Skip to content

Tags: codefresh-io/cli

Tags

v0.89.3

Toggle v0.89.3's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
chore(CR-30239): fix vulnerabilities in dependencies (#885)

Update package versions to reduce security vulnerabilities

v0.89.2

Toggle v0.89.2's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
chore(CR-29164): updated node.js, debian, jsonpath-plus, tar-fs, kube…

…ctl, brace-expansion (#883)

## What
CVE-2025-1302 - fixed by updating jsonpath-plus
CVE-2022-33987 , CVE-2022-33987  -  fixed by updating openid-client
CVE-2025-48387 , CVE-2024-12905 - fixed by updating tar-fs
CVE-2025-48060 , CVE-2024-23337 , CVE-2025-26519 , CVE-2024-9143 ,
CVE-2024-13176 , CVE-2024-12797- fixed by updating alpine/debian
CVE-2024-45338 , CVE-2025-22870 , CVE-2025-22872 - fixed by updating
kubectl
CVE-2025-5889 - fixed by updating brace-expansion


## Why

## Notes

v0.89.1

Toggle v0.89.1's commit message

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed. 
bug(cli): preserve base64 padding in environment variable parsing (#882)

## What

## Why

## Notes

---------

Co-authored-by: Prabesh <sthapaprabesh2020@gmail.com>

v0.89.0

Toggle v0.89.0's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
feat: CR-28628 Add ability to use secret variables in codefresh-run C…

…LI (#880)

## What

## Why

## Notes

v0.88.6

Toggle v0.88.6's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
fix: description for flag --disable-notifications (#878)

v0.88.5

Toggle v0.88.5's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
chore: sign with cosign (#875)

## What

## Why

## Notes

v0.88.4

Toggle v0.88.4's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
build: exlude redundant files from package, downgrade node (#873)

## What

This excludes redundant files from published package.

v0.88.3

Toggle v0.88.3's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
build: upgrade dependencies (#870)

## What

This PR reapplies #866 that was previously reverted in #869.

It contains upgrade for multiple dependencies to address critical- and
high-level CVE.

In addition to #866, it:

* upgrades `npm` to address
[CVE-2024-21538](https://scout.docker.com/vulnerabilities/id/CVE-2024-21538?s=github&n=cross-spawn&t=npm&vr=%3E%3D7.0.0%2C%3C7.0.5&utm_source=desktop&utm_medium=ExternalLink).
* Sets `NODE_NO_WARNINGS=1` env in Dockerfile
([ref](https://nodejs.org/api/cli.html#node_no_warnings1)) in order to
suppress Node.js deprecation warnings, that may interrupt end-user
automations, that rely on exact CLi output.
* Migrates from `pkg`, which is no longer maintained, to its fork
`@yao-pkg/pkg`.

v0.88.2

Toggle v0.88.2's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
Annotate images based on name (#868)

## What

## Why

## Notes

v0.88.1

Toggle v0.88.1's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
fix: revert previous version (#869)

## What

This reverts previous version 0.88.0.

## Why

New release added Node.js-level warnings to output which broke custom
parsing of CLI output.