Releases: nullvariant/nullvariant-vscode-extensions
Releases · nullvariant/nullvariant-vscode-extensions
git-id-switcher-v0.19.6
What's Changed
- chore(deps): Bump fast-uri from 3.1.0 to 3.1.2 by @dependabot[bot] in #494
- chore(deps): Bump @types/node from 25.6.0 to 25.6.2 in the dev-dependencies group by @dependabot[bot] in #495
- chore(deps): Bump lint-staged from 16.4.0 to 17.0.4 by @dependabot[bot] in #497
- chore(deps): Bump the github-actions group with 2 updates by @dependabot[bot] in #498
- chore(deps): Bump actions/dependency-review-action from 4.9.0 to 5.0.0 by @dependabot[bot] in #499
- fix(test): replace trivial assertions that always succeed by @nullvariant in #502
- fix(ci): add pre-commit-ci[bot] to DCO exclude pattern by @nullvariant in #503
- chore(deps): Bump the production-dependencies group across 1 directory with 2 updates by @dependabot[bot] in #501
- fix: guide Windows users to use ~/.ssh/ format for SSH key paths by @nullvariant in #504
Full Changelog: git-id-switcher-v0.19.5...git-id-switcher-v0.19.6
Contributors
dependabot and nullvariant
Assets 6
git-id-switcher-v0.19.5
What's Changed
- chore(deps): ignore diff in Renovate — v9 breaks mocha transitive by @nullvariant in #475
- chore(deps): Bump the production-dependencies group with 4 updates by @dependabot[bot] in #477
- chore(deps): Bump the github-actions group with 3 updates by @dependabot[bot] in #478
- chore(deps): update dependency typescript to v6.0.3 by @renovate[bot] in #479
- chore(deps): update step-security/harden-runner action to v2.19.0 by @renovate[bot] in #480
- fix(deps): remove vulnerable uuid by bumping @azure/msal-node to 5.1.5 by @nullvariant in #487
- chore(deps): Bump the dev-dependencies group across 1 directory with 2 updates by @dependabot[bot] in #481
- chore(deps): update sonarsource/sonarqube-scan-action action to v7.2.1 by @renovate[bot] in #486
- chore(deps): update aquasecurity/trivy-action action to v0.36.0 by @renovate[bot] in #485
- chore(deps): update restyled-io/actions action to v4.4.24 by @renovate[bot] in #484
- chore(deps): bump typescript-eslint to 8.59.1 + drop unnecessary type assertions by @nullvariant in #488
- chore(deps): Bump SonarSource/sonarqube-scan-action from 7.2.1 to 8.0.0 by @dependabot[bot] in #491
- chore(deps): Bump the github-actions group with 2 updates by @dependabot[bot] in #490
- chore(deps): Bump eslint from 10.2.1 to 10.3.0 in the dev-dependencies group by @dependabot[bot] in #489
- chore(security): add gitleaks secret detection and .gitignore security baseline by @nullvariant in #493
Full Changelog: git-id-switcher-v0.19.4...git-id-switcher-v0.19.5
Contributors
renovate, dependabot, and nullvariant
Assets 6
git-id-switcher-v0.19.4
What's Changed
- revert: remove Legitify integration — upstream rejects fine-grained PATs (v0.19.4) by @nullvariant in #474
Full Changelog: git-id-switcher-v0.19.3...git-id-switcher-v0.19.4
Contributors
nullvariant
Assets 6
git-id-switcher-v0.19.3
What's Changed
- feat(security): add Legitify SCM posture audit by @nullvariant in #472
- fix(security): pin Legitify to post-v1.0.11 main SHA, distribute badge (v0.19.3) by @nullvariant in #473
Full Changelog: git-id-switcher-v0.19.2...git-id-switcher-v0.19.3
Contributors
nullvariant
Assets 6
git-id-switcher-v0.19.2
What's Changed
- chore(deps): Bump @types/node from 25.5.2 to 25.6.0 in the dev-dependencies group across 1 directory by @dependabot[bot] in #464
- chore(deps): Bump the production-dependencies group across 1 directory with 2 updates by @dependabot[bot] in #465
