Skip to content

Releases: Automattic/vip-cli

4.0.11

Choose a tag to compare

@github-actions github-actions released this 06 Jul 18:04
410551f

What's Changed

  • build(deps): bump Automattic/vip-actions/dependaban from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2921
  • build(deps): bump Automattic/vip-actions/docs-doctor from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2920
  • build(deps): bump Automattic/vip-actions/changelog from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2919
  • build(deps-dev): bump @types/node from 26.0.0 to 26.0.1 by @dependabot[bot] in #2917
  • build(deps-dev): bump dockerode from 5.0.0 to 5.0.1 by @dependabot[bot] in #2916
  • New develop release: 4.0.11-dev.0 by @github-actions[bot] in #2930
  • build(deps-dev): bump @types/node from 26.0.1 to 26.1.0 by @dependabot[bot] in #2932
  • build(deps): bump @apollo/client from 4.2.3 to 4.2.4 in the graphql group by @dependabot[bot] in #2931
  • build(deps): bump js-yaml from 5.2.0 to 5.2.1 by @dependabot[bot] in #2934
  • build(deps): bump @apollo/client from 4.2.4 to 4.2.5 in the graphql group by @dependabot[bot] in #2933
  • Add Step-up rechallenge implementation by @rinatkhaziev in #2869
  • fix(dev-env): prevent non-safelisted EJS execution in repo config files by @rebeccahum in #2938
  • New package release: v4.0.11 by @github-actions[bot] in #2939
  • build(deps): bump graphql from 17.0.1 to 17.0.2 in the graphql group by @dependabot[bot] in #2935

Full Changelog: 4.0.10...4.0.11

4.0.10

Choose a tag to compare

@github-actions github-actions released this 01 Jul 11:25
18a2c1a

What's Changed

  • New develop release: 4.0.10-dev.0 by @github-actions[bot] in #2915
  • fix(keychain): verify that the secure keychain actually works by @sjinks in #2928
  • build(deps): bump tar from 7.5.16 to 7.5.19 by @dependabot[bot] in #2927
  • build(deps): bump js-yaml from 5.1.0 to 5.2.0 by @dependabot[bot] in #2926
  • New package release: v4.0.10 by @github-actions[bot] in #2929
  • build(deps): bump Automattic/vip-actions/stale from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2925
  • build(deps): bump Automattic/vip-actions/ai-changelog-generator from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2924
  • build(deps): bump Automattic/vip-actions/git-hash-security-check from 517cd5a53681c02f1eb4c490f1c2e095362de10f to 63b6eb29cdcf8f55d7f0910c82356f34f8f997c4 by @dependabot[bot] in #2922

Full Changelog: 4.0.9...4.0.10

4.0.9

Choose a tag to compare

@github-actions github-actions released this 24 Jun 21:47
7547037

What's Changed

  • New develop release: 4.0.9-dev.0 by @github-actions[bot] in #2908
  • build(deps): bump js-yaml from 5.0.0 to 5.1.0 by @dependabot[bot] in #2909
  • build(deps): bump undici from 7.25.0 to 8.5.0 by @dependabot[bot] in #2886
  • test(upload): add real-undici tests for Expect-header stripping and retry via factory by @sjinks in #2910
  • test(upload): add real-undici integration test for upload byte-delivery enforcement by @sjinks in #2911
  • fix(wp): guard readline calls against ERR_USE_AFTER_CLOSE on reconnect by @sjinks in #2912
  • fix(database): optimise fixMyDumperTransform and skip metadata lines by @luismulinari in #2913
  • New package release: v4.0.9 by @github-actions[bot] in #2914

Full Changelog: 4.0.8...4.0.9

4.0.8

Choose a tag to compare

@github-actions github-actions released this 23 Jun 01:23
7ecb3f8

What's Changed

  • fix(upload): harden fetch upload streams by @sjinks in #2905
  • New develop release: 4.0.8-dev.0 by @github-actions[bot] in #2904
  • New package release: v4.0.8 by @github-actions[bot] in #2907

