Skip to content

🐸 Versioned release#880

Merged
theoephraim merged 1 commit into
mainfrom
bumpy/version-packages
Jul 15, 2026
Merged

🐸 Versioned release#880
theoephraim merged 1 commit into
mainfrom
bumpy/version-packages

Conversation

@bumpy-bot

@bumpy-bot bumpy-bot commented Jul 11, 2026

Copy link
Copy Markdown
Collaborator

bumpy-frog

This PR was created and will be kept in sync by bumpy based on your bump files (in .bumpy/). Merge it when you are ready to release the packages listed below:

minor Minor releases

@varlock/astro-integration 1.1.1 → 1.2.0 CHANGELOG.md

  • Cascaded from @varlock/vite-integration: no longer defaults ssrInjectMode to resolved-env for the Cloudflare adapter (redundant with the native runtime binding loader) (bump file)

@varlock/ci-env-info 0.0.2 → 0.1.0 CHANGELOG.md

  • Add detection for Railway, AWS Amplify, Google Cloud Run, Deno Deploy, Zeabur, and Firebase App Hosting; detect dev sandboxes (CodeSandbox, StackBlitz, GitHub Codespaces, Gitpod, Replit) with isCI: false; add detectRuntime/detectOs and expose them as VARLOCK_RUNTIME/VARLOCK_OS builtin variables. (bump file)
    Also fixes several incorrect env var names found during a std-env doc audit: GitHub Actions PR number (was reading a non-existent variable), GitLab MR number (was using the instance-wide ID instead of the IID), Netlify build URL (double https://), Semaphore PR number (Classic-only variable), Azure Pipelines PR number (prefers the GitHub-facing number), and Bitbucket repo owner (deprecated variable). Adds repo extraction for Bitrise.
    A second pass against std-env's actual detection logic found three more real gaps: Vercel and Netlify now report isCI: false when running their local dev servers (vercel dev, netlify dev) instead of always reporting CI; StackBlitz detection now also requires the WebContainer runtime marker (matching std-env) instead of a weak SHELL-only heuristic that could misfire; and detectRuntime's isNode flag now matches std-env's semantics (stays true under Bun/Deno's Node-compat mode).

@varlock/cloudflare-integration 1.2.1 → 1.3.0 CHANGELOG.md

  • varlock-wrangler dev: skip watching FIFO/non-regular env sources (fixes endless no-op reload logs), and ignore spurious watch events where file mtime is unchanged (bump file)
  • Cascaded from @varlock/vite-integration: no longer defaults ssrInjectMode to resolved-env for the Cloudflare adapter (redundant with the native runtime binding loader) (bump file)

@varlock/infisical-plugin 2.0.1 → 2.1.0 CHANGELOG.md

  • Add allowMissing flag to infisical() and @initInfisical() for optional secrets (bump file)

@varlock/vite-integration 1.2.1 → 1.3.0 CHANGELOG.md

  • Detect FIFO/non-regular env sources (e.g. 1Password Environments) and skip registering them for dev-server restart watching, with a one-time notice (bump file)
  • Warn when deploying to Vercel with resolved env injection and no encryption enabled; throw if resolved-env is combined with a detected Cloudflare target (redundant with native runtime binding injection) (bump file)

varlock 1.10.0 → 1.11.0 CHANGELOG.md

  • Fix: varlock load --format json-full no longer includes @internal items by default (pass --include-internal to opt in for local debugging). Framework integrations shell out to this exact command to get their injected config, so this closes a leak where an @internal secret-zero credential could reach client/SSR runtime code. (bump file)
  • Docs: clarify that _VARLOCK_ENV_KEY encrypts the injected env blob (not an encrypted() resolver), and drop the stale plugin count from the package README (bump file)
  • Add --filter flag to load/run for selecting env vars by key/glob, @sensitive/@required, or tags (new @tag() item decorator). Also add a matching filter= arg to @generate* code-generation decorators, so a single schema can emit multiple generated files scoped to different subsets. (bump file)
  • Add detection for Railway, AWS Amplify, Google Cloud Run, Deno Deploy, Zeabur, and Firebase App Hosting; detect dev sandboxes (CodeSandbox, StackBlitz, GitHub Codespaces, Gitpod, Replit) with isCI: false; add detectRuntime/detectOs and expose them as VARLOCK_RUNTIME/VARLOCK_OS builtin variables. (bump file)
    Also fixes several incorrect env var names found during a std-env doc audit: GitHub Actions PR number (was reading a non-existent variable), GitLab MR number (was using the instance-wide ID instead of the IID), Netlify build URL (double https://), Semaphore PR number (Classic-only variable), Azure Pipelines PR number (prefers the GitHub-facing number), and Bitbucket repo owner (deprecated variable). Adds repo extraction for Bitrise.
    A second pass against std-env's actual detection logic found three more real gaps: Vercel and Netlify now report isCI: false when running their local dev servers (vercel dev, netlify dev) instead of always reporting CI; StackBlitz detection now also requires the WebContainer runtime marker (matching std-env) instead of a weak SHELL-only heuristic that could misfire; and detectRuntime's isNode flag now matches std-env's semantics (stays true under Bun/Deno's Node-compat mode).
  • Refuse to write back encrypted values to non-regular source files (FIFO/pipe) with a clear error instead of blocking (bump file)

patch Patch releases

@varlock/nextjs-integration 1.1.4 → 1.1.5 CHANGELOG.md

  • Detect FIFO/non-regular env sources (e.g. 1Password Environments) and disable watching and reload checks for them, fixing dev-server hangs and repeated reload logs (bump file)
  • Warn when deploying to Vercel without encryption enabled for the injected env blob (bump file)

env-spec-language 0.2.5 → 0.2.6 CHANGELOG.md

  • Add editor autocomplete and hover docs for the new @tag() decorator, the filter= arg on @generate* decorators, and @internal (bump file)

@github-actions github-actions Bot added release releases - managed by changesets plugin:infisical labels Jul 11, 2026
@bumpy-bot bumpy-bot force-pushed the bumpy/version-packages branch from 38d1a5c to cc532ce Compare July 11, 2026 22:32
@bumpy-bot bumpy-bot force-pushed the bumpy/version-packages branch 2 times, most recently from 589a4c9 to 9ef1e39 Compare July 14, 2026 23:10
@bumpy-bot bumpy-bot force-pushed the bumpy/version-packages branch from 9ef1e39 to 3740bde Compare July 14, 2026 23:51
@bumpy-bot bumpy-bot force-pushed the bumpy/version-packages branch from 3740bde to 2c5c648 Compare July 15, 2026 19:12
@varlock/astro-integration@1.2.0
@varlock/ci-env-info@0.1.0
@varlock/cloudflare-integration@1.3.0
@varlock/infisical-plugin@2.1.0
@varlock/nextjs-integration@1.1.5
@varlock/vite-integration@1.3.0
env-spec-language@0.2.6
varlock@1.11.0
@bumpy-bot bumpy-bot force-pushed the bumpy/version-packages branch from 2c5c648 to 2ee140a Compare July 15, 2026 19:51
@theoephraim theoephraim merged commit 0f34ca4 into main Jul 15, 2026
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants