Skip to content

Releases: useFormseal/fetch

v2.9.0

Choose a tag to compare

@github-actions github-actions released this 11 Jun 17:01
Immutable release. Only release title and notes can be modified.

What's new

Features

  • New provider: S3-Compatible (AWS S3, MinIO, Cloudflare R2, DigitalOcean Spaces, Backblaze B2). Connects via boto3 with paginated listing and download.
  • post_connect() hook on BaseProvider — providers can run post-setup logic without hardcoding in connect.py.

Breaking changes

  • Removed the token_label / save_token() system. All credentials are stored via sensitive: true inputs uniformly. Providers that used token_label (Cloudflare, Redis, Supabase) now have their credential as a normal sensitive input field. Reconnect required after upgrading.

Fixes

  • fsf disconnect now wipes all sensitive field credentials from keychain, not just the old api-token.
  • S3 endpoint auto-prepends https:// if no scheme provided.

Improvements

  • Centralized truncate() in ui/bodies — all sensitive values truncated consistently (10 chars + *****).
  • post_connect() moved out of connect.py — Cloudflare account ID fetching now lives in the Cloudflare provider.
  • All providers use flat sensitive-input storage instead of the special token path. No keychain pollution on disconnect.

Docs

  • Purged all token_label, and Token Location references.
  • Updated backends.md with S3-Compatible section including endpoint examples.
  • Removed stale "No token" section from troubleshooting.
  • Updated provider guide (config-json.md) for the new sensitive-input system.
  • Cleaned up CONTRIBUTING.md (removed versioning section).

Internal

  • Removed save_token()load_token()delete_token()token_location()get_token_label() entirely.
  • clear_all() now accepts extra_keys — disconnect wipes all sensitive fields from keychain.
  • redis/engine.py reads URL from config dict instead of calling tokens.load_token().

v2.8.0

Choose a tag to compare

@github-actions github-actions released this 08 Jun 11:38
Immutable release. Only release title and notes can be modified.

What's new

Breaking changes

  • OS keychain is now required — no more secrets.json fallback. fsf connect pre-checks keychain availability and fails with a clear error if none is found.

Fixes

  • Fixed broken wheel in previous version caused by missing init

Security

  • Credentials are now stored exclusively in the OS keychain (Windows Credential Manager, macOS Keychain, Linux Secret Service). Removed the unencrypted secrets.json fallback

  • Rewrote security.md with a full credential storage table, threat model, and clearing guide

Docs

  • Updated configuration.md, security.md, commands.md, and troubleshooting.md to reflect keychain-only model
  • Purged all references to secrets.json and fallback storage across all documentation files

v2.7.0

Choose a tag to compare

@github-actions github-actions released this 04 Jun 20:06
Immutable release. Only release title and notes can be modified.

What's new

Features

  • Add subtext system to command headers with dim \ separator
  • Display truncated Account ID in Cloudflare status output (no extra user prompts, Account ID is fetched automatically)

Breaking changes

  • Remove --about flag
  • Remove -o alias
  • Change fsf providersfsf --providers

Fixes

  • Fix stale import from fsf.commands.config.config → from fsf.commands.config
  • Fix typo in how-it-works.md
  • Fill empty Cloudflare common issues table in backends.md

Improvements

  • Consolidate Redis connection error to single actionable message
  • Unused code cleanup across commands/, helpers/, ui/, and providers/
  • Streamline fail() spacing to 2 leading spaces for consistency

Docs

  • Restructure docs from nested subdirectories to flat numbered pattern (0-6 + README + providers/)
  • Add ecosystem position table to how-it-works.md
  • Polish README.md: add h1 heading, fix stale doc paths, remove duplicate sections, add security blockquote
  • Update CONTRIBUTING.md: fix outdated project structure, simplify versioning section, update code style references
  • Expand security.md to match fsd/fse depth: credential storage table, encryption guarantee, what-to-protect guidance, clearing credentials workflow, verifying keychain storage
  • Add Security section to CONTRIBUTING.md

Internal

  • Flatten commands/ subdirectories into flat structure
  • Rename general/ to helpers/
  • Merge fsf.py + cmd.py into single cli.py entry point

v2.6.1

Choose a tag to compare

@github-actions github-actions released this 01 May 09:28

What's new:

