v1.3.0

Added

• "Encrypting with Sops" documentation example.
• --ssh-verbose / --sv argument which increases verbosity of SSH commands.

Changed

• Under the hood improvements to how status bar updates are handled internally.
• Cargo dependency updates.
• Switched (back) to the https://snix.dev/ nix_compat crate for internal nix
  json log parsing.

Fixed

• Status bar is cleaned every time after execution is completed.
• Fixed garnix docs links in documentation.
• Forces bash instead of remote user's potentially unsupported shell. This bug
  was causing strange and hard to diagnose issues.
• Fixed a possible time-of-check to time-of-use bug while setting key permissions.
• deployment.privilegeEscalationCommand not being consistently applied.

v1.2.0

Added

• Manpages for 1 & 5, including subcommands.

Changed

• The domain for documentation to be wire.forall.systems. The previous URL
  will continue to be available but may redirect in the future.
• Refactored node execution to be in two distinct phases, "planning" and
  "execution". Previously, picking what steps would be run was done on the fly
  during execution.
• Cases where there are no keys to deploy, such as having 0 keys or filtered
  keys, the "Key" step will not be planned when it previously would have.
• Changed non-interactive SSH executed commands to use BatchMode=yes instead
  of using PasswordAuthentication=no and KbdInteractiveAuthentication=no.

Fixed

• Fix a bug where key permissions where being printed in decimal format instead
  of octal.
• wire inspect names without --json will now correctly output names as a
  newline separated string instead of always as a json list.
• Fix a bug where errors encountered while reading nodes from stdin where
  silently ignored

Removed

• Remove "Error Codes" documentation page & links.

v1.1.1

Fixed

• Fix a bug where wire was attempting to SSH to the local machine when buildOnTarget &
  allowLocalDeployment where true.

Full Changelog: v1.1.0...v1.1.1

v1.1.0

Added

• Add a --substitute-on-destination argument.
• Add the meta.nodeSpecialArgs meta option.
• Add wire build, a new command to build nodes offline.
  It is distinct from wire apply build, as it will not ping
  or push the result, making it useful for CI.

Changed

• Build store paths will be output to stdout

Fixed

• Fix invalidated caches not actually returning None.

v1.0.0

Added

• SIGINT signal handling

Changed

• Fix a bug related to key filtering
• Invalidate caches that reference garbage collected paths

v1.0.0-beta.0

Added

• meta.nodeNixpkgs was implemented.
• Caching of hive evaluation for flakes.

v1.0.0-alpha.1

Added

• --handle-unreachable arg was added. You can use --handle-unreachable ignore to
  ignore unreachable nodes in the status of the deployment.
• A basic progress bar

Changed

• Reverted "Wire will now attempt to use SSH ControlMaster by default."
• show subcommand looks nicer now.
• build step will always build remotely when the node is going to be applied
  locally.

v1.0.0-alpha.0

Added

• --ssh-accept-host was added.
• --on - will now read additional apply targets from stdin.
• {key.name}-key.{path,service} systemd units where added.
• --path now supports flakerefs (github:foo/bar, git+file:///...,
  https://.../main.tar.gz, etc).
• --flake is now an alias for --path.
• Wire will now attempt to use SSH ControlMaster by default.
• A terminal bell will be output if a sudo / ssh prompt is ever printed.

Fixed

• Fix bug where --non-interactive was inversed
• ./result links where being created. they will not be created anymore
• Logging from interactive commands (absence of --non-interactive) was
  improved.
• Passing sources.nixpkgs directly from npins to meta.nixpkgs has
  been fixed.

Changed

• Logs with level tracing_level::TRACE are compiled out of release builds
• Data integrity of keys have been greatly improved
• Unknown SSH keys will be immediately rejected unless --ssh-accept-host is passed.
• Logging was improved.
• config.nixpkgs.flake.source is now set by default if meta.nixpkgs ends
  with -source at priority 1000 (default).
• Evaluation has been sped up by doing it in parallel with other steps until
  the .drv is required
• A node which is going to be applied locally will now never push or
  cleanup.

Documented

• Added a real tutorial, and separated many how-to guides.
  The tutorial leads the user through creating and deploying a Wire Hive.

Full Changelog: v0.5.0...v1.0.0-alpha.0

v0.5.0

Added

• Added --reboot. Wire will wait for the node to reconnect after rebooting.
  Wire will refuse to reboot localhost. Keys post-activation will be applied
  after rebooting!

• Most errors now have error codes and documentation links.

• Added the global flag --non-interactive.

• Wire now creates its own PTY to interface with openssh's PTY to allow for
  interactive sudo authentication on both remote and local targets.

  Using a wheel user as deployment.target.user is no longer necessary
  (if you like entering your password a lot).

  A non-wheel user combined with --non-interactive will likely fail.

• Added deployment.keys.environment to give key commands environment variables.

Changed

• wire inspect/show --json will no longer use a pretty print.
• Wire will now wait for the node to reconnect if activation failed (excluding
  dry-activate).
• Nix logs with the Talkative and Chatty level have been moved to
  tracing_level::TRACE.
• Error messages have been greatly improved.

Fixed

• Some bugs to do with step execution were fixed.

Full Changelog: v0.4.0...v0.5.0

v0.4.0

Added

• Nodes may now fail without stopping the entire hive from continuing. A summary
  of errors will be presented at the end of the apply process.
• Wire will now ping the node before it proceeds executing.
• Wire will now properly respect deployment.target.hosts.
• Wire will now attempt each target host in order until a valid one is found.

Changed

• Wire now directly evaluates your hive instead of shipping extra nix code along with its binary.
  You must now use outputs.makeHive { ... } instead of a raw attribute.
  This can be obtained with npins or a flake input.
• The expected flake output name has changed from outputs.colmena to outputs.wire.

Full Changelog: v0.3.0...v0.4.0