diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e9bf7f3..0ffe5214 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,15 +2,19 @@ Convention: changes to experimental features live in a dedicated `## Experimental` subsection under each version. Experimental features may receive breaking changes between releases without a major version -bump. Currently experimental: sync plugins. +bump. Currently experimental: project bundling --> # Unreleased -## Experimental +# v1.0.2 * feat(sync-plugin): `plugin` sync steps now reject any `dirs`/`files` entry that is, or traverses, a symlink. Together with the existing relative-path and `..` checks, this keeps a declared path from resolving to a target outside the canister directory. The restriction may be relaxed in a future release if a safe use case emerges. +## Experimental + +* fix(bundle): path validation use parent-dir analysis without canonicalize. + # v1.0.1 * feat: `icp identity import` can now be used with a `--delegation` flag to import a delegated identity. This is most useful for containers or other internal-only delegations; for anything involving a network, `icp identity delegation request` remains the recommended way to work with delegations. diff --git a/Cargo.lock b/Cargo.lock index ab3e4ed5..1ceb8cad 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3652,7 +3652,7 @@ dependencies = [ [[package]] name = "icp" -version = "1.0.1" +version = "1.0.2" dependencies = [ "async-dropper", "async-trait", @@ -3727,7 +3727,7 @@ dependencies = [ [[package]] name = "icp-canister-interfaces" -version = "1.0.1" +version = "1.0.2" dependencies = [ "bigdecimal", "candid", @@ -3737,7 +3737,7 @@ dependencies = [ [[package]] name = "icp-cli" -version = "1.0.1" +version = "1.0.2" dependencies = [ "anstyle", "anyhow", @@ -3817,7 +3817,7 @@ dependencies = [ [[package]] name = "icp-sync-plugin" -version = "1.0.1" +version = "1.0.2" dependencies = [ "async-trait", "bytes", @@ -6368,7 +6368,7 @@ dependencies = [ [[package]] name = "schema-gen" -version = "1.0.1" +version = "1.0.2" dependencies = [ "icp", "schemars", diff --git a/Cargo.toml b/Cargo.toml index a62b9f0b..098f52c6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,7 +8,7 @@ resolver = "3" [workspace.package] authors = ["DFINITY Stiftung "] edition = "2024" -version = "1.0.1" +version = "1.0.2" repository = "https://github.com/dfinity/icp-cli" rust-version = "1.88.0" license = "Apache-2.0"