v0.51.4

What's Changed

• chore: minor updates to README by @samayer12 in #2239
• chore: fix ci for rapidfort images by @cmwylie19 in #2227
• chore: rapidfort journey fix by @cmwylie19 in #2228
• chore: faq docs for watch vs reconcile by @cmwylie19 in #2218
• chore: update readme to add reconcile and finalize by @cmwylie19 in #2224
• chore: update spelling by @cmwylie19 in #2223
• chore: add postcast to media by @cmwylie19 in #2232
• chore: remove call to process.exit in assets by @cmwylie19 in #2226
• chore: update hashes for rapid fort images before release by @cmwylie19 in #2237
• chore: retry on failure for rapidfort login by @cmwylie19 in #2243
• chore: bump @types/express from 5.0.2 to 5.0.3 in the development-dependencies group by @dependabot in #2240
• chore: bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot in #2229
• chore: bump @types/node from 22.15.29 to 22.15.30 in the development-dependencies group by @dependabot in #2234
• chore: bump trufflesecurity/trufflehog from 3.88.35 to 3.89.0 by @dependabot in #2235

Full Changelog: v0.51.3...v0.51.4

v0.51.3

What's Changed

• chore: get crane digest by @cmwylie19 in #2222
• chore: bump library/node from ef08616 to c332080 by @dependabot in #2221
• chore: update peer dependencies by @samayer12 in #2219

Full Changelog: v0.51.2...v0.51.3

v0.51.2

What's Changed

• chore: dependabot for rapidfort by @cmwylie19 in #2220

Full Changelog: v0.51.1...v0.51.2

v0.51.1

What's Changed ♻️

• chore: migrate to rf based image for unicorn pepr by @mjnagel in #2209
• chore: support last 3 stable versions of node - drop 18 by @cmwylie19 in #2200
• chore: in faq give explanation of module author by @cmwylie19 in #2201
• chore: use latest in journey tests by @samayer12 in #2198
• chore: list commander as a direct dependency by @samayer12 in #2199
• chore: set exit code during error instead of forcing termination during npx pepr update by @samayer12 in #2204
• chore: update logging before pepr dev exits by @samayer12 in #2205
• chore: do not log about an alias when there is no alias by @cmwylie19 in #2203
• chore: generate crds docs by @cmwylie19 in #2207
• chore: check .md files with markdownlint-cli by @samayer12 in #1803
• chore: bump timeouts to 8 min by @cmwylie19 in #2212

Dependabot 🤖

• chore: bump @types/node from 22.15.24 to 22.15.29 in the development-dependencies group by @dependabot in #2217
• chore: bump kubernetes-fluent-client from 3.5.5 to 3.5.6 in the production-dependencies group by @dependabot in #2216
• chore: bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot in #2215
• chore: bump @types/node from 22.15.21 to 22.15.23 in the development-dependencies group by @dependabot in #2206
• chore: bump trufflesecurity/trufflehog from 3.88.34 to 3.88.35 by @dependabot in #2211
• chore: bump @types/node from 22.15.8 to 22.15.24 in the development-dependencies group by @dependabot in #2210
• chore: bump @types/node from 22.15.23 to 22.15.24 in the development-dependencies group by @dependabot in #2208

Full Changelog: v0.51.0...v0.51.1

v0.51.0

Release Notes

A breaking change is in the 0.51.0 release of Pepr. Users of the CLI (specifically, pepr format) will need an ESlint v9 compliant configuration. Reference the Migration PR for the hello-pepr example module.

