All notable changes to the Artifact Keeper CLI (ak) will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
1.0.0 - 2026-02-23
First stable release of the Artifact Keeper CLI. The CLI is feature-complete with 29 top-level commands, 100+ subcommands, interactive TUI, multi-instance management, and multi-platform distribution.
- Bumped
SonarSource/sonarqube-scan-actionfrom v5 to v6 to fix argument injection vulnerability - Updated
lrutransitive dependency to 0.16.3 to resolveIterMutunsoundness - Added explicit
permissionsblocks to all CI workflow jobs (least-privilege) - Added CodeQL workflow with exclusions for generated SDK code
- Removed URL paths from test helper error messages
- Bumped MSRV from 1.85.0 to 1.86.0
- Bumped
ratatuifrom 0.29 to 0.30,crosstermfrom 0.28 to 0.29
- Snapshot tests using
instafor JSON and table output regression detection across all command modules (~40 snapshot tests) - E2E integration test suite running against a real backend via Docker Compose (20+ test files covering auth, repo, admin, governance, analytics, webhook, and more)
- Docker Compose stack (
tests/docker-compose.yml) with backend, PostgreSQL, and Meilisearch for local E2E development - Shared test helpers in
tests/common/for E2E environment setup, auth, and API access - CI pipeline job for automated E2E testing on push to main and PRs
- Start/stop scripts (
tests/start-backend.sh,tests/stop-backend.sh) for local E2E test development
- Removed plain-text password from TOTP command examples in CLI help text
- Signing and key management -
ak sign key list,show,create,delete,revoke,rotate,exportfor managing signing keys;ak sign config show/update/export-keyfor repository signing configuration - SBOM operations -
ak sbom generate,show,list,get,delete,components,exportfor SBOM lifecycle;ak sbom cve history/trends/update-statusfor CVE tracking and triage - License compliance -
ak license policy list,show,create,deletefor managing license policies;ak license checkfor CI-friendly compliance checking (exits non-zero on violations) - Dependency-Track integration -
ak dt status,project list/show/components/findings/violations/metrics/metrics-history,metrics,policies,analyzefor vulnerability management (alias:ak dependency-track) - Enhanced scanning -
ak scan dashboardandscoresfor security overview;ak scan finding ack/revokefor finding triage;ak scan policy list/show/create/update/deletefor scan policy management;ak scan security show/updatefor repository security config - TUI security panel - new panel (press 4 or Tab) showing security dashboard, recent scans with drill-down into individual findings
0.5.0 - 2026-02-21
- Group management —
ak group list,show,create,delete,add-member,remove-memberfor managing user groups and membership - Permission management —
ak permission list,create,deletewith filtering by target type and principal type for fine-grained access control - Promotion workflows —
ak promotion promoteto move artifacts between repositories,ak promotion rule list/create/deletefor automated promotion rules,ak promotion historyto view promotion audit trail - Approval workflows —
ak approval list,show,approve,rejectfor promotion approval gates with optional notes - Quality gates —
ak quality-gate list,show,create,update,delete,check(alias:ak qg) for defining and evaluating artifact quality thresholds;checkexits non-zero on failure for CI integration - Lifecycle policies —
ak lifecycle list,show,create,delete,preview,executefor managing security-based lifecycle policies with dry-run preview support - Repository labels —
ak label repo list,add,removefor tagging repositories with key=value labels - Admin user management —
ak admin users update(email, display name, admin/active flags) andak admin users reset-passwordsubcommands
0.4.2 - 2026-02-16
- Code cleanup — removed dead code (unused fields, empty modules, unreachable branches), simplified match/if-let patterns, used
saturating_suband#[derive(Default)]where appropriate (#49) - Unit tests — added 251 unit tests across all 13 CLI modules covering parsing, config, credentials, instance management, diagnostics, scan helpers, setup detection, error types, and output rendering; introduced shared test mutex to prevent env var races (#50)
0.4.1 - 2026-02-16
- Setup writes to home directory —
ak setup npmnow writes.npmrcto~/andak setup nugetwritesNuGet.Configto~/.nuget/NuGet/instead of the project directory, preventing accidental token commits to git (#47)
0.4.0 - 2026-02-16
- TUI global search — press
sto search across all repositories on the selected instance using the Meilisearch-poweredadvanced_searchendpoint; results show artifact name, repository, format, version, and size with a faceted sidebar displaying format, repository, and content type distribution; Enter on a result navigates to that artifact in the 3-panel view (#45)
0.3.0 - 2026-02-16
- TUI server status — instances now show "online (N repos)" in green instead of incorrectly showing "offline"; health probe switched from broken
/healthendpoint tolist_repositories(#43) - TUI keychain prompts — credentials are cached in memory per instance, eliminating repeated macOS Keychain Access password dialogs on every navigation action (#43)
0.2.0 - 2026-02-16
- Config commands —
ak config list,get,set, andpathare now fully implemented with validation and table/json/yaml output (#41)
- Release CI — fixed nfpm version, download URL format, and redundant package rename step (#38, #39, #40)
- DEB/RPM packages — added Debian and RPM package builds (amd64, arm64/aarch64) via nfpm to release workflow
- Homebrew tap — automated formula generation and push to
artifact-keeper/homebrew-tapon release
0.1.0 - 2026-02-16
Initial release of the Artifact Keeper CLI.
- Multi-instance management — add, remove, list, and switch between Artifact Keeper instances with
ak instance - Authentication — interactive login with username/password or token (similar to
gh auth login), credential storage via OS keychain, logout, whoami, API token management - Repository operations — list, show, create, delete, and browse repositories; public repos accessible without auth
- Artifact operations — push, pull, list, info, delete, search, and cross-instance copy with progress bars and streaming uploads/downloads
- Setup wizards — auto-detect and configure 11 package ecosystems (npm, pip, cargo, maven, gradle, nuget, go, docker, helm, cocoapods, swift)
- Security scanning — trigger and view vulnerability scans with
ak scan - Admin commands — backup management, storage cleanup, server metrics, user management, WASM plugin management
- Doctor diagnostics — check instance connectivity, authentication status, package manager configs, and CLI health
- Interactive TUI — full-screen dashboard with ratatui for browsing repos and artifacts
- Output formats — table (default for TTY), JSON, YAML, quiet mode; auto-detected via
--formatorAK_FORMATenv var - Shell completions — bash, zsh, fish, PowerShell via
ak completion - Man pages — generate man pages for all commands via
ak man-pages - Cross-instance copy — bulk artifact migration between instances
- Release CI — GitHub Actions workflow builds binaries for Linux (x86_64, aarch64), macOS (x86_64, aarch64), and Windows (x86_64)
- Distribution — install script, Docker image, Snap package, Homebrew tap
- Generated Rust SDK from the Artifact Keeper OpenAPI spec via Progenitor
- Covers 250+ API endpoints across all backend features
- OpenAPI 3.1 → 3.0 conversion handled automatically by the xtask