Skip to content

Releases: andrewkoltsov/librus-sdk

v0.7.1

19 May 22:10
@github-actions github-actions
v0.7.1
d7d551e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.7.1 Latest
Latest

Fixed

  • Development dependency lockfile now resolves brace-expansion to 5.0.6,
    removing the disclosed CVE-2026-45149 high-severity resource exhaustion
    advisory from maintainer tooling. Published SDK and CLI runtime dependencies
    are unchanged.
Assets 2
Loading

v0.7.0

18 May 17:39
@github-actions github-actions
v0.7.0
d1839e2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.7.0

Added

  • Gateway API 2.0 login/password authentication through
    LIBRUS_GATEWAY_LOGIN and LIBRUS_GATEWAY_PASSWORD, including
    LibrusSession.fromGatewayCredentials() and CLI child-scoped commands that
    can run without --child in gateway_api_20.
  • Public API backend selection through LIBRUS_API_BACKEND,
    LibrusSessionOptions.apiBackend, and LibrusSession.getApiBackend().
  • Optional LIBRUS_CHILD default child selection for api_v3 CLI commands.

Changed

  • LIBRUS_EMAIL and LIBRUS_PASSWORD remain documented as deprecated
    Portal-only compatibility fallbacks. Use LIBRUS_PORTAL_EMAIL and
    LIBRUS_PORTAL_PASSWORD for api_v3, or LIBRUS_GATEWAY_LOGIN and
    LIBRUS_GATEWAY_PASSWORD for gateway_api_20.
  • Deprecated compatibility aliases now emit Node deprecation warnings when
    used.
Loading

v0.6.2

17 May 10:34
@github-actions github-actions
v0.6.2
fec075f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.6.2

Fixed

  • WiadomosciMessagesClient.getMessage() now decodes base64-encoded
    wiadomosci.librus.pl message bodies even when Librus returns plain HTML
    instead of the legacy XML <Message><Content><![CDATA[...]]></Content>
    envelope.
Loading

v0.6.1

15 May 09:01
@github-actions github-actions
v0.6.1
df7aec9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.6.1

Added

  • LibrusSession.forChildWiadomosci() and CLI messages wiadomosci-list,
    messages wiadomosci-get, and messages wiadomosci-unread now expose the
    wiadomosci.librus.pl message backend explicitly.
  • CLI messages list, messages get, and messages unread now support
    --backend <api3|wiadomosci>.

Fixed

  • messages list, messages get, messages unread, and
    LibrusSession.forChild() now use API 3.0 by default again after the
    0.6.0 regression.
Loading

v0.6.0

15 May 08:27
@github-actions github-actions
v0.6.0
c7b5d0a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.6.0

Added

  • Session-created SDK clients and CLI message read commands now use the
    portal-authenticated wiadomosci.librus.pl inbox API for messages list,
    messages get, and messages unread.
Loading

v0.5.0

13 May 09:12
@github-actions github-actions
v0.5.0
f912718
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.5.0

Added

  • The SDK now exposes an experimental BffApiClient plus
    LibrusSession.forChildBff() for reading
    https://testbff.librus.pl/v1/Messages with child-scoped access tokens.
  • messages bff-list now exposes the experimental BFF inbox message payload
    through the CLI.

Changed

  • The canonical CLI binary is now librus-sdk; the previous librus binary
    remains as a deprecated compatibility alias and prints a warning before
    delegating.
  • Synergia API requests now align message-related mobile headers with the
    Librus mobile app, including Origin: app://librus.
  • messages list now sends the mobile-app query parity options
    alternativeBody, changeNewLine, getAllTypes, page, and limit by
    default, with CLI/SDK options for overriding them.
Loading

v0.4.4

03 May 08:05
@github-actions github-actions
v0.4.4
759d15d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.4

Added

  • README now exposes CI, CodeQL, and Snyk Security status badges alongside the
    public OpenSSF Scorecard badge.
  • Snyk Security now runs in GitHub Actions and fails on high or critical
    dependency vulnerabilities.

Changed

  • Vitest branch coverage enforcement now requires at least 84%.

Fixed

  • Missing LibrusSession.fromEnv() credential errors now name the primary and
    fallback environment variables and distinguish unset values from empty ones.
Loading

v0.4.3

13 Apr 12:45
@github-actions github-actions
v0.4.3
8a1ffab
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.3

Fixed

  • CLI text rendering now decodes escaped message-body sequences without
    dropping mixed raw backslashes, closing the outstanding CodeQL sanitization
    finding in the terminal formatter.
Loading

v0.4.2

13 Apr 09:11
@github-actions github-actions
v0.4.2
8cccd4e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.2

Fixed

  • Development and CI dependency refresh now removes the disclosed high-severity
    Vite advisories GHSA-4w7w-66w2-5vf9, GHSA-v2wj-q39q-566r, and
    GHSA-p9ff-h696-f583 from maintainer workflows and repository validation
    gates; the published SDK and CLI runtime surface is otherwise unchanged.
Loading

v0.4.1

04 Apr 18:31
@github-actions github-actions
v0.4.1
a1a755e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.1

Added

  • README now exposes the public OpenSSF Scorecard badge and report link for the
    repository security posture.

Changed

  • Minimum supported Node.js is now 22.x, CI and CodeQL validation now run on
    Node 22, and development type definitions now track the Node 22 line.
  • GitHub Actions workflows now pin third-party and GitHub-hosted actions by
    commit hash, and write-scoped workflow token permissions are limited to the
    jobs that need them.
  • Annotated-tag GitHub Action pins now use the underlying commit SHA so
    Scorecard result publication keeps working with publish_results: true.
  • Dependabot now tracks both npm dependencies and pinned GitHub Actions
    updates.
  • Scorecard artifact uploads now use actions/upload-artifact@v7.0.0 so the
    workflow no longer relies on a Node.js 20 action runtime on github.com.
  • Test coverage now includes property-based checks for CSRF parsing, endpoint
    construction, and timeout environment parsing.
Loading