Breaking Changes

• chore: upgrade to eslint v9 by @samayer12 in #2121

What's Changed ♻️

• chore: fix soak test by @cmwylie19 in #2149
• chore: update peer dependencies by @samayer12 in #2107
• chore: docs typo by @cmwylie19 in #2148
• chore: fixes the upgrade tests to pass ci by @cmwylie19 in #2154
• chore: integration test for scoped rbac mode by @cmwylie19 in #2157
• chore: improve test coverage for CRD generation by @samayer12 in #2160
• chore: ignore existing integration tests from lint standards for now by @samayer12 in #2161
• chore: remove eslint planned migration warning by @samayer12 in #2162
• chore: complexity in checkDeploymentStatus by @cmwylie19 in #2169
• chore: complexity around validating namespaces in deploy by @cmwylie19 in #2167
• fix: update dockerfile container images by @samayer12 in #2183
• chore: update peer dep for commander by @samayer12 in #2190
• chore: update dockerfile images by @samayer12 in #2189

Dependabot 🤖

• chore: bump actions/dependency-review-action from 4.7.0 to 4.7.1 by @dependabot in #2151
• chore: bump anchore/sbom-action from 0.19.0 to 0.20.0 by @dependabot in #2158
• chore: bump the development-dependencies group with 2 updates by @dependabot in #2159
• chore: bump library/node from 149a0b6 to 37c7b4c by @dependabot in #2165
• chore: bump kubernetes-fluent-client from 3.5.3 to 3.5.4 in the production-dependencies group by @dependabot in #2163
• chore: bump codecov/codecov-action from 5.4.2 to 5.4.3 by @dependabot in #2164
• chore: bump trufflesecurity/trufflehog from 3.88.29 to 3.88.30 by @dependabot in #2176
• chore: bump ts-jest from 29.3.3 to 29.3.4 in the development-dependencies group by @dependabot in #2177
• chore: bump distroless/nodejs22-debian12 from 7461370 to 92c2a6c by @dependabot in #2174
• chore: bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in #2175
• chore: bump the production-dependencies group with 2 updates by @dependabot in #2178
• chore: bump library/node from 37c7b4c to 78de4ef by @dependabot in #2187
• chore: bump trufflesecurity/trufflehog from 3.88.30 to 3.88.33 by @dependabot in #2186
• chore: bump the development-dependencies group across 1 directory with 3 updates by @dependabot in #2182
• chore: bump trufflesecurity/trufflehog from 3.88.33 to 3.88.34 by @dependabot in #2194
• chore: bump library/node from 37c7b4c to 85150f7 by @dependabot in #2195
• chore: bump kubernetes-fluent-client from 3.5.4 to 3.5.5 in the production-dependencies group by @dependabot in #2193
• chore: bump library/node from 85150f7 to ef08616 by @dependabot in #2197
• chore: bump globals from 16.1.0 to 16.2.0 in the development-dependencies group by @dependabot in #2196

Full Changelog: v0.50.0...v0.51.0

v0.50.0

Features 🔨

• feat: separate config for admission and watch by @cmwylie19 in #2099

What's Changed ♻️

• chore: create file content generator function for CRD tests by @samayer12 in #2088
• chore: expose podAntiAffinity from helm chart by @cmwylie19 in #2083
• chore: remove indirect alias for string generation by @samayer12 in #2087
• chore: best practice around anti-affinity by @cmwylie19 in #2093
• chore: consolidate repeated function by @samayer12 in #2094
• fix: remove broken docs link by @samayer12 in #2095
• fix: add missing helm values/templates by @mjnagel in #2101
• chore: sort cli docs alphabetically by @samayer12 in #2102
• chore: create test harness for documentation parity check by @samayer12 in #2104
• chore: update sanitized name by @cmwylie19 in #2097
• chore: audit CLI options & CLI documentation by @samayer12 in #2096
• chore: validate namespaces on deploy by @cmwylie19 in #2108
• chore: rbac config requires v1PolicyRule[] by @cmwylie19 in #2119
• chore: update path in CI to avoid unnecessary nesting by @samayer12 in #2122
• chore: npx pepr dev integration test by @cmwylie19 in #2126
• chore: add warning message for npx pepr update for eslint v8 use by @samayer12 in #2135
• chore: remove unnecessary prettier ignore rule by @samayer12 in #2133
• chore: move cli files to organized subfolders by @samayer12 in #2143
• chore: node-fips by @cmwylie19 in #2142
• chore: env vars integration test by @cmwylie19 in #2144
• chore: format integration test by @cmwylie19 in #2145
• chore: sync remove dom lib by @cmwylie19 in #2125

