Skip to content

Releases: 1Password/load-secrets-action

v5.0.0-beta.1

Pre-release

Choose a tag to compare

@JillRegan JillRegan released this 17 Jun 15:54
v5.0.0-beta.1
120f516

What's Changed

Feature

  • Add Workload Identity authentication using the GitHub Actions OIDC token (private beta) (#169)

Full Changelog: v4.0.0...v5.0.0-beta.1

v4.0.1

Choose a tag to compare

@JillRegan JillRegan released this 11 Jun 14:32
v4.0.1
3a12b0a

What's Changed

Fix

  • Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154)
  • Bump actions/checkout from v5 to v6 in CI workflows. (#156)

Security

  • Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157)

Docs

  • Add 1Password API Terms of Service notice to the README (#166)

New Contributors

Full Changelog: v4.0.0...v4.0.1

v4.0.0

Choose a tag to compare

@JillRegan JillRegan released this 23 Mar 19:26
v4.0.0
92467eb

What's Changed

  • Clear npm audit / Dependabot findings via npm audit fix where safe (e.g. ajv, flatted, undici, and other resolvable minimatch updates). #151
  • Action runtime updated from Node 20 to Node 24 for GitHub Actions compatibility (deprecation notice). #148.

New Contributors

Full Changelog: v3...v4.0.0

v3.2.1

Choose a tag to compare

@JillRegan JillRegan released this 03 Mar 00:36
v3.2.1
dafbe7c

What's Changed

Fix

  • Revert SDK field-resolution regression introduced in v3.2.0 that broke certain valid secret refs (website/url fields) #145

Full Changelog: v3.2.0...v3.2.1

v3.2.0

Choose a tag to compare

@JillRegan JillRegan released this 02 Mar 20:39
v3.2.0
cb7c5ac

What's changed

Features

  • Service account auth now uses the 1Password SDK instead of the CLI; the CLI is not installed when using a service account token. #137

Fix

  • Empty string secret values are now set as outputs and environment variables instead of being skipped by @toga4 in #132
  • Docs: Documented the SSH key format parameter for secret references by @BolajiOlajide in #130

New Contributors

Full Changelog: v3.1.0...v3.2.0

v3.1.0

Choose a tag to compare

@volodymyrZotov volodymyrZotov released this 16 Dec 19:38
8d0d610

What's Changed

🚀 Features

  • Support loading secrets from env files #93

Fixes

  • op-cli-installer dependency is removed #127

Security

  • Updates js-yaml from 4.1.0 to 4.1.1 #128

New Contributors

Full Changelog: v3...v3.1.0

v3.0.0

Choose a tag to compare

@volodymyrZotov volodymyrZotov released this 14 Aug 17:37
v3.0.0
13f58ee

What's Changed

🔴 Breaking change

  • Set export-env input to false by default by @volodymyrZotov in #114
    If you want export secrets as env variables you should update your workflows and explicitly set export-env: true aka
      - name: Load secret
        uses: 1password/load-secrets-action@v3
        with:
          # Export loaded secrets as environment variables
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret

      - name: Print masked secret
        run: 'echo "Secret: $SECRET"'
        # Prints: Secret: ***

🚀 Features

🔒 Security

Full Changelog: v2...v3.0.0

v2.0.0

Choose a tag to compare

@edif2008 edif2008 released this 20 Mar 14:15
v2.0.0
581a835

Breaking changes

  • Remove protocol prepending. Users are now required to include the protocol (http:// or https://) when passing the Connect host URL. {#66}

What's Changed

  • Migrate action to TypeScript {#36}
  • Upgrade action from Node 16 to Node 20. Credits to @parente for the contribution. {#36}

v1.3.2

Choose a tag to compare

@edif2008 edif2008 released this 21 Feb 16:31
v1.3.2
971116b

This release bumps dependency versions to address Dependabot vulnerabilities.

Security

  • Fix dependabot vulnerabilities. {#55, #57}

v1.3.1

Choose a tag to compare

@edif2008 edif2008 released this 06 Jul 16:19
v1.3.1
d1a4e73

This release fixes the CLI version parsing without the jq tool, as well as fixing some dependabot vulnerabilities.

Fixes

  • Parse CLI version without jq. {#51}

Security

  • Fix dependabot vulnerabilities. {#52}