Release KSM CLI v1.3.0

[stas-schaller]

Summary

Release branch for CLI v1.3.0 — adds OS-native keyring storage as the default credential store, with security hardening and dependency fixes.

Changes

New Features

• OS-native keyring storage (KSM-800): new profiles stored in macOS Keychain, Windows Credential Manager, or Linux keyring by default; keyring is an optional install (pip install keeper-secrets-manager-cli[keyring]); --ini-file flag opts into explicit file-based storage
• Profile delete command (KSM-810): new ksm profile delete <name> subcommand; completes the recovery path referenced by KsmCliIntegrityException

Bug Fixes

• --ini-file flag respected by all subcommands (KSM-814): all profile and config subcommands now correctly use the --ini-file path — profile list, profile active, profile export, profile import, profile init, profile setup; config show, config color, config cache, config record-type-dir, config editor
• Keyring integrity verification (KSM-805): SHA-256 hash now persisted as a separate Keychain entry and verified on every load; tampered entries raise KsmCliIntegrityException with a ksm profile delete recovery hint; backward-compatible (existing entries bootstrap silently on next save)
• Active profile clearing on delete (KSM-810): delete_profile() now clears active_profile in the common config when the active profile is deleted, preventing a broken-keychain state on subsequent invocations
• Upgrade-path warning (KSM-804): warn on stderr when keyring is active but empty and a legacy keeper.ini exists, with a --ini-file recovery hint; fixed duplicate warnings from redundant Profile instantiation in command handlers
• INI file permissions (KSM-691): keeper.ini created atomically at 0600 via os.open() (eliminates TOCTOU window on Unix); set_config_mode always runs on every write so Windows ACLs (icacls) are applied to new files and pre-existing bad permissions are corrected on re-save
• Env var config reload: _reload_config() now correctly re-applies KSM_CONFIG and KSM_CONFIG_BASE64_* environment variable configs on reload instead of falling through to disk discovery
• CVE-2026-23949 (KSM-761): upgraded jaraco.context to >=6.1.0 (path traversal; build-time dependency only)
• Record create payload (KSM-702): custom: [] now always included when creating records with no custom fields; previously the key was silently omitted, causing schema inconsistency with Vault and Commander
• Profile name validation before OTT redemption (KSM-815): profile name is validated before the one-time token is redeemed; names containing whitespace or exceeding 64 characters are rejected immediately, preventing the token from being consumed on a failed init
• Profile name strict validation (KSM-829): early profile name check now uses the same [a-zA-Z0-9_-]{1,64} pattern as keyring storage; previously path-traversal characters and special characters passed the early check, consuming the one-time token before the stricter validator fired
• Shell crash with click>=8.2 (KSM-818): ksm shell crashed on any command when click-repl==0.3.0 was resolved alongside click>=8.2 (protected_args became read-only in Click 8.2); pinned click-repl to <0.3.0
• JSON output key for custom fields (KSM-820): ksm secret get --json now outputs custom fields under "custom" (was "custom_fields"), matching the canonical V3 record format used by Commander and the Keeper Vault
• Test keyring isolation (KSM-828): unit tests no longer write mock data to the real system keyring; added KeyringConfigStorage.is_available mock to all 19 Profile.init() call sites used as test scaffolding in secret_test.py, exec_test.py, and secret_inflate_test.py
• boto3 import for non-AWS --ini-file profiles (KSM-831): AwsConfigProvider import deferred to inside the elif storage == "aws": branch; users without [aws] extra no longer hit Missing import dependencies: boto3 when loading any non-AWS profile via --ini-file
• lkru utility removed (KSM-832): removed the lkru utility integration and KSM_CONFIG_KEYRING_UTILITY_PATH environment variable; lkru requires the same D-Bus Secret Service daemon as the Python keyring library and is not a headless alternative; is_available() now correctly returns False when keyring is not installed or no Secret Service daemon is running, falling back to keeper.ini file storage in both cases

Maintenance

• Updated prompt-toolkit from ~=2.0 to >=3.0 (fixes pip dependency resolution conflicts)
• Updated keeper-secrets-manager-core to >=17.2.0, keeper-secrets-manager-helper to >=1.1.0
• Keyring integration tests (KSM-830): Docker-based integration tests against a real Secret Service backend (dbus + gnome-keyring); new test-cli-keyring CI job across Python 3.10–3.13; test.cli.yml path-filtered to CLI and Python SDK paths

Breaking Changes

• Python 3.7–3.9 dropped (KSM-799, KSM-817): minimum supported version is now Python 3.10
• boto3 now optional (KSM-817): boto3 moved out of the base install; AWS sync users must install the [aws] extra: pip install keeper-secrets-manager-cli[aws]

Related Issues

• Merges Add OS-Native Secure Storage for KSM CLI Configuration #888 (OS-native keyring storage)
• Merges KSM-804: warn on stderr when keyring empty and legacy keeper.ini found #947 (KSM-804 upgrade-path warning)
• Merges KSM-805: add SHA-256 cross-session integrity verification for keyring config #948 (KSM-805 keyring integrity verification)
• Merges KSM-702: ensure custom: [] is included in record create payload #949 (KSM-702 record create payload)
• Merges KSM-817: raise CLI minimum Python to 3.10 and make boto3 optional #951 (KSM-817 boto3 optional, Python 3.10 minimum)
• Merges KSM-810: add ksm profile delete command and fix active profile clearing #953 (KSM-810 profile delete command + active profile fix)
• Merges KSM-815: validate profile name before redeeming one-time token #954 (KSM-815 profile name validation before OTT redemption)
• Merges KSM-814: fix --ini-file flag ignored by profile and config subcommands #955 (KSM-814 --ini-file flag respected by all profile/config subcommands)
• Merges KSM-818: pin click-repl<0.3.0 to fix shell crash with click>=8.2 #956 (KSM-818 shell crash with click>=8.2)
• Merges KSM-820: fix JSON output key custom_fields → custom #957 (KSM-820 JSON output key custom_fields → custom)
• Merges KSM-828: prevent unit tests from writing mock data to real system keyring #960 (KSM-828 test keyring isolation)
• Merges KSM-831: fix boto3 import error for non-AWS --ini-file profiles #961 (KSM-831 boto3 import for non-AWS --ini-file profiles)
• KSM-800, KSM-804, KSM-805, KSM-691, KSM-761, KSM-799, KSM-702, KSM-817, KSM-810, KSM-815, KSM-814, KSM-818, KSM-820, KSM-828, KSM-829, KSM-830, KSM-831, KSM-832

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	pypi/​prompt-toolkit@​2.0.10 ⏵ 3.0.52	+1
	pypi/​keyring@​25.7.0
	pypi/​click-repl@​0.3.0 ⏵ 0.2.0
	pypi/​click-help-colors@​0.2

View full report

In general, you fix this by explicitly adding a permissions block that restricts the GITHUB_TOKEN to the minimal scopes needed. For a pure CI/test workflow like this—where the jobs only check out source, install dependencies, and run tests—contents: read is usually sufficient. You can set this either at the workflow root (so it applies to all jobs that don’t override it) or per job. Here, the cleanest solution is to add a single root-level permissions block after the name: or on: section.

Concretely, in .github/workflows/test.cli.yml, add:

permissions:
  contents: read

at the top level of the workflow (aligned with name: and on:), e.g. between name: Test-CLI and on:. This will apply read-only repository-content permissions to both test-cli and test-cli-keyring jobs, without changing any of the existing steps or functionality. No imports or additional methods are needed because this is a configuration-only change in the workflow YAML.