Dependabot 🤖

• chore: bump kubernetes-fluent-client from 3.5.1 to 3.5.2 in the production-dependencies group by @dependabot in #2090
• chore: bump anchore/scan-action from 6.1.0 to 6.2.0 by @dependabot in #2091
• chore: bump library/node from c5bfe90 to 42cb7b2 by @dependabot in #2089
• chore: bump trufflesecurity/trufflehog from 3.88.25 to 3.88.26 by @dependabot in #2092
• chore: bump undici from 7.8.0 to 7.9.0 in the development-dependencies group by @dependabot in #2146
• chore: bump library/node from 34bb77a to 149a0b6 by @dependabot in #2139
• chore: bump trufflesecurity/trufflehog from 3.88.28 to 3.88.29 by @dependabot in #2136
• chore: bump the development-dependencies group with 3 updates by @dependabot in #2138
• chore: bump actions/dependency-review-action from 4.6.0 to 4.7.0 by @dependabot in #2137
• chore: bump @types/node from 22.15.8 to 22.15.14 in the development-dependencies group by @dependabot in #2123
• chore: bump library/node from ee8a0bc to 2b11877 by @dependabot in #2124
• chore: bump the development-dependencies group with 2 updates by @dependabot in #2129
• chore: bump kubernetes-fluent-client from 3.5.2 to 3.5.3 in the production-dependencies group by @dependabot in #2128
• chore: bump library/node from 2b11877 to 34bb77a by @dependabot in #2130
• chore: bump trufflesecurity/trufflehog from 3.88.27 to 3.88.28 by @dependabot in #2117
• chore: bump @types/node from 22.15.3 to 22.15.8 in the development-dependencies group by @dependabot in #2116
• chore: bump library/node from 42cb7b2 to ee8a0bc by @dependabot in #2098
• chore: bump trufflesecurity/trufflehog from 3.88.26 to 3.88.27 by @dependabot in #2106
• chore: bump github/codeql-action from 3.28.16 to 3.28.17 by @dependabot in #2105

Full Changelog: v0.49.0...v0.50.0

v0.49.0

Features

• feat: custom name for module builds by @cmwylie19 in #2074

npx pepr build supports custom naming of zarf component and service monitors in helm charts with --custom-name [name].

• feat: pepr to scaffold and generate crds from typescript types by @cmwylie19 in #2033

npx pepr crd is now available to Scaffold and generate Kubernetes CRDs from structured TypeScript definitions. This is an alpha feature available for experimental use. Docs.

What's Changed ♻️

• chore: docs update by @cmwylie19 in #2043
• chore: fix PEPR_BUILD_VERSION for new IB Dockerfiles by @cmwylie19 in #2048
• chore: remove arm64 IB test by @cmwylie19 in #2049
• chore: updates to contributing for KFC by @cmwylie19 in #2051
• chore: remove process.exit in pods and propagate to src/cli by @cmwylie19 in #2052
• docs: update operator creation tutorial by @samayer12 in #2054
• chore: infra agnostic artifact distribution doc by @cmwylie19 in #2059
• docs: update 2025 roadmap by @samayer12 in #1860
• chore: replace process.exit() with graceful error handling by @samayer12 in #2062
• chore: document crd generate feature by @cmwylie19 in #2029
• chore: cgr node 20.15 bumps by @cmwylie19 in #2076
• chore: use default Node behavior during SIGTERM signals by @samayer12 in #2081

