v2.0.0

Install the Arcus.Security packages that you need via NuGet, for instance Arcus.Security.Providers.AzureKeyVault:

PM > Install-Package Arcus.Security.Providers.AzureKeyVault --Version 2.0.0

For a complete list of all Arcus.Security packages see the documentation.

What's new?

Features

• Provide .NET 8 support (arcus-azure/arcus#311)

Breaking Changes

• Replace deprecated AddProvider with specific secret mutation to secret provider options overload (#305)

Removal

• Remove empty CacheConfiguration constructor (#306)
• Remove deprecated Microsoft.Azure.KeyVault.* packages (#311)
• Remove regular expression patterns for secret and vault names in Azure Key vault secret provider (#325)
• Remove deprecated Azure Key vault authentication (#202)
• Remove deprecated Azure Key vault secret store extensions (#329)

Changes:

• cf0fc8d chore: upgrade to observability v3.0 (#427)
• d40678b chore: remove deprecated secret store functionality (#426)
• de11c91 chore: remove deprecated key vault functionality (#424)
• c28b7f7 chore: support preview net8.0 (#421)
• d16484a chore: Update LICENSE (#409)
• 94b89ef chore: Bump http-cache-semantics from 4.1.0 to 4.1.1 in /docs (#402)
• 2570e23 chore: Bump @sideway/formula from 3.0.0 to 3.0.1 in /docs (#403)
• 3aebf4e chore: Bump webpack from 5.48.0 to 5.76.1 in /docs (#405)
• 81f75d0 chore: Bump ua-parser-js from 0.7.28 to 0.7.33 in /docs (#401)
• f47e9e2 chore: use main branch in az devops status badge (#399)

See More

• 805aa43 chore: remove installation section (#400)
• 0b1043d chore: use codecov reporting (#398)
• 733e0e9 chore: fully use arcus.testing for logging & in-memory secrets (#397)
• 8c0ccaa chore: use coverlet code coverage (#396)
• 12befc2 chore: use main branch in codeql (#395)
• 28bf111 chore: Bump json5 from 1.0.1 to 1.0.2 in /docs (#393)
• 4702fcb chore: fix nuget warnings (#392)
• 5cf1a5c Update ci-build.yml (#391)
• c490d70 chore: sharper secret store diagram (#388)
• d31db29 chore: remove certificate warnings in unit tests (#385)
• aecfec1 docs: publish v1.9 feature docs (❗) (#386)

This list of changes was auto generated.

v2.0.0-preview-1-net8.0

Install the Arcus.Security packages that you need via NuGet, for instance Arcus.Security.Providers.AzureKeyVault:

PM > Install-Package Arcus.Security.Providers.AzureKeyVault --Version 2.0.0-preview-1-net8.0

For a complete list of all Arcus.Security packages see the documentation.

What's new?

Features

• Provide the capability to do something (#123)

Fixes / Changes

None.

Breaking Changes

None.

Removal

None.

Changes:

• c28b7f7 chore: support preview net8.0 (#421)
• d16484a chore: Update LICENSE (#409)
• 94b89ef chore: Bump http-cache-semantics from 4.1.0 to 4.1.1 in /docs (#402)
• 2570e23 chore: Bump @sideway/formula from 3.0.0 to 3.0.1 in /docs (#403)
• 3aebf4e chore: Bump webpack from 5.48.0 to 5.76.1 in /docs (#405)
• 81f75d0 chore: Bump ua-parser-js from 0.7.28 to 0.7.33 in /docs (#401)
• f47e9e2 chore: use main branch in az devops status badge (#399)
• 805aa43 chore: remove installation section (#400)
• 0b1043d chore: use codecov reporting (#398)
• 733e0e9 chore: fully use arcus.testing for logging & in-memory secrets (#397)

