend Vault, if you're into that
  sort of thing.