Hex v0.18.0 Release Notes
Release Date: 2018-07-05 // almost 6 years ago-
API keys
When authenticating with
mix hex.user auth
two API keys are generated instead of single one. One key is unencrypted with read access and the other is encrypted with your local password and has full read/write access to the API. Now commands that don't make any changes will not require a password.โ Additionally, we generate a single key that gives access to all your organization repositories, instead of one key for each repository. It also has the added benefit that you don't have to reauthenticate if you are added to a new organization.
๐ท We have also added support for keys owned directly by an organization instead of a specific user, these keys can be accessed through
mix hex.organization
. This is useful when generating keys for a CI environment, previously when personal keys were used, a person leaving an organization or revoking the key could negatively affect CI workflow.๐ Improvements to continuous integration workflows
The
HEX_API_KEY
environment variable has been introduced to be able run commands that require an authentication without having to authenticate manually withmix hex.user auth
which has user input prompts. The key set withHEX_API_KEY
can be generated withmix hex.user key generate
ormix hex.organization key ORGANIZATION generate
. It also makes it possible to run commands such asmix hex.publish
without being prompted for a password.By passing the
--yes
flag tomix hex.publish
you can publish your package (together withHEX_API_KEY
) without any confirmation prompts. This allows you to publish your package as part of your CI build process.Ignoring
:maintainers
field๐ In previous Hex versions we required
:maintainers
key to be present when publishing package. At the same time, on hex.pm we are also showing package owners (controlled by themix hex.owner
task). It was confusing to show both maintainers and owners and figure out which really control the package, so we've dropped showing maintainers on hex.pm and the field will no longer be added to package's metadata.If maintainers field was used to give credit to current and/or past contributors we encourage to mention that in project's README instead.
โจ Enhancements
- โ Add
--yes
flag tohex.publish
for publishing without any confirmation prompts - Add
HEX_API_KEY
environment variable for setting and overriding the key used when authenticating against the API - Generate a single key for all organization repositories when authenticating a new user
- Return a non-zero exit code from
hex.outdated
when dependencies are outdated - Generate two API keys when authenticating, one encrypted with write access, and one unencrypted with only read access
- โ Add ownership levels to
hex.owner
task - When resolving, try all possible backtrack branches and select the best solution
- ๐ Improve formatting of multi-line validation errors
- ๐ง Do not use
:maintainers
package configuration field - ๐ Change
hex.organization
to generate keys owned by organization instead of the user generating them - โ Add options to
hex.organization key
for revoking and listing keys owned by organization - ๐ Improve interface for
hex.user key
andhex.organization key
, the following commands have changed:hex.user key --generate
=>hex.user key generate
hex.user key --list
=>hex.user key list
hex.user key --revoke KEY_NAME
=>hex.user key revoke KEY_NAME
hex.user key --revoke-all
=>hex.user key revoke --all
hex.organization key ORGANIZATION
=>hex.organization key ORGANIZATION generate
- โ Add