v3.6.0

Features:

• Support for encrypting data through the use of Hashicorp Vault (#655)
• sops publish now supports --recursive flag for publishing all files in a directory (#602)
• sops publish now supports --omit-extensions flag for omitting the extension in the destination path (#602)
• sops now supports JSON arrays of arrays (#642)

Improvements:

• Updates and standardization for the dotenv store (#612, #622)
• Close temp files after using them for edit command (#685)

Bug fixes:

• AWS SDK usage now correctly resolves the ~/.aws/config file (#680)
• sops updatekeys now correctly matches config rules (#682)
• sops updatekeys now correctly uses the config path cli flag (#672)
• Partially empty sops config files don't break the use of sops anymore (#662)
• Fix possible infinite loop in PGP's passphrase prompt call (#690)

Project changes:

• Dockerfile now based off of golang version 1.14 (#649)
• Push alpine version of docker image to Dockerhub (#609)
• Push major, major.minor, and major.minor.patch tagged docker images to Dockerhub (#607)
• Removed out of date contact information (#668)
• Update authors in the cli help text (#645)

v3.5.0

Features:

* `sops exec-env` and `sops exec-file`, two new commands for utilizing sops secrets within a temporary file or env vars

Bug fixes:

* Sanitize AWS STS session name, as sops creates it based off of the machines hostname
* Fix for `decrypt.Data` to support `.ini` files
* Various package fixes related to switching to Go Modules
* Fixes for Vault-related tests running locally and in CI.

Project changes:

* Change to proper use of go modules, changing to primary module name to `go.mozilla.org/sops/v3`
* Change tags to requiring a `v` prefix.
* Add documentation for `sops updatekeys` command

3.4.0

Features:

• sops publish, a new command for publishing sops encrypted secrets to S3, GCS, or Hashicorp Vault
• Support for multiple Azure authentication mechanisms
• Azure Keyvault support to the sops config file
• encrypted_regex option to the sops config file

Bug fixes:

• Return non-zero exit code for invalid CLI flags
• Broken path handling for sops editing on Windows
• go lint/fmt violations
• Check for pgp fingerprint before slicing it

Project changes:

• Build container using golang 1.12
• Switch to using go modules
• Hashicorp Vault server in Travis CI build
• Mozilla Publice License file to repo
• Replaced expiring test gpg keys

3.3.1

Bug fixes:

• Make sure the pgp key fingerprint is longer than 16 characters before
  slicing it. (#463)
• Allow for --set value to be a string. (#461)

Project changes:

• Using develop as a staging branch to create releases off of. What
  is in master is now the current stable release.
• Upgrade to using Go 1.12 to build sops
• Updated all vendored packages

3.3.0

New features:

• Multi-document support for YAML files
• Support referencing AWS KMS keys by their alias
• Support for INI files
• Support for AWS CLI profiles
• Comment support in .env files
• Added vi to the list of known editors
• Added a way to specify the GPG key server to use through the
  SOPS_GPG_KEYSERVER environment variable

Bug fixes:

• Now uses $HOME instead of ~ (which didn't work) to find the GPG home
• Fix panic when vim was not available as an editor, but other
  alternative editors were
• Fix issue with AWS KMS Encryption Contexts (#445) with more than one
  context value failing to decrypt intermittently. Includes an
  automatic fix for old files affected by this issue.

Project infrastructure changes:

• Added integration tests for AWS KMS
• Added Code of Conduct

3.2.0

Release 3.2.0

Release 3.1.1

* Fix incorrect version number from previous release

Release 3.1.0

* Add support for Azure Key Service
* Fix bug that prevented JSON escapes in input files from working

Release 3.0.5

Same as 3.0.4 but with the correct version set.

Release 3.0.4

* Prevent files from being encrypted twice
* Fix empty comments not being decrypted correctly
* If keyservicecmd returns an error, log it.
* Initial sops workspace auditing support (still wip)
* Refactor Store interface to reflect operations SOPS performs