- chore(deps): Bump the github-actions group with 4 updates by @dependabot[bot] in #466
- chore(deps): Bump softprops/action-gh-release from 2.6.1 to 3.0.0 by @dependabot[bot] in #467
- chore(deps): Bump actions/github-script from 8.0.0 to 9.0.0 by @dependabot[bot] in #468
- fix(git-id-switcher): replace broken Snyk badge with static shield by @nullvariant in #470
Full Changelog: git-id-switcher-v0.19.1...git-id-switcher-v0.19.2
What's Changed
- chore(deps): Bump @types/node from 25.5.2 to 25.6.0 in the dev-dependencies group across 1 directory by @dependabot[bot] in #464
- chore(deps): Bump the production-dependencies group across 1 directory with 2 updates by @dependabot[bot] in #465
- chore(deps): Bump the github-actions group with 4 updates by @dependabot[bot] in #466
- chore(deps): Bump softprops/action-gh-release from 2.6.1 to 3.0.0 by @dependabot[bot] in #467
- chore(deps): Bump actions/github-script from 8.0.0 to 9.0.0 by @dependabot[bot] in #468
- fix(git-id-switcher): replace broken Snyk badge with static shield by @nullvariant in #470
Full Changelog: git-id-switcher-v0.19.1...git-id-switcher-v0.19.2
Contributors
dependabot and nullvariant
Assets 6
git-id-switcher-v0.19.1
What's Changed
- fix(git-id-switcher): replace broken Marketplace badge with Open VSX version badge by @nullvariant in #469
Full Changelog: git-id-switcher-v0.19.0...git-id-switcher-v0.19.1
Contributors
nullvariant
Assets 6
git-id-switcher-v0.19.0
What's Changed
- refactor(errors): split validation types into dedicated module by @nullvariant in #403
- test(errors): add cross-OS getSafeStack path sanitization tests by @nullvariant in #404
- refactor(webview): extract pure HTML template functions for testability by @nullvariant in #405
- fix(ui): escape Markdown special characters in tooltip user values by @nullvariant in #406
- docs: add GOVERNANCE.md by @nullvariant in #407
- test(e2e): improve identityManager.test.ts assertion quality by @nullvariant in #408
- docs: cross-link root-level documents and improve discoverability by @nullvariant in #409
- test: add branch coverage tests by @nullvariant in #411
- refactor(ui): derive AddFormState from Identity and remove GenericQuickPick by @nullvariant in #412
- feat(security): add Allstar policy configuration by @nullvariant in #413
- chore(deps): update step-security/harden-runner action to v2.16.1 by @renovate[bot] in #415
- chore(deps): update restyled-io/actions action to v4.4.19 by @renovate[bot] in #414
- chore(security): add Snyk policy to exclude test false positives by @nullvariant in #416
- docs(git-id-switcher): add Snyk badge by @nullvariant in #417
- docs: reorder and expand security badges by @nullvariant in #419
- docs: remove unlinked service badges by @nullvariant in #420
- feat: add npm namespace placeholder for git-id-switcher by @nullvariant in #422
- fix: normalize repository.url in npm placeholder package by @nullvariant in #423
- docs: add FOSSA integration to SECURITY.md by @nullvariant in #424
- ci(dco): add DCO enforcement workflow by @nullvariant in #425
- docs(readme): add FOSSA License and Security badges by @nullvariant in #426
- docs(readme): add Socket.dev static badge by @nullvariant in #427
- fix(readme): correct Socket.dev badge link URL by @nullvariant in #428
- feat(ci): add CI-gated PR auto-approval to Justice bot by @nullvariant in #430
- fix: replace console.log/debug with OutputChannel-based extensionLogger by @nullvariant in #431
- refactor(security): separate log path validation into secureLogPath.ts by @nullvariant in #432