Full Changelog: 4.0.7...4.0.8

4.0.7

Choose a tag to compare

@github-actions github-actions released this 22 Jun 23:05
af8e8c7

What's Changed

  • New develop release: 4.0.7-dev.0 by @github-actions[bot] in #2901
  • fix(upload): set duplex for stream retry bodies by @sjinks in #2902
  • New package release: v4.0.7 by @github-actions[bot] in #2903

Full Changelog: 4.0.6...4.0.7

4.0.6

Choose a tag to compare

@github-actions github-actions released this 22 Jun 20:25
0a47d00

What's Changed

  • New develop release: 4.0.6-dev.0 by @github-actions[bot] in #2894
  • build(deps): bump actions/checkout from 6 to 7 by @dependabot[bot] in #2895
  • build(deps-dev): bump @types/node from 25.9.3 to 26.0.0 by @dependabot[bot] in #2896
  • Fix file upload retry reusing an already-consumed stream body by @mchanDev in #2897
  • build(deps): bump js-yaml from 4.2.0 to 5.0.0 by @dependabot[bot] in #2898
  • build(deps): bump semver from 7.8.4 to 7.8.5 by @dependabot[bot] in #2899
  • New package release: v4.0.6 by @github-actions[bot] in #2900

New Contributors

Full Changelog: 4.0.5...4.0.6

4.0.5

Choose a tag to compare

@github-actions github-actions released this 19 Jun 09:14
86430aa

What's Changed

  • New develop release: 4.0.4-dev.0 by @github-actions[bot] in #2841
  • build(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 by @dependabot[bot] in #2844
  • fix(cli): allow vip wp --help without requiring separator by @sjinks in #2832
  • fix(keychain): add local types for optional keytar module by @sjinks in #2851
  • build(deps): bump step-security/harden-runner from 2.19.3 to 2.19.4 by @dependabot[bot] in #2850
  • build(deps): bump semver from 7.8.0 to 7.8.1 by @dependabot[bot] in #2849
  • build(deps): bump @apollo/client from 4.1.9 to 4.2.0 in the graphql group by @dependabot[bot] in #2848
  • build(deps-dev): bump @types/node from 24.12.0 to 25.9.1 by @dependabot[bot] in #2847
  • build(deps-dev): bump the babel group with 4 updates by @dependabot[bot] in #2854
  • build(deps): bump ejs from 5.0.2 to 6.0.1 by @dependabot[bot] in #2855
  • build(deps): bump commander from 14.0.3 to 15.0.0 by @dependabot[bot] in #2857
  • Ensure the Login URL is using HTTPS by @dphiffer in #2856
  • ci: update Automattic/vip-actions to address deprecation warnings by @sjinks in #2853
  • build(deps): bump tar from 7.5.15 to 7.5.16 by @dependabot[bot] in #2866
  • build(deps): bump js-yaml from 4.1.1 to 4.2.0 by @dependabot[bot] in #2865
  • build(deps): bump graphql from 16.14.0 to 16.14.1 in the graphql group by @dependabot[bot] in #2864
  • fix(dev-env): restore update wizard prompts by @sjinks in #2852
  • fix(dev-env): avoid false use matches in SQL imports by @sjinks in #2863
  • fix(keychain): load secure keychain export by @sjinks in #2867
  • test(cli): cover wp parser invocation matrix by @sjinks in #2858
  • build(deps): bump @apollo/client from 4.2.0 to 4.2.2 in the graphql group by @dependabot[bot] in #2868
  • fix(dev-env): use -o so myloader drops existing tables before import by @WRasada in #2871
  • build(deps-dev): bump @automattic/eslint-plugin-wpvip from 1.2.1 to 1.3.0 by @dependabot[bot] in #2876
  • build(deps): bump semver from 7.8.1 to 7.8.2 by @dependabot[bot] in #2875
  • feat(app): add deploy token generation by @sjinks in #2870
  • build(deps-dev): bump @types/node from 25.9.1 to 25.9.2 by @dependabot[bot] in #2877
  • chore(deps): update vulnerable packages by @sjinks in #2859
  • docs(cli): add parser migration guardrails by @sjinks in #2860
  • test(cli): add release smoke tests by @sjinks in #2861
  • build(deps): bump semver from 7.8.2 to 7.8.3 by @dependabot[bot] in #2879
  • build(deps): bump socks-proxy-agent from 10.0.0 to 10.1.0 by @dependabot[bot] in #2880
  • build(deps): bump https-proxy-agent from 9.0.0 to 9.1.0 by @dependabot[bot] in #2881
  • refactor: replace node-fetch/nock with undici by @sjinks in #2837
  • build(deps): bump esbuild from 0.28.0 to 0.28.1 by @dependabot[bot] in #2885
  • build(deps): bump semver from 7.8.3 to 7.8.4 by @dependabot[bot] in #2882
  • build(deps-dev): bump @types/node from 25.9.2 to 25.9.3 by @dependabot[bot] in #2884
  • build(deps): bump the graphql group across 1 directory with 3 updates by @dependabot[bot] in #2888
  • vip app deploy - Flag large archive files included in BYOR deploy by @rebeccahum in #2889
  • New package release: v4.0.4 by @github-actions[bot] in #2890
  • chore: migrate to @github/keytar by @sjinks in #2892
  • New package release: v4.0.5 by @github-actions[bot] in #2893

