feat: Prefer org auth token URL over manually provided URL (#2122) by szokeasaurusrex
meta: Update version pin README.md (#2123) by szokeasaurusrex
build: Update symbolic dependency to 12.10.0 (#2120) by trzeciak
2.33.1
Security fix
This release contains a fix for a bug where auth tokens would, under the following circumstances, be logged to stdout:
The auth token was passed as a command line argument to Sentry CLI (via --auth-token)
The log level was set to info or debug
The default log level is warn, so users using the default log level were unaffected by this bug
We now redact the --auth-token argument and anything else that looks like it might be an auth token when logging the arguments that the Sentry CLI was called with (see #2115 and #2118 for details).
Other fixes & improvements
ref(token): Use secrecy crate to store auth token (#2116) by szokeasaurusrex
fix: Improve "project not found" message (#2112) by szokeasaurusrex
fix: Improve "release not found" message (#2112) by szokeasaurusrex
Fall back to co-location heuristic if sourcemap url appears remote (#1871) by brettdh
fix(sourcebundle): Skip non-UTF8 files (#2109) by loewenheim
Bumps script/sentry-cli.properties from 2.33.0 to 2.34.1.
Auto-generated by a dependency updater.
Changelog
2.34.1
Various fixes & improvements
12.10.1
(#2134) by szokeasaurusrexError
class in debugId injection snippet (#2132) by Lms242.34.0
Various fixes & improvements
2.33.1
Security fix
This release contains a fix for a bug where auth tokens would, under the following circumstances, be logged to
stdout
:--auth-token
)info
ordebug
warn
, so users using the default log level were unaffected by this bugWe now redact the
--auth-token
argument and anything else that looks like it might be an auth token when logging the arguments that the Sentry CLI was called with (see #2115 and #2118 for details).Other fixes & improvements