Releases: 1Password/load-secrets-action
Releases · 1Password/load-secrets-action
Release list
v5.0.0-beta.1
What's Changed
Feature
- Add Workload Identity authentication using the GitHub Actions OIDC token (private beta) (#169)
Full Changelog: v4.0.0...v5.0.0-beta.1
v4.0.1
What's Changed
Fix
- Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154)
- Bump actions/checkout from v5 to v6 in CI workflows. (#156)
Security
- Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157)
Docs
- Add 1Password API Terms of Service notice to the README (#166)
New Contributors
- @dagecko made their first contribution in #157
- @superteppo made their first contribution in #154
- @libutcher made their first contribution in #166
Full Changelog: v4.0.0...v4.0.1
v4.0.0
What's Changed
- Clear npm audit / Dependabot findings via
npm audit fixwhere safe (e.g. ajv, flatted, undici, and other resolvable minimatch updates). #151 - Action runtime updated from Node 20 to Node 24 for GitHub Actions compatibility (deprecation notice). #148.
New Contributors
- @jjavieralv made their first contribution in #149
Full Changelog: v3...v4.0.0
v3.2.1
What's Changed
Fix
- Revert SDK field-resolution regression introduced in v3.2.0 that broke certain valid secret refs (website/url fields) #145
Full Changelog: v3.2.0...v3.2.1
v3.2.0
What's changed
Features
- Service account auth now uses the 1Password SDK instead of the CLI; the CLI is not installed when using a service account token. #137
Fix
- Empty string secret values are now set as outputs and environment variables instead of being skipped by @toga4 in #132
- Docs: Documented the SSH key format parameter for secret references by @BolajiOlajide in #130
New Contributors
- @BolajiOlajide made their first contribution in #130
- @toga4 made their first contribution in #132
Full Changelog: v3.1.0...v3.2.0
v3.1.0
What's Changed
🚀 Features
- Support loading secrets from env files #93
Fixes
op-cli-installerdependency is removed #127
Security
- Updates js-yaml from 4.1.0 to 4.1.1 #128
New Contributors
Full Changelog: v3...v3.1.0
v3.0.0
What's Changed
🔴 Breaking change
- Set
export-envinput tofalseby default by @volodymyrZotov in #114
If you want export secrets as env variables you should update your workflows and explicitly setexport-env: trueaka
- name: Load secret
uses: 1password/load-secrets-action@v3
with:
# Export loaded secrets as environment variables
export-env: true
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
SECRET: op://app-cicd/hello-world/secret
- name: Print masked secret
run: 'echo "Secret: $SECRET"'
# Prints: Secret: ***
🚀 Features
- Use op cli installer to enable Windows support by @volodymyrZotov in #109
- Set default for
versioninput by @volodymyrZotov in #112
🔒 Security
- Use of Insufficiently Random Values in undici {#103}
- undici Denial of Service attack via bad certificate data {#103}
Full Changelog: v2...v3.0.0