CodeQL alerts

  • #11: Clear-text logging — Fixed
  • #7,#6: Path flexibility — Justified as CLI context

v2.6.0

Choose a tag to compare

@github-actions github-actions released this 01 May 07:57

What's new:

Features

  • Add --debug flag for verbose error output
  • Better error messages with possible causes (connection, auth, DNS)
  • New provider guide docs (docs/providers/)

Changes

  • Refactor provider system: _do_fetch() wrapper with validation
  • Add logging for provider discovery failures
  • Add duplicate provider name detection
  • Pass debug flag through all providers

Fixes

  • Fix silent provider failures (import errors now logged)
  • Fix schema path using wrong name (now uses folder name)
  • Fix fetch() return type validation

Documentation

  • Create docs/providers/ with 6-step guide
  • Update CONTRIBUTING.md with provider docs
  • Update commands.md with --debug flag
  • Add "For developers" section to README

Breaking changes

  • None

v2.5.1

Choose a tag to compare

@github-actions github-actions released this 24 Apr 09:52

What's new

Bugfixes

  • Fix broken provider commands (config.json missing in pyproject.toml)
  • CI publish workflow now builds from the correct post-version-bump commit

v2.5.0

Choose a tag to compare

@github-actions github-actions released this 23 Apr 16:21

What's new:

Features

  • Add Redis provider (url as token, key_prefix as input)
  • Mask sensitive fields in status output
  • Simplify provider connect flow: inputs + token + output

Changes

  • Remove fsf set command and run_set function
  • Clean up provider config: remove redundant name field and output section
  • token_label now drives token prompt

Fixes

  • Fix _load_schema being called as property when it's a method
  • Fix sensitive field masking in status

Documentation

  • Create docs/backends/redis.md
  • Update getting-started.md with Redis quick start
  • Remove fsf set references from troubleshooting, reference, and concepts docs
  • Update aliases table (-pl-p)

Breaking changes

  • Connect syntax: fsf connect <name> (removed provider: prefix)
  • Command alias: -pl-p

v2.4.0

Choose a tag to compare

@github-actions github-actions released this 23 Apr 08:41

What's new:

Features

  • Provider system now fully configurable via config.json - drop a provider folder and it's auto-discovered
  • Add token_label, display_name, storage_type, inputs fields to provider config
  • Extract shorthand aliases to fsf/general/aliases.py
  • Create fsf/general/errors.py for error handlers
  • Add 3-workflow CI chain: inject-version → prepare-release → publish

Refactoring

  • Rename cli/ to fsf/ to avoid namespace collisions
  • Create fsf/__init__.py as central import hub
  • Restructure commands into general/, fetch/, connect/, config/ subfolders
  • Move VERSION to fsf/commands/general/version.py
  • Move _show_help logic from fsf.py to help.py
  • Extract COMMANDS registry to fsf/cmd.py
  • Provider subclasses now minimal - only name and fetch() required

Fixes

  • Add encoding="utf-8" when opening provider config.json files
  • Fix _load_schema being called as property when it's a method

Documentation

  • Update CONTRIBUTING.md with new provider setup instructions
  • Update docs/reference/commands.md
  • Update docs/backends/supabase.md and cloudflare-kv.md
  • Create SECURITY.md with private vulnerability reporting

Breaking changes

  • Python imports: cli.fsf. throughout

v2.3.0

Choose a tag to compare

@grayguava grayguava released this 22 Apr 06:48

What's new:

Critical fixes:

  • Fixed traceback error on root command (was broken in v2.2.1)
  • Fixed import issues for pipx installation

New features:

  • Shorthand flags: -s, -c, -o, -pl
  • --version command shows clean vX.Y.Z
  • --aliases shows all available shorthands

Improvements:

  • Modularized UI code (matches formseal-embed architecture)
  • Streamlined --help spacing
  • Updated docs with all new commands

v2.2.1

Choose a tag to compare

@grayguava grayguava released this 21 Apr 13:31

What is new:

  • Supabase: detect formseal ciphertexts by prefix (formseal.) instead of generic base64url pattern

Bug fixes:

  • remove unused auto-table discovery code (table name is required)

this release improves accuracy when detecting ciphertext columns in supabase, starting with formseal-embed v3.4.2.