- fix(ci): replace gh pr review with gh api for checkout-free approval by @nullvariant in #433
- chore(coverage): enforce c8 coverage thresholds via .c8rc.json by @nullvariant in #434
- refactor(logging): add disposed guard to ExtensionLogger by @nullvariant in #438
- fix(ci): exclude dependabot commits from DCO check by @nullvariant in #439
- chore(deps): Bump the dev-dependencies group with 2 updates by @dependabot[bot] in #435
- chore(deps): Bump typescript-eslint from 8.57.2 to 8.58.0 in the production-dependencies group by @dependabot[bot] in #436
- fix(ci): allow SonarSource/sonarqube-scan-action in dependency review by @nullvariant in #440
- chore(deps): Bump SonarSource/sonarqube-scan-action from 7.0.0 to 7.1.0 in the github-actions group by @dependabot[bot] in #437
- refactor(logging): consolidate console.error/warn to extensionLogger by @nullvariant in #441
- refactor(test): improve assertion quality in errors.test.ts by @nullvariant in #442
- refactor(test): move toFieldError tests to validation-types.test.ts by @nullvariant in #443
- refactor(security): harden toFieldError defensive design by @nullvariant in #444
- refactor(test): extract shared env save/restore helper by @nullvariant in #445
- fix(git-id-switcher): improve Webview HTML template CSS/a11y by @nullvariant in #446
- refactor(git-id-switcher): extract buildHtmlShell helper by @nullvariant in #447
- refactor(git-id-switcher): scope webview body overrides by class and expand design tokens by @nullvariant in #448
- ci(dco): exclude renovate[bot] from DCO check by @nullvariant in #451
- chore(deps): update dependency python to 3.14 by @renovate[bot] in #450
- ci(deps): allow restyled-io sub-actions in dependency review by @nullvariant in #452
- chore(deps): update restyled-io/actions action to v4.4.20 by @renovate[bot] in #449
- security(git-id-switcher): harden webview CSP and add fail-safe fallback by @nullvariant in #453
- refactor(git-id-switcher): narrow webview fallback catch to CspValidationError by @nullvariant in #454
- security(git-id-switcher): SanitizedHtml branded type for buildDocumentHtml content by @nullvariant in #455
- fix(git-id-switcher): Webview template a11y improvements by @nullvariant in #456
- feat(git-id-switcher): defense-in-depth nonce/lang validation at buildHtmlShell by @nullvariant in #457
- refactor(git-id-switcher): split htmlTemplates into a directory and tighten shell trust boundary by @nullvariant in #458
- refactor(git-id-switcher): split shell.ts into types/csp/baseStyles/shell modules by @nullvariant in #459
- security(git-id-switcher): externalize linkInterceptScript and add href scheme allowlist by @nullvariant in #460
- refactor(git-id-switcher): narrow htmlTemplates ESLint exception to csp.ts only by @nullvariant in #461
- security(git-id-switcher): tighten CSP img-src from wildcard to explicit subdomain by @nullvariant in #462
- refactor(git-id-switcher): design tokens round two — body tokens + pad→size rename by @nullvariant in #463
Full Changelog: git-id-switcher-v0.18.0...git-id-switcher-v0.19.0
Contributors
renovate, dependabot, and nullvariant
Assets 6
git-id-switcher-v0.18.0
What's Changed
- chore(deps): Bump typescript-eslint from 8.57.0 to 8.57.1 in the production-dependencies group by @dependabot[bot] in #368
- feat(ci): add dependency safety review to Justice-bot by @nullvariant in #369
- test: add temporary Justice-bot test workflow by @nullvariant in #371
- chore: remove temporary Justice-bot test workflow by @nullvariant in #373