See More

• 8c0ccaa chore: use coverlet code coverage (#396)
• 12befc2 chore: use main branch in codeql (#395)
• 28bf111 chore: Bump json5 from 1.0.1 to 1.0.2 in /docs (#393)
• 4702fcb chore: fix nuget warnings (#392)
• 5cf1a5c Update ci-build.yml (#391)
• c490d70 chore: sharper secret store diagram (#388)
• d31db29 chore: remove certificate warnings in unit tests (#385)
• aecfec1 docs: publish v1.9 feature docs (❗) (#386)

This list of changes was auto generated.

v1.9.0

Install the Arcus.Security packages that you need via NuGet, for instance Arcus.Security.Providers.AzureKeyVault:

PM > Install-Package Arcus.Security.Providers.AzureKeyVault --Version 1.9.0

For a complete list of all Arcus.Security packages see the documentation.

What's new?

Features

• Provide the capability to synchronously retrieve secrets (#257)

Fixes / Changes

• Use non-versioned secret providers when looking up versioned secret (#380)

Changes:

• 38caa36 chore: update security diagram w/ new logo (#375)
• 61fb72b chore: Bump decode-uri-component from 0.2.0 to 0.2.2 in /docs (#377)
• 7eeae75 chore: Bump qs and express in /docs (#379)
• 78c0364 chore: Bump express from 4.17.1 to 4.18.2 in /docs (#381)
• 3dd8cfe docs: feature/brand updates (#374)
• ad6670a fix: get versioned secrets should run though all non-versioned secret providers (#382)
• dabc353 feat: sync secret retrieval via secret store (#373)
• 1194fcb Update docusaurus.build.config.js (#376)
• 4d24c1e chore: update codeql to v2 (#372)
• d63c40a chore: Bump loader-utils from 1.4.1 to 1.4.2 in /docs (#371)

See More

• 7e2df58 chore: remove deprecated pr validation config (#370)
• 5fbc9f4 chore: Bump ansi-html and webpack-dev-server in /docs (#367)
• d88380e chore: Bump ansi-regex in /docs (#368)
• 5da4661 chore: Bump loader-utils from 1.4.0 to 1.4.1 in /docs (#366)

This list of changes was auto generated.

New Contributors

• @THMKAE made their first contribution in #374

Full Changelog: v1.8.1...v1.9.0

v1.8.1

Install the Arcus.Security packages that you need via NuGet, for instance Arcus.Security.Providers.AzureKeyVault:

PM > Install-Package Arcus.Security.Providers.AzureKeyVault --Version 1.8.1

For a complete list of all Arcus.Security packages see the documentation.

What's new?

Features

None.

Fixes / Changes

• Use the correct namespace for versioned secret store extensions (#364)

Breaking Changes

None.

Removal

None.

Changes:

• b5d9476 docs: publish v1.8 feature docs (#363)
• c701464 fix: use correct namespace for versioned secret extensions (#365)

This list of changes was auto generated.

v1.8.0

Install the Arcus.Security packages that you need via NuGet, for instance Arcus.Security.Providers.AzureKeyVault:

PM > Install-Package Arcus.Security.Providers.AzureKeyVault --Version 1.8.0

For a complete list of all Arcus.Security packages see the documentation.

What's new?

Features

• Provide support for versioned secrets in the secret store (#354)

Fixes / Changes

None.

Breaking Changes

None.

Removal

None.

Changes:

• 09b3943 docs: upgrade secret store diagram (#359)
• 29775bf docs: correct az func secret store docs (#362)
• f3b42d2 feat: add secret version support (#358)
• edf5ef5 test: remove temporary tested stored az keyvault secret (#356)
• 93e3ec1 fix: update w/ correct pointers in user guide (#355)
• 4eddb8e chore: Bump terser from 4.8.0 to 4.8.1 in /docs (#353)
• 107bb04 docs: add az keyvault user guide (#352)
• 641a6f7 chore: use new az keyvault dependency tracking (#351)
• 5796263 docs: improve welcome page and sidebar (#350)
• f5ca394 chore: Bump eventsource from 1.1.0 to 1.1.1 in /docs (#349)

