Release KSM CLI v1.3.0

[stas-schaller]

Summary

Release branch for CLI v1.3.0 — adds OS-native keyring storage as the default credential store, with security hardening and dependency fixes.

Changes

New Features

• OS-native keyring storage (KSM-800): new profiles stored in macOS Keychain, Windows Credential Manager, or Linux keyring by default; keyring is an optional install (pip install keeper-secrets-manager-cli[keyring]); --ini-file flag opts into explicit file-based storage
• Profile delete command (KSM-810): new ksm profile delete <name> subcommand; completes the recovery path referenced by KsmCliIntegrityException

Bug Fixes

• --ini-file flag respected by all subcommands (KSM-814): all profile and config subcommands now correctly use the --ini-file path — profile list, profile active, profile export, profile import, profile init, profile setup; config show, config color, config cache, config record-type-dir, config editor
• Keyring integrity verification (KSM-805): SHA-256 hash now persisted as a separate Keychain entry and verified on every load; tampered entries raise KsmCliIntegrityException with a ksm profile delete recovery hint; backward-compatible (existing entries bootstrap silently on next save)
• Active profile clearing on delete (KSM-810): delete_profile() now clears active_profile in the common config when the active profile is deleted, preventing a broken-keychain state on subsequent invocations
• Upgrade-path warning (KSM-804): warn on stderr when keyring is active but empty and a legacy keeper.ini exists, with a --ini-file recovery hint; fixed duplicate warnings from redundant Profile instantiation in command handlers
• INI file permissions (KSM-691): keeper.ini created atomically at 0600 via os.open() (eliminates TOCTOU window on Unix); set_config_mode always runs on every write so Windows ACLs (icacls) are applied to new files and pre-existing bad permissions are corrected on re-save
• Env var config reload: _reload_config() now correctly re-applies KSM_CONFIG and KSM_CONFIG_BASE64_* environment variable configs on reload instead of falling through to disk discovery
• CVE-2026-23949 (KSM-761): upgraded jaraco.context to >=6.1.0 (path traversal; build-time dependency only)
• Record create payload (KSM-702): custom: [] now always included when creating records with no custom fields; previously the key was silently omitted, causing schema inconsistency with Vault and Commander
• Profile name validation before OTT redemption (KSM-815): profile name is validated before the one-time token is redeemed; names containing whitespace or exceeding 64 characters are rejected immediately, preventing the token from being consumed on a failed init
• Profile name strict validation (KSM-829): early profile name check now uses the same [a-zA-Z0-9_-]{1,64} pattern as keyring storage; previously path-traversal characters and special characters passed the early check, consuming the one-time token before the stricter validator fired
• Shell crash with click>=8.2 (KSM-818): ksm shell crashed on any command when click-repl==0.3.0 was resolved alongside click>=8.2 (protected_args became read-only in Click 8.2); pinned click-repl to <0.3.0
• JSON output key for custom fields (KSM-820): ksm secret get --json now outputs custom fields under "custom" (was "custom_fields"), matching the canonical V3 record format used by Commander and the Keeper Vault
• Test keyring isolation (KSM-828): unit tests no longer write mock data to the real system keyring; added KeyringConfigStorage.is_available mock to all 19 Profile.init() call sites used as test scaffolding in secret_test.py, exec_test.py, and secret_inflate_test.py
• boto3 import for non-AWS --ini-file profiles (KSM-831): AwsConfigProvider import deferred to inside the elif storage == "aws": branch; users without [aws] extra no longer hit Missing import dependencies: boto3 when loading any non-AWS profile via --ini-file
• lkru utility removed (KSM-832): removed the lkru utility integration and KSM_CONFIG_KEYRING_UTILITY_PATH environment variable; lkru requires the same D-Bus Secret Service daemon as the Python keyring library and is not a headless alternative; is_available() now correctly returns False when keyring is not installed or no Secret Service daemon is running, falling back to keeper.ini file storage in both cases

Maintenance

• Updated prompt-toolkit from ~=2.0 to >=3.0 (fixes pip dependency resolution conflicts)
• Updated keeper-secrets-manager-core to >=17.2.0, keeper-secrets-manager-helper to >=1.1.0
• Keyring integration tests (KSM-830): Docker-based integration tests against a real Secret Service backend (dbus + gnome-keyring); new test-cli-keyring CI job across Python 3.10–3.13; test.cli.yml path-filtered to CLI and Python SDK paths

Breaking Changes

• Python 3.7–3.9 dropped (KSM-799, KSM-817): minimum supported version is now Python 3.10
• boto3 now optional (KSM-817): boto3 moved out of the base install; AWS sync users must install the [aws] extra: pip install keeper-secrets-manager-cli[aws]

Related Issues

• Merges Add OS-Native Secure Storage for KSM CLI Configuration #888 (OS-native keyring storage)
• Merges KSM-804: warn on stderr when keyring empty and legacy keeper.ini found #947 (KSM-804 upgrade-path warning)
• Merges KSM-805: add SHA-256 cross-session integrity verification for keyring config #948 (KSM-805 keyring integrity verification)
• Merges KSM-702: ensure custom: [] is included in record create payload #949 (KSM-702 record create payload)
• Merges KSM-817: raise CLI minimum Python to 3.10 and make boto3 optional #951 (KSM-817 boto3 optional, Python 3.10 minimum)
• Merges KSM-810: add ksm profile delete command and fix active profile clearing #953 (KSM-810 profile delete command + active profile fix)
• Merges KSM-815: validate profile name before redeeming one-time token #954 (KSM-815 profile name validation before OTT redemption)
• Merges KSM-814: fix --ini-file flag ignored by profile and config subcommands #955 (KSM-814 --ini-file flag respected by all profile/config subcommands)
• Merges KSM-818: pin click-repl<0.3.0 to fix shell crash with click>=8.2 #956 (KSM-818 shell crash with click>=8.2)
• Merges KSM-820: fix JSON output key custom_fields → custom #957 (KSM-820 JSON output key custom_fields → custom)
• Merges KSM-828: prevent unit tests from writing mock data to real system keyring #960 (KSM-828 test keyring isolation)
• Merges KSM-831: fix boto3 import error for non-AWS --ini-file profiles #961 (KSM-831 boto3 import for non-AWS --ini-file profiles)
• KSM-800, KSM-804, KSM-805, KSM-691, KSM-761, KSM-799, KSM-702, KSM-817, KSM-810, KSM-815, KSM-814, KSM-818, KSM-820, KSM-828, KSM-829, KSM-830, KSM-831, KSM-832

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	pypi/​prompt-toolkit@​2.0.10 ⏵ 3.0.52	+1
	pypi/​keyring@​25.7.0
	pypi/​click-repl@​0.3.0 ⏵ 0.2.0
	pypi/​click-help-colors@​0.2

View full report

To fix the problem, explicitly define a permissions block that limits GITHUB_TOKEN to the minimal required rights. In this workflow, the jobs only need to check out code and run Python tests, so read access to repository contents is sufficient; no write or PR/issue permissions are needed.

The best minimal change is to add a workflow-level permissions block near the top of .github/workflows/test.cli.yml, just after the name (or before on:). This block will apply to both test-cli and test-cli-keyring since they do not define their own permissions. We’ll set contents: read, which is the recommended minimal baseline and matches CodeQL’s suggested starting point.

Concretely:

• Edit .github/workflows/test.cli.yml.
• Insert:

permissions:
  contents: read

• Place it between line 2 and line 3 (after name: Test-CLI and the blank line), keeping indentation at the root level.
• No imports, methods, or other definitions are needed because this is a YAML configuration change only.