ENHANCEMENTS
- feat: show requested version in error when none was matched by @ansgarm in #250
BUG FIXES
INTERNAL:
- Update Axios to 1.6.2 by @xiehan in #206
- Bump @types/node from 18.18.6 to 18.18.7 by @dependabot in #192
- Bump openpgp from 5.10.2 to 5.11.0 by @dependabot in #193
- Bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #186
- Bump @types/node from 18.18.7 to 18.18.8 by @dependabot in #194
- github: Disable dependabot for GHA by @radeksimko in #195
- Bump @types/yauzl from 2.10.2 to 2.10.3 by @dependabot in #198
- Bump @types/semver from 7.5.4 to 7.5.5 by @dependabot in #197
- Bump @types/node from 18.18.8 to 18.18.9 by @dependabot in #196
- Bump @types/node from 18.18.9 to 18.18.10 by @dependabot in #201
- build(deps): Bump workflows to latest trusted versions by @hashicorp-tsccr in #200
- Bump @types/node from 18.18.10 to 18.18.11 by @dependabot in #203
- Bump @types/semver from 7.5.5 to 7.5.6 by @dependabot in #202
- Bump @types/node from 18.18.11 to 18.18.12 by @dependabot in #204
- Bump @types/node from 18.18.12 to 18.18.13 by @dependabot in #205
ENHANCEMENT:
- Bump Node version to 18 by @dbanck in #168
INTERNAL:
- Bump @types/node from 14.18.58 to 18.18.6 by @dependabot in #167
- Bump @types/semver from 7.5.1 to 7.5.4 by @dependabot in #169
- Bump openpgp from 5.10.1 to 5.10.2 by @dependabot in #172
- Bump @types/yauzl from 2.10.0 to 2.10.2 by @dependabot in #175
- SEC-090: Automated trusted workflow pinning (2023-09-27) by @hashicorp-tsccr in #179
- Bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #180
- Bump @babel/traverse from 7.18.8 to 7.23.2 by @dependabot in #185
ENHANCEMENT:
- Add PR test for copyright headers by @radeksimko in #127
- Migrate to plain npm publish by @jpogran in #136
BUG FIXES:
INTERNAL:
- Add CODEOWNERS file by @radeksimko in #102
- Pin external GitHub Actions to hashes by @dbanck in #99
- Add MPL 2.0 LICENSE by @hashicorp-copywrite in #84
- Update openpgp and remove pin to specific version by @dbanck in #91
- Update minimatch to 3.1.2 by @dbanck in #92
- Add Copyright and License Headers by @hashicorp-copywrite in #109
- Bump @types/node from 14.18.22 to 14.18.58 by @dependabot in #65
- Bump @types/semver from 7.3.10 to 7.5.1 by @dependabot in #67
- Bump ts-jest from 28.0.7 to 28.0.8 by @dependabot in #68
- Bump @types/jest from 28.1.6 to 28.1.8 by @dependabot in #70
- Bump semver from 7.3.7 to 7.5.4 by @dependabot in #82
- Bump typescript from 4.7.4 to 4.9.5 by @dependabot in #81
- Bump prettier from 2.7.1 to 2.8.8 by @dependabot in #97
- Bump json5 from 2.2.1 to 2.2.3 by @dependabot in #103
- Bump actions/checkout from 3.2.0 to 4.0.0 by @dependabot in #105
- Bump actions/setup-node from 3.5.1 to 3.8.1 by @dependabot in #104
- Bump openpgp from 5.5.0 to 5.10.1 by @dependabot in #113
- Bump hashicorp/setup-copywrite from 1.0.0 to 1.1.2 by @dependabot in #132
BUG FIXES:
- Fix error on picking latest vault releases by @markmartirosian in #56
INTERNAL:
- Migrate test from mocha to jest by @dbanck in #58
- Bump prettier from 2.6.2 to 2.7.1 by @dependabot in #54
- Bump @types/semver from 7.3.9 to 7.3.10 by @dependabot in #55
- Bump typescript from 4.6.3 to 4.7.4 by @dependabot in #57
- Bump @types/jest from 28.1.4 to 28.1.5 by @dependabot in #59
- Bump @types/node from 14.18.21 to 14.18.22 by @dependabot in #62
- Bump jest from 28.1.2 to 28.1.3 by @dependabot in #60
- Bump ts-jest from 28.0.5 to 28.0.6 by @dependabot in #61
- Bump ts-jest from 28.0.6 to 28.0.7 by @dependabot in #63
- Bump @types/jest from 28.1.5 to 28.1.6 by @dependabot in #64
BUG FIXES:
- Swap
proxy-agentwithhttps-proxy-agentto fixftppackage warning by @magnetikonline in #43
ENHANCEMENT:
- Workflow and
README.mdtweaks by @magnetikonline in #44
INTERNAL:
- Bump @types/yauzl from 2.9.2 to 2.10.0 by @dependabot in #34
- Bump typescript from 4.6.2 to 4.6.3 by @dependabot in #31
- Bump prettier from 2.6.0 to 2.6.2 by @dependabot in #32
- Bump semver from 7.3.5 to 7.3.6 by @dependabot in #33
- Bump semver from 7.3.6 to 7.3.7 by @dependabot in #35
- Bump @types/node from 14.18.12 to 14.18.13 by @dependabot in #36
- Bump @types/mocha from 9.1.0 to 9.1.1 by @dependabot in #37
- Bump @types/node from 14.18.13 to 14.18.14 by @dependabot in #38
- Bump @types/node from 14.18.14 to 14.18.15 by @dependabot in #39
- Bump @types/node from 14.18.15 to 14.18.16 by @dependabot in #40
- Bump @types/node from 14.18.16 to 14.18.18 by @dependabot in #47
- Bump @types/node from 14.18.18 to 14.18.21 by @dependabot in #51
BUG FIXES:
- Fix
downloadandverify(#27)
INTERNAL:
- Add prettier and format code (#28)
ENHANCEMENT:
- Implement Proxy usage (#11)
DEPENDENCIES:
Security:
- Update public GPG key for validating releases (#9)
Dependencies:
- Upgrade openpgpjs to v5.0 pre-release (#8)
- Update dependencies and set explicit https url for GitHub dependency (#5)
- Replace openpgp with fork to fix downstream bundle (#4)
- Allow pre-release version ranges (#2)
- Match version ranges (#1)
Bugs:
- Fix handling of request for latest release
- Republish patch to fix build error
js-releases is a handy tool for downloading and verifying packages from releases.hashicorp.com. You can:
- fetch metadata for a given release (or latest)
- download the package
- verify the SHASUM and signature
- unpack to a specified directory