- fix(ci): remove checkout from Justice-bot to resolve Scorecard alert by @nullvariant in #374
- feat(ci): add code quality review to Slow-bot by @nullvariant in #375
- feat(ci): add PR review to Mimi, Luna, Blaze, and Ciel bots by @nullvariant in #376
- feat(ci): add JSON Schema for zoo bot rule files by @nullvariant in #377
- fix(ci): add GH_REPO env to all zoo bot review jobs by @nullvariant in #379
- fix(ci): fix printf invalid option error in Ciel-bot by @nullvariant in #381
- fix(deps): bump flatted 3.4.1 to 3.4.2 by @nullvariant in #382
- chore(deps): Bump eslint from 10.0.3 to 10.1.0 in the dev-dependencies group by @dependabot[bot] in #383
- feat(ci): zoo bots respond to all PRs including workflow-only changes by @nullvariant in #385
- chore(deps): Bump the github-actions group with 5 updates by @dependabot[bot] in #384
- chore(deps): migrate typescript to v6 by @nullvariant in #387
- chore(deps): Bump picomatch from 4.0.3 to 4.0.4 by @dependabot[bot] in #388
- fix(deps): patch picomatch, yaml, brace-expansion vulnerabilities by @nullvariant in #389
- fix(deps): patch GHSA-f886-m6hf-6m8v and GHSA-qj8w-gfj5-8c6v by @nullvariant in #390
- chore(ci): migrate R2 deploy target from nullvariant-assets to kura by @nullvariant in #391
- chore(lint): add no-duplicate-imports ESLint rule by @nullvariant in #392
- fix(security): resolve infinite recursion risk in SecurityError.getSafeStack() by @nullvariant in #393
- fix(security): webview HTML escape defense-in-depth by @nullvariant in #394
- fix(security): mask SSH key path and GPG key ID in status bar tooltip by @nullvariant in #395
- refactor(validation): unify UI and identity layer validation as SSoT by @nullvariant in #396
- refactor(ui): split identityManager.ts into 4 modules by @nullvariant in #401
- chore(deps): Bump typescript-eslint from 8.57.1 to 8.57.2 in the production-dependencies group by @dependabot[bot] in #397
- chore(deps): Bump the github-actions group with 4 updates by @dependabot[bot] in #399
- chore(deps): Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 by @dependabot[bot] in #398
- chore(deps): Bump codecov/codecov-action from 5.5.3 to 6.0.0 by @dependabot[bot] in #400
- perf(identity): add validation cache and remove deprecated aliases by @nullvariant in #402
Full Changelog: git-id-switcher-v0.17.1...git-id-switcher-v0.18.0
Contributors
dependabot and nullvariant
Assets 6
git-id-switcher-v0.17.1
What's Changed
- docs(git-id-switcher): add Sync Check docs to 24 language READMEs by @nullvariant in #366
- fix(git-id-switcher): revert engines.vscode to ^1.85.0 by @nullvariant in #367
Full Changelog: git-id-switcher-v0.17.0...git-id-switcher-v0.17.1
Contributors
nullvariant
Assets 6
git-id-switcher-v0.17.0
What's Changed
- feat(git-id-switcher): add sync checker engine by @nullvariant in #358
- feat(git-id-switcher): add status bar sync warning and resolution flow by @nullvariant in #359
- feat(git-id-switcher): add event-driven sync check, settings, and i18n by @nullvariant in #360
- fix(ci): replace trivy-action with direct GitHub Releases download by @nullvariant in #361
- fix(ci): add release-assets domain to egress allowlist by @nullvariant in #362
- fix(ci): use ghcr.io for Trivy vulnerability DB by @nullvariant in #363
- fix(ci): add raw.githubusercontent.com to egress by @nullvariant in #364
- fix(ci): add timestamp.sigstore.dev to egress by @nullvariant in #365
Full Changelog: git-id-switcher-v0.16.22...git-id-switcher-v0.17.0
Contributors
nullvariant