New Contributors

Full Changelog: 4.0.3...4.0.5

4.0.3

Choose a tag to compare

@github-actions github-actions released this 12 May 22:31
cd68809

What's Changed

  • New develop release: 4.0.3-dev.0 by @github-actions[bot] in #2831
  • build(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #2824
  • fix: medium-severity CVE-2026-42338 in ip-address by @sjinks in #2833
  • build(deps-dev): bump jest from 30.4.1 to 30.4.2 in the testing group by @dependabot[bot] in #2834
  • build(deps): bump semver from 7.7.4 to 7.8.0 by @dependabot[bot] in #2835
  • build(deps): bump actions/dependency-review-action from 4.9.0 to 5.0.0 by @dependabot[bot] in #2836
  • chore(dev-deps): remove @types/tar by @sjinks in #2838
  • New package release: v4.0.3 by @github-actions[bot] in #2840

Full Changelog: 4.0.2...4.0.3

4.0.2

Choose a tag to compare

@github-actions github-actions released this 11 May 02:32
7665d6d

What's Changed

  • New develop release: 4.0.2-dev.0 by @github-actions[bot] in #2827
  • build(deps-dev): bump the testing group with 3 updates by @dependabot[bot] in #2819
  • build(deps-dev): bump @babel/preset-env from 7.29.3 to 7.29.5 in the babel group across 1 directory by @dependabot[bot] in #2813
  • build(deps): bump graphql from 16.13.2 to 16.14.0 in the graphql group across 1 directory by @dependabot[bot] in #2815
  • fix(cli): restore parser compatibility by @sjinks in #2829
  • New package release: v4.0.2 by @github-actions[bot] in #2830

Full Changelog: 4.0.1...4.0.2

4.0.1

Choose a tag to compare

@github-actions github-actions released this 08 May 18:20
2bfdda9

What's Changed

  • New develop release: 4.0.1-dev.0 by @github-actions[bot] in #2817
  • fix: service detection in vip dev-env logs by @sjinks in #2807
  • build(deps): bump tar from 7.5.13 to 7.5.14 by @dependabot[bot] in #2814
  • build(deps): bump @automattic/vip-search-replace from 2.0.0 to 2.0.1 by @dependabot[bot] in #2823
  • build(deps): bump tar from 7.5.14 to 7.5.15 by @dependabot[bot] in #2822
  • fix(cli): preserve parent args for nested subcommands by @rinatkhaziev in #2818
  • New package release: v4.0.1 by @github-actions[bot] in #2826

Full Changelog: 4.0.0...4.0.1