See More

• baa7e4f chore: add package readme project tag (#347)
• c7974c7 chore: Bump async from 2.6.3 to 2.6.4 in /docs (#346)
• b8d319a chore: update release notes w example (#344)
• 7cabd59 chore: add readme and project url to nuget pkg (#343)
• c5699a4 chore: Bump cross-fetch from 3.1.4 to 3.1.5 in /docs (#345)
• 7fe1403 docs: small secret store improvs (follow-up) (#342)
• 8e78631 chore: Bump minimist from 1.2.5 to 1.2.6 in /docs (#341)
• 376f1cc docs: publish v1.7 feature docs (#338)
• 79ac80c chore: update with az keyvault as default package (#339)
• aba283e chore: add CodeQL code scanning (#337)

This list of changes was auto generated.

v1.7.0

Install new version via NuGet

What's new?

Features

• Provide the capability to register the secret store in Azure Functions with access to environment and configuration (#334)
• Provide the capability to extend the HashiCorp Vault secret provider (#282)
• Provide .NET 6 support (arcus-azure/arcus#106)

Removal

• Remove Azure Key Vault secret and vault name validation from Azure Key Vault secret provider (#317)
• Remove unnecessary Arcus.Security.All project (#330)

Changes:

• 0e1b9e9 feat: add config az func secret store extension (#333)
• b56570c chore: treat warnings as errors (#336)
• e7e134c chore: remove all project (#335)
• 30112c2 docs: replace outdated az keyvault consume secrets w/ store secrets (#316)
• ab41ed8 docs: use file paths io url routes (#327)
• 0f2eb04 chore: correct marking az keyvault secret name obsolete (#328)
• c03f43f docs: update readme with available secret providers (#326)
• 42df2ea chore: Bump prismjs from 1.25.0 to 1.27.0 in /docs (#331)
• 1c54380 docs: add dedicate page for using secret store within Azure Functions (#321)
• b7da2d2 chore: Bump url-parse from 1.5.7 to 1.5.10 in /docs (#332)

See More

• bf0ced3 chore: correct net6.0 nuget packages dependencies (#318)
• 14bd833 chore: inform testers about hashicorp vault installation (#320)
• e8ecbf7 fix: remove az keyvault regex validation on secret & vault names (#324)
• 46cf7a9 chore: Bump url-parse from 1.5.3 to 1.5.7 in /docs (#322)
• 23852b6 chore: Bump follow-redirects from 1.14.7 to 1.14.8 in /docs (#315)
• 0c45ee2 fix: Improve the obsolete-warning regarding default caching (#310)
• 3292c4e chore: Bump nanoid from 3.1.23 to 3.2.0 in /docs (#309)
• fd27303 chore: Bump algoliasearch-helper from 3.5.5 to 3.7.0 in /docs (#302)
• 8246537 chore: Bump shelljs from 0.8.4 to 0.8.5 in /docs (#308)
• 855bdeb chore: Bump follow-redirects from 1.14.1 to 1.14.7 in /docs (#307)
• b957366 chore: Bump axios from 0.21.1 to 0.21.4 in /docs (#303)
• 0f0c9c4 chore: upgrade to net6.0 (#300)
• 92656f7 docs: typo 'syntax highlighting' (#299)
• 24076f3 chore: add fgheysels to code-owners (#298)
• 446f466 chore: remove tomkerkhove as code owner (#297)
• 7209960 docs: Separate build script (#296)
• 9d7420c docs: Add search (#295)
• 2f4bde7 fix: preview docs with wrong critical exception code sample (#293) [ #290 ]
• 44db8fe fix: add version prefix to README (#292)
• 57c1079 fix: wrong toc and critical exceptions code sample (#291)
• 0b9ae2d fix: deprecate the configuration extension to add secrets (#288)
• cbb1bbe docs: redirect from v1.5.0 old auth az key vault (#289)
• 4ae054a docs: Provide new website template (#287)
• 8cb6fad feat: open HashiCorp Vault secret provider for extension (#282)
• 2d851a4 feat: improve xml code docs + light code cleaning (#286)
• 955b9bb chore: Security upgrade github-pages from 214 to 215 (#284)
• 5fd396d fix: use ubuntu-latest for build vm image (#281)
• a8beda4 docs: publish v1.6 feature docs (#280)

This list of changes was auto generated.