Dependabot 🤖

• chore: bump ts-jest from 29.3.1 to 29.3.2 in the development-dependencies group by @dependabot in #2034
• chore: bump kubernetes-fluent-client from 3.4.10 to 3.5.0 in the production-dependencies group by @dependabot in #2041
• chore: bump actions/setup-node from 4.3.0 to 4.4.0 by @dependabot in #2036
• chore: bump codecov/codecov-action from 5.4.0 to 5.4.2 by @dependabot in #2037
• chore: bump kubernetes-fluent-client from 3.5.0 to 3.5.1 in the production-dependencies group by @dependabot in #2044
• chore: bump trufflesecurity/trufflehog from 3.88.23 to 3.88.24 by @dependabot in #2045
• chore: bump trufflesecurity/trufflehog from 3.88.24 to 3.88.25 by @dependabot in #2056
• chore: bump step-security/harden-runner from 2.11.1 to 2.12.0 by @dependabot in #2055
• chore: bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot in #2061
• chore: bump chainguard-dev/setup-chainctl from 0.3.0 to 0.3.1 by @dependabot in #2060
• chore: bump anchore/sbom-action from 0.18.0 to 0.19.0 by @dependabot in #2072
• chore: bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot in #2071
• chore: bump @types/node from 22.14.1 to 22.15.0 in the development-dependencies group by @dependabot in #2069
• chore: bump distroless/nodejs22-debian12 from 28a7122 to 7461370 by @dependabot in #2070
• chore: bump @types/node from 22.15.0 to 22.15.2 in the development-dependencies group by @dependabot in #2075
• chore: bump @types/node from 22.15.2 to 22.15.3 in the development-dependencies group by @dependabot in #2082

Full Changelog: v0.48.1...v0.49.0

v0.48.1

What's Changed

• fix: resolve formatting error in release script by @samayer12 in #2035

Full Changelog: v0.48.0...v0.48.1

v0.48.0

Features

• feat: allow warnings on validation response by @mjnagel in #1974

Approving with Warnings

When(a.ConfigMap)
  .IsCreatedOrUpdated()
  .InNamespace("pepr-demo")
  .Validate(request => {
    const warnings = [];

    // Check for deprecated fields
    if (request.Raw.data && request.Raw.data["deprecated-field"]) {
      warnings.push("Warning: The 'deprecated-field' is being used and will be removed in future versions");
    }

    // Check for missing app label
    if (!request.HasLabel("app")) {
      warnings.push("Warning: Best practice is to include an 'app' label for resource identification");
    }

    // Return approval with warnings if any were generated
    return request.Approve(warnings.length > 0 ? warnings : undefined);
  });

Denying with Warnings

When(a.ConfigMap)
  .IsCreatedOrUpdated()
  .InNamespace("pepr-demo")
  .Validate(request => {
    // Check for dangerous settings
    if (request.Raw.data && request.Raw.data["dangerous-setting"] === "true") {
      const warnings = [
        "Warning: The 'dangerous-setting' field is set to 'true'",
        "Consider using a safer configuration option"
      ];

      return request.Deny(
        "ConfigMap contains dangerous settings that are not allowed",
        422,
        warnings
      );
    }

    return request.Approve();
  });

Warnings will be included in the Kubernetes API response and can be displayed to users by kubectl and other Kubernetes clients, providing helpful feedback while still enforcing policies.

What's Changed ♻️

• fix: use consistent uuid length limit in docs by @samayer12 in #2000
• chore: example to validate action by @cmwylie19 in #2004
• chore: account for unique dockerfile by @cmwylie19 in #1996
• chore: build_version_no_exist by @cmwylie19 in #2006
• chore: shellcheck giving incorrect warning on nightlies.sh by @cmwylie19 in #2009
• chore: remove possible premature program exit from watch-processor by @samayer12 in #2010
• chore: split watch-processor tests to separate test concerns by @samayer12 in #2014
• chore: finalize example in actions docs by @cmwylie19 in #2018
• chore: reconcile and watch examples in action docs by @cmwylie19 in #2019
• chore: compliance reporting ADR by @cmwylie19 in #1824
• chore: refactor watch-processor tests for clarity by @samayer12 in #2013
• chore: make uds test use library by @cmwylie19 in #2024
• chore: removes the migrateAndSetupWatch out of store.ts for improved testability by @cmwylie19 in #2027

