v3.0.0

What's Changed

🔴 Breaking change

• Set export-env input to false by default by @volodymyrZotov in #114
  If you want export secrets as env variables you should update your workflows and explicitly set export-env: true aka

      - name: Load secret
        uses: 1password/load-secrets-action@v3
        with:
          # Export loaded secrets as environment variables
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret

      - name: Print masked secret
        run: 'echo "Secret: $SECRET"'
        # Prints: Secret: ***

🚀 Features

• Use op cli installer to enable Windows support by @volodymyrZotov in #109
• Set default for version input by @volodymyrZotov in #112

🔒 Security

• Use of Insufficiently Random Values in undici {#103}
• undici Denial of Service attack via bad certificate data {#103}

Full Changelog: v2...v3.0.0

v2.0.0

Breaking changes

• Remove protocol prepending. Users are now required to include the protocol (http:// or https://) when passing the Connect host URL. {#66}

What's Changed

• Migrate action to TypeScript {#36}
• Upgrade action from Node 16 to Node 20. Credits to @parente for the contribution. {#36}

v1.3.2

This release bumps dependency versions to address Dependabot vulnerabilities.

Security

• Fix dependabot vulnerabilities. {#55, #57}

v1.3.1

This release fixes the CLI version parsing without the jq tool, as well as fixing some dependabot vulnerabilities.

Fixes

• Parse CLI version without jq. {#51}

Security

• Fix dependabot vulnerabilities. {#52}

v1.3.0

This release enhances the 1Password CLI installation process and removes the deprecated GitHub Actions set-output command.

Features

• Update documentation related to 1Password Service Accounts.
• Install the 1Password CLI for arm and 386 on Linux; credit to @roderik. {#44, #49}
• Automatically fetch the latest stable version of the 1Password CLI. {#49}

Fixes

• Remove deprecated set-output command; credit to @Manokii. {#27}
• Use temp directory for op (instead of root) for Linux; credit to @mamercad. {#28}
• Enable installing the CLI on macOS runners without sudo privileges. {#32}

v1.2.0

This version of the action brings two fixes to ensure that v1.x.x releases stay backwards compatible with earlier v1 versions.

The breaking changes are present in versions v1.1.x. Therefore, any users using these specific versions should update to this version to have your pipelines working again.

Fixes

• Ensure OP_CONNECT_HOST has a URL scheme set. (#25)
• Set the default of export-env to true. (#25)

v1.1.2

Fixes

• Workflow fails if secret ref includes spaces {#20}

v1.1.1

Fixes

• Make openssl generate a 64-character string as mentioned in comment. {#18}
• Add link to 1Password Developer Documentation in README. {#19}
• Pass User-Agent Information to the 1Password CLI. {#22}

v1.1.0

• Added the use of the 1Password CLI to perform actions (#5 )
• Updated package dependencies (#14)
• Added Service Account beta feature (#5)

v1.0.2

Security

• Improve the way input is processed to avoid command injection (#11)