Full Changelog: v1.6.0...v1.7.0

v1.6.0

Install new version via NuGet

What's new?

Features

• Provide new secret provider for command line arguments (#240)

Fixes / Changes

• Reduce standard telemetry for secret store & secret providers (#269)

Breaking Changes

None.

Removal

None.

Changes:

• 0e55ccb docs: secret store advantages (#279)
• 04008d9 chore: [Snyk] Security upgrade github-pages from 207 to 214 (#267)
• b79d1b1 docs: add manual redirection page for az key vault auth (#266)
• 0198725 chore: ignore packaging warnings (#277)
• abcd415 fix: docs/Gemfile & docs/Gemfile.lock to reduce vulnerabilities (#276)
• ec7a081 feat: add command line secret provider (#275)
• ff878eb fix: use Arcus NuGet version ranges (#274)
• 981f70f chore: [Snyk] Security upgrade jekyll-redirect-from from 0.15.0 to 0.15.0 (#273)
• 817c79a chore: Bump rexml from 3.2.4 to 3.2.5 in /docs (#272)
• 71d5924 fix: use verbose logging in secret store (#270)

See More

• 9829611 fix: add Semantic config file (#265)
• d6b31c2 Fix - broken link to managed identity auth in Azure Key Vault (#264)
• 4dac42b Docs - update managed identity authentication in Azure Key Vault (#263)
• d2aa4e4 Docs - fix correct secrert store variable (#261)
• 2ef0d90 Docs: Fix code examples (#260)
• cc21f53 Docs - publish v1.5 feature docs (#258)

This list of changes was auto generated.

v1.5.0

Install new version via NuGet

What's new?

Features

• Provide the capability to retrieve grouped secret providers with a single registered name (#237)
• Provide the capability to register the HashiCorp secret provider with a secret name mutation (#179)
• Provide the capability to use a singleton default caching (#239)
• Track the invalidate caching with a dedicated event name (#250)

Fixes / Changes

• Use the dedicated Microsoft.Extensions.* v3.1.8 packages for the UserSecrets secret provider (#249)

Breaking Changes

None.

Removal

None.

Changes:

• e1fa74e Feature - use default CacheConfiguration instead of allowCaching (#255)
• f2eca30 Fix - check raw secret result before passing allong in environment variable secret provider (#252)
• fa26413 Feature - add additional exception XML docs for caching (#253)
• f2c4bfa Feature - use dedicated 'Invalidate Secret' as event name for security event tracking (#250)
• fb1a377 Feature - support subset of secret providers in secret store (#245)
• ca156c9 Fix - use Microsoft.Extensions.* 3.1.8 packages for UserSecrets (#249)
• 6d1114f Docs - publish v1.4.1 feature docs (#246)

This list of changes was auto generated.

v1.4.1

Install new version via NuGet

What's new?

Features

• Provide the capability to add the Azure Key Vault to the secret store with authenticating via Managed Identity without a client ID (#231)

Fixes / Changes

• Update the Microsoft.Azure.Functions.Extensions package in the Azure Functions project to v1.1 (#229)

Breaking Changes

None.

Removal

None.

Changes:

• a0e0acd Feature - add Azure Key Vault secret store overloads w/o Managed Identity clientId (#236)
• cf0101d Provide issue template configuration (#235)
• 898d14e chore: Update Microsoft.Azure.Functions.Extensions to v1.1 (#233)
• d9ef0c8 [Snyk] Fix for 1 vulnerabilities (#223)
• f20eea0 Docs - publish v1.4 feature docs (#228)

This list of changes was auto generated.

v1.4.0

Install new version via NuGet

What's new?

