@uluops/cli 0.12.0 → 0.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/package.json +13 -13
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,20 @@ All notable changes to `@uluops/cli` will be documented in this file.
|
|
|
4
4
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
6
6
|
|
|
7
|
+
## [0.12.1] - 2026-06-01
|
|
8
|
+
|
|
9
|
+
### Fixed
|
|
10
|
+
|
|
11
|
+
- **Install no longer fails on `ETARGET No matching version found for @uluops/ops-sdk@3.0.0`.** `0.12.0` transitively required `@uluops/core@0.18.0`, which had been published with broken pins to `@uluops/ops-sdk@3.0.0` and `@uluops/registry-sdk@0.30.0` — both subsequently unpublished from the registry. This release pulls in `@uluops/core@0.18.1` which repaired those references, unblocking fresh installs.
|
|
12
|
+
|
|
13
|
+
### Security
|
|
14
|
+
|
|
15
|
+
- **Bump full UluOps dep chain to today's hardened versions.** `@uluops/sdk-core` 0.11.0 → 0.11.1, `@uluops/ops-sdk` 3.0.3 → 3.0.5, `@uluops/registry-sdk` 0.30.1 → 0.30.2, `@uluops/core` 0.18.0 → 0.18.1. All packages now resolve to a single `@uluops/sdk-core@0.11.1` instance in `node_modules` (no duplicate nested copies), so the sdk-core security hardening — `redirect: 'error'` on all fetch sites, `stripControlChars` in error messages, widened `SENSITIVE_KEYS`, `REDACTED_DETAIL_KEYS` `column` fix, and `sanitizeString` URL-userinfo + bare JWT coverage — applies uniformly across every SDK code path the CLI invokes. See `@uluops/sdk-core` CHANGELOG 0.11.1.
|
|
16
|
+
|
|
17
|
+
### Supply chain
|
|
18
|
+
|
|
19
|
+
- **Pin remaining caret deps to exact versions.** `commander`, `ora`, `@biomejs/biome`, `@types/node`, `@vitest/coverage-v8`, `tsx`, `typescript`, `vitest` stripped of caret ranges per the UluOps exact-pinning policy adopted 2026-06-01 in response to the RedHat-class supply-chain attack pattern.
|
|
20
|
+
|
|
7
21
|
## [0.12.0] - 2026-06-01
|
|
8
22
|
|
|
9
23
|
### Changed
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@uluops/cli",
|
|
3
|
-
"version": "0.12.
|
|
3
|
+
"version": "0.12.1",
|
|
4
4
|
"description": "Unified CLI for UluOps - validation tracking and registry management",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -40,20 +40,20 @@
|
|
|
40
40
|
},
|
|
41
41
|
"license": "MIT",
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"@uluops/core": "0.18.
|
|
44
|
-
"@uluops/ops-sdk": "3.0.
|
|
45
|
-
"@uluops/registry-sdk": "0.30.
|
|
46
|
-
"@uluops/sdk-core": "0.11.
|
|
47
|
-
"commander": "
|
|
48
|
-
"ora": "
|
|
43
|
+
"@uluops/core": "0.18.1",
|
|
44
|
+
"@uluops/ops-sdk": "3.0.5",
|
|
45
|
+
"@uluops/registry-sdk": "0.30.2",
|
|
46
|
+
"@uluops/sdk-core": "0.11.1",
|
|
47
|
+
"commander": "13.1.0",
|
|
48
|
+
"ora": "8.1.1"
|
|
49
49
|
},
|
|
50
50
|
"devDependencies": {
|
|
51
|
-
"@biomejs/biome": "
|
|
52
|
-
"@types/node": "
|
|
53
|
-
"@vitest/coverage-v8": "
|
|
54
|
-
"tsx": "
|
|
55
|
-
"typescript": "
|
|
56
|
-
"vitest": "
|
|
51
|
+
"@biomejs/biome": "2.4.0",
|
|
52
|
+
"@types/node": "22.12.0",
|
|
53
|
+
"@vitest/coverage-v8": "3.2.6",
|
|
54
|
+
"tsx": "4.19.2",
|
|
55
|
+
"typescript": "5.7.3",
|
|
56
|
+
"vitest": "3.2.6"
|
|
57
57
|
},
|
|
58
58
|
"engines": {
|
|
59
59
|
"node": ">=18.0.0"
|