Releases: useFormseal/fetch
Releases · useFormseal/fetch
Release list
v2.9.0
Immutable
release. Only release title and notes can be modified.
What's new
Features
- New provider: S3-Compatible (AWS S3, MinIO, Cloudflare R2, DigitalOcean Spaces, Backblaze B2). Connects via
boto3with paginated listing and download. post_connect()hook onBaseProvider— providers can run post-setup logic without hardcoding inconnect.py.
Breaking changes
- Removed the
token_label/save_token()system. All credentials are stored viasensitive: trueinputs uniformly. Providers that usedtoken_label(Cloudflare, Redis, Supabase) now have their credential as a normal sensitive input field. Reconnect required after upgrading.
Fixes
fsf disconnectnow wipes all sensitive field credentials from keychain, not just the oldapi-token.- S3 endpoint auto-prepends
https://if no scheme provided.
Improvements
- Centralized
truncate()inui/bodies— all sensitive values truncated consistently (10 chars +*****). post_connect()moved out ofconnect.py— Cloudflare account ID fetching now lives in the Cloudflare provider.- All providers use flat sensitive-input storage instead of the special token path. No keychain pollution on disconnect.
Docs
- Purged all
token_label, andToken Locationreferences. - Updated
backends.mdwith S3-Compatible section including endpoint examples. - Removed stale "No token" section from troubleshooting.
- Updated provider guide (
config-json.md) for the new sensitive-input system. - Cleaned up CONTRIBUTING.md (removed versioning section).
Internal
- Removed
save_token(),load_token(),delete_token(),token_location(),get_token_label()entirely. clear_all()now acceptsextra_keys— disconnect wipes all sensitive fields from keychain.redis/engine.pyreads URL from config dict instead of callingtokens.load_token().
v2.8.0
Immutable
release. Only release title and notes can be modified.
What's new
Breaking changes
- OS keychain is now required — no more secrets.json fallback. fsf connect pre-checks keychain availability and fails with a clear error if none is found.
Fixes
- Fixed broken wheel in previous version caused by missing init
Security
-
Credentials are now stored exclusively in the OS keychain (Windows Credential Manager, macOS Keychain, Linux Secret Service). Removed the unencrypted secrets.json fallback
-
Rewrote security.md with a full credential storage table, threat model, and clearing guide
Docs
- Updated configuration.md, security.md, commands.md, and troubleshooting.md to reflect keychain-only model
- Purged all references to secrets.json and fallback storage across all documentation files
v2.7.0
Immutable
release. Only release title and notes can be modified.
What's new
Features
- Add subtext system to command headers with dim \ separator
- Display truncated Account ID in Cloudflare status output (no extra user prompts, Account ID is fetched automatically)
Breaking changes
- Remove --about flag
- Remove -o alias
- Change
fsf providers→fsf --providers
Fixes
- Fix stale import from fsf.commands.config.config → from fsf.commands.config
- Fix typo in how-it-works.md
- Fill empty Cloudflare common issues table in backends.md
Improvements
- Consolidate Redis connection error to single actionable message
- Unused code cleanup across commands/, helpers/, ui/, and providers/
- Streamline fail() spacing to 2 leading spaces for consistency
Docs
- Restructure docs from nested subdirectories to flat numbered pattern (0-6 + README + providers/)
- Add ecosystem position table to how-it-works.md
- Polish README.md: add h1 heading, fix stale doc paths, remove duplicate sections, add security blockquote
- Update CONTRIBUTING.md: fix outdated project structure, simplify versioning section, update code style references
- Expand security.md to match fsd/fse depth: credential storage table, encryption guarantee, what-to-protect guidance, clearing credentials workflow, verifying keychain storage
- Add Security section to CONTRIBUTING.md
Internal
- Flatten commands/ subdirectories into flat structure
- Rename general/ to helpers/
- Merge fsf.py + cmd.py into single cli.py entry point
v2.6.1
What's new:
CodeQL alerts
- #11: Clear-text logging — Fixed
- #7,#6: Path flexibility — Justified as CLI context
v2.6.0
What's new:
Features
- Add --debug flag for verbose error output
- Better error messages with possible causes (connection, auth, DNS)
- New provider guide docs (docs/providers/)
Changes
- Refactor provider system: _do_fetch() wrapper with validation
- Add logging for provider discovery failures
- Add duplicate provider name detection
- Pass debug flag through all providers
Fixes
- Fix silent provider failures (import errors now logged)
- Fix schema path using wrong name (now uses folder name)
- Fix fetch() return type validation
Documentation
- Create docs/providers/ with 6-step guide
- Update CONTRIBUTING.md with provider docs
- Update commands.md with --debug flag
- Add "For developers" section to README
Breaking changes
- None
v2.5.1
What's new
Bugfixes
- Fix broken provider commands (config.json missing in pyproject.toml)
- CI publish workflow now builds from the correct post-version-bump commit
v2.5.0
What's new:
Features
- Add Redis provider (
urlas token,key_prefixas input) - Mask sensitive fields in status output
- Simplify provider connect flow: inputs + token + output
Changes
- Remove
fsf setcommand andrun_setfunction - Clean up provider config: remove redundant
namefield andoutputsection token_labelnow drives token prompt
Fixes
- Fix
_load_schemabeing called as property when it's a method - Fix sensitive field masking in status
Documentation
- Create
docs/backends/redis.md - Update getting-started.md with Redis quick start
- Remove
fsf setreferences from troubleshooting, reference, and concepts docs - Update aliases table (
-pl→-p)
Breaking changes
- Connect syntax:
fsf connect <name>(removedprovider:prefix) - Command alias:
-pl→-p
v2.4.0
What's new:
Features
- Provider system now fully configurable via
config.json- drop a provider folder and it's auto-discovered - Add
token_label,display_name,storage_type,inputsfields to provider config - Extract shorthand aliases to
fsf/general/aliases.py - Create
fsf/general/errors.pyfor error handlers - Add 3-workflow CI chain: inject-version → prepare-release → publish
Refactoring
- Rename
cli/tofsf/to avoid namespace collisions - Create
fsf/__init__.pyas central import hub - Restructure commands into
general/,fetch/,connect/,config/subfolders - Move
VERSIONtofsf/commands/general/version.py - Move
_show_helplogic fromfsf.pytohelp.py - Extract
COMMANDSregistry tofsf/cmd.py - Provider subclasses now minimal - only
nameandfetch()required
Fixes
- Add
encoding="utf-8"when opening providerconfig.jsonfiles - Fix
_load_schemabeing called as property when it's a method
Documentation
- Update CONTRIBUTING.md with new provider setup instructions
- Update docs/reference/commands.md
- Update docs/backends/supabase.md and cloudflare-kv.md
- Create SECURITY.md with private vulnerability reporting
Breaking changes
- Python imports:
cli.→fsf.throughout
v2.3.0
What's new:
Critical fixes:
- Fixed traceback error on root command (was broken in v2.2.1)
- Fixed import issues for pipx installation
New features:
- Shorthand flags: -s, -c, -o, -pl
- --version command shows clean vX.Y.Z
- --aliases shows all available shorthands
Improvements:
- Modularized UI code (matches formseal-embed architecture)
- Streamlined --help spacing
- Updated docs with all new commands
v2.2.1
What is new:
- Supabase: detect formseal ciphertexts by prefix (formseal.) instead of generic base64url pattern
Bug fixes:
- remove unused auto-table discovery code (table name is required)
this release improves accuracy when detecting ciphertext columns in supabase, starting with formseal-embed v3.4.2.