Dependabot 🤖

• chore: bump step-security/harden-runner from 2.11.0 to 2.11.1 by @dependabot in #2003
• chore: bump @types/node from 22.13.14 to 22.13.17 in the development-dependencies group by @dependabot in #2001
• chore: bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @dependabot in #2002
• chore: bump the development-dependencies group with 2 updates by @dependabot in #2007
• chore: bump kubernetes-fluent-client from 3.4.6 to 3.4.7 in the production-dependencies group by @dependabot in #2012
• chore: bump trufflesecurity/trufflehog from 3.88.20 to 3.88.22 by @dependabot in #2011
• chore: bump library/node from 990d0ab to 047d633 by @dependabot in #2016
• chore: bump trufflesecurity/trufflehog from 3.88.22 to 3.88.23 by @dependabot in #2015
• chore: bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot in #2021
• chore: bump fast-check from 4.0.1 to 4.1.0 in the development-dependencies group by @dependabot in #2020
• chore: bump fast-check from 4.1.0 to 4.1.1 in the development-dependencies group by @dependabot in #2026
• chore: bump library/node from 047d633 to 73da8b4 by @dependabot in #2025
• chore: bump library/node from 73da8b4 to c5bfe90 by @dependabot in #2028
• chore: bump undici from 7.7.0 to 7.8.0 in the development-dependencies group by @dependabot in #2031
• chore: bump kfc and chainguard images by @dependabot in #2030
• chore: bump @types/node from 22.14.0 to 22.14.1 in the development-dependencies group by @dependabot in #2032

Full Changelog: v0.47.0...v0.48.0

v0.47.0

Overview

This release allows users to override the UUID of a Pepr module during npx pepr init with the --uuid flag. A Pepr Module UUID is a Unique identifier for your module with a max length of 36 characters. When a UUID is not set, Pepr autogenerates a uuidv4 value for you.

What's Changed ♻️

• feat: override uuid during init by @cmwylie19 in #1963
• chore: add testing around build metadata by @samayer12 in #1971
• chore: update mocking to resolve test warning by @samayer12 in #1977
• chore: resolve circular dependency between assets.ts and pods.ts by @samayer12 in #1978
• chore: use uuidv4() when user does not provide a module UUID by @samayer12 in #1979
• chore: resolve max-statements in filter.test.ts by @samayer12 in #1980
• chore: update unicorn sha hashes and remove dupe dockerfile by @cmwylie19 in #1986

Dependencies 🤖

• chore: bump @types/node from 22.13.10 to 22.13.11 in the development-dependencies group by @dependabot in #1970
• chore: bump the development-dependencies group with 2 updates by @dependabot in #1975
• chore: bump github/codeql-action from 3.28.12 to 3.28.13 by @dependabot in #1976
• chore: bump trufflesecurity/trufflehog from 3.88.18 to 3.88.19 by @dependabot in #1981
• chore: bump the development-dependencies group with 2 updates by @dependabot in #1982
• chore: bump the development-dependencies group with 2 updates by @dependabot in #1983
• chore: bump trufflesecurity/trufflehog from 3.88.19 to 3.88.20 by @dependabot in #1984
• chore: bump ts-jest from 29.3.0 to 29.3.1 in the development-dependencies group by @dependabot in #1988
• chore: bump the production-dependencies group with 2 updates by @dependabot in #1987
• chore: bump distroless/nodejs22-debian12 from 578ac82 to 28a7122 by @dependabot in #1990

Full Changelog: v0.46.3...v0.47.0