Features

• Provide the capability to mutate the secret names before looking them up (#146)
• Provide the capability to include secrets from Docker secrets to the secret store (#149)
• Provide the capability to include HashiCorp secrets to the secret store (#159)
• Provide the capability to retrieve specific secret providers based on a registered name in the secret store (#204)
• Provide the capability to store secrets in the Azure Key Vault secret provider (#206)
• Provide the capability to track dependencies in the Azure Key Vault and HashiCorp secret providers (#181 & #182)
• Provide the capability to use the secret store outside .NET Core hosting (#215)
• Provide the capability to opt-in to track security events in the secret store (#205)
• Provide the capability to add critical exceptions to change the secret retrieval behavior in the secret store (#170)
• Provide the capability to use the new Azure.Identity SDK to authenticate in the Azure Key Vault secret provider (#191)
• Provide the capability to add a prefix to the environment secret provider (#168)

Fixes / Changes

None.

Breaking Changes

None.

Removal

• Removed the ASP.NET Core dependency in the general security package (#190)

Changes:

• 0d6852b Build(deps): Bump nokogiri from 1.10.10 to 1.11.0 in /docs (#227)
• 7d283ef Feature - update to Arcus.Observability v2.0 (#226)
• 010a7cb Docs - add remaining 'usings' to feature docs (#225)
• 3f973da Docs - add usings to code samples in feature docs (#224)
• 3b9d771 Feature - simplify Azure Key Vault secret store overloads (#220)
• a897e77 Feature - use secret source name within security logging (#222)
• 72457b2 Feature - use '.AddSecretStore' in Azure Functions secret store extension (#221)
• 25e461f Fix - use default Azure TokenCredential for more dev-friendliness (#218)
• 61bc390 Feature - provide capability to store in Azure Key Vault (#210)
• f4feab0 Feature - retrieve a specific secret provider based on a registered name (#211)

See More

• bf20134 Feature - add secret store to IServiceCollection (#216)
• 941d8c6 Feature - track HashiCorp Vault dependency (#209)
• fae34d8 Feature - track Azure Key Vault dependency (#207)
• bafff70 Feature - opt-in of security events in secret store (#208)
• 7c4ffd4 Authenticator -> Authentication for v1.x (#203)
• e3c7688 Feature - provide support for using new Azure.Identity SDK in Azure Key Vault secret provider (#193)
• 11e6daf Increase version of Microsoft.Azure.Services.AppAuthentication (#201)
• 4a1fd0d Add a SecretProvider that can be used for Docker Secrets (#171)
• 94fa164 Feature - add service dependency logging on built-in secret providers (#186)
• 2e59a52 Migrate from Polly-Signed to Polly (#198)
• ce8146f Fix - throw NotSupportedException when accessing the cache config directly from the secret store (#192)
• b990717 Feature - add configurable critical exceptions to the secret store (#175)
• 54632bd Feature - add secret name mutation to HashiCorp Vault secret store builder extensions (#188)
• 56e7c32 Remove the dependency to AspNetCore (#190)
• 6b878e8 Feature - add secret providers to secret store w/ dependent services (#185)
• 7f8565e Update README.md (#184)
• 336801a Docs - add HashiCorp Vault link to index page (#183)
• db6dd57 Fix broken link to HashiCorp Vault (#180)
• 16fbe3d Feature - add guards against Azure Key Vault component formats (#178)
• 7131882 Feature - add HashiCorp Vault secret provider (#165)
• fbbe335 Fixup - UserSecrets should return null secret value (#172)
• 03a7d85 Feature - mutate secret names before looking up (#164)
• 0578e75 Update build.yml (#166)
• 2511edf Upgrade doc depenencies and patch CVE-2020-14001 (#163)
• 065d062 Feature - add prefix to environment variable secret provider (#162)
• bf8c588 Docs - publish v1.3.0 feature docs (#158)

This list of changes was auto generated.